Pseudowire over Traffic Enginnering MPLS

I think i have asked a similar question under MPLS..
But anyway has anyone used Pseudowire over Traffic Enginnering MPLS?
What i would like to do is setup the MPLS TE using OSPF, built layer 3 tunnels between sites and then use Pseudowire to extend vlans over the TE MPLS tunnels and isolate the vlans using VRF-Lite.
Advice pls..
Francisco

Hi Francisco,
You can map a PW to a MPLS-TE tunnel via the PW-class:
pseudowire-class TE
encapsulation mpls
preferred-path interface Tunnel0
interface Ethernet0/0
xconnect 1.1.1.1 10 pw-class TE
HTH
Laurent.

Similar Messages

  • Pseudowire over TE MPLS

    Has anyone used Pseudowire over Traffic Enginnering MPLS?
    What i would like to do is setup the MPLS TE using OSPF, built layer 3 tunnels between sites and then use Pseudowire to extend vlans over the TE MPLS tunnels and isolate the vlans using VRF-Lite.
    Advice pls..
    Francisco

    Hi Francisco,
    You can map a PW to a MPLS-TE tunnel via the PW-class:
    pseudowire-class TE
    encapsulation mpls
    preferred-path interface Tunnel0
    interface Ethernet0/0
    xconnect 1.1.1.1 10 pw-class TE
    HTH
    Laurent.

  • Ethernet Pseudowire over IP/MPLS

    Hello there,
    Anyone has any case study example regarding transmitting Ethernet PW over MPLS/IP core network?
    Thanks

    Hi chris,
    Here is a link gives you brilliant explanation and also exampls configuration for EoMPLS and other stuff.
    In fact this is taken from the  Layer 2 VPN Architectures book by Cisco Press. I found it extremely helpful. It covers both the modes RAW mode(port based) and TAGGED mode(vlan based mode)
    http://fengnet.com/book/Layer%202%20VPN%20Architectures/ch07.html#idd1e13647
    HTH
    Kishore

  • MTU over DMVPN and MPLS

    Hello All,
    I have a query regarding MTU over both DMVPN and MPLS.
    I have been running the following command from a windows box
    ping x.x.x.x -f -l yyy     (yyyy being the buffer size) and x.x.x.x being my remote hosts
    I am using the same destination host and have two different paths to it. One over MPLS and one over a DMVPN.
    I would have expected to be able to send packets with a higher MTU over the MPLS but for both MPLS and DMVPN the maximum packet size I can send with the DF bit set is the same  (1372).
    Is this normal behaviour? I though MPLS would have less overhead, so my maximum packet size would be higher in my tests

    Disclaimer
    The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
    Liability Disclaimer
    In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
    Posting
    Generally, MPLS supports an increased MTU, when adding MPLS labels, while VPN tunnels, like DMVPN, don't exceed original MTU, and so, it reduces payload space.  So, normally, you should see larger ping buffer DF support across MPLS than DMVPN.  However, "normal" can be very much impacted by actual device configurations, including making MTU for DF packets the same for either MPLS or DMVPN.  (For example, you might want to make the two paths alike so flows that for any reason need to be redirect from one media path to the other see a consistent MTU.)

  • Voice and Videoconferencing over Provider's MPLS network

    We have a Callmanager 4.1(2) cluster and Unity UM at the HQ and two remote sites with around 50 IP phones each. We are also running Tandberg IP Videoconferencing units. The current IP WAN connection is P2P T1 connection. The exiting QOS configuration is based on P2P with T1 bandwidth -- We are migrating it to MCI's MPLS WAN. Does anyone have any sample configs for MCI's or other provider's MPLS QOS configurations? Or any experiences or suggestions?
    Thanks!

    This URL might help you:
    http://www.cisco.com/en/US/products/hw/modules/ps2831/products_data_sheet09186a008013155c.html

  • Gre tunnel over 2 mpls routers

    I have 2 sites and the voice server is in site A and Site B are the remote phones . Right now voice vlan go over the DMVPN we are facing some degraded performance and decided to move voice traffic to mpls . 
    We need to carry the multicast traffic as well which is not supported over our MPLS circuit. I have no idea why provider is not supporting multicast traffic over mpls circuit.
    So we decided to create GRE tunnels to carry multicast traffic over MPLS .We have L3 switches on both sites Site A cisco 4500 and Site B cisco 3850  . and MPLS connectivity is reachable upto L3 core switches. With 3850 we had issue to create tunnels and i have upgraded the IOS after upgrading i came to know no more tunnels are supported on 3850. So cannot have Gre tunnel between our L3 switches over the MPLS.
    My Question is can i ask the MPLS provider to setup tunnels on their routers which they are ready to help and point the static routes for voice vlan towards gre tunnels over mpls . 
    Can you advise any other solution or does this solution would work.?

    Aneesh,
    Lost of connectivity between the two PEs would indeed cause the GRE tunnel interface to go down, assuming that you configure tunnel keepalives as follow:
    int tu0
    keepalive
    Regards

  • ATM over Ethernet and pseudowires

    Hello.
    Could somebody tell me if there is a Cisco Router that can work ATM over ethernet. This ATM circuits comming from an ethernet interface sholuld be transported as pseudowires through an IP/MPLS Backbone. Routers 12000 can do this? wich version do I need?
    Thanks

    Hi Narayan. Thank you.
    I have now the following doubt. If we have the following topology:
    lan-(CE)--ethe--(pe)--MPLS--(pe)--atm-(ce)-lan
    Consider a lot of atm access at the right side, but we need to use only one vlan at the left side to connect all the remote atm sites.
    You are telling me that we can convert the left CE in to a PE. But Can we maintain the router as a CE but terminating the ATM circuits (pseudowires) transported over one one vlan? ( atm over ethernet)
    I appreciate everyting.

  • Difrence between ... MPLS over Frame-Relay ATM

    Hai all,
    Sorry to ask very basic quiestion ..can some one tell what is the difrnce and advantage of MPLS over ATM and Frame-Relay ......pls provide me a better link ..for refrnce
    Thanks in advance
    Lijesh

    MPLS over ATM or MPLS over Frame-Relay it's not good idea, because if you use cell-mode labeling, you find someone limitation at this technology. DLCI and VPI/VCI value at this protocols it's not have large space. If you know how operate cell-mode, try to look at just for sample bits length with DLCI value at Frame-Relay protocol or VPI/VCI value at ATM protocol… Of course you can use same cheat like VCI-merge, but I think it's not very good idea.
    Building new network infrastructure at this protocols it's not good idea… It's good idea to fast implement MPLS technology in old network infrastructure build with this protocols (just for sample, you can linked ATM forwarding plane and MPLS forwarding plane (in this situation you can abandon to use fixed configuration VPI/VCI for IP network and can use benefits offered ATM technology with MPLS)), but not for new network infrastructure. If you need to offer services with this protocols, you can use Any Transport Over MPLS technology.
    For more information look at this page - http://www.cisco.com/en/US/tech/tk436/tk798/tsd_technology_support_protocol_home.html

  • Forest Trust RPC timeout across MPLS

    Hi, I am having trouble setting up a Forest trust between two networks. The issue "seems" to be RPC timeout (i see RPC age-out on firewall) but i'm now wondering if it's actually the LDAP or KErberos thats failing first.
    I have read that RPC needs to have the same path outgoing as incoming otherwise you can get SYN-ACK problems (especially through a firewall). So i need to try and work out why it doesnt work. It is laid out something like this.
    Network 1 (domain BOB) (server 2008 R2 at domain functional level 2003)
    Site1,Site2 and Site3 all connect to each other via Site-To-Site link provided by 3rd party. They all egress at Site1's ISA Firewall in a normal 3 leg perimeter config. All works fine
    Network 2 (domain RITA) (server 2008 R2 at domain functional level 2003)
    SiteA,B,C and D all connecto to each other over 3rd party MPLS (essentially Gig ethernet)
    Site1 and SiteA are on the same premises in the same room. There is a spare NIC on the ISA server. So i configured the ISA with a NIC in the same subnet as SiteA (RITA domain) - ie i plugged RITA into BOB. I configured the ISA for routing. Allow ANY ANY
    internal to RITA and ANY ANY RITA to internal
    I set up conditional forwarders on both domains pointing at each other and can ping everything from the other sites. DNS is working fine. I can RDP across sites to each other's DCs. From a "network" point of view it all looks good (though in the
    back of my mind i cant rule out the site to site or the MPLS links)
    When i try and create the trust it fails very quickly with "Cannot Continue. The trust relationship cannot be created because the following error occurred: The operation failed. The error is: The remote procedure call failed"
    I can do a portqry and see all RPC comms looks good
    In ISA and another firewall i tried i can see the RPC ageing out. Have tried wireshark but hard to see whats going on
    I used another server in the BOB domain and dcpromo'd it to a new domain in that subnet and tried setting up a trust. worked first time
    Similarly i did the same at the RITA side and that worked too.
    THere are no errors in DNS or the event logs on either side to suggest anything is failing. i tried verbose DNS logs but couldnt really follow them.
    Help!! Thanks

    Hi,
    To verify if this is a network issue, please try to perform a network capture on the servers in both side.
    We can use "IPv4.Address==xxx.xxx.xxx.xxx" to filter the traffic between the servers. Then compare the capture data from the servers. If all the packets have been forwarded, it should not be caused by network.
    To download Network Monitor, please click the link below:
    http://www.microsoft.com/en-hk/download/details.aspx?id=4865
    About the question related to Directory Services, to get better help, please post your questions on the DS forum.
    Here is the address:
    https://social.technet.microsoft.com/Forums/windowsserver/en-US/home?forum=winserverDS
    Best Regards.
    Steven Lee Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

  • Venturing into MPLS Network

    Hi all, it is just my curiousity that ended up with a small discussion like this. Here's about it...
    My company has a main client which have tonnes of remote sites connecting to both their HQ and Disaster Recovery Centre. Some of the remote sites still running on frame-relay, while other is purely leased-line. There's a few question I wish I can clear up as follows:
    i. When the client have frame-relay device, what we do is create a tunnel and route all the frame-relay traffic over. Is there any advantage if we change it over to MPLS?
    ii. Even if comparing to leased-line services, what kind of advantages I can expect if our cliet migrate over to leased-line?
    iii. If one customer is running purely on frame-relay connectivity, any difficulties will arise when they want to switch over to MPLS network?
    I still never has any hands on experience on the MPLS, that's why need to gather some info in the first place, I'm currently have a glance through those MPLS guides and configuration examples, but I knew that perhaps in real-life network, things may differs, in the meanwhile I'm studying through it, hope to gather some precious opinions. Regards

    Hello,
    Regarding answer iii: What you have to use inside the MPLS cloud is MBGP to route the customer prefixes. In your LAN however you will have an IGP like EIGRP. This means you need mutual redistribution between MBGP and your IGP. So a routing loop can occur once you have at least two pathes. An Example:
    N1-CE1 - PE1 - PE2 - CE2
    with: CE1 - PE1 using RIP, CE2 - PE2 using RIP, PE1 - PE2 using MBGP and a FR PVC between CE1 - CE2 using RIP
    This would be the case when you migrate from FR to MPLS VPN and do not shut down FR the very moment you activate the MPLS links.
    What can happen in this scenario is: CE1 is announcing Network N1 through RIP to CE2 directly over the FR PVC and also to PE1. PE1 will redistribute N1 into MBGP, send the prefix to PE2, which will redistribute N1 into RIP and send the update to CE2.
    Now depending on implementation and metrics this will result in all traffic flowing over FR or MPLS (when adjusting metrics). No major problem yet.
    The problem might occur once CE1 looses network N1. It will send an update directly to CE2 and to PE1 and a race condition exists. CE2 will still have one valid path to N1 learned from PE2 and announce this one to CE1, which will announce it to PE1 and then PE2, CE2, CE1 again and so on.
    This is an intermittend or even persistent routing loop, depending on what you have done with hop count during redistribution.
    By designing your overall routing solution carefully you can avoid this scenario.
    Hope this helps! Please rate all posts.
    Regards, Martin

  • MPLS-TE Tunnel up/down

    Hi,
    Trying to build out an xconnect to follow a specific path (a longer path). I cannot get the tunnel to come up. I dont know what I missed. everything else looks ok. All interfaces are up and working, except the tunnel itself.
    I've included the MPLS portion of the config, if I missed something let me know. I did enable the MPLS-TE in OSPF on the routers inbetween. I have connectivity inbetween. 
    Router 1:
    ip cef
    mpls label protocol ldp
    mpls traffic-eng tunnels
    mpls label protocol ldp
    mpls traffic-eng tunnels
    pseudowire-class 5001
     encapsulation mpls
     preferred-path interface Tunnel5001
    interface Loopback10
     ip address 10.201.1.4 255.255.255.255
    interface Tunnel5001
     ip unnumbered Loopback10
     tunnel mode mpls traffic-eng
     tunnel destination 10.201.1.2
     tunnel mpls traffic-eng path-option 1 explicit name strict
     tunnel mpls traffic-eng path-selection metric te
    interface FastEthernet2/0
     xconnect 10.201.1.2 5001 encapsulation mpls pw-class 5001
    router ospf 100
     router-id 10.201.1.4
    mpls traffic-eng router-id Loopback10
     mpls traffic-eng area 0
    ip route 10.201.1.2 255.255.255.255 Tunnel5001
    ip explicit-path name strict enable
     next-address 10.201.1.3
     next-address 10.201.1.1
     next-address 10.201.1.2
    Router 2:
    ip cef
    mpls label protocol ldp
    mpls traffic-eng tunnels
    pseudowire-class 5001
     encapsulation mpls
     preferred-path interface Tunnel5001
    interface Loopback10
     ip address 10.201.1.2 255.255.255.255
    interface Tunnel5001
     ip unnumbered Loopback10
     tunnel mode mpls traffic-eng
     tunnel destination 10.201.1.4
     tunnel mpls traffic-eng path-option 1 explicit name strict
     tunnel mpls traffic-eng path-selection metric te
    interface FastEthernet2/0
     xconnect 10.201.1.4 5001 encapsulation mpls pw-class 5001
    router ospf 102
     router-id 10.201.1.2
     mpls traffic-eng router-id Loopback10
     mpls traffic-eng area 0
    ip route 10.201.1.4 255.255.255.255 Tunnel5001
    ip explicit-path name strict enable
     next-address 10.201.1.1
     next-address 10.201.1.3
     next-address 10.201.1.4
    From router 1. Both Router 1 and Router 2 show the samething.
     show mpls l2transport vc detail
    Local interface: Fa2/0 up, line protocol up, Ethernet up
      Destination address: 10.201.1.2, VC ID: 5001, VC status: up
        Output interface: Fa1/1, imposed label stack {22}
        Preferred path: Tunnel5001,  no route
        Default path: active
        Next hop: 192.168.102.13
      Create time: 00:10:13, last status change time: 00:10:13
        Last label FSM state change time: 00:10:13
      Signaling protocol: LDP, peer 10.201.1.2:0 up
        Targeted Hello: 10.201.1.4(LDP Id) -> 10.201.1.2, LDP is UP
        Status TLV support (local/remote)   : enabled/supported
          LDP route watch                   : enabled
          Label/status state machine        : established, LruRru
          Last local dataplane   status rcvd: No fault
          Last BFD dataplane     status rcvd: Not sent
          Last BFD peer monitor  status rcvd: No fault
          Last local AC  circuit status rcvd: No fault
          Last local AC  circuit status sent: No fault
          Last local PW i/f circ status rcvd: No fault
          Last local LDP TLV     status sent: No fault
          Last remote LDP TLV    status rcvd: No fault
          Last remote LDP ADJ    status rcvd: No fault
        MPLS VC labels: local 22, remote 22
        Group ID: local 0, remote 0
        MTU: local 1500, remote 1500
        Remote interface description:
      Sequencing: receive disabled, send disabled
      Control Word: On (configured: autosense)
      Dataplane:
        SSM segment/switch IDs: 4101/4100 (used), PWID: 1
      VC statistics:
        transit packet totals: receive 0, send 0
        transit byte totals:   receive 0, send 0
        transit packet drops:  receive 0, seq error 0, send 0
    show int tun 5001
    Tunnel5001 is up, line protocol is down
      Hardware is Tunnel
      Interface is unnumbered. Using address of Loopback10 (10.201.1.4)
      MTU 17936 bytes, BW 100 Kbit/sec, DLY 50000 usec,
         reliability 255/255, txload 1/255, rxload 1/255
      Encapsulation TUNNEL, loopback not set
      Keepalive not set
      Tunnel source 10.201.1.4, destination 10.201.1.2
      Tunnel protocol/transport Label Switching
      Tunnel transmit bandwidth 8000 (kbps)
      Tunnel receive bandwidth 8000 (kbps)
      Last input never, output never, output hang never
      Last clearing of "show interface" counters 00:27:10
      Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
      Queueing strategy: fifo
      Output queue: 0/0 (size/max)
      5 minute input rate 0 bits/sec, 0 packets/sec
      5 minute output rate 0 bits/sec, 0 packets/sec
         0 packets input, 0 bytes, 0 no buffer
         Received 0 broadcasts (0 IP multicasts)
         0 runts, 0 giants, 0 throttles
         0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
         0 packets output, 0 bytes, 0 underruns
         0 output errors, 0 collisions, 0 interface resets
         0 unknown protocol drops
         0 output buffer failures, 0 output buffers swapped out

    Hi,
    One issue what i can see is, you have mentioned loopback ips in the explicit-path not the interface ip addresses. This can not be strict path and you have to mention next-address as loose (which means router will refer IGP to reach the next-hop)
    ip explicit-path name strict enable
     next-address 10.201.1.1
     next-address 10.201.1.3
     next-address 10.201.1.4
    Correct way
    ip explicit-path name strict enable
     next-address loose 10.201.1.1
     next-address loose 10.201.1.3
     next-address loose 10.201.1.4
    To troubleshoot TE
    - first you can remove the explicit path and try to bring it up with dynamic path, which will help to confirm that configuration is ok on all routers in the path
    - i hope you have configured "ip rsvp" on all physical intrfaces.
    - If with dynamic path option also link does not come up, please share output of command "show mpls traffic-eng tunnels tunnel5001
    --Pls dont forget to rate helpful posts--
    Regards,
    Akash

  • MPLS tag-switching

    I'm trying to bootstrap myself on MPLS and ran into an unusual problem in the field.
    We've got a mesh of routers setup to do tag switching amongst each other to support a few pseudo-wire MPLS point to point links for customers.
    Our typical conf:
    ip cef
    mpls label protocol ldp
    tag-switching tdp router-id Loopback0 force
    int FastEthernet0/0
    description WAN link
    ip address 1.2.3.1 255.255.255.252
    mpls label protocol ldp
    tag-switching mtu 1532
    tag-switching ip
    int POS1/0
    description Another WAN link
    ip address 1.2.3.5 255.255.255.252
    mpls label protocol ldp
    tag-switching ip
    int FastEthernet 2/0
    description Non MPLS Cust Facing
    ip address 10.10.0.1 255.255.255.0
    int FastEthernet 2/1
    description MPLS Pseudowire Cust Facing
    mpls l2transport route 1.2.3.253 10101
    Now, it was my understanding that the tag-switching mtu statement is only for tag-switched packets, untagged IP uses the interface's default mtu of 1500 if not otherwise adjusted. Someone removed the tag-switched mtu 1532 statement off a couple WAN links, and both MPLS and non pseudowire tagged traffic were affected. There was still basic L2/L3 connectivity, but larger IP packets were being dropped.
    The observed behavior implied to me that all packets were being tagged, and reading up on the tag-switching command reference re-enforces that assumption. Dropping down to the lab, doing a ping between two routers with tag-switching setup and ldp neighborship established, neither echo requests or replies are tagged.
    Where is the hole in my understanding of how this works?

    Your understanding is correct. By default LDP will allocate and advertise label for all prefixes and all traffic will be therefore label switched. You need to configure label filtering if you only need certain prefixes to have labels assigned and advertised by LDP.
    Here's a brief example where only loopback addresses for the routers hosting the pseudowires are advertised.
    no tag-switching advertise-tags
    tag-switching advertise-tags for 1
    access-list 1 permit 192.168.100.0 0.0.0.255
    This same configuration need to be applied for all LDP enabled routers. It will only allow label advertisement for prefixes in the 192.168.100.0-192.168.100.255 range.
    Regards

  • MPLS-TE Inter-AS

    Hi
    just want to know how and what is the best way to route traffic over Inter-AS MPLS-TE using Option B for L2VPN and L3VPN

    Sorry, my bad.....just tested this and it wont work. The reason I see is that the VPNv4 label changes at ASBRs during advertisement, but in data-plane the VPNv4 label is never changed at ASBR due to MPLS-TE transport label on top causing the remote-PE to drop traffic.
    I think it would only work if PEs in different AS can exchange VPNv4 routes directly, rather than through ASBR.
    Regards,
    Amit.

  • MPLS TE tunnel autoroute announce metric in SPF computation

    Hi, I have a doubt whether MPLS TE tunnel metric is taking into SPF computation when the tunnel has "autoroute announce" configured.
    From the book "MPLS traffice enginnering" written by Osbourn, IGP SPF computation is always performed before tunnel metric is modified, I found this is only true if IGP is ISIS, but if IGP is OSPF, tunnel metric specified by "autoroute metric" will always be taken into SPF computation, a.k.a, if tunnel metric is configured to be less than underlying IGP metric, a suboptimal routing will always happen to destination routers that are in between tunnel head and tunnel tail.
    Any idea why there is a inconsistent behavior between OSPF and ISIS SPF computation? or I missed anything?

    Hi,
    You're right. There is a different behavior between OSPF and ISIS on how they handle the autoroute metric feature.
    ISIS: TE tunnel metric is not taken into account during SPF computation.
    OSPF: TE tunnel metric is taken into account during SPF computation.
    So playing with this feature can change the SPT if your IGP is OSPF.
    The difference seems coming from the SPF implementation of OSPF and ISIS
    HTH
    Laurent.

  • Routing to MPLS network

    Hi,
    We have several branch offices connected via a managed MPLS network. Each MPLS router in the branch office is connected to the local LAN switch, with its separate firewall and internet access router. How do we direct traffic from the local network (unmanaged) to the private IP addresses in the MPLS network (managed)? Can static routes be configured on the ASA5505 firewall to route traffic to MPLS router?
    ISP router>local router>ASA5505 firewall>LAN switch>MPLS router>MPLS cloud.

    Said
    Is the LAN switch layer 2 only or layer 3 capable. If you do not have access to the MPLS router you have 2 options
    1) Add a route on the ASA for the private MPLS networks pointing to the MPLS router. You will need to enable hairpinning on the ASA.
    Set the default-gateway of the clients on your LAN switch to be the ASA.
    2) If your switch is a Layer 3 switch then you can do this in a much cleaner way. Create the L3 vlan interface(s) for the client vlan(s) on the switch and then you can use statics on the L3 switch eg.
    ip route 0.0.0.0 0.0.0.0 "ASA inside interface"
    ip route "MPLS private net" "subnet mask" "MPLS router inside interface"
    Jon

Maybe you are looking for