LDP L2 Circuits (Martini l2circuit)

RFC4447 LDP L2 Circuit Control Plane

LDP L2 circuit is a layer 2 VPN technology used to carry layer 2 traffic over an MPLS network. The L2 circuit is a p2p or p2mp service that uses extended LDP sessions between PE routers to provide the distribution of VC labels. The VC labels are associated with each PE-CE logical interface and functions in a similar way to the BGP L2 NRLI label that represents a logical PE-CE interface within a BGP L2 VPN.

For each PE-CE l2 interface that is configured as part of a l2circuit LDP will distribute a VC label as a FEC to the remote PE end for that particular circuit. This process is defined as sending an ‘input’ label from each end of the connection which is then converted to an ‘output’ label from sending traffic back through the circuit. A FEC Element is also send with the VC label. This includes details about the attachement circuit type, if Martini control word is present, group IDs,  VC admin ID and interface parameters such as MTU.
CCC is used as the encapsulation towards the CE nodes that are connected to the VPN. If encapsulation is different at each end the TCC must be used.
Configuration
LDP protocol must be enabled with the loopback address of the local router configured to enabled the extended sessions to remote PEs.

protocols {
     ldp {
          interface {
               ge-0/0/1.200
               interface lo0.0;
          }
     }
}
The l2circuit protocol configuration must include the neighbour PE loopback address to establish the extended neighbourship. The VC circuit ID must be unique but must match at each end of the PE configuration. The interface added to the configuration faces the CE as the ‘attachment circuit’.
protocols {
     l2circuit {
          neighbor 172.25.0.2 {
               interface ge-0/0/0.512 {
                    virtual-circuit-id 5;
               }
          }
     }
}
Interfaces
interface {
     ge-0/0/0 {
          vlan-tagging;
          encapsulation vlan-ccc;
               unit 512 {
                    encapsulation vlan-ccc;
                    vlan-id 512;
                    family inet {
                         address 10.20.20.1/30;
                    }
               }
          }
     }
Interworking Protocol
The interworking protocol enables an interface that can stitch a BGP L2 VPN into a l2circuit or two l2circuits together. The configuration requires the l2iw protocol to be enabled, two logical interfaces need to be created under the iw0 interface heirarchy and each logical interface needs to be associated with either the respective BGP L2 VPN vrf and/or the l2circuit.

For BGP L2 VPN to l2circuit stitching enable the l2iw protocol.
protocols {
     l2iw;
     }
}
Configure the iw0 interworking interfaces. Each interface must contain the same vlan ids and encapsulation as the circuit end points. MTU must also be specified as the default for l2circuit is 65522.
interfaces {
     iw0 {
          unit 0 {
               encapsulation vlan-ccc;
               mtu 1514;
               vlan-id 512;
               peer-unit 1;
          }
          unit 1 {
               encapsulation vlan-ccc;
               mtu 1514;
               vlan-id 513;
               peer-unit 0;
          }
     }
}
The VPN stitching configuration is carried out with the following configuration. In the context for this example the remote-site-id represents the virtual-circuit-id of the l2circuit that is being stitched into this VPN (requires further clarity).
routing-instance {
     vpn-a {
          instance-type l2vpn;
          interface iw0.0;
          route-distinguisher 172.25.0.1;100;
          vrf-target target:65001:100;
          protocols {
               l2vpn {
                    encapsulation-type ethernet-vlan;
                    site vpn-a {
                         site-identifier 2;
                         interface iw0.0 {
                              remote-site-id 1;
                         }
                    }
               }
          }
     }
}
protocols {
     l2circuit {
          neighbor 172.25.0.3 {
               interface iw0.1 {
                    virtual-circuit-id 1;
               }
          }
     }
}

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s