/openbsd-ldpd

VPLS basic test setup

Jump to bottom
Phraeyll edited this page Apr 14, 2018 · 7 revisions

Install

OpenBSD 5.8 supports the VPLS solution out of the box, there's no need to install anything.

Topology

In this topology there are 3 PE routers, 3 CE routers and one P router (not attached no any consumer site). PE1 (IOS-XE), PE2 (IOS-XE) and PE3 (OpenBSD) share the same VPLS membership. OSPF is used as the IGP and LDP is used to set up the LSPs among the PEs and to signal the pseudowires.

Configuration

OpenBSD

The first step is to set up the interfaces:

  • A loopback interface is required for the targeted neighbors;
  • A bridge(4) interface is required for each VPLS;
  • A mpw(4) interface is required for each pseudowire;
  • All the local and mpw(4) interfaces should be attached to the VPLS's bridge(4) interface.
ifconfig lo1 alias 3.3.3.3 netmask 255.255.255.255
ifconfig em2 10.0.3.3/24 mpls
ifconfig em2 mtu 1530
ifconfig em1 up
ifconfig bridge0 create
ifconfig bridge0 up
ifconfig mpw0 create
ifconfig mpw0 up
ifconfig mpw1 create
ifconfig mpw1 up
ifconfig bridge0 add em1
ifconfig bridge0 add mpw0
ifconfig bridge0 add mpw1

Edit /etc/pf.conf and add the following line:

set reassemble no

This prevents the kernel from reassembling fragmented packets coming from the CE (thanks to frc-javier for noting this).

Edit /etc/ospfd.conf:

router-id 3.3.3.3

area 0.0.0.0 {
        interface lo1
        interface em2
}

Edit /etc/ldpd.conf:

router-id 3.3.3.3
 
interface em2
 
neighbor 4.4.4.4 {
        password openbsd
}
 
l2vpn CUST_A type vpls {
        bridge bridge0
        interface em1
        pseudowire mpw0 {
                neighbor 1.1.1.1
                pw-id 100
        }
        pseudowire mpw1 {
                neighbor 2.2.2.2
                pw-id 100
        }
}

There's no need to configure targeted neighbors for the remote PEs because they are created automatically for each pseudowire.

Cisco routers

CE1 (IOS):

interface FastEthernet0/0
 ip address 172.16.1.1 255.255.255.0
 !
!

CE2 (IOS):

interface FastEthernet0/0
 ip address 172.16.1.2 255.255.255.0
 !
!

CE3 (IOS):

interface FastEthernet0/0
 ip address 172.16.1.3 255.255.255.0
 !
!

PE1 (IOS-XE):

l2vpn vfi context VFI 
 vpn id 1
 member pseudowire1
 member pseudowire2
!
bridge-domain 1 
 member GigabitEthernet1 service-instance 1
 member vfi VFI
!
interface Loopback1
 ip address 1.1.1.1 255.255.255.255
 ip ospf 1 area 0
!
interface pseudowire1
 encapsulation mpls
 neighbor 3.3.3.3 100
 control-word exclude
!
interface pseudowire2
 encapsulation mpls
 neighbor 2.2.2.2 100
!
interface GigabitEthernet1
 no ip address
 service instance 1 ethernet
  encapsulation untagged
 !
!
interface GigabitEthernet2
 mtu 1530
 ip address 10.0.1.1 255.255.255.0
 ip ospf 1 area 0
 mpls ip
!
router ospf 1

PE2 (IOS-XE):

l2vpn vfi context VFI 
 vpn id 2
 member 1.1.1.1 100 encapsulation mpls
 member 3.3.3.3 100 encapsulation mpls
!
bridge-domain 1 
 member GigabitEthernet2 service-instance 1
 member vfi VFI
!
interface Loopback1
 ip address 2.2.2.2 255.255.255.255
 ip ospf 1 area 0
!
interface GigabitEthernet1
 mtu 1530
 ip address 10.0.2.2 255.255.255.0
 ip ospf 1 area 0
 mpls ip
!
interface GigabitEthernet2
 no ip address
 service instance 1 ethernet
  encapsulation untagged
 !
!
router ospf 1

P (IOS):

interface Loopback1
 ip address 4.4.4.4 255.255.255.255
 ip ospf 1 area 0
 !
!
interface FastEthernet0/0
 mtu 1530
 ip address 10.0.1.4 255.255.255.0
 ip ospf 1 area 0
 mpls ip
 !
!
interface FastEthernet1/1
 mtu 1530
 ip address 10.0.3.4 255.255.255.0
 ip ospf 1 area 0
 mpls ip
 !
!
interface FastEthernet2/0
 mtu 1530
 ip address 10.0.2.4 255.255.255.0
 ip ospf 1 area 0
 mpls ip
 !
!
mpls ldp neighbor 3.3.3.3 password openbsd
!
router ospf 1

Verification - Control Plane

Verify that all the required neighbor sessions were established:

$ ldpctl show neighbor 
ID              State              Address         Uptime    
1.1.1.1         OPERATIONAL        1.1.1.1         00:01:10       
4.4.4.4         OPERATIONAL        4.4.4.4         00:01:10       
2.2.2.2         OPERATIONAL        2.2.2.2         00:01:10

$ ldpctl show discovery
ID              Type      Source          Holdtime 
4.4.4.4         Link      em2             15       
2.2.2.2         Targeted  2.2.2.2         45       
1.1.1.1         Targeted  1.1.1.1         45

Verify if there's a remote label for each remote PE's loopback:

$ ldpctl show lib
Destination          Nexthop           Local Label    Remote Label   In Use    
1.1.1.1/32           2.2.2.2           18             21             no
1.1.1.1/32           1.1.1.1           18             Pop tag        no
1.1.1.1/32           4.4.4.4           18             17             yes
2.2.2.2/32           2.2.2.2           19             Pop tag        no
2.2.2.2/32           1.1.1.1           19             18             no
2.2.2.2/32           4.4.4.4           19             16             yes
3.3.3.3/32           2.2.2.2           3              23             no
3.3.3.3/32           1.1.1.1           3              23             no
3.3.3.3/32           4.4.4.4           3              18             no
4.4.4.4/32           2.2.2.2           20             22             no
4.4.4.4/32           1.1.1.1           20             22             no
4.4.4.4/32           4.4.4.4           20             Pop tag        yes
10.0.1.0/24          2.2.2.2           21             20             no
10.0.1.0/24          1.1.1.1           21             Pop tag        no
10.0.1.0/24          4.4.4.4           21             Pop tag        yes
10.0.2.0/24          2.2.2.2           22             Pop tag        no
10.0.2.0/24          1.1.1.1           22             21             no
10.0.2.0/24          4.4.4.4           22             Pop tag        yes
10.0.3.0/24          2.2.2.2           3              19             no
10.0.3.0/24          1.1.1.1           3              20             no
10.0.3.0/24          4.4.4.4           3              Pop tag        no

Check if the pseudowires are up:

$ ldpctl show l2vpn pseudowires
Interface   Neighbor        PWID           Status    
mpw1        2.2.2.2         100            UP        
mpw0        1.1.1.1         100            UP

Check the label bindings of the pseudowires:

$ ldpctl show l2vpn bindings  
Neighbor: 1.1.1.1 - PWID: 100 (Ethernet)
            Label          Group-ID       MTU       
  Local     17             0              1500
  Remote    27             0              1500
Neighbor: 2.2.2.2 - PWID: 100 (Ethernet)
            Label          Group-ID       MTU       
  Local     16             0              1500
  Remote    24             0              1500

Verification - Data Plane

Verify that the mpw(4) interfaces were correctly configured by ldpd(8):

$ ifconfig mpw0
mpw0: flags=51 mtu 1500
        priority: 0
        encapsulation-type ethernet
        mpls label: local 17 remote 27
        neighbor: 1.1.1.1
        groups: mpw
$ ifconfig mpw1
mpw1: flags=51 mtu 1500
        priority: 0
        encapsulation-type ethernet, control-word
        mpls label: local 16 remote 24
        neighbor: 2.2.2.2
        groups: mpw

Do a broadcast ping from CE3:

CE4#ping 172.16.1.255 

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.255, timeout is 2 seconds:

Reply to request 0 from 172.16.1.2, 36 ms
Reply to request 0 from 172.16.1.1, 36 ms....

Check if the ICMP Request in the PE1 pseudowire contains two MPLS labels and no Control Word field:

Check if the ICMP Request in the PE2 pseudowire contains two MPLS labels and one Control Word field:

Check if the ICMP Reply in the PE1 pseudowire contains one MPLS label (due to the PHP behavior) and no Control Word field:

Check if the ICMP Reply in the PE2 pseudowire contains one MPLS label (due to the PHP behavior) and one Control Word field:

Clone this wiki locally
Clone in Desktop
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session. You signed out in another tab or window. Reload to refresh your session.
Press h to open a hovercard with more details.