Junos VPLS Label Block Operations - Example with BGP signaling
Juniper book makes a good explanation on the Label Block operation in VPLS vpn.
Understanding VPLS Label Block Operationshttp://kb.juniper.net/library/CUSTOMERSERVICE/technotes/Understanding_VPLS_Label_Blocks_Operation.pdfhttp://www.juniper.net/techpubs/en_US/junos/topics/concept/vpls-label-blocks-overview.htmlLet's see this in a real example with BGP used for signaling. Below is a BGP update message containing a VPLS NLRI from a site ID 10 that is received by a site ID 11:
Code:
Border Gateway Protocol - UPDATE Message
Marker: ffffffffffffffffffffffffffffffff
Length: 88
Type: UPDATE Message (2)
Unfeasible routes length: 0 bytes
Total path attribute length: 65 bytes
Path attributes
ORIGIN: IGP (4 bytes)
Flags: 0x40 (Well-known, Transitive, Complete)
Type code: ORIGIN (1)
Length: 1 byte
Origin: IGP (0)
AS_PATH: empty (3 bytes)
Flags: 0x40 (Well-known, Transitive, Complete)
Type code: AS_PATH (2)
Length: 0 bytes
AS path: empty
LOCAL_PREF: 100 (7 bytes)
Flags: 0x40 (Well-known, Transitive, Complete)
Type code: LOCAL_PREF (5)
Length: 4 bytes
Local preference: 100
EXTENDED_COMMUNITIES: (19 bytes)
Flags: 0xc0 (Optional, Transitive, Complete)
Type code: EXTENDED_COMMUNITIES (16)
Length: 16 bytes
Carried Extended communities
MP_REACH_NLRI (32 bytes)
Flags: 0x90 (Optional, Non-transitive, Complete, Extended Length)
Type code: MP_REACH_NLRI (14)
Length: 28 bytes
Address family: Layer-2 VPN (25)
Subsequent address family identifier: VPLS (65)
Next hop network address (4 bytes)
Next hop: IPv4=172.16.0.34 (4)
Subnetwork points of attachment: 0
Network layer reachability information (19 bytes)
RD: 172.16.2.1:100, CE-ID: 10, Label-Block Offset: 9, Label-Block Size: 8, Label Base 262201 (bottom)
So the receiving site ID 11 will use Label 262203 from the Label base provided by the egress (CE-ID 10). This is because the starting label is 262201 for a siteID 9 (Label-Block Offset: 9).
Here is the confirmation on the receiving end:
Code:
user@host> show route forwarding-table family vpls
Routing table: APOLLO.vpls
VPLS:
Destination Type RtRef Next hop Type Index NhRef Netif
default perm 0 rjct 546 1
fe-0/0/5.0 user 0 comp 626 2
lsi.1049351 user 0 comp 625 2
00:0c:29:d7:77:67/48 dynm 0 ucst 592 3 fe-0/0/5.0
00:40:ca:18:30:c9/48 dynm 0 indr 262142 4
Push 262203 591 2 gr-0/0/0.1
So the receiving end (ingress) chose label 262203 from the Label Base provided by the egress. This is a packet traveling through the tunnel:
Code:
Frame 14: 140 bytes on wire (1120 bits), 140 bytes captured (1120 bits)
Ethernet II, Src: JuniperN_d2:35:c1 (f8:c0:01:d2:35:c1), Dst: Cisco_28:5e:40 (00:26:0b:28:5e:40)
Internet Protocol Version 4, Src: 82.76.71.249 (82.76.71.249), Dst: 86.86.242.178 (86.86.242.178)
Generic Routing Encapsulation (MPLS label switched packet)
MultiProtocol Label Switching Header, Label: 262203, Exp: 0, S: 1, TTL: 255 --> VPLS LABEL 262203
Ethernet II, Src: Vmware_d7:77:67 (00:0c:29:d7:77:67), Dst: FirstInt_18:30:c9 (00:40:ca:18:30:c9)
Internet Protocol Version 4, Src: 192.168.4.5 (192.168.4.5), Dst: 192.168.4.2 (192.168.4.2)
Internet Control Message Protocol
Below is the content of the "bgp.l2vpn.0" Junos routing table on the ingress:
Code:
> show route table bgp.l2vpn.0
bgp.l2vpn.0: 3 destinations, 3 routes (3 active, 0 holddown, 0 hidden)
Restart Complete
+ = Active Route, - = Last Active, * = Both
172.16.2.1:100:10:9/96
*[BGP/170] 01:02:32, localpref 100, from 172.16.0.34
AS path: I
> via gr-0/0/0.1
172.16.2.2:100:11:9/96
*[L2VPN/170/-101] 23:01:13, metric2 1
Indirect
Below is the egress configuration of the vpls vrf:
Code:
set routing-instances SAMANTHA instance-type vpls
set routing-instances SAMANTHA interface ge-0/0/3.0
set routing-instances SAMANTHA route-distinguisher 172.16.2.1:100
set routing-instances SAMANTHA vrf-import IVORDE-INTRA-IMPORT
set routing-instances SAMANTHA vrf-export IVORDE-INTRA-EXPORT
set routing-instances SAMANTHA protocols vpls no-tunnel-services
set routing-instances SAMANTHA protocols vpls site APOLLo site-identifier 10
What I need to know from first route (172.16.2.1:100:10:9/96) that:
172.16.2.1:100 - ROUTE DISTINGUISHER :10 - EGRESS SITE ID :9 LABEL BASE OFFSET
It's good practice to set route-distinguisher in following format <LOOPBACK IP>:<TARGET COMMUNITY>.