Junos VPLS Virtual circuit stuck in "VC-Dn" state
Code:
# run show vpls connections
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
VM -- VLAN ID mismatch
Legend for interface status
Up -- operational
Dn -- down
Instance: VPLS
Local site: B (2)
connection-site Type St Time last up # Up trans
1 rmt VC-Dn ----- 0
Remote PE: 10.0.0.1, Negotiated control-word: No
Incoming label: 262145, Outgoing label: 262146
Local interface: lsi.1048577, Status: Up, Encapsulation: VPLS
Description: Intf - vpls VPLS local site 2 remote site 1
"VC-Dn" state means that the Junos device data plane is not up, only the control plane is up because bgp neighbours are in "Established" state and there are routes in bgp.l2vpn.0 table:
Code:
# run show bgp summary
Groups: 1 Peers: 1 Down peers: 0
Table Tot Paths Act Paths Suppressed History Damp State Pending
inet.0
0 0 0 0 0 0
bgp.l2vpn.0
1 1 0 0 0 0
bgp.l3vpn.0
0 0 0 0 0 0
Peer AS InPkt OutPkt OutQ Flaps Last Up/Dwn State|#Active/Received/Accepted/Damped...
10.0.0.1 65533 40 38 0 0 15:36 Establ
inet.0: 0/0/0/0
bgp.l2vpn.0: 1/1/1/0
VPLS.l2vpn.0: 1/1/1/0
bgp.l3vpn.0: 0/0/0/0
Code:
# run show route table bgp.l2vpn.0 extensive
bgp.l2vpn.0: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
10.60.1.254:100:1:1/96 (1 entry, 0 announced)
*BGP Preference: 170/-101
Route Distinguisher: 10.60.1.254:100
Next hop type: Indirect
Address: 0x9254568
Next-hop reference count: 5
Source: 10.0.0.1
Protocol next hop: 10.0.0.1
Indirect next hop: 2 no-forward
State: <Active Int Ext>
Local AS: 65533 Peer AS: 65533
Age: 15:54 Metric2: 1
Task: BGP_65533.10.0.0.1+52067
AS path: I
Communities: target:65533:100 Layer2-info: encaps:VPLS, control flags:, mtu: 0, site preference: 100
Import Accepted
Label-base: 262145, range: 8
Localpref: 100
Router ID: 10.60.1.254
Secondary Tables: VPLS.l2vpn.0
Indirect next hops: 1
Protocol next hop: 10.0.0.1
Indirect next hop: 2 no-forward
Indirect path forwarding next hops: 1
Next hop type: Router
Next hop: 10.0.0.1 via ge-0/0/3.0
10.0.0.0/24 Originating RIB: inet.0
Node path count: 1
Forwarding nexthops: 1
Next hop type: Interface
Nexthop: via ge-0/0/3.0
The problem is "10.0.0.0/24 Originating RIB: inet.0". Bgp needs "protocol next-hop"s routes to be present in "inet.3" table:
Code:
# run show route 10.0.0.1 table inet.3 |count
Count: 0 lines
Depending on your configuration, either enable IGP to carry loopbacks (if you use "next-hop self" as internal bgp export policy action) or a static route in "inet.3" RIB:
Code:
# top set routing-options rib inet.3 static route 10.0.0.1 next-table inet.0
# commit
# run show route 10.0.0.1 table inet.3
inet.3: 1 destinations, 1 routes (1 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both
10.0.0.1/32 *[Static/5] 00:00:08
to table inet.0
Now that I have the /32 route for the VPLS route next-hop in inet.3 table, let's check the vpls connections again:
Code:
# run show vpls connections
Layer-2 VPN connections:
Legend for connection status (St)
EI -- encapsulation invalid NC -- interface encapsulation not CCC/TCC/VPLS
EM -- encapsulation mismatch WE -- interface and instance encaps not same
VC-Dn -- Virtual circuit down NP -- interface hardware not present
CM -- control-word mismatch -> -- only outbound connection is up
CN -- circuit not provisioned <- -- only inbound connection is up
OR -- out of range Up -- operational
OL -- no outgoing label Dn -- down
LD -- local site signaled down CF -- call admission control failure
RD -- remote site signaled down SC -- local and remote site ID collision
LN -- local site not designated LM -- local site ID not minimum designated
RN -- remote site not designated RM -- remote site ID not minimum designated
XX -- unknown connection status IL -- no incoming label
MM -- MTU mismatch MI -- Mesh-Group ID not available
BK -- Backup connection ST -- Standby connection
PF -- Profile parse failure PB -- Profile busy
RS -- remote site standby SN -- Static Neighbor
VM -- VLAN ID mismatch
Legend for interface status
Up -- operational
Dn -- down
Instance: VPLS
Local site: B (2)
connection-site Type St Time last up # Up trans
1 rmt Up Jul 9 17:06:12 2013 1
Remote PE: 10.0.0.1, Negotiated control-word: No
Incoming label: 262145, Outgoing label: 262146
Local interface: lsi.1048577, Status: Up, Encapsulation: VPLS
Description: Intf - vpls VPLS local site 2 remote site 1
News 
Site map 
SitemapIndex 
RSS Feed 