CFM over EVPN-MPLS for ELINE MultiHoming
Overview
The Connectivity Fault Management (CFM) enhances the product offering for the Ethernet LINE (ELINE) services in MultiHoming scenarios. Based on the 802.1ag standard, CFM encompasses Continuity Check Message (CCM), Ping, and Trace functions that help in network fault detection and isolation. This feature extends CFM over EVPN-MPLS from being solely for Single-Homing deployments to a MultiHoming scenario, where a Remote Maintenance End Point (R-MEP) is treated as a single instance by MultiHoming peers.
The Topology illustrates the configuration of User-to-Provider (UP) MEP on PE2 and PE3 Access Circuit (AC) ports, along with the corresponding UP MEP configured on the remote AC port (PE1). This configuration results in the establishment of a CFM session between the PE VTEPs and the remote VTEP.
Feature Characteristics
Functional requirements for CFM over ELINE MultiHoming:
Continuity Check Message
Continuity Check Message (CCM) provides the following capabilities:
• Ensures error-free base configuration for EVPN-MPLS MultiHoming.
• Maintains uniformity of R-MEP and remote-MAC on MultiHoming nodes.
• Enables the data plane to notify the control plane of CCM timeout, port/interface state changes, and Remote Defect Indication (RDI).
• Configures the data plane to send and process CCMs at specified intervals, with options to enable/disable CCM transmission.
• Detects connectivity failures when no CCM frames are received within a set interval and notifies the control plane.
• Programs the data plane to include Port and Interface Status Type-Length-Values (TLVs) in transmitted CCM frames.
• Transmits CC Protocol Data Unit (PDU) frames with IEEE 802.1ag-2007 compliance and supports RDI bit set or reset operations.
Ping and Trace
Ping and Trace provide the following capabilities:
• Facilitates data plane snooping of LBM or Linktrace Message (LTM) received on MEP.
• Traps LTR PDUs received on MEP and processes/replies to LBM received on User-to-Provider (UP) MEP.
• Uplifts CFM PDUs from the data plane to the control plane, and sends CFM PDUs from the control plane to the data plane.
• Provides statistics counters for transmitted Loopback Replies (LBR) and encodes service frame counts in LBM and LBR PDUs.
Benefits
Enhanced Network Monitoring: CFM enables continuous monitoring of network connections, providing real-time insights into connectivity status and performance. This ensures that any issues are quickly detected and addressed.
Quick Fault Detection: Through CCM, the system promptly identifies any disruptions or faults in the network. This swift detection allows for rapid response and minimized downtime.
Efficient Troubleshooting: CFM’s Ping and Trace functions help troubleshoot network problems by pinpointing the origin of issues and the paths taken by data packets. This capability streamlines the resolution process.
Robust MultiHoming Support: The extension of CFM support to MultiHoming scenarios ensures that complex network setups remain resilient and well-monitored, even in challenging environments.
Prerequisites
Before configuring and utilizing CFM for ELINE MultiHoming, ensure the following prerequisites are met:
• Hardware Profiles Configuration
• Enable the required hardware profiles to facilitate CFM operations. These include cfm-domain-name-str, cfm-ccm, and evpn-mpls-mh profiles.
• Establish the hardware-profile filter (evpn-mpls-mh) for EVPN-MPLS MultiHoming.
• EVPN-MPLS Configuration
• Enable and configure EVPN MPLS on the relevant devices and enable MultiHoming support within EVPN MPLS.
• ELINE Service Setup
• Establish the ELINE service and assign the corresponding VPN identifiers (VPN-ID).
• Configure the host-reachability-protocol using EVPN BGP with the associated Virtual Routing and Forwarding (VRF).
• ELINE AC MultiHoming Configuration
• Configure ELINE MultiHoming features with proper encapsulation settings (e.g., dot1q) and access-if-evpn settings on relevant interfaces.
• Define the necessary mapping of VPN identifiers (VPN-ID) for the EVPN service.
For more information on the EVPN MPLS configurations, refer to the EVPN MPLS Configuration and EVPN MPLS Commands chapters in the Multi-Protocol Label Switching Guide, Release 6.4.1.
• MAC and MEP Considerations
• Ensure that the MEP on MultiHoming nodes has the same MAC. Consistent Media Access Control (MAC) addressing across Access Circuit (AC) ports is essential to facilitate single R-MEP consideration on MultiHoming peers.
For more information on the EVPN MPLS configurations, refer to the EVPN MPLS Configuration and CFM and Y.1731 Commands chapters in the Carrier Ethernet Guide, Release 6.4.1.
Meeting these prerequisites ensures a successful setup of CFM for ELINE MultiHoming, enabling enhanced network fault detection and isolation capabilities.
Configuration
This section illustrates the MultiHomed setup for the CFM over EVPN MPLS feature, showcasing examples for ELINE services with LDP as the underlay MPLS path.
Topology
Figure 6 consists of customer edge routers CE1 and CE2, and with IPv4 Provider Edge routers PE1, PE2, and PE3, all interconnected through the core router P in the IPv4 MPLS provider network.
CFM over EVPN-MPLS for ELINE MH configuration
CFM Configuration
To enhance network management, monitoring, performance, and fault detection, configure the following hardware-profile commands on PE1, PE2, and PE3 devices, and here are the steps for the configurations: PE1: CFM and PE2/PE3: CFM.
• Enable the filter for CFM domain name strings with the command hardware-profile filter cfm-domain-name-str enable. This filter enhances the network devices ability to process CFM domain name strings, facilitating better network management and service identification.
• Enable statistics collection for CFM Continuity Check Messages (CCM) using the command hardware-profile statistics cfm-ccm enable. This feature allows the network devices to gather valuable insights into network performance and fault detection by collecting and analyzing data related to CFM CCMs.
PE1: Loopback Interface
The configuration on PE1 for a loopback interface with IP address 1.1.1.1/32 secondary is set up to provide IP connectivity for the router.
PE1#configure terminal | Enter configure mode. |
PE1(config)#interface lo | Enter the interface mode for the loopback interface lo. |
PE1(config-if)#ip address 1.1.1.1/32 secondary | Configure a secondary IP address, 1.1.1.1/32, on the loopback interface. |
PE1(config-if)#exit | Exit interface mode lo. |
PE1(config)#commit | Commit the transaction. |
PE1: Global LDP
The configuration on PE1 for the Global LDP router, specifying router ID and targeted peers, is done to set up Label Distribution Protocol (LDP) settings for MPLS.
PE1(config)#router ldp | Enter the Router LDP mode. |
PE1(config-router)#router-id 1.1.1.1 | Set the router ID for LDP to 1.1.1.1. |
PE1(config-router)#targeted-peer ipv4 7.7.7.7 | Configure targeted peer for LDP using IPv4 addresses. |
PE1(config-router-targeted-peer)#exit-targeted-peer-mode | Exit router targeted-peer-mode. |
PE1(config-router)#targeted-peer ipv4 8.8.8.8 | Configure targeted peer for LDP using IPv4 addresses. |
PE1(config-router-targeted-peer)#exit-targeted-peer-mode | Exit router targeted-peer-mode. |
PE1(config-router)#exit | Exit router LDP mode and return to the configure mode. |
PE1(config)#commit | Commit the transaction. |
PE1: Global EVPN MPLS Command
The configuration on PE1 for the Global EVPN MPLS includes activating EVPN MPLS defining the global VTEP IP address, enabling hardware profile filtering for EVPN MPLS multihoming, and activating EVPN MPLS multihoming functionality, all of which are crucial for enabling EVPN MPLS features.
PE1(config)#evpn mpls enable | Activate the EVPN MPLS functionality on PE1, enabling it to participate in EVPN MPLS services. |
PE1(config)#commit | Commit candidate configuration to be running configuration. |
PE1(config)#evpn mpls vtep-ip-global 1.1.1.1 | Configure the global VTEP IP address 1.1.1.1, associating it with the loopback IP. |
PE1(config)#hardware-profile filter evpn-mpls-mh enable | Enable hardware-profile filter for EVPN MPLS multihoming. |
PE1(config)#evpn mpls multihoming enable | Activate the EVPN MPLS multihoming functionality, allowing PE1 to support multihomed EVPN MPLS services. |
PE1(config)#commit | Commit the transaction. |
PE1: Interface Configuration Network Side
The below configuration is performed to set up network interfaces on PE1 and enable LDP for IPv4, ensuring proper routing and labeling functionality.
PE1(config)#interface xe3 | Enter interface mode xe3. |
PE1(config-if)#ip address 10.1.0.1/16 | Configure an IP address, 10.1.0.1/16, on the interface xe3. |
PE1(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface, facilitating the exchange of label information between devices in the network. |
PE1(config-if)#label-switching | Enable label switching on the interface to enable MPLS-based packet forwarding. |
PE1(config-if)#exit | Exit interface mode xe3. |
PE1(config)#commit | Commit the transaction. |
PE1: OSPF Configuration
The below configuration is performed to set up OSPF on PE1, specifying the router ID and defining network interfaces.
PE1(config)#router ospf 1 | Enter the router OSPF mode. Configure PE1 to run OSPF with process ID 1. |
PE1(config-router)#ospf router-id 1.1.1.1 | Set the OSPF router ID to 1.1.1.1, identifying PE1 within the OSPF network. |
PE1(config-router)#network 1.1.1.1/32 area 0.0.0.0 | Advertise loopback address in OSPF. |
PE1(config-router)#network 10.1.0.0/16 area 0.0.0.0 | Advertise network address in OSPF. |
PE1(config-router)#exit | Exit router OSPF mode and return to configure mode. |
PE1(config)#commit | Commit the transaction. |
PE1: BGP Configuration
The below BGP configuration on PE1 is established to enable BGP routing with ASN 1, set the BGP router ID, define iBGP neighbors, and enable the EVPN address family for efficient routing in an EVPN environment.
PE1(config)#router bgp 1 | Enter the Router BGP mode, ASN: 1 |
PE1(config-router)#bgp router-id 1.1.1.1 | Configure BGP router ID 1.1.1.1, identifying PE1 within the BGP network. |
PE1(config-router)#neighbor 7.7.7.7 remote-as 1 | Configure neighbor 7.7.7.7 as an iBGP neighbor with their remote AS number 1. |
PE1(config-router)#neighbor 7.7.7.7 update-source lo | Configure neighbor 7.7.7.7 as an iBGP neighbor, specifying the source of routing updates as the loopback interface. |
PE1(config-router)#neighbor 8.8.8.8 remote-as 1 | Configure neighbor 8.8.8.8 as an iBGP neighbor with their remote AS number 1. |
PE1(config-router)#neighbor 8.8.8.8 update-source lo | Configure neighbor 8.8.8.8 as an iBGP neighbor, specifying the source of routing updates as the loopback interface. |
PE1(config-router)#address-family l2vpn evpn | Enter into address family mode for L2VPN EVPN. |
PE1(config-router-af)#neighbor 7.7.7.7 activate | Activate EVPN for iBGP neighbor 7.7.7.7 within the address family mode, ensuring that EVPN address family is enabled for the neighbor. |
PE1(config-router-af)#neighbor 8.8.8.8 activate | Activate EVPN for iBGP neighbor 8.8.8.8 within the address family mode, ensuring that EVPN address family is enabled for the neighbor. |
PE1(config-router-af)#exit | Exit address family mode and return to the router BGP mode. |
PE1(config-router)#commit | Commit the transaction. |
PE1(config-router)#exit | Exit router BGP mode and return to the configure mode. |
PE1: MAC VRF Configuration
The below MAC VRF configuration on PE1 is carried out to define and set up VRF named vrf2 with specific Route-Distinguisher (RD) and route-target values, ensuring segregated MAC address spaces for distinct network services.
PE1(config)#mac vrf vrf2 | Enter VRF mode named vrf2. |
PE1(config-vrf)#rd 1.1.1.1:2 | Configure Route-Distinguisher value of 1.1.1.1:2. |
PE1(config-vrf)#route-target both 2:2 | Configure import and export values for the vrf2 as 2:2. |
PE1(config-vrf)#exit | Exit VRF mode and return to the configure mode. |
PE1(config)#commit | Commit the transaction. |
PE1: EVPN and VRF Mapping
The EVPN and VRF mapping configuration on PE1 establishes mappings between the EVPN identifier and VRF, facilitating efficient routing and connectivity in an EVPN network environment.
PE1(config)#evpn mpls id 52 xconnect target-mpls-id 2 | Configure the EVPN-VPWS identifier with a source identifier of 52 and a target identifier of 2. |
PE1(config-evpn-mpls)#host-reachability-protocol evpn-bgp vrf2 | Map VRF vrf2 to the EVPN-VPWS identifier |
PE1(config-evpn-mpls)#commit | Commit the transaction. |
PE1(config-evpn-mpls)#exit | Exit the EVPN MPLS mode and return to the configure mode. |
PE1: Access Port Configuration
The below access port configuration on PE1 is carried out to create a Layer 2 sub-interface within the physical interface, description the interface, configure the encapsulation with VLAN ID, and map VPN-ID for efficient network access and connectivity.
PE1(config)#interface xe33 | Enter interface mode xe33. |
PE1(config-if)#interface xe33.2 switchport | Create a Layer 2 sub-interface xe33.2 within the physical interface xe33. |
PE1(config-if)#description access-side-int | Provide a description for the interface. |
PE1(config-if)#encapsulation dot1q 2 | Set encapsulation to dot1q with VLAN ID 2. |
PE1(config-if)#access-if-evpn | Enter the access mode for EVPN MPLS ID configuration. |
PE1(config-acc-if-evpn)#map vpn-id 52 | Map VPN-ID 52. |
PE1(config-acc-if-evpn)#exit | Exit the access mode and return to the interface mode. |
PE1(config-if)#exit | Exit interface mode xe33 and return to the configure mode. |
PE1(config)#commit | Commit the transaction. |
P: Loopback Interface
The configuration on P for a loopback interface with IP address 2.2.2.2/32 secondary is set up to provide IP connectivity for the router.
P#configure terminal | Enter configure mode. |
P(config)#interface lo | Enter the interface mode for the loopback interface lo. |
P(config-if)#ip address 2.2.2.2/32 secondary | Configure a secondary IP address, 2.2.2.2/32, on the loopback interface. |
P(config-if)#exit | Exit interface mode lo. |
P(config)#commit | Commit the transaction. |
P: Global LDP
The configuration on P for the Global LDP router, specifying router ID to set up Label Distribution Protocol (LDP) settings for MPLS.
P(config)#router ldp | Enter the Router LDP mode. |
P(config-router)#router-id 2.2.2.2 | Set the router ID for LDP to 2.2.2.2. |
P(config-router)#exit | Exit router LDP mode and return to the configure mode. |
P(config)#commit | Commit the transaction. |
P: Interface Configuration
The below configuration is performed to set up interfaces on P and enable LDP for IPv4, ensuring proper routing and labeling functionality.
P(config)#interface xe6 | Enter interface mode xe6. |
P(config-if)#ip address 10.1.0.2/16 | Configure an IP address, 10.1.0.2/16, on the interface xe6. |
P(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface, facilitating the exchange of label information between devices in the network. |
P(config-if)#label-switching | Enable label switching on the interface to enable MPLS-based packet forwarding. |
P(config-if)#exit | Exit interface mode xe6. |
P(config)#commit | Commit the transaction. |
P(config)#interface xe21 | Enter interface mode xe21. |
P(config-if)#ip address 123.1.1.1/24 | Configure an IP address, 123.1.1.1/24, on the interface xe21. |
P(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface, facilitating the exchange of label information between devices in the network. |
P(config-if)#label-switching | Enable label switching on the interface to enable MPLS-based packet forwarding. |
P(config-if)#exit | Exit interface mode xe21. |
P(config)#commit | Commit the transaction. |
P(config)#interface xe20 | Enter interface mode xe20. |
P(config-if)#ip address 124.1.1.1/24 | Configure an IP address, 124.1.1.1/24, on the interface xe20. |
P(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface, facilitating the exchange of label information between devices in the network. |
P(config-if)#label-switching | Enable label switching on the interface to enable MPLS-based packet forwarding. |
P(config-if)#exit | Exit interface mode xe20. |
P(config)#commit | Commit the transaction. |
P: OSPF Configuration
The below configuration is performed to set up OSPF on P, specifying the router ID and defining network interfaces for efficient routing.
P(config)#router ospf 1 | Enter the router OSPF mode. Configure P to run OSPF with process ID 1. |
P(config-router)#ospf router-id 2.2.2.2 | Set the OSPF router ID to 2.2.2.2, identifying P within the OSPF network. |
P(config-router)#network 2.2.2.2/32 area 0.0.0.0 | Advertise loopback address in OSPF. |
P(config-router)#network 10.1.0.2/16 area 0.0.0.0 | Advertise network address in OSPF. |
P(config-router)#network 123.1.1.1/24 area 0.0.0.0 | Advertise network address in OSPF. |
P(config-router)#network 124.1.1.1/24 area 0.0.0.0 | Advertise network address in OSPF. |
P(config-router)#exit | Exit router OSPF mode and return to the configure mode. |
P(config)#commit | Commit the transaction. |
PE2: Loopback Interface
The configuration on PE2 for a loopback interface with IP address 7.7.7.7/32 secondary is set up to provide IP connectivity for the router.
PE2#configure terminal | Enter configure mode. |
PE2(config)#interface lo | Enter the interface mode for the loopback interface lo. |
PE2(config-if)#ip address 7.7.7.7/32 secondary | Configure a secondary IP address, 7.7.7.7/32, on the loopback interface. |
PE2(config-if)#exit | Exit interface mode lo. |
PE2(config)#commit | Commit the transaction. |
PE2: Global LDP
The configuration on PE2 for the Global LDP router, specifying router ID and targeted peers, is done to set up Label Distribution Protocol (LDP) settings for MPLS.
PE2(config)#router ldp | Enter the Router LDP mode. |
PE2(config-router)#router-id 7.7.7.7 | Set the router ID for LDP to 7.7.7.7. |
PE2(config-router)#targeted-peer ipv4 1.1.1.1 | Configure targeted peer for LDP using IPv4 addresses. |
PE2(config-router-targeted-peer)#exit-targeted-peer-mode | Exit router targeted-peer-mode. |
PE2(config-router)#targeted-peer ipv4 8.8.8.8 | Configure targeted peer for LDP using IPv4 addresses. |
PE2(config-router-targeted-peer)#exit-targeted-peer-mode | Exit router targeted-peer-mode. |
PE2(config-router)#exit | Exit router LDP mode and return to the configure mode. |
PE2(config)#commit | Commit the transaction. |
PE2: Global EVPN MPLS Command
The configuration on PE2 for the Global EVPN MPLS, includes activating EVPN MPLS defining the global VTEP IP address, enabling hardware profile filtering for EVPN MPLS multihoming, and activating EVPN MPLS multihoming functionality, all of which are crucial for enabling EVPN MPLS features.
PE2(config)#evpn mpls enable | Activate the EVPN MPLS functionality on PE2, enabling it to participate in EVPN MPLS services. |
PE2(config)#commit | Commit candidate configuration to be running configuration. |
PE2(config)#evpn mpls vtep-ip-global 7.7.7.7 | Configure the global VTEP IP address 7.7.7.7, associating it with the loopback IP. |
PE2(config)#hardware-profile filter evpn-mpls-mh enable | Enable hardware-profile filter for EVPN MPLS multihoming. |
PE2(config)#evpn mpls multihoming enable | Activate the EVPN MPLS multihoming functionality, allowing PE2 to support multihomed EVPN MPLS services. |
PE2(config)#commit | Commit the transaction. |
PE2: Interface Configuration Network Side
The below configuration is performed to set up network interfaces on PE2 and enable LDP for IPv4, ensuring proper routing and labeling functionality.
PE2(config)#interface xe21 | Enter interface mode xe21. |
PE2(config-if)#ip address 123.1.1.2/24 | Configure an IP address, 123.1.1.2/24, on the interface xe21. |
PE2(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface, facilitating the exchange of label information between devices in the network. |
PE2(config-if)#label-switching | Enable label switching on the interface to enable MPLS-based packet forwarding. |
PE2(config-if)#exit | Exit interface mode xe21. |
PE2(config)#commit | Commit the transaction. |
PE2: OSPF Configuration
The below configuration is performed to set up OSPF on PE2, specifying the router ID and defining network interfaces.
PE2(config)#router ospf 1 | Enter the router OSPF mode. Configure PE2 to run OSPF with process ID 1. |
PE2(config-router)#ospf router-id 7.7.7.7 | Set the OSPF router ID to 7.7.7.7, identifying PE2 within the OSPF network. |
PE2(config-router)#network 7.7.7.7/32 area 0.0.0.0 | Advertise loopback address in OSPF. |
PE2(config-router)#network 123.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF. |
PE2(config-router)#exit | Exit router OSPF mode and return to configure mode. |
PE2(config)#commit | Commit the transaction. |
PE2: BGP Configuration
The below BGP configuration on PE2 is established to enable BGP routing with ASN 1, set the BGP router ID, define iBGP neighbors, and enable the EVPN address family for efficient routing in an EVPN environment.
PE2(config)#router bgp 1 | Enter the Router BGP mode, ASN: 1 |
PE2(config-router)#bgp router-id 7.7.7.7 | Configure BGP router ID 7.7.7.7, identifying PE2 within the BGP network. |
PE2(config-router)#neighbor 1.1.1.1 remote-as 1 | Configure neighbor 1.1.1.1 as an iBGP neighbor with their remote AS number 1. |
PE2(config-router)#neighbor 1.1.1.1 update-source lo | Configure neighbor 1.1.1.1 as an iBGP neighbor, specifying the source of routing updates as the loopback interface. |
PE2(config-router)#neighbor 8.8.8.8 remote-as 1 | Configure neighbor 8.8.8.8 as an iBGP neighbor with their remote AS number 1. |
PE2(config-router)#neighbor 8.8.8.8 update-source lo | Configure neighbor 8.8.8.8 as an iBGP neighbor, specifying the source of routing updates as the loopback interface. |
PE2(config-router)#address-family l2vpn evpn | Enter into address family mode for L2VPN EVPN. |
PE2(config-router-af)#neighbor 1.1.1.1 activate | Activate EVPN for iBGP neighbor 1.1.1.1 within the address family mode, ensuring that EVPN address family is enabled for the neighbor. |
PE2(config-router-af)#neighbor 8.8.8.8 activate | Activate EVPN for iBGP neighbor 8.8.8.8 within the address family mode, ensuring that EVPN address family is enabled for the neighbor. |
PE2(config-router-af)#exit | Exit address family mode and return to the router BGP mode. |
PE2(config-router)#commit | Commit the transaction. |
PE2(config-router)#exit | Exit router BGP mode and return to the configure mode. |
PE2: MAC VRF Configuration
The below MAC VRF configuration on PE2 is carried out to define and set up VRF named vrf2 with specific Route-Distinguisher (RD) and route-target values, ensuring segregated MAC address spaces for distinct network services.
PE2(config)#mac vrf vrf2 | Enter VRF mode named vrf2. |
PE2(config-vrf)#rd 7.7.7.7:2 | Configure Route-Distinguisher value of 7.7.7.7:2. |
PE2(config-vrf)#route-target both 2:2 | Configure import and export values for the vrf2 as 2:2. |
PE2(config-vrf)#exit | Exit VRF mode and return to the configure mode. |
PE2(config)#commit | Commit the transaction. |
PE2: EVPN and VRF Mapping
The EVPN and VRF mapping configuration on PE2 establishes mappings between the EVPN identifier and VRF, facilitating efficient routing and connectivity in an EVPN network environment.
PE2(config)#evpn mpls id 2 xconnect target-mpls-id 52 | Configure the EVPN-VPWS identifier with a source identifier of 2 and a target identifier of 52. |
PE2(config-evpn-mpls)#host-reachability-protocol evpn-bgp vrf2 | Map VRF vrf2 to the EVPN-VPWS identifier |
PE2(config-evpn-mpls)#commit | Commit the transaction. |
PE2(config-evpn-mpls)#exit | Exit the EVPN MPLS mode and return to the configure mode. |
PE2: Access Port Configuration
The below access port configuration on PE2 is carried out to create a Layer 2 sub-interface within the port channel interface, set the load balancing, configure system MAC and the encapsulation with VLAN ID, map VPN-ID for efficient network access and connectivity.
PE2(config)#interface po1 | Enter the port channel interface mode for po1 |
PE2(config-if)#load-interval 30 | Set the load interval to 30. |
PE2(config-if)#evpn multi-homed system-mac 0000.aaaa.bbbc | Configure the system-mac address 0000.aaaa.bbbc which plays a role in load balancing. |
PE2(config-if)#interface po1.2 switchport | Create a Layer 2 sub-interface po1.2 within the port channel. |
PE2(config-if)#encapsulation dot1q 2 | Set encapsulation to dot1q with VLAN ID 2. |
PE2(config-if)#access-if-evpn | Enter the access mode for EVPN MPLS ID configuration. |
PE2(config-acc-if-evpn)#map vpn-id 2 | Map VPN-ID 2. |
PE2(config-acc-if-evpn)#exit | Exit the access mode and return to the interface mode. |
PE2(config-if)#exit | Exit interface mode po1 and return to the configure mode. |
PE2(config)#commit | Commit the transaction. |
PE3: Loopback Interface
The configuration on PE3 for a loopback interface with IP address 8.8.8.8/32 secondary is set up to provide IP connectivity for the router.
PE3#configure terminal | Enter configure mode. |
PE3(config)#interface lo | Enter the interface mode for the loopback interface lo. |
PE3(config-if)#ip address 8.8.8.8/32 secondary | Configure a secondary IP address, 8.8.8.8/32, on the loopback interface. |
PE3(config-if)#exit | Exit interface mode lo. |
PE3(config)#commit | Commit the transaction. |
PE3: Global LDP
The configuration on PE3 for the Global LDP router, specifying router ID and targeted peers, is done to set up Label Distribution Protocol (LDP) settings for MPLS.
PE3(config)#router ldp | Enter the Router LDP mode. |
PE3(config-router)#router-id 8.8.8.8 | Set the router ID for LDP to 7.7.7.7. |
PE3(config-router)#targeted-peer ipv4 1.1.1.1 | Configure targeted peer for LDP using IPv4 addresses. |
PE3(config-router-targeted-peer)#exit-targeted-peer-mode | Exit router targeted-peer-mode. |
PE3(config-router)#targeted-peer ipv4 7.7.7.7 | Configure targeted peer for LDP using IPv4 addresses. |
PE3(config-router-targeted-peer)#exit-targeted-peer-mode | Exit router targeted-peer-mode. |
PE3(config-router)#exit | Exit router LDP mode and return to the configure mode. |
PE3(config)#commit | Commit the transaction. |
PE3: Global EVPN MPLS Command
The configuration on PE3 for the Global EVPN MPLS, includes activating EVPN MPLS defining the global VTEP IP address, enabling hardware profile filtering for EVPN MPLS multihoming, and activating EVPN MPLS multihoming functionality, all of which are crucial for enabling EVPN MPLS features.
PE3(config)#evpn mpls enable | Activate the EVPN MPLS functionality on PE3, enabling it to participate in EVPN MPLS services. |
PE3(config)#commit | Commit candidate configuration to be running configuration. |
PE3(config)#evpn mpls vtep-ip-global 8.8.8.8 | Configure the global VTEP IP address 8.8.8.8, associating it with the loopback IP. |
PE3(config)#hardware-profile filter evpn-mpls-mh enable | Enable hardware-profile filter for EVPN MPLS multihoming. |
PE3(config)#evpn mpls multihoming enable | Activate the EVPN MPLS multihoming functionality, allowing PE3 to support multihomed EVPN MPLS services. |
PE3(config)#commit | Commit the transaction. |
PE3: Interface Configuration Network Side
The below configuration is performed to set up network interfaces on PE3 and enable LDP for IPv4, ensuring proper routing and labeling functionality.
PE3(config)#interface xe5 | Enter interface mode xe5. |
PE3(config-if)#ip address 124.1.1.2/24 | Configure an IP address, 124.1.1.2/24, on the interface xe5. |
PE3(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface, facilitating the exchange of label information between devices in the network. |
PE3(config-if)#label-switching | Enable label switching on the interface to enable MPLS-based packet forwarding. |
PE3(config-if)#exit | Exit interface mode xe5. |
PE3(config)#interface xe4 | Enter the interface mode for xe4. |
PE3(config-if)#channel-group 1 mode active | Attach LAG interface xe4. |
PE3(config-if)#exit | Exit interface mode xe4 and return to the configure mode. |
PE3(config)#commit | Commit the transaction. |
PE3: OSPF Configuration
The below configuration is performed to set up OSPF on PE3, specifying the router ID and defining network interfaces.
PE3(config)#router ospf 1 | Enter the router OSPF mode. Configure PE3 to run OSPF with process ID 1. |
PE3(config-router)#ospf router-id 8.8.8.8 | Set the OSPF router ID to 8.8.8.8, identifying PE3 within the OSPF network. |
PE3(config-router)#network 8.8.8.8/32 area 0.0.0.0 | Advertise loopback address in OSPF. |
PE3(config-router)#network 124.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF. |
PE3(config-router)#exit | Exit router OSPF mode and return to configure mode. |
PE3(config)#commit | Commit the transaction. |
PE3: BGP Configuration
The below BGP configuration on PE3 is established to enable BGP routing with ASN 1, set the BGP router ID, define iBGP neighbors, and enable the EVPN address family for efficient routing in an EVPN environment.
PE3(config)#router bgp 1 | Enter the Router BGP mode, ASN: 1 |
PE3(config-router)#bgp router-id 8.8.8.8 | Configure BGP router ID 8.8.8.8, identifying PE3 within the BGP network. |
PE3(config-router)#neighbor 1.1.1.1 remote-as 1 | Configure neighbor 1.1.1.1 as an iBGP neighbor with their remote AS number 1. |
PE3(config-router)#neighbor 1.1.1.1 update-source lo | Configure neighbor 1.1.1.1 as an iBGP neighbor, specifying the source of routing updates as the loopback interface. |
PE3(config-router)#neighbor 7.7.7.7 remote-as 1 | Configure neighbor 7.7.7.7 as an iBGP neighbor with their remote AS number 1. |
PE3(config-router)#neighbor 7.7.7.7 update-source lo | Configure neighbor 7.7.7.7 as an iBGP neighbor, specifying the source of routing updates as the loopback interface. |
PE3(config-router)#address-family l2vpn evpn | Enter into address family mode for L2VPN EVPN. |
PE3(config-router-af)#neighbor 1.1.1.1 activate | Activate EVPN for iBGP neighbor 1.1.1.1 within the address family mode, ensuring that EVPN address family is enabled for the neighbor. |
PE3(config-router-af)#neighbor 7.7.7.7 activate | Activate EVPN for iBGP neighbor 7.7.7.7 within the address family mode, ensuring that EVPN address family is enabled for the neighbor. |
PE3(config-router-af)#exit | Exit address family mode and return to the router BGP mode. |
PE3(config-router)#commit | Commit the transaction. |
PE3(config-router)#exit | Exit router BGP mode and return to the configure mode. |
PE3: MAC VRF Configuration
The below MAC VRF configuration on PE3 is carried out to define and set up VRF named vrf2 with specific Route-Distinguisher (RD) and route-target values, ensuring segregated MAC address spaces for distinct network services.
PE3(config)#mac vrf vrf2 | Enter VRF mode named vrf2. |
PE3(config-vrf)#rd 8.8.8.8:2 | Configure Route-Distinguisher value of 8.8.8.8:2. |
PE3(config-vrf)#route-target both 2:2 | Configure import and export values for the vrf2 as 2:2. |
PE3(config-vrf)#exit | Exit VRF mode and return to the configure mode. |
PE3(config)#commit | Commit the transaction. |
PE3: EVPN and VRF Mapping
The EVPN and VRF mapping configuration on PE3 establishes mappings between the EVPN identifier and VRF, facilitating efficient routing and connectivity in an EVPN network environment.
PE3(config)#evpn mpls id 2 xconnect target-mpls-id 52 | Configure the EVPN-VPWS identifier with a source identifier of 2 and a target identifier of 52. |
PE3(config-evpn-mpls)#host-reachability-protocol evpn-bgp vrf2 | Map VRF vrf2 to the EVPN-VPWS identifier |
PE3(config-evpn-mpls)#commit | Commit the transaction. |
PE3(config-evpn-mpls)#exit | Exit the EVPN MPLS mode and return to the configure mode. |
PE3: Access Port Configuration
The below access port configuration on PE3 is carried out to create a Layer 2 sub-interface within the port channel interface, set the load balancing, configure system MAC and the encapsulation with VLAN ID, map VPN-ID for efficient network access and connectivity.
PE3(config)#interface po1 | Enter the port channel interface mode for po1 |
PE3(config-if)#load-interval 30 | Set the load interval to 30. |
PE3(config-if)#evpn multi-homed system-mac 0000.aaaa.bbbc | Configure the system-mac address 0000.aaaa.bbbc which plays a role in load balancing. |
PE3(config-if)#interface po1.2 switchport | Create a Layer 2 sub-interface po1.2 within the port channel. |
PE3(config-if)#encapsulation dot1q 2 | Set encapsulation to dot1q with VLAN ID 2. |
PE3(config-if)#access-if-evpn | Enter the access mode for EVPN MPLS ID configuration. |
PE3(config-acc-if-evpn)#map vpn-id 2 | Map VPN-ID 2. |
PE3(config-acc-if-evpn)#exit | Exit the access mode and return to the interface mode. |
PE3(config-if)#exit | Exit interface mode po1 and return to the configure mode. |
PE3(config)#commit | Commit the transaction. |
PE1: CFM
The following configuration enables CFM monitoring and maintenance for EVPN services on PE1.
PE1(config)#hardware-profile filter cfm-domain-name-str enable | Enable the CFM domain name as a character string profile for CFM filtering. |
PE1(config)#ethernet cfm domain-type character-string domain-name evpn1 level 7 mip-creation none | Create a CFM domain for EVPN ELINE with a character string type and set MIP creation to none. |
PE1(config-ether-cfm)#service ma-type string ma-name evp1 | Define a maintenance association (MA) type with the string evp1. |
PE1(config-ether-cfm-ma)#evpn 52 | Configure the MA for EVPN ID 52. |
PE1(config-ether-cfm-ma)#ethernet cfm mep up mpid 20 active true evpn 52 | Create an up-maintenance endpoint (MEP) for local EVPN ID 52. |
PE1(config-ether-cfm-ma-mep)#cc multicast state enable | Enable multicast continuity check (CC) state for the MEP. |
PE1(config-ether-cfm-ma-mep)#cc interval 100 | Set the CC interval to 100 milliseconds. |
PE1(config-ether-cfm-ma-mep)#exit-ether-ma-mep-mode | Exit Ethernet MA MEP mode. |
PE1(config-ether-cfm-ma)#mep crosscheck mpid 10 | Configure cross-check to the remote MEP. |
PE1(config-ether-cfm-ma)#exit-ether-ma-mode | Exit Ethernet MA mode. |
PE1(config-ether-cfm)#exit | Exit Ethernet CFM mode and return to the configure mode. |
PE1(config)#commit | Commit candidate configuration to be running configuration. |
PE2/PE3: CFM
The following configuration enables CFM monitoring and maintenance for EVPN services on PE2 and PE3 devices.
Note: Apply the same set of configurations to the PE3 device.
PE2(config)#hardware-profile filter cfm-domain-name-str enable | Enable the CFM domain name as a character string profile for CFM filtering. |
PE2(config)#ethernet cfm domain-type character-string domain-name evpn1 level 7 mip-creation none | Create a CFM domain for EVPN ELINE with a character string type and set MIP creation to none. |
PE2(config-ether-cfm)#service ma-type string ma-name evp1 | Define a maintenance association (MA) type with the string evp1. |
PE2(config-ether-cfm-ma)#evpn 2 | Configure the MA for EVPN ID 2. |
PE2(config-ether-cfm-ma)#ethernet cfm mep up mpid 10 active true evpn 2 | Create an up-maintenance endpoint (MEP) for local EVPN ID 2. |
PE2(config-ether-cfm-ma-mep)#cc multicast state enable | Enable multicast continuity check (CC) state for the MEP. |
PE2(config-ether-cfm-ma-mep)#cc interval 100 | Set the CC interval to 100 milliseconds. |
PE2(config-ether-cfm-ma-mep)#exit-ether-ma-mep-mode | Exit Ethernet MA MEP mode. |
PE2(config-ether-cfm-ma)#mep crosscheck mpid 20 | Configure cross-check to the remote MEP. |
PE2(config-ether-cfm-ma)#exit-ether-ma-mode | Exit Ethernet MA mode. |
PE2(config-ether-cfm)#exit | Exit Ethernet CFM mode and return to the configure mode. |
PE2(config)#commit | Commit candidate configuration to be running configuration. |
Validation
The following output displays the validation results for PE1, PE2, and PE3 in an EVPN setup, which includes EVPN xconnect status, Ethernet CFM errors, remote maintenance points, local maintenance points, and successful ping tests.
PE1: Display xConnect Status
PE1#show evpn mpls xconnect
EVPN Xconnect Info
========================
AC-AC: Local-Cross-connect
AC-NW: Cross-connect to Network
AC-UP: Access-port is up
AC-DN: Access-port is down
NW-UP: Network is up
NW-DN: Network is down
NW-SET: Network and AC both are up
Local Remote Connection-Details
================================ ============ ===================================================================================
VPN-ID EVI-Name MTU VPN-ID Source Destination PE-IP MTU Type NW-Status
================================ ============ ===================================================================================
52 ---- 1500 2 xe33.2 00:00:00:aa:aa:bb:bb:00:00:00 7.7.7.7 1500 AC-NW NW-SET
8.8.8.8 1500 ---- ----
PE1: Display Ethernet CFM errors
PE1#show ethernet cfm errors domain evpn1
Domain Name Level MEPID Defects
-----------------------------------------------
evpn1 7 20 .....
PE1: Display Remote Maintenance Points
PE1#show ethernet cfm maintenance-points remote domain evpn1 ma-name evp1
MEPID RMEPID LEVEL Rx CCM RDI PEER-MAC TYPE
----------------------------------------------------------------------
20 10 7 Yes False 00aa.bb00.0002 Configured
PE1: Display Local Maintenance Points
PE1#show ethernet cfm maintenance-points local mep domain evpn1 ma-name evp1
MPID Dir Lvl CC-Stat HW-Status CC-Intvl MAC-Address Def Port MD Name
---------------------------------------------------------------------------
20 Up 7 Enable Installed 100 ms 3417.ebe4.af22 F xe33.2 evpn1
PE1: Ping Test
PE1#ping ethernet mac 00aa.bb00.0002 unicast source 20 domain evpn1 ma evp1
success rate is 100 (5/5)
PE2/PE3: Display xConnect Status
PE2#show evpn mpls xconnect
EVPN Xconnect Info
========================
AC-AC: Local-Cross-connect
AC-NW: Cross-connect to Network
AC-UP: Access-port is up
AC-DN: Access-port is down
NW-UP: Network is up
NW-DN: Network is down
NW-SET: Network and AC both are up
Local Remote Connection-Details
================================ ============ ===================================================================================
VPN-ID EVI-Name MTU VPN-ID Source Destination PE-IP MTU Type NW-Status
================================ ============ ===================================================================================
2 ---- 1500 52 po1.2 --- Single Homed Port --- 1.1.1.1 1500 AC-NW NW-SET
PE2/PE3: Display Ethernet CFM errors
PE2#show ethernet cfm errors domain evpn1
Domain Name Level MEPID Defects
-----------------------------------------------
evpn1 7 10 .....
PE2/PE3: Display Local Maintenance Points
PE2#show ethernet cfm maintenance-points local mep domain evpn1 ma-name evp1
MPID Dir Lvl CC-Stat HW-Status CC-Intvl MAC-Address Def Port MD Name
---------------------------------------------------------------------------
10 Up 7 Enable Installed 100 ms 00aa.bb00.0002 F po1.2 evpn1
PE2/PE3: Display Remote Maintenance Points
PE2#show ethernet cfm maintenance-points remote domain evpn1 ma-name evp1
MEPID RMEPID LEVEL Rx CCM RDI PEER-MAC TYPE
----------------------------------------------------------------------
10 20 7 Yes False 3417.ebe4.af22 Configured
PE2/PE3: Ping and Traceroute Test
PE2#ping ethernet mac 3417.ebe4.af22 unicast source 10 domain evpn1 ma evp1
success rate is 100 (5/5)
PE2#traceroute ethernet 3417.ebe4.af22 mepid 10 domain evpn1 ma evp1
MP Mac Hops Relay-action Ingress/Egress Ingress/Egress action
3417.ebe4.af22 1 RlyHit Ingress IngOK
Implementation Examples
Here is a practical scenario and use case for CFM (802.1ag) implementation for ELINE MultiHoming in the context of a telecommunications service provider who offers Ethernet-based Virtual Private Network (EVPN) services to various enterprises.
Use Case: Ensuring Service Reliability and Quality
Scenario: Consider a company with several branch offices that rely heavily on its ELINE connections to ensure smooth communication and data exchange between offices. The company subscribes to an EVPN service provided by a telecommunications service provider.
Use Case Details
1. MultiHoming Resilience: The company's critical applications and services require high availability. MultiHoming ensures redundancy by connecting each branch office to the provider's network through multiple paths. This way, if one path fails due to network issues, the traffic can be rerouted through the alternative path without causing a disruption.
2. Continuous Monitoring: CFM implementation allows the service provider to continuously monitor the connectivity and performance of the ELINE connections between the branch offices. By sending CCMs, the provider can quickly identify any interruptions in connectivity.
3. Swift Issue Detection and Resolution: In case of a network disruption or fault, the service provider receives immediate alerts through CFM CCMs. This enables the provider's network operations team to pinpoint the issue's location and take prompt action to restore services, minimizing downtime for the company.
4. Troubleshooting Efficiency: The CFM Ping and Trace functions assist in troubleshooting network issues. If the company's IT team reports a performance issue or communication problem, use CFM diagnostic capabilities to trace the path of packets and identify bottlenecks or faulty segments.
In this use case, the CFM implementation for ELINE MultiHoming provides a robust solution for ensuring reliable and high-quality connectivity for the company's distributed offices. It enables proactive monitoring and rapid issue resolution, which are critical for maintaining the company's communication and operational efficiency.
Troubleshooting
Follow the troubleshooting steps below to resolve connectivity issues related to CFM EVPN-ID and crosscheck local and remote MEP ID matching.
1. Check Local EVPN-ID: Verify the EVPN-ID configured on the local device (Example: PE1) and ensure that it matches the intended EVPN-ID for the target service or connection.
2. Verify Remote EVPN-ID: Check the EVPN-ID configured on the remote device (Example: PE2) and confirm that it matches the EVPN-ID expected by the local device.
3. Crosscheck MEP ID: Examine the MEP ID configured on the local device (PE1) and ensure it matches the expected R-MEP ID on the remote device (PE2).
4. Validate Remote MEP ID: Verify the MEP ID configured on the remote device (PE2) and ensure it matches the R-MEP ID expected by the local device (PE1).
5. Reconfigure If Needed: If there are discrepancies between the local and remote EVPN-IDs or MEP IDs, reconfigure the devices to match.
6. Test the Connection: After ensuring that EVPN-IDs and MEP IDs match on both devices, test the connection to confirm it is established correctly.
Abbreviations
The following are some key abbreviations and their meanings relevant to this document:
Acronym | Description |
CFM | Continuity Fault Management |
CCM | Continuity Check Messages |
EVPN | Ethernet Virtual Private Network |
ELINE | Ethernet-LINE |
MPLS | Multi-Protocol Label Switching |
UP | User-to-Provider |
MEP | Maintenance End Point |
MH | MultiHoming |
R-MEP | Remote Maintenance End Point |
MAC | Media Access Control |
AC | Access Circuit |
TLV | Type-Length-Value |
RDI | Remote Defect Indicator |
LB | Loopback |
LBM | Loopback Message |
LTR | Looptrace Reply |
Glossary
The following provides definitions for key terms used throughout this document.
Continuity Fault Management (CFM) | A protocol (802.1ag) that facilitates the monitoring of network connectivity by using Continuity Check Messages (CCM) to detect faults. |
Continuity Check Messages (CCM) | Periodic messages are used in CFM to check the continuity of a network connection. |
Ethernet Virtual Private Network (EVPN) | A technology that enables the extension of Layer 2 Ethernet networks over a Layer 3 infrastructure. |
Multi-Protocol Label Switching (MPLS) | In telecommunications networks, a routing technique is employed to guide data from one node to the next using concise path labels rather than relying on lengthy network addresses. |
User-to-Provider (UP) | Refers to the connection between the user's and service provider's networks. |
Maintenance End Point (MEP) | A point in a network where maintenance operations are initiated or terminated. |
MultiHoming (MH) | A networking architecture that allows a device to be connected to multiple network paths or points of attachment. |
Remote Maintenance End Point (R-MEP) | A maintenance end point located remotely from the originating point. |
Media Access Control (MAC) | A unique identifier assigned to a network interface card. |
Attachment Circuit (AC) | A circuit that connects a customer's equipment to a provider's network. |
Type-Length-Value (TLV) | A format used to encapsulate data in a variety of protocols. |
Remote Defect Indication (RDI) | A signal used to indicate a fault condition in a network link. |
Loopback Message (LBM) | A message used in loopback testing to check connectivity. |