EVPN-ELINE CFM Single Homing
CFM (as per IEEE 802.1ag 2007) provides capabilities useful for detecting, verifying and isolating connectivity failures in Virtual Bridged Local Area Networks through Continuity Check, Loop Back and Link Trace protocols. These capabilities can be used in networks operated by multiple independent organizations, each with restricted access to each other's equipment.
The network administrator is generally informed about the failure in the connection based on the reception of Continuity Check Messages or by the user. The administrator can then initiate Loop Back or Link Trace accordingly to quickly determine and then isolate the fault condition.
The CFM information is conveyed in Protocol frames called CFM Protocol Data Units (CFM PDUs). The CFM PDUs contain the appropriate control and status information used to detect, verify and isolate faults. It also contains information for path discovery in CFM-enabled links.
Currently, supported only for EVPN-ELINE Single home and up MEP service on both Q1 and Q2 platforms.
Topology
The diagram depicts the Single Homed topology for the EVPN MPLS configuration examples that follow.
Figure 24-5: EVPN MPLS Single Homing configuration
Prerequisite
Configure below hardware-profile commands related to CFM in configuration mode and reboot the nodes.
hardware-profile filter cfm-domain-name-str enable
hardware-profile statistics cfm-ccm enable
PE1: Loopback Interface
#configure terminal | Enter configuration mode. |
(config)#interface lo | Enter the Interface mode for the loopback interface. |
(config-if)#ip address 10.143.73.1/32 secondary | Configure IP address on loopback interface. |
(config-if)#exit | Exit interface mode |
(config)#commit | Commit candidate configuration to be running configuration |
PE1: Global EVPN MPLS Command
#configure terminal | Enter configuration mode. |
(config)#evpn mpls enable | Enable EVPN MPLS |
(config)#commit | Commit candidate configuration to be running configuration Note: Reload is required after Enabling/Disabling EVPN MPLS Feature |
(config-evpn-mpls)#evpn mpls vtep-ip-global 10.143.73.1 | Configuring VTEP global IP to loopback IP |
PE1: Global LDP
(config)#router ldp | Enter the Router LDP mode. |
PE1(config-router)#router-id 10.143.73.1 | Set the router ID to IP address 10.143.73.1 |
PE1(config-router)#transport-address ipv4 10.143.73.1 0 | Configure the transport address for IPV4 (for IPV6 use ipv6) to be used for a TCP session over which LDP will run. Note: It is preferable to use the loopback address as the transport address |
PE1(config-router)#targeted-peer ipv4 10.143.73.3 | Configure targeted peer. |
(config-router)#exit | Exit from router target peer and LDP mode |
(config)#commit | Commit candidate configuration to be running configuration |
PE1: Interface Configuration Network Side
(config)#interface xe3 | Enter the Interface mode for xe3 |
(config-if)#ip address 10.255.128.2/31 | Configure IP address on the interface. |
(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface |
(config-if)#label-switching | Enable label switching on the interface. |
(config-if)#exit | Exit interface mode |
(config)#commit | Commit candidate configuration to be running configuration |
Note: For RSVP Configuration refer RSVP-TE Configuration.
PE1: OSPF Configuration
(config)#router ospf 100 | Enter the Router OSPF mode. |
(config-router)#ospf router-id 10.143.73.1 | Router-ID configurations |
(config-router)#network 10.143.73.1/32 area 0.0.0.0 | Advertise loopback address in OSPF. |
(config-router)#network 10.255.128.2/31 area 0.0.0.0 | Advertise xe3 network address in OSPF. |
(config-router)#exit | Exit Router OSPF mode and return to Configure mode. |
(config)#commit | Commit candidate configuration to be running configuration |
PE1: BGP Configuration
(config)#router bgp 65010 | Enter the Router BGP mode, ASN: 65010 |
(config-router)#neighbor 10.143.73.3 remote-as 65010 | Configuring PE2 as iBGP neighbor using it's loopback IP |
(config-router)#neighbor 10.143.73.3 update-source lo | Source of routing updates as loopback |
(config-router)#address-family l2vpn evpn | Entering into address family mode as EVPN |
(config-router-af)#neighbor 10.143.73.3 activate | Enabling EVPN Address family for neighbor |
(config-router-af)#exit | Exiting of Address family mode |
(config-router)#commit | Commit candidate configuration to be running configuration |
PE1: MAC VRF Configuration
(config)#mac vrf vrf2 | Enter VRF mode |
(config-vrf)#rd 10.143.73.1:2 | Configuring Route-Distinguisher value 10.143.73.1:2 |
(config-vrf)#route-target both 2:2 | Configuring import and export value as 2:2 |
(config-vrf)#exit | Exiting VRF Mode |
(config)#commit | Commit candidate configuration to be running configuration |
PE1: EVPN and VRF Mapping
(config)#evpn mpls id 2 xconnect target-mpls-id 252 | Configure the EVPN-VPWS identifier with source identifier 2 and target identifier 252 |
(config)#host-reachability-protocol evpn-bgp vrf2 | Mapping vrf "vrf2" to EVPN-VPWS identifier |
(config)#commit | Commit candidate configuration to be running configuration |
PE1: Access Port Configuration
(config)#interface xe6 | Enter the Interface mode for xe6. |
(config-if)#description access-side-int | Giving Interface Description |
(config-if)#interface xe6.2 switchport | Creating L2 sub interface of physical interface xe6 |
(config-if)#encapsulation dot1q 2 | Setting Encapsulation to dot1q with VLAN ID 2 Supported Encapsulation: dot1ad, dot1q, untagged, default |
(config-if)#access-if-evpn | Entering Access mode for EVPN MPLS ID configuration |
(config-access-if)#map vpn-id 2 | Map vpn-id 252 to interface xe2.2 (VPWS) |
(config-access-if)#exit | Exiting out of access interface mode |
(config-if)#commit | Commit candidate configuration to be running configuration |
PE1: CFM Configuration
(config)#hardware-profile filter cfm-domain-name-str enable | Configure cfm-domain-name-str profile to enable cfm |
(config)#ethernet cfm domain-type character-string domain-name MD-01 level 2 mip-creation none | Create CFM domain for Evpn ELine with type as character string and set mip creation to none |
(config-ether-cfm-mpls-md)#service ma-type string ma-name S1 | Create ma type with string and set mip creation to none |
(config-ether-cfm-mpls-ma)# evpn 2 | Configure evpn <Evpn-id> |
(config-ether-cfm-mpls-ma)#ethernet cfm mep up mpid 8191 active true evpn 2 | Create up-mep for local evpn id 2 |
(config-ether-cfm-mpls-ma-mep)#cc multicast state enable | Enable cc multicast |
(config-ether-cfm-mpls-ma-mep)#exit-ether-ma-mep-mode | Exit Ethernet ma-mep-mode |
(config-ether-cfm-mpls-ma)#mep crosscheck mpid 8000 | Configure cross check to remote mep for vlan 2 |
(config-ether-cfm-mpls-ma)#cc interval 2 | Enable cc interval with value 2 i.e 10 milliseconds |
(config-ether-cfm-mpls-ma)#exit-ether-ma-mode | Exit ethernnet ma mode |
(config-ether-cfm-mpls-md)#exit | Exit Ethernet cfm mode |
(config)#exit | Exit from config mode |
(config)#commit | Commit candidate configuration to be running configuration |
P: Loopback Interface
#configure terminal | Enter configuration mode. |
(config)#interface lo | Enter the Interface mode for the loopback interface. |
(config-if)#ip address 10.143.73.2/32 secondary | Configure IP address on loopback interface. |
(config-if)#exit | Exit interface mode |
(config)#commit | Commit candidate configuration to be running configuration |
P: Global LDP
(config)#router ldp | Enter the Router LDP mode. |
PE1(config-router)#router-id 10.143.73.2 | Set the router ID to IP address 10.143.73.2 |
PE1(config-router)#transport-address ipv4 10.143.73.2 0 | Configure the transport address for IPV4 (for IPV6 use ipv6) to be used for a TCP session over which LDP will run. Note: It is preferable to use the loopback address as the transport address. |
(config-router)#exit | Exit from router target peer and LDP mode |
(config)#commit | Commit candidate configuration to be running configuration |
P: Interface Configuration
(config)#interface xe3 | Enter the Interface mode for xe3 |
(config-if)#ip address 10.255.128.3/31 | Configure IP address on the interface. |
(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface |
(config-if)#label-switching | Enable label switching on the interface. |
(config-if)#exit | Exit interface mode |
(config)#interface xe5 | Enter the Interface mode for xe5 |
(config-if)#ip address 10.255.128.22/31 | Configure IP address on the interface. |
(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface |
(config-if)#label-switching | Enable label switching on the interface. |
(config-if)#exit | Exit interface mode |
(config)#commit | Commit candidate configuration to be running configuration |
P: OSPF Configuration
(config)#router ospf 100 | Enter the Router OSPF mode. |
(config-router)#ospf router-id 10.143.73.2 | Setting the Router ID as Loopback IP |
(config-router)#network 10.143.73.2/32 area 0.0.0.0 | Advertise loopback address in OSPF. |
(config-router)#network 10.255.128.22/31 area 0.0.0.0 | Advertise xe5 network address in OSPF |
(config-router)#network 10.255.128.3/31 area 0.0.0.0 | Advertise xe3 network address in OSPF. |
(config-router)#exit | Exit Router OSPF mode and return to Configure mode. |
(config)#commit | Commit candidate configuration to be running configuration |
PE2: Loopback Interface
#configure terminal | Enter configuration mode. |
(config)#interface lo | Enter the Interface mode for the loopback interface. |
(config-if)#ip address 10.143.73.3/32 secondary | Configure IP address on loopback interface. |
(config-if)#exit | Exit interface mode |
(config)#commit | Commit candidate configuration to be running configuration |
PE2: Global LDP
(config)#router ldp | Enter the Router LDP mode. |
PE1(config-router)#router-id 10.143.73.3 | Set the router ID to IP address 10.143.73.3 |
PE1(config-router)#transport-address ipv4 10.143.73.3 0 | Configure the transport address for IPV4 (for IPV6 use ipv6) to be used for a TCP session over which LDP will run. Note: It is preferable to use the loopback address as the transport address. |
PE1(config-router)#targeted-peer ipv4 10.143.73.1 | Configure targeted peer. |
(config-router)#exit | Exit from router target peer and LDP mode |
(config)#commit | Commit candidate configuration to be running configuration |
PE2: Global EVPN MPLS Command
(config)#evpn mpls enable | Enable EVPN MPLS |
OcNOS(config)#commit | Commit candidate configuration to be running configuration Note: Reload is required after Enabling/Disabling EVPN MPLS Feature. |
(config-evpn-mpls)#evpn mpls vtep-ip-global 10.143.73.3 | Configuring VTEP global IP to loopback IP |
(config-evpn-mpls)#commit | Commit candidate configuration to be running configuration |
PE2: Interface Configuration Network Side
(config)#interface xe5 | Enter the Interface mode for xe5 |
(config-if)#ip address 10.255.128.23/31 | Configure IP address on the interface. |
(config-if)#enable-ldp ipv4 | Enable LDP on the physical interface |
(config-if)#label-switching | Enable label switching on the interface. |
(config-if)#exit | Exit interface mode |
(config)#commit | Commit candidate configuration to be running configuration |
PE2: OSPF Configuration
(config)#router ospf 100 | Enter the Router OSPF mode. |
(config-router)#ospf router-id 10.143.73.3 | Router-ID configurations |
(config-router)#network 10.143.73.3/32 area 0.0.0.0 | Advertise loopback address in OSPF. |
(config-router)#network 10.255.128.23/31 area 0.0.0.0 | Advertise xe5 network address in OSPF. |
(config-router)#exit | Exit Router OSPF mode and return to Configure mode. |
(config)#commit | Commit candidate configuration to be running configuration |
PE2: BGP Configuration
(config)#router bgp 65010 | Enter the Router BGP mode, ASN: 65010 |
(config-router)#neighbor 10.143.73.1 remote-as 65010 | Configuring PE1 as iBGP neighbor using it's loopback IP |
(config-router)#neighbor 10.143.73.1 update-source lo | Source of routing updates as loopback |
(config-router)#address-family l2vpn evpn | Entering into address family mode as EVPN |
(config-router-af)#neighbor 10.143.73.1 activate | Enabling EVPN Address family for neighbor |
(config-router-af)#exit | Exiting of Address family mode |
(config-router)#commit | Commit candidate configuration to be running configuration |
PE2: MAC VRF Configuration
(config)#mac vrf vrf2 | Enter VRF mode |
(config-vrf)#rd 10.143.73.3:2 | Configuring Route-Distinguisher value 10.143.73.3:2 |
(config-vrf)#route-target both 2:2 | Configuring import and export value as 2:2 |
(config-vrf)#exit | Exiting VRF Mode |
(config)#commit | Commit candidate configuration to be running configuration |
PE2: EVPN and VRF Mapping
(config)#evpn mpls id 252 xconnect target-mpls-id 2 | Configure the EVPN-ELINE identifier with source identifier 252 and target identifier 2 |
(config-evpn-mpls)#host-reachability-protocol evpn-bgp vrf2 | Mapping vrf "vrf2" to EVPN-ELINE identifier |
(config-evpn-mpls)#commit | Commit candidate configuration to be running configuration |
PE2: Access Port Configuration:
(config)#interface xe2 | Enter the Interface mode for xe2. |
(config-if)#description access-side-int | Giving Interface Description |
(config-if)#interface xe2.2 switchport | Creating L2 sub interface of physical interface xe2 |
(config-if)#encapsulation dot1q 2 | Setting Encapsulation to dot1q with VLAN ID 2 Supported Encapsulation: dot1ad, dot1q, untagged, default |
(config-if)#access-if-evpn | Entering Access mode for EVPN MPLS ID configuration |
(config-access-if)#map vpn-id 252 | Map vpn-id 252 to interface xe2.2 (VPWS) |
(config-access-if)#exit | Exiting out of access interface mode |
(config-if)#commit | Commit candidate configuration to be running configuration |
PE2: CFM Configuration
(config)#hardware-profile filter cfm-domain-name-str enable | Configure cfm-domain-name-str profile to enable cfm |
(config)#ethernet cfm domain-type character-string domain-name MD-01 level 2 mip-creation none | Create CFM domain for Evpn ELine with type as character string and set mip creation to none |
(config-ether-cfm-mpls-md)#service ma-type string ma-name S1 | Create ma type with string and set mip creation to none |
(config-ether-cfm-mpls-ma)# evpn 252 | Configure evpn <Evpn-id> |
(config-ether-cfm-mpls-ma)#ethernet cfm mep up mpid 8000 active true evpn 252 | Create up-mep for local evpn id 252 |
(config-ether-cfm-mpls-ma-mep)#cc multicast state enable | Enable cc multicast |
(config-ether-cfm-mpls-ma-mep)#exit-ether-ma-mep-mode | Exit Ethernet ma-mep-mode |
(config-ether-cfm-mpls-ma)#mep crosscheck mpid 8191 | Configure cross check to remote mep for vlan 2 |
(config-ether-cfm-mpls-ma)#cc interval 2 | Enable cc interval with value 2 i.e 10 milliseconds |
(config-ether-cfm-mpls-ma)#exit-ether-ma-mode | Exit ethernnet ma mode |
(config-ether-cfm-mpls)#exit | Exit Ethernet cfm mode |
(config)#exit | Exit from config mode |
(config)#commit | Commit candidate configuration to be running configuration |
Validation
PE1
PE1#show evpn mpls xconnect id 2
EVPN-MPLS Xconnect Info
========================
AC-AC: Local-Cross-connect
AC-NW: Cross-connect to Network
AC-UP: Access-port is up
AC-DN: Access-port is down
NW-UP: Network is up
NW-DN: Network is down
NW-SET: Network and AC both are up
Local Remote Connection-Details
================================ ============ ===================================================================================
VPN-ID EVI-Name MTU VPN-ID Source Destination PE-IP MTU Type NW-Status
================================ ============ ===================================================================================
2 ---- 1500 252 xe6.2 --- Single Homed Port --- 10.143.73.3 1500 AC-NW NW-SET
Total number of entries are 1
PE1#show ethernet cfm errors domain MD-01
Domain Name Level MEPID Defects
-----------------------------------------------
MD-01 2 8191 .....
1. defRDICCM 2. defMACstatus 3. defRemoteCCM
4. defErrorCCM 5. defXconCCM
PE1#show ethernet cfm ma status domain MD-01 ma-name S1
MA NAME STATUS
-------------------------------
S1 Active
PE1#show ethernet cfm maintenance-points local mep domain MD-01 ma-name S1
MPID Dir Lvl CC-Stat HW-Status CC-Intvl MAC-Address Def Port MD Name
---------------------------------------------------------------------------
8191 Up 2 Enable Installed 10 ms e8c5.7a78.7124 F xe6.2 MD-01
PE1#show ethernet cfm maintenance-points remote domain MD-01 ma-name S1
MEPID RMEPID LEVEL Rx CCM RDI PEER-MAC TYPE
----------------------------------------------------------------------
8191 8000 2 Yes False b86a.97cb.6c6e Configured
PE1#show ethernet cfm maintenance-points remote mpid 8191 domain MD-01 ma-name S1
MEPID RMEPID LEVEL Rx CCM RDI PEER-MAC TYPE
----------------------------------------------------------------------
8191 8000 2 Yes False b86a.97cb.6c6e Configured
PE1#ping ethernet mac b86a.97cb.6c6e unicast source 8191 domain MD-01 ma-name S1
success rate is 100 (5/5)
PE1#traceroute ethernet b86a.97cb.6c6e mepid 8191 domain MD-01 ma-name S1
MP Mac Hops Relay-action Ingress/Egress Ingress/Egress action
b86a.97cb.6c6e 1 RlyHit Ingress IngOK
PE1#show ethernet cfm statistics mep 8191 domain MD-01
CFM Statistics for MEP 8191 of MD MD-01
=====================================
Continuity Check Messages
CCM Sent : CCM Stats Profile Disabled
CCM Received : CCM Stats Profile Disabled
Loop Back Messages
LBM Sent : 5
LBR Received(Valid) : 5
LBR Received(Bad msdu) : 0
LBR Received(Out-of-Seq): 0
Link Trace Messages
LTM Sent : 1
LTR Sent : 0
LTR Received(Valid) : 1
LTR Received(unexpected): 0
PE2
PE2#show evpn mpls xconnect id 252
EVPN-MPLS Xconnect Info
========================
AC-AC: Local-Cross-connect
AC-NW: Cross-connect to Network
AC-UP: Access-port is up
AC-DN: Access-port is down
NW-UP: Network is up
NW-DN: Network is down
NW-SET: Network and AC both are up
Local Remote Connection-Details
================================ ============ ===================================================================================
VPN-ID EVI-Name MTU VPN-ID Source Destination PE-IP MTU Type NW-Status
================================ ============ ===================================================================================
252 ---- 1500 2 xe2.2 --- Single Homed Port --- 10.143.73.1 1500 AC-NW NW-SET
Total number of entries are 1
PE2#show ethernet cfm errors domain MD-01
Domain Name Level MEPID Defects
-----------------------------------------------
MD-01 2 8000 .....
1. defRDICCM 2. defMACstatus 3. defRemoteCCM
4. defErrorCCM 5. defXconCCM
PE3#show ethernet cfm ma status domain MD-01 ma-name S1
ma-name S1
MA NAME STATUS
-------------------------------
S1 Active
PE2#show ethernet cfm maintenance-points local mep domain MD-01 ma-name S1
MPID Dir Lvl CC-Stat HW-Status CC-Intvl MAC-Address Def Port MD Name
---------------------------------------------------------------------------
8000 Up 2 Enable Installed 10 ms b86a.97cb.6c6e F xe2.2 MD-01
PE3#show ethernet cfm maintenance-points remote domain MD-01 ma-name S1
MEPID RMEPID LEVEL Rx CCM RDI PEER-MAC TYPE
----------------------------------------------------------------------
8000 8191 2 Yes False e8c5.7a78.7124 Configured
PE2#show ethernet cfm maintenance-points remote mpid 8000 domain MD-01 ma-name S1
MEPID RMEPID LEVEL Rx CCM RDI PEER-MAC TYPE
----------------------------------------------------------------------
8000 8191 2 Yes False e8c5.7a78.7124 Configured
PE2#traceroute ethernet e8c5.7a78.7124 mepid 8000 domain MD-01 ma-name S1
MP Mac Hops Relay-action Ingress/Egress Ingress/Egress action
e8c5.7a78.7124 1 RlyHit Ingress IngOK
PE2#show ethernet cfm statistics mep 8000 domain MD-01 ma-name S1
CFM Statistics for MEP 8000 of MD MD-01
=====================================
Continuity Check Messages
CCM Sent : CCM Stats Profile Disabled
CCM Received : CCM Stats Profile Disabled
Loop Back Messages
LBM Sent : 5
LBR Received(Valid) : 5
LBR Received(Bad msdu) : 0
LBR Received(Out-of-Seq): 0
Link Trace Messages
LTM Sent : 1
LTR Sent : 1
LTR Received(Valid) : 1
LTR Received(unexpected): 0
Last modified date: 10/17/2023