Goal

Is to establish l2 connectivity for a customer’s "A" Linux-1 and Linux-2 - two sites connected to router r1 and r6.

l2vpn bgp Juniper

Assumptions

  • Customers data is carried in and as a vlan590

  • PE routers running is-is on transit links

  • PE and P routers running ldp on transit links

  • MPLS is enablen on transit links of PE and P routers

  • BGP is running with family l2vpn

BGP

BGP is used to signal VPN labels, that know as Kompella MPLS L2VPN.

set protocols bgp group iBGP type internal
set protocols bgp group iBGP local-address 1.1.1.1
set protocols bgp group iBGP family l2vpn signaling
set protocols bgp group iBGP local-as 65000
set protocols bgp group iBGP neighbor 6.6.6.6

LDP/MPLS

LDP is used to allocate labels for routers loopbacks - transport labels

set protocols ldp explicit-null
set protocols ldp interface ge-0/0/1.0
set protocols ldp interface ge-0/0/6.0
set protocols ldp interface lo0.0

set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/6 unit 0 family mpls

set protocols mpls explicit-null
set protocols mpls interface ge-0/0/6.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface lo0.0

Routing instance

Customer’s tagged port should be part of the routing-instances of a type l2vpn. Additionally port should have vlan-tagging and encapsulation vlan-ccc on it and then again encapsulation vlan-ccc on a unit level. Since l2vpn with BGP signaling uses autodiscovery, we should use communities to differentiate between the customers. Those communities are referred in the vrf-import and vrf-export.

set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 encapsulation vlan-ccc
set interfaces ge-0/0/0 unit 590 encapsulation vlan-ccc
set interfaces ge-0/0/0 unit 590 vlan-id 590
set routing-instances cust-A instance-type l2vpn
set routing-instances cust-A protocols l2vpn site r1-s interface ge-0/0/0.590 remote-site-id 2
set routing-instances cust-A protocols l2vpn site r1-s site-identifier 1
set routing-instances cust-A protocols l2vpn encapsulation-type ethernet-vlan
set routing-instances cust-A interface ge-0/0/0.590
set routing-instances cust-A route-distinguisher 65000:1
set routing-instances cust-A vrf-import vpn-cust-A-import
set routing-instances cust-A vrf-export vpn-cust-A-export
set policy-options policy-statement vpn-cust-A-export term a then community add cust-A-com
set policy-options policy-statement vpn-cust-A-export term a then accept
set policy-options policy-statement vpn-cust-A-import from community cust-A-com
set policy-options policy-statement vpn-cust-A-import then accept
set routing-instances cust-A vrf-import vpn-cust-A-import
set routing-instances cust-A vrf-export vpn-cust-A-export
set policy-options community cust-A-com members target:65000:1

Verification

show l2vpn connections output from r6

Layer-2 VPN connections:

Legend for interface status
Up -- operational
Dn -- down

Instance: cust-A
Edge protection: Not-Primary
  Local site: r6-s (2)
    connection-site           Type  St     Time last up          # Up trans
    1                         rmt   Up     May 22 23:44:27 2023           1
      Remote PE: 1.1.1.1, Negotiated control-word: Yes (Null)
      Incoming label: 800000, Outgoing label: 800001
      Local interface: ge-0/0/0.590, Status: Up, Encapsulation: VLAN
      Flow Label Transmit: No, Flow Label Receive: No

Packet capture showing succseful traffic flow and two labels

l2vpn bgp pcap

Full configuration files

r1

set system host-name r1
set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 encapsulation vlan-ccc
set interfaces ge-0/0/0 unit 590 encapsulation vlan-ccc
set interfaces ge-0/0/0 unit 590 vlan-id 590
set interfaces ge-0/0/1 unit 0 family inet address 192.168.12.1/24
set interfaces ge-0/0/1 unit 0 family iso
set interfaces ge-0/0/1 unit 0 family mpls
set interfaces ge-0/0/6 unit 0 family inet address 192.168.14.1/24
set interfaces ge-0/0/6 unit 0 family iso
set interfaces ge-0/0/6 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 1.1.1.1/32
set interfaces lo0 unit 0 family iso address 49.0004.1000.0000.0001.00
set policy-options policy-statement vpn-cust-A-export term a then community add cust-A-com
set policy-options policy-statement vpn-cust-A-export term a then accept
set policy-options policy-statement vpn-cust-A-import from community cust-A-com
set policy-options policy-statement vpn-cust-A-import then accept
set policy-options community cust-A-com members target:65000:1
set routing-instances cust-A instance-type l2vpn
set routing-instances cust-A protocols l2vpn site r1-s interface ge-0/0/0.590 remote-site-id 2
set routing-instances cust-A protocols l2vpn site r1-s site-identifier 1
set routing-instances cust-A protocols l2vpn encapsulation-type ethernet-vlan
set routing-instances cust-A interface ge-0/0/0.590
set routing-instances cust-A route-distinguisher 65000:1
set routing-instances cust-A vrf-import vpn-cust-A-import
set routing-instances cust-A vrf-export vpn-cust-A-export
set protocols bgp group iBGP type internal
set protocols bgp group iBGP local-address 1.1.1.1
set protocols bgp group iBGP family inet unicast
set protocols bgp group iBGP family inet-vpn unicast
set protocols bgp group iBGP family inet6 unicast
set protocols bgp group iBGP family inet6-vpn unicast
set protocols bgp group iBGP family l2vpn signaling
set protocols bgp group iBGP family evpn signaling
set protocols bgp group iBGP local-as 65000
set protocols bgp group iBGP neighbor 2.2.2.2
set protocols bgp group iBGP neighbor 3.3.3.3
set protocols bgp group iBGP neighbor 4.4.4.4
set protocols bgp group iBGP neighbor 5.5.5.5
set protocols bgp group iBGP neighbor 6.6.6.6
set protocols isis interface ge-0/0/1.0
set protocols isis interface ge-0/0/6.0
set protocols isis interface lo0.0 passive
set protocols isis level 1 disable
set protocols ldp explicit-null
set protocols ldp interface ge-0/0/1.0
set protocols ldp interface ge-0/0/6.0
set protocols ldp interface lo0.0
set protocols mpls explicit-null
set protocols mpls interface ge-0/0/6.0
set protocols mpls interface ge-0/0/1.0
set protocols mpls interface lo0.0

r6

set system host-name r6
set system syslog file interactive-commands interactive-commands any
set system syslog file messages any notice
set system syslog file messages authorization info
set system processes dhcp-service traceoptions file dhcp_logfile
set system processes dhcp-service traceoptions file size 10m
set system processes dhcp-service traceoptions level all
set system processes dhcp-service traceoptions flag packet
set interfaces ge-0/0/0 vlan-tagging
set interfaces ge-0/0/0 encapsulation vlan-ccc
set interfaces ge-0/0/0 unit 590 encapsulation vlan-ccc
set interfaces ge-0/0/0 unit 590 vlan-id 590
set interfaces ge-0/0/3 unit 0 family inet address 192.168.36.6/24
set interfaces ge-0/0/3 unit 0 family iso
set interfaces ge-0/0/3 unit 0 family mpls
set interfaces ge-0/0/4 unit 0 family inet address 192.168.56.6/24
set interfaces ge-0/0/4 unit 0 family iso
set interfaces ge-0/0/4 unit 0 family mpls
set interfaces lo0 unit 0 family inet address 6.6.6.6/32
set interfaces lo0 unit 0 family iso address 49.0004.1000.0000.0006.00
set policy-options policy-statement vpn-cust-A-export term a then community add cust-A-com
set policy-options policy-statement vpn-cust-A-export term a then accept
set policy-options policy-statement vpn-cust-A-import from community cust-A-com
set policy-options policy-statement vpn-cust-A-import then accept
set policy-options community cust-A-com members target:65000:1
set routing-instances cust-A instance-type l2vpn
set routing-instances cust-A protocols l2vpn site r6-s interface ge-0/0/0.590 remote-site-id 1
set routing-instances cust-A protocols l2vpn site r6-s site-identifier 2
set routing-instances cust-A protocols l2vpn encapsulation-type ethernet-vlan
set routing-instances cust-A interface ge-0/0/0.590
set routing-instances cust-A route-distinguisher 65000:1
set routing-instances cust-A vrf-import vpn-cust-A-import
set routing-instances cust-A vrf-export vpn-cust-A-export
set protocols bgp group iBGP type internal
set protocols bgp group iBGP local-address 6.6.6.6
set protocols bgp group iBGP family inet unicast
set protocols bgp group iBGP family inet-vpn unicast
set protocols bgp group iBGP family inet6 unicast
set protocols bgp group iBGP family inet6-vpn unicast
set protocols bgp group iBGP family l2vpn signaling
set protocols bgp group iBGP family evpn signaling
set protocols bgp group iBGP local-as 65000
set protocols bgp group iBGP neighbor 1.1.1.1
set protocols bgp group iBGP neighbor 2.2.2.2
set protocols bgp group iBGP neighbor 3.3.3.3
set protocols bgp group iBGP neighbor 4.4.4.4
set protocols bgp group iBGP neighbor 5.5.5.5
set protocols isis interface ge-0/0/3.0
set protocols isis interface ge-0/0/4.0
set protocols isis interface lo0.0 passive
set protocols isis level 1 disable
set protocols ldp explicit-null
set protocols ldp interface ge-0/0/3.0
set protocols ldp interface ge-0/0/4.0
set protocols ldp interface lo0.0
set protocols mpls explicit-null
set protocols mpls interface ge-0/0/3.0
set protocols mpls interface ge-0/0/4.0
set protocols mpls interface lo0.0