ASR9k PBB-EVPN Troubleshooting and over GRE

0

Introduction

Customer run PBB-EVPN on 9001 NV at different site, and interconnect their different DC. Due to only have 1 interconnect link between 9001 NV, so they need a standby link that though Internet by GRE. After checked in lab, EVPN over GRE looks like same as L2VPN over GRE (support from 4.3 on ASR9k), and I had completed test for EVPN over GRE in lab. I will share config and topology.

But please attention: After checked, PBB-EVPN over GRE not offical release, so not suggest do it for customer. For the articles, not only talk about EVPN over GRE, and include how to troubleshooting PBB-EVPN

Topology

Configure

ASR9001-1:

hostname ASR9001-1
!
interface Bundle-Ether10
 ipv4 address 10.0.0.1 255.255.255.252
 shutdown
 load-interval 30
!
interface Bundle-Ether101
 load-interval 30
!
interface Bundle-Ether101.1 l2transport
 encapsulation dot1q 222
!
interface Loopback0
 ipv4 address 10.10.10.10 255.255.255.255
!
interface Loopback1
 ipv4 address 1.1.1.1 255.255.255.255
!
interface tunnel-ip0
 mtu 9000
 ipv4 address 23.1.1.1 255.255.255.0
 tunnel mode gre ipv4
 tunnel source 1.1.1.1
 tunnel destination 3.3.3.3
!
interface GigabitEthernet0/0/0/1
 bundle id 101 mode on
 negotiation auto
 load-interval 30
!
interface GigabitEthernet0/0/0/3
 bundle id 10 mode active
 cdp
 transceiver permit pid all
!
interface GigabitEthernet0/0/0/4
 ipv4 address 20.0.0.1 255.255.255.0
 monitor-session test ethernet
 !
 transceiver permit pid all
!
router isis yonzhao2
 is-type level-2-only
 net 47.5090.0100.1001.0010.00
 address-family ipv4 unicast
  metric-style wide
 !
 interface Bundle-Ether10
  circuit-type level-2-only
  point-to-point
  hello-padding disable
  address-family ipv4 unicast
  !
 !
 interface Loopback0
  passive
  circuit-type level-2-only
  hello-padding disable
  address-family ipv4 unicast
  !
 !
 interface tunnel-ip0
  circuit-type level-2-only
  hello-padding disable
  address-family ipv4 unicast
   metric 2000
  !
 !
!
router ospf core
 router-id 1.1.1.1
 area 0
  interface Loopback1
  !
  interface GigabitEthernet0/0/0/4
  !
 !
!
router bgp 100
 bgp router-id 10.10.10.10
 address-family l2vpn evpn
 !
 neighbor 20.20.20.20
  remote-as 100
  update-source Loopback0
  address-family l2vpn evpn
  !
 !
!
l2vpn
 router-id 10.10.10.10
 bridge group 1
  bridge-domain pbb-core-10001
   pbb core
    evpn evi 10001
   !
  !
  bridge-domain pbb-edge-10001
   interface Bundle-Ether101.1
   !
   pbb edge i-sid 10001 core-bridge pbb-core-10001
   !
  !
 !
!
mpls ldp
 router-id 10.10.10.10
 address-family ipv4
  neighbor 20.20.20.20 targeted
 !
 interface tunnel-ip0
  address-family ipv4
  !
 !
 interface Bundle-Ether10
  address-family ipv4
  !
 
 !
!

ASR9001-2:

hostname ASR9001-2
!
interface Bundle-Ether101
 load-interval 30
!
interface Bundle-Ether101.1 l2transport
 encapsulation dot1q 222
!
interface Loopback0
 ipv4 address 20.20.20.20 255.255.255.255
!
interface Loopback1
 ipv4 address 3.3.3.3 255.255.255.255
!
interface tunnel-ip0
 mtu 9000
 ipv4 address 23.1.1.3 255.255.255.0
 tunnel mode gre ipv4
 tunnel source 3.3.3.3
 tunnel destination 1.1.1.1
!
interface GigabitEthernet0/0/0/0
 bundle id 20 mode active
!
interface GigabitEthernet0/0/0/1
 bundle id 101 mode on
 negotiation auto
 load-interval 30
!
interface GigabitEthernet0/0/0/3
 bundle id 10 mode active
 cdp
 transceiver permit pid all
!
interface GigabitEthernet0/0/0/4
 ipv4 address 30.0.0.1 255.255.255.0
 transceiver permit pid all
!
router isis yonzhao2
 is-type level-2-only
 net 47.5090.0200.2002.0020.00
 address-family ipv4 unicast
  metric-style wide
 !
 interface Bundle-Ether10
  circuit-type level-2-only
  point-to-point
  hello-padding disable
  address-family ipv4 unicast
  !
 !
 interface Loopback0
  passive
  circuit-type level-2-only
  hello-padding disable
  address-family ipv4 unicast
  !
 !
 interface tunnel-ip0
  circuit-type level-2-only
  hello-padding disable
  address-family ipv4 unicast
   metric 2000
  !
 !
!
router ospf core
 router-id 3.3.3.3
 area 0
  interface Loopback1
  !
  interface GigabitEthernet0/0/0/4
  !
 !
!
router bgp 100
 bgp router-id 20.20.20.20
 address-family l2vpn evpn
 !
 neighbor 10.10.10.10
  remote-as 100
  update-source Loopback0
  address-family l2vpn evpn
  !
 !
!
l2vpn
 router-id 20.20.20.20
 bridge group 1
  bridge-domain pbb-core-10001
   pbb core
    evpn evi 10001
   !
  !
  bridge-domain pbb-edge-10001
   interface Bundle-Ether101.1
   !
   pbb edge i-sid 10001 core-bridge pbb-core-10001
   !
  !
 !
!
mpls ldp
 router-id 20.20.20.20
 address-family ipv4
  neighbor 10.10.10.10 targeted
 !
 interface tunnel-ip0
  address-family ipv4
  !
 !
 interface Bundle-Ether10
  address-family ipv4
  !
  !
 !
!

Verify

Follow 9001-1’s show commands:

RP/0/RSP0/CPU0:ASR9001-1#sh isis nei
Thu May 14 09:01:27.160 UTC

IS-IS yonzhao2 neighbors:
System Id      Interface        SNPA           State Holdtime Type IETF-NSF
ASR9001-2      ti0              *PtoP*         Up    24       L2   Capable 

Total neighbor count: 1
RP/0/RSP0/CPU0:ASR9001-1#show ospf nei
Thu May 14 09:01:29.364 UTC

* Indicates MADJ interface

Neighbors for OSPF core

Neighbor ID     Pri   State           Dead Time   Address         Interface
30.30.30.30     1     FULL/DR         00:00:35    20.0.0.2        GigabitEthernet0/0/0/4
    Neighbor is up for 00:57:55

Total neighbor count: 1

RP/0/RSP0/CPU0:ASR9001-1#sh mpls for
Thu May 14 08:20:36.309 UTC
Local  Outgoing    Prefix             Outgoing     Next Hop        Bytes       
Label  Label       or ID              Interface                    Switched    
------ ----------- ------------------ ------------ --------------- ------------
24000  Pop         20.20.20.20/32     ti0          23.1.1.3        723 <<< asr9001-2’s inter igp lo0
24001  Unlabelled  30.0.0.0/24        Gi0/0/0/4    20.0.0.2        0   <<< core igp route
24002  Unlabelled  30.30.30.30/32     Gi0/0/0/4    20.0.0.2        0   <<< core igp route
24003  Unlabelled  3.3.3.3/32         Gi0/0/0/4    20.0.0.2        0   <<< asr9001-2’s core igp lo1
24005  Pop         No ID              BD=1 PE      point2point     5598
24006  Pop         No ID              BD=1 PEIM    point2point     90       

RP/0/RSP0/CPU0:ASR9001-1#sh bgp l2vpn evpn lab
Thu May 14 08:20:56.707 UTC
BGP router identifier 10.10.10.10, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0   RD version: 1360513960
BGP main routing table version 71
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
              i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network            Next Hop        Rcvd Label      Local Label
Route Distinguisher: 10.10.10.10:10001 (default for vrf pbb-core-10001)
*>i[2][0][48][e8ed.f33c.329f][0]/104
                      20.20.20.20     16005           nolabel         
*> [2][0][48][e8ed.f344.050f][0]/104
                      0.0.0.0         nolabel         24005           
Route Distinguisher: 20.20.20.20:10001
*>i[2][0][48][e8ed.f33c.329f][0]/104
                      20.20.20.20     16005           nolabel         

Processed 3 prefixes, 3 paths

RP/0/RSP0/CPU0:ASR9001-1#sh l2vpn forwarding bridge-domain mac-address location 0/0/cpu0
Thu May 14 08:25:45.312 UTC
 To Resynchronize MAC table from the Network Processors, use the command...
    l2vpn resynchronize forwarding mac-address-table location <r/s/i>

Mac Address    Type    Learned from/Filtered on    LC learned Resync Age         Mapped to     
--------------------------------------------------------------------------------
e8ed.f33c.329f BMAC    BD id: 1                    N/A        N/A                N/A           
e8ed.f344.050f S-BMAC  BD id: 1                    N/A        N/A                N/A           
0013.c4fe.c8c4 dynamic BD id: 2                    0/0/CPU0   0d 0h 0m 8s        e8ed.f33c.329f
1c1d.8646.5ec6 dynamic BE101.1                     0/RSP0/CP  0d 0h 0m 12s       N/A  

Troubleshoot

1. Ping tset from 3560

3560-1#ping 22.22.22.1 size 1200 repeat 100
Type escape sequence to abort.
Sending 100, 1200-byte ICMP Echos to 22.22.22.1, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 1/4/9 ms

2. Check 9001-1’s port input counter

RP/0/RSP0/CPU0:ASR9001-1#sh int bundle-ether 101.1
Mon May 18 01:55:39.574 UTC
Bundle-Ether101.1 is up, line protocol is up 
  Interface state transitions: 5
  Hardware is VLAN sub-interface(s), address is e8ed.f344.0008
  Layer 2 Transport Mode
  MTU 1518 bytes, BW 1000000 Kbit (Max: 1000000 Kbit)
     reliability Unknown, txload Unknown, rxload Unknown
  Encapsulation 802.1Q Virtual LAN,
    Outer Match: Dot1Q VLAN 222
    Ethertype Any, MAC Match src any, dest any
  loopback not set,
  Last input 00:00:21, output 00:00:21
  Last clearing of "show interface" counters 00:01:12
     100 packets input, 122200 bytes
     0 input drops, 0 queue drops, 0 input errors
     100 packets output, 122200 bytes
     0 output drops, 0 queue drops, 0 output errors

3. Check 9001-1’s edge counter

RP/0/RSP0/CPU0:ASR9001-1#sh l2vpn bridge-domain bd-name pbb-edge-10001 detail
Mon May 18 01:56:00.446 UTC
Legend: pp = Partially Programmed.
Bridge group: 1, bridge-domain: pbb-edge-10001, id: 2, state: up, ShgId: 0, MSTi: 0
  Coupled state: disabled
  Type: pbb-edge, I-SID: 10001
  Core-bridge: pbb-core-10001 (State: Bridge Up)
  MIRP-lite: supported, enabled
    Format: MVRP PDU with Vlan 0
  MAC learning: enabled
  MAC withdraw: enabled
    MAC withdraw for Access PW: enabled
    MAC withdraw sent on: bridge port up
    MAC withdraw relaying (access to access): disabled
  Flooding:
    Broadcast & Multicast: enabled
    Unknown unicast: enabled
  MAC aging time: 300 s, Type: inactivity
  MAC limit: 4000, Action: none, Notification: syslog
  MAC limit reached: no
  MAC port down flush: enabled
  MAC Secure: disabled, Logging: disabled
  Split Horizon Group: none
  Dynamic ARP Inspection: disabled, Logging: disabled
  IP Source Guard: disabled, Logging: disabled
  DHCPv4 snooping: disabled
  IGMP Snooping: enabled
  IGMP Snooping profile: none
  MLD Snooping profile: none
  Storm Control: disabled
  Bridge MTU: 1500
  MIB cvplsConfigIndex: 3
  Filter MAC addresses:
  P2MP PW: disabled
  Create time: 13/05/2015 09:12:00 (4d16h ago)
  No status change since creation
  ACs: 1 (1 up), VFIs: 0, PWs: 0 (0 up), PBBs: 1 (1 up)
  List of PBBs:
    PBB Edge, state is up
      XC ID 0x80000006
      MAC learning: enabled
      Flooding:
        Broadcast & Multicast: enabled
        Unknown unicast: enabled
      MAC aging time: 300 s, Type: inactivity
      MAC limit: 4000, Action: none, Notification: syslog
      MAC limit reached: no
      MAC port down flush: enabled
      MAC Secure: disabled, Logging: disabled, Accept-Shutdown: disabled
      Split Horizon Group: none
      DHCPv4 snooping: disabled
      IGMP Snooping: enabled
      IGMP Snooping profile: none
      MLD Snooping profile: none
      Storm Control: disabled
     Statistics:
       packets: received 100, sent 100
       bytes: received 121800, sent 121800
  List of ACs:
    AC: Bundle-Ether101.1, state is up
      Type VLAN; Num Ranges: 1
      VLAN ranges: [222, 222]
      MTU 1504; XC ID 0xa0000001; interworking none
      MAC learning: enabled
      Flooding:
        Broadcast & Multicast: enabled
        Unknown unicast: enabled
      MAC aging time: 300 s, Type: inactivity
      MAC limit: 4000, Action: none, Notification: syslog
      MAC limit reached: no
      MAC port down flush: enabled
      MAC Secure: disabled, Logging: disabled
      Split Horizon Group: none
      Dynamic ARP Inspection: disabled, Logging: disabled
      IP Source Guard: disabled, Logging: disabled
      DHCPv4 snooping: disabled
      IGMP Snooping: enabled
      IGMP Snooping profile: none
      MLD Snooping profile: none
      Storm Control: disabled
      Static MAC addresses:
      Statistics:
        packets: received 100, sent 100
        bytes: received 121800, sent 121800
      Storm control drop counters: 
        packets: broadcast 0, multicast 0, unknown unicast 0 
        bytes: broadcast 0, multicast 0, unknown unicast 0 
      Dynamic ARP inspection drop counters: 
        packets: 0, bytes: 0
      IP source guard drop counters: 
        packets: 0, bytes: 0
  List of Access PWs:
  List of VFIs:

4. Checking 9001-1’s core counter

RP/0/RSP0/CPU0:ASR9001-1#sh l2vpn bridge-domain bd-name pbb-core-10001 det
Mon May 18 02:05:22.122 UTC
Legend: pp = Partially Programmed.
Bridge group: 1, bridge-domain: pbb-core-10001, id: 1, state: up, ShgId: 0, MSTi: 0
  Coupled state: disabled
  Type: pbb-core
  Number of associated pbb-edge BDs: 1
  EVPN:
    EVI: 10001
    Route Distinguisher: (auto) 10.10.10.10:10001
    Imposition Statistics:   <<< send to 9010
      Packet Count: 100
      Byte Count  : 123600
    Disposition Statistics:  <<< come from 9010
      Packet Count: 100
      Byte Count  : 123600
    AS Number: 100
  MAC learning: enabled
  MAC withdraw: enabled
    MAC withdraw for Access PW: enabled
    MAC withdraw sent on: bridge port up
    MAC withdraw relaying (access to access): disabled
  Flooding:
    Broadcast & Multicast: enabled
    Unknown unicast: enabled
  MAC aging time: 300 s, Type: inactivity
  MAC limit: 4000, Action: none, Notification: syslog
  MAC limit reached: no
  MAC port down flush: enabled
  MAC Secure: disabled, Logging: disabled
  Split Horizon Group: none
  Dynamic ARP Inspection: disabled, Logging: disabled
  IP Source Guard: disabled, Logging: disabled
  DHCPv4 snooping: disabled
  IGMP Snooping: enabled
  IGMP Snooping profile: none
  MLD Snooping profile: none
  Storm Control: disabled
  Bridge MTU: 1500
  MIB cvplsConfigIndex: 2
  Filter MAC addresses:
  P2MP PW: disabled
  Create time: 13/05/2015 09:12:00 (4d16h ago)
  No status change since creation
  ACs: 0 (0 up), VFIs: 0, PWs: 0 (0 up), PBBs: 1 (1 up)
  List of PBBs:
    PBB Core, state is up
      XC ID 0x80000005
      MAC learning: enabled
      Flooding:
        Broadcast & Multicast: enabled
        Unknown unicast: enabled
      MAC aging time: 300 s, Type: inactivity
      MAC limit: 4000, Action: none, Notification: syslog
      MAC limit reached: no
      MAC port down flush: enabled
      Split Horizon Group: none
      DHCPv4 snooping: disabled
      IGMP Snooping: enabled
      IGMP Snooping profile: none
      MLD Snooping profile: none
      MMRP Flood Optimization: disabled
      Storm Control: disabled
  List of ACs:
  List of Access PWs:
  List of VFIs:

5. Checking 9001-1’s aggregation port counter

RP/0/RSP0/CPU0:ASR9001-1#sh controllers gigabitEthernet 0/0/0/4 stats | i 1024-1518
Mon May 18 02:09:28.120 UTC
    Input pkts 1024-1518 bytes  = 100
    Output pkts 1024-1518 bytes = 100
本文出自 Frank's Blog

版权声明:


本文链接:ASR9k PBB-EVPN Troubleshooting and over GRE
版权声明:本文为原创文章,仅代表个人观点,版权归 Frank Zhao 所有,转载时请注明本文出处及文章链接
你可以留言,或者trackback 从你的网站

留言哦

blonde teen swallows load.xxx videos