ASR9k PBB-EVPN Troubleshooting and over GRE
Introduction
Customer run PBB-EVPN on 9001 NV at different site, and interconnect their different DC. Due to only have 1 interconnect link between 9001 NV, so they need a standby link that though Internet by GRE. After checked in lab, EVPN over GRE looks like same as L2VPN over GRE (support from 4.3 on ASR9k), and I had completed test for EVPN over GRE in lab. I will share config and topology.
But please attention: After checked, PBB-EVPN over GRE not offical release, so not suggest do it for customer. For the articles, not only talk about EVPN over GRE, and include how to troubleshooting PBB-EVPN
Topology

Configure
ASR9001-1:
hostname ASR9001-1
!
interface Bundle-Ether10
ipv4 address 10.0.0.1 255.255.255.252
shutdown
load-interval 30
!
interface Bundle-Ether101
load-interval 30
!
interface Bundle-Ether101.1 l2transport
encapsulation dot1q 222
!
interface Loopback0
ipv4 address 10.10.10.10 255.255.255.255
!
interface Loopback1
ipv4 address 1.1.1.1 255.255.255.255
!
interface tunnel-ip0
mtu 9000
ipv4 address 23.1.1.1 255.255.255.0
tunnel mode gre ipv4
tunnel source 1.1.1.1
tunnel destination 3.3.3.3
!
interface GigabitEthernet0/0/0/1
bundle id 101 mode on
negotiation auto
load-interval 30
!
interface GigabitEthernet0/0/0/3
bundle id 10 mode active
cdp
transceiver permit pid all
!
interface GigabitEthernet0/0/0/4
ipv4 address 20.0.0.1 255.255.255.0
monitor-session test ethernet
!
transceiver permit pid all
!
router isis yonzhao2
is-type level-2-only
net 47.5090.0100.1001.0010.00
address-family ipv4 unicast
metric-style wide
!
interface Bundle-Ether10
circuit-type level-2-only
point-to-point
hello-padding disable
address-family ipv4 unicast
!
!
interface Loopback0
passive
circuit-type level-2-only
hello-padding disable
address-family ipv4 unicast
!
!
interface tunnel-ip0
circuit-type level-2-only
hello-padding disable
address-family ipv4 unicast
metric 2000
!
!
!
router ospf core
router-id 1.1.1.1
area 0
interface Loopback1
!
interface GigabitEthernet0/0/0/4
!
!
!
router bgp 100
bgp router-id 10.10.10.10
address-family l2vpn evpn
!
neighbor 20.20.20.20
remote-as 100
update-source Loopback0
address-family l2vpn evpn
!
!
!
l2vpn
router-id 10.10.10.10
bridge group 1
bridge-domain pbb-core-10001
pbb core
evpn evi 10001
!
!
bridge-domain pbb-edge-10001
interface Bundle-Ether101.1
!
pbb edge i-sid 10001 core-bridge pbb-core-10001
!
!
!
!
mpls ldp
router-id 10.10.10.10
address-family ipv4
neighbor 20.20.20.20 targeted
!
interface tunnel-ip0
address-family ipv4
!
!
interface Bundle-Ether10
address-family ipv4
!
!
!
ASR9001-2:
hostname ASR9001-2
!
interface Bundle-Ether101
load-interval 30
!
interface Bundle-Ether101.1 l2transport
encapsulation dot1q 222
!
interface Loopback0
ipv4 address 20.20.20.20 255.255.255.255
!
interface Loopback1
ipv4 address 3.3.3.3 255.255.255.255
!
interface tunnel-ip0
mtu 9000
ipv4 address 23.1.1.3 255.255.255.0
tunnel mode gre ipv4
tunnel source 3.3.3.3
tunnel destination 1.1.1.1
!
interface GigabitEthernet0/0/0/0
bundle id 20 mode active
!
interface GigabitEthernet0/0/0/1
bundle id 101 mode on
negotiation auto
load-interval 30
!
interface GigabitEthernet0/0/0/3
bundle id 10 mode active
cdp
transceiver permit pid all
!
interface GigabitEthernet0/0/0/4
ipv4 address 30.0.0.1 255.255.255.0
transceiver permit pid all
!
router isis yonzhao2
is-type level-2-only
net 47.5090.0200.2002.0020.00
address-family ipv4 unicast
metric-style wide
!
interface Bundle-Ether10
circuit-type level-2-only
point-to-point
hello-padding disable
address-family ipv4 unicast
!
!
interface Loopback0
passive
circuit-type level-2-only
hello-padding disable
address-family ipv4 unicast
!
!
interface tunnel-ip0
circuit-type level-2-only
hello-padding disable
address-family ipv4 unicast
metric 2000
!
!
!
router ospf core
router-id 3.3.3.3
area 0
interface Loopback1
!
interface GigabitEthernet0/0/0/4
!
!
!
router bgp 100
bgp router-id 20.20.20.20
address-family l2vpn evpn
!
neighbor 10.10.10.10
remote-as 100
update-source Loopback0
address-family l2vpn evpn
!
!
!
l2vpn
router-id 20.20.20.20
bridge group 1
bridge-domain pbb-core-10001
pbb core
evpn evi 10001
!
!
bridge-domain pbb-edge-10001
interface Bundle-Ether101.1
!
pbb edge i-sid 10001 core-bridge pbb-core-10001
!
!
!
!
mpls ldp
router-id 20.20.20.20
address-family ipv4
neighbor 10.10.10.10 targeted
!
interface tunnel-ip0
address-family ipv4
!
!
interface Bundle-Ether10
address-family ipv4
!
!
!
!
Verify
Follow 9001-1’s show commands:
RP/0/RSP0/CPU0:ASR9001-1#sh isis nei
Thu May 14 09:01:27.160 UTC
IS-IS yonzhao2 neighbors:
System Id Interface SNPA State Holdtime Type IETF-NSF
ASR9001-2 ti0 *PtoP* Up 24 L2 Capable
Total neighbor count: 1
RP/0/RSP0/CPU0:ASR9001-1#show ospf nei
Thu May 14 09:01:29.364 UTC
* Indicates MADJ interface
Neighbors for OSPF core
Neighbor ID Pri State Dead Time Address Interface
30.30.30.30 1 FULL/DR 00:00:35 20.0.0.2 GigabitEthernet0/0/0/4
Neighbor is up for 00:57:55
Total neighbor count: 1
RP/0/RSP0/CPU0:ASR9001-1#sh mpls for
Thu May 14 08:20:36.309 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24000 Pop 20.20.20.20/32 ti0 23.1.1.3 723 <<< asr9001-2’s inter igp lo0
24001 Unlabelled 30.0.0.0/24 Gi0/0/0/4 20.0.0.2 0 <<< core igp route
24002 Unlabelled 30.30.30.30/32 Gi0/0/0/4 20.0.0.2 0 <<< core igp route
24003 Unlabelled 3.3.3.3/32 Gi0/0/0/4 20.0.0.2 0 <<< asr9001-2’s core igp lo1
24005 Pop No ID BD=1 PE point2point 5598
24006 Pop No ID BD=1 PEIM point2point 90
RP/0/RSP0/CPU0:ASR9001-1#sh bgp l2vpn evpn lab
Thu May 14 08:20:56.707 UTC
BGP router identifier 10.10.10.10, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 1360513960
BGP main routing table version 71
BGP NSR Initial initsync version 3 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs
Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
Route Distinguisher: 10.10.10.10:10001 (default for vrf pbb-core-10001)
*>i[2][0][48][e8ed.f33c.329f][0]/104
20.20.20.20 16005 nolabel
*> [2][0][48][e8ed.f344.050f][0]/104
0.0.0.0 nolabel 24005
Route Distinguisher: 20.20.20.20:10001
*>i[2][0][48][e8ed.f33c.329f][0]/104
20.20.20.20 16005 nolabel
Processed 3 prefixes, 3 paths
RP/0/RSP0/CPU0:ASR9001-1#sh l2vpn forwarding bridge-domain mac-address location 0/0/cpu0
Thu May 14 08:25:45.312 UTC
To Resynchronize MAC table from the Network Processors, use the command...
l2vpn resynchronize forwarding mac-address-table location <r/s/i>
Mac Address Type Learned from/Filtered on LC learned Resync Age Mapped to
--------------------------------------------------------------------------------
e8ed.f33c.329f BMAC BD id: 1 N/A N/A N/A
e8ed.f344.050f S-BMAC BD id: 1 N/A N/A N/A
0013.c4fe.c8c4 dynamic BD id: 2 0/0/CPU0 0d 0h 0m 8s e8ed.f33c.329f
1c1d.8646.5ec6 dynamic BE101.1 0/RSP0/CP 0d 0h 0m 12s N/A

Troubleshoot

1. Ping tset from 3560
3560-1#ping 22.22.22.1 size 1200 repeat 100
Type escape sequence to abort.
Sending 100, 1200-byte ICMP Echos to 22.22.22.1, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 1/4/9 ms
2. Check 9001-1’s port input counter
RP/0/RSP0/CPU0:ASR9001-1#sh int bundle-ether 101.1
Mon May 18 01:55:39.574 UTC
Bundle-Ether101.1 is up, line protocol is up
Interface state transitions: 5
Hardware is VLAN sub-interface(s), address is e8ed.f344.0008
Layer 2 Transport Mode
MTU 1518 bytes, BW 1000000 Kbit (Max: 1000000 Kbit)
reliability Unknown, txload Unknown, rxload Unknown
Encapsulation 802.1Q Virtual LAN,
Outer Match: Dot1Q VLAN 222
Ethertype Any, MAC Match src any, dest any
loopback not set,
Last input 00:00:21, output 00:00:21
Last clearing of "show interface" counters 00:01:12
100 packets input, 122200 bytes
0 input drops, 0 queue drops, 0 input errors
100 packets output, 122200 bytes
0 output drops, 0 queue drops, 0 output errors
3. Check 9001-1’s edge counter
RP/0/RSP0/CPU0:ASR9001-1#sh l2vpn bridge-domain bd-name pbb-edge-10001 detail
Mon May 18 01:56:00.446 UTC
Legend: pp = Partially Programmed.
Bridge group: 1, bridge-domain: pbb-edge-10001, id: 2, state: up, ShgId: 0, MSTi: 0
Coupled state: disabled
Type: pbb-edge, I-SID: 10001
Core-bridge: pbb-core-10001 (State: Bridge Up)
MIRP-lite: supported, enabled
Format: MVRP PDU with Vlan 0
MAC learning: enabled
MAC withdraw: enabled
MAC withdraw for Access PW: enabled
MAC withdraw sent on: bridge port up
MAC withdraw relaying (access to access): disabled
Flooding:
Broadcast & Multicast: enabled
Unknown unicast: enabled
MAC aging time: 300 s, Type: inactivity
MAC limit: 4000, Action: none, Notification: syslog
MAC limit reached: no
MAC port down flush: enabled
MAC Secure: disabled, Logging: disabled
Split Horizon Group: none
Dynamic ARP Inspection: disabled, Logging: disabled
IP Source Guard: disabled, Logging: disabled
DHCPv4 snooping: disabled
IGMP Snooping: enabled
IGMP Snooping profile: none
MLD Snooping profile: none
Storm Control: disabled
Bridge MTU: 1500
MIB cvplsConfigIndex: 3
Filter MAC addresses:
P2MP PW: disabled
Create time: 13/05/2015 09:12:00 (4d16h ago)
No status change since creation
ACs: 1 (1 up), VFIs: 0, PWs: 0 (0 up), PBBs: 1 (1 up)
List of PBBs:
PBB Edge, state is up
XC ID 0x80000006
MAC learning: enabled
Flooding:
Broadcast & Multicast: enabled
Unknown unicast: enabled
MAC aging time: 300 s, Type: inactivity
MAC limit: 4000, Action: none, Notification: syslog
MAC limit reached: no
MAC port down flush: enabled
MAC Secure: disabled, Logging: disabled, Accept-Shutdown: disabled
Split Horizon Group: none
DHCPv4 snooping: disabled
IGMP Snooping: enabled
IGMP Snooping profile: none
MLD Snooping profile: none
Storm Control: disabled
Statistics:
packets: received 100, sent 100
bytes: received 121800, sent 121800
List of ACs:
AC: Bundle-Ether101.1, state is up
Type VLAN; Num Ranges: 1
VLAN ranges: [222, 222]
MTU 1504; XC ID 0xa0000001; interworking none
MAC learning: enabled
Flooding:
Broadcast & Multicast: enabled
Unknown unicast: enabled
MAC aging time: 300 s, Type: inactivity
MAC limit: 4000, Action: none, Notification: syslog
MAC limit reached: no
MAC port down flush: enabled
MAC Secure: disabled, Logging: disabled
Split Horizon Group: none
Dynamic ARP Inspection: disabled, Logging: disabled
IP Source Guard: disabled, Logging: disabled
DHCPv4 snooping: disabled
IGMP Snooping: enabled
IGMP Snooping profile: none
MLD Snooping profile: none
Storm Control: disabled
Static MAC addresses:
Statistics:
packets: received 100, sent 100
bytes: received 121800, sent 121800
Storm control drop counters:
packets: broadcast 0, multicast 0, unknown unicast 0
bytes: broadcast 0, multicast 0, unknown unicast 0
Dynamic ARP inspection drop counters:
packets: 0, bytes: 0
IP source guard drop counters:
packets: 0, bytes: 0
List of Access PWs:
List of VFIs:
4. Checking 9001-1’s core counter
RP/0/RSP0/CPU0:ASR9001-1#sh l2vpn bridge-domain bd-name pbb-core-10001 det
Mon May 18 02:05:22.122 UTC
Legend: pp = Partially Programmed.
Bridge group: 1, bridge-domain: pbb-core-10001, id: 1, state: up, ShgId: 0, MSTi: 0
Coupled state: disabled
Type: pbb-core
Number of associated pbb-edge BDs: 1
EVPN:
EVI: 10001
Route Distinguisher: (auto) 10.10.10.10:10001
Imposition Statistics: <<< send to 9010
Packet Count: 100
Byte Count : 123600
Disposition Statistics: <<< come from 9010
Packet Count: 100
Byte Count : 123600
AS Number: 100
MAC learning: enabled
MAC withdraw: enabled
MAC withdraw for Access PW: enabled
MAC withdraw sent on: bridge port up
MAC withdraw relaying (access to access): disabled
Flooding:
Broadcast & Multicast: enabled
Unknown unicast: enabled
MAC aging time: 300 s, Type: inactivity
MAC limit: 4000, Action: none, Notification: syslog
MAC limit reached: no
MAC port down flush: enabled
MAC Secure: disabled, Logging: disabled
Split Horizon Group: none
Dynamic ARP Inspection: disabled, Logging: disabled
IP Source Guard: disabled, Logging: disabled
DHCPv4 snooping: disabled
IGMP Snooping: enabled
IGMP Snooping profile: none
MLD Snooping profile: none
Storm Control: disabled
Bridge MTU: 1500
MIB cvplsConfigIndex: 2
Filter MAC addresses:
P2MP PW: disabled
Create time: 13/05/2015 09:12:00 (4d16h ago)
No status change since creation
ACs: 0 (0 up), VFIs: 0, PWs: 0 (0 up), PBBs: 1 (1 up)
List of PBBs:
PBB Core, state is up
XC ID 0x80000005
MAC learning: enabled
Flooding:
Broadcast & Multicast: enabled
Unknown unicast: enabled
MAC aging time: 300 s, Type: inactivity
MAC limit: 4000, Action: none, Notification: syslog
MAC limit reached: no
MAC port down flush: enabled
Split Horizon Group: none
DHCPv4 snooping: disabled
IGMP Snooping: enabled
IGMP Snooping profile: none
MLD Snooping profile: none
MMRP Flood Optimization: disabled
Storm Control: disabled
List of ACs:
List of Access PWs:
List of VFIs:
5. Checking 9001-1’s aggregation port counter
RP/0/RSP0/CPU0:ASR9001-1#sh controllers gigabitEthernet 0/0/0/4 stats | i 1024-1518
Mon May 18 02:09:28.120 UTC
Input pkts 1024-1518 bytes = 100
Output pkts 1024-1518 bytes = 100
版权声明:
本文链接:ASR9k PBB-EVPN Troubleshooting and over GRE
版权声明:本文为原创文章,仅代表个人观点,版权归 Frank Zhao 所有,转载时请注明本文出处及文章链接