Introduction

Customer run PBB-EVPN on 9001 NV at different site, and interconnect their different DC. Due to only have 1 interconnect link between 9001 NV, so they need a standby link that though Internet by GRE. After checked in lab, EVPN over GRE looks like same as L2VPN over GRE (support from 4.3 on ASR9k), and I had completed test for EVPN over GRE in lab. I will share config and topology.

But please attention: After checked, PBB-EVPN over GRE not offical release, so not suggest do it for customer. For the articles, not only talk about EVPN over GRE, and include how to troubleshooting PBB-EVPN

Requirement:
1. Capture interface tunnel port each 5 minutes, if traffics > X, will capture other information.
2. Store those information to disk0/harddisk.

In fact, the requirement is very easy by Python + CRT, but customer couldn’t find a PC to continue to run python script, so only use EEM + TCL on ASR9k. And in TCL script, I use two function: foreach and scan.

Follow CLI need config before do script, if you change any variable or script, you need re-config “event manager policy tac_te.tcl username cisco”:

aaa authorization eventmanager default local
event manager environment _cron_entry1 */5 * * * *
event manager directory user policy disk0:
event manager policy tac_te.tcl username cisco persist-time 3600 type user

完整阅读

If customer want to focus a alarm on their NMS by SNMP Trap, they can config “snmp-server traps syslog”. But if customer no filter feature on NMS, they couldn’t find special alarm in all syslog, now we can use EEM + TCL to match customer requirement.

Follow TCL Script:

::cisco::eem::event_register_syslog pattern $_error_log occurs $_number period $_times maxrun 300
namespace import ::cisco::eem::*
namespace import ::cisco::lib::*

set alarm "***OOB_ERROR Happened!***"

sys_reqinfo_snmp_trapvar var temp oid 1.1.1.1.1.1.1.1 string $alarm
sys_reqinfo_snmp_trap enterprise_oid 1.3.6.1 generic_trapnum 6 specific_trapnum 2 trap_oid 1.1.1.1.1.1.1.1.1.1.1.1.1 trap_var temp

完整阅读

什么是dummy vlan？

由于EVC平台在入端口可以通过rewrite命令剥离VLAN tag，这样导致在PW中没有任何tag，在Type 4时会有问题，两边VLAN的QOS无法传递给对端，所以就有了这个所谓的dummy vlan，它不是一个真正的VLAN，他只是传递一些QOS字段并且占一个位。那么dummy VLAN长什么样？其实大鹏之前的文章里已经详细介绍了EVC的各种行为，我这里只是介绍抓dummy VLAN的“心路历程”以及dummy VLAN的“样子”~

测试Topology:

起始测试环境为VPLS BGP auto discovery + LDP Sig，在76的入向抓包

测试步骤

1. 默认Type 5，在CE1 ping 带cos 5，ASR9k-1在AC上不配置rewrite，透传的VLAN是否带着802.1p？根据抓包信息，正常带着802.1p，详细看“bgp-ldp-vlan-cos5.pcapng”；另外有个疑问，既然type 5支持VLAN透传，为什么还要Type 4？答案请看文章结束部分
完整阅读

Intro

很多客户在部署VPLS时，当核心有负载链路或者Bundle时，常常会碰到负载不均的现象，为什么会发生这种问题？首先看下常规ASR9k在不同场景下是用什么元素去做Hash的：

A: src-ip, dst-ip, src-port, dst-port, router_id
B: bottom_most_label, router_id
C: 4th_label, router_id

2020-6-24 更新：Multi-Label MPLS Load-Balancing Hash Algorithm Update

原有ASR9k ECMP的Hash 算法：在MPLS报文时，只有4层label以下的数据报文才可以使用IP 5元组Hash，超过4层的只能用单个label做raw hash。此算法在之前问题不大，label数很少超过4个，但在SR 的环境下，可能会有更多的label，因此BU更新了此场景的Hash算法：

1. 5-8个label，不再使用单个label做hash，而是采用IP 5元组来做hash
2. 9个或更多label，使用新的hash 算法：multi-label MPLS hashing，label3-5中的label作为raw hash

Tomahawk从623开始使用新的算法；Lightspeed和Xrv9k从652开始使用新的算法

Ok，我们可以看到在L2VPN中，用的是bottom label来做的负载均衡，这是因为系统无法跳过L2VPN中的MAC头，去读L3的IP头。在这里拿Bundle端口举例，说说不同场景下bundle的HASH方法（在9k上，所有HASH动作都是在进口NP上做的，这个HASH结果会直接被出口NP调用）：
完整阅读