Configuration Guide - VPN (V100R006C01 - 01) PDF

Quidway S5700 Series Ethernet Switches
V100R006C01
Configuration Guide - VPN
Issue 01
Date 2011-11-21
HUAWEI TECHNOLOGIES CO., LTD.

Copyright © Huawei Technologies Co., Ltd. 2011. All rights reserved.
No part of this document may be reproduced or transmitted in any form or by any means without prior written
consent of Huawei Technologies Co., Ltd.
Trademarks and Permissions
and other Huawei trademarks are trademarks of Huawei Technologies Co., Ltd.
All other trademarks and trade names mentioned in this document are the property of their respective holders.
Notice
The purchased products, services and features are stipulated by the contract made between Huawei and the
customer. All or part of the products, services and features described in this document may not be within the
purchase scope or the usage scope. Unless otherwise specified in the contract, all statements, information,
and recommendations in this document are provided "AS IS" without warranties, guarantees or representations
of any kind, either express or implied.
The information in this document is subject to change without notice. Every effort has been made in the
preparation of this document to ensure accuracy of the contents, but all statements, information, and
recommendations in this document do not constitute the warranty of any kind, express or implied.
Huawei Technologies Co., Ltd.

Address: Huawei Industrial Base
Bantian, Longgang
Shenzhen 518129
People's Republic of China
Website: http://www.huawei.com
Email: support@huawei.com
Issue 01 (2011-11-21) Huawei Proprietary and Confidential i

Copyright © Huawei Technologies Co., Ltd.
Configuration Guide - VPN About This Document
About This Document
Intended Audience
This document provides the basic concepts, configuration procedures, and configuration
examples in different application scenarios of the VPN feature supported by the S5700 device.
This document describes how to configure the VPN feature.
NOTE
S5700 is controlled by the license. By default, the MPLS function is disabled on the S5700. To use the
MPLS function of the S5700,buy the license from the Huawei local office.
Only S5700HI supports the MPLS VPN function.
This document is intended for:
l Data configuration engineers

l Commissioning engineers
l Network monitoring engineers
l System maintenance engineers
Symbol Conventions
The symbols that may be found in this document are defined as follows.
Symbol Description
Indicates a hazard with a high level of risk, which if not

avoided, will result in death or serious injury.
DANGER
Indicates a hazard with a medium or low level of risk, which

if not avoided, could result in minor or moderate injury.
WARNING
Indicates a potentially hazardous situation, which if not

avoided, could result in equipment damage, data loss,
CAUTION
performance degradation, or unexpected results.
TIP Indicates a tip that may help you solve a problem or save
time.
Issue 01 (2011-11-21) Huawei Proprietary and Confidential ii

Configuration Guide - VPN About This Document
Symbol Description
NOTE Provides additional information to emphasize or supplement

important points of the main text.
Command Conventions
The command conventions that may be found in this document are defined as follows.
Convention Description
Boldface The keywords of a command line are in boldface.
Italic Command arguments are in italics.
[] Items (keywords or arguments) in brackets [ ] are optional.
{ x | y | ... } Optional items are grouped in braces and separated by

vertical bars. One item is selected.
[ x | y | ... ] Optional items are grouped in brackets and separated by

vertical bars. One item is selected or no item is selected.
{ x | y | ... }* Optional items are grouped in braces and separated by

vertical bars. A minimum of one item or a maximum of all
items can be selected.
[ x | y | ... ]* Optional items are grouped in brackets and separated by

vertical bars. Several items or no item can be selected.
&<1-n> The parameter before the & sign can be repeated 1 to n times.
# A line starting with the # sign is comments.
Change History
Updates between document issues are cumulative. Therefore, the latest document issue contains
all updates made in previous issues.
Changes in Issue 01 (2011-11-21)

Initial commercial release.
Issue 01 (2011-11-21) Huawei Proprietary and Confidential iii

Configuration Guide - VPN Contents
Contents
About This Document.....................................................................................................................ii

1 VLL Configuration........................................................................................................................1
1.1 Introduction to VLL............................................................................................................................................3
1.2 VLL Features Supported by the S5700..............................................................................................................4
1.3 Configuring CCC VLL.......................................................................................................................................7
1.3.1 Establishing the Configuration Task.........................................................................................................7
1.3.2 Enabling the MPLS L2VPN......................................................................................................................8
1.3.3 Creating a Local CCC Connection............................................................................................................8
1.3.4 Creating a Remote CCC Connection.........................................................................................................9
1.3.5 Checking the Configuration.....................................................................................................................10
1.4 Configuring the SVC VLL...............................................................................................................................11
1.4.1 Establishing the Configuration Task.......................................................................................................11
1.4.2 Enabling MPLS L2VPN..........................................................................................................................12
1.4.3 Creating an SVC VLL Connection..........................................................................................................12
1.5 Configuring Martini VLL.................................................................................................................................13
1.5.3 Creating a Martini VLL Connection.......................................................................................................15
1.6 Configuring VLL FRR.....................................................................................................................................17
1.6.2 Configuring Master and Backup PWs.....................................................................................................18
1.6.3 (Optional) Configuring Fast Fault Notification - Physical Layer Fault Notification..............................19
1.6.4 (Optional) Configuring BFD for PW.......................................................................................................20
1.6.5 (Optional) Configuring the Revertive Switchover..................................................................................20
1.7 Maintaining VLL..............................................................................................................................................23
1.7.1 Enabling Traffic Statistics on the VLL....................................................................................................23
1.7.2 Viewing Traffic Statistics on the VLL....................................................................................................24
1.7.3 Resetting Traffic Statistics on the VLL...................................................................................................24
1.7.4 Monitoring the Running Status of VLL..................................................................................................24
1.7.5 Debugging VLL.......................................................................................................................................25
Issue 01 (2011-11-21) Huawei Proprietary and Confidential iv

1.7.6 Checking Connectivity of the VLL Network..........................................................................................25

1.8 Configuration Examples...................................................................................................................................26
1.8.1 Example for Configuring a Local CCC Connection...............................................................................26
1.8.2 Example for Configuring a Remote CCC Connection............................................................................30
1.8.3 Example for Configuring an SVC VLL..................................................................................................36
1.8.4 Example for Configuring a Martini VLL................................................................................................42
2 PWE3 Configuration...................................................................................................................49
2.1 Introduction to PWE3.......................................................................................................................................51
2.2 PWE3 Features Supported by the S5700..........................................................................................................52
2.3 Configuring the Attributes of a PW Template..................................................................................................60
2.3.2 Creating a PW Template..........................................................................................................................61
2.3.3 Setting the Attributes for a PW Template...............................................................................................62
2.4 Configuring a Static PW...................................................................................................................................63
2.4.3 Creating a Static PW................................................................................................................................65
2.5 Configuring a Dynamic PW.............................................................................................................................66
2.5.3 Creating a Dynamic PW..........................................................................................................................67
2.6 Configuring PW Switching..............................................................................................................................69
2.6.2 Configuring PW Switching.....................................................................................................................70
2.7 Configuring a Backup PW................................................................................................................................73
2.7.2 Configuring a Backup PW.......................................................................................................................74
2.8 Configuring Static BFD for PW.......................................................................................................................76
2.8.2 Enabling BFD Globally...........................................................................................................................77
2.8.3 Enabling the Sending of BFD for PW Packets to the Protocol Stack.....................................................78
2.8.4 Configuring BFD for PW........................................................................................................................78
2.9 Configuring Dynamic BFD for PW..................................................................................................................80
2.9.2 Enabling BFD Globally...........................................................................................................................81
2.9.3 Enabling the Sending of BFD for PW Packets to the Protocol Stack.....................................................82
Issue 01 (2011-11-21) Huawei Proprietary and Confidential v

2.9.4 Configuring the Attributes of a PW Template.........................................................................................82

2.9.5 (Optional) Adjusting BFD Parameters....................................................................................................82
2.9.6 Configuring PWs.....................................................................................................................................83
2.9.7 Triggering Dynamic BFD for PW...........................................................................................................83
2.10 Configuring PWE3 FRR.................................................................................................................................85
2.10.1 Establishing the Configuration Task.....................................................................................................85
2.10.2 Configuring Primary and Backup PWs.................................................................................................86
2.10.3 (Optional) Configuring BFD for PW.....................................................................................................87
2.10.4 (Optional) Configuring the Revertive Switchover................................................................................88
2.10.5 Checking the Configuration...................................................................................................................89
2.11 Maintaining PWE3.........................................................................................................................................91
2.11.1 Verifying the Connectivity of a PW......................................................................................................92
2.11.2 Locating a Fault of a PW.......................................................................................................................93
2.11.3 Debugging a PWE3...............................................................................................................................94
2.12 Configuration Examples.................................................................................................................................94
2.12.1 Example for Configuring a Dynamic SH-PW.......................................................................................94
2.12.2 Example for Configuring a Static MH-PW.........................................................................................100
2.12.3 Example for Configuring a Dynamic MH-PW....................................................................................108
2.12.4 Example for Configuring a Mixed MH-PW........................................................................................118
2.12.5 Example for Configuring Static BFD for PW.....................................................................................126
2.12.6 Example for Configuring Dynamic BFD for SH-PW.........................................................................141
2.12.7 Example for Configuring Dynamic BFD for MH-PW........................................................................151
Issue 01 (2011-11-21) Huawei Proprietary and Confidential vi

Configuration Guide - VPN 1 VLL Configuration
1 VLL Configuration
About This Chapter
This chapter describes how to configure a VLL to transparently transmit data on the MPLS
network.
1.1 Introduction to VLL

A Virtual Leased Line (VLL) emulates the traditional leased line on the IP network, and provides
asymmetric and low-cost digital data network (DDN) services. For users on both ends of a VLL,
the VLL is similar to the traditional leased line. As a point-to-point virtual private line
technology, VLL supports nearly all link layer protocols.
1.2 VLL Features Supported by the S5700
VLL can be implemented in three modes, namely, Circuit Cross Connect (CCC), Switched
Virtual Circuit (SVC), and Martini.
1.3 Configuring CCC VLL
This section describes how to configure a CCC VLL. The CCC VLL transmits data by adding
a one-layer label to the data. Being configured by the administrator, the CCC VLL is applicable
to an MPLS network of the small size and simple topology. The CCC VLL needs no signaling
negotiation and control packet exchange, and thus consumes fewer resources and is easy to
understand. Nevertheless, the CCC VLL has poor scalability and is inconvenient to maintain.
1.4 Configuring the SVC VLL
This section describes how to configure an SVC VLL. After the SVC VLL is configured, L2VPN
information can be transmitted without the usage of any signaling protocol.
1.5 Configuring Martini VLL
This section describes how to configure a Martini VLL. To configure the Martini VLL, you need
to establish the point-to-point link to implement L2VPN, and use the Label Distribution Protocol
(LDP) to transmit Layer 2 information and VC labels.
1.6 Configuring VLL FRR
This section describes how to configure VLL Fast Re-route (FRR). After VLL FRR is
configured, the VLL traffic is switched to the secondary path if the primary path fails. If the
primary path recovers, the VLL traffic can be switched back to it according to the revertive
switching policy.
1.7 Maintaining VLL
Issue 01 (2011-11-21) Huawei Proprietary and Confidential 1

This section describes how to maintain a VLL. Detailed operations include monitoring the
L2VPN running status.
1.8 Configuration Examples
Each configuration example consists of such information as the networking requirements,
configuration notes, and configuration roadmap.

1.1 Introduction to VLL

A Virtual Leased Line (VLL) emulates the traditional leased line on the IP network, and provides
asymmetric and low-cost digital data network (DDN) services. For users on both ends of a VLL,
the VLL is similar to the traditional leased line. As a point-to-point virtual private line
technology, VLL supports nearly all link layer protocols.
Traditional VPNs are based on Asynchronous Transfer Mode (ATM) or Frame Relay (FR) ,
where different VPNs can share the network structure of carriers. Traditional VPNs have the
following disadvantages:
l Dependence on special media (such as ATM or FR): The carriers must establish ATM
networks or FR networks for ATM-based or FR-based VPNs across the country. This is a
waste of network construction.
l Complicated VPN structure: when a site is added to an existing VPN, it is necessary to
modify the configuration of all the edge nodes that access the VPN site.
To avoid the preceding disadvantages, new solutions are introduced. Virtual Leased Line (VLL)
based on Multiprotocol Label Switching (MPLS) L2VPN is one of the solutions.
NOTE
VLL in this chapter refers to VLL based on MPLS L2VPN, unless otherwise specified.
The VLL provides Layer 2 VPN services on the MPLS network. It allows the establishment of
L2VPNs on different media including VLAN, Ethernet. At the same time, the MPLS network
provides traditional IP services, MPLS L3VPN, traffic engineering and QoS.
The VLL transfers Layer 2 data of the user transparently on the MPLS network. An MPLS
network is a Layer 2 switching network on which used to establish Layer 2 connections are
established between nodes.
Compared with BGP/MPLS VPN, VLL has the following advantages:
l High scalability: The VLL establishes layer 2 link relationships. It does not import and
manage the routing information of the user. It significantly reduces the load of the PE device
and SP network. This enables the carrier to support more VPNs and more users.
l Reliability and guaranteed security of private routing information: The VLL cannot obtain
and process VPN routing information because it is not imported.
l Support for network layer protocols such as IP, IPX, and SNA.
Figure 1-1 shows the model of VLL.
Figure 1-1 VLL model
AC VC AC
Tunnel
CE PE MPLS Network PE CE

l Attachment Circuit (AC) : AC is an independent link or circuit that connects CE and PE.
The AC interface may be a physical interface or a logical interface. The AC attributes
include the encapsulation type, MTU and interface parameters of specified link type.
l Virtual Circuit (VC) : It refers to a kind of logical connection between two PEs.
l Tunnel (Network Tunnel) : It transmits the user data transparently.
Through the label stack, VLL can realize the transparent transmission of user datagram in an
MPLS network.
l Outer label: The label, which is also called tunnel label, is used in transferring packets from
one PE to another.
l Inner label: The label, which is also called VC label in VLL, is used to identify different
links between VPNs. The PE on the receiver side transfers packets to the corresponding
CE according to the VC label.
Figure 1-2 shows the packet label change in the forwarding process.
Figure 1-2 VLL label processing

CE 1 PE 1 P PE 2 CE 2
L2PDU T V L2PDU T' V L2PDU L2PDU
Figure 1-2 shows the Layer 2 Protocol Data Unit (PDU) that is the link layer packet.
Here, T represents Tunnel label; V represents VC label; T' indicates that the outer label is
substituted in the forwarding process.
1.2 VLL Features Supported by the S5700

VLL can be implemented in three modes, namely, Circuit Cross Connect (CCC), Switched
Virtual Circuit (SVC), and Martini.
CCC VLL
The Circuit Cross Connect (CCC) implements the VLL by static configuration.
Unlike common VLL, the CCC adopts one label to transfer user data, so it uses the LSP
exclusively. These LSPs can only be used to transfer the data of this CCC link, and cannot be
used in other VLL links, BGP/MPLS VPN, or used to transfer common IP packets.
The two types of CCC connection are as follows:
l Local connection: refers to the connection between two local CEs. The two CEs are
connected to the same PE. Similar to a layer 2 switch, PE can directly transport packets
without configuring static LSP.
l Remote connection: refers to the connection between local CE and remote CE. The two
CEs are on different PEs. In this case, static LSP configuration is needed to transfer packets

from one PE to another PE. Configuration command is run on the PE to map the static LSP
to the CCC connection.
SVC VLL
The SVC implements VLL through static configuration. The SVC transfers L2VPN information
without using the signaling protocols. The VC label needs to be configured manually.
NOTE
The incoming label of the CCC and receive label of the SVC all range from 16 to 1023. They are in the
same label space with those reserved for static LSPs. The outgoing label of CCC and the transmit label of
SVC, however, ranges from 0 to 1048575 because it is for intercommunication.
Martini VLL
The Martini mode implements the L2VPN by setting up a point-to-point link. It takes LDP as
the signaling protocol to transfer Layer 2 information and VC labels.
The Martini VLL adopts VC-type plus VC-ID to identify a VC between two CEs.
l VC-type: indicates the type of the VC, such as Ethernet and VLAN.
l VC-ID: A VC ID and a VC type uniquely identify a VC on a PE.
The PEs connecting two CEs exchange VC labels through LDP, and bind the corresponding CE
by VC-ID.
A VC is set up when all the following conditions are satisfied:
l The tunnel between the two PEs is successfully created.
l The label exchange and the binding with CE are completed.
l The state of the two interfaces of AC is Up.
In order to exchange VC labels between PEs, the Martini extends LDP by adding the FEC type
in the VC FEC. For remote connections, the two PEs that exchange the VC label cannot be
directly connected; therefore, the remote LDP session must be set up to convey the VC FEC and
the VC label.
Access Mode
When configuring a VLL, you need to configure the interface (that is, AC interface) connecting
the PE to the CE.
On the S5700, a VLL supports the following interfaces to be configured as AC interfaces:
l XGE interfaces
l GE interfaces
l Eth-Trunk interfaces
l VLANIF interfaces
When XGE, GE, or Eth-Trunk interfaces are used as AC interfaces, the outer tags carried in the
packets sent from the AC to the PW are C tags (inserted by customer devices, which are
meaningless to the SP) by default.
When VLANIF interfaces are used as AC interfaces, the outer tags carried in the packets sent
from the AC to the PW are S tags (inserted by SP devices, which are usually used to differentiate
user traffic) by default.

NOTE
l Only VLANIF interfaces can function as the AC interfaces for VLL connections in CCC mode.
l By default, physical interfaces on the S5700 are Layer 2 interfaces. When using XGE, GE, or Eth-
Trunk interfaces on the S5700 as AC interfaces, you need to run the undo portswitch command to
switch Layer 2 interfaces to Layer 3 interfaces.
Processing Tags Carried in Packets by the VLL

The system process packets according to the AC interface type and PW encapsulation type.
The PW encapsulation types can be classified into Ethernet encapsulation and VLAN
encapsulation.
l When VLANIF interfaces function as AC interfaces, the VLAN encapsulation is adopted
by default.
l When GE, XGE, or Eth-Trunk interfaces function as AC interfaces, the Ethernet
encapsulation is adopted by default.
Table 1-1 Processing VLAN tags carried in packets from the AC by the PW
PW Encapsulation Type Processing of the VLAN Tag
VLAN encapsulation Do not process the S tag carried in a packet.
Ethernet encapsulation If an S tag is carried in a packet, delete the S

tag from the packet.
If no S tag is carried in a packet, do not
process the packet.
Table 1-2 Processing VLAN tags carried in packets from the PW by the AC
AC Interface Type Processing of the VLAN Tag
GE, XGE or Eth-Trunk interface Do not process the packet.
VLANIF interface If an S tag is carried in a packet, rewrite the S

tag.
If no S tag is carried in a packet, add an S tag
in the packet.
VLL FRR
With the wide applications of VLLs, the requirement for the reliability of VLLs becomes
increasingly high, especially for L2VPNs that carry real-time services such as VoIP and IPTV.
Virtual Lease Line Fast Reroute (VLL FRR) is one of the solutions to increasing the reliability
of L2VPNs.
VLL FRR is mainly used in the following networking mode:
l Asymmetrically connected CEs

One CE is connected to a PE through an AC and the other CE is dual-homed to PEs through

two ACs, as shown in Figure 1-3.
Figure 1-3 Asymmetrically connected CEs
P1 PE2
PE1
VPN backbone AC2

CE1 AC1 AC3 CE2
PE3 Site2
Site1 P2
1.3 Configuring CCC VLL

This section describes how to configure a CCC VLL. The CCC VLL transmits data by adding
a one-layer label to the data. Being configured by the administrator, the CCC VLL is applicable
to an MPLS network of the small size and simple topology. The CCC VLL needs no signaling
negotiation and control packet exchange, and thus consumes fewer resources and is easy to
understand. Nevertheless, the CCC VLL has poor scalability and is inconvenient to maintain.
1.3.1 Establishing the Configuration Task
Applicable Environment
CCC is applicable to the small-sized MPLS networks that has simple topology. CCC needs to
be configured manually. CCC does not need signaling negotiation or packet interaction. The
resource consumption is low and the configuration is simple. However, CCC is not easy to be
maintained and the extensibility is poor.
You need to configure interface connecting the PE to the CE (namely the AC interface) before
configuring a CCC.
NOTE
On an S5700, only the VLANIF interface can be configured as the AC interface of CCC connection.
Pre-configuration Tasks
Before configuring the CCC VLL, complete the following task:
l Configuring the basic MPLS capability on the MPLS backbone network (PEs and P)

Data Preparation
To configure the CCC VLL, you need the following data.
No. Data
1 Name of a CCC connection
2 Connection type: local connection or remote connection
3 Local CCC connection: the types and numbers of the incoming and outgoing
interfaces
4 Remote CCC connection: the type and number of the incoming interface, the IP
address of the next-hop or the type and number of the outgoing interface
5 Remote CCC connection: the in-label and out-label values of LSRs
Choose 1.3.3 Creating a Local CCC Connection or 1.3.4 Creating a Remote CCC
Connection according to the required connection type.
1.3.2 Enabling the MPLS L2VPN

Before configuring a CCC VLL, you must enable MPLS L2VPN.
Context
Do as follows on the PEs of the two ends of the VC:
Procedure
Step 1 Run:
system-view
The system view is displayed.

Step 2 Run:
mpls l2vpn
The MPLS L2VPN is configured.
----End
1.3.3 Creating a Local CCC Connection

This part describes how to create a local CCC connection. To create the local CCC connection,
you need to only configure the incoming and outgoing interfaces of the CCC connection on a
local PE. The local CCC connection is bidirectional and thus only one such connection needs
to be created.
Context
The local CCC connection is bidirectional, and thus only one connection is required.
Do as follows on the PEs:

Procedure
Step 1 Run:
system-view

Step 2 Run:
ccc ccc-connection-name interface interface-type1 interface-number1 [ raw |
tagged ] out-interface interface-type2 interface-number2 [ raw | tagged ]
A local CCC connection is created.

The S5700 can create a local CCC connection only on the VLANIF interface. By default, the
raw encapsulation type is adopted.
----End
Follow-up Procedure
After the configuration mentioned above on the PE, a local CCC connection is created.
1.3.4 Creating a Remote CCC Connection

This part describes how to create a remote CCC connection. To create the remote CCC
connection, you need to configure the incoming and outgoing interfaces and set the incoming
label and outgoing label for the CCC connection on the local and remote PEs. In addition, you
need to configure two bidirectional static LSPs on the P device. The remote CCC connection is
unidirectional and thus two such connections need to be created.
Procedure
l Configuring the PE
1. Run:
system-view

2. Run:
ccc ccc-connection-name interface interface-type1 interface-number1 [ raw
| tagged ] in-label in-label-value out-label out-label-value nexthop
nexthop-address [ control-word | no-control-word ]
A remote CCC connection is configured.

On the PE or P, the remote CCC connection can be configured only on the VLANIF
interface. You must use nexthop to specify the IP address of the next hop. By default,
the remote CCC connection adopts the raw encapsulation type.
l Configuring P
Do as follows on the Ps that the VC passes through:
1. Run:
system-view

2. Run:
static-lsp transit lsp-name incoming-interface interface-type interface-
number in-label in-label nexthop nexthop-address out-label out-label
The P device is configured as a transit LSR of the static LSP.

It is not necessary to configure static LSPs on the PEs for the CCC connection. You
should configure a bidirectional transit static LSP on all the P devices between the
PEs. These LSPs are used to transfer the data of this CCC exclusively. Furthermore,
MPLS L2VPN need not be enabled on the P devices.
When you configure the outgoing interfaces of the CCC remote connection, the
outgoing interfaces must be VLANIF interface
You must use the nexthop to specify the IP address of the next hop.
----End
1.3.5 Checking the Configuration

After a CCC VLL is configured, you can view information about the CCC connection and
interfaces of the CCC connection.
Prerequisite
The configurations of the CCC VLL function are complete.
Procedure
l Run the display vll ccc [ ccc-name | type { local | remote } ] command to check the CCC
connection information.
l Run the display l2vpn ccc-interface vc-type ccc [ down | up ] command to check the
interface information of the CCC connection.
----End
Example
Run the display vll ccc command. You can find that the status of the CCC VC is Up. For example:
Information about the local connection is as follows:
<Quidway> display vll ccc
total ccc vc : 1
local ccc vc : 1, 1 up
remote ccc vc : 0, 0 up
name: CE1-CE2, type: local, state: up,
intf1: Vlanif10 (up), intf2: Vlanif20 (up)
VC last up time : 2008/07/24 12:31:31
VC total up time: 0 days, 2 hours, 12 minutes, 51 seconds
Information about the remote connection is as follows:

<Quidway> display vll ccc
total ccc vc : 1;
name: CE1-CE2, type: remote, state: up,
intf: vlanif11 (up), in-label: 100 , out-label: 200 , nexthop: 10.1.1.1
VC last up time : 2008/07/24 12:31:31

Run the display l2vpn ccc-interface vc-type ccc command. You can find that the VC type is
CCC and the VC status is Up. For example:
<Quidway> display l2vpn ccc-interface vc-type ccc
Total ccc-interface of CCC : 1
up (1), down (0)
Interface Encap Type State VC Type
Vlanif11 ethernet up ccc
1.4 Configuring the SVC VLL

This section describes how to configure an SVC VLL. After the SVC VLL is configured, L2VPN
information can be transmitted without the usage of any signaling protocol.

Before configuring an SVC VLL, familiarize yourself with the applicable environment,
complete the pre-configuration tasks, and obtain the required data. This can help you complete
the configuration task quickly and accurately.
The setup process of the SVC outer label (public network tunnel) is the same as that of the
Martini. Inner label is manually specified, without the signaling transmission of the VC label,
during the VC configuration.
The SVC does not use signaling protocols to transfer L2VPN information. Packets are
transported between the PEs through tunnels.
The SVC only supports LDP LSP tunnel.
Before configuring SVC VLL, you need to complete the following tasks:
l Configuring the static route or IGP for the MPLS backbone network (PE and P) to
implement IP connectivity
l Enabling the MPLS for PEs
Data Preparation
To configure the SVC VLL, you need the following data.
No. Data
1 Type and number of the interface accessing CE
2 Destination LSR ID of SVC
3 In-label and out-label values of L2VPN connection

1.4.2 Enabling MPLS L2VPN

Before configuring an SVC VLL, you must enable MPLS L2VPN.
Context
Procedure
Step 1 Run:
system-view

Step 2 Run:
mpls l2vpn
The MPLS L2VPN is enabled.
----End
1.4.3 Creating an SVC VLL Connection

Context
Do as follows on the PEs on the two ends of the VC.
Procedure
Step 1 Run:
system-view

Step 2 Run:
interface interface-type interface-number
The AC interface view is displayed.

Step 3 (Optional) Run:
undo portswitch
The Layer 2 interface is configured as a Layer 3 interface.
NOTE
To use an XGE interface, a GE interface, or an Eth-Trunk interface of the S5700 as the AC interface of
the PE, you need to perform step 3 to configure the Layer 2 interface as a Layer 3 interface.
Step 4 Run:
mpls static-l2vc destination ip-address transmit-vpn-label transmit-label-value
receive-vpn-label receive-label-value [ [ control-word | no-control-word ] |
[ raw | tagged ] ] *
The SVC VLL is created.
----End


After an SVC VLL is configured, you can view information about the SVC connection and
interfaces of the SVC connection.
Prerequisite
The configurations of the SVC VLL function are complete.
Procedure
l Run the display mpls static-l2vc [ interface interface-type interface-number ] command
to check the SVC L2VPN connection information on the PE.
l Run the display l2vpn ccc-interface vc-type static-vc [ down | up ] command to check
the interface information of the SVC connections in Up/Down state.
----End
Example
Run the display mpls static-l2vc command. You can find that the VC status is Up. For example:
<Quidway> display mpls static-l2vc
Total svc connections: 1, 1 up, 0 down
*Client Interface : Vlanif10 is up
AC Status : up
VC State : up
VC ID : 0
VC Type : VLAN
Destination : 3.3.3.9
Transmit VC Label : 100
Receive VC Label : 200
Control Word : Disable
VCCV Capability : alert lsp-ping bfd
Tunnel Policy Name : --
Traffic Behavior : --
PW Template Name : --
Main or Secondary : Main
Create time : 0 days, 0 hours, 6 minutes, 44 seconds
UP time : 0 days, 0 hours, 6 minutes, 44 seconds
Last change time : 0 days, 0 hours, 6 minutes, 44 seconds
VC last up time : 2010/07/24 12:31:31
VC total up time : 0 days, 2 hours, 12 minutes, 51 seconds
CKey : 16
NKey : 15
Run the display l2vpn ccc-interface vc-type static-vc up command. You can find that the VC
type is SVC and the status is Up. For example:
<Quidway> display l2vpn ccc-interface vc-type static-vc up
Total ccc-interface of SVC VC: 1
up (1), down (0)
Vlanif1110 vlan up static-vc
1.5 Configuring Martini VLL

This section describes how to configure a Martini VLL. To configure the Martini VLL, you need
to establish the point-to-point link to implement L2VPN, and use the Label Distribution Protocol
(LDP) to transmit Layer 2 information and VC labels.


Before configuring a Martini VLL, familiarize yourself with the applicable environment,
In Martini mode, double-layer labels are adopted. The inner label uses the extended LDP as the
signaling protocol to transmit the Layer 2 information and the VC label.
In Martini mode, an LSP between two PEs can be shared by multiple VCs. Information about
the VC label and LSP is stored only on the PE devices. The P devices do not store any Layer 2
VPN information. Therefore, Martini mode features excellent extensibility. When a new VC is
needed, you only need to configure a unidirectional VC on each PE device of the two ends. The
network operation is not affected.
Before configuring Martini VLL, you need to complete the following tasks:
l Configuring the static route or IGP for the MPLS backbone network (PE or P) to implement
IP connectivity
l Enabling basic MPLS functions on PEs and Ps.
l Establishing an LDP session between PEs which are connected directly, or establishing a
remote LDP session between PEs which are connected indirectly
Data Preparation
To configure Martini VLL, you need the following data.
No. Data
1 Type and number of the interface accessing CE
2 Destination address and VC ID of L2VC

Before configuring a Martini VLL, you must enable MPLS L2VPN.
Context
Procedure
Step 1 Run:
system-view

Step 2 Run:
mpls l2vpn
The MPLS L2VPN is enabled.
----End
1.5.3 Creating a Martini VLL Connection
Context
Do as follows on the PEs on the two ends of the VC.
Procedure
Step 1 Run:
system-view
Step 2 Run:
mpls l2vpn
The MPLS L2VPN view is displayed.
Step 3 Run:
mpls l2vpn default martini
The Martini mode is enabled.
NOTE
l By default, the S5700 uses pseudo wire emulation edge-to-edge (PWE3) mode. The PWE3 mode can
use Notification messages to negotiate the PW status. The Martini mode, however, does not support
Notification messages. For details about Notification messages, see the chapter 2.1 Introduction to
PWE3.
l If the peer PE does not support Notification messages, you need to set the mode to Martini by using
the mpls l2vpn default martini command.
l Before using the mpls l2vpn default martini command to enable the Martini mode that does not
support Notification messages, delete the VC configuration related to notification messages, including
the PWE3 configuration.
Step 4 Run:
quit
Return to the system view.
Step 5 Run:

undo portswitch
The Layer 2 interface is configured as a Layer 3 interface.

NOTE
To use an XGE interface, a GE interface, or an Eth-Trunk interface of the S5700 as the AC interface of
the PE, you need to run undo portswitch to configure the Layer 2 interface as a Layer 3 interface.
Step 7 Run:
mpls l2vc { ip-address | pw-template pw-template-name } * vc-id [ group-id group-
id | [ control-word | no-control-word ] | [ raw | tagged ] | mtu mtu-value |
secondary ] *
The Martini VLL is created.

The Martini L2VC requires the VC IDs of the VCs of the same encapsulation type on a PE to
be unique. The change of the encapsulation type may cause collision of VC IDs.
----End

After a Martini VLL is configured, you can view information about the two ends of the Martini
VLL.
Prerequisite
The configurations of the Martini VLL function are complete.
Procedure
l Run the display mpls l2vc [ vc-id | interface interface-type interface-number ] command
to check the Martini VLL connection information on the local PE.
l Run the display mpls l2vc remote-info [ vc-id ] command to check the peer Martini VLL
connection information on the local PE.
----End
Example
Run the display mpls l2vc command. You can find that destination is the peer IP address of
the specified VC and VC state is up. For example:
<Quidway> display mpls l2vc
total LDP VC : 1 1 up 0 down
*client interface : Vlanif1111

Administrator PW : no
session state : up
AC status : up
VC state : up
VC ID : 101
VC type : VLAN
destination : 3.3.3.9
local VC label : 8195 remote VC label : 8195
control word : disable
forwarding entry : exist
local group ID : 0
manual fault : not set
active state : active
link state : up
local VC MTU : 1500 remote VC MTU : 1500
tunnel policy name : --
traffic behavior name: --
PW template name : --

primary or secondary : primary

create time : 0 days, 0 hours, 6 minutes, 48 seconds
up time : 0 days, 0 hours, 5 minutes, 9 seconds
last change time : 0 days, 0 hours, 5 minutes, 9 seconds
VC last up time : 2010-07-24 12:31:31
CKey : 16
NKey : 15
AdminPw interface : --
AdminPw link state : --
Run the display mpls l2vc remote-info command. You can find that the peer address is the peer
address of the specified VC. For example:
<Quidway> display mpls l2vc remote-info
Total remote ldp vc : 1
Transport Group Peer Remote Remote C MTU/ N S
VC ID ID Addr Encap VC Label Bit CELLS Bit Bit
101 0 3.3.3.9 vlan 819523552 0 1500 0 0
1.6 Configuring VLL FRR

This section describes how to configure VLL Fast Re-route (FRR). After VLL FRR is
configured, the VLL traffic is switched to the secondary path if the primary path fails. If the
primary path recovers, the VLL traffic can be switched back to it according to the revertive
switching policy.
VLL FRR Supported by the S5700 is mainly used in the networking modes of asymmetrically
connected CEs:
The CE on one end of the VC accesses the PE of higher reliability through a single reliable link.
The CE on the other end is dual-homed to the PE of lower reliability. Thus, two communication
paths exist between the CEs. The path of higher reliability functions as the master path, and the
path with the lower reliability functions as the backup path.
After the VLL FRR is configured, L2VPN traffic is rapidly switched to the backup path when
a fault occurs on the master path. After the fault on the master path is rectified, the L2VPN traffic
is switched back to the master path according to the revertive switchover policy.
NOTE
For asymmetrically connected CEs, the primary and secondary IP addresses need to be configured on the
interface connecting the CE to the PE through a single link. When the master path is available, the CE uses
the primary IP address to communicate with the remote CE. When a fault occurs on the master path, the
local CE communicates with the remote CE by using the secondary IP address.
Before configuring VPN FRR, complete the following tasks:
l Configuring a PW on each of the master path and backup path for the networking where
CEs are asymmetrically connected to PEs (The types of PWs on the master path and backup
path must be the same.)

l Configuring CEs to exchange routing information by using routing protocols or static routes
NOTE
To configure a Martini VLL or PWE3 for VLL FRR, you must use the PW template to configure a PW,
enable the control word in the PW template.
In the networking where CEs are asymmetrically connected to PEs, the backup PW cannot transmit data
when the master path and backup path work normally. If the AC interface of the backup PW borrows the
IP address of the AC interface of the master PW, the following situations occur:
l The policy of none revertive switchover cannot be configured.
l The local CE has two equal-cost and direct routes to the remote CE. The destination addresses and next
hops of the two routes are the same. Actually, the route that passes through the backup PW is invalid.
l If CEs exchange routing information by using routing protocols, you need to modify the cost or metric
of the AC interface of the backup path to be greater than that of the AC interface of the master path.
The local CE cannot communicate with the peer CE, but can communicate with other user devices.
l If CEs use static routes to exchange routing information, you need to modify the preference of the
backup route to be lower than that of the primary route (the greater the value, the lower the preference)
by using the ip route-static dest-ip-address mask out-interface preference preference-value
command.
Data Preparation
To configure VLL FRR, you need the following data.
No. Data
1 Delay for revertively switching traffic when faults are cleared and the delay for
advertising fault recovery (by default, the delay for revertively switching traffic is 30
seconds and the delay for advertising fault recovery is 10 seconds.)
2 Link type of the AC interface
1.6.2 Configuring Master and Backup PWs

In the networking where CEs are asymmetrically connected to PEs, you need to configure master
and backup PWs.
Context
l In the networking where CEs are asymmetrically connected to PEs, you need to configure
master and backup PWs. The master and backup PWs must be of the same type.
NOTE
VLL FRR supports only LDP PWs, that is, Martini VLL.
When using XGE, GE, or Eth-Trunk interfaces as AC interfaces, you need to run the undo portswitch
command in the current interface view before configuring master and backup PWs.
Procedure
l LDP PW
1. Run:
system-view


2. Run:
mpls l2vpn
The MPLS L2VPN view is displayed.

3. Run:
The system switches to the Martini mode.
NOTE
Before using the mpls l2vpn default martini command to set the behavior of the dynamic VC
signaling to non-Notification mode, you need to delete the configurations of VCs (including
PWE3 VCs) that support the Notification signaling.
4. Run:
quit

5. Run:

6. Run:
mpls l2vc { ip-address | pw-template pw-template-name } * vc-id [ group-
id group-id | [ control-word | no-control-word ] | [ raw | tagged ] | mtu
mtu-value ] *
The master PW is configured.
NOTE
Before using a PW template to create a PW, you need to configure a PW template. For details,
refer to 2.3 Configuring the Attributes of a PW Template.
7. Run:
mpls l2vc { ip-address | pw-template pw-template-name } * vc-id [ group-
id group-id | [ control-word | no-control-word ] | [ raw | tagged ] | mtu
mtu-value ] * secondary
The backup PW is configured.
NOTE
l Both master and backup PWs need to be configured on the PE to which a CE is single-
homed. Only the master PW needs to be configured on the PE to which a CE is dual-homed.
l Master and backup PWs must have different VC IDs.
l The control word configuration on the primary and secondary PWs must be the same.
Otherwise, lots of packets will be lost after the primary/secondary PW switchover.
----End
1.6.3 (Optional) Configuring Fast Fault Notification - Physical Layer

Fault Notification
Physical layer fault notification expedites fault detection and notification.

Context
The S5700 supports physical layer fault notification, which can be configured only on the
Ethernet main interface.
Configure physical layer fault notification on the PE.
Procedure
Step 1 Run:
system-view
Step 2 Run:
l The AC interface must be a primary Ethernet interface.

l The AC interface is configured with an VC.
Step 3 Run:
mpls l2vpn trigger if-down
Physical layer fault notification is enabled.
----End
1.6.4 (Optional) Configuring BFD for PW

BFD for PW expedites the fault detection on the public network.
Context
BFD for PW, which speeds up fault detection, is recommended.
Static BFD for PW or dynamic BFD for PW can be configured on PEs. For detailed
configuration, see the following sections:
l 2.8 Configuring Static BFD for PW

l 2.9 Configuring Dynamic BFD for PW
Example
NOTE
l BFD for PW must be configured or deleted on the PEs at the both ends of a PW simultaneously.
Otherwise, the PW statuses on the two PEs are different.
1.6.5 (Optional) Configuring the Revertive Switchover

The revertive switching policies can be classified into three modes: immediate revertive mode,
delayed revertive mode, and non-revertive mode. By default, the revertive switching policy is
in delayed revertive mode.

Context
When CEs are connected to PEs asymmetrically, do as follows on the PE (where traffic is
switched) to which a CE is connected through a single link:
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
mpls l2vpn reroute { { delay delay-time | immediately } [ resume resume-time ] |
never }
The revertive switchover policy is configured.
The types of the revertive switchover on PEs are as follows:
l Immediate revertive switchover: The local PE immediately switches traffic to the master PW
and notifies the fault to the remote PE of the backup PW. The PE notifies the rectification
of the fault to the remote PE of the backup PW after the period of resume-time.
l Delayed revertive switchover: The PE switches traffic to the master PW after the period of
delay-time.
l None revertive switchover: The PE does not switch traffic to the master PW until the backup
PW is faulty.
For an asymmetric networking, in which ACs are of the Ethernet type, note the following:
l If the remote shutdown function is configured on the interface of a PE that connects a CE,
you are recommended not to use the policy of immediate revertive switchover, which may
lead to network flapping and traffic loss. On the other hand, you can use the policy of delayed
revertive switchover to set delay-time equal to or more than 30 seconds.
l If the Ethernet OAM function is configured on the interface of a PE that connects a CE, and
a revertive switchover policy is also configured, you cannot set resume-time to be 0 seconds,
but be equal to or longer than one second.
----End
Procedure
to view information about the local end of the Martini VC.
l Run the display mpls l2vc remote-info [ vc-id ] command to view information about the
remote end of the Martini VC.
----End

Example
Run the display mpls l2vc [ vc-id | interface interface-type interface-number ] command, and
you can see that the status of the master and backup PWs is Up, the VC status of the master PW
is active, and VC status of the backup PW is inactive. The following is an example:
<Quidway> display mpls l2vc interface vlanif 300
*client interface : Vlanif300 is up
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
local group ID : 0 remote group ID : 0
local VC label : 8195 remote VC label :
8195
local AC OAM State : up
local PSN State : up
local forwarding state : forwarding
local status code : 0x0
remote AC OAM state : up
remote PSN state : up
remote forwarding state: forwarding
remote status code : 0x0
BFD for PW : available
link state : up
local VCCV : alert lsp-ping bfd
remote VCCV : alert lsp-ping bfd
local control word : disable remote control word : disable
traffic behavior name : --
VC tunnel/token info : 1 tunnels/tokens
NO.0 TNL type : lsp, TNL ID : 0x48002004
VC last up time : 2010/12/01 10:00:00
CKey : 4
NKey : 3
PW redundancy mode : --

session state : up
AC state : up
VC state : up
VC ID : 200
VC type : VLAN
8195


active state : inactive
link state : up
local VC MTU : 1500 remote VC MTU :
1500
primary or secondary : secondary
NO.0 TNL type : lsp , TNL ID : 0x48002000
VC last up time : 2010/12/01 10:00:00
CKey : 5
NKey : 3
reroute policy : delay 30 s, resume 10 s

reason of last reroute : --
time of last reroute : -- days, -- hours, -- minutes, -- seconds
delay timer ID : -- residual time :--
resume timer ID : -- residual time :--
Run the display mpls l2vc remote-info command, and you can see that Peer Addr is the peer
address of the VC. The following is an example:

100 0 11.11.11.11 vlan 8195 1 1500 1 0
200 0 11.11.11.11 vlan 8195 1 1500 1 0
1.7 Maintaining VLL

This section describes how to maintain a VLL. Detailed operations include monitoring the
L2VPN running status.
1.7.1 Enabling Traffic Statistics on the VLL

This section describes how to enable the function of collecting statistics on VLL traffic before
viewing VLL traffic statistics.
Context
You can collect statistics on VLL traffic on the user-side interfaces that are bound to the VLL.
In this case, you need to enable the function of collecting statistics on VLL traffic on the device
before the VLL connection is set up.

Procedure
Step 1 Run:
system-view
Step 2 Run:
mpls l2vpn traffic-statistics enable
The traffic statistics on the VLL is enabled.
The function of collecting traffic statistics is only valid to the VLL connection that is created
after this function is enabled.
----End
1.7.2 Viewing Traffic Statistics on the VLL

This section describes how to view VLL traffic statistics on the specified interface.
Procedure
l Run:
display traffic-statistics l2vpn interface interface-type interface-number
The VLL traffic statistics on the specified interface are displayed.
To view VLL traffic statistics, you need to enable the function of collecting traffic statistics
on the VLL before the VLL connection is set up.
----End
1.7.3 Resetting Traffic Statistics on the VLL

This section describes how to reset VLL traffic statistics on the specified interface.
Procedure
l Run the following command in the user view:
reset traffic-statistics l2vpn interface interface-type interface-number
The VLL traffic statistics on the specified interface are reset.
----End
1.7.4 Monitoring the Running Status of VLL

This part describes how to monitor the L2VPN running status by viewing the L2VPN connection
information.
Context
During the routine maintenance, you can run the following commands in any view to know the
running status of VLL.

Procedure
l Run the display vll ccc [ ccc-name | type { local | remote } ] command to check information
about the CCC connection.
l Run the display mpls static-l2vc [ interface interface-type interface-number ] command
to check information about the SVC VLL connection.
to check information about the local Martini VLL connection on the PE.
----End
1.7.5 Debugging VLL

When a VLL fault occurs, run the relevant debugging command to debug the fault, view the
debugging information, locate the fault, and analyze the cause.
Context
CAUTION
Debugging affects the performance of the system. So, after debugging, run the undo
debugging all command to disable it immediately.
When a fault occurs, run the following debugging commands in the user view to locate the fault.
For the procedure of displaying the debugging information, refer to the chapter "System
Maintenance" in the Quidway S5700 Series Ethernet Switches Configuration Guide - Device
Management.
Procedure
l Run the debugging mpls l2vpn { all | advertisement | download | error | event | message-
merge |reroute | timer | connections [ interface interface-type interface-number ] }
command in the user view to enable the debugging of the VLL.
----End
1.7.6 Checking Connectivity of the VLL Network

The VLL connectivity can be checked through the ping or tracert command.
Prerequisite
Before using the ping or tracert command to check connectivity of a VLL network, you need
to ensure that the VLL network is correctly configured.
The channel types supported by the VLL network in Martini mode are listed in the "Procedure"
part.
By default, VCCV in Label Alert mode is enabled. Before using the control word channel, you
need to run the control-word command to enable the control word function. After that, VCCV
in control word channel mode is enabled.

When locating the fault on the VLL network in Martini mode, you can use either VCCV in
control word channel mode or VCCV in normal mode.
Procedure
l Checking the connectivity of the VLL network in Martini mode
– Control word channel
ping vc pw-type pw-id [ -c echo-number | -m time-value | -s data-bytes | -t timeout-
value | -exp exp-value | -r reply-mode | -v ] * control-word [ remote peer-pw-id |
draft6 ] *
– Label Alert channel
value | -exp exp-value | -r reply-mode | -v ] * label-alert [ remote remote-ip-address |
draft6 ] *
l Locating the fault on the VLL network in Martini mode
tracert vc { pw-type pw-id [ -exp exp-value | -f first-ttl | -m max-ttl | -r reply-mode | -
t timeout-value ] * control-word [ [ [ remote remote-pw-id ] draft6 ] | remote remote-
ip-address ] [ full-lsp-path ]
t timeout-value ] * label-alert [ remote remote-ip-address ] [ full-lsp-path ]
[ draft6 ]
– Normal mode
t timeout-value ] * normal [ remote remote-ip-address ] [ full-lsp-path ] [ draft6 ]
----End

Each configuration example consists of such information as the networking requirements,
1.8.1 Example for Configuring a Local CCC Connection

Networking Requirements
As shown in Figure 1-4, the CE is connected to the PE through a GE interface.
A local CCC connection is created between CE1 and CE2.

Figure 1-4 Networking diagram for configuring local CCC connection

CE 2
GE 0/0/1
CCC local
connection
CE 1
GE 0/0/2
GE 0/0/1 GE 0/0/1
PE
Loopback1
1.1.1.9/32
Device Interface VLANIF interface IP address
PE GigabitEthernet0/0/1 VLANIF 10 -
GigabitEthernet0/0/2 VLANIF 20 -
Loopback1 - 1.1.1.9/32
CE1 GigabitEthernet0/0/1 VLANIF 10 100.1.1.1/24
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure the basic MPLS capacity on the PE and enable the MPLS L2VPN.
2. Create a local connection between CE1 and CE2 on PE. The local CCC connection is
bidirectional, so only one connection is needed.
Data Preparation
IP addresses of the interfaces
Procedure
Step 1 Configure CEs.
# Configure CE1.
<Quidway> system-view
[Quidway] sysname CE1
[CE1] vlan 10
[CE1-Vlan10] quit
[CE1]interface gigabitethernet 0/0/1
[CE1-GigabitEthernet0/0/1]port link-type trunk
[CE1-GigabitEthernet0/0/1]port trunk allow-pass vlan 10
[CE1-GigabitEthernet0/0/1]quit
[CE1] interface vlanif 10
[CE1-Vlanif10] ip address 100.1.1.1 24
[CE1-Vlanif10] quit
# Configure CE2.

[Quidway] sysname CE2
[CE2] vlan 20
[CE2-vlan20] quit
[CE2] interface gigabitethernet 0/0/1
[CE2-GigabitEthernet0/0/1]port link-type trunk
[CE2-GigabitEthernet0/0/1]port trunk allow-pass vlan 20
[CE2-GigabitEthernet0/0/1]quit
[CE2-Vlanif20] quit
NOTE
The packets sent from CE to PE must have VLAN tags.
Step 2 Configure PEs.

# Configure the LSR ID and enable MPLS and MPLS L2VPN.
[Quidway] sysname PE
[PE] interface loopback 1
[PE-LoopBack1] ip address 1.1.1.9 32
[PE-LoopBack1] quit
[PE] mpls lsr-id 1.1.1.9
[PE] mpls
[PE-mpls] quit
[PE] mpls l2vpn
[PE-l2vpn] quit
[PE] vlan batch 10 20
[PE] interface gigabitethernet 0/0/1
[PE-GigabitEthernet0/0/1] port hybrid pvid vlan 10
[PE-GigabitEthernet0/0/1] port hybrid tagged vlan 10
[PE-GigabitEthernet0/0/1] quit
[PE] interface gigabitethernet 0/0/2
[PE-GigabitEthernet0/0/2] port hybrid pvid vlan 20
[PE-GigabitEthernet0/0/2] port hybrid tagged vlan 20
[PE-GigabitEthernet0/0/2] quit
# Create a local connection between CE1 and CE2.

[PE] interface vlanif 10
[PE-Vlanif10] quit
[PE] interface vlanif 20
[PE-Vlanif20] quit
[PE] ccc ce1-ce2 interface vlanif 10 out-interface vlanif 20
Step 3 Verify the configuration.

After the configuration, display the CCC information on the PE. You can see that a local CCC
connection is set up and the status is Up.
<PE> display vll ccc
total ccc vc : 1
name: ce1-ce2, type: local, state: up,

intf1: Vlanif10 (up), intf2: Vlanif20 (up)
VC last up time : 2010/07/24 12:31:31
Run the display l2vpn ccc-interface vc-type ccc command, and you can see that the VC type
is CCC and the status is Up.
<PE> display l2vpn ccc-interface vc-type all

up (2), down (0)


CE1 and CE2 can ping each other.

Take CE1 for example.
<CE1> ping 100.1.1.2

PING 100.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 100.1.1.2: bytes=56 Sequence=1 ttl=255 time=180 ms
--- 100.1.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 10/76/180 ms
----End
Configuration Files
l Configuration file of CE1
#
sysname CE1
#
vlan batch 10
#
interface Vlanif 10
ip address 100.1.1.1 255.255.255.0
#
interface GigabitEthernet0/0/1
port link-type trunk
port trunk allow-pass vlan 10
#
return
l Configuration file of PE
#
sysname PE
#
vlan batch 10 20
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
interface Vlanif10
#
interface Vlanif20
#
port hybrid pvid vlan 10
port hybrid tagged vlan 10
#
#
ccc ce1-ce2 interface Vlanif10 out-interface Vlanif20
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255

#
return

#
sysname CE2
#
vlan batch 20
#
interface Vlanif 20
ip address 100.1.1.2 255.255.255.0
#
#
return
1.8.2 Example for Configuring a Remote CCC Connection

The CE is connected to the PE through a GE interface.
To create a remote CCC connection between CE1 and CE2, you need to complete the following
tasks:
l Create the remote CCC connection between the two PEs.
l Configure two static LSPs on P to exchange packets.
Figure 1-5 Networking diagram for configuring remote CCC connection

CE 1 to CE 2 O-Label I-Label O-Label I-Label
200 200 201 201
I-Label O-Label I-Label O-Label

100 100 101 101 CE 2 to CE 1
Loopback1 Loopback1 Loopback1

1.1.1.9/32 2.2.2.9/32 3.3.3.9/32
P
PE1 PE2
GE 0/0/2 GE 0/0/2 GE0/0/1 GE 0/0/1
GE 0/0/1 GE 0/0/2
CCC remote
GE 0/0/1 GE 0/0/1
connection
CE 1 CE 2
PE1 GigabitEthernet0/0/1 VLANIF 10 -
GigabitEthernet0/0/2 VLANIF 20 10.1.1.1/24

Loopback1 - 1.1.1.9/32
PE2 GigabitEthernet0/0/1 VLANIF 30 10.2.2.1/24
Loopback1 - 3.3.3.9/32
P GigabitEthernet0/0/1 VLANIF 30 10.2.2.2/24
Loopback1 - 2.2.2.9/32
1. Configure a bidirectional static LSP for the CCC connection between PEs. The LSP is
exclusively used by the CCC connection.
2. Enable MPLS L2VPN on the PEs. MPLS L2VPN need not be enabled on P.
3. Set up two connections: one from CE1 to CE2 and the other from CE2 to CE1.
Data Preparation
To complete the configuration, you need the following data:
l Out-label and in-label of the remote CCC connection
Pay attention to the mapping between the in-labels and out-labels on the PE and P. For the settings
of the out-label and the in-label, see Figure 1-5.
Procedure
Step 1 Configure the ID of the VLAN that each interface belongs to, as shown in Figure 1-5.
The configuration procedure is not mentioned here.
NOTE
The packets sent from CE to PE must have VLAN tags.
Step 2 Assign the IP addresses to the VLANIF interfaces on the CEs.
# Configure CE1.
[CE1-Vlanif10] quit
# Configure CE2.
[CE2-Vlanif40] quit

Step 3 Assign an IP address to each VLANIF interface of the Switches.
# Configure PE1.
[Quidway] sysname PE1
[PE1] interface loopback 1
[PE1-LoopBack1] ip address 1.1.1.9 32
[PE1-LoopBack1] quit
[PE1] interface vlanif 20
[PE1-Vlanif20] ip address 10.1.1.1 24
[PE1-Vlanif20] quit
# Configure the P.
[Quidway] sysname P
[P] interface loopback 1
[P-LoopBack1] ip address 2.2.2.9 32
[P-LoopBack1] quit
[P] interface vlanif 30
[P-Vlanif30] ip address 10.2.2.2 24
[P-Vlanif30] quit
[P-Vlanif20] quit
# Configure PE2.
[Quidway] sysname PE2
[PE2-LoopBack1] ip address 3.3.3.9 32
[PE2-LoopBack1] quit
[PE2-Vlanif30] quit
Step 4 Configure the basic MPLS capabilities on the MPLS backbone network.
# Configure PE1.
[PE1] mpls lsr-id 1.1.1.9
[PE1] mpls
[PE1-mpls] quit
[PE1-Vlanif20] mpls
[PE1-Vlanif20] quit
# Configure the P.
[P] mpls lsr-id 2.2.2.9
[P] mpls
[P-mpls] quit
[P-Vlanif20] mpls
[P-Vlanif20] quit
[P-Vlanif30] mpls
[P-Vlanif30] quit
# Configure PE2.
[PE2] mpls
[PE2-mpls] quit
[PE2-Vlanif30] mpls
[PE2-Vlanif30] quit

Step 5 Create the remote CCC connection between the two PEs.
# Configure PE1: Enable MPLS L2VPN globally and create the remote CCC connection from
CE1 to CE2. Connect the incoming interface of PE1 to CE1 and the outgoing interface of PE1
to the P. Set the incoming label to 100 and the outgoing label to 200.
[PE1] mpls l2vpn
[PE1-l2vpn] quit
[PE1-Vlanif10] quit
[PE1] ccc CE1-CE2 interface vlanif 10 in-label 100 out-label 200 nexthop 10.1.1.2
# Configure PE2: Enable mpls l2vpn globally and create the remote CCC connection from CE2
to CE1. Connect the incoming interface of PE2 to CE2 and the outgoing interface of PE2 to the
P. Set the incoming label to 201 and the outgoing label to 101.
[PE2] mpls l2vpn
[PE2-l2vpn] quit
[PE2-Vlanif40] quit
[PE2] ccc CE2-CE1 interface vlanif 40 in-label 201 out-label 101 nexthop 10.2.2.2
Step 6 Configure static LSPs on P for forwarding packets.
# Configure P: Configure a static LSP for forwarding packets from PE1 to PE2, and configure
another static LSP for forwarding packets from PE2 to PE1.
[P] static-lsp transit PE1-PE2 incoming-interface vlanif 20 in-label 200 nexthop
10.2.2.1 out-label 201
[P] static-lsp transit PE2-PE1 incoming-interface vlanif 30 in-label 101 nexthop
10.1.1.1 out-label 100
After the configuration, display information about the CCC connection on the PEs. You can find
that a remote CCC connection is set up on each of PE1 and PE2 and the status of the connection
is Up.
<PE1> display vll ccc
total ccc vc : 1

intf: Vlanif10 (up), in-label: 100 , out-label: 200 , nexthop: 10.1.1.2
VC last up time : 2007/10/09 17:35:14
<PE2> display vll ccc
total ccc vc : 1

intf: Vlanif40 (up), in-label: 201 , out-label: 101 , nexthop : 10.2.2.2
VC last up time : 2009/10/09 17:35:14
Run the display l2vpn ccc-interface vc-type ccc command on PE, and you can see that the VC
type is CCC and the status is Up. Take PE1 for example.
<PE1> display l2vpn ccc-interface vc-type ccc

up (1), down (0)

Run the display mpls lsp command on the P, and you can view the label and interface
information of the two static LSPs.
<P> display mpls lsp
-------------------------------------------------------------------------------
LSP Information: STATIC LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
-/- 200/201 Vlanif20/Vlanif30
-/- 101/100 Vlanif30/Vlanif20

Take CE1 for example.
<CE1> ping 100.1.1.2

0.00% packet loss
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 100.1.1.1 255.255.255.0
#
#
return
l Configuration file of PE1

#
sysname PE1
#
vlan batch 10 20
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
interface Vlanif10
#
interface Vlanif20
ip address 10.1.1.1 255.255.255.0
mpls
#

#
#
#
ccc CE1-CE2 interface Vlanif 10 in-label 100 out-label 200 nexthop 10.1.1.2
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
return
l Configuration file of P
#
sysname P
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
#
interface Vlanif30
ip address 10.2.2.2 255.255.255.0
mpls
#
#
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
static-lsp transit PE1-PE2 incoming-interface Vlanif 20 in-label 200 nexthop
10.2.2.1 out-label 201
static-lsp transit PE2-PE1 incoming-interface Vlanif 30 in-label 101 nexthop
10.1.1.1 out-label 100
#
return
#
sysname PE2
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
interface Vlanif30
ip address 10.2.2.1 255.255.255.0
mpls
#
interface Vlanif40
#
#


#
#
ccc CE2-CE1 interface Vlanif 40 in-label 201 out-label 101 nexthop 10.2.2.2
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
return

#
sysname CE2
#
vlan batch 40
#
interface Vlanif 40
ip address 100.1.1.2 255.255.255.0
#
#
return
1.8.3 Example for Configuring an SVC VLL

The CE is connected to the PE through a GE interface.
An SVC VLL is set up between CE1 and CE2. The SVC connection is created on PEs and the
VC label is specified.
Figure 1-6 Networking diagram for configuring SVC VLL

Loopback 1 Loopback 1 Loopback 1
1.1.1.9/32 2.2.2.9/32 3.3.3.9/32
PE 1 PE 2
GE 0/0/2 GE 0/0/2 GE 0/0/1 GE 0/0/1
GE 0/0/1 GE 0/0/2
P
SVC
connection
GE 0/0/1 GE 0/0/1
CE 1 CE 2
Loopback1 - 1.1.1.9/32

Loopback1 - 3.3.3.9/32
Loopback1 - 2.2.2.9/32
1. Enable MPLS and MPLS L2VPN.

2. Create a static L2VC connection between PEs and manually configure the VC label.
Data Preparation
l Labels of the static L2VC connection
The out-label of PE1 is the same as the in-label of PE2; whereas the in-label of PE1 is the same
as the out-label of PE2.
Procedure
Step 1 Configure interface addresses for CE, PE and P according to Figure 1-6, including VLAN
interfaces and VLANIF interfaces.
The configuration procedure is not mentioned.
Step 2 Configure IGP on the MPLS backbone network. (In this example, OSPF is used.)
When configuring OSPF, advertise the 32-bit addresses of loopback interfaces on PEs and P.
The loopback interface addresses are the LSR IDs.
Step 3 Configure basic MPLS functions and LDP on the MPLS backbone network. That is, set up LDP
LSPs.
# Configure PE1.
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1-Vlanif20] mpls
[PE1-Vlanif20] mpls ldp
[PE1-Vlanif20] quit
# Configure the P.


[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P-Vlanif20] mpls
[P-Vlanif20] mpls ldp
[P-Vlanif20] quit
[P-Vlanif30] mpls
[P-Vlanif30] quit
# Configure PE2.
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2-Vlanif30] mpls
[PE2-Vlanif30] quit
After the configuration, LDP sessions are set up between PE1, P, and PE2. Run the display mpls
ldp session command, and you can see that the status of the LDP session is Operational.
Take the display on PE1 for example:
<PE1> display mpls ldp session
LDP Session(s) in Public Network

Codes: LAM(Label Advertisement Mode), SsnAge Unit(DDDD:HH:MM)
A '*' before a session means the session is being deleted.
------------------------------------------------------------------------------
PeerID Status LAM SsnRole SsnAge KASent/Rcv
------------------------------------------------------------------------------
2.2.2.9:0 Operational DU Passive 0000:00:05 22/22
------------------------------------------------------------------------------
TOTAL: 1 session(s) Found.
Step 4 Enable MPLS L2VPN and create static VCs on PEs.

# Configure PE1: Create a static VC on VLANIF 10, which is connected to CE1.
[PE1] mpls l2vpn
[PE1-l2vpn] quit
[PE1-Vlanif10] mpls static-l2vc destination 3.3.3.9 transmit-vpn-label 100 receive-
vpn-label 200
[PE1-Vlanif10] quit
# Configure PE2: Create a static VC on VLANIF 40, which is connected to CE2.

[PE2] mpls l2vpn
[PE2-l2vpn] quit
[PE2-Vlanif40] mpls static-l2vc destination 1.1.1.9 transmit-vpn-label 200 receive-
vpn-label 100
[PE2-Vlanif40] quit

View the L2VPN connection information of the SVC on the PE, and you can see that a static
L2VC connection is established.
Take PE1 for example.

<PE1> display mpls static-l2vc interface vlanif 10

AC Status : up
VC State : up
VC ID : 0
VC Type : VLAN
VCCV Capabilty : alert lsp-ping bfd
Tunnel Policy : --
PW Template Name : --
NO.0 TNL Type : lsp , TNL ID : 0x4800200f
VC last up time : 2010/12/03 20:14:14
CKey : 7
NKey : 6
Run the display l2vpn ccc-interface vc-type static-vc up command, and you can see that the
VC type is static VC and the status is Up. Take the display on PE1 for example.
<PE1> display l2vpn ccc-interface vc-type static-vc up
Total ccc-interface of SVC VC: 1

up (1), down (0)
Vlanif10 vlan up static-vc

<CE1> ping 100.1.1.2
0.00% packet loss
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 100.1.1.1 255.255.255.0
#
#
return


#
sysname PE1
#
vlan batch 10 20
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
mpls ldp
#
interface Vlanif 10
mpls static-l2vc destination 3.3.3.9 transmit-vpn-label 100 receive-vpn-label
200
#
interface Vlanif 20
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
#
sysname P
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 10.2.2.2 255.255.255.0
mpls
mpls ldp
#
#
#

interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
#
return

#
sysname PE2
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls ldp
#
interface Vlanif 30
ip address 10.2.2.1 255.255.255.0
mpls
mpls ldp
#
interface Vlanif 40
mpls static-l2vc destination 1.1.1.9 transmit-vpn-label 200 receive-vpn-label
100
#
#
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.2.2.0 0.0.0.255
#
return

#
sysname CE2
#
vlan batch 40
#
interface Vlanif40
ip address 100.1.1.2 255.255.255.0
#
#
return

1.8.4 Example for Configuring a Martini VLL

As shown in Figure 1-7, CE1 and CE2 are connected to PE1 and PE2 respectively through
VLANs.
A Martini VLL is set up between CE1 and CE2.
Figure 1-7 Networking diagram for configuring the Martini VLL

1.1.1.9/32 2.2.2.9/32 3.3.3.9/32
GE 0/0/2 GE 0/0/1
PE 1 PE 2
GE 0/0/2 GE0/0/1
GE0/0/1 GE 0/0/2
P
GE0/0/1
Martini GE 0/0/1
CE 1 CE 2
Loopback1 - 1.1.1.9/32
Loopback1 - 3.3.3.9/32
Loopback1 - 2.2.2.9/32
1. Configure the routing protocol on backbone devices (PE and P) and enable MPLS.
2. Use the default tunnel policy to create an LSP and configure the LSP as the tunnel for data
transmission.

3. Enable MPLS L2VPN and create VC connections on the PEs.
Data Preparation
l IP address of the remote peer of each PE
l VC ID
Procedure
Step 1 Configure interface addresses for CE, PE and P according to Figure 1-7, including VLAN and
VLANIF interfaces.
Step 2 Configure IGP on the MPLS backbone network. (In this example, OSPF is used.)
When configuring OSPF, advertise the 32-bit addresses of loopback interfaces on PEs and P.
The loopback interface addresses are the LSR IDs.
After the configuration, OSPF adjacencies are established between PE1, P, and PE2. By running
the display ospf peer command, you can see that the status of the OSPF adjacency is Full. Run
the display ip routing-table command, and you can see that the PEs can learn the routes of each
other's Loopback1 interface.
Step 3 Configure the basic MPLS capability and MPLS LDP on the MPLS network.
# Configure PE1.
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1-Vlanif20] mpls
[PE1-Vlanif20] quit
# Configure the P.
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P-Vlanif20] mpls
[P-Vlanif20] quit
[P-Vlanif30] mpls
[P-Vlanif30] quit
# Configure PE2.
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp

[PE2-mpls-ldp] quit
[PE2-Vlanif30] mpls
[PE2-Vlanif30] quit
Step 4 Set up a remote LDP session between PEs.

# Configure PE1.
[PE1] mpls ldp remote-peer 3.3.3.9
[PE1-mpls-ldp-remote-3.3.3.9] remote-ip 3.3.3.9
[PE1-mpls-ldp-remote-3.3.3.9] quit
# Configure PE2.
After the configuration, run the display mpls ldp session command on PE1 to view the
establishment of the LDP session. You can find that an LDP session is set up between PE1 and
PE2.
Take the display on PE1 for example.

------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------
Step 5 Enable MPLS L2VPN on the PE and establish VCs.

# Configure PE1: Create a VC on VLANIF 10, which is connected to CE1.
[PE1] mpls l2vpn
[PE1-l2vpn] mpls l2vpn default martini
[PE1-l2vpn] quit
[PE1-Vlanif10] mpls l2vc 3.3.3.9 101
[PE1-Vlanif10] quit
# Configure PE2: Create a VC on VLANIF 40, which is connected to CE2.

[PE2] mpls l2vpn
[PE2-l2vpn] mpls l2vpn default martini
[PE2-l2vpn] quit
[PE2-vlanif40] quit

View the L2VPN connection information on the PEs, and you can see that an L2VC is set up
and is in Up state.
<PE1> display mpls l2vc interface vlanif 10

session state : up
AC state : up
VC state : up
VC ID : 101
VC type : VLAN
BFD for PW : unavailable
link state : up
VC last up time : 2010/10/09 19:26:37
CKey : 8
NKey : 3

Take the display on CE1 for example.
<CE1> ping 100.1.1.2
0.00% packet loss
----End
Configuration Files
#
sysname CE1
#

vlan batch 10
#
interface Vlanif10
ip address 100.1.1.1 255.255.255.0
#
#
return
#
sysname PE1
#
vlan batch 10 20
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
mpls ldp
#
mpls ldp remote-peer 3.3.3.9
remote-ip 3.3.3.9
#
interface Vlanif10
mpls l2vc 3.3.3.9 101
#
interface Vlanif20
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack1
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
#
sysname P
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif 20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#

interface Vlanif 30
ip address 10.2.2.2 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack1
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
#
return
#
sysname PE2
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls ldp
#
remote-ip 1.1.1.9
#
interface Vlanif 30
ip address 10.2.2.1 255.255.255.0
mpls
mpls ldp
#
interface Vlanif 40
mpls l2vc 1.1.1.9 101
#
#
#
interface LoopBack1
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 10.2.2.0 0.0.0.255
#
return
#
sysname CE2

#
vlan batch 40
#
interface Vlanif 40
ip address 100.1.1.2 255.255.255.0
#
#
return

Configuration Guide - VPN 2 PWE3 Configuration
2 PWE3 Configuration
About This Chapter
This chapter describes how to configure PWE3 to transparently transmit data on the MPLS
network.
2.1 Introduction to PWE3

PWE3 refers to a Layer 2 service-bearing technology on a PSN that emulates basic characteristics
of ATM services, FR services, Ethernet services, low-speed TDM services, and SONET/SDH
services.
2.2 PWE3 Features Supported by the S5700
PWE3 can be classified into the static PW and dynamic PW based on implementation schemes,
and can be classified into the single-hop PW and multi-hop PW based on networking types.
2.3 Configuring the Attributes of a PW Template
This section describes how to import a PW template to simplify the configurations of PWs with
similar attributes.
2.4 Configuring a Static PW
This section describes how to configure a static PW. A static PW transmits L2VPN packets
between PEs without using a signaling protocol.
2.5 Configuring a Dynamic PW
This section describes how to configure a dynamic PW. To configure a dynamic PW, extended
LDP needs to be used to transmit Layer 2 information and VC labels.
2.6 Configuring PW Switching
This section describes how to configure a multi-hop switching PW. When the multi-hop
switching PW forwards traffic, PW label switching occurs.
2.7 Configuring a Backup PW
To configure PW FRR in the scenario where CEs are asymmetrically connected PEs, you need
to configure a backup PW. After the master PW fails, traffic can be switched to the backup PW.
2.8 Configuring Static BFD for PW
This section describes how to configure static BFD for PW. After static BFD for PW is
configured, the fault on a PW can be rapidly detected and upper-layer applications can be
immediately switched.

2.9 Configuring Dynamic BFD for PW

This section describes how to configure dynamic BFD for PW. After dynamic BFD for PW is
2.10 Configuring PWE3 FRR
This section describes how to configure PW FRR. After PW FRR is configured, the L2VPN
traffic can be timely switched to backup path as soon as the master path fails. After the master
path recovers, the L2VPN traffic can be switched back to it according to the revertive switching
policy.
2.11 Maintaining PWE3
This section describes how to maintain PWE3. Detailed operations include PW connectivity
detection, and PW fault location.
You can learn the configuration procedures based on the configuration flowchart. Each
configuration example consists of such information as the networking requirements,

2.1 Introduction to PWE3

PWE3 refers to a Layer 2 service-bearing technology on a PSN that emulates basic characteristics
of ATM services, FR services, Ethernet services, low-speed TDM services, and SONET/SDH
services.
Pseudo-Wire Emulation Edge to Edge (PWE3) is a type of end-to-end Layer 2 transmitting
technology. It emulates the essential attributes of a telecommunications service such as ATM,
FR or Ethernet in a Packet Switched Network (PSN). PWE3 also emulates the essential attributes
of low-speed Time Division Multiplexing (TDM) circuits and SONET/SDH.
With the Label Distribution Protocol (LDP) as the signaling protocol, PWE3 emulates various
Layer 2 services (such as Layer 2 data packets) of the Customer Edge(CE) through tunnels such
as the Multiprotocol Label Switch Protocol. PWE3 can also transparently transmit the Layer 2
data of the CEs. This proximate emulation may lead to distortion of TDM data.
Figure 2-1 shows the PWE3 framework.
Figure 2-1 PWE3 framework
AC PW AC
PSN Tunnel
CE1 PE1 PSN PE2 CE2
The relevant terms defined in the RFC are explained as follows:

l Provider Edge (PE) device.
l Customer Edge (CE) device.
l Provider (P): It is a device on the backbone network of a service provider.
l Attachment Circuit (AC): It is an unshared link or circuit that connects a CE and a PE. An
AC can be either physical or virtual. The attributes of an AC include the encapsulation type,
MTU, and link interface parameters.
l PSN tunnel: One or more PWs can be carried over a PSN tunnel.
l Pesudo-Wire (PW): It is a virtual connection. A PW is set up by using the signaling protocol.
A PW uses VC-type and VC-ID to identify a Virtual Circuit (VC), which is similar to that of
VLL in Martini mode.
l VC type refers to the encapsulation type of the VC, such as VLAN or Ethernet.
l VC ID refers to the identifier of the VC. The VC ID of each VC with the same type on the
entire PE must be unique.

2.2 PWE3 Features Supported by the S5700

PWE3 can be classified into the static PW and dynamic PW based on implementation schemes,
and can be classified into the single-hop PW and multi-hop PW based on networking types.
You need to know the following terms defined in the RFC before you read this section:
l Ultimate PE (U-PE): is a PE to which an AC is bound. A U-PE is the first or last PE of an

MH-PW.
l Switching Point PE (S-PE): is a PE that switches PW labels in an MH-PW. An S-PE
establishes and manages PW segments with other S-PEs or U-PEs. A PW segment is a
static or dynamically configured PW established between a pair of PEs. This pair of PEs
can be two U-PEs, two S-PEs, or one U-PE and one S-PE.
PW is classified based on:
l Implementation mechanism: Static PW and Dynamic PW

l Networking model: SH-PW and MH-PW
Static PW and Dynamic PW

l Static PW
A Static PW negotiates parameters without any signaling protocol. You must specify the
relevant information manually.
l Dynamic PW
– A Dynamic PW is a PW that is established by using a signaling protocol.
– A U-PE switches VC labels and binds the corresponding CE through a VC ID. A VC
can be established only when the tunnel between two PEs is successfully set up and
label interchanging and binding are completed.
– The LDP-PW uses LDP as the signaling protocol to send PW messages. The LDP-PW
requires switching PWs to complete the MH-PW.
– LDP-PW messages include:
– Request: is used to request label distribution.
– Mapping: is used to distribute labels to the remote PE (U-PE or S-PE). The state bit
is sent to the remote PE by using a Mapping message. Whether to carry the state bit
or not depends on the configuration. By default, the Martini mode does not carry
state bit.
– Notification: is used to announce and negotiate the PW state to reduce messages.
– Withdraw: is used to ask the peer to remove labels. (It carries labels and state
information.)
– Release: is used as a response to a Withdraw message. It is used to ask the peer that
sends a Withdraw message to remove labels.
Figure 2-2 shows the packet exchanges during the establishment, maintenance, and
dismantlement of an LDP PW.

Figure 2-2 Exchange of LDP-PW packets

Loopback1 Loopback1
1.1.1.1/32 2.2.2.2/32
PE1 PE2
mpls l2vc 2.2.2.2 101 Reque

s t
Mappin mpls l2vc 1.1.1.1 101

g
parameter match , VC up
ing
M app
parameter match , VC up
Notification
AC/Tunnel state changed AC/Tunnel state changed
The dynamic allocation of LDP-PW labels is performed in the receiving and sending directions.
On the basis of Martini, the dynamic PW adds the optional status parameter in the Mapping
packet and supports the Notification packet.
When the network is in the unstable state, the Notification packet can decrease the number of
packet exchanges.
For example, if an AC on a PE flaps, the Notification packet is sent to notify the AC status. After
receiving the packet, the peer does not dismantle the VC.
However, in the Martini mode, the Withdraw packet is sent repeatedly. Thus, the PW is set up
and dismantled repeatedly.
NOTE
PWE3 supports Notification mode to negotiate PW state information. The Withdraw packet is compatible
with withdraw labels in PWE3. The negotiation of two ends of the PW determines the mode to be used.
The process of tearing down a dynamic PW is described as follows:

Figure 2-3 shows the packet exchange during the process of tearing down a dynamic PW.

Figure 2-3 Process of tearing down an SH-PW
Loopback1 Loopback1
1.1.1.1/32 2.2.2.2/32
PE1 PE2
mpls l2vc 2.2.2.2 101 mpls l2vc 1.1.1.1 101

VC Deletion
Withdraw
Release
Withdraw
VC Deletion
When PE1 does not forward packets sent from PE2 for a specific cause, that is, PE2 is no longer
a peer of PE2, PE1 sends a Withdraw message to PE2. After receiving the Withdraw message,
PE2 tears down the PW and responds with a Release message. After receiving the Release
message, PE1 releases the label and tears down the PW.
SH-PW and MH-PW

l SH-PW
An SH-PW is set up between two U-PEs. That is, switching labels at PW label layer is not
required, as shown in Figure 2-4.
Figure 2-4 Networking diagram of an SH-PWE3
U-PE1 P U-PE2
PW100
CE1 CE2
l MH-PW

An MH-PW is a set of two or more contiguous PW segments between two U-PEs. Switching
labels at PW label layer is required. Figure 2-5 shows an MH-PW that functions as a single
point-to-point PW.
Figure 2-5 Networking diagram of an MH-PWE3

U-PE1 S-PE P U-PE2
PW100 PW200
CE1 CE2
l The forwarding mechanism of a U-PE on an MH-PW is the same as that on an SH-PW.

The only difference is that the MH-PW requires switching the control and data planes of
the preceding and succeeding PW segments on the S-PE.
l To carry out an MH-PW, the S-PE connects two PWs on both of PW endpoints and
exchanges labels. There are three combinations of two PWs:
– Dynamic and dynamic switching: Both PWs are dynamic PWs. The PWs on both sides
of the S-PE are set up by using signaling. The remote labels are sent from two
neighboring endpoints (U-PE or S-PE) to the S-PE by using signaling.
– Static and static switching: Both PWs are static PWs.
– Dynamic and static switching: One of the PWs is set up with signaling, while the other
is not.
l The preceding types of PW switching support the Control Word (CW) and Virtual Circuit
Connectivity Verification (VCCV). The CW and VCCV are sent from two U-PEs to the
S-PE through labels.
BFD for PW
The Bidirectional Forwarding Detection (BFD) can fast detect a PW between the local PE and
remote PE to enable PW Fast Reroute (FRR). This lessens the impact of any link faults on
services.
l Static BFD for PW
After being encapsulated by PWs, BFD control packets are transmitted on PWs. PWs
distinguish control packets and data packets by using CWs. BFD packets are encapsulated
by using the CWs of PWs. On an MH PW, the intermediate SPE only forwards BFD packets,
but does not send the BFD packets to its CPU for processing.
l Dynamic BFD for PW
1. The Up and Down states of a PW can trigger the dynamic creation and deletion of a
BFD session. When the status of a PW that needs to be detected is Up, the local device
notifies information about its neighbor and detection parameters to the BFD module.
The BFD module then sets up a session to detect the link between the local device and
its neighbor.
2. BFD session negotiation can be implemented by adding the BFD Discriminator TLV
field to VCCV ping packets.

3. After a session is set up, BFD quickly sends detection packets. VCCV ping is used to
periodically check the information consistency of the control plane and data plane.
4. When a dynamic BFD session detects a status change of the PW, BFD instructs the
L2VPN to trigger route convergence. If a neighbor is unreachable, BFD instructs the
L2VPN to delete the related session.
NOTE
For details of BFD for LDP LSP, refer to the chapter "MPLS Configuration" in the Configuration Guide
- MPLS.
The format of the BFD Discriminator TLV in a VCCP ping packet is the same as the format of
the BFD Discriminator TLV in an LSP ping packet, as shown in Figure 2-6.
Figure 2-6 Structure of an LSP ping packet
Version Number Must Be Zero

Message Type Reply Mode Return Code Returen Subcode
Sender's Handle
Sequence Number
Timestamp Sent (Seconds)
Timestamp Sent (Microseconds)
Timestamp Receive (Seconds)
Timestamp Receive (Microseconds)
TLVs
PWE3 FRR
With the board applications of PWE3, the requirement for network reliability becomes
increasingly higher, especially for L2VPNs that bear real-time services such as VoIP and IPTV
services.
PWE3 FRR is a solution that can increase the reliability of L2VPNs.
PWE3 FRR is used in the following networking:
Asymmetrically connected CEs
One CE is connected to a PE through an AC and the other CE is dual-homed to PEs through two
ACs, as shown in Figure 2-7.

P1 PE2
PE1
VPN AC2
backbone CE2
CE1
AC1
AC3
P2
PE3 Site2
Site1
PWE3 Tracert
With the broad applications of PWE3, PWE3 is required to support related operations and
maintenance. PWE3 tracert is a type of a network maintenance tool developed to meet this
requirement.
PWs are classified into SH PWs and MH PWs based on different networking types. Similarly,
PWE3 tracert is classified into PWE3 SH tracecert and PWE3 MH tracert.
l Basic principle
– PWE3 SH Tracert
– As shown in Figure 2-8, CE1 and CE4 belong to VPN 1; CE2 and CE3 belong to
VPN 2; the LSP from PE1 to PE4 is PE1-P-PE4; the LSP from PE2 to PE3 is PE2-
P-PE3.
Figure 2-8 Networking diagram of PWE3 SH tracert
CE1 CE2
VPN2
VPN1
PE1 PE2
CE3 PE3 PE4 CE4
LSP1
VPN2 VPN1
LSP2

– On PE1, you can start PWE3 tracert of VPN 1 by using related commands. This
PWE3 tracert is the same as the LSP tracert in the public network, except that a PW
label is added to packets, and the remote PE checks whether the receiving PW label
and the VC ID are the same as those on the local end.
– The source PE of the PWE3 tracert continues to send MPLS echo request packets
with the Time-to-Live (TTL) of the outer label from one to a certain value and the
TTL of the inner label as one. Each Label Switching Router (LSR) does not forward
the received packet with the TTL of the outer label as one. Based on the contents of
the packet, each LSR checks the correctness of specific services and labels, and then
sends an MPLS echo reply packet to the source PE. In this way, the source PE can
collect information about each LSR that a PW passes through and information about
the egress PE. At present, the MPLS echo reply packet is an IP packet that does not
carry any label.
– The LSP between PE1 and PE4 is used as an example to explain the mechanism
used by PWE3 tracert to collect information about nodes.
– By starting PWE3 tracert, PE1 can collect information about nodes that the LSP
from PE1 to PE4 passes through. By comparing paths obtained by the PWE3 tracert
and PW paths generated by the protocol, you can judge whether or not there is an
error.
– If the PWE3 tracert obtains only information about PE4 (TTL=2) instead of
information about P (TTL=1), it indicates that P does not support MPLS ping.
– If the PWE3 tracert obtains only information about P (TTL=1) instead of information
about PE4 (TTL=2), it indicates that PE4 or the link between P and PE4 is faulty.
– If the PWE3 tracert obtains information about PE1, PE2, and PE4, it indicates that
P may be faulty. A new path is generated by the protocol.
– PWE3 MH tracert
– As shown in Figure 2-9, an MH PW is set up between CE1 and CE2, and the IDs
of PW segments are different. The LSP is UPE1-P1-SPE1-SPE2-P2-UPE2.
Figure 2-9
– Networking diagram of PWE3 MH tracert
CE2
UPE2
P1
UPE1 SPE2 P2
SPE1
CE1

– The PWE3 tracert started on UPE1 can obtain a correct response only from P1 and
SPE1. SPE2 and UPE2 find that the "Remote PE Address" and "VC ID" are not
consistent. This indicates that the PWE3 tracert passes through an MH PW. In
addition, the PW label switching from the downstream mapping information sent
by each device can be seen.
– On SPE1, start PWE3 tracert to UPE1 or to SPE2 and UPE2. The PWE3 tracert to
UPE1 is the same as the PWE3 SH tracert. The PWE3 tracert to SPE2 and UPE2 is
PWE3 MH tracert.
– PWE3 tracert started on other PEs is the same as the preceding ones, and is not
described here.
l The relations between MPLS ping and PWE3 ping and between MPLS tracert and PWE3
tracert are as follows:
l MPLS ping
MPLS ping is similar to IP ping. The source node sends an MPLS echo request packet. The
packet is forwarded by nodes along the LSP. When the packet reaches the egress in the
MPLS area, the egress replies with an MPLS echo reply packet. If the source node receives
the MPLS echo reply packet from the destination node, it considers that the LSP can be
used to forward data; otherwise, the source node considers that the LSP cannot be used to
forward data.
l MPLS tracert
The source node of MPLS tracert continuously sends MPLS echo request packets with TTL
values from one to a certain value. After the TTL of each node on the LSP expires, each
node replies an MPLS echo reply packet. The ingress thus can collect information about
each node on the LSP, and then locate the faulty node. At the same time, MPLS tracert can
be used to collect important information about each node on the entire LSP, such as assigned
labels.
l PWE3 ping
The principle of PWE3 ping is similar to that of MPLS ping and IP ping. The difference
lies in that PWE3 ping uses a PW to forward MPLS echo request packets to judge whether
the PW can be used to forward packets. When MPLS ping succeeds, PWE3 ping may fail.
l PWE3 Tracert
The principle of PWE3 tracert is similar to that of MPLS tracert and IP tracert. The
difference lies in that PWE3 tracert uses a PW to forward MPLS echo request packets to
collect information about nodes on the PW. When MPLS tracert succeeds, PWE3 tracert
may fail.
CW
The PWE3 supports CW.
The CW is a four-octet header in some encapsulations, and is used for sending packet information
in MPLS PSN.
On the PWE3 control plane, there is a bit symbolizing whether the CW presents on the PW or
not.
On the PWE3 data plane, if the CW is supported, a four-octet control word is added in the header
of the packet to indicate the sequence of the packet.

Negotiation will be carried out successfully only when both endpoints of the PW support CW,
or do not support CW at the control layer. The CW is optional. For static PW, CW requirements
are configured manually.
VCCV-PING
The S5700 supports VC Connectivity Verification (VCCV) negotiation and VCCV-PING on
U-PEs of a static PW, dynamic PW, SH-PW, and MH-PW.
The VCCV-PING has two modes: CW mode and Label Alert mode.
l The CW mode supports VCCV between two U-PEs.
l The Label Alert mode supports VCCV-PING between U-PEs and VCCV-PING between
a U-PE and an S-PE.
PW Template
A PW template is a set of common attributes abstracted from PWs. A PW template can be shared
by different PWs. To facilitate the expansion, you can configure the common attributes of certain
PWs into a PW template. When creating a PW in interface mode, you can use this PW template.
The PW can be bound with PW template and can be reset.
Other Features
The other features supported by the S5700 are as follows:
l Supporting the PW protection (the signaling is LDP)
You can configure two PWs with different PW IDs on the same interface. One serves as
the master PW, and the other serves as the backup PW. When the master PW fails, the
service is switched to the backup PW automatically. This configuration fits better for an
MH PW.
l Supporting the PW to be configured on a VLANIF interface, XGE interface, GE interface,
and Eth-Trunk interface
l Supporting the PWE3 configuration on Layer 2 devices
2.3 Configuring the Attributes of a PW Template

This section describes how to import a PW template to simplify the configurations of PWs with
similar attributes.

Before configuring the attributes of a PW template, familiarize yourself with the applicable
environment, complete the pre-configuration tasks, and obtain the required data. This can help
you complete the configuration task correctly and quickly.
Applicable Environments
Using the pw-template command, you can set the attributes for a PW, such as the peer and
CW. Importing a PW template simplifies the process of configuring the PWs with similar
attributes. The PW template is configured on a U-PE.

To verify the PW connectivity, you must configure the PW with a PW template.
NOTE
Some PW attributes such as MTU, PW type, and encapsulation type are obtained from the interface directly
connected to a CE. Therefore, those parameters do not need to be configured manually.
Before configuring the attributes of a PW template, you need to complete the following tasks:
l Configuring basic MPLS functions
l Enabling MPLS L2VPN
Data Preparation
To configure the attributes of a PW template, you need the following data.
No. Data
1 (Optional) Peer IP address
3 (Optional) Name and attributes of the PW template
2.3.2 Creating a PW Template

When configuring PWE3, you can directly specify the IP address of the peer or import a PW
template to set PW attributes.
Context
Do as follows on the PEs on the two ends of the PW.
Procedure
Step 1 Run:
system-view

Step 2 Run:
mpls l2vpn
MPLS L2VPN is enabled.

Step 3 Run:
quit

Step 4 Run:
pw-template pw-template-name
A PW template is created.
----End

2.3.3 Setting the Attributes for a PW Template

A PW template has the attributes such as the IP address of the peer, control word, tunnel policy
name, and MTU.
Context
Do as follows on the PEs on the two ends of a PW:
Procedure
Step 1 Run:
system-view
Step 2 Run:
The template view is displayed.
Step 3 Run:
peer-address ip-address
The address of the remote device on the PW is specified.
Step 4 Run:
control-word
The control word is enabled.
By default, the control word is disabled, and VCCV is enabled. VCCV can be performed in two
modes: the control word mode and Label Alert mode.
l If the control word is disabled, the S5700 supports VCCV in Label Alert mode.
l If the control word is enabled, the S5700 supports VCCV in both control word mode and
Label Alert mode.
To enable VCCV in control word mode, the control word needs to be enabled only on U-PEs
on a dynamic SH PW, a dynamic MH PW, or a static SH PW; the control word needs to be
enabled on U-PEs and S-PEs on a static MP PW or a mixed dynamic MP PW.
Step 5 Run:
mtu mtu-value
The MTU in the PW template is configured.
----End
Follow-up Procedure
Steps 3 to 5 are optional and actions are not taken in turn. Select the required steps in the actual
configuration.
If you specify a PW attribute by using a command line, the same PW attribute specified in the
PW template does not function on the PW to which this PW template is applied.

NOTE
Modifying the attributes of a PW template causes the disconnection and re-establishment of a PW. If
multiple PWs use this template at the same time, the system operation is affected. To avoid this, run the
reset pw pw-template command to validate the new configuration after modifying the attributes of a PW
template.

After a PW attribute/template is configured, you can view information such as the name of the
PW template and the configuration of the PW attribute.
Context
The configurations of the attributes of a PW template are complete.
Procedure
l Run the display pw-template [ pw-template-name ]. command to check information about
the PW template.
----End
Example
Run the display pw-template command. You can view the configured PW template name and
parameters. For example:
<Quidway> display pw-template
Total PW template number : 1
PW Template Name : 1to3

PeerIP : 3.3.3.3
Tnl Policy Name : --
CtrlWord : Enable
MTU : 1500
Max Atm Cells : 1
ATM Pack Overtime: 1000
Seq-Number : Disable
TDM Encapsulation Number: 32
Jitter-Buffer : 20
Idle-Code : ff
Rtp-Header : Disable
VCCV Capability : cw alert lsp-ping bfd
Behavior Name : --
Total PW : 1, Static PW : 0, LDP PW : 1
2.4 Configuring a Static PW

This section describes how to configure a static PW. A static PW transmits L2VPN packets
between PEs without using a signaling protocol.

Before configuring a static PW, familiarize yourself with the applicable environment, complete
the pre-configuration tasks, and obtain the required data. This can help you complete the
configuration task correctly and quickly.

A static PW does not use signaling protocols to send L2VPN packets. Packets are transmitted
between PEs over a tunnel.
The tunnel type of a static PW can be a static LSP, or an LDP LSP. By default, an LDP LSP is
used.
Before configuring a static PW, complete the following tasks:
l Configuring an IGP on the MPLS backbone to implement IP interworking

l Enabling MPLS on PEs
l Establishing the LDP LSP tunnel between PEs
Data Preparation
To configure a static PW, you need the following data.
No. Data
1 Interface type and number of the interface connected to a CE
2 Destination LSR ID of a static PW
3 Label value received and sent in an L2VPN

Before configuring a static PW, you must enable MPLS L2VPN.
Context
Procedure
Step 1 Run:
system-view
Step 2 Run:
mpls l2vpn
Before configuring an MPLS L2VC connection, enable MPLS L2VPN.
----End

2.4.3 Creating a Static PW

Before configuring a static PW, you must specify the VC label.
Context
Procedure
Step 1 Run:
system-view

Step 2 Run:
The view of the interface attached to an AC is displayed.

undo portswitch
The Layer 2 interface is switched to a Layer 3 interface.

When using XGE, GE, and Eth-Trunk interfaces as AC interfaces, you need to run the undo
portswitch command to switch Layer 2 interfaces to Layer 3 interfaces.
Step 4 Run:
mpls static-l2vc { destination ip-address | pw-template pw-template-name vc-id } *
transmit-vpn-label transmit-label-value receive-vpn-label receive-label-value

[ [ control-word | no-control-word ] | [ raw | tagged ] ] *
A static PW is configured.
----End

After a static PW is configured, you can view information about the static PW.
Prerequisite
The configurations of the static PW function are complete.
Procedure
l Run the display mpls static-l2vc [ vc-id | interface interface-type interface-number |
state { down | up } ] command to check information about a specified static PW on a PE.
----End
Example
Run the display mpls static-l2vc [ vc-id | interface interface-type interface-number | state
{ down | up } ] command. You can see that VC State of the PW is up. For example:

<Quidway> display mpls static-l2vc interface vlanif 10

*Client Interface : vlanif 10 is up
AC Status : up
VC State : up
VC ID : 100
VC Type : VLAN
VCCV Capability : alert lsp-ping bfd
Tunnel Policy : --
PW Template Name : pwt
NO.0 TNL Type : lsp , TNL ID : 0x48002000
VC last up time : 2010/11/24 12:31:31
CKey : 2
NKey : 1
2.5 Configuring a Dynamic PW

This section describes how to configure a dynamic PW. To configure a dynamic PW, extended
LDP needs to be used to transmit Layer 2 information and VC labels.

Before configuring a dynamic PW, familiarize yourself with the applicable environment,
the configuration task correctly and quickly.
A dynamic PW uses extended LDP to transmit Layer 2 information and VC labels, and needs
to be configured on PEs of both ends of a PW.
Before configuring a dynamic PW, complete the following tasks:
l Configuring an IGP on PEs and Ps on the MPLS backbone to implement IP interworking

l Configuring basic MPLS functions on the backbone
l Establishing the LDP LSP tunnel between PEs
l Setting up remote LDP sessions between PEs
Data Preparation
To configure a dynamic PW, you need the following data.

No. Data
1 Type and number of the interface connected to a CE
2 Destination address of an L2VC and VC ID

Before configuring a dynamic PW, you must enable MPLS L2VPN.
Context
Do as follows on PEs or U-PEs:
Procedure
Step 1 Run:
system-view

Step 2 Run:
mpls l2vpn

Before configuring an MPLS L2VC connection, enable MPLS L2VPN.
----End
2.5.3 Creating a Dynamic PW

A dynamic PW requires that IDs of the VCs with the same encapsulation type be unique. In
addition, the backup PW can be configured only after the master PW is configured.
Context
Do as follows on U-PEs:
Procedure
Step 1 Run:
system-view

Step 2 Run:
The interface view of the interface attached to an AC is displayed.

undo portswitch
A Layer 2 interface is switched to a Layer 3 interface.

When using XGE, GE, and Eth-Trunk interfaces as AC interfaces, run this command to switch
Layer 2 interfaces to Layer 3 interfaces.
Step 4 Run:
id | [ control-word | no-control-word ] | [ raw | tagged ] | mtu mtu-value |
secondary ] *
An MPLS L2VPN connection for a dynamic PW is configured.
NOTE
l secondary is used to configure a backup PW. The backup PW can be configured only after the master
PW is configured. For the detailed configuration, see Configuring a Backup PW
l The combination of a PW ID and a PW type must be unique on one end of a PW, but the PW IDs on
both ends of a switch PW can be identical.
For a dynamic PW, the VC ID of the same encapsulation type should be unique. Changing
encapsulation type may cause a VC ID conflict.
----End

After a dynamic PW is configured, you can view information about the PW.
Prerequisite
The configurations of the dynamic PWs function are complete.
Procedure
to check information about a specified PW on the local PE.
l Run the display mpls l2vc remote-info [ vc-id ] command to check information about the
PW on the remote PE.
----End
Example
Run the display mpls l2vc [ vc-id | interface interface-type interface-number ] command. You
can see that VC state is up. For example:
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN


link state : up
local VCCV : cw alert lsp-ping bfd
remote VCCV : cw alert lsp-ping bfd
local control word : enable remote control word : enable
PW template name : pwt
NO.0 TNL type : lsp , TNL ID : 0x4800200f
VC last up time : 2010/12/10 20:33:37
CKey : 9
NKey : 8
Run the display mpls l2vc remote-info command. You can see that Peer Addr is the peer
address of a specified VC. For example:
100 0 192.3.3.3 vlan 8195 0 1500 1 0
2.6 Configuring PW Switching

This section describes how to configure a multi-hop switching PW. When the multi-hop
switching PW forwards traffic, PW label switching occurs.

Before configuring a switching PW, familiarize yourself with the applicable environment,
To support Multi-Hop, the PW switching is needed. MH-PW requires switching labesl at PW
label layer while forwarding packets.
PW switching must be configured on the S-PE with high performance and capability of setting
up large numbers of MPLS LDP sessions.
When configuring MH-PW, you need PW switching on the S-PE.
In the following cases, PW switching is required:

l Two PEs are not located in the same AS and no signaling or tunnel can be set up between
the two PEs.
l The signaling of two PEs differs from each other.
l If access device supports MPLS, but cannot set up large numbers of LDP session, you can
use User Facing Provider Edge (UFPE) as U-PE. And you can use the S-PE as the switching
node of LDP session, which is similar to signaling reflector.
Before configuring PW switching, complete the following tasks:
l Enabling MPLS L2VPN on the PEs
l 2.4 Configuring a Static PW on U-PEs if the PW switching is between two static PWs
l 2.5 Configuring a Dynamic PW on U-PEs if the PW switching is between two dynamic
PWs
Data Preparation
To configure PW switching, you need the following data.
No. Data
1 IP address and VC-ID of static PWs or dynamic PWs to-be-switch
2 Encapsulation type of L2VC
3 Sending label and receiving label of L2VPN if the PW to be switched is a static PW
4 The MTU values of the interfaces on the two ends of the PW if the PW to be switched
is a static PW
2.6.2 Configuring PW Switching

A switching PW can be any of three types, namely, dynamic switching PW, static switching
PW, and mixed switching PW.
Context
The PW switching has three modes:
l Static PWs switching: Both PWs used to switch are static.
l Dynamic PWs switching: Both PWs used to switch are dynamic.
l Mixed PWs switching: One of the PWs is dynamic, and the other is static.
Procedure
l Static PW Switching
Do as follows on the S-PEs.
1. Run:
system-view


2. Run:
mpls switch-l2vc ip-address vc-id trans trans-label recv received-label
between ip-address vc-id trans trans-label recv received-label
encapsulation encapsulation-type [ control-word [ cc { alert | cw } * cv
lsp-ping ] | [ no-control-word ] [ cc alert cv lsp-ping ] ]
The static PWs switching is enabled.

A PW label must be manually configured on the S-PE for static PW switching.
The conditions of setting up a static MH-PW are as follows:
– On U-PE, once the AC state is up and PSN tunnel exists, the PW state is up.
– On the S-PE, once the PSN tunnels on both sides exist, the PW is in up state. This
is regardless of whether the PW encapsulation of S-PE is consistent with that of
U-PE or not.
For the sake of management convenience, it is recommended to configure the same
PW encapsulation type on the devices along the PW (U-PE and S-PE).
l Dynamic PW Switching
1. Run:
system-view

2. Run:
mpls switch-l2vc ip-address vc-id between ip-address vc-id encapsulation
encapsulation-type [ control-word-transparent ]
The dynamic PWs switching is configured.

When configuring dynamic PW switching, ensure that the PW encapsulation type is
consistent on the devices (U-PE and S-PE) along the PW; otherwise, the PW will not
enter the Up state.
l Mixed PW Switching
NOTE
While configuring mixed PWs switching, note that the parameters "ip-address" and "vc-id" before
"between" in the command are that of dynamic PW, while the ones after "between" are that of static
PW. Both these cannot be interchanged.

1. Run:
system-view

2. Run:
mpls switch-l2vc ip-address vc-id between ip-address vc-id trans trans-
label recv received-label encapsulation encapsulation-type [ mtu mtu-
value ] [ control-word [ cc { alert | cw } * cv lsp-ping ] | [ no-control-
word ] [ cc alert cv lsp-ping ] ]
The mixed PWs switching is enabled

When configuring the mixed PWs switching, ensure that the following MTUs are the
same:

– Local MTU of the dynamic PW

– Peer MTU of the dynamic PW
– Local MTU of the static PW
– Peer MTU of the static PW
NOTE
l When configuring mixed PW switching, the MTUs of the interfaces on the two ends must
be the same and cannot be longer than 1500 bytes.
----End

After a switching PW is configured, you can view information about the switching PW.
Prerequisite
The configurations of the PW Switching function are complete.
Procedure
l Run the display mpls switch-l2vc [ ip-address vc-id encapsulation encapsulation-type |
state { down | up } ] command to check information about the PW switching on S-PEs.
----End
Example
Run the display mpls switch-l2vc [ ip-address vc-id encapsulation | state { down | up } ]
command. You can view the VC status is Up. For example:
<Quidway> display mpls switch-l2vc
Total Switch VC : 1, 1 up, 0 down
*Switch-l2vc type : LDP<---->LDP
Peer IP Address : 5.5.5.9, 1.1.1.9
VC ID : 200, 100
VC Type : VLAN
VC State : up
VC StatusCode |PSN |OAM | FW | |PSN |OAM | FW |
-Local VC :| UP | UP | UP | | UP | UP | UP |
-Remote VC:| UP | UP | UP | | UP | UP | UP |
Session State : up, up
Local/Remote Label : 8195/8195, 8195/8195
Local/Remote MTU : 1500/1500, 1500/1500
Local/Remote Control Word : Enable/Enable, Enable/Enable
Local/Remote VCCV Capability : cw alert lsp-ping bfd/cw alert lsp-ping bfd, cw
alert lsp-ping bfd/cw alert lsp-ping bfd
Switch-l2vc tunnel info :
1 tunnels for peer 5.5.5.9
CKey : 8, 10
NKey : 3, 9
Tunnel policy : --, --
Control-Word transparent : YES
VC last up time : 2010/11/24 12:31:31

2.7 Configuring a Backup PW

To configure PW FRR in the scenario where CEs are asymmetrically connected PEs, you need
to configure a backup PW. After the master PW fails, traffic can be switched to the backup PW.

Before configuring a backup PW, familiarize yourself with the applicable environment,
In the PWE3 FRR network where CEs are asymmetrically connected to PEs, a backup PW needs
to be configured.
P1 PE2
PE1
VPN AC2
backbone CE2
CE1
AC1
AC3
P2 PE3 Site2
Site1
As shown in Figure 2-10, the master PW and backup PW need to be configured on PE1. Only
one PW is required on PE2 and PE3.
On an inter-AS L2VPN and an MH PWE3, the ASBR and SPE do not distinguish the master
and backup PWs.
Before configuring a backup PW, complete the following tasks:
l Configuring an IGP on PEs and Ps in the MPLS backbone to implement IP interworking

l Enabling MPLS on PEs and Ps
l Setting up tunnels (LSP) used by the master and backup PWs between PEs on the master
and backup paths
l Configuring the master PW on PEs on the master path

l Configuring a PW on the PE on the backup path, without distinguishing the master and
backup PWs
l Configuring the IP addresses of the interfaces connecting the CEs to the PEs
Data Preparation
To configure a backup PW, you need the following data.
No. Data
1 Destination address and the VC ID of the backup PW
2.7.2 Configuring a Backup PW

The encapsulation types of master and backup PWs must be the same, but the backup VC ID
and the master VC ID cannot be the same.
Context
Do as follows on the PE to which a CE is connected through only one link:
NOTE
The types of the master and backup PWs must be consistent. That is, the encapsulation types of the master
and backup PWs must be consistent.
Procedure
Step 1 Run:
system-view

Step 2 Run:

undo portswitch

Step 4 Run:
id | [ control-word | no-control-word ] | [ raw | tagged ] | mtu mtu-value ] *
secondary
A backup VC is configured.
The ID of the backup VC must be different from that of the master VC.
----End


After a backup PW is configured, you can view information about the backup PW.
Context
The configurations of the backup PW are complete.
Procedure
l Run the display mpls l2vc [ vc-id | interface interface-type interface-number | remote-
info [ vc-id ] | state { down | up } ] command to check the status of a PW.
----End
Example
After the configuration is successful, the following results are displayed when the display mpls
l2vc [ vc-id | interface interface-type interface-number | remote-info [ vc-id ] | state { down |
up } ] command is used on the PE to which a CE is connected through only one link:
l The statuses of the master and backup PWs are up.
l VC state of the master PW is active, and VC state of the backup PW is inactive.
For example:
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
remote statuscode : 0x0
BFD sessionIndex : 257 BFD state : up
link state : up
Local VCCV : cw alert lsp-ping bfd
Remote VCCV : cw alert lsp-ping bfd
PW template name : 1to3

VC last up time : 2010-07-24 12:31:31

CKey : 16
NKey : 15

session state : up
AC state : up
VC state : up
VC ID : 200
VC type : VLAN
local AC OAM state : up
local PSN state : up
forwarding entry : existent
link state : up
VC last up time : 2010-07-24 12:31:31
CKey : 17
NKey : 18

reason of last reroute : Remote PSN fault
time of last reroute : 0 days, 0 hours, 18 minutes, 2 seconds
delay timer ID : -- rest time :--
resume timer ID : -- rest time :--
2.8 Configuring Static BFD for PW

This section describes how to configure static BFD for PW. After static BFD for PW is


Before configuring static BFD for PW, familiarize yourself with the applicable environment,
In MPLS-based L2VPNs, if PWs are set up between PEs, BFD can be used to detect faults of
the PWs. In this way, the speed for sensing link faults and the speed of the fast switchover of
applications at the upper layer are accelerated.
When the master and backup PWs are configured on a PE to protect links, BFD sessions need
to be set up to detect the master and backup PWs respectively.
When static BFD for PW is configured, BFD can work only in asynchronous mode.
BFD control packets are encapsulated in PW control packets, and PWs distinguish control
packets and data packets according to the control word. Therefore, during the configuration of
BFD for PW, the control word function needs to be enabled.
Before configuring static BFD for PW, complete the following tasks:
l Configuring IP parameters to make each node reachable
l Configuring PWs
NOTE
PWs must be set up on AC interfaces on PEs.
Data Preparation
To configure static BFD for PW, you need the following data.
No. Data
1 Name of a BFD session
2 Interfaces where PWs reside (AC interfaces)
3 Local discriminator and remote discriminator of a BFD session
2.8.2 Enabling BFD Globally

BFD needs to be enabled globally before static BFD for PW is configured.
Procedure
Step 1 Run:
system-view

Step 2 Run:
bfd
BFD is enabled on the local node and the BFD view is displayed.
----End
2.8.3 Enabling the Sending of BFD for PW Packets to the Protocol

Stack
To detect PW links by using BFD sessions, the sending of BFD for PW packets to the protocol
stack must be enabled.
Procedure
Step 1 Run:
system-view

Step 2 Run:
bfd for pw enable
The sending of BFD for PW packets to the protocol stack is enabled.
----End
2.8.4 Configuring BFD for PW

You must configure or cancel static BFD for PW on both ends of a PW simultaneously;
otherwise, the PW statuses on both PEs become inconsistent.
Context
Do as follows on the PEs on the two ends of the PW to be detected:
Procedure
Step 1 Run:
system-view

Step 2 Run:
bfd cfg-name bind pw interface interface-type interface-number [ secondary ]
A BFD configuration entry is created.

The outbound interface interface interface-type interface-number bound to a BFD session refers
to the AC interface where the PW resides.If a management PW is bound to the BFD session, the
interface should be the loopback interface where the management PW resides.
When the PW to be detected is a backup PW, you must select secondary.
Step 3 Run:
discriminator local discr-value

The local discriminator is set.

And run:
discriminator remote discr-value
The remote discriminator is set.
NOTE
The local discriminator of the local device corresponds to the remote discriminator of the remote device.
Step 4 Run:
commit
The configuration is committed.

When the status of the service PW is Down, the BFD session is created successfully but cannot
be Up. When the status of the management PW is Down, the BFD session cannot be created,
and the system displays prompts.
NOTE
l The local discriminator and remote discriminator of a BFD session cannot be modified after being
configured. To modify the local or remote discriminator of the BFD session, run the undo bfd bfd-
name command in the system view to delete related BFD for PW configuration and then reconfigure
it. After the PW is deleted, related configuration of the BFD session is deleted.
l BFD for PW must be configured or deleted on the PEs on the two ends of a PW simultaneously;
otherwise, the PW statuses on the two PEs are different.
----End

After static BFD for PW is configured, you can view information about BFD and BFD sessions.
Context
The configurations of static BFD for PW are complete.
Procedure
l Run the display bfd configuration pw interface interface-type interface-number
[ secondary ] [ verbose ] command to check the BFD configuration.
l Run the display bfd session pw interface interface-type interface-number [ secondary ]
[ verbose ] command to check information about the BFD session.
----End
Example
Run the display bfd configuration pw interface interface-type interface-number
[ secondary ] [ verbose ] command, and you can view the discriminators of the BFD session,
the type of the PW that is bound to the BFD session, and the type of the BFD session. For
example:
<Quidway> display bfd configuration pw interface vlanif 10 verbose
--------------------------------------------------------------------------------
BFD Session Configuration Name : 1to2
--------------------------------------------------------------------------------
Local Discriminator : 12 Remote Discriminator : 21

BFD Bind Type : PW(Master)

Bind Session Type : Static
Bind Interface : Vlanif10
TOS-EXP : 6 Local Detect Multi : 3
Min Tx Interval (ms) : 1000 Min Rx Interval (ms) : 1000
Proc interface status : Disable WTR Interval (ms) : -
Bind Application : L2VPN | OAM_MANAGER | MPLSFW
Session Description : --
--------------------------------------------------------------------------------
Total Commit/Uncommit CFG Number : 1/0
Run the display bfd session pw interface interface-type interface-number [ secondary]

[ verbose ] command, and you can view the status of the BFD session, discriminators of the
BFD session, the type of the PW that is bound to the BFD session, and the type of the BFD
session. For example:
<PE1> display bfd session pw interface vlanif 10 verbose
--------------------------------------------------------------------------------
Session MIndex : 256 State : Up Name : 1to2
--------------------------------------------------------------------------------
Session Detect Mode : Asynchronous Mode Without Echo Function
Bind Peer Ip Address : --.--.--.--
NextHop Ip Address : --.--.--.--
FSM Board Id : 1 TOS-EXP : 6
Actual Tx Interval (ms): 1000 Actual Rx Interval (ms): 1000
Local Detect Multi : 3 Detect Interval (ms) : 3000
Echo Passive : Disable Acl Number : --
Destination Port : 3784 TTL : 1
Proc interface status : Disable Process PST : Enable
WTR Interval (ms) : --
Active Multi : 3
Last Local Diagnostic : No Diagnostic
Session TX TmrID : -- Session Detect TmrID : --
Session Init TmrID : -- Session WTR TmrID : --
Session Echo Tx TmrID : --
PDT Index : FSM-0 | RCV-0 | IF-0 | TOKEN-0
--------------------------------------------------------------------------------
Total UP/DOWN Session Number : 1/0
2.9 Configuring Dynamic BFD for PW

This section describes how to configure dynamic BFD for PW. After dynamic BFD for PW is

Before configuring dynamic BFD for PW, familiarize yourself with the applicable environment,

In the MPLS L2VPN where PWs are used as transmission tunnels, dynamic BFD for PW is used
to quickly detect faults of PWs. Once a PW is faulty, the master and backup PWs switchover
can be immediately performed to lessen the impact on carried services.
BFD control packets are encapsulated in PW control packets, and PWs distinguish control
packets and data packets based on the control word. Therefore, during the BFD for PW
configuration, you need to enable the control word function.
Types of the PWs can be detected by using BFD are as follows:
l SH PWs
l MH PWs
Before configuring dynamic BFD for PW, complete the following tasks:
l Configuring basic MPLS functions
l Configuring PWs
Data Preparation
To configure dynamic BFD for PW, you need the following data.
No. Data
1 VC ID of a PW
2 BFD parameters
2.9.2 Enabling BFD Globally

Before configuring dynamic BFD for PW, you must enable BFD globally.
Context
Do as follows on the PEs at the two ends of a PW:
Procedure
Step 1 Run:
system-view

Step 2 Run:
bfd
BFD is enabled on the local node and the BFD view is displayed.
----End

2.9.3 Enabling the Sending of BFD for PW Packets to the Protocol

Stack
To detect PW links by using BFD sessions, the sending of BFD for PW packets to the protocol
stack must be enabled.
Procedure
Step 1 Run:
system-view

Step 2 Run:
bfd for pw enable
The sending of BFD for PW packets to the protocol stack is enabled.
----End
2.9.4 Configuring the Attributes of a PW Template

To detect a PW based on a control word channel, you must enable the control word function by
using the PW template before configuring dynamic BFD for PW.
Context
Procedure
Step 1 Run:
system-view

Step 2 Run:
The PW template view is displayed.

Step 3 Run:
control-word
The two PEs are enabled to support CWs.
----End
2.9.5 (Optional) Adjusting BFD Parameters

BFD detection parameters include the multiple of the local BFD detection time, expected
minimum interval for receiving packets, and expected minimum interval for sending packets.
Context

Procedure
Step 1 Run:
system-view

Step 2 Run:

Step 3 Run:
bfd-detect [ detect-multiplier multiplier | min-rx-interval rx-interval | min-tx-
interval tx-interval ] *
Time parameters of BFD are set.
----End
2.9.6 Configuring PWs

A PW can be a static, a dynamic, or a switching PW.
Procedure
Step 1 For detailed configuration, see "2.4 Configuring a Static PW, 2.5 Configuring a Dynamic
PW, or 2.6 Configuring PW Switching". You can select one of the configurations as required.
----End
2.9.7 Triggering Dynamic BFD for PW

You must configure or cancel dynamic BFD for PW on both ends of a PW simultaneously;
otherwise, the PW statuses on both PEs become inconsistent.
Context
Procedure
Step 1 Run:
system-view

Step 2 Run:

Step 3 Run:
mpls l2vpn pw bfd [ detect-multiplier multiplier | min-rx-interval rx-interval |
min-tx-interval tx-interval ] * [ remote-vcid vc-id ] [ secondary ]
A BFD session is dynamically set up to detect PWs.

After this command is used, the BFD session is created immediately.

This command can also be used to adjust BFD detection parameters.

To detect MH PWs, remote-vcid must be specified.
To detect backup PWs, secondary must be used.
NOTE
BFD for PW must be configured or deleted on the two PEs of a PW simultaneously; otherwise, the PW
statuses on the two PEs are different.
----End

After dynamic BFD for PW is configured, you can view information about BFD and BFD
sessions.
Context
The configurations of dynamic BFD for PW are complete.
Procedure
l Run the display bfd configuration pw interface interface-type interface-number
[ secondary ] [ verbose ] command to check the BFD configuration.
----End
Example
Run the display bfd configuration pw interface interface-type interface-number
[ secondary ] [ verbose ] command, and you can view discriminators of the BFD session, the
type of the PW that is bound to the BFD session, and the type of the BFD session. For example:
<Quidway> display bfd configuration pw interface vlanif 10 verbose
--------------------------------------------------------------------------------
BFD Session Configuration Name : dyn_8192
--------------------------------------------------------------------------------
Bind Session Type : Dynamic
TOS-EXP : 6 Local Detect Multi : 3
Proc interface status : Disable WTR Interval (ms) : -
--------------------------------------------------------------------------------
Run the display bfd session pw interface interface-type interface-number [ secondary ]

<Quidway> display bfd session pw interface vlanif 10 verbose
Session MIndex : 256 State : Up Name : dyn_8192
--------------------------------------------------------------------------------


Actual Tx Interval (ms): -- Actual Rx Interval (ms): --
Local Detect Multi : 3 Detect Interval (ms) : --
Active Multi : 3
--------------------------------------------------------------------------------
2.10 Configuring PWE3 FRR

This section describes how to configure PW FRR. After PW FRR is configured, the L2VPN
traffic can be timely switched to backup path as soon as the master path fails. After the master
path recovers, the L2VPN traffic can be switched back to it according to the revertive switching
policy.
The PW FRR supported by the S5700 is mainly used on the network where the CEs are
asymmetrically connected to PEs.
In such networking, one CE of the VC is connected to a more reliable PE through a single link
of higher reliability. The other CE is dual-homed to the PEs of lower reliability. Two paths thus
exist between the CEs. The path with higher reliability is the master path, and the path with
lower reliability is the backup path.
The revertive switchover policy is required only in the networking where the CEs are
asymmetrically connected to PEs. By default, a delay is set for the revertive switchover.
After the PW FRR is configured, L2VPN traffic is rapidly switched to the backup path when a
fault occurs on the master path. After the fault on the master path is rectified, the L2VPN traffic
is switched back to the master path according to the revertive switchover policy.
Before configuring PW FRR, complete the following tasks:

l Configuring a PW on each of the master path and backup path for the networking where
CEs are asymmetrically connected to PEs (The types of PWs on the master path and backup
path must be the same.)
l Configuring CEs to exchange routing information by using routing protocols or static routes
NOTE
In the networking where CEs are asymmetrically connected to PEs, the backup PW cannot transmit data
when the master path and backup path work normally. If the AC interface of the backup PW borrows the
IP address of the AC interface of the master PW, the following situations occur:
l A permanent non-revertive policy cannot be configured.
l The local CE has two equal-cost and direct routes to the remote CE. The destination addresses and next
hops of the two routes are the same. Actually, the route that passes through the backup PW is invalid.
l If CEs exchange routing information by using routing protocols, you need to modify the cost or metric
of the AC interface of the backup path to be greater than that of the AC interface of the master path.
The local CE cannot communicate with the peer CE, but can communicate with other user devices.
l If the AC link is an Ethernet link, the function of BFD for static routes need also be configured on CEs.
Data Preparation
To configure PW FRR, you need the following data.
No. Data
1 Type and number of the interface connected to the CE
2 Destination address and VC ID of the L2VC
3 (Optional) Local and remote identifiers of the BFD session
4 (Optional) Traffic revertive switching delay after fault recovery and fault recovery
notification delay (by default, the traffic revertive switching delay is 30 seconds and
the fault recovery notification delay is 10 seconds.)
2.10.2 Configuring Primary and Backup PWs

In the networking where CEs are asymmetrically connected to PEs, you need to configure
primary and backup PWs.
Context
l In the networking where CEs are symmetrically dual-homed to PEs, you need to configure
one PW for both the primary and backup paths. The primary and backup paths can be
configured with different types of PWs.
l In the networking where CEs are asymmetrically connected to PEs, you need to configure
primary and backup PWs. The primary and backup PWs must be of the same type.
NOTE
PWE3 FRR supports only dynamic PWs, namely, LDP PWs, rather than static PWs.
Procedure
Step 1 Run:

system-view

Step 2 Run:
mpls l2vpn
MPLS L2VPN is enabled, and the MPLS L2VPN view is displayed.

Step 3 Run:
quit

Step 4 Run:

undo portswitch

Step 6 Run:
The primary PW is configured.
NOTE
Before using a PW template to create a PW, you need to configure a PW template. For details, refer to 2.3
Configuring the Attributes of a PW Template.

secondary
The backup PW is configured.
NOTE
l Both primary and backup PWs need to be configured on the PE to which a CE is single-homed.
l Primary and backup PWs must have different VC IDs.
l The control word configuration on the primary and secondary PWs must be the same. Otherwise, lots
of packets will be lost after the primary/secondary PW switchover.
----End
2.10.3 (Optional) Configuring BFD for PW

BFD for PW expedites the fault detection on the public network.
Context
BFD for PW, which speeds up fault detection, is recommended.

Static BFD for PW or dynamic BFD for PW can be configured on PEs. For detailed
configuration, see the following sections:
l 2.8 Configuring Static BFD for PW

l 2.9 Configuring Dynamic BFD for PW
Example
NOTE
l BFD for PW must be configured or deleted on the PEs at the both ends of a PW simultaneously.
Otherwise, the PW statuses on the two PEs are different.
2.10.4 (Optional) Configuring the Revertive Switchover

The revertive switching policies can be classified into three modes: immediate revertive mode,
delayed revertive mode, and non-revertive mode. By default, the revertive switching policy is
in delayed revertive mode.
Context
When CEs are connected to PEs asymmetrically, do as follows on the PE (where traffic is
switched) to which a CE is connected through a single link:
Procedure
Step 1 Run:
system-view
Step 2 Run:
Step 3 Run:
mpls l2vpn reroute { { delay delay-time | immediately } [ resume resume-time ] |
never }
The revertive switchover policy is configured.
The types of the revertive switchover on PEs are as follows:
l Immediate revertive switchover: The local PE immediately switches traffic to the master PW
and notifies the fault to the remote PE of the backup PW. The PE notifies the rectification
of the fault to the remote PE of the backup PW after the period of resume-time.
l Delayed revertive switchover: The PE switches traffic to the master PW after the period of
delay-time.
l None revertive switchover: The PE does not switch traffic to the master PW until the backup
PW is faulty.
For an asymmetric networking, in which ACs are of the Ethernet type, note the following:
l If the remote shutdown function is configured on the interface of a PE that connects a CE,
you are recommended not to use the policy of immediate revertive switchover, which may

lead to network flapping and traffic loss. On the other hand, you can use the policy of delayed
revertive switchover to set delay-time equal to or more than 30 seconds.
l If the Ethernet OAM function is configured on the interface of a PE that connects a CE, and
a revertive switchover policy is also configured, you cannot set resume-time to be 0 seconds,
but be equal to or longer than one second.
----End

After PW FRR is configured,you can view information about the PW on the local and remote
ends, BFD sessions, L2VPN forwarding, and fault mapping between AC and PW.
Prerequisite
The configurations of the PWE3 FRR function are complete.
Procedure
to check information about the PW on the local PE.
l Run the display mpls l2vc remote-info [ vc-id ] command to check information about the
PW on the remote PE.
----End
Example
Run the display mpls l2vc [ vc-id | interface interface-type interface-number ] command, and
you can view that the statuses of the master and backup PWs are up, VC state of the master PW
is active, and VC state of the backup PW is inactive. For example:
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up


VC last up time : 2010-12-24 13:33:31
CKey : 16
NKey : 15

session state : up
AC state : up
VC state : up
VC ID : 200
VC type : VLAN
link state : up
VC last up time : 2010-12-24 13:35:21
CKey : 17
NKey : 18

reason of last reroute : Remote AC fault was resumed
time of last reroute : 0 days, 0 hours, 1 minutes, 38 seconds
Run the display mpls l2vc remote-info command, and you can view that Peer Addr is the peer
address of the specified VC. For example:


100 0 2.2.2.2 vlan 8195 1 1500 1 0
200 0 3.3.3.3 vlan 8195 1 1500 1 0
Run the display bfd session pw interface interface-type interface-number [ secondary ]

<Quidway> display bfd session pw interface vlanif 10 verbose
--------------------------------------------------------------------------------
Session MIndex : 257 State : Up Name : 1to3
--------------------------------------------------------------------------------
Active Multi : 3
--------------------------------------------------------------------------------
Run the manual-set pw-ac-fault command on the AC interface of the master PW, the following
situations occur:
l The status of the master PW is Down.

l VC status of the master PW is InActive, and that of the backup PW is Active.
l L2VPN data is switched to the backup PW.
Run the undo manual-set pw-ac-fault command on the AC interface of the master PW to rectify
the fault on the PW, the following situations occur:
l The status of the master PW is up.

l VC status of the master PW is Active, and VC status of the backup PW is InActive.
l L2VPN data is switched to the master PW.
2.11 Maintaining PWE3

This section describes how to maintain PWE3. Detailed operations include PW connectivity
detection, and PW fault location.

2.11.1 Verifying the Connectivity of a PW

After PWE3 is configured, the PWE3 connectivity can be detected.
Prerequisite
Before using the ping vc and tracert vc commands to check the connectivity of a PW, ensure
that the PWE3 network is correctly configured.
By default, VCCV in Label Alert mode is enabled. Before using the control word channel, run
the control-word command to enable the control word function. After that, VCCV in control
word channel mode is enabled.
When locating faults on the PW, you can use either VCCV in control word channel mode or
VCCV in normal mode.
At present, checking the connectivity of the PW is not supported in the following situations:
l SPEs do not support the ping vc and tracert vc command (these commands are supported
only by UPEs).
l Multiple users cannot run the command simultaneously. That is, the devices on the two
ends cannot ping a VC at the same time. On a device serving as both a UPE and an SPE,
if the PW serving as an SPE is performing VCCV ping, the PW serving as a UPE will be
unable to perform VCCV ping. That is, two VCCV pings cannot be performed on a same
device at the same time.
l The MTU check of the VC is not supported.
For an MH-PW, the local VC ID and VC type needs to be specified.
In the control word mode, if VC IDs are different, the VC ID of the remote UPE needs to be
specified. In the MPLS Label Alert mode, the addresses of the remote peer SPEs or UPEs need
to be specified.
Because a static PW does not support signaling negotiation, configurations of the UPE control
word on both ends of the PW are different, with the control word being enabled on one end, but
disabled on the other. When the MPLS Label Alert mode is enabled on both ends, the PW can
be Up and the ping vc command can work. CEs, however, cannot communicate with each other
because the control words are different.
Procedure
l Check the connectivity of the PW.
value | -exp exp-value | -r reply-mode | -v ] * control-word [ remote peer-pw-id |
draft6 ] *
value | -exp exp-value | -r reply-mode | -v ] * label-alert [ remote remote-ip-address |
draft6 ] *
l Locate a fault on the PW.

tracert vc pw-type pw-id [ -exp exp-value | -f first-ttl | -m max-ttl | -r reply-mode | -t

timeout-value ] * control-word [ [ [ remote remote-pw-id ] draft6 ] | remote remote-
ip-address ] [ full-lsp-path ]
timeout-value ] * label-alert [ remote remote-ip-address ] [ full-lsp-path ] [ draft6 ]
– Normal mode
timeout-value ] * normal [ remote remote-ip-address ] [ full-lsp-path ] [ draft6 ]
----End
2.11.2 Locating a Fault of a PW

After PWE3 is configured, you can locate any PW faults.
Context
To locate a PW fault, first configure basic PWE3 functions by using the PW template, and then
do as follows on each UPE:
Procedure
Step 1 Run:
system-view

Step 2 Run:

Step 3 Run:
control-word
The control word mode is enabled.

Step 4 Run any of the following commands to collect information about each LSR on the PW and the
egress PE.
l tracert vc pw-type pw-id [ -exp exp-value | -f first-ttl | -m max-ttl | -r reply-mode | -t timeout-
value ] * control-word [ [ [ remote remote-pw-id ] draft6 ] | remote remote-ip-address ]
[ full-lsp-path ]
value ] * label-alert [ remote remote-ip-address ] [ full-lsp-path ] [ draft6 ]
value ] * normal [ remote remote-ip-address ] [ full-lsp-path ] [ draft6 ]
When using the tracert vc command to locate a PW fault, note the following points:
l SPEs do not support the command. The command is supported only by UPEs.
l This command can be used to tracert both an SH-PW and an MH-PW constructed in the LDP
mode.

l When tracing routes of an MH-PW, besides the local PW ID and PW type, you need to specify
the remote PW ID.
The execution of the tracert vc command may be terminated in one of the following situations:
l The device that initiates tracert receives an MPLS Echo Reply packet from the egress device.
l The TTL in the label of the previous MPLS Echo Request packet sent by the device that
initiates tracert reaches the set or default maximum number of hops.
l The user presses Ctrl+C on the device to initiate tracert.
----End
2.11.3 Debugging a PWE3

After a fault occurs in PWE3, a relevant debugging command can be used to debug PWE3,
display debugging information, locate the fault, and analyze the cause.
Context
CAUTION
Debugging affects system performance. After debugging is complete, run the undo
debugging all command to disable debugging immediately.
In the case of operational faults, run the debugging command in the user view to debug the
PWE3 and locate the faults.
Procedure
l Run the debugging mpls lspc { all | error | event | packet } command in the user view to
enable debugging of MPLS ping/tracert.
----End

You can learn the configuration procedures based on the configuration flowchart. Each
configuration example consists of such information as the networking requirements,
2.12.1 Example for Configuring a Dynamic SH-PW
As shown in Figure 2-11, PE1 and PE2 are connected through an MPLS backbone network.
An LSP needs to be used to set a dynamic PW between PE1 and PE2.

Figure 2-11 Networking diagram for configuring a dynamic SH-PW (using LSP)
MPLS Backbone

192.2.2.2/32 192.4.4.4/32 192.3.3.3/32
GE0/0/2 GE0/0/2
GE0/0/1 GE0/0/2
PE1 GE0/0/1 P GE0/0/1 PE2
PW
GE0/0/1 GE0/0/1
CE1 CE2
Loopback1 - 192.2.2.2/32
Loopback1 - 192.3.3.3/32
Loopback1 - 192.4.4.4/32
1. Run an IGP protocol on the devices of the backbone network to implement connectivity.
2. Configure the basic MPLS functions on the backbone network and set up an LSP. Set up
the MPLS LDP peer relation between the two PEs on the two ends of the PW.
3. Create an MPLS L2VC connection between the two PEs.
Data Preparation
l Identical L2VC IDs of PEs on the two ends of a PW
l MPLS LSR ID of each PE and P
l Peer address of PE

Procedure
Step 1 Configure interface addresses for CE, PE and P according to Figure 2-11, including VLAN and
VLANIF interfaces.
Step 2 Configure an IGP protocol on the MPLS backbone network.
The OSPF protocol is used in this example.
After the configuration, run the display ip routing-table command. You can see that PE1 and
PE2 can learn the loopback 0 address of each other that is discovered by the OSPF protocol, and
can ping each other.
<PE1> display ip routing-table
Route Flags: R - relied, D - download to fib
------------------------------------------------------------------------------
Routing Tables: Public
Destinations : 12 Routes : 12
Destination/Mask Proto Pre Cost Flags NextHop Interface
10.1.1.0/24 Direct 0 0 D 10.1.1.1 Vlanif20

10.1.1.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
10.2.2.0/24 OSPF 10 2 D 10.1.1.2 Vlanif20
192.3.3.3/32 OSPF 10 3 D 10.1.1.2 Vlanif20
192.4.4.4/32 OSPF 10 2 D 10.1.1.2 Vlanif20
<PE1> ping 192.3.3.3


0.00% packet loss
Step 3 Enable MPLS and set up tunnels and LDP sessions.

Enable MPLS on the backbone network, set up LSPs and LDP remote sessions between the PEs.
After the configuration, run the related command, and you can see that LDP sessions are set up
between PEs, and between each pair of PE and P, and the session status is Operational.



------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------
Step 4 Create a VC connection.

Enable MPLS L2VPN on PE1 and PE2; create a VC on each PE.
# Configure PE1.
[PE1] mpls l2vpn
[PE1-l2vpn] quit
[PE1-Vlanif10] quit
# Configure PE2.
[PE2] mpls l2vpn
[PE2-l2vpn] quit
[PE2-Vlanif30] quit

View information about the L2VPN connection on the PEs, and you can see that an L2VC is set
up and is in Up state.
<PE1> display mpls l2vc interface Vlanif 10
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up
tunnel policy : --
traffic behavior : --


VC last up time : 2010/01/14 19:10:07
CKey : 8
NKey : 7

<CE1> ping 100.1.1.2
0.00% packet loss
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 100.1.1.1 255.255.255.0
#
#
return

#
sysname PE1
#
vlan batch 10 20
#
mpls lsr-id 192.2.2.2
mpls
#
mpls l2vpn
#
mpls ldp
#
remote-ip 192.3.3.3
#
interface Vlanif10
mpls l2vc 192.3.3.3 100
#
interface Vlanif20

ip address 10.1.1.1 255.255.255.0

mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 192.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 192.2.2.2 0.0.0.0
network 10.1.1.0 0.0.0.255
#
return
#
sysname P
#
vlan batch 20 40
#
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 10.2.2.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 192.4.4.4 255.255.255.255
#
ospf 1
area 0.0.0.0
network 192.4.4.4 0.0.0.0
network 10.1.1.0 0.0.0.255
network 10.2.2.0 0.0.0.255
#
return
#
sysname PE2
#
vlan batch 30 40
#
mpls

#
mpls l2vpn
#
mpls ldp
#
remote-ip 192.2.2.2
#
interface Vlanif30
mpls l2vc 192.2.2.2 100
#
interface Vlanif40
ip address 10.2.2.2 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 192.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 192.3.3.3 0.0.0.0
network 10.2.2.0 0.0.0.255
#
return

#
sysname CE2
#
vlan batch 30
#
interface Vlanif30
ip address 100.1.1.2 255.255.255.0
#
#
return
2.12.2 Example for Configuring a Static MH-PW

You need to set up a static MH-PW between U-PE1 and U-PE2. The S-PE is the switching node,
which sets up a two-hop static PW.

Figure 2-12 Networking diagram for configuring a static MH-PW

2.2.2.9/32 3.3.3.9/32 4.4.4.9/32
P1 P2
GE0/0/1 GE0/0/1
GE0/0/2 GE0/0/2
GE0/0/2
GE0/0/1 S-PE
Loopback0 Loopback0
1.1.1.9/32 W Sta 5.5.5.9/32
tic P tic
Sta P W
GE0/0/2 GE0/0/1
U-PE1 U-PE2
GE0/0/1 GE0/0/2
GE0/0/1 GE0/0/1
CE1 CE2
U-PE1 GigabitEthernet0/0/1 VLANIF 10 -
Loopback0 - 1.1.1.9/32
U-PE2 GigabitEthernet0/0/1 VLANIF 50 40.1.1.2/24
Loopback0 - 5.5.5.9/32
P1 GigabitEthernet0/0/1 VLANIF 20 10.1.1.2/24
Loopback0 - 2.2.2.9/32
Loopback0 - 4.4.4.9/32
S-PE GigabitEthernet0/0/1 VLANIF 30 20.1.1.2/24
Loopback0 - 3.3.3.9/32

1. Run a routing protocol on the devices of the backbone network to implement connectivity.
2. Configure the basic MPLS functions on the backbone network and set up an LSP.
3. Create an MPLS L2VC connection between the two U-PEs.
4. Create a switching PW on the S-PE.
Data Preparation
l L2VC IDs of U-PE1 and U-PE2
l MPLS LSR-IDs of U-PE1, S-PE, and U-PE2
l Name of the PW template and attributes of the PW template used on the U-PEs
l VC labels of the PW (pay attention to the mapping between the VC labels on the two ends)
l Encapsulation type of the S-PE
Procedure
Step 1 Configure interface addresses for CE, U-PE,P and S-PE according to Figure 2-12, including
VLAN and VLANIF interfaces.
Configure interface addresses of the U-PE, S-PE, and P according to Figure 2-12. When
configuring OSPF, note that the 32-bit loopback interfaces of U-PE1, S-PE, and U-PE2 must be
advertised.
Step 3 Configure basic MPLS functions and set up tunnels.
Configure the basic MPLS capability on the MPLS backbone network. Set up LSPs between U-
PE1 and S-PE, and between S-PE and U-PE2. The configuration procedure is not mentioned.
Enable MPLS L2VPN on U-PE1 and U-PE2. Create VC connections on two U-PEs.
# Configure U-PE1.
[U-PE1] pw-template pwt
[U-PE1-pw-template-pwt] peer-address 3.3.3.9
[U-PE1-pw-template-pwt] quit
[U-PE1] mpls l2vpn
[U-PE1-l2vpn] quit
[U-PE1] interface vlanif 10
[U-PE1-Vlanif10] mpls static-l2vc pw-template pwt 100 transmit-vpn-label 100
receive-vpn-label 100
[U-PE1-Vlanif10] quit
# Configure S-PE.
[S-PE] mpls l2vpn
[S-PE-l2vpn] quit
[S-PE] mpls switch-l2vc 5.5.5.9 100 trans 200 recv 200 between 1.1.1.9 100 trans
100 recv 100 encapsulation vlan

# Configure U-PE2.
[U-PE2] mpls l2vpn
[U-PE2-l2vpn] quit
NOTE
The transmit-vpn-label set on the U-PE must be consistent with the recv label on the S-PE; the receive-
vpn-label set on the U-PE must be consistent with the trans label on the S-PE. Otherwise, CEs cannot
communicate with each other.
View information about the L2VPN connection on the PEs, and you can see that an L2VC is set
up and is in Up state.
Take U-PE1 and S-PE for example.

<U-PE1> display mpls static-l2vc interface vlanif 10
AC Status : up
VC State : up
VC ID : 100
VC Type : VLAN
VCCV Capabilty : alert lsp-ping bfd
Tunnel Policy : --
PW Template Name : pwt
NO.0 TNL Type : lsp , TNL ID : 0x4800200f
VC last up time : 2010/11/14 12:31:31
CKey : 2
NKey : 3
<S-PE> display mpls switch-l2vc

*Switch-l2vc type : SVC<---->SVC

Peer IP Address : 5.5.5.9, 1.1.1.9
VC ID : 100, 100
VC Type : VLAN
VC State : up
In/Out Label : 200/200, 100/100
Control Word : Disable, Disable
VCCV Capability : alert lsp-ping bfd, alert lsp-ping bfd
CKey : 44, 1
NKey : 43, 3


VC last up time : 2010/11/14 12:31:31

<CE1> ping 100.1.1.2

0.00% packet loss
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 100.1.1.1 255.255.255.0
#
#
return
l Configuration file of U-PE1

#
sysname U-PE1
#
vlan batch 10 20
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
pw-template pwt
peer-address 3.3.3.9
#
mpls ldp
#
interface Vlanif10
mpls static-l2vc pw-template pwt 100 transmit-vpn-label 100 receive-vpn-label
100
#
interface Vlanif20
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#

#
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
return
l Configuration file of P1
#
sysname P1
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 20.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 20.1.1.0 0.0.0.255
network 2.2.2.9 0.0.0.0
#
return
l Configuration file of S-PE
#
sysname S-PE
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls switch-l2vc 5.5.5.9 100 trans 200 recv 200 between 1.1.1.9 100 trans 100

recv 100 encapsulation vlan

#
mpls ldp
#
interface Vlanif30
ip address 20.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 30.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 20.1.1.0 0.0.0.255
network 30.1.1.0 0.0.0.255
network 3.3.3.9 0.0.0.0
#
return
#
sysname P2
#
vlan batch 40 50
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
#
interface Vlanif40
ip address 30.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif50
ip address 40.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 30.1.1.0 0.0.0.255
network 40.1.1.0 0.0.0.255

#
return

#
sysname U-PE2
#
vlan batvh 50 60
#
mpls lsr-id 5.5.5.9
mpls
#
mpls l2vpn
#
pw-template pwt
#
mpls ldp
#
interface Vlanif50
ip address 40.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif60
200
#
#
#
interface LoopBack0
ip address 5.5.5.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 5.5.5.9 0.0.0.0
network 40.1.1.0 0.0.0.255
#
return

#
sysname CE2
#
vlan batch 60
#
interface Vlanif60
ip address 100.1.1.2 255.255.255.0
#
#
return

2.12.3 Example for Configuring a Dynamic MH-PW
As shown in Figure 2-13, U-PE1 and U-PE2 are connected through the MPLS backbone
network. Use the LSP and set S-PE as the switching node to set up a dynamic MH-PW between
U-PE1 and U-PE2.
Figure 2-13 Networking diagram for configuring a dynamic MH-PW

2.2.2.9/32 3.3.3.9/32 4.4.4.9/32
P1 P2
GE0/0/1 GE0/0/1
GE0/0/2 GE0/0/2
GE0/0/1 S-PE GE0/0/2
Loopback0 Loopback0
1.1.1.9/32 100 PW 5.5.5.9/32
PW 200
GE0/0/2 GE0/0/1
U-PE1 U-PE2
GE0/0/1 GE0/0/2
GE0/0/1 GE0/0/1
CE1 CE2
Loopback0 - 1.1.1.9/32
Loopback0 - 5.5.5.9/32
Loopback0 - 2.2.2.9/32
Loopback0 - 4.4.4.9/32

Loopback0 - 3.3.3.9/32
MPLS LDP peer relations between U-PE1 and S-PE, and between U-PE2 and S-PE.
3. Create a PW template. Enable the CW and LSP ping function.
4. Configure the dynamic PW on the U-PE.
5. Create a switching PW on the switching node S-PE.
Data Preparation
l L2VC IDs on U-PE1 and U-PE2 (the L2VC IDs should be different)
l IP addresses of the remote peers
l Encapsulation type of the switching PW
l Name and parameters of the PW template on U-PEs
Procedure
Configure an IGP protocol on the MPLS backbone network. OSPF is used as the IGP protocol
in this example.
Configure interface addresses of the U-PE, S-PE, and P. When configuring OSPF, note that the
32-bit loopback interfaces of U-PE1, S-PE, and U-PE2 must be advertised.
After the configuration, run the display ip routing-table command on U-PE, P, or S-PE, and
you can see that the devices can learn each other's routes. Take the display on S-PE for example.
<S-PE> display ip routing-table
------------------------------------------------------------------------------

1.1.1.9/32 OSPF 10 3 D 20.1.1.1 Vlanif30

2.2.2.9/32 OSPF 10 2 D 20.1.1.1 Vlanif30
4.4.4.9/32 OSPF 10 2 D 30.1.1.2 Vlanif40
5.5.5.9/32 OSPF 10 3 D 30.1.1.2 Vlanif40
10.1.1.0/24 OSPF 10 2 D 20.1.1.1 Vlanif30
20.1.1.0/24 Direct 0 0 D 20.1.1.2 Vlanif30
30.1.1.0/24 Direct 0 0 D 30.1.1.1 Vlanif40
40.1.1.0/24 OSPF 10 2 D 30.1.1.2 Vlanif40
The U-PEs can ping each other. Take the display on U-PE1 for example.
<U-PE1> ping 40.1.1.2

0.00% packet loss
Step 3 Enable MPLS and set up LSPs and LDP sessions.
Configure the basic MPLS capability on the MPLS backbone network. Set up tunnels and LDP
sessions between U-PE1 and S-PE, and between S-PE and U-PE2.
# Configure U-PE1.
[U-PE1] mpls lsr-id 1.1.1.9
[U-PE1] mpls
[U-PE1-mpls] quit
[U-PE1] mpls ldp
[U-PE1-mpls-ldp] quit
[U-PE1-Vlanif20] mpls
[U-PE1-Vlanif20] mpls ldp
[U-PE1] mpls ldp remote-peer 3.3.3.9
[U-PE1-mpls-ldp-remote-3.3.3.9] remote-ip 3.3.3.9
[U-PE1-mpls-ldp-remote-3.3.3.9] quit
# Configure P1.
[P1] mpls lsr-id 2.2.2.9
[P1] mpls
[P1-mpls] quit
[P1] mpls ldp
[P1-mpls-ldp] quit
[P1] interface vlanif 20
[P1-Vlanif20] mpls
[P1-Vlanif20] mpls ldp
[P1-Vlanif20] quit


[P1-Vlanif30] mpls
[P1-Vlanif30] quit
# Configure S-PE.
[S-PE] mpls lsr-id 3.3.3.9
[S-PE] mpls
[S-PE-mpls] quit
[S-PE] mpls ldp
[S-PE-mpls-ldp] quit
[S-PE] interface vlanif 30
[S-PE-Vlanif30] mpls
[S-PE-Vlanif30] mpls ldp
[S-PE-Vlanif30] quit
[S-PE] mpls ldp remote-peer 1.1.1.9
[S-PE-mpls-ldp-remote-1.1.1.9] remote-ip 1.1.1.9
[S-PE-mpls-ldp-remote-1.1.1.9] quit
# Configure P2.
[P2] mpls
[P2-mpls] quit
[P2] mpls ldp
[P2-mpls-ldp] quit
[P2-Vlanif40] mpls
[P2-Vlanif40] quit
[P2-Vlanif50] mpls
[P2-Vlanif50] quit
# Configure U-PE2.
[U-PE2] mpls
[U-PE2-mpls] quit
[U-PE2] mpls ldp
After the configuration, run thedisplay mpls ldp session command on U-PE, P, or S-PE, and
you can see that the session status is Operational. Run the display mpls ldp peer command, and
you can see the status of the LDP sessions and adjacencies. Run the display mpls lsp command,
and you can see the status of the LSP. Take the display on S-PE for example.
<S-PE> display mpls ldp session

------------------------------------------------------------------------------


------------------------------------------------------------------------------
1.1.1.9:0 Operational DU Active 0000:00:14 57/57
------------------------------------------------------------------------------
<S-PE> display mpls ldp peer
LDP Peer Information in Public network

A '*' before a peer means the peer is being deleted.
------------------------------------------------------------------------------
PeerID TransportAddress DiscoverySource
------------------------------------------------------------------------------
1.1.1.9:0 1.1.1.9 Remote Peer : 1.1.1.9
2.2.2.9:0 2.2.2.9 Vlanif30
4.4.4.9:0 4.4.4.9 Vlanif40
5.5.5.9:0 5.5.5.9 Remote Peer : 5.5.5.9
------------------------------------------------------------------------------
TOTAL: 4 Peer(s) Found.
<S-PE> display mpls lsp

----------------------------------------------------------------------
LSP Information: LDP LSP
----------------------------------------------------------------------
3.3.3.9/32 3/NULL -/-
1.1.1.9/32 NULL/1024 -/Vlanif30
1.1.1.9/32 1024/1024 -/Vlanif30
2.2.2.9/32 NULL/3 -/Vlanif30
2.2.2.9/32 1025/3 -/Vlanif30
4.4.4.9/32 NULL/3 -/Vlanif40
4.4.4.9/32 1027/3 -/Vlanif40
5.5.5.9/32 NULL/1027 -/Vlanif40
5.5.5.9/32 1026/1027 -/Vlanif40
Step 4 Create and configure the PW template.

Create a PW template on each U-PE. Enable the CW and LSP ping function.
# Configure U-PE1.
[U-PE1-pw-template-pwt] control-word
# Configure U-PE2.
NOTE
You can configure a dynamic PW without using a PW template. If the PW template is not used, PW
connectivity cannot be verified and path information of the PW cannot be collected. That is, the ping vc
and tracert vc commands cannot be used.

Enable MPLS L2VPN on U-PE1, U-PE2, and S-PE.
Configure the dynamic PW on the U-PE. Enable dynamic PW switching on the S-PE.
# Configure U-PE1.

[U-PE1] mpls l2vpn

[U-PE1-l2vpn] quit
[U-PE1-Vlanif10] mpls l2vc pw-template pwt 100
# Configure S-PE.
[S-PE] mpls l2vpn
[S-PE-l2vpn] quit
[S-PE] mpls switch-l2vc 1.1.1.9 100 between 5.5.5.9 200 encapsulation vlan
# Configure U-PE2.
[U-PE2] mpls l2vpn
[U-PE2-l2vpn] quit

1. Display information about the PWE3 connection.
Display information about the L2VPN connection on U-PE and S-PE. You can see that an
L2VC is set up and the VC status is Up.
Take the display on U-PE1 for example.
<U-PE1> display mpls l2vc interface vlanif 10
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up
VC last up time : 2011/01/27 12:31:31
CKey :
16
NKey : 15

PW redundancy mode :
--
AdminPw interface :
--
Display the status of the switching L2VC on S-PE.

*Switch-l2vc type : LDP<---->LDP

Peer IP Address : 5.5.5.9, 1.1.1.9
VC ID : 200, 100
VC Type : VLAN
VC State : up
VC StatusCode |PSN |OAM | FW | |PSN |OAM | FW |
-Local VC :| UP | UP | UP | | UP | UP | UP |
-Remote VC:| UP | UP | UP | | UP | UP | UP |
Session State : up, up
Local/Remote Label : 8195/8195, 8196/8195
Local/Remote MTU : 1500/1500, 1500/1500
Local/Remote Control Word : Enable/Enable, Enable/Enable
Local/Remote VCCV Capability : cw alert lsp-ping bfd/cw alert lsp-ping bfd,
cw alert lsp-ping bfd/cw alert lsp-ping bfd
CKey : 4, 2
NKey : 3, 1
Control-Word transparent : NO
VC last up time : 2010/01/27 12:46:59
2. Verify the connectivity of the PW.

Run the ping vc command on the U-PE, and you can see that the connectivity of the PW
is normal. Take the display on U-PE1 for example.
<U-PE1> ping vc vlan 100 control-word remote 200
Reply: bytes=100 Sequence=1 time = 740 ms
--- FEC: FEC 128 PSEUDOWIRE (NEW). Type = vlan, ID = 100 ping statistics ---
0.00% packet loss
3. Verify the connectivity between CEs and view path information between the CEs.
<CE1> ping 100.1.1.2


0.00% packet loss

Information about the path between CE1 and CE2 is as follows:

[CE1] tracert 100.1.1.2
traceroute to 100.1.1.2(100.1.1.2) 30 hops max,40 bytes packet
1 100.1.1.2 250 ms 220 ms 130 ms
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 100.1.1.1 255.255.255.0
#
#
return

#
sysname U-PE1
#
vlan batch 10 20
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
pw-template pwt
control-word
#
mpls ldp
#
remote-ip 3.3.3.9
#
interface Vlanif10
mpls l2vc pw-template pwt 100
#
interface Vlanif 20
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
#
ospf 1

area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
return
#
sysname P1
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 20.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 20.1.1.0 0.0.0.255
#
return
#
sysname S-PE
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls switch-l2vc 5.5.5.9 200 between 1.1.1.9 100 encapsulation vlan
#
mpls ldp
#
remote-ip 1.1.1.9
#
remote-ip 5.5.5.9
#
interface Vlanif30
ip address 20.1.1.2 255.255.255.0
mpls

mpls ldp
#
interface Vlanif40
ip address 30.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 20.1.1.0 0.0.0.255
network 30.1.1.0 0.0.0.255
#
return
#
sysname P2
#
vlan batch 40 50
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
#
interface Vlanif40
ip address 30.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif50
ip address 40.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 30.1.1.0 0.0.0.255
network 40.1.1.0 0.0.0.255
#
return
#
sysname U-PE2
#

vlan batch 50 60
#
mpls lsr-id 5.5.5.9
mpls
#
mpls l2vpn
#
pw-template pwt
control-word
#
mpls ldp
#
remote-ip 3.3.3.9
#
interface Vlanif50
ip address 40.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif60
#
#
#
interface LoopBack0
ip address 5.5.5.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 5.5.5.9 0.0.0.0
network 40.1.1.0 0.0.0.255
#
return

#
sysname CE2
#
vlan batch 60
#
interface Vlanif60
ip address 100.1.1.2 255.255.255.0
#
#
return
2.12.4 Example for Configuring a Mixed MH-PW
U-PE1 and U-PE2 are connected through the MPLS backbone network.
You need to create a mixed MH-PW between U-PE1 and U-PE2 with the S-PE as the switching
node.

Figure 2-14 Networking diagram for configuring a mixed MH-PW

2.2.2.9/32 3.3.3.9/32 4.4.4.9/32
P1 S-PE P2
GE0/0/1 GE0/0/1
GE0/0/2 GE0/0/2
GE0/0/1 GE0/0/2
Loopback0 100 Sta Loopback0

PW tic
1.1.1.9/32
na mic PW 5.5.5.9/32
Dy 200
GE0/0/2 GE0/0/1
U-PE1 GE0/0/1 GE0/0/2 U-PE2
GE0/0/1 GE0/0/1
CE1 CE2
Loopback0 - 1.1.1.9/32
Loopback0 - 5.5.5.9/32
Loopback0 - 2.2.2.9/32
Loopback0 - 4.4.4.9/32
Loopback0 - 3.3.3.9/32

2. Configure the basic MPLS functions on the backbone network and set up an LSP.
3. Set up a remote LDP session between the U-PE1 and S-PE.
4. Create a static or dynamic MPLS L2VC connection between the two U-PEs.
5. Create a switching PW on the S-PE.
Data Preparation
l L2VC IDs on U-PE1 and U-PE2 (the L2VC IDs should be different)
l VC label of the static PW on U-PE2 (pay attention to the mapping between the VC labels
on the two ends)
l Encapsulation type of the PW
l Name and attributes of the PW template used on U-PE2
Procedure
Configure addresses of the VLANIF interfaces on the U-PE, S-PE, and P according to Figure
2-14. When configuring OSPF, note that the 32-bit loopback interfaces of U-PE1, S-PE, and U-
PE2 must be advertised.
Step 3 Enable MPLS on U-PE1 and S-PE. Set up a tunnel and a remote LDP session between U-PE1
and S-PE.
Configure basic MPLS functions and tunnels on the MPLS backbone network. In this example,
the LSPs are configured as tunnels.
You need to set up a remote LDP session between U-PE1 and S-PE.
Create a dynamic VC connection U-PE1 and a static VC connection on U-PE2. Configure a
mixed switching PW on the S-PE.
# Configure U-PE1.

[U-PE1] mpls l2vpn

[U-PE1-Vlanif10] mpls l2vc 3.3.3.9 100
NOTE
When configuring mixed switching PW, note that ip-address vc-id on the left of between specifies the
dynamic PW, and ip-address vc-id on the right of between specifies the static PW. They cannot be
interchanged.
# Configure S-PE.
[S-PE] mpls l2vpn
[S-PE-l2vpn] quit
[S-PE] mpls switch-l2vc 1.1.1.9 100 between 5.5.5.9 200 trans 200 recv 100
encapsulation vlan
# Configure U-PE2.
[U-PE2] mpls l2vpn
[U-PE2-l2vpn] quit

Display information about the L2VPN connection on PE. You can see that an L2VC is set up
and the VC status is Up.
Take the display on U-PE1 and S-PE for example.
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up
tunnel policy : --


VC last up time : 2010-11-24 12:31:31
CKey : 16
NKey : 15
*Switch-l2vc type : LDP<---->SVC

Peer IP Address : 1.1.1.9, 5.5.5.9
VC ID : 100, 200
VC Type : VLAN
VC State : up
Session State : up, None
Local(In)/Remote(Out) Label : 8195/8195, 100/200
Local/Remote MTU : 1500/1500, 1500
Local/Remote Control Word : Disable/Disable, Disable
Local/Remote VCCV Capability : alert lsp-ping bfd/alert lsp-ping bfd, alert lsp-
ping bfd
CKey : 44, 1
NKey : 43, 3
VC last up time : 2010-11-24 12:31:31

<CE1> ping 100.1.1.2

0.00% packet loss
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10

ip address 100.1.1.1 255.255.255.0

#
#
return
#
sysname U-PE1
#
vlan batch 10 20
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
mpls ldp
#
remote-ip 3.3.3.9
#
interface Vlanif10
mpls l2vc 3.3.3.9 100
#
interface Vlanif20
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
return
#
sysname P1
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 20.1.1.1 255.255.255.0
mpls
mpls ldp

#
#
#
interface LoopBack0
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 20.1.1.0 0.0.0.255
network 2.2.2.9 0.0.0.0
#
return

#
sysname S-PE
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls switch-l2vc 1.1.1.9 100 between 5.5.5.9 200 trans 200 recv 100
encapsulation vlan
#
mpls ldp
#
remote-ip 1.1.1.9
#
interface Vlanif30
ip address 20.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 30.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 20.1.1.0 0.0.0.255
network 30.1.1.0 0.0.0.255
network 3.3.3.9 0.0.0.0
#
return

#
sysname P2
#
vlan batch 40 50
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
#
interface Vlanif 40
ip address 30.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif 50
ip address 40.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 30.1.1.0 0.0.0.255
network 40.1.1.0 0.0.0.255
#
return
#
sysname U-PE2
#
vlan batch 50 60
#
mpls lsr-id 5.5.5.9
mpls
#
mpls l2vpn
#
pw-template pwt
#
mpls ldp
#
interface Vlanif 50
ip address 40.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif 50
200
#
#


#
interface LoopBack0
ip address 5.5.5.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 5.5.5.9 0.0.0.0
network 40.1.1.0 0.0.0.255
#
return

#
sysname CE2
#
vlan batch 60
#
interface Vlanif 60
ip address 100.1.1.2 255.255.255.0
#
#
return
2.12.5 Example for Configuring Static BFD for PW

The networking requirements are as follows:
l Set up PW1 (master PW) between PE1 and PE2.
l Set up PW2 (backup PW) between PE1 and PE3.
As shown in Figure 2-15, BFD is used to check the connectivity of the master PW and the
backup PW. If the master PW is faulty, services can be switched to the backup PW.

Figure 2-15 Networking diagram for configuring static BFD for PW
PW1
Loopback1 Loopback1
2.2.2.2/32 4.4.4.4/32
GE0/0/2 GE0/0/1
GE0/0/2
GE0/0/1
Loopback1
1.1.1.1/32 P1 PE2
CE1 CE2
GE0/0/2 GE0/0/1
GE0/0/1
GE0/0/1 PE1 Loopback1 Loopback1
GE0/0/3 3.3.3.3/32 5.5.5.5/32 GE0/0/2
GE0/0/1
GE0/0/2
GE0/0/1 GE0/0/2
P2 PE3
PW2
Loopback1 - 1.1.1.1/32
Loopback1 - 4.4.4.4/32
Loopback1 - 5.5.5.5/32
Loopback1 - 2.2.2.2/32
Loopback1 - 4.4.4.9/32
CE1 GigabitEthernet0/0/1 VLANIF 10 10.1.1.1/30(Primary IP Address)
10.1.2.1/30(Secondary IP Address)

1. Configure the MPLS network to make the network layer reachable.

2. On the AC interface of PE1, configure PW1 (from PE1 to PE2) and PW2 (from PE1 to
PE3). PW1 functions as the master PW and PW2 functions as the backup PW.
3. Configure BFD sessions to check the connectivity of PW1 and PW2.
Data Preparation
l IP addresses of the interfaces, including VLAN interfaces and VLANIF interfaces

l VC-ID of the PW
l BFD session name, local discriminator, and remote discriminator
Procedure
Step 1 Configure interface addresses for CE, PE,and P according to Figure 2-15, including VLAN and
VLANIF interfaces.
Step 2 Configure an IGP protocol on the MPLS backbone network so that PEs and P can interwork.
After the configuration, run the display ip routing-table command on the PEs, and you can see
that PE1 and PE2, and PE1 and PE3 have learned the routes on the Loopback1 interface of each
other.

------------------------------------------------------------------------------

2.2.2.2/32 OSPF 10 2 D 100.1.1.2 Vlanif20
3.3.3.3/32 OSPF 10 2 D 200.1.1.2 Vlanif30
4.4.4.4/32 OSPF 10 3 D 100.1.1.2 Vlanif20
5.5.5.5/32 OSPF 10 3 D 200.1.1.2 Vlanif30
100.1.1.0/30 Direct 0 0 D 100.1.1.1 Vlanif20
100.2.1.0/30 OSPF 10 2 D 100.1.1.2 Vlanif20
200.1.1.0/30 Direct 0 0 D 200.1.1.1 Vlanif30

200.2.1.0/30 OSPF 10 2 D 200.1.1.2 Vlanif30

# Enable MPLS, and set LSR-ID as the IP address of the Loopback1 interface. Enable MPLS
and MPLS LDP on interfaces on the backbone network.
# Configure PE1.
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1-Vlanif20] mpls
[PE1-Vlanif20] quit
[PE1-Vlanif30] mpls
[PE1-Vlanif30] quit
# The configuration procedures of P1, P2, PE2, and PE3 are the same as the configuration
procedure of PE1 and are not mentioned.
After the configuration, run the display tunnel-info all command on PEs. You can see that
MPLS LSPs are set up between PE1 and PE2, and between PE1 and PE3.
<PE1> display tunnel-info all
* -> Allocated VC Token
Tunnel ID Type Destination Token
----------------------------------------------------------------------
0x10020 lsp 2.2.2.2 0
0x10021 lsp -- 1
0x10022 lsp 3.3.3.3 2
0x10023 lsp -- 3
0x10024 lsp 4.4.4.4 4
0x10025 lsp -- 5
0x10026 lsp 5.5.5.5 6
0x10027 lsp -- 7
Run the display mpls ldp session command on PE, and you can see that the LDP peer relation
between the PE and the neighboring P is in Operational state.

------------------------------------------------------------------------------
Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv
------------------------------------------------------------------------------
------------------------------------------------------------------------------

# Configure remote LDP sessions and set their IP addresses as the addresses of the loopback
interfaces on LDP remote peers.

NOTE
If the PEs are directly connected, you do not need to manually configure remote LDP sessions between
them.
# Configure PE1.
# Configure PE2.
# Configure PE3.
After the configuration, run the display mpls ldp session command on PEs. You can see that
the LDP peer relation is in Operational state. This indicates that the LDP sessions are set up.

------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------
Step 5 Configure PWs on PEs by using PW templates.

# Configure PE1.
[PE1] mpls l2vpn
[PE1-l2vpn] quit
[PE1] pw-template 1to2
[PE1-pw-template-1to2] peer-address 4.4.4.4
[PE1-pw-template-1to2] control-word
[PE1-pw-template-1to2] quit
[PE1-Vlanif10] mpls l2vc pw-template 1to2 100
[PE1-Vlanif10] mpls l2vc pw-template 1to3 200 secondary
[PE1-Vlanif10] quit
# Configure PE2.
[PE2] mpls l2vpn
[PE2-l2vpn] quit


[PE2-pw-template-2to1] peer 1.1.1.1
[PE2-Vlanif50] quit
# Configure PE3.
[PE3] mpls l2vpn
[PE3-l2vpn] quit
[PE3-Vlanif70] quit
After the configuration, run the display mpls l2vc interface command on PEs. You can see that
PWs are set up and are in the Active state. In addition, you can find that the BFD for PW function
is disabled on the PWs.

session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up
tunnel policy : --
VC last up time : 2010-11-24 12:31:31
CKey : 16
NKey : 15


session state : up
AC state : up
VC state : up
VC ID : 200
VC type : VLAN
link state : up
tunnel policy : --
VC last up time : 2010-11-24 12:33:21
CKey : 16
NKey : 15

Step 6 Configure the BFD for PW function on PEs.

NOTE
On the two PEs of a BFD session, the local discriminator of the local PE must match the remote
discriminator of the remote PE, and the remote discriminator of the local PE must match the local
discriminator of the remote PE. The discriminators cannot be modified after configuration.
# Configure PE1.
[PE1] bfd
[PE1-bfd] quit
[PE1] bfd for pw enable
[PE1] bfd 1to2 bind pw interface vlanif 10
[PE1-bfd-lsp-session-1to2] discriminator local 12
[PE1-bfd-lsp-session-1to2] discriminator remote 21
[PE1-bfd-lsp-session-1to2] commit
[PE1-bfd-lsp-session-1to2] quit

[PE1] bfd 1to3 bind pw interface vlanif 10 secondary

# Configure PE2.
[PE2] bfd
[PE2-bfd] quit
# Configure PE3.
[PE3] bfd
[PE3-bfd] quit
After the configuration, BFD sessions are established between PE1 and PE2, and between PE1
and PE3. Run the display bfd session all command. You can see that the status of the BFD
sessions is Up.
<PE1> display bfd session all
--------------------------------------------------------------------------------
Local Remote PeerIpAddr InterfaceName State Type
--------------------------------------------------------------------------------
12 21 --.--.--.-- Vlanif10 Up S_PW(M)
13 31 --.--.--.-- Vlanif10 Up S_PW(S)
--------------------------------------------------------------------------------
Run the display bfd configuration all command. You can view information about the BFD
configuration, and you can see that the Commit field is True.
<PE1> display bfd configuration all
--------------------------------------------------------------------------------
CFG Name CFG Type LocalDiscr MIndex SessNum Commit AdminDown
--------------------------------------------------------------------------------
1to2 Static_PW(M) 12 256 1 True False
1to3 Static_PW(S) 13 257 1 True False
--------------------------------------------------------------------------------

When the master PW works normally, the primary address of CE1 can ping 10.1.1.2 on CE2.
The backup PW does not work, so the secondary address of CE1 cannot ping 10.1.2.2 on CE2.
# Run the display mpls l2vc interface command on PE to view the PW status. You can see that
the BFD for PW function is enabled on the master PW and the backup PW and the BFD session
is Up.
session state : up

AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up
tunnel policy : --
VC last up time : 2010-11-24 12:31:31
CKey : 14
NKey : 1

session state : up
AC state : up
VC state : up
VC ID : 200
VC type : VLAN
link state : up


tunnel policy : --
VC last up time : 2010-11-24 12:33:21
CKey : 16
NKey : 15

Perform the shutdown command on VLANIF 20 of PE1 to simulate a fault on the master PW.
Then, the primary address of CE1 cannot ping 10.1.1.2 on CE2. The backup PW starts to work
so that the secondary address of CE1 can ping 10.1.2.2 on CE2.
<CE1> ping 10.1.1.2
Request time out
Request time out
Request time out
Request time out
Request time out

100.00% packet loss
<CE1> ping 10.1.2.2


0.00% packet loss
# Run the display mpls l2vc interface command on PE to view the PW status. You can find
that the VC of the master PW is Down and the BFD for PW function is unavailable. In addition,
the VC of the backup PW is Up, the BFD for PW function is available, and the BFD session is
Up.
session state : down
AC state : up
VC state : down
VC ID : 100
VC type : VLAN

local forwarding state : not forwarding
forwarding entry : not exist
link state : down
local control word : enable remote control word : none
tunnel policy : --
VC last up time : 2010-11-24 12:31:31
CKey : 14
NKey : 1

session state : up
AC state : up
VC state : up
VC ID : 200
VC type : VLAN
link state : up
tunnel policy : --
VC last up time : 2010-11-24 12:31:31
CKey : 16

NKey : 15

----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.252
ip address 10.1.2.1 255.255.255.252 sub
#
#
return

#
sysname PE1
#
vlan batch 10 20 30
#
bfd
#
bfd for pw enable
#
mpls lsr-id 1.1.1.1
mpls
#
mpls l2vpn
#
pw-template 1to2
control-word
#
pw-template 1to3
control-word
#
mpls ldp
#
remote-ip 4.4.4.4
#
remote-ip 5.5.5.5
#
interface Vlanif10
mpls l2vc pw-template 1to2 100
mpls l2vc pw-template 1to3 200 secondary
#

interface Vlanif20
ip address 100.1.1.1 255.255.255.252
mpls
mpls ldp
#
interface Vlanif30
ip address 200.1.1.1 255.255.255.252
mpls
mpls ldp
#
#
#
#
interface LoopBack1
ip address 1.1.1.1 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.1 0.0.0.0
network 100.1.1.0 0.0.0.3
network 200.1.1.0 0.0.0.3
#
bfd 1to2 bind pw interface Vlanif10
discriminator local 12
discriminator remote 21
commit
#
bfd 1to3 bind pw interface Vlanif10 secondary
commit
#
return
#
sysname P1
#
vlan batch 20 40
#
mpls lsr-id 2.2.2.2
mpls
#
mpls ldp
#
interface Vlanif20
ip address 100.1.1.2 255.255.255.252
mpls
mpls ldp
#
interface Vlanif40
ip address 100.2.1.1 255.255.255.252
mpls
mpls ldp
#
#


#
interface LoopBack1
ip address 2.2.2.2 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.2 0.0.0.0
network 100.1.1.0 0.0.0.3
network 100.2.1.0 0.0.0.3
#
return
#
sysname P2
#
vlan batch 30 60
#
mpls lsr-id 3.3.3.3
mpls
#
mpls ldp
#
interface Vlanif30
ip address 200.1.1.2 255.255.255.252
mpls
mpls ldp
#
interface Vlanif60
ip address 200.2.1.1 255.255.255.252
mpls
mpls ldp
#
#
#
interface LoopBack1
ip address 3.3.3.3 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.3 0.0.0.0
network 200.1.1.0 0.0.0.3
network 200.2.1.0 0.0.0.3
#
return
#
sysname PE2
#
vlan batch 40 50
#
bfd
#
bfd for pw enable
#
mpls lsr-id 4.4.4.4
mpls
#
mpls l2vpn
#
pw-template 2to1

control-word
#
mpls ldp
#
remote-ip 1.1.1.1
#
interface Vlanif40
ip address 100.2.1.2 255.255.255.252
mpls
mpls ldp
#
interface Vlanif50
#
#
#
interface LoopBack1
ip address 4.4.4.4 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.4 0.0.0.0
network 100.2.1.0 0.0.0.3
#
commit
#
return
#
sysname PE3
#
vlan batch 60 70
#
bfd
#
bfd for pw enable
#
mpls lsr-id 5.5.5.5
mpls
#
mpls l2vpn
#
pw-template 3to1
control-word
#
mpls ldp
#
remote-ip 1.1.1.1
#
interface Vlanif60
ip address 200.2.1.2 255.255.255.252
mpls
mpls ldp
#
interface Vlanif70


#
#
#
interface LoopBack1
ip address 5.5.5.5 255.255.255.255
#
ospf 1
area 0.0.0.0
network 5.5.5.5 0.0.0.0
network 200.2.1.0 0.0.0.3
#
commit
#
return

#
sysname CE2
#
vlan batch 50 70
#
interface Vlanif50
ip address 10.1.1.2 255.255.255.252
#
interface Vlanif70
ip address 10.1.2.2 255.255.255.252
#
#
#
return
2.12.6 Example for Configuring Dynamic BFD for SH-PW

As shown in Figure 2-16, PE1, P, and PE2 are on the same MPLS network, and CE1 and CE2
belong to one VPN instance. An SH-PW is set up between PE1 and PE2. A dynamic BFD session
is required to check the connectivity of the PW, thus protecting services on the link.

Figure 2-16 Networking diagram for configuring dynamic BFD for SH-PW
MPLS
Backbone

1.1.1.9/32 2.2.2.9/32 3.3.3.9/32
GE0/0/2 GE0/0/2
GE0/0/1 GE0/0/2
PE1 PE2
GE0/0/1 P GE0/0/1
PW
GE0/0/1 GE0/0/1
CE2
CE1
Loopback0 - 1.1.1.9/32
Loopback0 - 3.3.3.9/32
Loopback0 - 2.2.2.9/32
1. Establish an MPLS L2VPN in SH-PW mode between CE1 and CE2.

2. Enable MPLS L2VPN and create VC connections on PE1 and PE2.
3. Configure the basic BFD capability and trigger the dynamic BFD for PW on PEs.
Data Preparation
l IP addresses of all the interfaces

l LSR IDs of the devices
l VC-ID of the PW

l BFD parameters
Procedure
Step 1 Configure interface addresses for CE, PE,and P according to Figure 2-16, including VLAN and
VLANIF interfaces.
# Configure PE1.
[PE1-Loopback0] ip address 1.1.1.9 32
[PE1-Loopback0] quit
[PE1-Vlanif20] quit
[PE1] ospf 1
[PE1-ospf-1] area 0
[PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0
# Configure the P.
[P] interface loopback 0
[P-Loopback0] ip address 2.2.2.9 32
[P-Loopback0] quit
[P-Vlanif20] quit
[P-Vlanif40] quit
[P] ospf 1
[P-ospf-1] area 0
[P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0
# Configure PE2.
[PE2-Loopback0] ip address 3.3.3.9 32
[PE2-Loopback0] quit
[PE2-Vlanif40] quit
[PE2] ospf 1
[PE2-ospf-1] area 0
After the configuration, run the display ip routing-table command on the PEs, and you can see
that PE1 and PE2 have learned the routes on the Loopback0 interface of each other.
------------------------------------------------------------------------------


2.2.2.9/32 OSPF 10 2 D 100.1.1.2 Vlanif20
3.3.3.9/32 OSPF 10 3 D 100.1.1.2 Vlanif20
100.1.1.0/30 Direct 0 0 D 100.1.1.1 Vlanif20
100.2.1.0/30 OSPF 10 2 D 100.1.1.2 Vlanif20
# Enable MPLS, and set LSR-ID as the IP address of the Loopback0 interface. Enable MPLS
and MPLS LDP on interfaces on the backbone network.
# Configure PE1.
[PE1] mpls
[PE1-mpls] quit
[PE1] mpls ldp
[PE1-mpls-ldp] quit
[PE1-Vlanif20] mpls
[PE1-Vlanif20] quit
# Configure the P.
[P] mpls
[P-mpls] quit
[P] mpls ldp
[P-mpls-ldp] quit
[P-Vlanif20] mpls
[P-Vlanif20] quit
[P-Vlanif40] mpls
[P-Vlanif40] quit
# Configure PE2.
[PE2] mpls
[PE2-mpls] quit
[PE2] mpls ldp
[PE2-mpls-ldp] quit
[PE2-Vlanif40] mpls
[PE2-Vlanif40] quit
After the configuration, run the display tunnel-info all command on PEs. You can see that
MPLS LSPs are set up between PE1 and PE2.
<PE1> display tunnel-info all
* -> Allocated VC Token
Tunnel ID Type Destination Token
----------------------------------------------------------------------
0x10000 lsp 2.2.2.9 0
0x10001 lsp 3.3.3.9 1

Run the display mpls ldp session command on PE, and you can see that the LDP peer relation
between the PE and the neighboring P is in Operational state.
------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------

# Configure remote LDP sessions and set their IP addresses as the addresses of the loopback
interfaces on LDP remote peers.
NOTE
If the PEs are directly connected, you do not need to manually configure remote LDP sessions between
them.
# Configure PE1.
# Configure PE2.
After the configuration, run the display mpls ldp session command on PEs. You can see that
the LDP peer relation is in Operational state. This indicates that the LDP sessions are set up.

------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------
Step 5 Configure PWs on PEs by using PW templates.

# Configure PE1.
[PE1] mpls l2vpn
[PE1-l2vpn] quit
[PE1-Vlanif10] quit

# Configure PE2.
[PE2] mpls l2vpn
[PE2-l2vpn] quit
[PE2-Vlanif30] quit
After the configuration, run the display mpls l2vc interface command on PEs. You can see that
PWs are set up and are in the Active state. In addition, you can find that the BFD for PW function
is disabled on the PWs.
session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up
tunnel policy : --
VC last up time : 2010/11/24 14:31:31
CKey : 16
NKey : 15
Step 6 Configure the dynamic BFD on PEs.

# Configure PE1.
[PE1] bfd
[PE1-bfd] quit


[PE1-Vlanif10] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100
[PE1-Vlanif10] quit
# Configure PE2.
[PE2] bfd
[PE2-bfd] quit
[PE2-Vlanif30] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100
[PE2-Vlanif30] quit
# CE1 and CE2 can ping each other.

<CE1> ping 10.1.1.2

0.00% packet loss
# Run the display mpls l2vc interface command on PE to view the PW status. You can see that
the BFD for PW function is enabled and the BFD session is Up.

session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
Dynamic BFD for PW : available
Detect Multipier : 3
Min Transit Interval : 100
Max Receive Interval : 100
Dynamic BFD Session : built
link state : up


tunnel policy : --
VC last up time : 2010-11-24 14:33:31
CKey : 16
NKey : 15
# Run the display bfd session all verbose command on PE to view the status of the BFD session.
You can find that the BFD session is Up, the BFD session is bound to a PW, and the type of the
BFD session is dynamic.
<PE1> display bfd session all verbose
--------------------------------------------------------------------------------
Session MIndex : 256 (One Hop) State : Up Name : dyn_8192
--------------------------------------------------------------------------------
WTR Interval (ms) : -- Local Demand Mode : Disable
Active Multi : 3
--------------------------------------------------------------------------------
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 10.1.1.1 255.255.255.252
#


#
return
#
sysname PE1
#
vlan batch 10 20
#
bfd
#
bfd for pw enable
#
mpls lsr-id 1.1.1.9
mpls
#
mpls l2vpn
#
pw-template 1to2
control-word
#
mpls ldp
#
remote-ip 3.3.3.9
#
interface Vlanif10
mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100
#
interface Vlanif20
ip address 100.1.1.1 255.255.255.252
mpls
mpls ldp
#
#
#
interface Loopback0
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 1.1.1.9 0.0.0.0
network 100.1.1.0 0.0.0.3
#
return
#
sysname P
#
vlan batch 20 40
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 100.1.1.2 255.255.255.252
mpls

mpls ldp
#
interface Vlanif40
ip address 100.2.1.1 255.255.255.252
mpls
mpls ldp
#
#
#
interface Loopback0
ip address 2.2.2.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 100.1.1.0 0.0.0.3
network 100.2.1.0 0.0.0.3
#
return
#
sysname PE2
#
vlan batch 30 40
#
bfd
#
bfd for pw enable
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
pw-template 2to1
control-word
#
mpls ldp
#
remote-ip 1.1.1.9
#
interface Vlanif30
mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100
#
interface Vlanif40
ip address 100.2.1.2 255.255.255.252
mpls
mpls ldp
#
#
#
interface Loopback0
ip address 3.3.3.9 255.255.255.255
#

ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 100.2.1.0 0.0.0.3
#
return

#
sysname CE2
#
vlan batch 30
#
interface Vlanif30
ip address 10.1.1.2 255.255.255.252
#
#
return
2.12.7 Example for Configuring Dynamic BFD for MH-PW
As shown in Figure 2-17, U-PE1 and U-PE2 are connected through the MPLS backbone
network. You need to use the LSP and set S-PE as the switching node to set up a dynamic MH-
PW between U-PE1 and U-PE2.
A dynamic BFD session is required to check the connectivity of the MH-PW between U-PE1
and U-PE2, thus protecting services on the link.
Figure 2-17 Networking diagram for configuring dynamic BFD for MH-PW
2.2.2.9/32 3.3.3.9/32 4.4.4.9/32
P1 S-PE P2
GE0/0/1 GE0/0/1
GE0/0/2 GE0/0/2
GE0/0/1 GE0/0/2
Loopback0 PW Loopback0
1.1.1.9/32 100 200 5.5.5.9/32
PW
GE0/0/2 GE0/0/1
U-PE1 GE0/0/1 GE0/0/2 U-PE2
GE0/0/1 GE0/0/1
CE1 CE2

Loopback0 - 1.1.1.9/32
Loopback0 - 5.5.5.9/32
Loopback0 - 2.2.2.9/32
Loopback0 - 4.4.4.9/32
Loopback0 - 3.3.3.9/32
MPLS LDP peer relations between U-PE1 and S-PE, and between U-PE2 and S-PE.
3. Create a PW template. Enable the CW and LSP ping function.
4. Create an MPLS L2VC connection between the two U-PEs.
5. Create a switching PW on the switching node S-PE.
6. Configure the basic BFD capability and trigger the dynamic BFD for PW on U-PEs.
Data Preparation
l IP addresses of the interfaces, including VLAN interfaces and VLANIF interfaces
l LSR IDs of the devices
l VC-ID of the PW
l BFD parameters

Procedure
Step 1 Configure the IDs of the VLANs to which the interfaces of CE, PE, and P belong according to
Figure 2-17.
Step 2 Assign an IP address to the VLANIF interface connecting the CE to the PE.
Configure an IGP protocol on the MPLS backbone network. OSPF is used as the IGP protocol
in this example.
Configure interface addresses of the U-PE, S-PE, and P. When configuring OSPF, note that the
32-bit loopback interfaces of U-PE1, S-PE, and U-PE2 must be advertised.
# Configure U-PE1.
[U-PE1] interface loopback 0
[U-PE1-LoopBack0] ip address 1.1.1.9 32
[U-PE1-LoopBack0] quit
[U-PE1-Vlanif20] ip address 10.1.1.1 24
[U-PE1] ospf 1
[U-PE1-ospf-1] area 0.0.0.0
[U-PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[U-PE1-ospf-1-area-0.0.0.0] quit
[U-PE1-ospf-1] quit
# Configure P1.
[P1] interface loopback 0
[P1-LoopBack0] ip address 2.2.2.9 32
[P1-LoopBack0] quit
[P1-Vlanif20] ip address 10.1.1.2 24
[P1-Vlanif20] quit
[P1-Vlanif30] quit
[P1] ospf 1
[P1-ospf-1] area 0.0.0.0
[P1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255
[P1-ospf-1-area-0.0.0.0] quit
[P1-ospf-1] quit
# Configure S-PE.
[S-PE] interface loopback 0
[S-PE-LoopBack0] ip address 3.3.3.9 32
[S-PE-LoopBack0] quit
[S-PE-Vlanif30] ip address 20.1.1.2 24
[S-PE-Vlanif40] ip address 30.1.1.1 24
[S-PE] ospf 1
[S-PE-ospf-1] area 0.0.0.0
[S-PE-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255

[S-PE-ospf-1-area-0.0.0.0] quit
[S-PE-ospf-1] quit
# Configure P2.
[P2] interface loopback 0
[P2-LoopBack0] ip address 4.4.4.9 32
[P2-LoopBack0] quit
[P2-Vlanif40] quit
[P2-Vlanif50] quit
[P2] ospf 1
[P2-ospf-1] area 0.0.0.0
[P2-ospf-1-area-0.0.0.0] quit
[P2-ospf-1] quit
# Configure U-PE2.
[U-PE2] interface loopback 0
[U-PE2-LoopBack0] ip address 5.5.5.9 32
[U-PE2-LoopBack0] quit
[U-PE2-Vlanif50] ip address 40.1.1.2 24
[U-PE2] ospf 1
[U-PE2-ospf-1] area 0.0.0.0
[U-PE2-ospf-1-area-0.0.0.0] quit
[U-PE2-ospf-1] quit
After the configuration, run the display ip routing-table command on U-PE, P, or S-PE, and
you can see that the devices can learn each other's routes. Take the display on S-PE for example.
<S-PE> display ip routing-table
------------------------------------------------------------------------------
1.1.1.9/32 OSPF 10 3 D 20.1.1.1 Vlanif30

2.2.2.9/32 OSPF 10 2 D 20.1.1.1 Vlanif30
4.4.4.9/32 OSPF 10 2 D 30.1.1.2 Vlanif40
5.5.5.9/32 OSPF 10 3 D 30.1.1.2 Vlanif40
10.1.1.0/24 OSPF 10 2 D 20.1.1.1 Vlanif30
20.1.1.0/24 Direct 0 0 D 20.1.1.2 Vlanif30
30.1.1.0/24 Direct 0 0 D 30.1.1.1 Vlanif40
40.1.1.0/24 OSPF 10 2 D 30.1.1.2 Vlanif40
The U-PEs can ping each other. Take the display on U-PE1 for example.
<U-PE1> ping 40.1.1.2



0.00% packet loss
Step 4 Enable MPLS and set up LSPs and LDP sessions.
Configure the basic MPLS capability on the MPLS backbone network. Set up tunnels and LDP
sessions between U-PE1 and S-PE, and between S-PE and U-PE2.
# Configure U-PE1.
[U-PE1] mpls
[U-PE1-mpls] quit
[U-PE1] mpls ldp
# Configure P1.
[P1] mpls
[P1-mpls] quit
[P1] mpls ldp
[P1-mpls-ldp] quit
[P1-Vlanif20] mpls
[P1-Vlanif20] quit
[P1] interface Vlanif 30
[P1-Vlanif30] mpls
[P1-Vlanif30] quit
# Configure S-PE.
[S-PE] mpls lsr-id 3.3.3.9
[S-PE] mpls
[S-PE-mpls] quit
[S-PE] mpls ldp
[S-PE-mpls-ldp] quit

# Configure P2.
[P2] mpls
[P2-mpls] quit
[P2] mpls ldp
[P2-mpls-ldp] quit
[P2-Vlanif40] mpls
[P2-Vlanif40] quit
[P2-Vlanif50] mpls
[P2-Vlanif50] quit
# Configure U-PE2.
[U-PE2] mpls
[U-PE2-mpls] quit
[U-PE2] mpls ldp
After the configuration, run thedisplay mpls ldp session command on U-PE, P, or S-PE, and
you can see that the session status is Operational. Run the display mpls ldp peer command, and
you can see the status of the LDP sessions and adjacencies. Run the display mpls lsp command,
and you can see the status of the LSP. Take the display on S-PE for example.
<S-PE> display mpls ldp session

------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------
<S-PE> display mpls ldp peer
LDP Peer Information in Public network

A '*' before a peer means the peer is being deleted.
------------------------------------------------------------------------------
PeerID TransportAddress DiscoverySource
------------------------------------------------------------------------------
1.1.1.9:0 1.1.1.9 Remote Peer : 1.1.1.9
2.2.2.9:0 2.2.2.9 Vlanif30
4.4.4.9:0 4.4.4.9 Vlanif40
5.5.5.9:0 5.5.5.9 Remote Peer : 5.5.5.9
------------------------------------------------------------------------------
TOTAL: 4 Peer(s) Found.
<S-PE> display mpls lsp

----------------------------------------------------------------------
LSP Information: LDP LSP
----------------------------------------------------------------------


3.3.3.9/32 3/NULL -/-
1.1.1.9/32 NULL/1024 -/Vlanif30
1.1.1.9/32 1024/1024 -/Vlanif30
2.2.2.9/32 NULL/3 -/Vlanif30
2.2.2.9/32 1025/3 -/Vlanif30
4.4.4.9/32 NULL/3 -/Vlanif40
4.4.4.9/32 1027/3 -/Vlanif40
5.5.5.9/32 NULL/1027 -/Vlanif40
5.5.5.9/32 1026/1027 -/Vlanif40
Step 5 Create and configure the PW template.

Create a PW template on each U-PE. Enable the CW and LSP ping function.
# Configure U-PE1.
# Configure U-PE2.

Configure the dynamic PW on the U-PE. Enable dynamic PW switching on the S-PE.
NOTE
PWE3 does not support point-to-multipoint (P2MP). When you create an MPLS L2VC on an ATM sub-
interface, the ATM sub-interface must be in the point-to-point (P2P) type. When you configure the
transparent transmission of ATM cells, the type of the ATM sub-interface is not restricted.
# Configure U-PE1.
[U-PE1] mpls l2vpn
[U-PE1-l2vpn] quit
# Configure S-PE.
[S-PE] mpls l2vpn
[S-PE-l2vpn] quit
[S-PE] mpls switch-l2vc 1.1.1.9 100 between 5.5.5.9 200 encapsulation vlan
# Configure U-PE2.
[U-PE2] mpls l2vpn
[U-PE2-l2vpn] quit
After the preceding configuration, run the display mpls l2vc interface command on U-PEs to
check L2VPN connections. You can see that PWs are set up and in Active state. In addition, you
can find that the BFD for PW function is disabled on the PWs.


session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
link state : up
tunnel policy : --
VC last up time : 2010-11-26 08:25:38
CKey : 16
NKey : 15
Step 7 Configure the dynamic BFD on PEs.

# Configure U-PE1.
[U-PE1] bfd
[U-PE1-bfd] quit
[U-PE1] bfd for pw enable
[U-PE1] interface Vlanif 10
[U-PE1-Vlanif10] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 remote-
vcid 200
# Configure U-PE2.
[U-PE2] bfd
[U-PE2-bfd] quit
[U-PE2] bfd for pw enable
[U-PE2-Vlanif60] mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 remote-
vcid 100

# CE1 and CE2 can ping each other.

<CE1> ping 100.1.1.2


0.00% packet loss
# Run the display mpls l2vc interface command on U-PEs to view the PW status. You can see
that the BFD for PW function is enabled and the BFD session is Up.

session state : up
AC state : up
VC state : up
VC ID : 100
VC type : VLAN
Dynamic BFD for PW : available
Detect Multipier : 3
Min Transit Interval : 100
Max Receive Interval : 100
Dynamic BFD Session : built
link state : up
tunnel policy : --
VC last up time : 2010-11-26 08:25:38
CKey : 16
NKey : 15

# Run the display bfd session all verbose command on U-PEs to view the status of the BFD
session. You can find that the BFD session is Up, the BFD session is bound to a PW, and the
type of the BFD session is dynamic.

<U-PE1> display bfd session all verbose
--------------------------------------------------------------------------------
Session MIndex : 256 (One Hop) State : Up Name : dyn_8192
--------------------------------------------------------------------------------
Local Detect Multi : 3 Detect Interval (ms) : --
WTR Interval (ms) : -- Local Demand Mode : Disable
--------------------------------------------------------------------------------
----End
Configuration Files
#
sysname CE1
#
vlan batch 10
#
interface Vlanif10
ip address 100.1.1.1 255.255.255.0
#
#
return

#
sysname U-PE1
#
vlan batch 10 20
#
bfd
#
bfd for pw enable
#
mpls lsr-id 1.1.1.9
mpls
#

mpls l2vpn
#
pw-template pwt
control-word
#
mpls ldp
#
remote-ip 3.3.3.9
#
interface Vlanif10
mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 remote-vcid 200
#
interface Vlanif20
ip address 10.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 1.1.1.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 10.1.1.0 0.0.0.255
network 1.1.1.9 0.0.0.0
#
return
#
sysname P1
#
vlan batch 20 30
#
mpls lsr-id 2.2.2.9
mpls
#
mpls ldp
#
interface Vlanif20
ip address 10.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif30
ip address 20.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 2.2.2.9 255.255.255.255

#
ospf 1
area 0.0.0.0
network 2.2.2.9 0.0.0.0
network 10.1.1.0 0.0.0.255
network 20.1.1.0 0.0.0.255
#
return
#
sysname S-PE
#
vlan batch 30 40
#
mpls lsr-id 3.3.3.9
mpls
#
mpls l2vpn
#
mpls switch-l2vc 5.5.5.9 200 between 1.1.1.9 100 encapsulation vlan
#
mpls ldp
#
remote-ip 1.1.1.9
#
remote-ip 5.5.5.9
#
interface Vlanif30
ip address 20.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif40
ip address 30.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 3.3.3.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 3.3.3.9 0.0.0.0
network 20.1.1.0 0.0.0.255
network 30.1.1.0 0.0.0.255
#
return
#
sysname P2
#
vlan batch 40 50
#
mpls lsr-id 4.4.4.9
mpls
#
mpls ldp
#

interface Vlanif40
ip address 30.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif50
ip address 40.1.1.1 255.255.255.0
mpls
mpls ldp
#
#
#
interface LoopBack0
ip address 4.4.4.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 4.4.4.9 0.0.0.0
network 30.1.1.0 0.0.0.255
network 40.1.1.0 0.0.0.255
#
return
#
sysname U-PE2
#
vlan batch 50 60
#
bfd
#
bfd for pw enable
#
mpls lsr-id 5.5.5.9
mpls
#
mpls l2vpn
#
pw-template pwt
control-word
#
mpls ldp
#
remote-ip 3.3.3.9
#
interface Vlanif50
ip address 40.1.1.2 255.255.255.0
mpls
mpls ldp
#
interface Vlanif60
mpls l2vpn pw bfd min-rx-interval 100 min-tx-interval 100 remote-vcid 100
#
#

interface LoopBack0
ip address 5.5.5.9 255.255.255.255
#
ospf 1
area 0.0.0.0
network 5.5.5.9 0.0.0.0
network 40.1.1.0 0.0.0.255
#
return

#
sysname CE2
#
vlan batch 60
#
interface Vlanif60
ip address 100.1.1.2 255.255.255.0
#
#
return


Configuration Guide - VPN (V100R006C01 - 01) PDF

Uploaded by

Document Information

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

Configuration Guide - VPN (V100R006C01 - 01) PDF

Uploaded by

Copyright:

Available Formats

Quidway S5700 Series Ethernet Switches

Configuration Guide - VPN

HUAWEI TECHNOLOGIES CO., LTD.

Trademarks and Permissions

Huawei Technologies Co., Ltd.

Issue 01 (2011-11-21) Huawei Proprietary and Confidential i

About This Document

This document describes how to configure the VPN feature.

This document is intended for:

l Data configuration engineers

Indicates a hazard with a high level of risk, which if not

Indicates a hazard with a medium or low level of risk, which

Indicates a potentially hazardous situation, which if not

Issue 01 (2011-11-21) Huawei Proprietary and Confidential ii

NOTE Provides additional information to emphasize or supplement

Boldface The keywords of a command line are in boldface.

Italic Command arguments are in italics.

[] Items (keywords or arguments) in brackets [ ] are optional.

{ x | y | ... } Optional items are grouped in braces and separated by

[ x | y | ... ] Optional items are grouped in brackets and separated by

{ x | y | ... }* Optional items are grouped in braces and separated by

[ x | y | ... ]* Optional items are grouped in brackets and separated by

# A line starting with the # sign is comments.

Changes in Issue 01 (2011-11-21)

Issue 01 (2011-11-21) Huawei Proprietary and Confidential iii

About This Document.....................................................................................................................ii

Issue 01 (2011-11-21) Huawei Proprietary and Confidential iv

1.7.6 Checking Connectivity of the VLL Network..........................................................................................25

Issue 01 (2011-11-21) Huawei Proprietary and Confidential v

2.9.4 Configuring the Attributes of a PW Template.........................................................................................82

Issue 01 (2011-11-21) Huawei Proprietary and Confidential vi

About This Chapter

1.1 Introduction to VLL

Issue 01 (2011-11-21) Huawei Proprietary and Confidential 1

Issue 01 (2011-11-21) Huawei Proprietary and Confidential 2

1.1 Introduction to VLL

Compared with BGP/MPLS VPN, VLL has the following advantages:

Figure 1-1 shows the model of VLL.

Figure 1-1 VLL model

Issue 01 (2011-11-21) Huawei Proprietary and Confidential 3

Figure 1-2 VLL label processing

L2PDU T V L2PDU T' V L2PDU L2PDU

1.2 VLL Features Supported by the S5700

Issue 01 (2011-11-21) Huawei Proprietary and Confidential 4

Issue 01 (2011-11-21) Huawei Proprietary and Confidential 5

Processing Tags Carried in Packets by the VLL

VLAN encapsulation Do not process the S tag carried in a packet.

Ethernet encapsulation If an S tag is carried in a packet, delete the S

GE, XGE or Eth-Trunk interface Do not process the packet.

VLANIF interface If an S tag is carried in a packet, rewrite the S

Issue 01 (2011-11-21) Huawei Proprietary and Confidential 6

One CE is connected to a PE through an AC and the other CE is dual-homed to PEs through

Figure 1-3 Asymmetrically connected CEs

VPN backbone AC2

1.3 Configuring CCC VLL

1.3.1 Establishing the Configuration Task

Issue 01 (2011-11-21) Huawei Proprietary and Confidential 7

1 Name of a CCC connection

2 Connection type: local connection or remote connection

5 Remote CCC connection: the in-label and out-label values of LSRs

1.3.2 Enabling the MPLS L2VPN

The system view is displayed.

The MPLS L2VPN is configured.