Tunnel L2 Protocols over VPLS

Load vpls.l2.tunneling.cfg

#IOS-XE (R1-R6, CE1-3)
config replace flash:vpls.l2.tunneling.cfg

Configure VPLS with BGP for autodiscovery and signaling for CE1, CE2 and CE3. BGP l2vpn/vpls is already configured in the core.

Configure the PEs so that CDP is terminated on the PEs themselves, and LLDP is tunneled through VPLS. All CEs should see one CDP neighbor (the PE), and two LLDP neighbors (two CEs).

CDP and LLDP is already configured on the CEs. CDP is already configured globally on the PEs.

Answer

#R1
l2vpn vfi context VPLS1
 vpn id 10
 l2protocol forward lldp
 autodiscovery bgp signaling bgp
  ve id 1
!
int gi4
 cdp enable
 service instance 10 eth
  encapsulation default
  l2protocol forward lldp
 exit
!
bridge-domain 10
 member gi4 service-instance 10
 member vfi VPLS1

#R3
l2vpn vfi context VPLS1
 vpn id 10
 l2protocol forward lldp
 autodiscovery bgp signaling bgp
  ve id 3
!
int gi6
 cdp enable
 service instance 10 eth
  encapsulation default
  l2protocol forward lldp
 exit
!
bridge-domain 10
 member gi6 service-instance 10
 member vfi VPLS1

#R5
l2vpn vfi context VPLS1
 vpn id 10
 l2protocol forward lldp
 autodiscovery bgp signaling bgp
  ve id 5
!
int gi6
 cdp enable
 service instance 10 eth
  encapsulation default
  l2protocol forward lldp
 exit
!
bridge-domain 10
 member gi6 service-instance 10
 member vfi VPLS1

Explanation

Because VPLS is a layer 2 service, you may want to sometimes tunnel L2 protocols and sometimes terminate them on the PE. For example, perhaps you want to tunnel STP, CDP or VTP through, but terminate LACP on the PE directly.

It appears that by default the router will not tunnel any L2 protocols when using an EFP. You can change this behavior under the service instance using the command l2protocol forward|peer protocol. It seems that when using the physical port instead of a service instance, all l2protocols are tunneled.

Additionally, you have to apply this to the VFI in VPLS, since the VFI is somewhat like another port in the bridge-domain. You apply this using the same command but the only option is forward.

l2vpn vfi context VPLS1
 l2protocol forward protocol

As a shortcut, it seems you can simply use l2protocol forward to forward all L2 protocols.

Verification

Each CE should see the local PE as the only CDP neighbor, and the two other CEs as LLDP neighbors:

We can verify the router is forwarding LLDP on the EFP using this show command:

PreviousHub and Spoke VPLSNextBasic H-VPLS

Last updated