L2TPv3 Tunneling

by

There are different L2VPN technologies like L2TPv3, VPLS, H-VPLS, AToM. Except L2TPv3, the others require a MPLS backbone. L2TP uses IP protocol 115

 

Point-to-Point

  • Layer 2 Tunneling Protocol v3 (L2TPv3)
  • Any transport over MPLS (AToM)

Point-to-Multipoint

  • Virtual Private LAN Service (VPLS)
  • Hierarchical Virtual Private LAN Service (H-VPLS)

Payload agnostic

  • supports Ethernet, Frame-Relay, ATM, HDLC, PPP over IP
  • supports interworking (between different encap)

Note: Encapsulating means an extra MTU overhead, so we need to be careful to not fragmentation along the way.

L2TPv3_0

The objective here is establish a Pseudowire (PW) between two routers (R2/R4) extending the Layer 2 between R1 and R5 for VLAN 156.

Assuming here we have connectivity for R2/R4 loopback’s, since we will use that as source for PW.

Configuration steps

  1. Define PW
    1. define local interface as the source of tunnel
  2. Define xconnect
    1. define peer, vcid and associate with PW recently created

vcid needs to be unique, in this case i choose the same as VLAN ID

R2(config)#pseudowire-class PW_156_L2TPV3
R2(config-pw-class)# encapsulation l2tpv3
R2(config-pw-class)# ip local interface Loopback0
R2(config-pw-class)# ip tos reflect

R2(config)#interface GigabitEthernet1.156
R2(config-subif)# encapsulation dot1Q 156
R2(config-subif)# no cdp enable
R2(config-subif)# xconnect 10.4.4.4 156 pw-class PW_156_L2TPV3

R4(config)#pseudowire-class PW_156_L2TPV3
R4(config-pw-class)# encapsulation l2tpv3
R4(config-pw-class)# ip local interface Loopback0
R4(config-pw-class)# ip tos reflect

R4(config)#interface GigabitEthernet1.156
R4(config-subif)# encapsulation dot1Q 156
R4(config-subif)# no cdp enable
R4(config-subif)# xconnect 10.2.2.2 156 pw-class PW_156_L2TPV3

R2#sh l2tun session all

L2TP Session Information Total tunnels 1 sessions 1

Session id 1881450243 is up, logical session id 32790, tunnel id 1984298019
Remote session id is 4260556922, remote tunnel id 82213150
Locally initiated session
Unique ID is 0
Session Layer 2 circuit, type is Ethernet Vlan, name is GigabitEthernet1.156:156
Session vcid is 156
Circuit state is UP
Local circuit state is UP
Remote circuit state is UP
Call serial number is 4100100002
Remote tunnel name is R4
Internet address is 10.4.4.4
Local tunnel name is R2
Internet address is 10.2.2.2
IP protocol 115
Session is L2TP signaled
Session state is established, time since change 00:00:06
2 Packets sent, 2 received
136 Bytes sent, 136 received
Last clearing of counters never
Counters, ignoring last clear:
2 Packets sent, 2 received
136 Bytes sent, 136 received
Receive packets dropped:
out-of-order:             0
other:                    0
total:                    0
Send packets dropped:
exceeded session MTU:     0
other:                    0
total:                    0
DF bit off, ToS reflect enabled, ToS value 0, TTL value 255
Sending UDP checksums are disabled
Received UDP checksums are verified
No session cookie information available
FS cached header information:
encap size = 24 bytes
45000014 00000000 ff73a16b 0a020202
0a040404 fdf2f07a
Sequencing is off
Conditional debugging is disabled
SSM switch id is 8212, SSM segment id is 4121

R2#sh l2tun tunnel all  

L2TP Tunnel Information Total tunnels 1 sessions 1

Tunnel id 1984298019 is up, remote id is 82213150, 1 active sessions
Locally initiated tunnel
Tunnel state is established, time since change 00:00:30
Tunnel transport is IP  (115)
Remote tunnel name is R4
Internet Address 10.4.4.4, port 0
Local tunnel name is R2
Internet Address 10.2.2.2, port 0
L2TP class for tunnel is l2tp_default_class
Counters, taking last clear into account:
70908 packets sent, 70725 received
5142824 bytes sent, 5127872 received
Last clearing of counters never
Counters, ignoring last clear:
70908 packets sent, 70725 received
5142824 bytes sent, 5127872 received
Control Ns 1925, Nr 56
Local RWS 1024 (default), Remote RWS 1024
Control channel Congestion Control is disabled
Tunnel PMTU checking disabled
Retransmission time 1, max 1 seconds
Unsent queuesize 0, max 0
Resend queuesize 0, max 3
Total resends 0, ZLB ACKs sent 51
Total out-of-order dropped pkts 0
Total out-of-order reorder pkts 0
Total peer authentication failures 0
Current no session pak queue check 0 of 5
Retransmit time distribution: 0 0 0 0 0 0 0 0 0
Control message authentication is disabled

Configuring OSPF

R1(config)#router ospf 1
R1(config-router)# log-adjacency-changes
R1(config-router)# network 0.0.0.0 255.255.255.255 area 0
R5(config)#router ospf 1
R5(config-router)# log-adjacency-changes
R5(config-router)# network 0.0.0.0 255.255.255.255 area 0

Confirm we have OSPF neighbouring across the L2VPN

R1#show ip ospf neighborNeighbor ID     Pri   State           Dead Time   Address         Interface
10.1.156.5        1   FULL/BDR        00:00:32    10.1.156.5      GigabitEthernet1.156

 

Do you like dissect packets? You can do it here

References:

https://tools.ietf.org/html/rfc3931 – Layer Two Tunneling Protocol – Version 3 (L2TPv3)

Leave a Comment

Translate »
Google no longer supports Google Images API and this plugin can't work.

You can try to use other plugins with the same feature:
WP Picasa Box - http://codecanyon.net/item/wp-picasa-box/16099962
WP Pixabay Search And Insert - http://wpclever.net/downloads/wordpress-pixabay-search-and-insert