Example: Configuring a Provider Bridge Network with Normalized VLAN Tags

This topic provides a configuration example to help you effectively configure a network of Juniper Networks MX Series 3D Universal Edge Routers for a bridge domain or virtual private LAN service (VPLS) environment. The emphasis here is on choosing the normalized virtual LAN (VLAN) configuration. The VPLS configuration is not covered in this chapter. For more information about configuring Ethernet pseudowires as part of VPLS, see the Junos OS.

Note: This topic does not present exhaustive configuration listings for all routers in the figures. However, you can use it with a broader configuration strategy to complete the MX Series router network configurations.

Consider the provider bridge network shown in Figure 1.

Figure 1: Provider Bridge Network Using Normalized VLAN Tags

Provider Bridge Network Using NormalizedVLAN Tags

The Layer 2 provider edge (PE) routers are MX Series routers. Each site is connected to two provider (P) routers for redundancy, although both links are only shown for L2-PE1 at Site 1. Site 1 is connected to P0 and P1 (as shown), Site 2 is connected to P0 and P2 (not shown), Site 3 is connected to P2 and P3 (as shown), and Site 4 is connected to P1 and P3 (as shown). VPLS pseudowires configured on the PE and P routers carry traffic between the sites.

The VLANs’ bridging paths are shown with distinct dashed and dotted lines. The VLANs at each site are:

  • L2-PE1 at Site 1: VLAN 100 and VLAN 300
  • L2-PE2 at Site 2: VLAN 100
  • L2-PE3 at Site 3: VLAN 100
  • L2-PE4 at Site 4: VLAN 300
Note: The configurations in this chapter are only partial examples of complete and functional router configurations. Do not copy these configurations and use them directly on an actual system.

The following is the configuration of interfaces, virtual switches, and bridge domains for MX Series router L2-PE1:

[edit]interfaces ge-1/0/0 {encapsulation flexible-ethernet-services;flexible-vlan-tagging;unit 1 {encapsulation vlan-bridge;vlan-id 100;}unit 11 {encapsulation vlan-bridge;vlan-id 301;}}interface ge-2/0/0 {encapsulation flexible-ethernet-services;flexible-vlan-tagging;unit 1 {encapsulation vlan-bridge;vlan-id 100;}}interface ge-3/0/0 {encapsulation flexible-ethernet-services;flexible-vlan-tagging;unit 1 {encapsulation vlan-bridge;vlan-id 200; # NOTE: 200 is translated to normalized VLAN value}}interfaces ge-4/0/0 {encapsulation flexible-ethernet-services;flexible-vlan-tagging;unit 1 {encapsulation vlan-bridge;vlan-tags outer 500 inner 100; # This places two VLAN tags on the provider                                                 # pseudowire}}interfaces ge-5/0/0 {encapsulation flexible-ethernet-services;flexible-vlan-tagging;unit 1 {encapsulation vlan-bridge;vlan-tags outer 500 inner 100; # This places two VLAN tags on the provider                                                 # pseudowire}unit 11 {encapsulation vlan-bridge;vlan-tags outer 600 inner 300; # This places two VLAN tags on the provider                                                 # pseudowire}}interfaces ge-6/0/0 {encapsulation flexible-ethernet-services;flexible-vlan-tagging;unit 11 {encapsulation vlan-bridge;vlan-id 300;}}routing-instances {customer-c1-virtual-switch {instance-type virtual-switch ;bridge-domains {c1-vlan-100 {domain-type bridge;vlan-id 100; # Customer VLAN 100 uses these five logical interfacesinterface ge-1/0/0.1;interface ge-2/0/0.1;interface ge-3/0/0.1;interface ge-4/0/0.1;interface ge-5/0/0.1;} # End of c1-vlan-100} # End of bridge-domains} # End of customer-c1-virtual-switchcustomer-c2-virtual-switch {instance-type virtual-switch ;bridge-domains {c2-vlan-300 {domain-type bridge;vlan-id 300; # Customer VLAN 300 uses these three logical interfacesinterface ge-1/0/0.11;interface ge-5/0/0.11;interface ge-6/0/0.11;} # End of c1-vlan-300} # End of bridge-domains} # End of customer-c2-virtual-switch} # end of routing-instances

Bridge domain c1–vlan-100 for customer-c1–virtual-switch has five logical interfaces:

  • Logical interface ge-1/0/0.1 configured on physical port ge-1/0/0.
  • Logical interface ge-2/0/0.1 configured on physical port ge-2/0/0.
  • Logical interface ge-3/0/0.1 configured on physical port ge-3/0/0.
  • Logical interface ge-4/0/0.1 can exist on an extended port/subinterface defined by the pair ge-4/0/0 and outer-vlan-tag 500.
  • Logical interface ge-5/0/0.1 can exist on an extended port/subinterface defined by the pair ge-5/0/0 and outer-vlan-tag 500.

The association of the received packet to a logical interface is done by matching the VLAN tags of the received packet with the VLAN tags configured on one of the logical interfaces on that physical port. The vlan-id 100 configuration within the bridge domain c1–vlan-100 sets the normalized VLAN value to 100.

The following happens as a result of this configuration:

  • Packets received on logical interfaces ge-1/0/0.1 or ge-2/0/0.1 with a single VLAN tag of 100 in the frame are accepted.
  • Packets received on logical interface ge-3/0/0.1 with a single VLAN tag of 200 in the frame are accepted and have their tag values translated to the normalized VLAN tag value of 100.
  • Packets received on logical interfaces ge-4/0/0.1 and ge-5/0/0.1 with outer tag values of 500 and inner tag values of 100 are accepted.
  • Unknown source MAC addresses and unknown destination MAC addresses are learned based on their normalized VLAN values of 100 or 300.
  • All packets sent on a logical interface always have their associated vlan-id value(s) in their VLAN tag fields.

Configuration and function of bridge domain c2-vlan-300 for customer-c2-virtual-switch is similar to, but not identical to, that of bridge domain c1-vlan-100 for customer-c1-virtual-switch.