Configuring L2TPv3 Tunnels for Layer 2 VPN
The configuration steps involved in the implementation of L2TPv3 on Cisco routers is outlined in Figure 10-4. All steps in the configurations outlined here are performed on the routers in the provider network that connect to the customer network using either Ethernet, serial, ATM, or POS interfaces. To implement L2TPv3, there is no configuration requirement on either the CE routers or the provider
Figure 10-4. L2TPv3 Configuration Flowchart
The optional L2TP Class configuration creates a template of L2TP control channel parameters that can be used by different pseudowire classes. If configured, the same L2TP class must be invoked by the pseudowire classes used on the endpoints of the tunnel.
The pseudowire class configuration creates a configuration template for the pseudowire. The pseudowire class configuration is used as a template for session level information for L2TPv3 sessions. This information is used to transport Layer 2 circuit traffic over the pseudowire. The pseudowire configuration specifies the characteristics of the L2TPv3 signaling mechanism, including the data encapsulation type, the control protocol, sequencing, fragmentation, payload-specific options, and IP information. The configuration of manual sessions versus dynamic sessions is also performed in the pseudowire class configuration. The source IP address of the Layer 2 tunnel is also specified in this configuration and is usually a loopback interface.
Binding the interface that is part of the L2TPv3 tunnel to the pseudowire template and the L2TP class is the final step in the L2TPv3 tunnel configuration. The virtual circuit identifier that you configure creates the binding between a pseudowire configured on a PE router and an attachment circuit, and the virtual circuit identifier configured on the PE router at one end of the L2TPv3 control channel must also be configured on the peer PE router at the other end.
In addition to the just mentioned steps, if the PE routers are GSR 12000 series routers, a line card will need to be configured as a tunnel server card. The configuration of a line card on the GSR series as a tunnel server card is outlined in Figure 10-5.
Figure 10-5. L2TPv3—Configuring Line Card as Tunnel Server
Configuring L2TPv3 Static Tunnels
In this section, you will be provided with the configuration procedure for manual or static L2TPv3 tunnels in the network topology shown in Figure 10-6. Figure 10-6 shows an SP network with two PE routers, PE1-AS1 and PE2-AS1, connected to Customer A Routers CE1-A and CE2-A, respectively. The devices used in the test setup are GSR 12000 series routers for the provider cloud devices (PE1-AS1, PE2-AS1, and P1-AS1) and 7200 series routers for the CE devices. The GSRs were
Figure 10-6. L2TPv3—Static Tunnels Topology and Base Configuration
For the GSR 12000 series routers functioning as PE1-AS1 and PE2-AS1 in the network topology, Slot 3 contains an OC48 POS line card that functions as the tunnel server card for the L2TPv3 tunnel. Therefore, all configurations pertaining to implementing a line card on a Cisco 12000 series router as the tunnel server card will be performed with perspective to Slot 3 on Routers PE1-AS1 and PE2-AS1. The following steps outline the configuration process to implement the L2TPv3 tunnel. The basic configuration for all devices in the setup prior to L2TPv3 tunnel configuration is also shown in Figure 10-6. The L2TPv3 specific configuration is
Verification of Static L2TPv3 Tunnel Operation
The following verification steps are performed on the PE routers to validate L2TPv3 tunnel and Layer 2 VPN operation:
Final Device Configuration for L2TPv3 Static Tunnels
Figure 10-7 depicts the final configuration for devices to implement L2TPv3 static tunnels.
Figure 10-7. L2TPv3 Static Tunnels—Final Configuration