And this is de topology: like you can see bellow, the 4 interfaces are directly connected to 4 transparency switches.
The OSPF is running perfectly fine, and then i have MPLS.. VPLS.. and VLANS running all fine.
I have added Virtual links for transport de backbone area to each individual Area.
But when i want to run a PPPoE-Client from switch 2, 3 or 4… this doesn’t success. Only have success from switch 1.
What i missing ?
Here another screens with the setup of the networks:
Multiple network ip address on single interface in ospf? Yes, but only single interface setting is ospf.
Bridge port table?
PPPoE interface - do you have pppoe server listening at all ports that you need? And on vpls? Are transparent switches have enought mtu size to transport vpls? Your topology not look ideal.
In bridge port, i have tested 2 vlans inside a VPLS with a DHCP server for testing purposes, but it isn’t used with pppoe-server.
PPPoE interface - do you have pppoe server listening at all ports that you need? And on vpls?
Yes, like you can see bellow in the image. And the
The MTU of VLAN is: 1500
The L2 MTU of VLAN is: 1504
Are transparent switches have enought mtu size to transport vpls?
The transparent switches are “Mikrotik CRS212” with last RouterOS and i only configured the ports like slave of SFP1. Without anything else. Without MPLS, or Bridge.. or IP address.. only the ports like slave. Where i could setup MTU size ? in where?.
Your topology not look ideal.
What could be the ideal topology with these hardware and point to point fibers?.
At first attempt, try some magic with MTU … PPPoE in VPLS in VLAN can have easily issue with L2 mtu. MPLS should be reconfigure (at both ends of VLAN/MPLS) to run correctly in vlan. Vlan Tagging add 4 bytes, MPLS add next tagging, VLPS add next tagging, PPPoE add next tagging. You can test it easily with icmp echo with maximum size and set “dont fragment” bit. Transparent bridges can silently drop packet with larger mtu and no warning message will be generated.
I have read the presentation, and a lot of others documents.
I have tryed to play with MTU adding 4 bit in every test, and pinging in each change like you say, with do-not-fragment. But nothing has changed.
I ping the loopback IP for the other side, from my core router. The values of MTU i am playing for are only in MPLS Interface MTU value. I need to change VLAN MTU value too?,
Like you can see bellow adding only 1 bit it seems like this don’t like him so much.
[admin@CCR1016] > ping 10.255.255.16 do-not-fragment size=1500
SEQ HOST SIZE TTL TIME STATUS
0 10.255.255.16 1500 64 0ms
1 10.255.255.16 1500 64 0ms
2 10.255.255.16 1500 64 0ms
3 10.255.255.16 1500 64 0ms
4 10.255.255.16 1500 64 0ms
5 10.255.255.16 1500 64 0ms
6 10.255.255.16 1500 64 0ms
7 10.255.255.16 1500 64 0ms
sent=8 received=8 packet-loss=0% min-rtt=0ms avg-rtt=0ms max-rtt=0ms
[admin@CCR1016] > ping 10.255.255.16 do-not-fragment size=1501
SEQ HOST SIZE TTL TIME STATUS
0 packet too large and cannot be fragmented
0 10.1.116.1 576 64 0ms fragmentation needed and DF set
1 packet too large and cannot be fragmented
1 10.1.116.1 576 64 0ms fragmentation needed and DF set
2 packet too large and cannot be fragmented
2 10.1.116.1 576 64 0ms fragmentation needed and DF set
3 packet too large and cannot be fragmented
3 10.1.116.1 576 64 0ms fragmentation needed and DF set
sent=4 received=0 packet-loss=100%
I am a bit confused with this document:
If i am understanding right, i need to add 4 bit for each MPLS label, but in my case, there are a lot of labels for every interface, because each one have 9 Networks. Look at this:
Excuse me please for my poor knowledge about this, but this is the first time i am setting something so huge.
do you have mpls/vpls in vlan? if yes, you must ensure, that L2 vlan can pass more than 1500b, need full 1500+4mpls+4vpls (all is in kirnak presentation)
ping loopback on other side of vpls exit point is not enough, you need try ping from client, that should communicate thought vpls to pppoe interface (full 1500b must pass with don’t frag.b.) - you need probably add test ip address on correct vpls tunnel and client pc. When succeed, pppoe server must work.
answers:
mpls could have two or more labels … 4 bytes for mpls and another 4 bytes from vpls (depend on configuration)
do you have mpls/vpls in vlan? if yes, you must ensure, that L2 vlan can pass more than 1500b, need full 1500+4mpls+4vpls (all is in kirnak presentation)
In “kirnak.pdf” there is not a part with the VLANS creation. What i must change?, “The MPLS interface MTU value” and what other?
In the presentation is very clear that i must add the bits of 1500+([4mpls]*n)+4vpls+4vlan+8pppoe
If i count 18 tags in the MPLS bindings table i could say that the count may be this?.. 1500+([4mpls]*18)+4vpls+4vlan+8pppoe ?? and this result i must fill in the MPLS interface MTU value and what other place. Excuse me for my confuse ideas.
ping loopback on other side of vpls exit point is not enough, you need try ping from client, that should communicate thought vpls to pppoe interface (full 1500b must pass with don’t frag.b.) - you need probably add test ip address on correct vpls tunnel and client pc. When succeed, pppoe server must work.
I am connected with my laptop. (testing in switch 1) I ran the pppoe-client successfully, and then i access with winbox at the last Routerboard 2011. Here is where i test the ping… and 1500 are passing without frag.b. But if i test size 1501 this is fragmented. In switch 2 i have tried the same test, and the PPPoE-client don’t success. However the ping is showing the same result. 1500 are passing OK but 1501 don’t pass. What is the right value to pass here?.
Then if i test without VLANS (i change the pppoe-server by the VPLS and play again with MTU value) i have the same result, ever the fragmentation is in 1501.
I create this scenario for you, full work, everything that you need is there. About 3 minutes.
CCR A1 is main with PPPoE
hEX A3 is remote end (like yours RB2011)
pppoe client is connect to ether4 at hEX A3 and fully work
minimal L2 mtu 1532b on ether1 must be supported in full path to exit from vlan
I have tested with that values exactly. And it is the same. Nothing has changed. I mean, the PPPoE is connecting successfully in the “first switch”, but in the “second one” (area 13) the connection still doesn’t success. But i dont know why!. Everything is right.
However if i setup a pppoe-client inside the last rb2011 (area 13 - switch 2).. the pppoe is connecting well, but if i try from my laptop it don’t success.
I repeat, from Switch 1 it work like a charm.!!.
Look at this picture…
first look, you haven’t set MTU 1504 at VPLS_13_2 (you set only advertise MTU)
second - add some ip address to RB2011 vlan interface and try icmp echo with 1500b without fragmentation to some test ip at your main RB1016 same vlan interface
first look, you haven’t set MTU 1504 at VPLS_13_2 (you set only advertise MTU)
OK, this is solved now!. But without changes.
second - add some ip address to RB2011 vlan interface and try icmp echo with 1500b without fragmentation to some test ip at your main RB1016 same vlan interface
I put an IP address in both vlans of area 13 (switch 2) and it hasn’t ping each other.
However i made the same with area 7 (switch 1) and it done ping normally. With do-not-fragment and size 1500 goes perfectly.
how is realise bridging at 212 ?
It has a reset to factory defaults and i have put only the interfaces like slave of the port SFP1. (There is not a bridge) and it has MPLS package disabled and routing package disabled too. it Only has system, lcd and some other that i cant remember. Both switches have identical configuration. And the configuration was made manually, (without backup).
This is very strange, could be the second switch?, there is something that i could test in the switch?. I have changed the switch for a new one, and the SFP… and fiber optic patchords but anything changed.
fine, because I have no idea, lets try this (add some ip address to make test if aren’t there):
ping from RB2011 to CCR1016 pass ? size 1518 no frag. must pass
ping from RB2011 to CCR1016 inside vpls ? size 1504 no frag. must pass
ping from RB2011 to CCR1016 inside vlan ? size 1500 no frag must pass ====> Realy tested - FAIL
ad 3. - must pass to transfer data, lets to resolve this issue
idea: vlan at exit points (RB2011 an CCR1016) are configured as ports in bridge. I don’t know your whole configuration and loop can occur there (and rstp can block some traffic). Look at the bridge status, all ports at both ends should be in forwarding state. Again, icmp echo must pass. (if you have firewalls, disable it for test).
Hi, thanks for your dedication, i am out of my office now, but tonight i could test it,
I hope we can solve this issue.
I gonna give you some news this night.
Again, thanks.
Regards
