In this post we are going to discuss how can we setup L2VPN and L3VPN over an Ethernet ring network, this is very challenging actually, knowing the fact that we need to achieve redundancy for both our edge network and to our customer.
As illustrated below, we have our MX104 PE router connected to the ring network that’s connected to MSAN cabins (Access Layer) through 2 Gigabit interfaces in order to achieve redundancy over the network.
The 1st challenge to take is how to setup L3VPN.
In our situaion we can’t use a logical unit of one of the main Gigs as this will not achieve the needed redundancy for the customer as there’s one Gig that will be up and the other will be down in order to prevent loops. So the right solution would be to use Integrated Routing & Bridging interfaces (IRB) and assign it to the same bridge domain as the logical units of the main Gigs.
|root@R02J> show interfaces descriptions | match Cust-A
ge-0/0/1.700 up up VPN: Cust-A –> Main Gig the customer is working on right now
ge-0/1/1.700 up down VPN: Cust-A –> Backup Gig for the same customer
irb.700 up up VPN: Cust-A –>Layer 3 IRB interface for this customer (like an SVI interface on a Cisco Switches)