Linkedin Youtube
Contact us

Interoperability IP Infusion OcNOS and Cisco IOS XR

Pine Networks > Blog > IP Infusion > Interoperability IP Infusion OcNOS and Cisco IOS XR
Interoperability IP Infusion OcNOS and Cisco

In our latest lab experiment, we investigate the interoperability between the IP Infusion OcNOS and Cisco IOS XR. In this exercise we test interoperability of the following protocols: ISIS, Segment Routing MPLS, MP-BGP, L3VPN, EVPN/VPWS, and EVPN/VPLS.

Below is an illustration of the lab setup used for testing:

We will first start by configuring the IGP, in this test, ISIS will be used with Segment Routing MPLS for label exchange.

 

IP Infusion OcNOS ISIS Configuration

router isis OCNOS
  is-type level-2-only
  metric-style wide
  mpls traffic-eng router-id 185.100.22.174
  mpls traffic-eng level-2
  dynamic-hostname
  net 49.1010.0100.4200.5003.00
  isis segment-routing global block 16000 23999
  segment-routing mpls

interface xe47   description To cisco ncs5501 XR Te0/0/0/10
  ip address 10.10.10.1/30 mtu 9200
  label-switching
  isis network point-to-point
  isis circuit-type level-2-only
  ip router isis OCNOS
  no isis hello padding
!

interface lo
  ip address 185.100.22.174/32 secondary
  prefix-sid index 1003
  ip router isis OCNOS
!

Cisco IOS XR ISIS Configuration

router isis OCNOS
  is-type level-2-only
  net 49.1010.0100.4200.5042.00
  segment-routing global-block 16000 23999
  address-family ipv4 unicast
   metric-style wide level 2
   mpls traffic-eng level-2-only
   mpls traffic-eng router-id Loopback0
   segment-routing mpls
 !
  interface Loopback0
  passive
   circuit-type level-2-only
   address-family ipv4 unicast
    prefix-sid index 1004
   !
 !
  interface TenGigE0/0/0/10
  circuit-type level-2-only
   point-to-point
   hello-padding disable
   address-family ipv4 unicast
    metric 2000
   !
  !
!

Segment Routing MPLS is enabled under router IS-IS and a prefix-SID is configured under the loopback interface.

Note that MPLS forwarding is enabled on IS-IS interfaces.

We can verify the ISIS adjacency by using the command show clns neighbors on the OcNOS

And as you can see, the state is up

Now let’s take a look at the active IPV4 segment routing mappings

And here we see the MPLS forwarding table on the OcNOS.

We also verify the same on the Cisco. Note that the commands are slightly different but very similar.

The state of the ISIS neighbor is UP meaning that adjacency was correctly established between the OcNOS and the Cisco IOS XR.
Here we see the label mapping information related to segment routing in the IS-IS protocol
And here we see the MPLS forwarding table on Cisco.

Now let’s jump to MP-BGP configuration.

In our case we use 2 types of address families:

  1. vpnv4, used to exchange routing information for IPv4 prefixes in the context of Virtual Private Networks (VPNs)
  2. l2vpn evpn, used to exchange routing and reachability information for Layer 2 services, specifically Ethernet VPNs, in the context of Virtual Private Networks (VPNs).

OcNOS BGP Configuration

router bgp 65055
  bgp router-id 185.100.22.174
  neighbor 10.42.5.42 remote-as 65055
  neighbor 10.42.5.42 update-source lo
!
address-family vpnv4 unicast
  neighbor 10.42.5.42 activate
  exit-address-family
!
address-family l2vpn evpn
  neighbor 10.42.5.42 activate
  exit-address-family
!

IOS XR BGP Configuration

router bgp 65055
 bgp router-id 10.42.5.42
 address-family vpnv4 unicast
 !
  address-family l2vpn evpn
  !
  neighbor 185.100.22.174
   remote-as 65055
   update-source Loopback0
   address-family vpnv4 unicast
   !
   address-family l2vpn evpn
   !
  !
!

Now let’s check the state of BGP on the OCNOS

As you can see, BGP is established between OcNOS and Cisco

Let’s check the same on the IOS XR

Now we can start the EVPN-VPWS

 

OcNOS EVP-VPWS Configuration

!
evpn mpls enable
!
mac vrf EVPN-VPWS
 rd 185.100.22.174:65055
 route-target both 65055:1
!
evpn mpls vtep-ip-global 185.100.22.174
!
evpn mpls id 1000 xconnect target-mpls-id 2000
 host-reachability-protocol evpn-bgp EVPN-VPWS

!
interface xe9.100 switchport
 encapsulation default
 access-if-evpn
  map vpn-id 1000
!

Cisco IOS XR EVPN-VPWS Configuration

!
evpn
 evi 2000
  bgp
   rd 10.42.5.42:65055
   route-target import 65055:1
   route-target export 65055:1
  !
  control-word-disable
 !
!
l2vpn
 xconnect group EVPN-VPWS
  p2p VPWS-XR-OCNOS
   interface GigabitEthernet0/0/0/1.100
   neighbor evpn evi 2000 target 1000 source 2000
   !
  !
 !
!

The control-word is enabled by default on the Cisco IOS XR and disabled by default on the OcNOS. For the service to work both sides should match. Therefore we have disabled the control-word on the Cisco. The other possibility could have been to enable the control-word on the OcNOS and leave it enabled on the Cisco. We tested this scenario separately and it worked.

Let’s verify the state of the EVPN-VPWS on the OcNOS.

This shows us that that the Attachment Circuit and the network are UP. We can also see local EVPN ID, the remote ID, the attachment interface, and the IP of the remote PE.
Here we see the satus of the tunnel, it is installed and how long it has been UP.
And we can also the tunnel labels.
The “show bgp l2vpn evpn” command displays information about EVPN routes exchanged with the BGP peers, in this case with the Cisco.

We can see the Route distinguisher of the Cisco, we see the EVPN route type, in this case type 1 for Ethernet routes. We also see VNID, the label, the next hop, local preference and so on.

Now let’s verify the same on Cisco

Now to verify that our EVPN-VPWS forwards traffic, we will do a ping test between the two PCs on each end.

  • PC1 IP address:168.1.1/24
  • PC1 MAC address: 50-7B-9D-29-AD-65
  • PC2 IP address:168.1.2/24
  • PC2 MAC address: 50-7B-9D-40-43-55
Figure 1: Interface configuration of PC1
Figure 2: Ping from PC1 to PC2

As you can see, we get a successful ping, the traffic is going through the EVPN-VPWS

Figure 3: We verify the ARP table on PC1 and we can see the IP and MAC address of PC2

Additionally to EVPN-VPWS, we also tested EVPN-VPLS. We remove the VPWS configuration and replaced it with VPLS.

OcNOS EVPN-VPLS Configuration

!
evpn mpls enable
!
mac vrf EVPN-VPLS
 evpn-vlan-service vlan-based
 rd 185.100.22.174:2
 route-target both 65055:2
!
evpn mpls vtep-ip-global 185.100.22.174
!
evpn mpls id 1000
 host-reachability-protocol evpn-bgp EVPN-VPLS
!
interface xe9.100 switchport
 encapsulation default
 access-if-evpn
  arp-cache disable
  nd-cache disable
  map vpn-id 1000
!

Cisco EVPN-VPLS Configuration

!
interface GigabitEthernet0/0/0/1.100 l2transport
encapsulation default
!
!
evpn
 evi 1000
  bgp
   rd 65055:3
   route-target import 65055:2
   route-target export 65055:2
  !
  advertise-mac
  !
 !

!
l2vpn
 bridge group 1000
  bridge-domain EVPN-VPLS
   interface GigabitEthernet0/0/0/1.100
   !
   evi 1000
   !
  !
 !
!

We then verify the status of the EVPN tunnel on OcNOS and we see that it is installed.

We can also verify the labels.

We can see above the prefixes we are learning from the Cisco. We can see the routes types and the MAC address.
We can verify the mac-table of the VPLS and we see the remote MAC addresses we are learning via the EVPN-VPLS.

We can also verify on the Cisco router using the show bgp l2vpn evpn and we see similar information

Finally we test the service by pinging between the two PCs connected at each end of the service.

Figure 4: Ping from PC1 to PC2 across the EVPN-VPLS

And as you can see, the ping is successful

Hope you enjoyed reading this article as much as we enjoyed testing it. Stay curious and keep exploring with us!