This three-day course is designed to provide students with the knowledge to configure and troubleshoot MPLS-based Layer 2 virtual private networks (VPN).

The course includes an overview of MPLS Layer 2 VPN concepts, such as BGP Layer 2 VPNs, LDP Layer 2 circuits, forwarding equivalence class (FEC) 129, virtual private LAN service (VPLS), Ethernet VPN (EVPN), and Inter-AS MPLS VPNs.

This course also covers Junos OS-specific implementations of Layer 2 VPN instances, VPLS, and EVPNs.

This course is based on the Junos OS Release 21.4R1.12.

The Junos Layer 2 VPNs (JL2V) course is an advanced-level course.

Relevant Juniper Product

· EX Series · MX Series · QFX Series

· Describe some of the different kinds of VPNs, their mechanics, and their use cases.

· Describe the types of MPLS VPN that operate at layer 2.

· Describe the mechanics of BGP-signaled pseudowires, also known as L2VPNs.

· Configure BGP-signaled L2VPNs with Ethernet and Ethernet-VLAN encapsulations.

· Demonstrate how to troubleshoot some of the most common BGP-signaled L2VPN configuration problems.

· Describe how BGP-signaled L2VPNs use a block of labels to bring efficiency to huband-spoke advertisements.

· Configure advanced BGP-signaled L2VPN features, such as multihoming, VLAN normalization, and route target constraint.

· Describe the mechanics of LDP-signaled pseudowires, also known as Layer 2 Circuits.

· Describe the causes and solutions of some of the most common L2Circuit configuration problems.

· Configure advanced LDP-signaled L2Circuit features, such as multihoming and local switching.

· Explain how the FEC 129 pseudowire method combines BGP for autodiscovery and LDP for signaling.

· Describe the purpose and mechanics of a VPLS.

· Create a VPLS instance that is signaled using BGP and demonstrate the commands that verify its status.

· Create VPLS instances that are signaled using LDP and FEC 129 and demonstrate the commands available to verify their status.

· Describe how mismatched VLAN tags are handled in a default VPLS configuration.

· Configure a VPLS to swap mismatched VLAN tags automatically, and to create multiple bridge domains inside a single VPLS instance.

· Configure the most important VPLS traffic management features, including flood protection, MAC limiting, IRB interfaces, and automated Site IDs.

· Configure hub-and-spoke VPLS topologies.

· Configure multihomed sites in a VPLS.

· Describe the features of Ethernet VPN, and the enhancements that EVPN brings over VPLS.

· Explain how EVPNs advertise MAC addresses, and how they request to receive flooded traffic within a bridge domain.

· Configure and verify a single-homed VLAN-based EVPN instance.

· Configure and verify a single-homed VLAN-aware bundle EVI.

· Configure a multihomed EVPN and explain the purpose of the EVPN Type 4 route.

· Describe the features provided by EVPN Type 1 routes.

· Describe how to use MAC Mobility and IRB interfaces in an EVPN.

· Explain how EVPNs can tightly integrate themselves into MPLS Layer 3 VPNs to provide highly efficient forwarding.

· Describe and configure various solutions that create MPLS VPNs between service providers.

· Describe the circuit-cross connect pseudowire method and explain how this old method can still have value in modern networks.

· Describe how multisegment pseudowires can create layer 2 VPNs across autonomous system boundaries.

Individuals responsible for configuring and monitoring devices running the Junos OS in a service provider environment, in MPLS-based data centers, and in larger enterprises

· Intermediate-level networking knowledge;

· An understanding of OSPF, IS-IS, BGP, and Junos routing policy;

· Experience configuring MPLS label-switched paths using Junos;

· Completion of the following courses, or equivalent knowledge:

o Introduction to the Junos Operating System

o Junos Service Provider Switching

o Junos Intermediate Routing

o Junos MPLS Fundamentals

Day 1

Course Introduction

Refresher—VPNs and MPLS　　

· Explain the basic function and purpose of a VPN

· Describe how MPLS uses labels to forward traffic

· Explain the differences between MPLS layer 3 VPNs and MPLS layer 2 VPNs

The Different Flavors of Layer 2 VPN

· Describe the purpose and creation of pseudowires

· Define the different technical terms relating to pseudowires

· Describe the purpose and creation of VPLS

· Describe the purpose, creation, and advantages of EVPN

L2VPN, aka BGP‐Signaled Pseudowires

· Define the concept of an attachment circuit, and of pseudowire encapsulation

· Explain the importance of route targets, route distinguishers, and Site IDs

· Explain the control plane and data plane of an L2VPN

· Describe the contents of an L2VPN BGP packet capture

L2VPN—Configuration

· Configure an L2VPN that accepts all Ethernet traffic

· Configure an L2VPN that accepts specific VLAN tags

L2VPN—Troubleshooting

· Diagnose and fix L2VPN problems caused by missing LSPs, mismatched site information, and incorrect configuration

L2VPN—Site IDs, the Label Base, and Overprovisioning

· Explain the purpose of the Site ID and the VPN label base

· Configure an overprovisioned L2VPN with explicit remote Site IDs

· Configure an overprovisioned L2VPN with implicit remote Site IDs

· Lab 1: BGP-Signaled Layer 2 VPNs

L2VPN—Advanced Concepts

· Configure and verify L2VPN multihoming

· Explain the purpose of Martini encapsulation

· Configure VLAN normalization in an L2VPN

· Configure out-of-band route reflection and route target constraint

Lab 2: L2VPNs—Advanced Concepts

L2Circuit—LDP‐Signaled Pseudowires

· Explain the concept of targeted LDP sessions, and the elements that L2Circuits have in common with L2VPNs

· Configure and verify an L2Circuit

· Describe the contents of an LDP advertisement packet capture

L2Circuit—Troubleshooting

· Configure the Pseudowire Status TLV

· Explain the meaning of the most frequent L2Circuit error codes

Day 2

L2Circuit—Advanced Concepts

· Describe the purpose and benefits of virtual circuit connectivity verification

· Configure multihoming, local switching, and interworking

Lab 3: LDP‐Signaled L2Circuits

FEC 129 Pseudowires

· Explain the way that FEC 129 autodiscovers remote PEs and signals pseudowires

· Configure and verify a FEC 129 pseudowire

Lab 4: FEC 129 Pseudowires (Optional)

Virtual Private LAN Service—Introduction

· Describe how a VPLS is built, and how it compares to a regular pseudowire

· Explain how VPLS forwards traffic between multiple sites

· Describe the BGP and LDP methods of signaling a VPLS

VPLS—LDP and FEC 129 Configuration and Verification

· Configure and verify an LDP-signaled VPLS

· Configure and verify a FEC 129 VPLS

VPLS—LDP and FEC 129 Configuration and Verification

· Configure and verify an LDP-signaled VPLS

· Configure and verify a FEC 129 VPLS

VPLS—The Default VLAN Mode

· Define the four VLAN modes for VPLS

· Define the concept of a bridge domain, and verify the default VPLS VLAN mode

VPLS—VLAN Normalization, VLAN‐Aware Instances, and Dual‐Stacked VLANs

· Configure and verify VLAN-Aware mode

· Configure and verify VLAN-Normalizing mode and No-VLAN mode

· Configure and verify dual-stacked VLAN tags in VPLS

VPLS—Advanced Features and Troubleshooting

· Deploy automated BGP VPLS Site IDs

· Configure flood protection, MAC flap protection, and MAC limiting

· Explain how to add IRB interfaces to a VPLS, and configure efficient traffic flooding using multicast LSPs · Describe the most important VPLS-specific troubleshooting techniques

VPLS—Multihoming

· Configure multihomed sites in a BGP-signaled VPLS

· Configure multihomed sites and single sites on the same PE in a BGP-signaled VPLS

· Configure best-site multihoming in a BGP-signaled VPLS

· Configure multihomed sites in an LDP-signaled VPLS

Lab 5: VPLS

Day 3

EVPN—Introduction

· Explain the main disadvantages of a VPLS solution

· Explain how EVPN overcomes these disadvantages, and enables extra features

EVPN—Using BGP to Advertise MACs and to Flood Traffic

· Explain the meaning of an EVPN Instance

· Describe how EVPN Type 2 routes advertise MAC addresses and MAC/IP bindings

· Describe how EVPN Type 3 routes request to receive flooded traffic within a bridge domain

EVPN—Configuring a Single‐Homed VLAN‐ Based EVI

· Configure a service provider network to host EVPN services

· Configure a single-homed VLAN-based EVI

· Verify a VLAN-based EVI

EVPN—Configuring a Single‐Homed VLAN‐ Aware Bundle EVI

· Configure a VLAN-aware bundle EVI

· Verify a VLAN-aware bundle EVI

EVPN—Multihoming Configuration and Type 4 Routes

· Configure a CE and two PEs to take part in a multihomed EVPN

· Describe the contents of the Type 4 Ethernet Segment route

· Explain how the Type 4 route prevents layer 2 loops, using the designated forwarder election

EVPN—Multihoming Features Using Type 1 Routes

· Describe Type 1 Ethernet Auto-Discovery PerEthernet Segment routes

· Explain how Type 1 Per-Ethernet Segment routes prevent layer 2 loops

· Describe how Type 1 Per-EVI routes are different from Per-ES routes

EVPN—MAC Mobility and IRB Interfaces

· Configure and verify the EVPN MAC Mobility feature

· Configure and verify Automatic Gateway MAC-IP Synchronization

· Configure and verify Manual Gateway MAC-IP Synchronization

· Configure and verify EVPN Virtual Gateway Addresses

Lab 6: EVPN

VPLS—LDP and FEC 129 Configuration and Verification

· Configure and verify an LDP-signaled VPLS

· Configure and verify a FEC 129 VPLS

VPLS—The Default VLAN Mode

· Define the four VLAN modes for VPLS

· Define the concept of a bridge domain, and verify the default VPLS VLAN mode

VPLS—VLAN Normalization, VLAN‐Aware Instances, and Dual‐Stacked VLANs

· Configure and verify VLAN-Aware mode

· Configure and verify VLAN-Normalizing mode and No-VLAN mode

· Configure and verify dual-stacked VLAN tags in VPLS

VPLS—Advanced Features and Troubleshooting

· Deploy automated BGP VPLS Site IDs

· Configure flood protection, MAC flap protection, and MAC limiting

· Explain how to add IRB interfaces to a VPLS, and configure efficient traffic flooding using multicast LSPs · Describe the most important VPLS-specific troubleshooting techniques

VPLS—Multihoming

· Configure multihomed sites in a BGP-signaled VPLS

· Configure multihomed sites and single sites on the same PE in a BGP-signaled VPLS

· Configure best-site multihoming in a BGP-signaled VPLS

· Configure multihomed sites in an LDP-signaled VPLS

Self-Study Material

Appendix A: EVPN—Integration with L3VPNs

· Describe the basic functionality of an L3VPN

· Explain how EVPNs and L3VPNs integrate for optimal routing

· Describe how chained composite next hop brings efficiency to EVPN in the Packet Forwarding Engine

Appendix B: Inter‐AS MPLS VPNs

· Describe the functionality of Interprovider Options A, B, and C

· Configure and verify the Interprovider Option C method

· Describe and configure carrier-of-carriers VPNs

Appendix C: Circuit Cross‐Connect

· Use circuit cross-connect to stitch pseudowires together, and to signal pseudowires that have their own pair of dedicated RSVP LSPs

Appendix D: Multisegment Pseudowires

· Explain how a multisegment pseudowire is signaled

· Configure and verify a multisegment pseudowire

Lab 7: Inter‐AS L2VPNs

Appendix E: VPLS—Hub‐and‐Spoke Topologies

· Configure a hub-and-spoke BGP VPLS using route targets

· Configure a hub-and-spoke BGP VPLS using site ranges

· Configure a hub-and-spoke LDP VPLS using hierarchical VPLS

Junos Layer 3 VPNs

Associated Certification

JNCIP-SP