Professional Documents
Culture Documents
This handbook aims to give hands-on practice on several MPLS VPN technologies
and implementaions
1/12/2015
Table of Contents
1
MPLS L3VPN Static CE-PE
Network Diagram
Lo0
1.1.1.1/32
OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .1
2 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24
192.1.35.0/24
F2/0 F2/0
Static Static
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
2
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
3
int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
ip route vrf MSSK 4.4.4.4 255.255.255.255 192.1.24.4
R4
ip route 0.0.0.0 0.0.0.0 192.1.24.2
R3
ip route vrf MSSK 5.5.5.5 255.255.255.255 192.1.35.5
R5
ip route 0.0.0.0 0.0.0.0 192.1.35.3
VPN Configuration
4
R2
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.24.0 mask 255.255.255.0
redistribute static
R3
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.35.0 mask 255.255.255.0
redistribute static
Verifications
5
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1
6
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
7
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 0 32768 ?
*>i 5.5.5.5/32 3.3.3.3 0 100 0?
*> 192.1.24.0 0.0.0.0 0 32768 i
*>i 192.1.35.0 3.3.3.3 0 100 0i
8
RPKI validation codes: V valid, I invalid, N Not found
R4#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
9
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/32 ms
R5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
10
17 Pop Label 3.3.3.3/32 7789 Se1/1 point2point
18 Pop Label 192.1.12.2/32 0 Se1/0 point2point
19 Pop Label 192.1.13.3/32 0 Se1/1 point2point
R1#
*Sep 5 14:29:13.699: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.703: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.715: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.715: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.731: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.735: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.747: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.747: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.755: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.755: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
11
*Sep 5 14:29:13.767: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.767: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.779: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.779: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.787: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
R1#
*Sep 5 14:29:13.787: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.799: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.803: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.819: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.819: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
R1#
12
MPLS L3VPN RIPv2 CE-PE
Network Diagram
Lo0
1.1.1.1/32
OSPF 4 R1 19
/2 2.
1. AS 100
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24
192.1.35.0/24
F2/0 F2/0
RIPv2 RIPv2
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
13
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
14
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.24.2
R4
router rip
no auto-summary
version 2
network 4.4.4.4
network 192.1.24.4
R3
router rip
15
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.35.3
R5
router rip
no auto-summary
version 2
network 5.5.5.5
network 192.1.35.5
VPN Configuration
R2
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R3
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
Verifications
16
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3 3.3.3.3
17
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
18
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 12, main routing table version 12
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 6/2 prefixes, 6/2 paths, scan interval 60 secs
19
Total number of prefixes 2
20
Total number of prefixes 2
21
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/24 ms
R2
router rip
address-family ipv4 vrf MSSK
no redistribute bgp 100 metric 1
redistribute bgp 100 metric transparent
R3
router rip
22
address-family ipv4 vrf MSSK
no redistribute bgp 100 metric 1
redistribute bgp 100 metric transparent
23
+ - replicated route, % - next hop override
24
MPLS L3VPN OSPF CE-PE
Network Diagram
Lo0
1.1.1.1/32
OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .1
2 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24
192.1.35.0/24
F2/0 F2/0
OSPF OSPF
A0 A0
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
25
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
26
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router ospf 100 vrf MSSK
network 192.1.24.2 0.0.0.0 area 0
R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
R3
router ospf 100 vrf MSSK
network 192.1.35.3 0.0.0.0 area 0
R5
router ospf 100
27
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0
VPN Configuration
R2
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
R3
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
Verifications
28
R2#show mpls ldp neighbor
Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1
29
R2#ping vrf MSSK 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/10/24 ms
30
R2#sh bgp vpnv4 unicast all
BGP table version is 22, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
31
R3#sh bgp vpnv4 unicast all
BGP table version is 22, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
32
Gateway of last resort is not set
R4#ping 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/39/44 ms
R5#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/40 ms
33
Advertised by bgp 100
Last update from 192.1.24.4 on FastEthernet2/0, 00:09:05 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 4.4.4.4, 00:09:05 ago, via FastEthernet2/0
Route metric is 2, traffic share count is 1
34
MPLS L3VPN ISIS CE-PE
Network Diagram
Lo0
1.1.1.1/32
OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24
192.1.35.0/24
F2/0 F2/0
ISIS ISIS
L2 L2
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
35
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
36
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router isis 1
vrf MSSK
net 49.0001.0000.0000.0002.00
is-type level-2-only
int f2/0
ip router isis 1
R4
router isis 1
net 49.0001.0000.0000.0004.00
passive-interface lo0
is-type level-2-only
int f1/0
ip router isis 1
37
R3
router isis 1
vrf MSSK
net 49.0001.0000.0000.0003.00
is-type level-2-only
int f2/0
ip router isis 1
R5
router isis 1
net 49.0001.0000.0000.0005.00
passive-interface lo0
is-type level-2-only
int f1/0
ip router isis 1
VPN Configuration
R2
router isis 1
vrf MSSK
redistribute bgp 100 ip level-2
R3
router isis 1
vrf MSSK
redistribute bgp 100 ip level-2
Verifications
38
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3 3.3.3.3
39
Serial1/0 Yes (ldp) No No No Yes
40
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 27, main routing table version 27
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 12/8 prefixes, 12/8 paths, scan interval 60 secs
41
Total number of prefixes 2
42
Total number of prefixes 2
Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R2 L2 Fa1/0 192.1.24.2 UP 28 R4.01
Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L2 Fa1/0 192.1.35.3 UP 26 R5.01
43
R3 Fa1/0 ca02.7a92.0038 Up 24 L2 IS-IS
44
Extended Community: RT:100:1
mpls labels in/out nolabel/21
rx pathid: 0, tx pathid: 0x0
45
MPLS L3VPN BGP CE-PE
Network Diagram
Lo0
1.1.1.1/32
OSPF 24
R1 19
2. AS 100
0/ 1.1
Area 0 .12. S1/0 S1/1 3
1 .0
2. /2
19 4
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24
192.1.35.0/24
F2/0 F2/0
BGP
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32
AS 1 AS 1
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
46
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
47
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.24.4 remote-as 1
neighbor 192.1.24.4 activate
network 192.1.24.0 mask 255.255.255.0
R4
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.24.2 remote-as 100
address-family ipv4
neighbor 192.1.24.2 activate
network 4.4.4.4 mask 255.255.255.255
48
R3
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.35.5 remote-as 1
neighbor 192.1.35.5 activate
network 192.1.35.0 mask 255.255.255.0
R5
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.35.3 remote-as 100
address-family ipv4
neighbor 192.1.35.3 activate
network 5.5.5.5 mask 255.255.255.255
Verifications
49
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/21/32 ms
R4#sh ip bgp
BGP table version is 4, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
50
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 0.0.0.0 0 32768 i
r> 192.1.24.0 192.1.24.2 0 0 100 i
*> 192.1.35.0 192.1.24.2 0 100 i
R5#sh ip bgp
BGP table version is 4, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
As we can see from last two outputs above, neither R4 or R5 learned each other
loopback networks, let us check if they are advertised from the PE side toward each
of them
51
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32 2.2.2.2 0 100 01i
*>i 192.1.24.0 2.2.2.2 0 100 0i
*> 192.1.35.0 0.0.0.0 0 32768 i
As seen, the PE routers learn those routes for both CEs and advertise toward them
as well, so what is the issue?
Let us turn debug on R4 for coming BGP updates and see what the output can tells
us
R4
debug ip bgp updates
clear ip bgp * in
So the issue is clear now, BGP speaker will not accept an update that contains its
own AS number, so what could we do? We can use the as-override feature from the
PE side toward each CE
R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.24.4 as-override
R3
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.35.5 as-override
R4#
*Sep 13 03:13:11.819: BGP(0): 192.1.24.2 rcvd UPDATE w/ attr: nexthop
192.1.24.2, origin i, merged path 100, AS_PATH
R4#sh ip bgp
BGP table version is 5, local router ID is 4.4.4.4
52
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R5#sh ip bgp
BGP table version is 5, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
53
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/28 ms
54
MPLS Tunneling
Network Diagram
R1 R8
F0/0 F0/0
F0/0 F0/1
R2 R7
F0/1 F0/0
F0/0 R3 R6 F0/1
F0/1 F0/0
F0/0 F0/1
R4 R5
F0/1 F0/0
MPLS Backbone
ISIS Area 49.0001
Configurations
IGP Configuration
R2
router isis 1
net 49.0000.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/1
55
ip router isis 1
R3
router isis 1
net 49.0000.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1
R4
router isis 1
net 49.0000.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1
R5
router isis 1
net 49.0000.0000.0000.0005.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1
56
R6
router isis 1
net 49.0000.0000.0000.0006.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1
R7
router isis 1
net 49.0000.0000.0000.0007.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/1
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
mpls ip
57
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
mpls ip
R7
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
58
BGP Configuration
R1
router bgp 1
no bgp default ipv4-unicast
neighbor 192.168.12.2 remote-as 100
address-family ipv4
neighbor 192.168.12.2 activate
network 1.1.1.1 mask 255.255.255.255
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 192.168.12.1 remote-as 1
neighbor 7.7.7.7 remote-as 100
neighbor 7.7.7.7 update-source lo0
address-family ipv4
neighbor 192.168.12.1 activate
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 next-hop-self
R8
router bgp 20
no bgp default ipv4-unicast
neighbor 192.168.78.7 remote-as 100
R8address-family ipv4
neighbor 192.168.78.7 activate
network 8.8.8.8 mask 255.255.255.255
R7
router bgp 100
no bgp default ipv4-unicast
neighbor 192.168.78.8 remote-as 20
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family ipv4
neighbor 192.168.78.8 activate
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 next-hop-self
59
Verification
R1#sh ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
60
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 772 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs
R8#sh ip bgp
BGP table version is 3, local router ID is 8.8.8.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
61
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 828 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs
R2#sh ip bgp
BGP table version is 3, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
R7#sh ip bgp
BGP table version is 3, local router ID is 7.7.7.7
62
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Now, if we wanted to trace the packet as it traverses through the backbone and
check label assignments, we will enable debug mpls packets on the MPLS routers
(R3 through R6) and initiate an ICMP packet from R8 towards R1
R3 R6
debug mpls packets
63
R4#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 3.3.3.3/32 0 Fa0/0 192.168.34.3
17 Pop tag 192.168.23.0/24 0 Fa0/0 192.168.34.3
18 Pop tag 5.5.5.5/32 0 Fa0/1 192.168.45.5
19 16 2.2.2.2/32 111037 Fa0/0 192.168.34.3
20 Pop tag 192.168.56.0/24 0 Fa0/1 192.168.45.5
21 18 6.6.6.6/32 0 Fa0/1 192.168.45.5
22 21 192.168.67.0/24 0 Fa0/1 192.168.45.5
23 23 7.7.7.7/32 65271 Fa0/1 192.168.45.5
64
16 Pop tag 6.6.6.6/32 0 Fa0/0 192.168.67.6
17 Pop tag 192.168.56.0/24 0 Fa0/0 192.168.67.6
18 16 5.5.5.5/32 0 Fa0/0 192.168.67.6
19 19 4.4.4.4/32 0 Fa0/0 192.168.67.6
20 20 3.3.3.3/32 0 Fa0/0 192.168.67.6
21 21 2.2.2.2/32 0 Fa0/0 192.168.67.6
22 17 192.168.45.0/24 0 Fa0/0 192.168.67.6
23 22 192.168.34.0/24 0 Fa0/0 192.168.67.6
24 23 192.168.23.0/24 0 Fa0/0 192.168.67.6
R6#
*Mar 1 13:38:13.812: MPLS: Fa0/1: recvd: CoS=0, TTL=254, Label(s)=21
*Mar 1 13:38:13.812: MPLS: Fa0/0: xmit: CoS=0, TTL=253, Label(s)=20
R5#
*Mar 1 13:38:03.440: MPLS: Fa0/1: recvd: CoS=0, TTL=253, Label(s)=20
*Mar 1 13:38:03.440: MPLS: Fa0/0: xmit: CoS=0, TTL=252, Label(s)=19
R4#
*Mar 1 13:38:01.684: MPLS: Fa0/1: recvd: CoS=0, TTL=252, Label(s)=19
*Mar 1 13:38:01.684: MPLS: Fa0/0: xmit: CoS=0, TTL=251, Label(s)=16
R3#
*Mar 1 13:38:14.572: MPLS: Fa0/1: recvd: CoS=0, TTL=251, Label(s)=16
*Mar 1 13:38:14.572: MPLS: Fa0/0: xmit: (no label)
As can be seen from the debug outputs above that the precedence value is 0 which
is copied from the packet header to the MPLS header (CoS)
R1
access-list 100 permit ip any any precedence critical
access-list 100 permit ip any any precedence flash
access-list 100 permit ip any any precedence flash-override
access-list 100 permit ip any any precedence immediate
access-list 100 permit ip any any precedence internet
access-list 100 permit ip any any precedence network
access-list 100 permit ip any any precedence priority
access-list 100 permit ip any any precedence routine
65
int f0/0
ip access-group 100 in
R1# sh access-lists
Extended IP access list 100
10 permit ip any any precedence critical
20 permit ip any any precedence flash
30 permit ip any any precedence flash-override
40 permit ip any any precedence immediate
50 permit ip any any precedence internet
60 permit ip any any precedence network
70 permit ip any any precedence priority
80 permit ip any any precedence routine (5 matches)
66
MPLS L3VPN OSPF Sham-link
Network Diagram
Lo0
1.1.1.1/32
OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24
192.1.35.0/24
F2/0 F2/0
OSPF OSPF
A0 A0
F1/0 F1/0
Lo0
Lo0 R4 OSPF A0 R5
5.5.5.5/32
4.4.4.4/32 192.1.45.0/24
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
67
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
68
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router ospf 100 vrf MSSK
network 192.1.24.2 0.0.0.0 area 0
R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
R3
router ospf 100 vrf MSSK
network 192.1.35.3 0.0.0.0 area 0
R5
router ospf 100
69
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0
R4
router ospf 100
network 192.1.45.4 0.0.0.0 area 0
R5
router ospf 100
network 192.1.45.5 0.0.0.0 area 0
VPN Configuration
R2
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
R3
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
Verifications
70
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/2] via 192.1.24.4, 00:00:25, FastEthernet2/0
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/3] via 192.1.24.4, 00:00:25, FastEthernet2/0
O 192.1.35.0/24 [110/3] via 192.1.24.4, 00:00:15, FastEthernet2/0
O 192.1.45.0/24 [110/2] via 192.1.24.4, 00:00:25, FastEthernet2/0
As can be seen from the output below, R2 should learn R5 loopback via iBGP not via
OSPF as we are configuring MPLS L3VPN
R5 loopback was learned via OSPF and has an AD value of 110 and cost of 3 (which
roughly means it crossed three FastEthernet links)
71
*> 192.1.24.4 2 32768 ?
* i 5.5.5.5/32 3.3.3.3 2 100 0?
*> 192.1.24.4 3 32768 ?
* i 192.1.24.0 3.3.3.3 3 100 0?
*> 0.0.0.0 0 32768 ?
*> 192.1.35.0 192.1.24.4 3 32768 ?
*i 3.3.3.3 0 100 0?
* i 192.1.45.0 3.3.3.3 2 100 0?
*> 192.1.24.4 2 32768 ?
72
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
73
As we can see, the traffic between the CEs is crossing the backdoor link and not the
primary one, which is supposed to be the MPLS L3VPN connection
So, we should configure what so called OSPF sham link, which is a virtual link
configured between the PEs inside the OSPF that resides between the PE and CE
Sham link is established with source and destination which should be attached to
the specific VRF of concern; as well it should be advertised in iBGP under the VRF
address-family
Not to forget that the cost of the backdoor link reverts to default (which is 1), so we
will implement the OSPF cost on the interfaces involved in the backdoor on both
CEs
R2
interface Loopback1
vrf forwarding MSSK
ip address 22.22.22.22 255.255.255.255
R4
interface FastEthernet1/1
ip ospf cost 100
R3
interface Loopback1
vrf forwarding MSSK
ip address 33.33.33.33 255.255.255.255
R5
interface FastEthernet1/1
ip ospf cost 100
74
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
75
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
r>i 4.4.4.4/32 2.2.2.2 2 100 0?
*> 5.5.5.5/32 192.1.35.5 2 32768 ?
*>i 22.22.22.22/32 2.2.2.2 0 100 0i
*> 33.33.33.33/32 0.0.0.0 0 32768 i
r>i 192.1.24.0 2.2.2.2 0 100 0?
*> 192.1.35.0 0.0.0.0 0 32768 ?
*> 192.1.45.0 192.1.35.5 101 32768 ?
*i 2.2.2.2 101 100 0?
76
O 5.5.5.5 [110/4] via 192.1.24.2, 00:01:07, FastEthernet1/0
22.0.0.0/32 is subnetted, 1 subnets
O E2 22.22.22.22 [110/1] via 192.1.24.2, 00:01:22, FastEthernet1/0
33.0.0.0/32 is subnetted, 1 subnets
O E2 33.33.33.33 [110/1] via 192.1.24.2, 00:01:15, FastEthernet1/0
O 192.1.35.0/24 [110/3] via 192.1.24.2, 00:01:07, FastEthernet1/0
77
OSPF Domain-ID
Network Diagram
P2 203
FRSW
P3 302
IBGP
F0/0 S0/0
Lo0 3.3.3.3/32
Lo0 1.1.1.1/32 R1 R3
F0/1 F1/0 F0/0 F0/1
Configurations
VRF Configuration
R1
ip vrf BLUE
rd 150:10
route-target export 150:10
route-target import 150:10
ip vrf RED
rd 300:10
78
route-target export 300:10
route-target import 300:10
interface FastEthernet0/1
ip vrf forwarding RED
ip address 192.1.14.1 255.255.255.0
interface FastEthernet1/0
ip vrf forwarding BLUE
ip address 192.1.17.1 255.255.255.0
R3
ip vrf BLUE
rd 150:10
route-target export 150:10
route-target import 150:10
ip vrf RED
rd 300:10
route-target export 300:10
route-target import 300:10
interface FastEthernet0/0
ip vrf forwarding RED
ip address 192.1.36.3 255.255.255.0
interface FastEthernet0/1
ip vrf forwarding BLUE
ip address 192.1.38.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0
79
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f0/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
int f0/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f0/0
mpls ip
80
int f0/1
mpls ip
MP-BGP Configuration
R1
router bgp 10
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 10
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 10
neighbor 1.1.1.1 remote-as 10
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R1
router ospf 300 vrf RED
router-id 192.1.14.1
network 192.1.14.1 0.0.0.0 area 0
R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
R3
router ospf 300 vrf RED
router-id 192.1.36.3
network 192.1.36.3 0.0.0.0 area 0
81
router ospf 150 vrf BLUE
router-id 192.1.38.3
network 192.1.38.3 0.0.0.0 area 0
R4
router ospf 300
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.14.4 0.0.0.0 area 0
R6
router ospf 300
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.36.6 0.0.0.0 area 0
R7
router ospf 150
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 192.1.17.7 0.0.0.0 area 0
R8
router ospf 150
router-id 8.8.8.8
network 8.8.8.8 0.0.0.0 area 0
network 192.1.38.8 0.0.0.0 area 0
VPN Configuration
R1
router ospf 300 vrf RED
redistribute bgp 10 subnets
router bgp 10
address-family ipv4 vrf RED
redistribute ospf 300 vrf RED
82
R3
router ospf 300 vrf RED
redistribute bgp 10 subnets
router bgp 10
address-family ipv4 vrf RED
redistribute ospf 300 vrf RED
Verifications
83
Origin codes: i - IGP, e - EGP, ? - incomplete
84
R4#ping 6.6.6.6 source lo0
85
R6#traceroute 4.4.4.4 source lo0 numeric
86
3 192.1.25.2 [MPLS: Labels 17/22 Exp 0] 16 msec 16 msec 16 msec
4 192.1.38.3 [MPLS: Label 22 Exp 0] 12 msec 16 msec 12 msec
5 192.1.38.8 16 msec * 16 msec
87
Domain ID type 0x0005, value 0.0.1.44
Routing Process "ospf 150" with ID 192.1.17.1
Domain ID type 0x0005, value 0.0.0.150
As can be seen from the outputs above , the domain ID values for VRF BLUE is
derived from the OSPF process ID which is 150 , As well R7 is learning R8 loopback
network as inter area route as well as for R4 which is learning R6 loopback network
as inter area route
Let us try to set the value of domain ID for both VRFs, for VRF RED will choose the
value of 0.0.0.60 and for VRF BLUE 0.0.0.50
R1
router ospf 300 vrf RED
domain-id 0.0.0.60
router ospf 150 vrf BLUE
domain-id 0.0.0.50
R3
router ospf 300 vrf RED
domain-id 0.0.0.60
router ospf 150 vrf BLUE
domain-id 0.0.0.50
88
Routing Process "ospf 1" with ID 3.3.3.3
Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.50
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.0.60
Nothing has affected the route type, let us now try to change the domain ID on
R1for VRF RED to 0.0.0.120 and keep it as it is on R3
R1
router ospf 300 vrf RED
domain-id 0.0.0.120
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
As we can see the route type has changed to external 2, let us revert back to the
same domain ID value 0.0.0.60 and change the OSPF process ID on R1 for VRF
RED from 300 to 301
R1
no router ospf 300 vrf RED
router ospf 301 vrf RED
router-id 192.1.14.1
domain-id 0.0.0.60
redistribute bgp 10 subnets
network 192.1.14.1 0.0.0.0 area 0
router bgp 10
89
address-family ipv4 vrf RED
redistribute ospf 301 vrf RED
So changing the process ID will not affect the routing table as long the domain ID
values are configured manually under the OSPF process , now if we removed the
domain ID configuration from both R1 and R3 for VRF RED , the route type should
change to external 2 again , why? Because the domain ID value is derived from the
process ID value, so we have different process ID values: 300 and 301
R1
router ospf 301 vrf RED
no domain-id 0.0.0.60
R3
router ospf 300 vrf RED
no domain-id 0.0.0.60
90
R3#sh ip ospf | inc Domain|ospf
Routing Process "ospf 1" with ID 3.3.3.3
Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.50
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.1.44
91
VRF Lite
Network Diagram
PE1 172.
24
1.0/ 16. 13.0
16.1
172. /24
172.16.12.0/24
CE1 CE3
lo0 192.168.1.1/24 lo0 192.168.3.1/24
CE2
lo1 192.168.2.1/24
Configurations
VRF Configuration
PE1
ip vrf CE1
ip vrf CEs
interface FastEthernet0/0
ip vrf forwarding CE1
ip address 172.16.11.1 255.255.255.0
interface FastEthernet0/1
ip vrf forwarding CEs
ip address 172.16.12.1 255.255.255.0
interface FastEthernet1/0
ip vrf forwarding CEs
ip address 172.16.13.1 255.255.255.0
IGP Configuration
PE1
router ospf 1 vrf CE1
network 172.16.11.1 0.0.0.0 area 0
92
network 172.16.12.1 0.0.0.0 area 0
network 172.16.13.1 0.0.0.0 area 0
CE1
router ospf 1
network 172.16.11.2 0.0.0.0 area 0
network 192.168.1.1 0.0.0.0 area 0
CE2
router ospf 2
network 172.16.12.2 0.0.0.0 area 0
network 192.168.2.1 0.0.0.0 area 0
CE3
router ospf 2
network 172.16.13.2 0.0.0.0 area 0
network 192.168.3.1 0.0.0.0 area 0
Verifications
93
Neighbor ID Pri State Dead Time Address Interface
172.16.11.1 1 FULL/BDR 00:00:35 172.16.11.1 FastEthernet0/0
CE1#
94
CE3#ping 192.168.2.1 source lo0
As can be seen from the outputs above, CE1 has no knowledge about the loopbacks
of CE2 and CE3 as they are separated via VRF from PE1 side
95
VRF Export-maps
Network Diagram
Lo0
1.1.1.1/32
OSPF 4 R1 19
/2 2.
1. AS 100
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24
192.1.35.0/24
F2/0 F2/0
RIPv2 RIPv2
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:2
address-family ipv4
export map EXPORT_MAP
route-target import 100:5
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
96
vrf definition MSSK
rd 100:3
address-family ipv4
export map EXPORT_MAP
route-target import 2.2.2.2:4
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
97
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router rip
address-family ipv4 vrf MSSK
no auto-summary
98
version 2
network 192.1.24.2
R4
router rip
no auto-summary
version 2
network 4.4.4.4
network 192.1.24.4
R3
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.35.3
R5
router rip
no auto-summary
version 2
network 5.5.5.5
network 192.1.35.5
VPN Configuration
R2
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R3
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
99
Verifications
100
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1
101
5.0.0.0/32 is subnetted, 1 subnets
R 5.5.5.5 [120/1] via 192.1.35.5, 00:00:21, FastEthernet2/0
102
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
3/3 BGP path/bestpath attribute entries using 432 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1424 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
103
5.0.0.0/32 is subnetted, 1 subnets
R 5.5.5.5 [120/1] via 192.1.24.2, 00:00:16, FastEthernet1/0
R4#ping 5.5.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/23/28 ms
104
MPLS AToM Eth to Eth
Network Diagram
Lo0
OSPF Domain
3.3.3.3/32
Area 0
R3 19
24 2.1
.0/ .3
.23 4.
0/
1
2. 24
19
LSP
Lo0
Lo0 R1 R5
5.5.5.5/32
1.1.1.1/32
Configurations
IGP Configuration
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
network 192.1.34.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.34.4 0.0.0.0 area 0
105
MPLS LDP Configuration
R2
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
R1
router ospf 100
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R5
router ospf 100
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
Pseudowire Configuration
R2
pseudowire-class MSSK
encapsulation mpls
106
int f1/1
xconnect 4.4.4.4 15 pw-class MSSK
R4
pseudowire-class MSSK
encapsulation mpls
int f1/1
xconnect 2.2.2.2 15 pw-class MSSK
Verifications
107
FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 3.3.3.3
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 4.4.4.4:0
TCP connection: 2.2.2.2.646 - 4.4.4.4.28399
State: Oper; Msgs sent/rcvd: 10/10; Downstream
Up time: 00:01:08
LDP discovery sources:
Targeted Hello 4.4.4.4 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2 2.2.2.2
108
5.5.5.5 1 FULL/DR 00:00:35 192.1.15.5 FastEthernet1/0
109
Gateway of last resort is not set
110
Preferred path: not configured
Default path: active
Next hop: 192.1.23.3
Create time: 00:05:28, last status change time: 00:05:25
Last label FSM state change time: 00:05:25
Signaling protocol: LDP, peer 4.4.4.4:0 up
Targeted Hello: 2.2.2.2(LDP Id) -> 4.4.4.4, LDP is UP
Status TLV support (local/remote) : enabled/supported
LDP route watch : enabled
Label/status state machine : established, LruRru
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No fault
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local 19, remote 19
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
Dataplane:
SSM segment/switch IDs: 4097/4096 (used), PWID: 1
VC statistics:
transit packet totals: receive 102, send 100
transit byte totals: receive 10310, send 12738
transit packet drops: receive 0, seq error 0, send 0
111
MPLS AToM PPP to PPP
Network Diagram
Lo0
OSPF Domain
3.3.3.3/32
Area 0
R3 19
24 2.1
.0/ .3
.23 4.
0/
1
2. 24
19
Lo0 R2 R4 Lo0
2.2.2.2/32 4.4.4.4/32
S2/0 S2/0
Lo0
Lo0 R1 R5
5.5.5.5/32
1.1.1.1/32
Configurations
IGP Configuration
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
network 192.1.34.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.34.4 0.0.0.0 area 0
112
MPLS LDP Configuration
R2
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
R1
router ospf 100
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R5
router ospf 100
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
Pseudowire Configuration
R2
pseudowire-class MSSK
encapsulation mpls
113
int s2/0
xconnect 4.4.4.4 15 pw-class MSSK
R4
pseudowire-class MSSK
encapsulation mpls
int s2/0
xconnect 2.2.2.2 15 pw-class MSSK
Verifications
114
FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 3.3.3.3
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 4.4.4.4:0
TCP connection: 2.2.2.2.646 - 4.4.4.4.38194
State: Oper; Msgs sent/rcvd: 9/10; Downstream
Up time: 00:00:53
LDP discovery sources:
Targeted Hello 4.4.4.4 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2 2.2.2.2
115
5.5.5.5 0 FULL/ - 00:00:38 192.1.15.5 Serial1/0
116
Gateway of last resort is not set
117
MPLS Inter-AS Xconnect
Network Diagram
P1/0 P1/0
F1/0 F1/0
R2 R3 R4 R5
F2/0 F2/0
S2/0 S2/0
S1/0 S1/0
R1 R6
AS100 AS200
Configurations
IGP Configuration
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R4
router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
int lo0
ip router isis 1
int f2/0
ip router isis 1
118
R5
router isis 1
net 49.0001.0000.0000.0005.00
is-type level-2-only
int lo0
ip router isis 1
int f1/0
ip router isis 1
R2
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f2/0
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f2/0
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
119
Inter-AS BGP Configuration
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.34.4 remote-as 200
address-family ipv4
network 3.3.3.3 mask 255.255.255.255
neighbor 192.1.34.4 activate
R4
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.34.3 remote-as 100
address-family ipv4
network 4.4.4.4 mask 255.255.255.255
neighbor 192.1.34.3 activate
Pseudowire Configuration
R2
pseudowire-class MSSK
encapsulation mpls
int s2/0
xconnect 5.5.5.5 16 pw-class MSSK
R5
pseudowire-class MSSK
encapsulation mpls
int s2/0
xconnect 2.2.2.2 16 pw-class MSSK
Verifications
R3#sh ip bgp
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
120
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*> 4.4.4.4/32 192.1.34.4 0 0 200 i
R4#sh ip bgp
BGP table version is 3, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
121
17 No Label l2ckt() 0 drop
Now, R2 (the PE in AS 100) does not know about the loopback of R5 (the PE in AS
200) and vice versa which are used to configure the xconnect peering, and in order
for MPLS to operate, LDP has to assign labels which is IGP responsibility, in order
for that to take place we will redistribute the routes in IGP (OSPF and ISIS in AS
100, 200 respectively) , as well we have to advertise R2 and R5 loopbacks in BGP
R3
router bgp 100
address-family ipv4
network 2.2.2.2 mask 255.255.255.255
router ospf 1
redistribute bgp 100 subnets route-map MSSK
R4
router bgp 200
address-family ipv4
network 5.5.5.5 mask 255.255.255.255
router isis 1
redistribute bgp 200 route-map MSSK
R3#sh ip bgp
122
BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R4#sh ip bgp
BGP table version is 5, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R2#
*Sep 13 02:04:37.279: %LDP-5-NBRCHG: LDP Neighbor 5.5.5.5:0 (2) is UP
R5#
*Sep 13 02:04:37.803: %LDP-5-NBRCHG: LDP Neighbor 2.2.2.2:0 (2) is UP
123
Up time: 00:02:54
LDP discovery sources:
Targeted Hello 2.2.2.2 -> 5.5.5.5, active, passive
Addresses bound to peer LDP Ident:
192.1.45.5 5.5.5.5
Now in order for the labels to be passed through the ASes, we have to configure the
BGP neighbors to send the labels
R3
router bgp 100
124
address-family ipv4
neighbor 192.1.34.4 send-label
R4
router bgp 200
address-family ipv4
neighbor 192.1.34.3 send-label
R3
*Sep 13 02:13:01.135: %BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding
command has been configured on interface: POS1/0
R4
*Sep 13 02:13:00.983: %BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding
command has been configured on interface: POS1/0
R1#ping 192.1.16.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/41/80 ms
R6#ping 192.1.16.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/31/48 ms
125
MPLS L3VPN Inter-AS Option A
Network Diagram
F1/0
F1/0
OSPF R3 R4 OSPF
A0 A0
F1/1
F1/1
F1/0 F1/0
R5 R6
F1/1 F1/1
R7 F1/0 F1/0
R8
Configurations
VRF Configuration
R1
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int s1/0
vrf forwarding MSSK
ip address 192.1.12.1 255.255.255.0
126
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int s1/0
vrf forwarding MSSK
ip address 192.1.12.2 255.255.255.0
R5
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
R6
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
127
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.24.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.35.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
network 192.1.46.4 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0
R6
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f2/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f2/0
128
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
address-family vpnv4
neighbor 5.5.5.5 activate
129
neighbor 5.5.5.5 send-community both
R5
router bgp 100
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R2
router bgp 100
neighbor 6.6.6.6 remote-as 100
neighbor 6.6.6.6 update-source lo0
address-family vpnv4
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both
R6
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 12.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R1
router rip
address-family ipv4 vrf MSSK
network 192.1.12.0
no auto-summary
version 2
R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2
R7
router rip
version 2
130
network 7.0.0.0
network 192.1.57.0
no auto-summary
R2
address-family ipv4 vrf MSSK
network 192.1.12.0
no auto-summary
version 2
R6
router rip
address-family ipv4 vrf MSSK
network 192.1.68.0
no auto-summary
version 2
R8
router rip
version 2
network 8.0.0.0
network 192.1.68.0
no auto-summary
VPN Configuration
R1
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R2
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
131
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R6
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
Verifications
132
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 7.7.7.7/32 5.5.5.5 1 100 0?
*> 8.8.8.8/32 192.1.12.2 1 32768 ?
*> 192.1.12.0 0.0.0.0 0 32768 ?
*> 192.1.12.2/32 0.0.0.0 0 32768 ?
*>i 192.1.57.0 5.5.5.5 0 100 0i
*> 192.1.68.0 192.1.12.2 1 32768 ?
133
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
134
R6#sh bgp vpnv4 unicast all
BGP table version is 11, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
135
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.57.5 16 msec 12 msec 16 msec
2 192.1.35.3 [MPLS: Labels 16/22 Exp 0] 72 msec 36 msec 64 msec
3 192.1.12.1 [MPLS: Label 22 Exp 0] 44 msec 20 msec 36 msec
4 192.1.12.2 60 msec 52 msec 44 msec
5 192.1.24.4 [MPLS: Labels 17/20 Exp 0] 96 msec 104 msec 116 msec
6 192.1.68.6 [MPLS: Label 20 Exp 0] 72 msec 100 msec 72 msec
7 192.1.68.8 88 msec * 88 msec
136
6 192.1.57.5 [MPLS: Label 20 Exp 0] 68 msec 72 msec 72 msec
7 192.1.57.7 104 msec * 120 msec
137
MPLS L3VPN Inter-AS Option B
Network Diagram
F1/0
F1/0
OSPF R3 R4 OSPF
A0 A0
F1/1
F1/1
F1/0 F1/0
R5 R6
F1/1 F1/1
R7 F1/0 F1/0
R8
Configurations
VRF Configuration
R5
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
138
R6
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.24.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.35.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
network 192.1.46.4 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
139
network 192.1.35.5 0.0.0.0 area 0
R6
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f2/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f2/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
140
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
neighbor 192.1.12.2 remote-as 200
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community both
neighbor 5.5.5.5 next-hop-self
neighbor 192.1.12.2 activate
neighbor 192.1.12.2 send-community both
R5
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R2
router bgp 200
no bgp default ipv4-unicast
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 update-source lo0
neighbor 192.1.12.1 remote-as 100
address-family vpnv4
141
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both
neighbor 6.6.6.6 next-hop-self
neighbor 192.1.12.1 activate
neighbor 192.1.12.1 send-community both
R6
router bgp 200
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2
R7
router rip
version 2
network 7.0.0.0
network 192.1.57.0
no auto-summary
R6
router rip
address-family ipv4 vrf MSSK
network 192.1.68.0
no auto-summary
version 2
R8
router rip
version 2
network 8.0.0.0
network 192.1.68.0
no auto-summary
142
VPN Configuration
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R6
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
Verifications
143
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
144
R5#show bgp vpnv4 unicast all summary
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
145
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
1.1.1.1 4 100 9 10 7 0 0 00:03:34 2
146
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
147
Gateway of last resort is not set
148
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/83/108 ms
149
Carrier supporting Carrier (CSC)
Network Diagram
R7
F1/0
RIPv2
F1/1
R5
F1/0
OSPF 1 P1/0 P1/0
F1/1 F1/0
R3 F1/0 R1 R2 R4
F2/0
F2/0
F2/0 F1/1
OSPF 1
F1/0 F1/0
R6 R9
Configurations
VRF Configuration
R3
vrf definition ABC
rd 100:1
address-family ipv4
route-target export 100:1
150
route-target import 100:1
route-target import 200:1
interface FastEthernet1/1
vrf forwarding ABC
ip address 192.1.35.3 255.255.255.0
interface FastEthernet2/0
vrf forwarding ABC
ip address 192.1.36.3 255.255.255.0
R4
vrf definition ABC
rd 200:1
address-family ipv4
route-target export 200:1
route-target import 200:1
route-target import 100:1
interface FastEthernet1/1
vrf forwarding ABC
ip address 192.1.49.4 255.255.255.0
IGP Configuration
R1
router isis 1
net 49.0001.0000.0000.0001.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet2/0
ip router isis 1
R2
router isis 1
net 49.0002.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet2/0
ip router isis 1
R3
router isis 1
151
net 49.0001.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet1/0
ip router isis 1
R4
router isis 1
net 49.0002.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet1/0
ip router isis 1
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
interface FastEthernet2/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet2/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet1/0
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet1/0
mpls ip
152
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 192.1.12.2 remote-as 200
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
neighbor 3.3.3.3 route-reflector-client
neighbor 3.3.3.3 next-hop-self
neighbor 192.1.12.2 activate
neighbor 192.1.12.2 send-community both
R2
router bgp 200
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 update-source Loopback0
neighbor 192.1.12.1 remote-as 100
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
neighbor 4.4.4.4 next-hop-self
neighbor 192.1.12.1 activate
neighbor 192.1.12.1 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R4
router bgp 200
no bgp default ipv4-unicast
153
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R3
router ospf 1 vrf ABC
router-id 192.1.1.3
network 192.1.35.3 0.0.0.0 area 0
network 192.1.36.3 0.0.0.0 area 0
R4
router ospf 1 vrf ABC
router-id 192.1.1.4
network 192.1.49.4 0.0.0.0 area 0
R5
router ospf 1
router-id 192.1.1.5
network 192.1.35.5 0.0.0.0 area 0
network 192.1.1.5 0.0.0.0 area 0
R6
router ospf 1
router-id 192.1.1.6
network 192.1.1.6 0.0.0.0 area 0
network 192.1.36.6 0.0.0.0 area 0
R9
router ospf 1
router-id 192.1.1.9
network 192.1.1.9 0.0.0.0 area 0
network 192.1.49.9 0.0.0.0 area 0
VPN Configuration
R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
redistribute bgp 100 metric 10000 1 255 1 1500
router bgp 100
154
address-family ipv4 vrf MSSK
redistribute eigrp 1
R3
router ospf 1 vrf ABC
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf ABC
redistribute ospf 1 vrf ABC
network 192.1.35.0 mask 255.255.255.0
network 192.1.36.0 mask 255.255.255.0
R4
router ospf 1 vrf ABC
redistribute bgp 200 subnets
Verifications
155
Sending 5, 100-byte ICMP Echos to 192.1.1.6, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/52/140 ms
156
2 192.1.35.5 44 msec * 36 msec
First , our VRF in AS 100 has to be configured to import the value from AS 200 and
vice versa
R3
vrf definition ABC
address-family ipv4
route-target import 200:1
R4
vrf definition ABC
address-family ipv4
route-target import 100:1
R1
router bgp 200
no bgp default route-target filter
R2
router bgp 200
no bgp default route-target filter
157
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
158
Packet sent with a source address of 192.1.1.9
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/87/100 ms
Now , we have achieved connectivity between our first customer sites , let us move
to our customers customer which will be referred to via VRF MSSK
VRF Configuration
R5
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1
route-target import 300:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
R6
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1
159
route-target import 300:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0
R9
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1
route-target import 300:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.109.9 255.255.255.0
R3
int FastEthernet1/1
mpls ip
int FastEthernet2/0
mpls ip
R4
int FastEthernet 1/1
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id lo0 force
interface FastEthernet1/0
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id lo0 force
interface FastEthernet1/0
mpls ip
R9
mpls label protocol ldp
160
mpls ldp router-id lo0 force
interface FastEthernet1/0
mpls ip
MP-BGP Configuration
R5
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.1.6 remote-as 100
neighbor 192.1.1.6 update-source Loopback0
neighbor 192.1.1.9 remote-as 200
neighbor 192.1.1.9 ebgp-multihop 255
neighbor 192.1.1.9 update-source Loopback0
address-family vpnv4
neighbor 192.1.1.6 activate
neighbor 192.1.1.6 send-community both
neighbor 192.1.1.9 activate
neighbor 192.1.1.9 send-community both
neighbor 192.1.1.9 next-hop-unchanged
R6
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.1.5 remote-as 100
neighbor 192.1.1.5 update-source Loopback0
address-family vpnv4
neighbor 192.1.1.5 activate
neighbor 192.1.1.5 send-community both
R9
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.1.5 remote-as 100
neighbor 192.1.1.5 ebgp-multihop 255
neighbor 192.1.1.5 update-source Loopback0
address-family vpnv4
neighbor 192.1.1.5 activate
neighbor 192.1.1.5 send-community both
neighbor 192.1.1.5 next-hop-unchanged
161
PE-CE routing Configuration
R5
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.57.0
R7
router rip
no auto-summary
version 2
network 172.1.0.0
network 192.1.57.0
R6
router eigrp 68
address-family ipv4 vrf MSSK autonomous-system 68
no auto-summary
network 192.1.68.0
R8
router eigrp 68
no auto-summary
network 172.1.0.0
network 192.1.68.0
R9
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.109.0
R10
router rip
no auto-summary
version 2
network 172.1.0.0
network 192.1.109.0
162
VPN Configuration
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R6
router eigrp 68
address-family ipv4 vrf MSSK autonomous-system 68
redistribute bgp 100
default-metric 10000 1000 255 1 1500
R9
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
Verification
163
172.1.0.0/32 is subnetted, 3 subnets
R 172.1.1.7 [120/1] via 192.1.57.7, 00:00:00, FastEthernet1/1
164
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
165
*> 172.1.1.7/32 192.1.57.7 1 32768 ?
*>i 172.1.1.8/32 192.1.1.6 156160 100 0?
*> 172.1.1.10/32 192.1.1.9 1 0 200 ?
*> 192.1.57.0 0.0.0.0 0 32768 ?
*>i 192.1.68.0 192.1.1.6 0 100 0?
*> 192.1.109.0 192.1.1.9 0 0 200 ?
166
6 path entries using 480 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 144 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2448 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
167
MPLS TE with OSPF
Network Diagram
R6 R7
RIPv2 F1/0 F1/0
RIPv2
F1/1 F1/1
R4 F2/0
R1 R2 F2/0 R5
F1/0 F1/0 F1/0 F1/0
F1/1 F1/1
Configurations
VRF Configuration
R4
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.46.4 255.255.255.0
R5
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
168
int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
network 192.1.14.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.14.4 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0
MP-BGP Configuration
R4
router bgp 100
169
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community both
R5
router bgp 100
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source lo0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
R4
router rip
address-family ipv4 vrf MSSK
network 192.1.46.0
no auto-summary
version 2
R6
router rip
version 2
network 6.0.0.0
network 192.1.46.0
no auto-summary
R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2
R7
router rip
version 2
network 7.0.0.0
network 192.1.57.0
no auto-summary
170
VPN Configuration
R4
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
MPLS TE Configuration
R1
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet1/1
ip address 192.1.13.1 255.255.255.0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
R2
interface FastEthernet1/0
mpls traffic-eng tunnels
171
ip rsvp bandwidth
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
R3
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
R4
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 5.5.5.5
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 dynamic
R5
interface FastEthernet1/0
172
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 4.4.4.4
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 dynamic
Verifications
173
*>i 192.1.57.0 5.5.5.5 0 100 0i
174
Tunnel source 4.4.4.4, destination 5.5.5.5
Tunnel protocol/transport Label Switching
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output 00:00:02, output hang never
Last clearing of "show interface" counters 00:45:54
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
119 packets output, 6902 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
175
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0
Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: dynamic path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : -
OutLabel : FastEthernet1/0, 16
176
Next Hop : 192.1.14.1
RSVP Signalling Info:
Src 4.4.4.4, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.14.4
Explicit Route: 192.1.14.1 192.1.12.1 192.1.12.2 192.1.25.2
192.1.25.5 5.5.5.5
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
Shortest Unconstrained Path Info:
Path Weight: 3 (TE)
Explicit Route: 192.1.14.4 192.1.14.1 192.1.12.1 192.1.12.2
192.1.25.2 192.1.25.5 5.5.5.5
History:
Tunnel:
Time since created: 46 minutes, 31 seconds
Time since path change: 46 minutes, 19 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 46 minutes, 19 seconds
P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
177
Midpoints: 0, Tails: 0
Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: dynamic path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : -
OutLabel : FastEthernet1/0, 17
Next Hop : 192.1.25.2
RSVP Signalling Info:
Src 5.5.5.5, Dst 4.4.4.4, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.25.5
Explicit Route: 192.1.25.2 192.1.12.2 192.1.12.1 192.1.14.1
192.1.14.4 4.4.4.4
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
Shortest Unconstrained Path Info:
Path Weight: 3 (TE)
Explicit Route: 192.1.25.5 192.1.25.2 192.1.12.2 192.1.12.1
192.1.14.1 192.1.14.4 4.4.4.4
History:
Tunnel:
Time since created: 46 minutes, 34 seconds
Time since path change: 46 minutes, 32 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 46 minutes, 32 seconds
178
R4#show mpls forwarding-table detail
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.1.46.0/24[V] 3512 aggregate/MSSK
MAC/Encaps=0/0, MRU=0, Label Stack{}
VPN route: MSSK
No output feature configured
17 No Label 6.6.6.6/32[V] 4754 Fa1/1 192.1.46.6
MAC/Encaps=14/14, MRU=1504, Label Stack{}
CA0520C7001CCA0320B7001D0800
VPN route: MSSK
No output feature configured
* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.
* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.
179
* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.
R6#ping 7.7.7.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/72/88 ms
180
Gateway of last resort is not set
R7#ping 6.6.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/68/88 ms
181
MPLS 6PE
Network Diagram
Lo0
OSPF Domain
1.1.1.1/32
Area 0
24
.0/ S1/0
R1 19
2.1
2 S1/1
.1 .13
2.1 .0/
19 24
2001:db8:35::/64
192.1.12.0/24
F2/0 F2/0
192.1.45.0/24
Static Static
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32 2001:db8::5/128
2001:db8::4/128
Configurations
VRF Configuration
R2
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
int f2/0
ip vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
int f2/0
ip vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
182
IPv6 Addressing Configuration
R2
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:24::2/64
R3
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:35::3/64
R4
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:24::4/64
interface Loopback0
ipv6 address 2001:DB8::4/128
R5
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:35::5/64
interface Loopback0
ipv6 address 2001:DB8::5/128
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
183
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
184
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
ipv6 route 2001:DB8::4/128 2001:DB8:24::4
R4
ipv6 route ::/0 2001:DB8:24::2
R3
ipv6 route 2001:DB8::5/128 2001:DB8:35::5
R5
ipv6 route ::/0 2001:DB8:35::3
VPN Configuration
R2
router bgp 100
address-family ipv6
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-label
network 2001:DB8:24::/64
redistribute static
R3
router bgp 100
address-family ipv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-label
network 2001:DB8:35::/64
redistribute static
185
Verifications
186
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
2.2.2.2 4 100 55 62 7 0 0 00:37:11 2
187
IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:35::3
LC 2001:DB8::5/128 [0/0]
via Loopback0, receive
C 2001:DB8:35::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:35::5/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive
188
MPLS 6VPE
Network Diagram
Lo0
OSPF Domain
1.1.1.1/32
Area 0
24
.0/ S1/0
R1 19
2.1
2 S1/1
.1 .13
2.1 .0/
19 24
2001:db8:35::/64
192.1.12.0/24
F2/0 F2/0
192.1.45.0/24
Static Static
F1/0 F1/0
Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32 2001:db8::5/128
2001:db8::4/128
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
address-family ipv6
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
189
route-target import 100:1
address-family ipv6
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
R2
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:24::2/64
R3
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:35::3/64
R4
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:24::4/64
interface Loopback0
ipv6 address 2001:DB8::4/128
R5
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:35::5/64
interface Loopback0
ipv6 address 2001:DB8::5/128
190
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
191
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv6
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
ipv6 route vrf MSSK 2001:DB8::4/128 2001:DB8:24::4
R4
ipv6 route ::/0 2001:DB8:24::2
R3
ipv6 route vrf MSSK 2001:DB8::5/128 2001:DB8:35::5
R5
ipv6 route ::/0 2001:DB8:35::3
VPN Configuration
R2
router bgp 100
address-family ipv6 vrf MSSK
redistribute static
redistribute connected
192
R3
router bgp 100
address-family ipv6 vrf MSSK
redistribute static
redistribute connected
Verifications
193
via Loopback0, receive
C 2001:DB8:35::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:35::5/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive
194
MPLS Internet Access
Network Diagram
AS#100 R6 R7 AS#300
R2 R3 R4
AS#200 R1 AS#200 R5
AS#1 R8 Internet
Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
interface FastEthernet1/0
vrf forwarding MSSK
ip address 172.1.12.2 255.255.255.0
195
R4
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 172.1.45.4 255.255.255.0
R6
vrf definition ABC
rd 200:1
address-family ipv4
route-target export 200:1
route-target import 200:1
interface FastEthernet1/1
vrf forwarding ABC
ip address 172.1.67.6 255.255.255.0
IGP Configuration
R2
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/1
ip router isis 1
R3
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0003.00
196
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/0
ip router isis 1
interface FastEthernet1/1
ip router isis 1
interface FastEthernet2/0
ip router isis 1
R4
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/0
ip router isis 1
R6
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0006.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/0
ip router isis 1
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
197
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R4
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
neighbor 6.6.6.6 remote-as 100
neighbor 6.6.6.6 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
neighbor 2.2.2.2 route-reflector-client
neighbor 2.2.2.2 next-hop-self
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
neighbor 4.4.4.4 route-reflector-client
neighbor 4.4.4.4 next-hop-self
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both
neighbor 6.6.6.6 route-reflector-client
neighbor 6.6.6.6 next-hop-self
R6
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
198
CE-PE routing Configuration
R1
router bgp 200
no bgp default ipv4-unicast
neighbor 172.1.12.2 remote-as 100
address-family ipv4
network 172.16.1.1 mask 255.255.255.255
neighbor 172.1.12.2 activate
R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 172.1.12.1 remote-as 200
neighbor 172.1.12.1 activate
neighbor 172.1.12.1 send-community both
neighbor 172.1.12.1 as-override
R4
router bgp 100
address-family ipv4 vrf MSSK
neighbor 172.1.45.5 remote-as 200
neighbor 172.1.45.5 activate
neighbor 172.1.45.5 send-community both
neighbor 172.1.45.5 as-override
R5
router bgp 200
no bgp default ipv4-unicast
neighbor 172.1.45.4 remote-as 100
address-family ipv4
network 172.16.5.5 mask 255.255.255.255
neighbor 172.1.45.4 activate
R6
router bgp 100
address-family ipv4 vrf ABC
neighbor 172.1.67.7 remote-as 300
neighbor 172.1.67.7 activate
neighbor 172.1.67.7 send-community both
R7
router bgp 300
no bgp default ipv4-unicast
199
neighbor 172.1.67.6 remote-as 100
address-family ipv4
network 192.168.7.7 mask 255.255.255.255
neighbor 172.1.67.6 activate
NAT Configuration
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
interface FastEthernet1/0
ip nat inside
interface FastEthernet1/1
ip nat inside
interface FastEthernet2/0
ip nat inside
interface FastEthernet2/1
ip nat outside
200
ip nat inside source list RFC pool ABC_POOL vrf ABC
ip nat inside source list RFC pool MSSK_POOL vrf MSSK
R8
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.38.3 remote-as 100
address-family ipv4
network 8.8.8.8 mask 255.255.255.255
neighbor 192.1.38.3 activate
Verifications
And, according to the configuration above, each CE must have a default route in
their routing table
R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
201
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
R1#sh ip bgp
BGP table version is 4, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
202
L 172.1.45.5/32 is directly connected, FastEthernet1/0
172.16.0.0/32 is subnetted, 2 subnets
B 172.16.1.1 [20/0] via 172.1.45.4, 00:15:16
C 172.16.5.5 is directly connected, Loopback0
R5#sh ip bgp
BGP table version is 4, local router ID is 172.16.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R7#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
R7#sh ip bgp
BGP table version is 3, local router ID is 192.168.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
203
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 172.1.67.6 0 100 i
*> 192.168.7.7/32 0.0.0.0 0 32768 i
204
MPLS QoS
Network Diagram
ISIS L2
R3 49.0001
AS 100
R1 R2
Eb
0 0
gp 0 0
20 10
AS 100
-2
gp
10
Eb
0
-
R4 R5
OSPF A0
OSPF A0
R6 R7
Elements
We are going to examine QoS configuration through our MPLS backbone and across
the L3VPN connection implemented to maintain connectivity between site #1(R4,
R6) and site #2 (R5, R7)
ISIS level-2 will be the IGP used inside our MPLS backbone, and BGP will be the PE-
CE routing protocol, OSPF will be the CE-C routing protocol
Configurations
R1
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
205
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip router isis 1
interface FastEthernet1/0
ip address 192.1.13.1 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.14.1 255.255.255.0
speed 100
duplex full
router isis 1
net 49.0001.0000.0000.0001.00
is-type level-2-only
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R2
vrf definition MSSK
rd 100:1
206
address-family ipv4
route-target export 100:1
route-target import 100:1
exit-address-family
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip router isis 1
interface FastEthernet1/0
ip address 192.1.23.2 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.25.2 255.255.255.0
speed 100
duplex full
no shut
router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
207
neighbor 192.1.25.5 as-override
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip router isis 1
interface FastEthernet1/0
ip address 192.1.13.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut
interface FastEthernet1/1
ip address 192.1.23.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut
router isis 1
net 49.0001.0000.0000.0003.00
is-type level-2-only
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
neighbor 1.1.1.1 route-reflector-client
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
neighbor 2.2.2.2 route-reflector-client
208
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255
interface FastEthernet1/0
ip address 192.1.14.4 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.46.4 255.255.255.0
speed 100
duplex full
no shut
router ospf 1
router-id 4.4.4.4
redistribute bgp 200 subnets
network 192.1.46.4 0.0.0.0 area 0
address-family ipv4
network 4.4.4.4 mask 255.255.255.255
redistribute ospf 1
neighbor 192.1.14.1 activate
exit-address-family
R5
interface Loopback0
ip address 5.5.5.5 255.255.255.255
interface FastEthernet1/0
ip address 192.1.25.5 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.57.5 255.255.255.0
209
speed 100
duplex full
no shut
router ospf 1
router-id 5.5.5.5
redistribute bgp 200 subnets
network 192.1.57.5 0.0.0.0 area 0
address-family ipv4
network 5.5.5.5 mask 255.255.255.255
redistribute ospf 1
neighbor 192.1.25.2 activate
exit-address-family
R6
interface Loopback0
ip address 6.6.6.6 255.255.255.255
interface FastEthernet1/0
ip address 192.1.46.6 255.255.255.0
speed 100
duplex full
no shut
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0
R7
interface Loopback0
ip address 7.7.7.7 255.255.255.255
interface FastEthernet1/0
ip address 192.1.57.7 255.255.255.0
speed 100
duplex full
no shut
210
router ospf 1
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 192.1.57.7 0.0.0.0 area 0
Verifications
211
R4#show ip bgp
BGP table version is 9, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
R5#sh ip bgp
BGP table version is 9, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
212
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/44/88 ms
R6#ping 7.7.7.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/85/140 ms
213
O E2 4.4.4.4 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
5.0.0.0/32 is subnetted, 1 subnets
O E2 5.5.5.5 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
6.0.0.0/32 is subnetted, 1 subnets
O E2 6.6.6.6 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
O E2 192.1.14.0/24 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
O E2 192.1.46.0/24 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
R7#ping 6.6.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/72/96 ms
R6
class-map PRECEDENCE_6
match ip precedence 6
class-map PRECEDENCE_3
match ip precedence 3
class-map PRECEDENCE_2
match ip precedence 2
class-map PRECEDENCE_1
match ip precedence 1
policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6
interface FastEthernet1/0
service-policy input MATCH
R7
class-map PRECEDENCE_6
match ip precedence 6
class-map PRECEDENCE_3
match ip precedence 3
class-map PRECEDENCE_2
214
match ip precedence 2
class-map PRECEDENCE_1
match ip precedence 1
policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6
interface FastEthernet1/0
service-policy input MATCH
215
10 packets, 1140 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
As we can see the ICMP packets fall in the class-default, and the PRECEDENCE_6
class counts as it relates to routing updates and keepalives and so on
R4
ip access-list extended TELNET
permit tcp any any eq telnet
permit tcp any eq telnet any
216
ip access-list extended TFTP
permit udp any any eq 69
class-map ICMP_CLASS
match access-group name ICMP
class-map TFTP_CLASS
match access-group name TFTP
class-map TELNET_CLASS
match access-group name TELNET
policy-map MARK
class TELNET_CLASS
set ip precedence 1
class TFTP_CLASS
set ip precedence 2
class ICMP_CLASS
set ip precedence 3
class class-default
set ip precedence 6
interface FastEthernet1/0
service-policy output MARK
R5
ip access-list extended TELNET
permit tcp any any eq telnet
permit tcp any eq telnet any
class-map ICMP_CLASS
match access-group name ICMP
class-map TFTP_CLASS
match access-group name TFTP
class-map TELNET_CLASS
match access-group name TELNET
217
policy-map MARK
class TELNET_CLASS
set ip precedence 1
class TFTP_CLASS
set ip precedence 2
class ICMP_CLASS
set ip precedence 3
class class-default
set ip precedence 6
interface FastEthernet1/0
service-policy output MARK
R6, R7
line vty 0 4
password cisco
login
R7
tftp-server nvram:underlying-config
218
precedence 2
Packets marked 0
R6#telnet 7.7.7.7
Trying 7.7.7.7 ... Open
Password:
R7>en
Password:
R7#exit
219
[Connection to 7.7.7.7 closed by foreign host]
As we can see the count appears, but for TFTP traffic its a one way as one of the
routers is acting as a server and the other one is acting as a client
R1
class-map EXP_CLASS
match mpls experimental topmost 3
policy-map EXP_POLICY
220
class EXP_CLASS
police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-
transmit 5 violate-action drop
interface FastEthernet1/0
service-policy output EXP_POLICY
Now, let us configure on the P router (R3) MQC in order to check for the policy we
configured
R3
class-map match-all PRECEDENCE_6
match mpls experimental topmost 6
class-map match-all PRECEDENCE_5
match mpls experimental topmost 5
class-map match-all PRECEDENCE_3
match mpls experimental topmost 3
class-map match-all PRECEDENCE_2
match mpls experimental topmost 2
class-map match-all PRECEDENCE_1
match mpls experimental topmost 1
221
policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6
class PRECEDENCE_5
interface FastEthernet1/0
ip address 192.1.13.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
service-policy input MATCH
Now , we will generate some traffic from R6 toward R7 (we will influence the size of
ICMP packets in order to see the dropped packets)
222
17 packets, 6964 bytes
5 minute offered rate 2000 bps, drop rate 0000 bps
Match: any
Now, let us move our policy toward the customer side (toward R5), R5 does not
understand EXP bit as the disposition happens at its PE router: R2, so how we will
apply the same policy and queuing mechanism? We will configure what so called
QoS groups
R2
class-map match-all INPUT_CLASS
match mpls experimental topmost 3
policy-map INPUT_POLICY
class INPUT_CLASS
set qos-group 3
interface FastEthernet1/0
service-policy input INPUT_POLICY
policy-map OUTPUT_POLICY
class OUTPUT_CLASS
police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-
transmit 5 violate-action drop
interface FastEthernet1/1
223
service-policy output OUTPUT_POLICY
224
Class-map: TFTP_CLASS (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TFTP
QoS Set
precedence 2
Packets marked 0
225
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any
226
Now, let us change the exceed action on R2
R2
policy-map OUTPUT_POLICY
class OUTPUT_CLASS
no police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-
transmit 5 violate-action drop
police 64000 conform-action transmit exceed-action set-prec-transmit 5 violate-
action drop
R7
class-map PRECEDENCE_5
match ip precedence 5
policy-map MATCH
class PRECEDENCE_5
227
47 packets, 4792 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
228
MPLS EIGRP Backdoor Link
Network Diagram
S1/0
192.1.12.0/24
Lo0 R1 R2 Lo0
1.1.1.1/32 F1/0 AS 1 F1/0 2.2.2.2/32
192.1.13.0/24
192.1.24.0/24
F1/1 F1/1
F1/0 F1/0
Lo0
Lo0 R3 R4
S2/0 S2/0 5.5.5.5/32
3.3.3.3/32 192.1.34.0/24
Configuratioons
VRF Configuration
R1
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
interface FastEthernet1/1
ip vrf forwarding MSSK
ip address 192.1.13.1 255.255.255.0
R2
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
interface FastEthernet1/1
ip vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
IGP Configuration
R1
router ospf 1
229
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
MP-BGP Configuration
R1
router bgp 1
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router bgp 1
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 update-source Loopback0
address-family vpnv4
230
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R1
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
network 192.1.13.1 0.0.0.0
R3
router eigrp 100
network 3.3.3.3 0.0.0.0
network 192.1.13.3 0.0.0.0
network 192.1.34.3 0.0.0.0
R2
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
network 192.1.24.2 0.0.0.0
R4
router eigrp 100
network 4.4.4.4 0.0.0.0
network 192.1.24.4 0.0.0.0
network 192.1.34.4 0.0.0.0
VPN Configuration
R1
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
redistribute bgp 1 metric 1 1 1 1 1
router bgp 1
address-family ipv4 vrf MSSK
redistribute eigrp 100
R2
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
redistribute bgp 1 metric 1 1 1 1 1
router bgp 1
address-family ipv4 vrf MSSK
231
redistribute eigrp 100
Verifications
232
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
233
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/17/24 ms
A potential loop may arise when using EIGRP as the PE-CE routing protocol and a
backdoor link in place, what solve these potential loops is site of origin feature
We configure it via a route-map and apply it on the PE-CE interface
R1
route-map SOO_MAP permit 10
set extcommunity soo 100:1
int f1/1
ip vrf sitemap SOO_MAP
R2
route-map SOO_MAP permit 10
set extcommunity soo 100:1
int f1/1
ip vrf sitemap SOO_MAP
234
0x8806:0:50529027
mpls labels in/out 21/nolabel
rx pathid: 0, tx pathid: 0x0
235
MPLS BGP Soo
Network Diagram
P2 203
FRSW
P3 302
IBGP
F0/0 S0/0
Lo0 3.3.3.3/32
Lo0 1.1.1.1/32 R1 R3
F0/1 F1/0 F0/0
Configurations
VRF Configuration
R1
ip vrf RED
rd 100:1
route-target export 100:1
route-target import 100:1
int f0/1
ip vrf forwarding RED
236
ip address 192.1.14.1 255.255.255.0
int f1/0
ip vrf forwarding RED
ip address 192.1.17.1 255.255.255.0
R3
ip vrf RED
rd 100:1
route-target export 100:1
route-target import 100:1
int f0/0
ip vrf forwarding RED
ip address 192.1.36.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0
237
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f0/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f0/0
mpls ip
int f0/1
mpls ip
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
238
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 remote-as 200
neighbor 192.1.14.4 activate
neighbor 192.1.17.7 remote-as 200
neighbor 192.1.17.7 activate
R4
router bgp 200
neighbor 192.1.14.1 remote-as 100
network 4.4.4.4 mask 255.255.255.255
router rip
version 2
no auto-summary
network 192.1.47.4
network 7.7.7.7
R7
router bgp 200
neighbor 192.1.17.1 remote-as 100
network 7.7.7.7 mask 255.255.255.255
router rip
version 2
no auto-summary
network 192.1.47.7
network 7.7.7.7
R3
address-family ipv4 vrf RED
neighbor 192.1.36.6 remote-as 200
neighbor 192.1.36.6 activate
239
R6
router bgp 200
neighbor 192.1.36.3 remote-as 100
network 6.6.6.6 mask 255.255.255.255
Verifications
240
R4#sh ip bgp summary
BGP router identifier 4.4.4.4, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 452 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs
241
As we can see that neither of the CEs can receive the loopback of any other CEs
(which is advertised in BGP) why?
The reason behind that is that the bgp speaker will not accept a route with its own
AS number (which is 200 in our case)
The ways to solve this issue is:
BGP AS-Override
BGP AllowAS-in
We will go with AS-Override; the configuration will be applied on the PE towards the
CE under the address-family ipv4 configuration mode
R1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 as-override
neighbor 192.1.17.7 as-override
R3
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.36.6 as-override
R4#sh ip bgp
BGP table version is 8, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
R6#sh ip bgp
BGP table version is 4, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
242
R7#sh ip bgp
BGP table version is 6, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Now , the SOO community is used in MPLS networks to prevent looping between
the PEs , when a PE advertise a route to its neighbor PE that is attached with a soo
community that matches the same rd configured under the ip vrf configuration
mode , it will not advertise it to its CE
R1
route-map SOO permit 10
set extcommunity soo 100:1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 route-map SOO in
neighbor 192.1.17.7 route-map SOO in
243
Full scale Lab
Network Diagram
Initrial Configurations
R1
hostname R1
interface Loopback0
ip address 192.168.1.1 255.255.255.255
ipv6 address 2001:DB8::1/128
interface FastEthernet1/0
ip address 192.1.12.1 255.255.255.0
speed 100
duplex full
ipv6 address 2001:DB8:12::1/64
no shut
R2
hostname R2
interface Loopback0
244
ip address 2.2.2.2 255.255.255.255
interface FastEthernet1/0
ip address 192.1.12.2 255.255.255.0
speed 100
duplex full
ipv6 address 2001:DB8:12::2/64
no shut
interface FastEthernet1/1
ip address 192.1.23.2 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.25.2 255.255.255.0
speed 100
duplex full
no shut
R3
hostname R3
interface Loopback0
ip address 3.3.3.3 255.255.255.255
interface FastEthernet1/0
no ip address
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.23.3 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.34.3 255.255.255.0
speed 100
duplex full
no shut
245
interface FastEthernet2/1
ip address 192.1.35.3 255.255.255.0
speed 100
duplex full
no shut
R4
hostname R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255
interface FastEthernet1/0
ip address 192.1.34.4 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.45.4 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.40.4 255.255.255.0
speed 100
duplex full
no shut
interface Serial3/0
no ip address
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut
R5
hostname R5
interface Loopback0
ip address 5.5.5.5 255.255.255.255
interface FastEthernet1/0
ip address 192.1.56.5 255.255.255.0
246
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.25.5 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.45.5 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/1
ip address 192.1.35.5 255.255.255.0
speed 100
duplex full
no shut
R6
hostname R6
interface Loopback0
ip address 172.16.6.6 255.255.255.255
interface FastEthernet1/0
ip address 192.1.56.6 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.67.6 255.255.255.0
speed 100
duplex full
no shut
R7
hostname R7
interface Loopback0
ip address 10.7.7.7 255.255.255.255
247
interface FastEthernet1/0
ip address 192.1.67.7 255.255.255.0
speed 100
duplex full
no shut
R8
hostname R8
interface Serial1/0
ip address 192.1.89.8 255.255.255.0
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut
R9
hostname R9
interface FastEthernet1/0
ip address 192.1.89.9 255.255.255.0
speed 100
duplex full
no shut
GW
hostname Gw
interface FastEthernet1/0
ip address 192.1.40.10 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.100.10 255.255.255.0
speed 100
duplex full
no shut
248
Configure ISIS as the IGP inside AS 100 and make sure all circuits are
level-2 circuits
R2
interface FastEthernet1/1
ip router isis 1
interface FastEthernet2/0
ip router isis 1
router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
R3
interface FastEthernet1/1
ip router isis 1
interface FastEthernet2/0
ip router isis 1
interface FastEthernet2/1
ip router isis 1
router isis 1
net 49.0001.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0
R4
interface FastEthernet1/0
ip router isis 1
interface FastEthernet1/1
ip router isis 1
router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
R5
interface FastEthernet1/1
ip router isis 1
249
interface FastEthernet2/0
ip router isis 1
interface FastEthernet2/1
ip router isis 1
router isis 1
net 49.0001.0000.0000.0005.00
is-type level-2-only
passive-interface Loopback0
Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L2 Fa1/1 192.1.23.3 UP 8 R3.01
R5 L2 Fa2/0 192.1.25.5 UP 7 R5.01
250
i L2 192.1.35.0/24 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0
[115/20] via 192.1.23.3, 00:01:29, FastEthernet1/1
i L2 192.1.45.0/24 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0
Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R2 L2 Fa1/1 192.1.23.2 UP 29 R3.01
R4 L2 Fa2/0 192.1.34.4 UP 8 R4.01
R5 L2 Fa2/1 192.1.35.5 UP 8 R5.03
Tag 1:
251
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L2 Fa1/0 192.1.34.3 UP 22 R4.01
R5 L2 Fa1/1 192.1.45.5 UP 7 R5.02
Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R2 L2 Fa1/1 192.1.25.2 UP 21 R5.01
R3 L2 Fa2/1 192.1.35.3 UP 23 R5.03
R4 L2 Fa2/0 192.1.45.4 UP 24 R5.02
252
R2 Fa1/1 ca01.270a.0038 Up 28 L2 IS-IS
R3 Fa2/1 ca02.270a.0039 Up 28 L2 IS-IS
R4 Fa2/0 ca03.270a.001d Up 21 L2 IS-IS
R2 R5
router isis 1
mpls ldp autoconfig
253
Up time: 00:01:53
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.25.5
Addresses bound to peer LDP Ident:
192.1.56.5 192.1.25.5 192.1.45.5 192.1.35.5
5.5.5.5
254
R4#show mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 4.4.4.4:0
TCP connection: 3.3.3.3.646 - 4.4.4.4.40632
State: Oper; Msgs sent/rcvd: 14/14; Downstream
Up time: 00:02:22
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 192.1.35.3 3.3.3.3
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 4.4.4.4:0
TCP connection: 5.5.5.5.28271 - 4.4.4.4.646
State: Oper; Msgs sent/rcvd: 14/15; Downstream
Up time: 00:02:21
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.45.5
Addresses bound to peer LDP Ident:
192.1.56.5 192.1.25.5 192.1.45.5 192.1.35.5
5.5.5.5
255
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.45.4
Addresses bound to peer LDP Ident:
192.1.34.4 192.1.45.4 4.4.4.4
R2
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
exit-address-family
int f1/0
vrf forwarding MSSK
ip address 192.1.12.2 255.255.255.0
ipv6 address 2001:DB8:12::2/64
R5
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
exit-address-family
int f1/0
vrf forwarding MSSK
ip address 192.1.56.5 255.255.255.0
R2#sh ip vrf
Name Default RD Interfaces
MSSK 100:1 Fa1/0
R5#sh ip vrf
256
Name Default RD Interfaces
MSSK 100:1 Fa1/0
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
R4
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
neighbor 2.2.2.2 route-reflector-client
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
neighbor 3.3.3.3 route-reflector-client
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
neighbor 5.5.5.5 route-reflector-client
257
R5
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
Configure OSPF PID 100 as the PE-CE routing protocol between R6-R7 and
R5 (noting that R5-R6 resides in Area 0 , R6-R7 resides in Area 1 and R7
258
lo0 is part of Area 2), EIGRP AS 1 as the PE-CE routing protocol between
R1 and R2
R1
router eigrp 1
no auto-summary
network 192.1.12.1 0.0.0.0
network 192.168.1.1 0.0.0.0
R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
network 192.1.12.2 0.0.0.0
no auto-summary
R6
router ospf 100
router-id 6.6.6.6
area 1 virtual-link 7.7.7.7
network 172.16.6.6 0.0.0.0 area 0
network 192.1.56.6 0.0.0.0 area 0
network 192.1.67.6 0.0.0.0 area 1
R7
router ospf 100
router-id 7.7.7.7
area 1 virtual-link 6.6.6.6
network 10.7.7.7 0.0.0.0 area 2
network 192.1.67.7 0.0.0.0 area 1
R5
router ospf 100 vrf MSSK
network 192.1.56.5 0.0.0.0 area 0
259
R5#sh ip ospf neighbor
260
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
redistribute bgp 100 metric 10000 1000 255 1 1500
R5
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
261
address-family ipv4 vrf MSSK
redistribute ospf 100
262
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 10.7.7.7/32 192.1.56.6 3 32768 ?
*> 172.16.6.6/32 192.1.56.6 2 32768 ?
*> 192.1.56.0 0.0.0.0 0 32768 ?
*> 192.1.67.0 192.1.56.6 2 32768 ?
*>i 192.168.1.1/32 2.2.2.2 156160 100 0?
263
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
264
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.6, timeout is 2 seconds:
Packet sent with a source address of 10.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
265
4 192.1.12.1 20 msec * 16 msec
R2
mpls traffic-eng tunnels
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R3
mpls traffic-eng tunnels
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/1
mpls traffic-eng tunnels
ip rsvp bandwidth
router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R4
mpls traffic-eng tunnels
interface FastEthernet1/0
mpls traffic-eng tunnels
266
ip rsvp bandwidth
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R5
mpls traffic-eng tunnels
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/1
mpls traffic-eng tunnels
ip rsvp bandwidth
router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
267
Fa1/1 ena 0 75M 75M 0
Configure MPLE-TE in such a way that traffic flow from R5 to R2 follow the
path R5 R4 R3 R2 and the traffic flow from R2 to R5 follow the poath
R2 R3 R4 R5
R2
ip explicit-path name TO_R5 enable
next-address 3.3.3.3
next-address 4.4.4.4
next-address 5.5.5.5
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 5.5.5.5
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 explicit name TO_R5
tunnel mpls traffic-eng path-option 2 dynamic
R5
ip explicit-path name TO_R2 enable
next-address 4.4.4.4
next-address 3.3.3.3
next-address 2.2.2.2
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 2.2.2.2
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 explicit name TO_R2
tunnel mpls traffic-eng path-option 2 dynamic
268
R2#show mpls traffic-eng tunnels summary
Signalling Summary:
LSP Tunnels Process: running
Passive LSP Listener: running
RSVP Process: running
Forwarding: enabled
Periodic reoptimization: every 3600 seconds, next in 3291 seconds
Periodic FRR Promotion: Not Running
Periodic auto-bw collection: every 300 seconds, next in 291 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1
P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0
P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0
269
R2#show mpls traffic-eng tunnels
P2P TUNNELS/LSPs:
Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : -
OutLabel : FastEthernet1/1, 21
Next Hop : 192.1.23.3
RSVP Signalling Info:
Src 2.2.2.2, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.23.2
Explicit Route: 192.1.23.3 192.1.34.3 192.1.34.4 192.1.45.4
192.1.45.5 5.5.5.5
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
History:
Tunnel:
Time since created: 3 minutes, 10 seconds
Time since path change: 3 minutes, 10 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 3 minutes, 10 seconds
270
OutLabel : -
RSVP Signalling Info:
Src 5.5.5.5, Dst 2.2.2.2, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 2.2.2.2
Explicit Route: NONE
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
P2MP TUNNELS:
P2MP SUB-LSPS:
P2P TUNNELS/LSPs:
Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : -
OutLabel : FastEthernet2/0, 23
Next Hop : 192.1.45.4
RSVP Signalling Info:
Src 5.5.5.5, Dst 2.2.2.2, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.45.5
Explicit Route: 192.1.45.4 192.1.34.4 192.1.34.3 192.1.23.3
192.1.23.2 2.2.2.2
271
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
History:
Tunnel:
Time since created: 3 minutes, 25 seconds
Time since path change: 3 minutes, 24 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 3 minutes, 24 seconds
P2MP TUNNELS:
P2MP SUB-LSPS:
272
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.67.6 4 msec 0 msec 4 msec
2 192.1.56.5 8 msec 8 msec 8 msec
3 192.1.45.4 [MPLS: Labels 23/22 Exp 0] 28 msec 24 msec 28 msec
4 192.1.34.3 [MPLS: Labels 22/22 Exp 0] 28 msec 24 msec 24 msec
5 192.1.12.2 [MPLS: Label 22 Exp 0] 36 msec 20 msec 20 msec
6 192.1.12.1 28 msec * 24 msec
Configure eBGP session between R4 and GW; make sure to advertise the
192.1.100.0 in BGP
R4
router bgp 100
neighbor 192.1.40.10 remote-as 200
address-family ipv4
neighbor 192.1.40.10 activate
GW
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.40.4 remote-as 100
address-family ipv4
network 192.1.100.0
neighbor 192.1.40.4 activate
R4#sh ip bgp
BGP table version is 2, local router ID is 4.4.4.4
273
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Gw#sh ip bgp
BGP table version is 2, local router ID is 192.1.100.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
274
Total number of prefixes 1
The subnet 30.40.50.0/24 has been reserved for customer traffic to reach
the subnet 192.1.100.0/24 via NAT, configure R4 to accomplish this
R4
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
interface FastEthernet1/0
ip nat inside
interface FastEthernet1/1
ip nat inside
interface FastEthernet2/0
ip nat outside
275
RPKI validation codes: V valid, I invalid, N Not found
276
D EX 192.1.56.0/24 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
D EX 192.1.67.0/24 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
R3
pseudowire-class MSSK
encapsulation mpls
interworking ip
interface FastEthernet1/0
xconnect 4.4.4.4 89 encapsulation mpls pw-class MSSK
R4
pseudowire-class MSSK
encapsulation mpls
interworking ip
interface Serial3/0
xconnect 3.3.3.3 89 encapsulation mpls pw-class MSSK
277
R8#ping 192.1.89.9
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.89.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/16 ms
R9#ping 192.1.89.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.89.8, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 12/15/20 ms
278