MPLS RIP L3 VPN
configurations
R1
interface FastEthernet0/0 ip address 10.1.12.1 255.255.255.0 interf loopback 0 ip add 1.1.1.1 255.255.255.0 |
R2
iinterface Loopback0 ip address 2.2.2.2 255.255.255.255 interface FastEthernet0/0 ip address 10.1.12.2 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 ip address 10.1.23.2 255.255.255.0 duplex auto speed auto |
R3
interface FastEthernet0/0 ip address 10.1.23.3 255.255.255.0 shutdown duplex auto speed auto ! interface FastEthernet0/1 ip address 10.1.34.3 255.255.255.0 duplex auto speed auto |
R4
interface Loopback0 ip address 4.4.4.4 255.255.255.255 ! interface FastEthernet0/0 ip address 10.1.45.4 255.255.255.0 duplex auto speed auto ! interface FastEthernet0/1 ip address 10.1.34.4 255.255.255.0 duplex auto speed auto |
R5
interface FastEthernet0/0 ip address 10.1.45.5 255.255.255.0 duplex auto speed auto |
The goal is to run mpls within the ISP network and we also want to run RIP with Customer A CE routers (R1 and R5)
we will run OSPF inside the mpls network
let’s start with configuring OSPF between R2, R3 and R4
R2
R2(config)#router ospf 1 R2(config-router)#network 10.1.23.2 0.0.0.0 area 0 R2(config-router)#network 2.2.2.0 0.0.0.255 area 0 |
R3
R3(config)#router osp 1 R3(config-router)#network 0.0.0.0 0.0.0.0 area 0 |
R4
R4(config)#router ospf 1 R4(config-router)#network 4.4.4.0 0.0.0.255 area 0 R4(config-router)#network 10.1.34.0 0.0.0.255 area 0 |
So now we should have our IGP running on all our ISP network
we need to turn on mpls on these routers
R2(config)#interf f0/1 R2(config-if)#mpls ip R3(config)#interf f0/0 R3(config-if)#mpls ip R3(config)#interf f0/1 R3(config-if)#mpls ip R4(config)#interf f0/1 R4(config-if)#mpls ip |
Now let’s check the LDP neighbors on these routers
R2
R2(config)#do sh mpls ldp ne Peer LDP Ident: 10.1.34.3:0; Local LDP Ident 10.1.23.2:0 TCP connection: 10.1.34.3.21083 - 10.1.23.2.646 State: Oper; Msgs sent/rcvd: 14/13; Downstream Up time: 00:06:56 LDP discovery sources: FastEthernet0/1, Src IP addr: 10.1.23.3 Addresses bound to peer LDP Ident: 10.1.23.3 10.1.34.3 |
R3
R3(config-if)#do sh mpls ldp ne Peer LDP Ident: 10.1.23.2:0; Local LDP Ident 10.1.34.3:0 TCP connection: 10.1.23.2.646 - 10.1.34.3.21083 State: Oper; Msgs sent/rcvd: 14/15; Downstream Up time: 00:07:12 LDP discovery sources: FastEthernet0/0, Src IP addr: 10.1.23.2 Addresses bound to peer LDP Ident: 10.1.12.2 10.1.23.2 Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 10.1.34.3:0 TCP connection: 4.4.4.4.646 - 10.1.34.3.63944 State: Oper; Msgs sent/rcvd: 13/14; Downstream Up time: 00:06:42 LDP discovery sources: FastEthernet0/1, Src IP addr: 10.1.34.4 Addresses bound to peer LDP Ident: 10.1.45.4 10.1.34.4 4.4.4.4 |
R4
R4(config-if)#do sh mpls ldp nei Peer LDP Ident: 10.1.34.3:0; Local LDP Ident 4.4.4.4:0 TCP connection: 10.1.34.3.52025 - 4.4.4.4.646 State: Oper; Msgs sent/rcvd: 330/324; Downstream Up time: 04:40:42 LDP discovery sources: FastEthernet0/1, Src IP addr: 10.1.34.3 Addresses bound to peer LDP Ident: 10.1.23.3 10.1.34.3 |
Now we need to enable BGP on the PE routers (R2 and R4)
R4
R4(config-router-af)#do sh run | sec router bgp 100 router bgp 100 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source Loopback0 ! address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community extended exit-address-family |
R2
R2(config-router)#do sh run | sec router bgp 100 router bgp 100 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 4.4.4.4 remote-as 100 neighbor 4.4.4.4 update-source Loopback0 ! address-family vpnv4 neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended exit-address-family |
Note: we have used this no bgp default ipv4-unicast command under the BGP configuration to stop the BGP from activating the ipv4 unicast peers automatically and we have to activate them manually under the vpnv4 unicast address family manually. let’s check the BGP peers
R2
R2(config)#do sh bgp vpn un all summ BGP router identifier 10.1.23.2, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 4.4.4.4 4 100 586 585 1 0 0 09:41:49 0 |
R4
R4(config)#do sh bgp vpn un all summ BGP router identifier 4.4.4.4, local AS number 100 BGP table version is 1, main routing table version 1 Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 2.2.2.2 4 100 587 587 1 0 0 09:43:46 0 |
we now need to create the VRFs on both R2 and R4 and run RIP with R1 and R5
R1
R1(config)#router rip R1(config-router)#no auto-summary R1(config-router)#version 2 R1(config-router)#network 10.0.0.0 R1(config-router)#network 1.0.0.0 |
R2
R2(config)#ip vrf CUST_A |
R4
R4(config)#ip vrf CUST_A R4(config-vrf)#rd 100:1 R4(config-router)#interf f0/0 R4(config-if)#ip vrf forwarding CUST_A % Interface FastEthernet0/0 IP address 10.1.45.4 removed due to enabling VRF CUST_A R4(config-if)#ip address 10.1.45.4 255.255.255.0 R4(config)#router rip R4(config-router)#address-family ipv4 vrf CUST_A R4(config-router-af)#no aut R4(config-router-af)#ver 2 R4(config-router-af)#net 10.0.0.0 |
R5
R5(config)#router rip R5(config-router)#no auto-summary R5(config-router)#ver 2 R5(config-router)#network 5.0.0.0 R5(config-router)#network 10.0.0.0 |
so on R2 and R4 we have created the VRF and identified a RD
RD is 64 bit that PEs prepend to the 32 bit prefixes in particular VRF to make it unique 96 bit prefix. RD is only local an doesn’t have to match on different PEs but they need to be locally different to avoid overlapping issues
Also note how the IP address of interfaces f0/0 on both R2 and R4 were removed when we assigned them to the new VRF CUST_A this basically because the router is moving these IP addresses to the VPNV4 table rather than the global routing table.
From customer’s point of view RIP configuration didn’t change and you configure RIP as we we always do, however on PEs the RIP need to be configured under address family so we keep routing table separate for different customers
our next step will be configuring the BGP-MP on the PE routers and mutual redistribute between RIP and the BGP-MP
on both R2 and R4
(config)#router bgp 100 (config-router)#address-family ipv4 vrf CUST_A (config-router-af)#redistribute rip (config)#router rip (config-router)#address-family ipv4 vrf CUST_A (config-router-af)#redistribute bgp metric 1 |
let’s check the BGP on R2 for that VRF
R2(config)#do sh bgp vpn un vrf CUST_A BGP table version is 5, local router ID is 10.1.23.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 100:1 (default for vrf CUST_A) *> 1.1.1.0/24 10.1.12.1 1 32768 ? *> 10.1.12.0/24 0.0.0.0 0 32768 ? |
so we see that RIP is getting redistributed correctly into BGP but we are note receiving any routes from R4, in order for us to start receiving routes from other PEs we need to IMPORT/EXPORT Route Targets
Route Targets control which routes will be imported on the far side PE, for a given VRF.
so let’s try this on both R2 and R4
(config)#ip vrf CUST_A (config-vrf)#route-target import 100:1 (config-vrf)#route-target export 100: |
route-target import: import the route from BGP-MP into the specific VRF
route-target export: Export the route from the VRF to BGP-MP
so now let’s check the routing table on R1 and R5
R1
R1#sh ip route rip 5.0.0.0/24 is subnetted, 1 subnets R 5.5.5.0 [120/1] via 10.1.12.2, 00:00:17, FastEthernet0/0 10.0.0.0/24 is subnetted, 2 subnets R 10.1.45.0 [120/1] via 10.1.12.2, 00:00:17, FastEthernet0/0 |
R5
R5#sh ip route rip 1.0.0.0/24 is subnetted, 1 subnets R 1.1.1.0 [120/1] via 10.1.45.4, 00:00:17, FastEthernet0/0 10.0.0.0/24 is subnetted, 2 subnets R 10.1.12.0 [120/1] via 10.1.45.4, 00:00:17, FastEthernet0/0 |
And we can confirm with a ping from R1 to R5
R1#ping 5.5.5.5 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 76/103/120 ms R1#tra R1#traceroute 5.5.5.5 Type escape sequence to abort. Tracing the route to 5.5.5.5 1 10.1.12.2 44 msec 44 msec 24 msec 2 10.1.23.3 [MPLS: Labels 19/19 Exp 0] 132 msec 68 msec 80 msec 3 10.1.45.4 [MPLS: Label 19 Exp 0] 96 msec 64 msec 56 msec 4 10.1.45.5 112 msec * 88 msec |
Comments
Post a Comment