Verification 193

Verification

At this stage in the network, there’s really not much troubleshooting that you can do. In Chapter 6, you’ll be able to verify MP-IBGP configuration by watching the routes from one site being populated through MP-IBGP to another site.

For right now, you can verify MP-IBGP using the show ip bgp neighbors command. The output from this command as executed on the Raleigh POP router is as follows:

Raleigh#show ip bgp neighbors

BGP neighbor is 204.134.83.1, remote AS 65000, internal link BGP version 4, remote router ID 204.134.83.1

BGP state = Established, up for 00:00:29

Last read 00:00:28, hold time is 180, keepalive interval is 60 seconds

Neighbor capabilities:

Route refresh: advertised and received

Address family IPv4 Unicast: advertised and received Address family VPNv4 Unicast: advertised and received

Received 14 messages, 0 notifications, 0 in queue Sent 14 messages, 0 notifications, 0 in queue Route refresh request: received 0, sent 0

Default minimum time between advertisement runs is 5 seconds

For address family: IPv4 Unicast

BGP table version 13, neighbor version 13 Index 2, Offset 0, Mask 0x4

NEXT_HOP is always this router

2 accepted prefixes consume 72 bytes

Prefix advertised 6, suppressed 0, withdrawn 0

For address family: VPNv4 Unicast

BGP table version 1, neighbor version 1 Index 1, Offset 0, Mask 0x2

Community attribute sent to this neighbor 0 accepted prefixes consume 0 bytes

Prefix advertised 0, suppressed 0, withdrawn 0

194 Chapter 5 MPLS VPNs

SRTT: 146 ms, RTTO: 1283 ms, RTV: 1137 ms, KRTT: 0 ms minRTT: 28 ms, maxRTT: 300 ms, ACK hold: 200 ms Flags: passive open, nagle, gen tcbs

Datagrams (max data segment is 536 bytes):

Rcvd: 7 (out of order: 0), with data: 4, total data bytes: 152

Sent: 7 (retransmit: 0), with data: 4, total data bytes: 152

If the BGP session is not established, you need to verify that you have configured the neighbor correctly. If everything is configured correctly, make sure you can reach the remote neighbor by pinging the remote neighbor’s IP address.

Exam Essentials 195

Summary

After an IGP has been set up in the core and MPLS or tag switching has been enabled, MP-BGP needs to be configured to support MPLS VPNs. First, enter global BGP and specify the neighbor. After the neighbor is specified, it is later activated. After you’ve fully set up MP-BGP, you’re ready to implement MPLS VPNs.

Cisco makes use of an IOS mechanism called a virtual routing and forwarding (VRF) table to implement a virtual router. VRFs allow for separate and isolated routing tables on a single Cisco router. VRF names are locally significant and case-sensitive. To create a VRF, you use the ip vrf vpn_name command.

Before the VRF becomes active, you must configure a route distinguisher. A route distinguisher is 64 bits in total. You can only configure 48 bits of the 64. The two supported formats for identifying route distinguishers are 16-bit:32-bit and 32-bit:16-bit. The recommended way to configure a route distinguisher is AS number:32-bit number. Remember, the route distinguisher is prepended to the NLRI and creates the VPNv4 address, for a total of 96 bits. The major responsibility of the route distinguisher is to keep possibly overlapping IP addresses from doing so in MP-BGP. To configure the route distinguisher, use the rd #:# command.

Exam Essentials

Understand MPLS VPN packet forwarding. An MPLS VPN builds on the principles of standard MPLS. Packets enter an IP network and receive a VPN label and a standard label to traverse the service provider network. LSRs along the LSP between edge devices do not know about customer networks, and they use the standard label to label-switch packets. Once the packet arrives at the egress PE, the VPN label is used to direct the packet to the correct VPN. Customer routers require no MPLS functionality.

Understand and be able to configure Multi-Protocol BGP (MP-BGP).

Multi-Protocol BGP (MP-BGP) is a requirement for the proper operation of MPLS VPNs. From a network design standpoint, an IGP runs in the service provider core, and BGP runs between edge routers. To enable the edge routers to support MPLS VPNs, MP-BGP must be configured.

196 Chapter 5 MPLS VPNs

A special context is used called address families. MP-BGP must be activated between BGP neighbors and extended communities sent. To configure MPBGP, you must first enter the address-family vpnv4 command from inside BGP configuration. Neighbors must be activated with the activate command. Extended communities must be configured with the sendcommunity extended command. Both standard and extended communities can be configured with the send-community both command.

Understand and be able to configure a virtual routing and forwarding (VRF) table. A VRF is used by Cisco to implement the concept of virtual routers. A VRF is composed of an IP routing table, a CEF table, interfaces, and routing protocol rules and filters. Global routes are not in the VRF. Likewise, VRF routes are not in the global routing table. To configure a VRF, enter global configuration mode and use the ip vrf vpn_name command. VRF names are locally significant and case-sensitive.

Understand and be able to configure a route distinguisher (RD). To keep possibly overlapping IP address from doing so as they traverse the service provider backbone, a route distinguisher (RD) is used. An RD is 48 bits long. The recommended RD format is 16-bit:32-bit. The first 16 bits should be the service provider AS number. The last 32 bits are some number that is significant to the service provider. To configure an RD, use the rd #:# command.

Key Terms

Before you take the exam, be certain you are familiar with the following terms: