- •Acknowledgments
- •Introduction
- •Assessment Test
- •Answers to Assessment Test
- •Service Provider Networks
- •Scalability
- •Traffic Engineering
- •Quality of Service
- •MPLS Label Stack
- •Shim Header
- •MPLS Architecture
- •Control
- •Forwarding
- •MPLS Label Switching
- •MPLS Network Components
- •Device Output
- •Label-Switched Paths
- •MPLS Applications
- •MPLS and ATM
- •Overlay
- •Quality of Service
- •Traffic Engineering
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Routing Review
- •Frame-Mode MPLS Working Example
- •Network Routing Protocol Examples
- •MPLS Step by Step
- •Label Distribution
- •Assigning Labels
- •Troubleshooting and Verification
- •Device Configuration
- •IGP Verification
- •CEF Verification
- •MPLS Verification
- •Label Distribution and Bindings
- •Binding Verification
- •Troubleshooting the Network
- •Hiding Service Provider Devices
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Frame-Mode MPLS and ATM
- •Frame-Mode MPLS and ATM Configuration
- •Cell-Mode MPLS
- •Label Binding with ATM
- •Cell-Mode Label Switching
- •VC Merge
- •Loop Prevention
- •Cell-Mode MPLS Configuration
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •VPNs 101
- •Point-to-Point Connections
- •Virtual Private Networks
- •Categories of VPNs
- •VPN Routing
- •Peer-to-Peer VPNs
- •Optimal Routing
- •Peer-to-Peer Security
- •Peer-to-Peer VPN Routing
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Service Provider Configuration
- •MPLS VPNs
- •Virtual Router
- •Virtual Routing and Forwarding Tables
- •MPLS Operational Overview
- •MP-BGP Configuration
- •An MPLS VPN Example
- •Route Distinguisher
- •MP-IBGP Configuration Example
- •Initial Network Configuration
- •MP-IBGP Configuration
- •Verification
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •A Review of VPNs
- •Configuring a Simple MPLS VPN
- •Configuring VRF Interfaces
- •Running RIP in an MPLS VPN
- •Configuring RIPv2 with Address-Family ipv4
- •Configuring Redistribution
- •Route Targets
- •Configuring Route Targets
- •A Review of Simple VPN Configuration
- •Configuring MPLS in the Service Provider Network
- •Simple VPN Configuration
- •Configuring the PE-CE Routing Protocol
- •Lab: Configuring an MPLS VPN
- •Configuring POP Routers
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer 1 Running-Config
- •Peer 2 Running-Config
- •Verification with Ping
- •Routing Table Isolation
- •Verifying VRF Routes
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •MP-BGP and OSPF
- •A Review of OSPF
- •OSPF Router Types
- •Link State Advertisements
- •OSPF for MPLS VPNs
- •OSPF Super-Backbone
- •Preventing Routing Loops
- •Path Selection
- •MPLS VPN OSPF Lab
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Static Routing
- •Device Configuration
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer Router Configuration
- •Verification with Ping
- •Verifying Static VRF Routes
- •E-BGP and MPLS VPNs
- •Device Configuration
- •E-BGP Operation
- •AS-Override
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer Router Configuration
- •Peer 1 Running-Config
- •Peer 2 Running-Config
- •Verification with Ping
- •Advanced MPLS VPN Topologies
- •Simple VPNs
- •Central Services MPLS VPN Topology
- •Overlay MPLS VPN Topology
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Challenge Lab 1
- •MPLS
- •MP-IBGP
- •Answer to Lab 1.1
- •Answer to Lab 1.2
- •Answer to Lab 1.3
- •Challenge Lab 2
- •Tag Switching
- •MP-IBGP
- •Answer to Lab 2.1
- •Answer to Lab 2.2
- •Answer to Lab 2.3
- •Challenge Lab 3
- •VRF Configuration
- •RIPv2
- •Redistribution
- •Answer to Lab 3.1
- •Answer to Lab 3.2
- •Answer to Lab 3.3
- •Challenge Lab 4
- •VRF Configuration
- •OSPF
- •Redistribution
- •Answer to Lab 4.1
- •Answer to Lab 4.2
- •Answer to Lab 4.3
- •Challenge Lab 5
- •VRF Configuration
- •Static Routes and Redistribution
- •Answer to Lab 5.1
- •Answer to Lab 5.2
- •Challenge Lab 6
- •VRF Configuration
- •E-BGP Configuration
- •Answer to Lab 6.1
- •Answer to Lab 6.2
- •Service Provider Network Configuration with OSPF
- •Router Configuration
- •Routing Tables
- •Tags
- •Service Provider Network Configuration with IS-IS
- •Router Configuration
- •Routing Tables
- •Tag Switching Forwarding Tables
- •Glossary
Running RIP in an MPLS VPN 209
To complete the configuration on PE2, interfaces need to be added to the appropriate VRFs using the following commands:
PE2#config t
PE2(config)#interface serial 0/1
PE2(config-if)#ip vrf forwarding vpn_a
PE2(config-if)#ip address 10.3.0.1 mask 255.255.0.0
PE2(config)#interface serial 0/2
PE2(config-if)#ip vrf forwarding vpn_b
PE2(config-if)#ip address 10.3.0.1 mask 255.255.0.0
Don’t forget, when you do this for real, always make sure that the correct interface is in the correct VRF or the two customers might get access to each other’s networks.
Believe it or not, you’re still not done configuring everything necessary to set up a VPN. You still have route targets and routing protocols to configure. Make sure that you’re comfortable with the steps required to configure the VRF interfaces described in this section. Routing protocols and route targets are coming next.
Running RIP in an MPLS VPN
Learning how to configure route targets and VPN routing protocol is usually best illustrated with an example. This section uses RIPv2 to introduce the route targets and address families for routing protocols.
Figure 6.2 illustrates the routing protocols in use in the example service provider network.
F I G U R E 6 . 2 Network routing protocol usage
Customer A1
RIPv2
|
Serial |
0/0 |
0/0 |
Serial 0/1 |
Serial |
|
|
|
|
|
|
Serial 0/2 |
PE1 |
|
P1 |
|
|
IGP
0/1 |
0/0 |
0/1 |
0/0 |
Serial Serial |
|
Serial Serial |
|
|
P2 |
|
PE2 |
RIPv2
Customer B1
MP-BGP backbone
Customer A2
RIPv2
Serial 0/1
Serial 0/2
RIPv2
Customer B2
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
210 Chapter 6 MPLS VPNs and RIP
Take a look at Figure 6.2. Notice that the MP-IBGP connections between PE1 and PE2 are referred to as an MP-BGP backbone. The MPBGP backbone is used to carry customer routes across the service provider backbone.
Forget about MPLS-based VPNs for a moment and look at Figure 6.3.
F I G U R E 6 . 3 Routing protocols: an alternate view
RIPv2 |
BGP |
RIPv2 |
Customer A1 |
PE1 |
PE2 |
Customer A2 |
Figure 6.3 illustrates the network routing protocols without the MPBGP backbone. In Figure 6.3, the network is presented as RIP-BGP-RIP. How do you get routes from one RIP network to the other if they are traversing a BGP network? Redistribution. Redistribution is the process by which routes from one routing protocol are imported or exported into another routing protocol.
Figure 6.4 illustrates redistribution between the RIP and BGP networks.
F I G U R E 6 . 4 Redistribution for Customer A
|
RIPv2 |
BGP |
RIPv2 |
|
Redistribute |
Redistribute |
|
Customer A1 |
PE1 |
PE2 |
Customer A2 |
|
Redistribute |
Redistribute |
|
Figure 6.5 illustrates the same principle of redistribution for Customer B.
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Running RIP in an MPLS VPN 211
F I G U R E 6 . 5 Redistribution for Customer B
|
RIPv2 |
BGP |
RIPv2 |
|
Redistribute |
Redistribute |
|
Customer B1 |
PE1 |
PE2 |
Customer B2 |
|
Redistribute |
Redistribute |
|
Configuring RIPv2 with Address-Family ipv4
Now you need to configure RIPv2 to exchange routes with the customer routers. Without MPLS VPN functionality, only one global version of RIP is available on a Cisco router. What I mean by this is you only get one routing context for RIP that is configured with the router rip command. With MPLS functionality, you still get one routing process for RIP (router rip) but with separate routing contexts.
Cisco IOS implements routing contexts to provide for separate isolated instances of a single routing protocol. For example, a single router may support many separate customers with a single instance of a routing protocol through the use of routing contexts.
The best way to understand routing contexts is to show you how it works for Customer A and Customer B.
What happens if you use the router rip command on PE1? You enter RIP configuration that is global to the router. Remember that VRFs allow for separate virtual routers to run on a single Cisco router. On PE1, Customer A is running RIPv2 and Customer B is running RIPv2. There are two separate VRFs already configured: vpn_a and vpn_b. Interfaces are in the correct VRFs. Let’s configure RIPv2 first on the Customer A1 router.
One of the benefits of MPLS VPNs is that customers do not require any MPLS VPN functionality. So from the customer perspective, standard RIPv2 configuration applies. Let’s configure simple RIP on Customer A1 with the following commands:
CustomerA1#config t
CustomerA1(config)#router rip
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
212 Chapter 6 MPLS VPNs and RIP
CustomerA1 (config-router)#version 2
CustomerA1 (config-router)#network 10.0.0.0
That’s it; a simple procedure on the customer router. What about on PE1? Well, don’t even think about MPLS VPNs, VRFs, or anything else for right now. Take a look at Figure 6.6 and just think about regular route configuration.
F I G U R E 6 . 6 Customer A1 and PE1 only
.0/16 |
.2/16 |
.1/16 |
|
.0 |
.0 |
.0 |
|
.1 |
.2 |
.2 |
|
10 |
10 |
10 |
|
|
|
|
|
|
|
|
|
Customer A1 PE1
What do you do on PE1 to configure RIP to run between it and the customer router (forgetting about MPLS VPNs for a minute)? You need to execute the following commands to implement the configuration:
PE1#config t
PE1(config)#router rip
PE1(config-router)#version 2
PE1(config-router)#network 10.0.0.0
Normal stuff, right? I hope so! How do you configure RIP only for the Customer A VRF? By using the address-family ipv4 vrf vpn_name command. The proper configuration of PE1 for Customer A (vpn_a) is as follows:
PE1#config t
PE1(config)#router rip
PE1(config-router)#version 2
PE1(config-router)#address-family ipv4 vrf vpn_a
PE1(config-router-af)#network 10.0.0.0
To configure RIPv2 to run in the VRF for Customer B (vpn_b), the process needs to be repeated. The commands to configure Customer B are as follows:
PE1#config t
PE1(config)#router rip
PE1(config-router)#version 2
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |