Running RIP in an MPLS VPN 209
To complete the configuration on PE2, interfaces need to be added to the appropriate VRFs using the following commands:
PE2#config t
PE2(config)#interface serial 0/1
PE2(config-if)#ip vrf forwarding vpn_a
PE2(config-if)#ip address 10.3.0.1 mask 255.255.0.0
PE2(config)#interface serial 0/2
PE2(config-if)#ip vrf forwarding vpn_b
PE2(config-if)#ip address 10.3.0.1 mask 255.255.0.0
Don’t forget, when you do this for real, always make sure that the correct interface is in the correct VRF or the two customers might get access to each other’s networks.
Believe it or not, you’re still not done configuring everything necessary to set up a VPN. You still have route targets and routing protocols to configure. Make sure that you’re comfortable with the steps required to configure the VRF interfaces described in this section. Routing protocols and route targets are coming next.
Running RIP in an MPLS VPN
Learning how to configure route targets and VPN routing protocol is usually best illustrated with an example. This section uses RIPv2 to introduce the route targets and address families for routing protocols.
Figure 6.2 illustrates the routing protocols in use in the example service provider network.
F I G U R E 6 . 2 Network routing protocol usage
Customer A1
RIPv2
|
Serial |
0/0 |
0/0 |
Serial 0/1 |
Serial |
|
|
|
|
|
|
Serial 0/2 |
PE1 |
|
P1 |
|
|
IGP
0/1 |
0/0 |
0/1 |
0/0 |
Serial Serial |
|
Serial Serial |
|
|
P2 |
|
PE2 |
RIPv2
Customer B1
MP-BGP backbone
Customer A2
RIPv2
Serial 0/1
Serial 0/2
RIPv2
Customer B2
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
210 Chapter 6 MPLS VPNs and RIP
Take a look at Figure 6.2. Notice that the MP-IBGP connections between PE1 and PE2 are referred to as an MP-BGP backbone. The MPBGP backbone is used to carry customer routes across the service provider backbone.
Forget about MPLS-based VPNs for a moment and look at Figure 6.3.
F I G U R E 6 . 3 Routing protocols: an alternate view
RIPv2 |
BGP |
RIPv2 |
Customer A1 |
PE1 |
PE2 |
Customer A2 |
Figure 6.3 illustrates the network routing protocols without the MPBGP backbone. In Figure 6.3, the network is presented as RIP-BGP-RIP. How do you get routes from one RIP network to the other if they are traversing a BGP network? Redistribution. Redistribution is the process by which routes from one routing protocol are imported or exported into another routing protocol.
Figure 6.4 illustrates redistribution between the RIP and BGP networks.
F I G U R E 6 . 4 Redistribution for Customer A
|
RIPv2 |
BGP |
RIPv2 |
|
Redistribute |
Redistribute |
|
Customer A1 |
PE1 |
PE2 |
Customer A2 |
|
Redistribute |
Redistribute |
|
Figure 6.5 illustrates the same principle of redistribution for Customer B.
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Running RIP in an MPLS VPN 211
F I G U R E 6 . 5 Redistribution for Customer B
|
RIPv2 |
BGP |
RIPv2 |
|
Redistribute |
Redistribute |
|
Customer B1 |
PE1 |
PE2 |
Customer B2 |
|
Redistribute |
Redistribute |
|
Configuring RIPv2 with Address-Family ipv4
Now you need to configure RIPv2 to exchange routes with the customer routers. Without MPLS VPN functionality, only one global version of RIP is available on a Cisco router. What I mean by this is you only get one routing context for RIP that is configured with the router rip command. With MPLS functionality, you still get one routing process for RIP (router rip) but with separate routing contexts.
Cisco IOS implements routing contexts to provide for separate isolated instances of a single routing protocol. For example, a single router may support many separate customers with a single instance of a routing protocol through the use of routing contexts.
The best way to understand routing contexts is to show you how it works for Customer A and Customer B.
What happens if you use the router rip command on PE1? You enter RIP configuration that is global to the router. Remember that VRFs allow for separate virtual routers to run on a single Cisco router. On PE1, Customer A is running RIPv2 and Customer B is running RIPv2. There are two separate VRFs already configured: vpn_a and vpn_b. Interfaces are in the correct VRFs. Let’s configure RIPv2 first on the Customer A1 router.
One of the benefits of MPLS VPNs is that customers do not require any MPLS VPN functionality. So from the customer perspective, standard RIPv2 configuration applies. Let’s configure simple RIP on Customer A1 with the following commands:
CustomerA1#config t
CustomerA1(config)#router rip
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
212 Chapter 6 MPLS VPNs and RIP
CustomerA1 (config-router)#version 2
CustomerA1 (config-router)#network 10.0.0.0
That’s it; a simple procedure on the customer router. What about on PE1? Well, don’t even think about MPLS VPNs, VRFs, or anything else for right now. Take a look at Figure 6.6 and just think about regular route configuration.
F I G U R E 6 . 6 Customer A1 and PE1 only
.0/16 |
.2/16 |
.1/16 |
|
.0 |
.0 |
.0 |
|
.1 |
.2 |
.2 |
|
10 |
10 |
10 |
|
|
|
|
|
|
|
|
|
Customer A1 PE1
What do you do on PE1 to configure RIP to run between it and the customer router (forgetting about MPLS VPNs for a minute)? You need to execute the following commands to implement the configuration:
PE1#config t
PE1(config)#router rip
PE1(config-router)#version 2
PE1(config-router)#network 10.0.0.0
Normal stuff, right? I hope so! How do you configure RIP only for the Customer A VRF? By using the address-family ipv4 vrf vpn_name command. The proper configuration of PE1 for Customer A (vpn_a) is as follows:
PE1#config t
PE1(config)#router rip
PE1(config-router)#version 2
PE1(config-router)#address-family ipv4 vrf vpn_a
PE1(config-router-af)#network 10.0.0.0
To configure RIPv2 to run in the VRF for Customer B (vpn_b), the process needs to be repeated. The commands to configure Customer B are as follows:
PE1#config t
PE1(config)#router rip
PE1(config-router)#version 2
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |