Lab: Configuring an MPLS VPN 233

address-family vpnv4

neighbor 204.134.83.3 activate

neighbor 204.134.83.3 send-community both no auto-summary

exit-address-family

!

ip classless

no ip http server

!

!

!

line con 0 exec-timeout 0 0 privilege level 15 logging synchronous transport input none

ip netmask-format decimal line aux 0

line vty 0 4 privilege level 15 password cisco logging synchronous login

ip netmask-format decimal

!

VPN Configuration

So now the network is all set up, and you need to configure an MPLS VPN.

From a business case standpoint, Peer 1 and Peer 2 require a simple MPLSbased VPN. Peer 1 and Peer 2 will run RIPv2 to exchange network routes.

The first thing to configure on the Atlanta POP router is a VRF with a route distinguisher and a route target. The configuration for the Atlanta POP is implemented using the following commands:

Atlanta#conf t

Enter configuration commands, one per line. End with CNTL/Z.

234 Chapter 6 MPLS VPNs and RIP

Atlanta(config)#ip vrf vpn_1

Atlanta(config-vrf)#rd 65000:1

Atlanta(config-vrf)#route-target both 65000:1

The next step is to associate the interface that connects to Peer 1 to the

VRF using the following commands:

Atlanta(config)#int s 0/1

Atlanta(config-if)#ip vrf forwarding vpn_1

%Interface Serial0/1 IP address 192.168.3.6 removed due to enabling VRF vpn_1

Atlanta(config-if)#ip address 192.168.3.6 255.255.255.252

The third step is to configure a routing context for the VRF in RIPv2 with the following commands:

Atlanta(config)#router rip

Atlanta(config-router)#address-family ipv4 vrf vpn_1

Atlanta(config-router-af)#network 192.168.3.0

The fourth step is to configure redistribution using the following commands:

Atlanta(config-router-af)#redistribute bgp 65000 metric transparent

Now on to BGP. You need to configure the redistribution for the VPN into BGP for the VRF by executing the following commands:

Atlanta(config-router-af)#exit

Atlanta(config-router)#exit

Atlanta(config)#router bgp 65000

Atlanta(config-router)#address-family ipv4 vrf vpn_1

Atlanta(config-router-af)#redistribute rip

You need to repeat these configuration steps on the Raleigh POP router. The first thing to configure on the Raleigh POP is a VRF with a route distinguisher and a route target by executing the following commands:

Raleigh#conf t

Enter configuration commands, one per line. End with

CNTL/Z.

Lab: Configuring an MPLS VPN 235

Raleigh(config)#ip vrf vpn_1

Raleigh(config-vrf)#rd 65000:1

Raleigh(config-vrf)#route-target both 65000:1

Next, you need to associate the interface that connects to Peer 1 to the VRF using the following commands:

Raleigh(config-vrf)#exit

Raleigh(config)#int s 0/1

Raleigh(config-if)#ip vrf forwarding vpn_1

%Interface Serial0/1 IP address 192.168.3.9 removed due to enabling VRF vpn_1

Raleigh(config-if)#ip address 192.168.3.9 255.255.255.252

To configure a routing context for the VRF in RIPv2, use the following commands:

Raleigh(config)#router rip

Raleigh(config-router)#address-family ipv4 vrf vpn_1

Raleigh(config-router-af)#network 192.168.3.0

To configure redistribution on the Raleigh POP router, use the following command:

Raleigh(config-router-af)#redistribute bgp 65000 metric transparent

Now on to BGP. You configure the redistribution for the VPN into BGP for the VRF with the following commands:

Raleigh(config-router-af)#exit

Raleigh(config-router)#exit

Raleigh(config)#router bgp 65000

Raleigh(config-router)#address-family ipv4 vrf vpn_1

Raleigh(config-router-af)#redistribute rip

Raleigh Running-Config

This section contains the running-config of the Raleigh POP router. Try to get in the habit of reading and verifying the configurations of the routers.

236 Chapter 6 MPLS VPNs and RIP

Raleigh#show running-config

Building configuration...

Current configuration : 1997 bytes

!

version 12.1

service timestamps debug uptime service timestamps log uptime no service password-encryption

!

hostname Raleigh

!

enable password cisco

!

!

!

!

!

memory-size iomem 25 ip subnet-zero

ip tcp synwait-time 5 no ip domain-lookup

!

!

ip vrf vpn_1 rd 65000:1

route-target export 65000:1 route-target import 65000:1

ip cef

cns event-service server

!

!

!

!

!

interface Loopback0

Lab: Configuring an MPLS VPN 237

ip address 204.134.83.3 255.255.255.255

!

interface Serial0/0 no ip address shutdown

no fair-queue clockrate 64000

!

interface Serial0/1

description *** Link to Peer2 ***

ip vrf forwarding vpn_1

ip address 192.168.3.9 255.255.255.252 clockrate 64000

!

interface Serial0/2 no ip address shutdown

clockrate 64000

!

interface Serial0/3

description *** Link to Core Router ***

ip address 204.134.83.10 255.255.255.252 tag-switching ip

clockrate 64000

!

interface Ethernet1/0 no ip address shutdown

!

interface Ethernet1/1 no ip address shutdown

!

interface Ethernet1/2 no ip address shutdown

!

238 Chapter 6 MPLS VPNs and RIP

interface Ethernet1/3 no ip address shutdown

!

router rip version 2

network 204.134.83.0

!

address-family ipv4 vrf vpn_1 version 2

redistribute bgp 65000 metric transparent network 192.168.3.0

no auto-summary exit-address-family

!

router bgp 65000

no synchronization

bgp log-neighbor-changes

neighbor 204.134.83.1 remote-as 65000 neighbor 204.134.83.1 update-source Loopback0 neighbor 204.134.83.1 next-hop-self

no auto-summary

!

address-family ipv4 vrf vpn_1 redistribute rip

no auto-summary

no synchronization exit-address-family

!

address-family vpnv4

neighbor 204.134.83.1 activate

neighbor 204.134.83.1 send-community both no auto-summary

exit-address-family

!

ip classless