Summary 251

by R in the routing table output). The RIPv2 route in the output that precedes this paragraph was learned from Peer 1. The B routes are from the Raleigh POP; they are Peer 2 RIPv2 routes redistributed into MP-BGP and carried across the service provider backbone.

On the Raleigh POP router, there are also BGP (B) routes and a RIPv2 route (R). The RIPv2 route is learned from Peer 2. The B routes come from the Atlanta POP router. The routing table for vpn_1 is as follows:

Raleigh#show ip route vrf vpn_1

.

. Output Omitted

.

Gateway of last resort is not set

B 192.168.1.0 255.255.255.0 [200/1] via 204.134.83.1, 00:02:57

R 192.168.2.0 255.255.255.0 [120/1] via 192.168.3.10, 00:00:12, Serial0/1

192.168.3.0 255.255.255.252 is subnetted, 2 subnets C 192.168.3.8 is directly connected, Serial0/1

B 192.168.3.4 [200/0] via 204.134.83.1, 00:09:12

Summary

In this chapter, you were able to put all the pieces together to implement a simple MPLS VPN. First of all, from a service provider network standpoint, you need to configure an IGP in the core of the network and configure BGP between the PE routers. In preparation for MPLS VPNs, MP-BGP is configured under address-family vpnv4 in BGP.

To configure a VRF, the ip vrf vpn_name command is used. Route distinguishers are assigned using the rd #:# command. For a simple VPN, the import and export route targets are the same, and they should match the route distinguisher value. The shortcut to configuring the import and export route target in one line is the route-target both number command.

To configure RIPv2 for use in an MPLS VPN, the clients use standard Cisco IOS. PE routers have VRF routing contexts for RIP. To configure the

252 Chapter 6 MPLS VPNs and RIP

VRF routing contexts in RIP, you need to use the address-family ipv4 vrf vpn_name command. Inside the routing context, standard IOS syntax is used to configure the routing protocol.

Routes from RIP need to be redistributed into MP-BGP. Under the address-family ipv4 vrf vpn_name section in BGP, the redistribute rip command is used to redistribute RIP routes into MP-BGP. MP-BGP routes need to be redistributed into RIP. To ensure that the RIP hop count is preserved, you use the redistribute bgp AS# metric transparent command to redistribute BGP routes into RIP under the VRF routing context in RIP. Troubleshooting an MPLS VPN is usually done by viewing the routing tables on various devices in the network. Routes learned from the CE should be visible in the VRF routing table on the neighboring PE. To view the VRF routing table, use the show ip route vrf vpn_name command. Routes redistributed into MP-BGP are learned by other MP-BGP neighbor PE routes and displayed as BGP (B) routes in the VRF routing table. The simplest way to troubleshoot a VPN is to make sure that the clients can ping one another. If the CE routers can ping one another, the VPN should be set up correctly.

Exam Essentials

Understand routing contexts. Cisco uses an IOS mechanism called a routing context to provide for separate instances of routing protocols. To configure RIP for a particular VPN, you use the address-family ipv4 vrf vpn_name command.

Understand and be able to configure MPLS VPNs and redistribution.

The PE routers run routing contexts that allow for isolated routing protocol instances for separate customers. Routes learned from customers must be redistributed into the MP-BGP backbone for transit across the service provider network. Routes from other VPNs must be redistributed from MP-BGP back into the appropriate routing context.

Understand and be able to configure route targets. Route targets are used to support complex VPN topologies. A route target is 64 bits in size, but only 48 bits are configurable. Just like a route distinguisher, a route target is either 16-bit:32-bit or 32-bit:16-bit. For simple VPN implementations, the route target value is usually the same as the route distinguisher

Key Terms 253

value. Remember, there is no correlation between the route distinguisher and the route target; they perform different functions. It is possible to have multiple import and export route targets.

Understand and be able to configure import and export route targets.

When routes are redistributed from a routing context into MP-BGP, the export route target value is applied. To configure the export route target, you use the route-target export number command. To redistribute routes from MP-BGP back into the right VPN, the route target value is read. To import routes into a VRF, you use the route-target import number command. For simple VPNs, the import and export route target values are the same. To save time, you can use the route-target both number command, which is the same as executing the route-target import number and route-target export number commands.

Key Terms

Before you take the exam, be certain you are familiar with the following terms:

254 Chapter 6 MPLS VPNs and RIP

Review Questions

1.How many bits long is a route target?

A.16

B.32

C.48

D.64

2.For simple VPNs, the route distinguisher and route target values should be ___________.

A.The same

B.Different

3.Which of the following commands configures an import route target?

A.route-target both number

B.route-target import number

C.route-target export number

D.route target both number

4.Which of the following commands is not used when configuring RIP for a particular VPN?

A.router rip

B.address-family ipv4 vrf vpn_name

C.address-family vpnv4

5.ISDN is a ___________ VPN technology.

A.Layer 1

B.Layer 2

C.Layer 3

D.Layer 4

Review Questions 255

6.IPSec is a ___________ VPN technology.

A.Layer 1

B.Layer 2

C.Layer 3

D.Layer 4

7.Frame Relay is a ___________ VPN technology.

A.Layer 1

B.Layer 2

C.Layer 3

D.Layer 4

8.Which command do you use to view the VRF routing table?

A.show ip route vpn_name

B.show ip route vrf vpn_name

C.show ip route ipv4 vrf vpn_name

D.show ip vrf route vpn_name

9.Which of the following are valid route target formats? (Choose all that apply.)

A.8:32

B.16:32

C.32:16

D.16:48

10.To configure MP-BGP, a neighbor must be configured globally and then ___________.

A.Configured

B.Activated

C.Sent standard communities

D.Configured with VDP

256Chapter 6 MPLS VPNs and RIP

11.Which of the following sets of commands is the right way to configure RIP redistribution in BGP for an VRF?

A.router bgp AS# redistribute rip

B.router bgp 65000 address-family vpnv4 redistribute rip

C.router bgp AS#

address-family ipv4 vrf vpn_name redistribute rip

12.Which of the following sets of commands is the right way to configure

BGP redistribution in RIP for a VRF?

A.router rip

redistribute bgp AS# metric transparent

B.router rip

address-family ipv4 vrf vpn_name redistribute AS# metric transparent

C.router rip address-family vpnv4

redistribute bgp AS# metric transparent

13.Which of the following commands is used on the PE to verify that a route is being received from a CE router?

A.show ip route

B.show ip route vrf vpn_name

C.show ip route vpnv4 vpn_name

D.show ip route vpn_name

14.Which of the following are Layer 3 VPN technologies? (Choose all that apply.)

A.IPSec

B.Frame Relay

C.GRE

D.ISDN

Review Questions 257

15.Which of the following commands is used to view the global IP routing table on a PE router?

A.show ip route

B.show ip route vrf vpn_name

C.show ip route vpnv4 vpn_name

D.show ip route vpn_name

16.Which of the following commands is used to associate an interface with a VRF?

A.vrf forwarding vpn_name

B.mpls vrf forwarding vpn_name

C.tag-switching forwarding vpn_name

D.ip vrf forwarding vpn_name

17.After you associate an interface with a VRF, the ___________.

A.Interface needs to be activated with the no shutdown command

B.Router must be rebooted

C.IP address is removed and must be reconfigured

D.VRF needs to be reinitialized

18.CE routers participating in a VPN ___________ learn service provider backbone routes.

A.Do

B.Do not

C.Must

D.None of the above

19.What is the easiest way to verify whether a VPN is working properly?

A.Ping from one CE device to another.

B.Ping from one CE to a core service provider router.

C.Ping from the CE to the adjacent PE.

D.None of the above.

258Chapter 6 MPLS VPNs and RIP

20.RIP routes learned from a customer show up as (R) in the PE routing table for the VRF. When a RIP route is redistributed and sent to another PE through MP-BGP, how is that route displayed in the VRF?

A.R

B.M

C.B

D.None of the above