- •Acknowledgments
- •Introduction
- •Assessment Test
- •Answers to Assessment Test
- •Service Provider Networks
- •Scalability
- •Traffic Engineering
- •Quality of Service
- •MPLS Label Stack
- •Shim Header
- •MPLS Architecture
- •Control
- •Forwarding
- •MPLS Label Switching
- •MPLS Network Components
- •Device Output
- •Label-Switched Paths
- •MPLS Applications
- •MPLS and ATM
- •Overlay
- •Quality of Service
- •Traffic Engineering
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Routing Review
- •Frame-Mode MPLS Working Example
- •Network Routing Protocol Examples
- •MPLS Step by Step
- •Label Distribution
- •Assigning Labels
- •Troubleshooting and Verification
- •Device Configuration
- •IGP Verification
- •CEF Verification
- •MPLS Verification
- •Label Distribution and Bindings
- •Binding Verification
- •Troubleshooting the Network
- •Hiding Service Provider Devices
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Frame-Mode MPLS and ATM
- •Frame-Mode MPLS and ATM Configuration
- •Cell-Mode MPLS
- •Label Binding with ATM
- •Cell-Mode Label Switching
- •VC Merge
- •Loop Prevention
- •Cell-Mode MPLS Configuration
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •VPNs 101
- •Point-to-Point Connections
- •Virtual Private Networks
- •Categories of VPNs
- •VPN Routing
- •Peer-to-Peer VPNs
- •Optimal Routing
- •Peer-to-Peer Security
- •Peer-to-Peer VPN Routing
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Service Provider Configuration
- •MPLS VPNs
- •Virtual Router
- •Virtual Routing and Forwarding Tables
- •MPLS Operational Overview
- •MP-BGP Configuration
- •An MPLS VPN Example
- •Route Distinguisher
- •MP-IBGP Configuration Example
- •Initial Network Configuration
- •MP-IBGP Configuration
- •Verification
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •A Review of VPNs
- •Configuring a Simple MPLS VPN
- •Configuring VRF Interfaces
- •Running RIP in an MPLS VPN
- •Configuring RIPv2 with Address-Family ipv4
- •Configuring Redistribution
- •Route Targets
- •Configuring Route Targets
- •A Review of Simple VPN Configuration
- •Configuring MPLS in the Service Provider Network
- •Simple VPN Configuration
- •Configuring the PE-CE Routing Protocol
- •Lab: Configuring an MPLS VPN
- •Configuring POP Routers
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer 1 Running-Config
- •Peer 2 Running-Config
- •Verification with Ping
- •Routing Table Isolation
- •Verifying VRF Routes
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •MP-BGP and OSPF
- •A Review of OSPF
- •OSPF Router Types
- •Link State Advertisements
- •OSPF for MPLS VPNs
- •OSPF Super-Backbone
- •Preventing Routing Loops
- •Path Selection
- •MPLS VPN OSPF Lab
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Static Routing
- •Device Configuration
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer Router Configuration
- •Verification with Ping
- •Verifying Static VRF Routes
- •E-BGP and MPLS VPNs
- •Device Configuration
- •E-BGP Operation
- •AS-Override
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer Router Configuration
- •Peer 1 Running-Config
- •Peer 2 Running-Config
- •Verification with Ping
- •Advanced MPLS VPN Topologies
- •Simple VPNs
- •Central Services MPLS VPN Topology
- •Overlay MPLS VPN Topology
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Challenge Lab 1
- •MPLS
- •MP-IBGP
- •Answer to Lab 1.1
- •Answer to Lab 1.2
- •Answer to Lab 1.3
- •Challenge Lab 2
- •Tag Switching
- •MP-IBGP
- •Answer to Lab 2.1
- •Answer to Lab 2.2
- •Answer to Lab 2.3
- •Challenge Lab 3
- •VRF Configuration
- •RIPv2
- •Redistribution
- •Answer to Lab 3.1
- •Answer to Lab 3.2
- •Answer to Lab 3.3
- •Challenge Lab 4
- •VRF Configuration
- •OSPF
- •Redistribution
- •Answer to Lab 4.1
- •Answer to Lab 4.2
- •Answer to Lab 4.3
- •Challenge Lab 5
- •VRF Configuration
- •Static Routes and Redistribution
- •Answer to Lab 5.1
- •Answer to Lab 5.2
- •Challenge Lab 6
- •VRF Configuration
- •E-BGP Configuration
- •Answer to Lab 6.1
- •Answer to Lab 6.2
- •Service Provider Network Configuration with OSPF
- •Router Configuration
- •Routing Tables
- •Tags
- •Service Provider Network Configuration with IS-IS
- •Router Configuration
- •Routing Tables
- •Tag Switching Forwarding Tables
- •Glossary
326 Chapter 8 Advanced MPLS Topics
ip netmask-format decimal line aux 0
line vty 0 4 privilege level 15 password cisco logging synchronous login
ip netmask-format decimal
!
VPN Configuration
Once the service provider network is set up, you need to configure an MPLS VPN. From a business case standpoint, the Peer 1 and Peer 2 routers require a simple MPLS-based VPN. The Peer 1 and Peer 2 routers will use the default routes, and the Atlanta and Raleigh POP routers will use the static routes.
The first thing to configure on the Atlanta POP router is a VRF with a route distinguisher and a route target:
Atlanta#conf t
Enter configuration commands, one per line. End with CNTL/Z. Atlanta(config)#ip vrf vpn_1
Atlanta(config-vrf)#rd 65000:1
Atlanta(config-vrf)#route-target both 65000:1
Next, you need to associate the interface that connects to Peer 1 with the VRF:
Atlanta(config)#int s 0/1
Atlanta(config-if)#ip vrf forwarding vpn_1
%Interface Serial0/1 IP address 192.168.3.6 removed due to enabling VRF vpn_1
Atlanta(config-if)#ip address 192.168.3.6 255.255.255.252
Now you need to configure a static route on the Atlanta POP router to point to the loopback of Peer 1. To configure a global static route, use the ip route command. To configure a static route for a particular VRF, use the ip route vrf vpn_name command. The configuration on the Atlanta POP router to configure a static route associated with vpn_1 is as follows. Note
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Static Routing 327
that if more routes were made available from the Peer 1 router, you would need to add more static routes.
Atlanta(config)#ip route vrf vpn_1 192.168.1.1
255.255.255.255 Serial0/1 192.168.3.5
For VRF static routes, the outgoing interface must be specified even if the next
hop address is given.
Now on to BGP. You need to configure the redistribution of the static route and VRF connected interfaces into BGP:
Atlanta(config)#router bgp 65000
Atlanta(config-router)#address-family ipv4 vrf vpn_1
Atlanta(config-router-af)#redistribute connected Atlanta(config-router-af)#redistribute static Atlanta(config-router-af)#^Z
Atlanta#
You need to repeat the same configuration steps on the Raleigh POP router. First, you need to configure a VRF with a route distinguisher and a route target:
Raleigh#conf t
Enter configuration commands, one per line. End with CNTL/Z. Raleigh(config)#ip vrf vpn_1
Raleigh(config-vrf)#rd Raleigh(config-vrf)#rd 65000:1 Raleigh(config-vrf)#route
Raleigh(config-vrf)#route-target both 65000:1
Next, you need to associate the interface that connects to Peer 1 with the VRF:
Raleigh(config-vrf)#exit
Raleigh(config)#int s 0/1
Raleigh(config-if)#ip vrf forwarding vpn_1
%Interface Serial0/1 IP address 192.168.3.9 removed due to enabling VRF vpn_1
Raleigh(config-if)#ip address 192.168.3.9 255.255.255.252
Now you need to configure a static route on the Atlanta POP router to point to the loopback of Peer 2. To configure a global static route, use the
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
328 Chapter 8 Advanced MPLS Topics
ip route command. To configure a static route for a particular VRF, use the ip route vrf vpn_name command. The configuration on the Raleigh POP router to configure a static route associated with vpn_1 is as follows:
Raleigh(config)#ip route vrf vpn_1 192.168.2.1
255.255.255.255 Serial0/1 192.168.3.10
Now on to BGP. You need to configure the redistribution of the static route and VRF connected interfaces into BGP:
Raleigh(config)#router bgp 65000
Raleigh(config-router)#address-family ipv4 vrf vpn_1
Raleigh(config-router-af)#redistribute connected
Raleigh(config-router-af)#redistribute static
Raleigh(config-router-af)#^Z
Raleigh#
The following sections contain the running-configs of the Atlanta and Raleigh POP routers. Try to get in the habit of reading and verifying the configuration.
Raleigh Running-Config
As you review the Raleigh POP router running-config, locate the configuration showing the static route associated with the VRF:
Raleigh#show running-config
Building configuration...
Current configuration : 1947 bytes
!
version 12.1
service timestamps debug uptime service timestamps log uptime no service password-encryption
!
hostname Raleigh
!
enable password cisco
!
!
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Static Routing 329
!
!
!
memory-size iomem 25 ip subnet-zero
ip tcp synwait-time 5 no ip domain-lookup
!
!
ip vrf vpn_1 rd 65000:1
route-target export 65000:1 route-target import 65000:1
ip cef
cns event-service server
!
!
!
!
!
interface Loopback0
ip address 204.134.83.3 255.255.255.255
!
interface Serial0/0 no ip address shutdown
no fair-queue clockrate 64000
!
interface Serial0/1
description *** Link to Peer2 ***
ip vrf forwarding vpn_1
ip address 192.168.3.9 255.255.255.252 clockrate 64000
!
interface Serial0/2
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
330 Chapter 8 Advanced MPLS Topics
no ip address shutdown clockrate 64000
!
interface Serial0/3
description *** Link to Core Router ***
ip address 204.134.83.10 255.255.255.252 tag-switching ip
clockrate 64000
!
interface Ethernet1/0 no ip address shutdown
!
interface Ethernet1/1 no ip address shutdown
!
interface Ethernet1/2 no ip address shutdown
!
interface Ethernet1/3 no ip address shutdown
!
router rip version 2
network 204.134.83.0
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor 204.134.83.1 remote-as 65000 neighbor 204.134.83.1 update-source Loopback0 neighbor 204.134.83.1 next-hop-self
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Static Routing 331
no auto-summary
!
address-family ipv4 vrf vpn_1 redistribute connected redistribute static
no auto-summary
no synchronization exit-address-family
!
address-family vpnv4
neighbor 204.134.83.1 activate
neighbor 204.134.83.1 send-community both no auto-summary
exit-address-family
!
ip classless
ip route vrf vpn_1 192.168.2.1 255.255.255.255 Serial0/1 192.168.3.10
no ip http server
!
!
!
line con 0 exec-timeout 0 0 privilege level 15 logging synchronous transport input none
ip netmask-format decimal line aux 0
line vty 0 4 privilege level 15 password cisco logging synchronous login
ip netmask-format decimal
!
end
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |