- •Acknowledgments
- •Introduction
- •Assessment Test
- •Answers to Assessment Test
- •Service Provider Networks
- •Scalability
- •Traffic Engineering
- •Quality of Service
- •MPLS Label Stack
- •Shim Header
- •MPLS Architecture
- •Control
- •Forwarding
- •MPLS Label Switching
- •MPLS Network Components
- •Device Output
- •Label-Switched Paths
- •MPLS Applications
- •MPLS and ATM
- •Overlay
- •Quality of Service
- •Traffic Engineering
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Routing Review
- •Frame-Mode MPLS Working Example
- •Network Routing Protocol Examples
- •MPLS Step by Step
- •Label Distribution
- •Assigning Labels
- •Troubleshooting and Verification
- •Device Configuration
- •IGP Verification
- •CEF Verification
- •MPLS Verification
- •Label Distribution and Bindings
- •Binding Verification
- •Troubleshooting the Network
- •Hiding Service Provider Devices
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Frame-Mode MPLS and ATM
- •Frame-Mode MPLS and ATM Configuration
- •Cell-Mode MPLS
- •Label Binding with ATM
- •Cell-Mode Label Switching
- •VC Merge
- •Loop Prevention
- •Cell-Mode MPLS Configuration
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •VPNs 101
- •Point-to-Point Connections
- •Virtual Private Networks
- •Categories of VPNs
- •VPN Routing
- •Peer-to-Peer VPNs
- •Optimal Routing
- •Peer-to-Peer Security
- •Peer-to-Peer VPN Routing
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Service Provider Configuration
- •MPLS VPNs
- •Virtual Router
- •Virtual Routing and Forwarding Tables
- •MPLS Operational Overview
- •MP-BGP Configuration
- •An MPLS VPN Example
- •Route Distinguisher
- •MP-IBGP Configuration Example
- •Initial Network Configuration
- •MP-IBGP Configuration
- •Verification
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •A Review of VPNs
- •Configuring a Simple MPLS VPN
- •Configuring VRF Interfaces
- •Running RIP in an MPLS VPN
- •Configuring RIPv2 with Address-Family ipv4
- •Configuring Redistribution
- •Route Targets
- •Configuring Route Targets
- •A Review of Simple VPN Configuration
- •Configuring MPLS in the Service Provider Network
- •Simple VPN Configuration
- •Configuring the PE-CE Routing Protocol
- •Lab: Configuring an MPLS VPN
- •Configuring POP Routers
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer 1 Running-Config
- •Peer 2 Running-Config
- •Verification with Ping
- •Routing Table Isolation
- •Verifying VRF Routes
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •MP-BGP and OSPF
- •A Review of OSPF
- •OSPF Router Types
- •Link State Advertisements
- •OSPF for MPLS VPNs
- •OSPF Super-Backbone
- •Preventing Routing Loops
- •Path Selection
- •MPLS VPN OSPF Lab
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Static Routing
- •Device Configuration
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer Router Configuration
- •Verification with Ping
- •Verifying Static VRF Routes
- •E-BGP and MPLS VPNs
- •Device Configuration
- •E-BGP Operation
- •AS-Override
- •VPN Configuration
- •Raleigh Running-Config
- •Atlanta Running-Config
- •Peer Router Configuration
- •Peer 1 Running-Config
- •Peer 2 Running-Config
- •Verification with Ping
- •Advanced MPLS VPN Topologies
- •Simple VPNs
- •Central Services MPLS VPN Topology
- •Overlay MPLS VPN Topology
- •Summary
- •Exam Essentials
- •Key Terms
- •Review Questions
- •Answers to Review Questions
- •Challenge Lab 1
- •MPLS
- •MP-IBGP
- •Answer to Lab 1.1
- •Answer to Lab 1.2
- •Answer to Lab 1.3
- •Challenge Lab 2
- •Tag Switching
- •MP-IBGP
- •Answer to Lab 2.1
- •Answer to Lab 2.2
- •Answer to Lab 2.3
- •Challenge Lab 3
- •VRF Configuration
- •RIPv2
- •Redistribution
- •Answer to Lab 3.1
- •Answer to Lab 3.2
- •Answer to Lab 3.3
- •Challenge Lab 4
- •VRF Configuration
- •OSPF
- •Redistribution
- •Answer to Lab 4.1
- •Answer to Lab 4.2
- •Answer to Lab 4.3
- •Challenge Lab 5
- •VRF Configuration
- •Static Routes and Redistribution
- •Answer to Lab 5.1
- •Answer to Lab 5.2
- •Challenge Lab 6
- •VRF Configuration
- •E-BGP Configuration
- •Answer to Lab 6.1
- •Answer to Lab 6.2
- •Service Provider Network Configuration with OSPF
- •Router Configuration
- •Routing Tables
- •Tags
- •Service Provider Network Configuration with IS-IS
- •Router Configuration
- •Routing Tables
- •Tag Switching Forwarding Tables
- •Glossary
370 Chapter 8 Advanced MPLS Topics
On PE3 and PE4, the following configuration exists for CustomerB_VPN:
ip vrf customerb_vpn route-target export 517:38 route-target import 517:38
For an overlay VPN topology, CustomerA_HQ and CustomerB_HQ need to know each other’s routes. They both will import and export a route target of 517:2067. The configuration, for CustomerA_HQ, on PE2 is as follows:
ip vrf customera_vpn route-target export 517:1 route-target import 517:1 route-target export 517:2067 route-target import 517:2067
The configuration, for CustomerB_HQ, on PE3 is as follows:
ip vrf customerb_vpn route-target export 517:38 route-target import 517:38 route-target export 517:2067 route-target import 517:2067
Summary
In addition to using RIPv2 as a PE-CE routing protocol as discussed in Chapter 6, “MPLS VPNs and RIP,” or OSPF as discussed in Chapter 7, “MPLS VPNs and OSPF,” static routes and E-BGP are supported for use in MPLS VPNs. For static routes, a static route is specified with the ip route vrf vpn_name command. Don’t forget that this route must be redistributed into MP-BGP with the redistribute static command.
An E-BGP connection can be made between a PE and CE router. BGP is a wonderful protocol in that you have advanced filtering and control mechanisms that can be configured. To prevent a network from accepting a malicious number of routes, the maximum routes command can be used to limit the number of routes in a VRF. When configuring an E-BGP connection, the neighbor needs to be activated. For topologies where the same AS number is reused, the AS-override allows the service provider to override the AS path.
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Key Terms 371
In addition to simple MPLS VPN topologies, the route distinguisher allows for the support of many more complex topologies. This chapter introduced you to overlay and Central Services MPLS VPN topologies. An overlay VPN is where a site participates in more than one VPN at a time. A Central Services VPN is where some central point must be accessed by several sites, but those sites do not have routing knowledge of each other.
Exam Essentials
Understand static routing for use in MPLS VPNs. If you don’t want the associated overhead of running a routing protocol between a PE and CE router, static routes are supported for MPLS VPNs. To configure a static route, use the ip route vrf vpn_name command. Don’t forget to redistribute the static route into MP-BGP.
Understand E-BGP for use in MPLS VPNs. E-BGP is supported as a PE-CE routing protocol. When configuring an E-BGP connection to
a CE device, the neighbor must be activated. For cases where the same AS number is being reused, the as-override command can be used to override the AS path.
Understand complex VPN topologies. An overlay VPN is a topology where a site participates in more than one MPLS VPN. A Central Services VPN topology is the name of a topology where sites connect to some centralized server or service. The sites don’t have routing information about each other, only about the Central Services site. The Central Services site has routing knowledge of all sites.
Key Terms
Before you take the exam, be certain you are familiar with the following terms:
AS-override |
simple MPLS VPN topology |
Central Services MPLS VPN |
static routes |
topology |
|
overlay MPLS VPN topology |
|
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
372 Chapter 8 Advanced MPLS Topics
Review Questions
1.Which command do you use to place a static route into MP-BGP?
A.redistribute connected
B.redistribute static
C.redistribute vrf static
D.None of the above
2.For static VRF routes, the outgoing interface is ___________.
A.Mandatory
B.Optional
C.None of the above
3.For static VRF routes, the next hop IP address is ___________.
A.Mandatory
B.Optional
C.None of the above
4.What command is used to configure a static VRF route?
A.ip route
B.ip route vrf vpn_name
C.ip vrf vpn_name route
D.ip vrf route vpn_name
5.What command is used to configure a standard static route?
A.ip route
B.ip route vrf vpn_name
C.ip vrf vpn_name route
D.ip vrf route vpn_name
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Review Questions 373
6.What command is used to advertise the subnets of interfaces in a VRF?
A.redistribute static
B.redistribute connected vrf vpn_name
C.redistribute connected
D.redistribute vrf vpn_name connected
7.Which of the following routing protocols is not supported as a PE-CE routing protocol?
A.RIPv2
B.E-BGP
C.EIGRP
D.OSPF
8.E-BGP neighbors must be ___________.
A.Redistributed
B.Activated
C.Upgraded
D.None of the above
9.Customers connecting to a PE using E-BGP ___________ need to be upgraded to the latest MPLS IOS.
A.Do
B.Do not
C.None of the above
10.Which one of the following features is used to address problems associated with reusing the same AS number between customer sites?
A.AS path prepending
B.AS-override
C.Maximum routes
D.VC merge
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
374Chapter 8 Advanced MPLS Topics
11.Without AS-override, where customer sites reuse the same AS number, routers think there is a ___________.
A.Down interface
B.Multihoming
C.Routing loop
D.None of the above
12.Which of the following commands is used to configure AS-override?
A.neighbor ip_address as-override
B.neighbor ip_address as override
C.neighbor ip_address as-override activate
D.neighbor ip_address as-override vrf vpn_name
13.E-BGP routes ___________ need to be redistributed into MP-BGP.
A.Do
B.Do not
C.May
14.Which of the following features is used to limit the number of routes in a VRF?
A.AS path prepending
B.AS-override
C.Maximum routes
D.VC merge
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
Review Questions 375
15.In the following code snippet, what is the maximum number of routes allowed in the VRF?
ip vrf vpn-X rd 1000:1
route-target both 1000:1 maximum-routes 10 75
A.1000:1
B.10
C.75
D.None of the above
16.Once the maximum number of routes has entered a VRF when configured with the maximum-routes command, additional routes will be ___________.
A.Dropped
B.Permitted
C.Permitted with a message being sent to a SYSLOG server
D.None of the above
17.Two sites connected in a VPN topology where the route-target both command was used is most likely a ___________.
A.Simple MPLS VPN
B.Overlay MPLS VPN
C.Central Services MPLS VPN
18.Which topology best represents the situation where a site participates in more than one VPN?
A.Simple MPLS VPN
B.Overlay MPLS VPN
C.Central Services MPLS VPN
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |
376Chapter 8 Advanced MPLS Topics
19.Which of the following topologies represents a site that can see all other sites, but the other sites can see it and not each other?
A.Simple MPLS VPN
B.Overlay MPLS VPN
C.Central Services MPLS VPN
20.Which of the following features is used to prevent a malicious flooding of routes into the service provider backbone?
A.AS path prepending
B.AS-override
C.Maximum routes
D.VC merge
Copyright ©2002 SYBEX, Inc., Alameda, CA |
www.sybex.com |