Upload
h4harsh
View
172
Download
1
Embed Size (px)
Citation preview
Lab Setup-MEN Part 2
CX600- RT-C, RT-D, RT-E
C7609-RT-A, RT-B, RT-F
C3400 – SW-A
CX200D – SW-B, SW-C
1/12/0/2
1/0/21/0/0
1/2 2/1
2/2 1/0/0
2/0/41/3
2/0/01/1 RT-A
RT-B
RT-C
RT-D
RT-E RT-F
1/0/2 1/2
2/3
Ge0/1
1/0/6
2/4
1/0/4
Ge 0/0/1
SW-A
SW-C
2/5 2/0/6
1/0/8
1/0/4
PC-C
Fe 0/0/9
PC-A
Fe0/9 SW-B
PC-B
1/4
Ge 0/0/1
Fe 0/0/9
2/0/8
Ge0/1
SW-D
SW-E
1/0/6
Ge 0/0/1
1
Lab1- Configuring Basic BGP Functions
CX600- RT-C, RT-D, RT-E
C7609-RT-A, RT-B, RT-F
1/12/0/2
1/0/21/0/0
1/2 2/1
2/2 1/0/0 2/0/41/3 2/0/01/1 RT-A
RT-B
RT-C
RT-D RT-E
AS 65001
Summary IP-192.168.0.0/16
RT-A
Lo- 192.168.255.12/32
2/2 -10.0.1.2/30
2/1-192.168.0.1/30
2/3 -Switchport
AS 65000
Summary IP-10.0.0.0/8
RT-B
Lo- 10.0.255.11/32
1/1 -10.0.1.1/30
1/2 -10.0.0.1/30
1/3 -10.0.0.10/30
RT-C
Lo- 10.0.255.21/32
1/0/0 -10.0.0.2/30
1/0/2 -10.0.0.5/30
RT-D
Lo- 10.0.255.31/32
2/0/0 -10.0.2.1/30
2/0/4 -10.0.0.9/30
2/0/2 -10.0.0.6/30
AS 65002
Summary IP-172.16.0.0/16
RT-E
Lo- 172.16.255.33/32
1/0/0 -10.0.2.2/30
1/0/2 -172.16.0.1/30
RT-F
Lo- 172.16.255.23/32
1/2 -172.16.0.2/30
1/1 -192.168.0.2/30
RT-F
1/0/2 1/2
2/3
Group1- RT-A & RT-B
Group2- RT-C & RT-D
Group3- RT-E & RT-F
0/1
2
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Interface loopback0 Ip address 192.168.255.12 255.255.255.255 Interface gigabitethernet 2/2 Ip address 10.0.1.2 255.255.255.252 No shut/undo shut Negotiation auto (on CX port, if it is connected to Cisco)
Step 2 Configure IBGP connections.
# Configure RT-B.
RT-B(config)#router bgp 65000
RT-B(config-router)#neighbor 10.0.0.2 remote-as 65000
RT-B(config-router)#neighbor 10.0.0.9 remote-as 65000
# Configure RT-D.
[RT-D] bgp 65000
[RT-D-bgp] peer 10.0.0.10 as-number 65000
[RT-D-bgp] peer 10.0.0.5 as-number 65000
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 10.0.0.1 as-number 65000
[RT-C-bgp] peer 10.0.0.6 as-number 65000
# Configure RT-E.
[RT-E] bgp 65002
[RT-E-bgp] peer 172.16.0.2 as-number 65002
# Configure RT-F.
RT-F(config)#router bgp 65002
RT-F(config-router)#neighbor 172.16.0.1 remote-as 65002
3
Check:- Disp bgp peer
Show bgp neighbor
Disp bgp routing-table
Show ip route bgp
There is no bgp routes in the routing table
Step 3 Configure EBGP.
# Configure RT-A.
RT-A(config)#router bgp 65001
RT-A(config-router)#neighbor 10.0.255.11 remote-as 65000
RT-A(config-router)#neighbor 10.0.255.11 update-source loopback0
RT-A(config-router)#neighbor 10.0.255.11 ebgp-multihop 3
RT-A(config)#ip route 10.0.0.0 255.0.0.0 10.0.1.1
RT-A(config-router)#neighbor 172.16.255.23 remote-as 65002
RT-A (config-router)#neighbor 172.16.255.23 update-source loopback0
RT-A(config-router)#neighbor 172.16.255.23 ebgp-multihop 3
RT-A(config)#ip route 172.16.0.0 255.255.0.0 192.168.0.2
# Configure RT-B.
RT-B(config)#router bgp 65000
RT-B(config-router)#neighbor 192.168.255.12 remote-as 65001
RT-B(config-router)#neighbor 192.168.255.12 update-source loopback0
RT-B(config-router)#neighbor 192.168.255.12 ebgp-multihop 3
RT-B(config)#ip route 192.168.0.0 255.255.0.0 10.0.1.2
# Configure RT-D.
[RT-D] bgp 65000
[RT-D-bgp] peer 172.16.255.33 as-number 65002
[RT-D-bgp] peer 172.16.255.33 connect-interface loopback0
[RT-D-bgp] peer 172.16.255.33 ebgp-max-hop 3
[RT-D] ip route-static 172.16.0.0 16 10.0.2.2
# Configure RT-E.
[RT-E] bgp 65002
[RT-E-bgp] peer 10.0.255.31 as-number 65000
[RT-E-bgp] peer 10.0.255.31 connect-interface loopback0
[RT-E-bgp] peer 10.0.255.31 ebgp-max-hop 3
[RT-E] ip route-static 10.0.0.0 8 10.0.2.1
4
# Configure RT-F.
RT-F(config)#router bgp 65002
RT-F(config-router)#neighbor 192.168.255.12 remote-as 65001
RT-F(config-router)#neighbor 192.168.255.12 update-source loopback0
RT-F(config-router)#neighbor 192.168.255.12 ebgp-multihop 3
RT-F(config)#ip route 192.168.0.0 255.255.0.0 192.168.0.1
# Display the connection status of the BGP peers.
[CX] display bgp peer
Cisco# show bgp neighbor
It should be established
Step 4 Configure RT-A to advertise 100.0.0.0/8.
Connect Switch to the gigaetherent interface
Switch(config-if)# switchport mode trunk
Switch(config-if)#switchport trunk allow vlan all
Switch(config-if)#no shut
Switch(config)# vlan 100
Switch(config)# interface vlan 100
Switch(config-if)#ip address 100.0.0.2 255.0.0.0
Switch(config-if)#no shut
Switch(config)#ip default-gateway 100.0.0.1
[Quidway]ip route-static 0.0.0.0 0 vlanif 100
RT-A(config-if)#switchport
RT-A(config-if)#switchport trunk encaspulation dot1q
RT-A(config-if)#switchport mode trunk
RT-A(config-if)#switchport trunk allow vlan all
RT-A(config-if)#no shut
RT-A(config)#vlan 100
RT-A(config)#interface vlan 100
RT-A(config-if)#ip address 100.0.0.1 255.0.0.0
RT-A(config-if)#no shut
RT-A(config)#router bgp 65001
RT-A(config-router)# address-family ipv4
RT-A(config-router-af)# network 100.0.0.0 mask 255.0.0.0
5
# Display the routing table of RT-B.
RT-B# show ip route bgp
B 100.0.0.0/8 [20/0] via 192.168.255.12
Check:
RT-B# ping 100.0.0.1
Reply from RT-A
# Display the routing table of RT-C.
[RT-C] display bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
i 100.0.0.0 192.168.255.12 0 100 0 65001i
Check:
[RT-C] ping 100.0.0.1
No Reply from RT-A
# Display the routing table of RT-D.
[RT-D] display bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
i 100.0.0.0 192.168.255.12 0 100 0 65001i
Check:
[RT-D] ping 100.0.0.1
No Reply from RT-A
# Display the routing table of RT-F.
RT-F# show ip route bgp
B 100.0.0.0/8 [20/0] via 192.168.255.12
Check:
RT-F# ping 100.0.0.1
Reply from RT-A
Note:- To Solve the above problem • In Step5 we will change the BGP route next hop and reach 100.x.x.x network
without using OSPF • AS specific routes should be available in the ip routing table. In step3 this is
manually added in ASBR, but it should be redistributed in the entire AS. We will do this by using OSPF in Step6
6
Step 5 Configure ASBR to change the next hop as self
# Configure RT-B for route updates from AS65001 to AS65000
RT-B(config-router)address-family ipv4
RT-B(config-router-af)neighbor 10.0.0.2 next-hop-self
RT-B(config-router-af)neighbor 10.0.0.9 next-hop-self
Check: On RT-C
[RT-C] disp bgp route
*>i 100.0.0.0 10.0.0.1 0 100 0 65001i
[RT-C] ping 100.0.0.1
Reply from RT-A
# Configure RT-D for route updates from AS65000 to AS65002
[RT-D-bgp]peer 172.16.255.33 next-hop-local
# Configure RT-F for route updates from AS65001 to AS65002
RT-F(config-router)address-family ipv4
RT-F(config-router-af)neighbor 172.16.0.1 next-hop-self
Check: On RT-E
[RT-E] disp bgp route
*>i 100.0.0.0 172.16.0.2 0 100 0 65001i
Note: Remove next-hop-self and next-hop-local commands before starting step6
7
Step 6 Configure OSPF on each network of ASs
# Configure AS65001
RT-A(config)# router ospf 200
RT-A(config-router)# network 192.168.255.12 0.0.0.0 area 0
RT-A(config-router)# network 192.168.0.0 0.0.255.255 area 0
RT-A(config-router)# network 100.0.0.0 0.0.0.255 area 0
RT-A(config-router)# redistributed connected
RT-A(config-router)# redistributed static
# Configure AS65000
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-B(config-router)# network 10.0.0.0 0.255.255.255 area 0
RT-B(config-router)# redistributed connected
RT-B(config-router)# redistributed static
[RT-D]ospf 100
[RT-D-ospf-100]area 0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-D-ospf-100]import-route direct
[RT-D-ospf-100]import-route static
[RT-C]ospf 100
[RT- C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.21 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-C-ospf-100]import-route direct
[RT-C-ospf-100]import-route static
8
# Configure AS65002
[RT-E]ospf 300
[RT-E-ospf-300]area 0
[RT-E-ospf-300-area-0.0.0.0]network 172.16.255.33 0.0.0.0
[RT-E-ospf-300-area-0.0.0.0]network 172.16.0.0 0.0.255.255
[RT-E-ospf-300]import-route direct
[RT-E-ospf-300]import-route static
RT-F(config)# router ospf 300
RT-F(config-router)# network 172.16.255.23 0.0.0.0 area 0
RT-F(config-router)# network 172.16.0.0 0.0.255.255 area 0
RT-F(config-router)# redistributed connected
RT-F(config-router)# redistributed static
Check: Ping any IP from any where
1
Lab2- Working with BGP & IGP
CX600- RT-C, RT-D
C7609-RT-A
2/0/21/0/22/4 1/0/4
RT-A RT-C
RT-D
AS 65001
Summary IP-192.168.0.0/16
RT-A
Lo- 192.168.255.12/32
2/4 -10.0.1.2/30
2/3 - Switchport
AS 65000
Summary IP-10.0.0.0/8
RT-C
Lo- 10.0.255.11/32
1/0/4 -10.0.1.1/30
1/0/2 -10.0.0.1/30
RT-D
Lo- 10.0.255.21/32
2/0/2 -10.0.0.2/30
2/3
Group1- RT-A
Group2- RT-C
Group3- RT-D
0/1
2
Configuration Roadmap The configuration roadmap is as follows:
1. Configure the OSPF protocol on RT-C and RT-D to realize the interconnection. 2. Configure the EBGP connection on RT-A and RT-C. 3. Enable BGP and OSPF to import routes from each other on RT-C, and check the routing information. 4. Configure BGP route aggregation on RT-C and simplify the BGP routing table.
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Interface loopback0 Ip address 192.168.255.12 255.255.255.255 Interface gigabitethernet 1/0/4 Ip address 10.0.1.1 255.255.255.252 No shut/undo shut Negotiation auto (on CX port, if it is connected to Cisco)
Step 2 Configure OSPF in AS 65000
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.11 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-D]ospf 100
[RT-D-ospf-100]area 0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.255.21 0.0.0.0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
Step 3 Configure EBGP.
# Configure RT-A.
RT-A(config)#router bgp 65001
RT-A(config-router)#neighbor 10.0.255.11 remote-as 65000
RT-A(config-router)#neighbor 10.0.255.11 update-source loopback0
RT-A(config-router)#neighbor 10.0.255.11 ebgp-multihop 3
RT-A(config)#ip route 10.0.255.11 255.255.255.255 10.0.1.1
3
# Configure RT-C.
[RT-C]bgp 65000
[RT-C-bgp] peer 192.168.255.12 as-number 65001
[RT-C-bgp] peer 192.168.255.12 connect-interface loopback0
[RT-C-bgp]peer 192.168.255.12 ebgp-max-hop 3
[RT-C]ip route-static 192.168.255.12 255.255.255.255 10.0.1.2
# Display the connection status of the BGP peers.
[CX] display bgp peer
Cisco# show bgp neighbor
It should be established
Step 4 Configure RT-A to advertise 100.0.0.0/8.
Connect Switch to the gigaetherent interface
Switch(config-if)# switchport mode trunk
Switch(config-if)#switchport trunk allow vlan all
Switch(config-if)#no shut
Switch(config)# vlan 100
Switch(config)# interface vlan 100
Switch(config-if)#ip address 100.0.0.2 255.0.0.0
Switch(config-if)#no shut
Switch(config)#ip default-gateway 100.0.0.1
[Quidway]ip route-static 0.0.0.0 0 vlanif 100
RT-A(config-if)#switchport
RT-A(config-if)#switchport trunk encaspulation dot1q
RT-A(config-if)#switchport mode trunk
RT-A(config-if)#switchport trunk allow vlan all
RT-A(config-if)#no shut
RT-A(config)#vlan 100
RT-A(config)#interface vlan 100
RT-A(config-if)#ip address 100.0.0.1 255.0.0.0
RT-A(config-if)#no shut
RT-A(config)#router bgp 65001
RT-A(config-router)# address-family ipv4
RT-A(config-router-af)# network 100.0.0.0 mask 255.0.0.0
4
# Display the routing table of RT-C.
[RT-C] display bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
*i> 100.0.0.0 192.168.255.12 0 100 0 65001i
[RT-C] display ip routing-table protocol ospf
You will see 4 routes
1 active route of 10.0.255.21/32
3 inactive route of directly connected networks
Step 5 Configure BGP on RT-C to import OSPF routes
[RT-C-bgp] ipv4-family unicast
[RT-C-bgp-af-ipv4] import-route ospf 100
# Display the routing table of RT-A
RT-A# show ip route bgp
You should see 2 OSPF routes of 10.x.x.x in BGP routing table
Step 6 Configure OSPF on RT-C to import BGP routes
[RT-C-ospf-100] import-route bgp
# Display the routing table of RT-D
[RT-D] display ip routing-table
You should see BGP route of 100.x.x.x in OSPF routing table
To check:
Ping 100.0.0.1 form RT-D
5
Step 7 Configure the automatic route aggregation.
# Configure RT-C
[RT-C] bgp 65000
[RT-C-bgp] ipv4-family unicast
[RT-C-bgp-af-ipv4] summary automatic
# Display the routing table of RT-A.
[RT-A] display bgp routing-table
You should see single route for all 10.x.x.x networks of AS 65000
1
Lab3- Configuring AS-Path Filter
EBGP connections are set up between RT-A, RT-C, and RT-D. Configure the AS-Path filter on RT-A. AS 65001 thus does not advertises routes of AS 65002 to AS 65000, or advertise routes of AS 65000 to AS 65002.
CX600- RT-C, RT-D
C7609-RT-A
RT-C
1/0/4
2/4 1/0/2
RT-A 2/0/2
RT-D
AS 65000
Summary IP-10.0.0.0/8
RT-C
Lo- 10.0.255.11/32
1/0/4 -10.0.1.1/24
1/0/2-10.0.2.1/24
AS 65001
Summary IP-192.168.0.0/16
RT-A
Lo- 192.168.255.12/32
2/4 -10.0.1.2/24
2/5 - 10.0.3.1/24
2/5
Group1- RT-A
Group2- RT-C
Group3- RT-D
2/0/6
AS 65002
Summary IP-172.16.0.0/16
RT-D
Lo- 172.16.255.13/32
2/0/2-10.0.2.2/24
2/0/6 -10.0.3.2/24
2
Configuration Roadmap The configuration roadmap is as follows:
1. Configure the EBGP connecting between RT-C and RT-A, RT-A and RT-D, RT-D and RT-C respectively, and import direct routes.
2. Configure the AS-Path on RT-A, and apply the filtering rule.
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Step 2 Configure EBGP.
# Configure RT-A
RT-A(config)#router bgp 65001
RT-A(config-router)#neighbor 10.0.255.11 remote-as 65000
RT-A(config-router)#neighbor 10.0.255.11 update-source loopback0
RT-A(config-router)#neighbor 10.0.255.11 ebgp-multihop 3
RT-A(config)#ip route 10.0.255.11 255.255.255.255 10.0.1.1
RT-A(config-router)#neighbor 172.16.255.13 remote-as 65002
RT-A(config-router)#neighbor 172.16.255.13 update-source loopback0
RT-A(config-router)#neighbor 172.16.255.13 ebgp-multihop 3
RT-A(config)#ip route 172.16.255.13 255.255.255.255 10.0.3.2
RT-A(config-router)#redistributed connected
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 192.168.255.12 as-number 65001
[RT-C-bgp] peer 192.168.255.12 connect-interface loopback0
[RT-C-bgp] peer 192.168.255.12 ebgp-max-hop 3
[RT-C]ip route-static 192.168.255.12 32 10.0.1.2
[RT-C-bgp] peer 172.16.255.13 as-number 65002
[RT-C-bgp] peer 172.16.255.13 connect-interface loopback0
[RT-C-bgp] peer 172.16.255.13 ebgp-max-hop 3
[RT-C]ip route-static 172.16.255.13 32 10.0.2.2
[RT-C-bgp] import-route direct
3
# Configure RT-D
[RT-D] bgp 65002
[RT-D-bgp] peer 192.168.255.12 as-number 65001
[RT-D-bgp] peer 192.168.255.12 connect-interface loopback0
[RT-D-bgp] peer 192.168.255.12 ebgp-max-hop 3
[RT-D]ip route-static 192.168.255.12 32 10.0.3.1
[RT-D-bgp] peer 10.0.255.11 as-number 65000
[RT-D-bgp] peer 10.0.255.11 connect-interface loopback0
[RT-D-bgp] peer 10.0.255.11 ebgp-max-hop 3
[RT-D]ip route-static 10.0.255.11 32 10.0.1.1
[RT-D-bgp] import-route direct
# Display the connection status of the BGP peers.
[CX] display bgp peer
Cisco# show bgp neighbor
It should be established
# Check the routing table advertised by RT-A to peer RT-C. You can find that RT-A advertises the routes for direct network between RT-C and RT-D.
RT-A#show bgp ipv4 unicast neighbors 10.0.255.11 advertised-routes
BGP table version is 13, local router ID is 192.168.255.12
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.1.0/24 0.0.0.0 0 32768 ?
*> 10.0.2.0/24 172.16.255.13 0 0 65002 ?
*> 10.0.3.0/24 0.0.0.0 0 32768 ?
r> 10.0.255.11/32 10.0.255.11 0 0 65000 ?
r> 172.16.255.13/32 172.16.255.13 0 0 65002 ?
*> 192.168.255.12/32
0.0.0.0 0 32768 ?
Total number of prefixes 6
Huawei command
<RT-A> display bgp routing-table peer 10.0.255.11 advertised-routes
4
Check the routing table of RT-C, and you can find that RT-C learns the two routes advertised by RT-A.
<RT-C> display bgp routing-table
Total Number of Routes: 13
BGP Local router ID is 10.0.255.11
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.0.1.0/24 0.0.0.0 0 0 ?
* 192.168.255.12 0 0 65001?
*> 10.0.1.1/32 0.0.0.0 0 0 ?
*> 10.0.2.0/24 0.0.0.0 0 0 ?
* 172.16.255.13 0 0 65002?
* 192.168.255.12 0 65001 65002?
*> 10.0.2.1/32 0.0.0.0 0 0 ?
*> 10.0.3.0/24 172.16.255.13 0 0 65002?
* 192.168.255.12 0 0 65001?
*> 10.0.255.11/32 0.0.0.0 0 0 ?
172.16.255.13/32 172.16.255.13 0 0 65002?
* 192.168.255.12 0 65001 65002?
192.168.255.12/32 192.168.255.12 0 0 65001?
Step 3 Configure the AS-Path filter on RT-A and apply the filter in the outgoing direction of RT-A
# Create AS-Path filter 1, refusing the passing of routes carrying AS 65002 (The regular expression _65002_ indicates any AS list that contains AS 65002 and * matches any character.)
RT-A(config)# ip as-path access-list 1 deny _65002_
RT-A(config)# ip as-path access-list 1 permit .*
# Create AS-Path filter 2, refusing the passing of routes carrying AS 65000.
RT-A(config)# ip as-path access-list 2 deny _65000_
RT-A(config)# ip as-path access-list 2 permit .*
# Apply the AS-Path filter in two outgoing directions of RT-A.
RT-A#router bgp 65001
RT-A(config-router)# neighbor 10.0.255.11 filter-list 1 out
RT-A(config-router)# neighbor 172.16.255.13 filter-list 2 out
Additional Info:- If RT-A is a CX600 router use following commands
# Create AS-Path filter 1, refusing the passing of routes carrying AS 65002.
[RT-A] ip as-path-filter 1 deny _65002_
5
[RT-A] ip as-path-filter 1 permit .*
# Create AS-Path filter 2, refusing the passing of routes carrying AS 65000.
[RT-A] ip as-path-filter 2 deny _65000_ [RT-A] ip as-path-filter 2 permit .*
# Apply the AS-Path filter in two outgoing directions of RT-A
[RT-A] bgp 20 [RT-A-bgp] peer 200.1.2.1 as-path-filter 1 export [RT-A-bgp] peer 200.1.3.2 as-path-filter 2 export
Step 4 Check the routing table advertised by RT-A, and it will not have advertised direct routes for networks between RT-C and RT-D.
RT-A#show bgp ipv4 unicast neighbor 10.0.255.11 advertised-routes
It will not have routes learned from AS65002.
BGP table version is 13, local router ID is 192.168.255.12
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 10.0.1.0/24 0.0.0.0 0 32768 ?
*> 10.0.3.0/24 0.0.0.0 0 32768 ?
*> 192.168.255.12/32
0.0.0.0 0 32768 ?
Total number of prefixes 3
Additional Info:- If RT-A is a CX600 router use following commands <RT-A> display bgp routing-table peer 172.16.255.13 advertised-routes
Similarly, the BGP routing table of RT-C does not have the two routes.
<RT-C> display bgp routing-table
This will not have routes coming from AS65002 via AS65001
Total Number of Routes: 11
BGP Local router ID is 10.0.255.11
Status codes: * - valid, > - best, d - damped,
6
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 10.0.1.0/24 0.0.0.0 0 0 ?
* 192.168.255.12 0 0 65001?
*> 10.0.1.1/32 0.0.0.0 0 0 ?
*> 10.0.2.0/24 0.0.0.0 0 0 ?
* 172.16.255.13 0 0 65002?
*> 10.0.2.1/32 0.0.0.0 0 0 ?
*> 10.0.3.0/24 172.16.255.13 0 0 65002?
* 192.168.255.12 0 0 65001?
*> 10.0.255.11/32 0.0.0.0 0 0 ?
172.16.255.13/32 172.16.255.13 0 0 65002?
192.168.255.12/32 192.168.255.12 0 0 65001?
Step 5 # Similarly Check the routing table advertised by RT-A to RT-D
It will not have routes learned from AS65000 via AS65001
7
Additional Info:
Metacharacter-Cisco
Metacharacter-Huawei
Connotation
\ Indicates escape character.
. . Matches any single character including the space except for \n.
* * Indicates that characters on the left of it appear for 0 or many times continuously in the target object
+ + Indicates that characters on the left of it appear for 1 or many times continuously in the target object.
| | The 'or' relationship exists between characters on the left and right sides of it.
^ ^ Characters on the right of it must appear at the beginning of the target object.
$ $ Characters on the left of it must appear at the end of the target object.
[ ] [xyz] Matches the character listed in the square character.
[^ ] [^xyz] Matches any character that is not listed in the square bracket (^ is on the left of the character).
- [a-z] Matches any character within the specified range.
[^a-z] Matches any character that is not within the specified range.
{n} The matches appear for n times (n is a non-negative integer).
{n,} The matches appear for at least n times (n is a non-negative integer).
{n,m} The matches appear for n–m times (m and n are non-negative integer and n is smaller than or equal to m). Note that there is no space between n and m.
? Zero or one instance of the character or pattern
1
Lab4- BGP Community Attribute
Networking Requirements RT-A creates EBGP connections with RT-C and RT-D respectively. You can configure the No_Export community attribute on RT-C. Thus, the routes advertised from AS65000 to AS65001 are not advertised to other ASs.
CX600- RT-C, RT-D
C7609-RT-A
CX200D- SW-C
RT-C
1/0/4
2/4
RT-A
RT-D
AS 65000
Summary IP-10.0.0.0/8
RT-C
Lo- 10.0.255.11/32
1/0/4 -10.0.1.1/24
1/0/6 - Switchport
AS 65001
Summary IP-192.168.0.0/16
RT-A
Lo- 192.168.255.12/32
2/4 -10.0.1.2/24
2/5 - 10.0.3.1/24
2/5
Group1- RT-A
Group2- RT-C , SW-C
Group3- RT-D
2/0/6
AS 65002
Summary IP-172.16.0.0/16
RT-D
Lo- 172.16.255.13/32
2/0/6 -10.0.3.2/24
1/0/6
Ge0/0/1
SW-C
2
Configuration Roadmap The configuration roadmap is as follows:
1. Configure the EBGP connection between RT-C and RT-A, as well as between RT-A and RT-D.
2. Configure the routing policy on RT-C, and advertise No_Export community attribute.
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Step 2 Configure the EBGP.
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 192.168.255.12 as-number 65001
[RT-C-bgp] peer 192.168.255.12 connect-interface loopback0
[RT-C-bgp] peer 192.168.255.12 ebgp-max-hop 3
[RT-C]ip route-static 192.168.255.12 32 10.0.1.2
[RT-C-bgp] ] ipv4-family unicast
[RT-C-bgp-af-ipv4] network 100.0.0.0 255.0.0.0
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-C-GigabitEthernet1/0/6]undo shut
[RT-C]vlan 100
[RT-C]interface Vlanif 100
[RT-C-Vlan127]ip address 100.0.0.1 255.0.0.0
3
Connect Switch to the gigaetherent interface
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]bpdu enable
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 100
[SW-C ]interface vlan 100
[SW-C-vlanif100]ip address 100.0.0.2 255.0.0.0
[SW-C-vlanif100]undo shut
[SW-C]ip route-static 0.0.0.0 0 vlanif 100
# Configure RT-A
RT-A(config)#router bgp 65001
RT-A(config-router)#neighbor 10.0.255.11 remote-as 65000
RT-A(config-router)#neighbor 10.0.255.11 update-source loopback0
RT-A(config-router)#neighbor 10.0.255.11 ebgp-multihop 3
RT-A(config)#ip route 10.0.255.11 255.255.255.255 10.0.1.1
RT-A(config-router)#neighbor 172.16.255.13 remote-as 65002
RT-A(config-router)#neighbor 172.16.255.13 update-source loopback0
RT-A(config-router)#neighbor 172.16.255.13 ebgp-multihop 3
RT-A(config)#ip route 172.16.255.13 255.255.255.255 10.0.3.2
# Configure RT-D
[RT-D] bgp 65002
[RT-D-bgp] peer 192.168.255.12 as-number 65001
[RT-D-bgp] peer 192.168.255.12 connect-interface loopback0
[RT-D-bgp] peer 192.168.255.12 ebgp-max-hop 3
[RT-D]ip route-static 192.168.255.12 32 10.0.3.1
4
# Display the routing table of RT-A.
RT-A# show ip bgp 100.0.0.0
BGP routing table entry for 100.0.0.0/8, version 34
Paths: (1 available, best #1, table default)
Advertised to update-groups: 1
65000
10.0.255.11 from 10.0.255.11 (10.0.255.11)
Origin IGP, metric 0, localpref 100, valid, external, best
You can see that RT-A advertises the routes received from RT-C to RT-D in AS65002.
# Display the routing table of RT-D
[RT-D] display bgp routing-table
Total Number of Routes: 1
BGP Local router ID is 172.16.255.13
Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
Network NextHop MED LocPrf PrefVal Path/Ogn
*> 100.0.0.0 192.168.255.12 0 65001
65000i
From the routing table, you can confirm that RT-D has learned a route to the destination 100.0.0.0/8 from RT-A
Step 3 Configure BGP community attributes.
# Configure the routing policy on RT-C to enable RT-C to advertise routes to RT-A. As the result RT-A does not advertise the routes advertised by RT-C to any other AS.
[RT-C] route-policy RT-A permit node 10
Info: New Sequence of this List !!
[RT-C-route-policy] apply community no-export
# Apply routing policies.
[RT-C] bgp 65000
[RT-C-bgp] ipv4-family unicast
[RT-C-bgp-af-ipv4] peer 192.168.255.12 route-policy RT-A export
[RT-C-bgp-af-ipv4] peer 192.168.255.12 advertise-community
5
Additional Info: It RT-C is a Cisco router than use following commands
access-list 1 permit 100.0.0.0
Route-map RT-C permit 10
Match ip address 1
Set community no-export
Route-map RT-C permit 20
# Apply routing policies.
RT-C(config-router)#neighbor 192.168.255.12 send-community
RT-C(config-router)#neighbor 192.168.255.12 route-map RT-C out
# Display the routing table of RT-A.
RT-A# show ip bgp 100.0.0.0
BGP routing table entry for 100.0.0.0/8, version 40
Paths: (1 available, best #1, table default, not advertised to EBGP peer)
Flag: 0x880
Not advertised to any peer
65000
10.0.255.11 from 10.0.255.11 (10.0.255.11)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: no-export
You can see the configured community attribute in the routing table of RT-A. At this time, there are no routes to the destination 100.0.0.0/8 in the routing table of RT-D
1
Lab5- BGP Load Balancing and the MED Attribute
CX600- RT-C, RT-D
C7609-RT-A
1/0/2
2/0/2
2/4
1/0/4
RT-A
RT-C
RT-D
AS 65001
Summary IP-192.168.0.0/16
RT-A
Lo- 192.168.255.12/32
2/4 -192.168.1.1/30
2/5 - 192.168.2.1/30
AS 65000
Summary IP-10.0.0.0/8
RT-C
Lo- 10.0.255.11/32
1/0/4 -192.168.1.2/30
1/0/2 -20.0.0.1/24
RT-D
Lo- 10.0.255.21/32
2/0/2 -20.0.0.2/24
2/0/6 -192.168.2.2/30
2/5
Group1- RT-A
Group2- RT-C
Group3- RT-D
2/0/6
2
Configuration Roadmap The configuration roadmap is as follows:
1. Configure the EBGP connections between RT-A and RT-C, as well as between RT-A and RT-D.
2. Configure the IBGP connections between RT-C and RT-D 3. Configure the load balancing on RT-A and MED value RT-C, and check the routing
information.
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Step 2 Configure BGP.
# Configure RT-A.
RT-A(config)#router bgp 65001
RT-A(config-router)#neighbor 10.0.255.11 remote-as 65000
RT-A(config-router)#neighbor 10.0.255.11 update-source loopback0
RT-A(config-router)#neighbor 10.0.255.11 ebgp-multihop 3
RT-A(config)#ip route 10.0.255.11 255.255.255.255 192.168.1.2
RT-A(config-router)#neighbor 10.0.255.21 remote-as 65000
RT-A(config-router)#neighbor 10.0.255.21 update-source loopback0
RT-A(config-router)#neighbor 10.0.255.21 ebgp-multihop 3
RT-A(config)#ip route 10.0.255.21 255.255.255.255 192.168.2.2
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 192.168.255.12 as-number 65001
[RT-C-bgp] peer 192.168.255.12 connect-interface loopback0
[RT-C-bgp] peer 192.168.255.12 ebgp-max-hop 3
[RT-C]ip route-static 192.168.255.12 32 192.168.1.1
[RT-C-bgp] peer 20.0.0.2 as-number 65000
[RT-C-bgp] ipv4-family unicast
[RT-C-bgp-af-ipv4] network 20.0.0.0 255.255.255.0
# Configure RT-D.
[RT-D] bgp 65000
[RT-D-bgp] peer 192.168.255.12 as-number 65001
[RT-D-bgp] peer 192.168.255.12 connect-interface loopback0
3
[RT-D-bgp] peer 192.168.255.12 ebgp-max-hop 3
[RT-D]ip route-static 192.168.255.12 32 192.168.2.1
[RT-D-bgp] peer 20.0.0.1 as-number 65000
[RT-D-bgp] ipv4-family unicast
[RT-D-bgp-af-ipv4] network 20.0.0.0 255.255.255.0
# Display the connection status of the BGP peers.
[CX] display bgp peer
Cisco# show bgp neighbor
It should be established
# Display the routing table of RT-A.
RT-A# show ip route bgp
Gateway of last resort is not set
20.0.0.0/30 is subnetted, 1 subnets
B 20.0.0.0 [20/0] via 10.0.255.11, 00:04:00
RT-A#sh ip bgp 20.0.0.0 255.255.255.0 subnets
BGP table version is 45, local router ID is 192.168.255.12
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* 20.0.0.0/24 10.0.255.21 0 0 65000 i
*> 10.0.255.11 0 0 65000 i
As displayed in the routing table, there are two valid routes to the destination 20.0.0.0/24. The route whose next hop is 10.0.255.11 is the optimum route. This is because the Router ID of RT-C is smaller.
4
Step 3 Configure load balancing.
# Configure RT-A
RT-A(config)#router bgp 65001
RT-A(config-router)#address-family ipv4
RT-A(config-router-af)#maximum-paths 2
Additional info: Huawei commands
[CX-A] bgp 65001
[CX-A-bgp] ipv4-family unicast
[CX-A-bgp-af-ipv4] maximum load-balancing 2
# Display the routing table of RT-A
RT-A# show ip route bgp
Gateway of last resort is not set
20.0.0.0/24 is subnetted, 1 subnets
B 20.0.0.0 [20/0] via 10.0.255.21, 00:00:17
[20/0] via 10.0.255.11, 00:00:17
As displayed in the routing table, BGP route 20.0.0.0/24 has two next hops. They are 10.0.255.11 and 10.0.255.21. Both of them are optimum routes.
5
Step 4 Configure MED attributes.
# Set the default value of MED sent by RT-C to RT-A by using the policy.
[RT-C] route-policy 10 permit node 10
[RT-C -route-policy] apply cost 100
[RT-C] bgp 65000
[RT-C -bgp] peer 192.168.255.12 route-policy 10 export
# Display the routing table of RT-A
RT-A# show ip route bgp
RT-A#sh ip bgp 20.0.0.0 255.255.255.0 subnets
BGP table version is 49, local router ID is 192.168.255.12
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 20.0.0.0/24 10.0.255.21 0 0 65000 i
* 10.0.255.11 100 0 65000 i
As displayed in the routing table, the MED of the next hop 10.0.255.11 (RT-C) is 100, and that of the next hop 10.0.255.21 is 0. Therefore, the route with the smaller MED is selected.
1
Lab6- Basic MPLS Configuration
CX600- RT-C, RT-D
C7609-RT-A, RT-B
C3400 – SW-A
CX200D – SW-C
RT-C
2/0/2
1/0/2
RT-A 2/0/42/2
1/3RT-B
1/1
RT-D2/3
Ge0/1
1/0/6
Ge 0/0/1
SW-A
SW-C
Group1- RT-A, SW-A
Group2- RT-B, RT-D
Group3- RT-C, SW-C
Summary IP-10.0.0.0/8
RT-A
Lo- 10.0.255.11/32
2/2 -10.0.1.1/30
2/3 –switchport (100.0.1.0/24)
RT-B
Lo- 10.0.255.21/32
1/1 -10.0.1.2/30
1/3 -10.0.2.1/30
RT-C
Lo- 10.0.255.31/32
1/0/2 -10.0.3.2/30
1/0/6 –switchport (100.0.2.0/24)
RT-D
Lo- 10.0.255.41/32
2/0/4 -10.0.2.2/30
2/0/2 -10.0.3.1/30
2
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Interface loopback0 Ip address 10.0.255.11 255.255.255.255 Interface gigabitethernet 1/0/4 Ip address 10.0.1.1 255.255.255.252 No shut/undo shut Negotiation auto (on CX port, if it is connected to Cisco)
Step 2 Configure OSPF
RT-A(config)# router ospf 100
RT-A(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-A(config-router)# network 10.0.0.0 0.255.255.255 area 0
RT-A(config-router)# network 100.0.1.0 0.0.0.255 area 0
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.21 0.0.0.0 area 0
RT-B(config-router)# network 10.0.0.0 0.255.255.255 area 0
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-C-ospf-100-area-0.0.0.0]network 100.0.2.0 0.0.0.255
[RT-D]ospf 100
[RT-D-ospf-100]area 0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.255.41 0.0.0.0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
3
Step 3 Configure SW-A & RT-A for 100.0.1.0/24.
Switch(config-if)# switchport mode trunk
Switch(config-if)#switchport trunk allow vlan all
Switch(config-if)#no shut
Switch(config)# vlan 100
Switch(config)# interface vlan 100
Switch(config-if)#ip address 100.0.1.2 255.255.255.0
Switch(config-if)#no shut
Switch(config)#ip default-gateway 100.0.1.1
RT-A(config-if)#switchport
RT-A(config-if)#switchport trunk encaspulation dot1q
RT-A(config-if)#switchport mode trunk
RT-A(config-if)#switchport trunk allow vlan all
RT-A(config-if)#no shut
RT-A(config)#vlan 100
RT-A(config)#interface vlan 100
RT-A(config-if)#ip address 100.0.1.1 255.255.255.0
RT-A(config-if)#no shut
Step 4 Configure SW-C & RT-C for 100.0.2.0/24.
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]bpdu enable
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 100
[SW-C ]interface vlan 100
[SW-C-vlanif100]ip address 100.0.2.2 255.255.255.0
[SW-C-vlanif100]undo shut
[SW-C]ip route-static 0.0.0.0 0 vlanif 100
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-C-GigabitEthernet1/0/6]undo shut
[RT-C]vlan 100
[RT-C]interface Vlanif 100
[RT-C-Vlan127]ip address 100.0.2.1 255.255.255.0
4
Step 5 Configure MPLS
Configure RTA:
RT-A(config)#mpls ip
RT-A(config)#mpls ldp router-id Loopback0 force
RT-A(config-if)#mpls ip
RT-A(config-if)#mpls lable protocol ldp
Configure RTB:
RT-B(config)#mpls ip
RT-B(config)#mpls ldp router-id Loopback0 force
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls lable protocol ldp
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls lable protocol ldp
Configure RTC:
[RT-C]mpls lsr-id 10.0.255.31
[RT-C]mpls [RT-C-mpls]lsp-trigger all [RT-C]mpls ldp [RT-C-gigabitethernet1/0/2]mpls [RT-C-gigabitethernet1/0/2]mpls ldp
Configure RTD: [RT-D]mpls lsr-id 10.0.255.41
[RT-D]mpls [RT-D-mpls]lsp-trigger all [RT-D]mpls ldp [RT-D-gigabitethernet2/0/2]mpls [RT-D-gigabitethernet2/0/2]mpls ldp [RT-D-gigabitethernet2/0/4]mpls [RT-D-gigabitethernet2/0/4]mpls ldp
5
Check:
1) View the interface on which the LDP runs:
RT-B>show mpls interfaces
Interface IP Tunnel BGP Static Operational
GigabitEthernet1/1 Yes (ldp) No No No Yes
GigabitEthernet1/3 Yes (ldp) No No No Yes
[RT-D]display mpls ldp interface
LDP Interface Information in Public Network
------------------------------------------------------------------------------
IF-Name Status LAM Transport-Address Hello-Sent/Rcv
------------------------------------------------------------------------------
GE2/0/2 Active DU 10.0.255.41 316/314
GE2/0/4 Active DU 10.0.255.41 312/354
------------------------------------------------------------------------------
LAM: Label Advertisement Mode IF-Name: Interface name
2) View the established LDP Session:
RT-B>show mpls ldp neighbor
Peer LDP Ident: 10.0.255.11:0; Local LDP Ident 10.0.255.21:0
TCP connection: 10.0.255.11.646 - 10.0.255.21.11000
State: Oper; Msgs sent/rcvd: 84/82; Downstream
Up time: 01:02:42
LDP discovery sources:
GigabitEthernet1/1, Src IP addr: 10.0.1.1
Addresses bound to peer LDP Ident:
100.0.1.1 10.0.255.11 10.0.1.1
Peer LDP Ident: 10.0.255.41:0; Local LDP Ident 10.0.255.21:0
TCP connection: 10.0.255.41.52580 - 10.0.255.21.646
State: Oper; Msgs sent/rcvd: 153/129; Downstream
Up time: 00:30:44
LDP discovery sources:
GigabitEthernet1/3, Src IP addr: 10.0.2.2
Addresses bound to peer LDP Ident:
10.0.3.1 10.0.2.2 10.0.255.41
6
[RT-D]display mpls ldp peer
LDP Peer Information in Public network
------------------------------------------------------------------------------
Peer-ID Transport-Address Discovery-Source
------------------------------------------------------------------------------
10.0.255.31:0 10.0.255.31 GigabitEthernet2/0/2
10.0.255.21:0 10.0.255.21 GigabitEthernet2/0/4
------------------------------------------------------------------------------
TOTAL: 2 Peer(s) Found.
3) Take FEC:100.0.2.0/24 for example to view the label switching in the whole forwarding process:
View the MPLS LSP of RT-A:
RT-A#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 10.0.255.21/32 0 Gi2/2 10.0.1.2
17 Pop Label 10.0.2.0/30 0 Gi2/2 10.0.1.2
18 18 10.0.3.0/30 0 Gi2/2 10.0.1.2
19 19 10.0.255.41/32 0 Gi2/2 10.0.1.2
20 20 10.0.255.31/32 0 Gi2/2 10.0.1.2
21 21 100.0.2.0/24 0 Gi2/2 10.0.1.2
On RT-A, the outbound label to 100.0.2.0/24 is 21. View the MPLS LSP of RT-B:
7
RT-B#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 10.0.255.11/32 0 Gi1/1 10.0.1.1
17 Pop Label 100.0.1.0/24 0 Gi1/1 10.0.1.1
18 Pop Label 10.0.3.0/30 0 Gi1/3 10.0.2.2
19 Pop Label 10.0.255.41/32 0 Gi1/3 10.0.2.2
20 1029 10.0.255.31/32 0 Gi1/3 10.0.2.2
21 1028 100.0.2.0/24 0 Gi1/3 10.0.2.2
On RT-B, inbound labels being 21 are switched to 1028. On RT-D, view the MPLS LSP:
[RT-D]display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
10.0.2.0/30 3/NULL -/-
10.0.255.41/32 3/NULL -/-
100.0.2.0/24 NULL/3 -/GE2/0/2
10.0.255.31/32 NULL/3 -/GE2/0/2
10.0.255.31/32 1029/3 -/GE2/0/2
100.0.2.0/24 1028/3 -/GE2/0/2
10.0.1.0/30 1024/3 -/GE2/0/4
10.0.1.0/30 NULL/3 -/GE2/0/4
10.0.255.11/32 1026/16 -/GE2/0/4
10.0.255.11/32 NULL/16 -/GE2/0/4
10.0.255.21/32 1027/3 -/GE2/0/4
10.0.255.21/32 NULL/3 -/GE2/0/4
100.0.1.0/24 1025/17 -/GE2/0/4
100.0.1.0/24 NULL/17 -/GE2/0/4
8
10.0.3.0/30 3/NULL -/-
Outbound label of the packet with inbound label 1028 is 3. It indicates that RT-D is the penultimate hop and thus needs to pop off the label and send the IP data packet to the last hop, RT-C, directly.
[RT-C]display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
10.0.2.0/30 NULL/3 -/GE1/0/2
10.0.255.41/32 NULL/3 -/GE1/0/2
10.0.1.0/30 NULL/1024 -/GE1/0/2
100.0.1.0/24 NULL/1025 -/GE1/0/2
10.0.255.11/32 NULL/1026 -/GE1/0/2
10.0.255.21/32 NULL/1027 -/GE1/0/2
100.0.2.0/24 3/NULL -/-
10.0.255.31/32 3/NULL -/-
Labels allocated by RT-C to RT-D are specially 3, which indicates that RT-C is the last hop. The MPLS LSP forwarding process for other FECs is similar.
1
Lab7 - L3 VPN (Switchport is assigned to customer)
CX600- RT-C, RT-D
C7609-RT-A, RT-B
C3400 – SW-A
CX200D – SW-C
RT-C
2/0/2
1/0/2
RT-A 2/0/42/2
1/3RT-B
1/1
RT-D2/3
Ge0/1
1/0/6
Ge 0/0/1
SW-A
SW-C
Group1- RT-B, RT-D
Group2- RT-A, SW-A
Group3- RT-C, SW-C
As65000
Summary IP-10.0.0.0/8
RT-A
Lo- 10.0.255.11/32
2/2 -10.0.1.1/30
2/3 –switchport (100.0.1.0/24)
RT-B
Lo- 10.0.255.21/32
1/1 -10.0.1.2/30
1/3 -10.0.2.1/30
RT-C
Lo- 10.0.255.31/32
1/0/2 -10.0.3.2/30
1/0/6 –switchport (100.0.2.0/24)
RT-D
Lo- 10.0.255.41/32
2/0/4 -10.0.2.2/30
2/0/2 -10.0.3.1/30
Ge0/9
PC-A
PC-C
Ge 0/0/9
2
Configuration Roadmap The configuration roadmap is as follows:
1. Configure OSPF between PEs to implement interworking. 2. Configure the basic MPLS functions and MPLS LDP 3. Configure the VPN instance on the PE connected with the CE in the backbone
network, bind the PE interface connected with the CE to the corresponding VPN instance, and then reconfigure the IP address for the PE interface connected with the CE.
4. Configure MP IBGP to exchange the VPN routing information between the PEs. 5. Configure CEs and PEs to exchange VPN routes by using direct connection, static
routes, OSPF, or EBGP.
RD= PE loopback IP: 1
RT=100:1 (every site can talk to any other site)
1. Configure IP address 2. Enable OSPF 3. Enable MPLS 4. Enable LDP 5. Create VRF + RD + RT 6. Bind interface to VRF 7. iBGP between PE 8. Redistribute static into BGP
3
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Interface loopback0 Ip address 10.0.255.11 255.255.255.255 Interface gigabitethernet 1/0/4 Ip address 10.0.1.1 255.255.255.252 No shut/undo shut Negotiation auto (on CX port, if it is connected to Cisco)
Step 2 Configure OSPF in MPLS Backbone
RT-A(config)# router ospf 100
RT-A(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-A(config-router)# network 10.0.0.0 0.255.255.255 area 0
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.21 0.0.0.0 area 0
RT-B(config-router)# network 10.0.0.0 0.255.255.255 area 0
[RT-D]ospf 100
[RT-D-ospf-100]area 0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.255.41 0.0.0.0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
4
After the configuration, the OSPF neighbor relationship should be established between RT-A, RT-B, RT-D and RT-C. After running the show ip ospf neighbor & display ospf peer command, you can find that the OSPF neighbor relationship is in Full state. Run the show ip routing-table & display ip routing-table command on the PE (RT-A, RT-C), and you can view the Loopback0 routes imported from the peer.
RT-A# show ip ospf neighbor
[RT-C] display ospf peer
RT-A# show ip routing-table
[RT-C] display ip routing-table
Step 3 Configure basic MPLS functions and MPLS LDP on the MPLS backbone network to setup LDP LSP.
Configure RTA:
RT-A(config)#mpls ip
RT-A(config)#mpls ldp router-id Loopback0 force
RT-A(config-if)#mpls ip
RT-A(config-if)#mpls label protocol ldp
Configure RTB:
RT-B(config)#mpls ip
RT-B(config)#mpls ldp router-id Loopback0 force
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
Configure RTD: [RT-D]mpls lsr-id 10.0.255.41
[RT-D]mpls [RT-D-mpls]lsp-trigger all [RT-D]mpls ldp [RT-D-gigabitethernet2/0/2]mpls [RT-D-gigabitethernet2/0/2]mpls ldp [RT-D-gigabitethernet2/0/4]mpls [RT-D-gigabitethernet2/0/4]mpls ldp
5
Configure RTC:
[RT-C]mpls lsr-id 10.0.255.31
[RT-C]mpls [RT-C-mpls]lsp-trigger all [RT-C]mpls ldp [RT-C-gigabitethernet1/0/2]mpls [RT-C-gigabitethernet1/0/2]mpls ldp
After the configuration, LDP sessions are set up between RT-A, RT-B, RT-D and RT-C. After running following commands on the devices, you can find the status of the session is "Operational" in the display result. Run the display mpls ldp lsp command, and view the state of the LDP LSP.
RT-A>show mpls ldp neighbor
[RT-C] display mpls ldp session
[RT-C]display mpls ldp peer
RT-A#show mpls forwarding-table
[RT-C] display mpls ldp lsp
[RT-C]display mpls lsp
Step 4 Configure SW-A & RT-A for 100.0.1.0/24.
RT-A(config-if)#switchport
RT-A(config-if)#switchport trunk encaspulation dot1q
RT-A(config-if)#switchport mode trunk
RT-A(config-if)#switchport trunk allowed vlan all
RT-A(config-if)#no shut
RT-A(config)#vlan 100
SW-A(config-if)# switchport mode trunk
SW-A(config-if)#switchport trunk allow vlan all
SW-A(config-if)#no shut
SW-A(config)# vlan 100
SW-A(config)# interface fastEthernet 0/9
SW-A(config-if)#switchport access vlan 100
SW-A(config-if)#port-type nni
SW-A(config-if)#no shut
6
PC-A:- On the second interface card give following IP
IP- 100.0.1.2
Mask-255.255.255.0
Gateway-100.0.1.1
On Command prompt add folowing route
Route add 100.0.2.0 mask 255.255.255.0 100.0.1.1 metric 1
Step 5 Configure SW-C & RT-C for 100.0.2.0/24.
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-C-GigabitEthernet1/0/6]undo shut
[RT-C]vlan 100
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]bpdu enable
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 100
[SW-C ]interface Ethernet 0/0/9
[SW-C-ethernet0/0/9]port link-type access
[SW-C-ethernet0/0/9]port default vlan 100
[SW-C-ethernet0/0/9]undo shut
PC-C:- On the second interface card give following IP
IP- 100.0.2.2
Mask-255.255.255.0
Gateway-100.0.2.1
On Command prompt add folowing route
Route add 100.0.1.0 mask 255.255.255.0 100.0.2.1 metric 1
Step 6 Configure VPN instances on PEs (RT-A & RT-C) and bind the instance to the interfaces of CEs.
# Configure RT-A (PE1).
RT-A(config)# ip vrf vpna
RT-A(config-vrf)# rd 100: 1
RT-A(config-vrf)# route-target export 111:1
RT-A(config-vrf)# route-target import 111:1
RT-A(config)# interface vlan 100
RT-A(config-if)# ip vrf forwarding vpna
RT-A(config-if)# ip address 100.0.1.1 255.255.255.0
RT-A(config-if)#no shut
7
# Configure RT-C (PE2).
[RT-C] ip vpn-instance vpna
[RT-C-vpn-instance-vpna] route-distinguisher 200:1
[Rt-C-vpn-instance-vpna] vpn-target 111:1 both
[RT-C] interface vlanif 100
[RT-C-vlanif100] ip binding vpn-instance vpna
[RT-C-vlanif100]ip address 100.0.2.1 24
[RT-C-vlanif100]undo shut
After the configuration, view the configuration of VPN instances by running following commands on the PEs. The PE can ping through its own CE.
RT-A# show ip vrf
RT-A#show ip route vrf vpna
[RT-C] display ip vpn-instance
[RT-C] display ip vpn-instance verbose
[RT-C] display ip routing-table vpn-instance vpna
RT-A# ping vrf vpna 100.0.1.1
RT-A# ping vrf vpna 100.0.1.2
[RT-C] ping -vpn-instance vpna 100.0.2.1
[RT-C] ping -vpn-instance vpna 100.0.2.2
Step 7 Establish MP-IBGP peering between the PEs (RT-A & RT-C).
# Configure RT-A.
RT-A(config)#router bgp 65000
RT-A(config-router)# neighbor 10.0.255.31 remote-as 65000
RT-A(config-router)# neighbor 10.0.255.31 update-source loopback0
RT-A(config-router)# address-family vpnv4
RT-A(config-router-af)# neighbor 10.0.255.31 activate
RT-A(config-router)# address-family ipv4 vrf vpna
RT-A(config-router-af)# redistributed connected
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 10.0.255.11 as-number 65000
[RT-C-bgp] peer 10.0.255.11 connect-interface loopback 0
[RT-C-bgp] ipv4-family vpnv4
[RT-C-bgp-af-vpnv4] peer 10.0.255.11 enable
8
[RT-C-bgp] ipv4-family vpn-instance vpna
[RT-C-bgp-vpna] import-route direct
After the configuration, you can find that the BGP peer relationship has been set up between PE1 and PE2 by running the following commands
RT-A#sh bgp neig
BGP neighbor is 10.0.255.31, remote AS 65000, internal link
BGP version 4, remote router ID 10.0.255.31
BGP state = Established, up for 00:27:17
Last read 00:00:47, last write 00:00:32, hold time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
Neighbor capabilities:
Route refresh: advertised and received(new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 2 1
Keepalives: 28 32
Route Refresh: 0 0
Total: 31 34
Default minimum time between advertisement runs is 0 seconds
9
RT-A#show bgp vpnv4 unicast vrf vpna
BGP table version is 5, local router ID is 10.0.255.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf vpna)
*> 100.0.1.0/24 0.0.0.0 0 32768 ?
*>i100.0.2.0/24 10.0.255.31 0 100 0 ?
[RT-C]display bgp peer
BGP local router ID : 10.0.255.31
Local AS number : 65000
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
10.0.255.11 4 65000 42 52 0 00:15:53 Established 0
[RT-C]display bgp vpnv4 all peer
BGP local router ID : 10.0.255.31
Local AS number : 65000
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
10.0.255.11 4 65000 42 53 0 00:16:20 Established 1
10
Check:
Find the route to peer CEs(PC-A & PC-C).
RT-A# show ip route vrf vpna
Routing Table: vpna
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is not set
100.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 100.0.1.0/24 is directly connected, Vlan100
L 100.0.1.1/32 is directly connected, Vlan100
B 100.0.2.0/24 [200/0] via 10.0.255.31, 00:32:38
[RT-C]display ip routing-table vpn-instance vpna
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: vpna
Destinations : 7 Routes : 7
Destination/Mask Proto Pre Cost Flags NextHop Interface
11
100.0.1.0/24 BGP 255 0 RD 10.0.255.11 GigabitEthernet1/0/2
100.0.2.0/24 Direct 0 0 D 100.0.2.1 Vlanif100
100.0.2.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
100.0.2.2/32 Direct 0 0 D 100.0.2.2 Vlanif100
100.0.2.3/32 Direct 0 0 D 100.0.2.3 Vlanif100
100.0.2.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
The CEs (PC-A & PC-C) in the same VPN can ping through each other
PC-A> ping 100.0.2.2
PC-C> ping 100.0.1.2
You can also ping from PEs VRF
RT-A#ping vrf vpna 100.0.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.0.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
RT-A#ping vrf vpna 100.0.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.0.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
[RT-C]ping -vpn-instance vpna 100.0.1.1
12
PING 100.0.1.1: 56 data bytes, press CTRL_C to break
Reply from 100.0.1.1: bytes=56 Sequence=1 ttl=253 time=1 ms
Reply from 100.0.1.1: bytes=56 Sequence=2 ttl=253 time=1 ms
Reply from 100.0.1.1: bytes=56 Sequence=3 ttl=253 time=1 ms
Reply from 100.0.1.1: bytes=56 Sequence=4 ttl=253 time=1 ms
Reply from 100.0.1.1: bytes=56 Sequence=5 ttl=253 time=1 ms
--- 100.0.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/1 ms
[RT-C]ping -vpn-instance vpna 100.0.1.2
PING 100.0.1.2: 56 data bytes, press CTRL_C to break
Reply from 100.0.1.2: bytes=56 Sequence=1 ttl=125 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=2 ttl=125 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=3 ttl=125 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=4 ttl=125 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=5 ttl=125 time=1 ms
--- 100.0.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/1 ms
13
1) View the interface on which the LDP runs:
RT-A#show mpls interfaces
Interface IP Tunnel BGP Static Operational
GigabitEthernet2/2 Yes (ldp) No No No Yes
[RT-C]display mpls ldp interface
LDP Interface Information in Public Network
------------------------------------------------------------------------------
IF-Name Status LAM Transport-Address Hello-Sent/Rcv
------------------------------------------------------------------------------
GE1/0/2 Active DU 10.0.255.31 16551/16529
------------------------------------------------------------------------------
LAM: Label Advertisement Mode IF-Name: Interface name
2) View the established LDP Session:
RT-A#show mpls ldp neighbor
Peer LDP Ident: 10.0.255.21:0; Local LDP Ident 10.0.255.11:0
TCP connection: 10.0.255.21.11000 - 10.0.255.11.646
State: Oper; Msgs sent/rcvd: 1615/1610; Downstream
Up time: 23:18:53
LDP discovery sources:
GigabitEthernet2/2, Src IP addr: 10.0.1.2
Addresses bound to peer LDP Ident:
10.0.1.2 10.0.2.1 10.0.255.21
14
[RT-C]display mpls ldp peer
LDP Peer Information in Public network
------------------------------------------------------------------------------
Peer-ID Transport-Address Discovery-Source
------------------------------------------------------------------------------
10.0.255.41:0 10.0.255.41 GigabitEthernet1/0/2
------------------------------------------------------------------------------
TOTAL: 1 Peer(s) Found.
3) To view the label switching in the whole forwarding process:
View the MPLS LSP of RT-A:
RT-A#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 10.0.2.0/30 0 Gi2/2 10.0.1.2
17 16 10.0.3.0/30 0 Gi2/2 10.0.1.2
18 Pop Label 10.0.255.21/32 0 Gi2/2 10.0.1.2
19 18 10.0.255.31/32 0 Gi2/2 10.0.1.2
20 19 10.0.255.41/32 0 Gi2/2 10.0.1.2
21 Pop Label IPv4 VRF[V] 1420 aggregate/vpna
On RT-A, the outbound label to PE2 is 18. View the MPLS LSP of RT-B:
15
RT-B#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 10.0.3.0/30 490 Gi1/3 10.0.2.2
17 Pop Label 10.0.255.11/32 464681 Gi1/1 10.0.1.1
18 1027 10.0.255.31/32 486060 Gi1/3 10.0.2.2
19 Pop Label 10.0.255.41/32 0 Gi1/3 10.0.2.2
On RT-B, inbound label being 18 are switched to 1027. On RT-D, view the MPLS LSP:
[RT-D]display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
10.0.255.41/32 3/NULL -/-
10.0.2.0/30 3/NULL -/-
10.0.255.31/32 NULL/3 -/GE2/0/2
10.0.255.31/32 1027/3 -/GE2/0/2
10.0.1.0/30 1024/3 -/GE2/0/4
10.0.1.0/30 NULL/3 -/GE2/0/4
10.0.255.11/32 1026/17 -/GE2/0/4
10.0.255.11/32 NULL/17 -/GE2/0/4
10.0.255.21/32 1025/3 -/GE2/0/4
10.0.255.21/32 NULL/3 -/GE2/0/4
10.0.3.0/30 3/NULL -/-
Outbound label of the packet with inbound label 1027 is 3. It indicates that RT-D is the penultimate hop and thus needs to pop off the label
16
[RT-C]display mpls lsp
-------------------------------------------------------------------------------
LSP Information: BGP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
100.0.2.0/24 115712/NULL -/- vpna
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
10.0.255.31/32 3/NULL -/-
10.0.255.41/32 NULL/3 -/GE1/0/2
10.0.2.0/30 NULL/3 -/GE1/0/2
10.0.1.0/30 NULL/1024 -/GE1/0/2
10.0.255.21/32 NULL/1025 -/GE1/0/2
10.0.255.11/32 NULL/1026 -/GE1/0/2
Labels allocated by RT-C to RT-D are specially 3, which indicates that RT-C is the last hop. The MPLS LSP forwarding process for other FECs is similar.
1
Lab 8- L3 VPN (Router port is given to customer)
CX600- RT-C, RT-D, RT-E
C7609-RT-A, RT-B, RT-F
RT-C
2/0/2
1/0/2
RT-A 2/0/42/2
1/3RT-B
1/1
RT-D2/1
1/1
1/0/8
1/0/4
RT-F
RT-E
Group1- RT-A, RT-F
Group2- RT-B, RT-D
Group3- RT-C, RT-E
RT-A
Lo- 10.0.255.11/32
2/2 -10.0.1.1/30
2/1 –100.0.1.1/24
RT-B
Lo- 10.0.255.21/32
1/1 -10.0.1.2/30
1/3 -10.0.2.1/30
RT-C
Lo- 10.0.255.31/32
1/0/2 -10.0.3.2/30
1/0/8 –100.0.2.1/24
RT-D
Lo- 10.0.255.41/32
2/0/4 -10.0.2.2/30
2/0/2 -10.0.3.1/30
RT-E
Lo- 100.0.255.1/32
1/0/4 –100.0.2.2/24
RT-F
Lo- 100.0.255.2/32
1/1 -100.0.1.2/24
2
Configuration Roadmap
RD= PE loopback IP: 1
RT=100:1 (every site can talk to any other site)
1. Configure IP address 2. Enable OSPF 3. Enable MPLS 4. Enable LDP 5. Create VRF + RD + RT 6. Bind interface to VRF 7. iBGP between PE 8. Redistribute connected into BGP
Configuration Procedure Step 1
1. Clear the Configuration 2. Change the hostname or sysname 3. Configure the IP address for each interface
Interface loopback0 Ip address 10.0.255.11 255.255.255.255 Interface gigabitethernet 1/0/4 Ip address 10.0.1.1 255.255.255.252 No shut/undo shut Negotiation auto (on CX port, if it is connected to Cisco)
Step 2 Configure OSPF in MPLS Backbone
RT-A(config)# router ospf 100
RT-A(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-A(config-router)# network 10.0.0.0 0.255.255.255 area 0
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.21 0.0.0.0 area 0
RT-B(config-router)# network 10.0.0.0 0.255.255.255 area 0
3
[RT-D]ospf 100
[RT-D-ospf-100]area 0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.255.41 0.0.0.0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
After the configuration, the OSPF neighbor relationship should be established between RT-A, RT-B, RT-D and RT-C. After running the show ip ospf neighbor & display ospf peer command, you can find that the OSPF neighbor relationship is in Full state. Run the show ip routing-table & display ip routing-table command on the PE (RT-A, RT-C), and you can view the Loopback0 routes imported from the peer.
RT-A# show ip ospf neighbor
[RT-C] display ospf peer
RT-A# show ip routing-table
[RT-C] display ip routing-table
Step 3 Configure basic MPLS functions and MPLS LDP on the MPLS backbone network to setup LDP LSP.
Configure RTA:
RT-A(config)#mpls ip
RT-A(config)#mpls ldp router-id Loopback0 force
RT-A(config-if)#mpls ip
RT-A(config-if)#mpls label protocol ldp
Configure RTB:
RT-B(config)#mpls ip
RT-B(config)#mpls ldp router-id Loopback0 force
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
Configure RTD: [RT-D]mpls lsr-id 10.0.255.41
[RT-D]mpls [RT-D-mpls]lsp-trigger all [RT-D]mpls ldp [RT-D-gigabitethernet2/0/2]mpls
4
[RT-D-gigabitethernet2/0/2]mpls ldp [RT-D-gigabitethernet2/0/4]mpls [RT-D-gigabitethernet2/0/4]mpls ldp
Configure RTC:
[RT-C]mpls lsr-id 10.0.255.31
[RT-C]mpls [RT-C-mpls]lsp-trigger all [RT-C]mpls ldp [RT-C-gigabitethernet1/0/2]mpls [RT-C-gigabitethernet1/0/2]mpls ldp
After the configuration, LDP sessions are set up between RT-A, RT-B, RT-D and RT-C. After running following commands on the devices, you can find the status of the session is "Operational" in the display result. Run the display mpls ldp lsp command, and view the state of the LDP LSP.
RT-A>show mpls ldp neighbor
[RT-C] display mpls ldp session
[RT-C]display mpls ldp peer
RT-A#show mpls forwarding-table
[RT-C] display mpls ldp lsp
[RT-C]display mpls lsp
Step 4 Configure VPN instances on PEs (RT-A & RT-C) and bind the instance to the interfaces of CEs.
# Configure RT-A (PE1).
RT-A(config)# ip vrf vpnb
RT-A(config)# rd 100: 2
RT-A(config)# # route-target export 222:2
RT-A(config)# # route-target import 222:2
RT-A(config)# interface gigabitethernet 2/1
RT-A(config-if)# ip vrf forwarding vpnb
RT-A(config-if)# ip address 100.0.1.1 255.255.255.0
RT-A(config-if)#no shut
# Configure RT-C (PE2).
[RT-C] ip vpn-instance vpnb
[RT-C-vpn-instance-vpna] route-distinguisher 200:2
[Rt-C-vpn-instance-vpna] vpn-target 222:2 both
[RT-C] interface gigabitethernet 1/0/8
[RT-C-GigabitEthernet1/0/8] ip binding vpn-instance vpnb
[RT-C- GigabitEthernet1/0/8]ip address 100.0.2.1 24
[RT-C- GigabitEthernet1/0/8]undo shut
5
Step 5 Configure a routing protocol between the PE and the CE, and import routes to the VPN routing table.
# Configure RT-E.
[RT-E] bgp 65400
[RT-E-bgp] peer 100.0.2.1 as-number 65000
[RT-E-bgp] peer 100.0.2.1 ebgp-max-hop 2
[RT-E-bgp] import-route direct
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] ipv4-family vpn-instance vpnb
[RT-C-bgp-vpnb] peer 100.0.2.2 as-number 65400
[RT-C-bgp-vpnb] peer 100.0.2.2 ebgp-max-hop 2
# Configure RT-F.
RT-F(config)# ip route 0.0.0.0 0.0.0.0 100.0.1.1
After the configuration, view the configuration of VPN instances by running following commands on the PEs. The PE can ping through its own CE.
RT-A# show ip vrf
RT-A#show ip route vrf vpnb
[RT-C] display ip vpn-instance
[RT-C] display ip vpn-instance verbose
[RT-C] display ip routing-table vpn-instance vpnb
RT-A# ping vrf vpnb 100.0.1.1
RT-A# ping vrf vpnb 100.0.1.2
[RT-C] ping -vpn-instance vpnb 100.0.2.1
[RT-C] ping -vpn-instance vpnb 100.0.2.2
Step 6 Establish MP-IBGP peers between the PEs (RT-A & RT-C).
# Configure RT-A.
RT-A(config)#router bgp 65000
RT-A(config-router)# neighbor 10.0.255.31 remote-as 65000
RT-A(config-router)# neighbor 10.0.255.31 update-source loopback0
RT-A(config-router)# address-family vpnv4
RT-A(config-router-af)# neighbor 10.0.255.31 activate
RT-A(config-router)# address-family ipv4 vrf vpnb
6
RT-A(config-router-af)# redistributed connected
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 10.0.255.11 as-number 65000
[RT-C-bgp] peer 10.0.255.11 connect-interface loopback 0
[RT-C-bgp] ipv4-family vpnv4
[RT-C-bgp-af-vpnv4] peer 10.0.255.11 enable
[RT-C-bgp] ipv4-family vpn-instance vpnb
[RT-C-bgp-vpna] import-route direct
After the configuration, you can find that the BGP peer relationship has been set up between PE1 and PE2 by running the following commands
RT-A#sh bgp nei
BGP neighbor is 10.0.255.31, remote AS 65000, internal link
BGP version 4, remote router ID 10.0.255.31
BGP state = Established, up for 05:11:47
Last read 00:00:51, last write 00:00:05, hold time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
Neighbor capabilities:
Route refresh: advertised and received(new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 5 9
Keepalives: 309 354
7
Route Refresh: 2 1
Total: 317 365
Default minimum time between advertisement runs is 0 seconds
RT-A#show bgp vpnv4 unicast vrf vpnb
BGP table version is 11, local router ID is 10.0.255.11
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf vpnb)
*> 100.0.1.0/24 0.0.0.0 0 32768 ?
*>i100.0.2.0/24 10.0.255.31 0 100 0 ?
*>i100.0.255.1/32 10.0.255.31 0 100 0 65400 ?
[RT-C]display bgp peer
BGP local router ID : 10.0.255.31
Local AS number : 65000
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
10.0.255.11 4 65000 342 401 0 05:15:31 Established 0
[RT-C]display bgp vpnv4 all peer
BGP local router ID : 10.0.255.31
Local AS number : 65000
Total number of peers : 2 Peers in established state : 2
8
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
10.0.255.11 4 65000 343 401 0 05:16:00 Established 2
Peer of vpn instance :
vpn instance vpnb :
100.0.2.2 4 65400 42 50 0 00:36:42 Established 2
Check:
Find the route to peer CEs (RT-F & RT-E).
RT-A#show ip route vrf vpnb
Routing Table: vpnb
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
Gateway of last resort is not set
100.0.0.0/8 is variably subnetted, 4 subnets, 2 masks
C 100.0.1.0/24 is directly connected, GigabitEthernet2/1
L 100.0.1.1/32 is directly connected, GigabitEthernet2/1
B 100.0.2.0/24 [200/0] via 10.0.255.31, 00:30:56
B 100.0.255.1/32 [200/0] via 10.0.255.31, 00:30:56
9
[RT-C]display ip routing-table vpn-instance vpnb
Route Flags: R - relay, D - download to fib
------------------------------------------------------------------------------
Routing Tables: vpnb
Destinations : 6 Routes : 6
Destination/Mask Proto Pre Cost Flags NextHop Interface
100.0.1.0/24 BGP 255 0 RD 10.0.255.11 GigabitEthernet1/0/2
100.0.2.0/24 Direct 0 0 D 100.0.2.1 GigabitEthernet1/0/8
100.0.2.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
100.0.2.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
100.0.255.1/32 BGP 255 0 RD 100.0.2.2 GigabitEthernet1/0/8
255.255.255.255/32 Direct 0 0 D 127.0.0.1 InLoopBack0
The CEs (RT-F & RT-E) in the same VPN can ping through each other
RT-F> ping 100.0.2.2
Rt-E> ping 100.0.1.2
You can also ping from PEs VRF
RT-A#ping vrf vpnb 100.0.2.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.0.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
10
RT-A#ping vrf vpnb 100.0.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 100.0.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
[RT-C]ping -vpn-instance vpnb 100.0.1.1
PING 100.0.1.1: 56 data bytes, press CTRL_C to break
Reply from 100.0.1.1: bytes=56 Sequence=1 ttl=253 time=2 ms
Reply from 100.0.1.1: bytes=56 Sequence=2 ttl=253 time=1 ms
Reply from 100.0.1.1: bytes=56 Sequence=3 ttl=253 time=1 ms
Reply from 100.0.1.1: bytes=56 Sequence=4 ttl=253 time=1 ms
Reply from 100.0.1.1: bytes=56 Sequence=5 ttl=253 time=1 ms
--- 100.0.1.1 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/2 ms
[RT-C]ping -vpn-instance vpnb 100.0.1.2
PING 100.0.1.2: 56 data bytes, press CTRL_C to break
Reply from 100.0.1.2: bytes=56 Sequence=1 ttl=252 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=2 ttl=252 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=3 ttl=252 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=4 ttl=252 time=1 ms
Reply from 100.0.1.2: bytes=56 Sequence=5 ttl=252 time=1 ms
11
--- 100.0.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/1 ms
To view the label switching in the whole forwarding process:
View the MPLS LSP of RT-A:
RT-A#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 10.0.2.0/30 0 Gi2/2 10.0.1.2
17 16 10.0.3.0/30 0 Gi2/2 10.0.1.2
18 Pop Label 10.0.255.21/32 0 Gi2/2 10.0.1.2
19 18 10.0.255.31/32 0 Gi2/2 10.0.1.2
20 19 10.0.255.41/32 0 Gi2/2 10.0.1.2
21 Pop Label IPv4 VRF[V] 1420 aggregate/vpna
22 Pop Label IPv4 VRF[V] 2672 aggregate/vpnb
On RT-A, the outbound label to PE2 is 18. View the MPLS LSP of RT-B:
RT-B#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 10.0.3.0/30 490 Gi1/3 10.0.2.2
17 Pop Label 10.0.255.11/32 1875863 Gi1/1 10.0.1.1
18 1027 10.0.255.31/32 1968423 Gi1/3 10.0.2.2
19 Pop Label 10.0.255.41/32 0 Gi1/3 10.0.2.2
12
On RT-B, inbound label being 18 are switched to 1027. On RT-D, view the MPLS LSP:
[RT-D]disp mpls ls
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
10.0.255.41/32 3/NULL -/-
10.0.2.0/30 3/NULL -/-
10.0.255.31/32 NULL/3 -/GE2/0/2
10.0.255.31/32 1027/3 -/GE2/0/2
10.0.1.0/30 1024/3 -/GE2/0/4
10.0.1.0/30 NULL/3 -/GE2/0/4
10.0.255.11/32 1026/17 -/GE2/0/4
10.0.255.11/32 NULL/17 -/GE2/0/4
10.0.255.21/32 1025/3 -/GE2/0/4
10.0.255.21/32 NULL/3 -/GE2/0/4
10.0.3.0/30 3/NULL -/-
Outbound label of the packet with inbound label 1027 is 3. It indicates that RT-D is the penultimate hop and thus needs to pop off the label
[RT-C]disp mpls ls
-------------------------------------------------------------------------------
LSP Information: BGP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
100.0.2.0/24 115712/NULL -/- vpna
100.0.2.0/24 115713/NULL -/- vpnb
100.0.255.1/32 115714/NULL -/- vpnb
13
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
10.0.255.31/32 3/NULL -/-
10.0.255.41/32 NULL/3 -/GE1/0/2
10.0.2.0/30 NULL/3 -/GE1/0/2
10.0.1.0/30 NULL/1024 -/GE1/0/2
10.0.255.21/32 NULL/1025 -/GE1/0/2
10.0.255.11/32 NULL/1026 -/GE1/0/2
Labels allocated by RT-C to RT-D are specially 3, which indicates that RT-C is the last hop. The MPLS LSP forwarding process for other FECs is similar.
1
Lab 9- L2 VPN (sub-interface on 7609 and SVI on CX600)
CX600- RT-C
C7609-RT-A, RT-B
C3400 – SW-A
CX200D – SW-C
RT-C
1/0/6
RT-A 2/2
1/2
RT-B
1/1
2/3
Ge0/1
1/0/0 Ge 0/0/1
SW-A
SW-C
Group1- RT-B
Group2- RT-A, SW-A
Group3- RT-C, SW-C
AS 65000
RT-A
Lo- 10.0.255.11/32
2/2 -10.0.1.1/30
2/3 –switchport
RT-C
Lo- 10.0.255.31/32
1/0/0 -10.0.2.2/30
1/0/6 –switchport
Fe0/9
PC-A
PC-C
Fe 0/0/9
RT-B
Lo- 10.0.255.21/32
1/1 -10.0.1.2/30
1/2 -10.0.2.1/30
2
Configuration Procedure Step 1 Configure CE.
In our example CE is a PC, therefore configure
PC-A- IP- 50.0.0.1/24
PC-C- IP- 50.0.0.2/24
If CE is a Router, configure a sub interface as below
# Huawei
<Quidway> system-view
[Quidway] sysname CE1
[CE1] interface gigabitethernet 1/0/0
[CE1-GigabitEthernet1/0/0] undo shutdown
[CE1-GigabitEthernet1/0/0] quit
[CE1] interface gigabitethernet 1/0/0.1
[CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 100
[CE1-GigabitEthernet1/0/0.1] ip address 50.0.0.1 24
[CE1-GigabitEthernet1/0/0.1] undo shutdown
[CE1-GigabitEthernet1/0/0.1] quit
# Cisco
interface GigabitEthernet2/4.100
encapsulation dot1Q 100
ip address 50.0.0.1 255.255.255.0
Step 2 Configure SW-A, SW-C
# Configure SW-A.
SW-A(config-if)# switchport mode trunk
SW-A(config-if)#switchport trunk allow vlan all
SW-A(config-if)#no shut
SW-A(config)# vlan 100
SW-A(config)# interface fastEthernet 0/9
SW-A(config-if)#switchport access vlan 100
VLAN – 100(A) & 200 (C)
VC ID – 10
VSI - 11
3
SW-A(config-if)#port-type nni
SW-A(config-if)#no shut
# Configure SW-C.
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]bpdu enable
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 200
[SW-C ]interface Ethernet 0/0/9
[SW-C-ethernet0/0/9]port link-type access
[SW-C-ethernet0/0/9]port default vlan 200
[SW-C-ethernet0/0/9]undo shut
Step 3 Configure OSPF in MPLS Backbone
RT-A(config)# router ospf 100
RT-A(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-A(config-router)# network 10.0.0.0 0.255.255.255 area 0
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.21 0.0.0.0 area 0
RT-B(config-router)# network 10.0.0.0 0.255.255.255 area 0
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
After the configuration, the OSPF neighbor relationship should be established between RT-A, RT-B, RT-D and RT-C. After running the show ip ospf neighbor & display ospf peer command, you can find that the OSPF neighbor relationship is in Full state. Run the show ip routing-table & display ip routing-table command on the PE (RT-A, RT-C), and you can view the Loopback0 routes imported from the peer.
RT-A# show ip ospf neighbor
[RT-C] display ospf peer
RT-A# show ip routing-table
[RT-C] display ip routing-table
Step 4 Configure MPLS basic capability and LDP on MPLS backbone network.
# Configure RT-A.
RT-A(config)#mpls ip
RT-A(config)#mpls ldp router-id Loopback0 force
RT-A(config-if)#mpls ip
4
RT-A(config-if)#mpls label protocol ldp
# Configure RT-B.
RT-B(config)#mpls ip
RT-B(config)#mpls ldp router-id Loopback0 force
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
# Configure RT-C.
[RT-C]mpls lsr-id 10.0.255.31
[RT-C]mpls [RT-C]mpls ldp [RT-C-gigabitethernet1/0/2]mpls [RT-C-gigabitethernet1/0/2]mpls ldp
Step 5 Establish the remote LDP session on PE.
# Configure RT-C.
[PE2] mpls ldp remote-peer 1
[PE2-mpls-ldp-remote-1] remote-ip 10.0.255.11
[PE2-mpls-ldp-remote-1] quit
After the configuration, run the display mpls ldp session command on PE2 to check the establishment of the LDP session. You can find that the remote LDP session between PE1 and PE2 is newly set up.
[RT-C]display mpls ldp session
LDP Session(s) in Public Network
------------------------------------------------------------------------------
Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv
------------------------------------------------------------------------------
10.0.255.11:0 Operational DU Active 000:01:37 389/444
10.0.255.21:0 Operational DU Active 000:01:44 418/474
------------------------------------------------------------------------------
TOTAL: 2 session(s) Found.
LAM : Label Advertisement Mode SsnAge Unit : DDD:HH:MM
RT-A#sh mpls ldp neighbor
Peer LDP Ident: 10.0.255.21:0; Local LDP Ident 10.0.255.11:0
TCP connection: 10.0.255.21.11037 - 10.0.255.11.646
State: Oper; Msgs sent/rcvd: 154/155; Downstream
Up time: 02:08:12
LDP discovery sources:
GigabitEthernet2/2, Src IP addr: 10.0.1.2
5
Addresses bound to peer LDP Ident:
10.0.1.2 10.0.255.21 10.0.2.1
Peer LDP Ident: 10.0.255.31:0; Local LDP Ident 10.0.255.11:0
TCP connection: 10.0.255.31.49803 - 10.0.255.11.646
State: Oper; Msgs sent/rcvd: 510/452; Downstream
Up time: 01:47:50
LDP discovery sources:
Targeted Hello 10.0.255.11 -> 10.0.255.31, active, passive
Addresses bound to peer LDP Ident:
10.0.2.2 10.0.255.31
Step 6 Enable MPLS L2VPN on PE and create the VC connection.
# On RT-A, create a VC on sub interface Gigabit Ethernet 2/3.100, which connects PC-A through SW-A.
RT-A(config)#interface gigabitetherent 2/3
RT-A(config-if)#switchport
RT-A(config-if)# switchport trunk encapsulation dot1q
RT-A(config-if)# switchport mode trunk
RT-A(config-if)#no shut
RT-A(config)#interface gigabitetherent 2/3.100
RT-A(config-subif)#encapsulation dot1q 100
RT-A(config-subif)#xconnect 10.0.255.31 10 encap mpls
# On RT-C, create a VSI, which connects PC-C through SW-C.
[RT-C] mpls l2vpn
[RT-C-l2vpn] mpls l2vpn default martini
[RT-C]Vlan 200
[RT-C]vsi 11 static
[RT-C-vsi-11]pwsignal ldp
[RT-C-vsi-11-ldp]vsi-id 10
[RT-C-vsi-11-ldp]peer 10.0.255.11
[RT-C] interface vlanif 200
[RT-C-vlanif200] l2 binding vsi 11
[RT-C] interface gigabitethernet1/0/6
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-C-GigabitEthernet1/0/6] undo shutdown
Extra info- Command for Cisco
RT-A(config)#vlan 200
RT-A(config)#interface vlan 200
RT-A(config-if)#no ip address
RT-A(config-if)#xconnect 10.0.255.11 10 encap mpls
RT-A(config-if)#no shut
6
Check:- PC-A and PC-C can successfully ping each other.
Check the L2VPN connection on the PEs. You can find that an L2VC is set up and the VC status is Up.
RT-A#sh mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
------------- -------------------------- --------------- ---------- ----------
Gi2/3.100 Eth VLAN 100 10.0.255.31 10 UP
[RT-C]display vsi name 11
Vsi Mem PW Mac Encap Mtu Vsi
Name Disc Type Learn Type Value State
--------------------------------------------------------------------------
11 static ldp unqualify vlan 1500 up
1
Lab 10- L2 VPN (sub-interface both sides) (Optional)
CX600- RT-C
C7609-RT-A, RT-B
C3400 – SW-A
CX200D – SW-C
RT-C
1/0/6
RT-A 2/2
1/2
RT-B
1/1
2/3
Ge0/1
1/0/0 Ge 0/0/1
SW-A
SW-C
Group1- RT-B
Group2- RT-A, SW-A
Group3- RT-C, SW-C
AS 65000
RT-A
Lo- 10.0.255.11/32
2/2 -10.0.1.1/30
2/3 –switchport
RT-C
Lo- 10.0.255.31/32
1/0/0 -10.0.2.2/30
1/0/6 –switchport
Fe0/9
PC-A
PC-C
Fe 0/0/9
RT-B
Lo- 10.0.255.21/32
1/1 -10.0.1.2/30
1/2 -10.0.2.1/30
2
Configuration Procedure Step 1 Configure CE.
In our example CE is a PC, therefore configure
PC-A- IP- 50.0.0.1/24
PC-C- IP- 50.0.0.2/24
If CE is a Router, configure a sub interface as below
# Huawei
<Quidway> system-view
[Quidway] sysname CE1
[CE1] interface gigabitethernet 1/0/0
[CE1-GigabitEthernet1/0/0] undo shutdown
[CE1-GigabitEthernet1/0/0] quit
[CE1] interface gigabitethernet 1/0/0.1
[CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 100
[CE1-GigabitEthernet1/0/0.1] ip address 50.0.0.1 24
[CE1-GigabitEthernet1/0/0.1] undo shutdown
[CE1-GigabitEthernet1/0/0.1] quit
# Cisco
interface GigabitEthernet2/4.100
encapsulation dot1Q 100
ip address 50.0.0.1 255.255.255.0
Step 2 Configure SW-A, SW-C
# Configure SW-A.
SW-A(config-if)# switchport mode trunk
SW-A(config-if)#switchport trunk allow vlan all
SW-A(config-if)#no shut
SW-A(config)# vlan 100
SW-A(config)# interface fastEthernet 0/9
SW-A(config-if)#switchport access vlan 100
VLAN – 100(A) & 200 (C)
VC ID - 10
3
SW-A(config-if)#port-type nni
SW-A(config-if)#no shut
# Configure SW-C.
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]bpdu enable
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 200
[SW-C ]interface Ethernet 0/0/9
[SW-C-ethernet0/0/9]port link-type access
[SW-C-ethernet0/0/9]port default vlan 200
[SW-C-ethernet0/0/9]undo shut
Step 3 Configure OSPF in MPLS Backbone
RT-A(config)# router ospf 100
RT-A(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-A(config-router)# network 10.0.0.0 0.255.255.255 area 0
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.21 0.0.0.0 area 0
RT-B(config-router)# network 10.0.0.0 0.255.255.255 area 0
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
After the configuration, the OSPF neighbor relationship should be established between RT-A, RT-B, RT-D and RT-C. After running the show ip ospf neighbor & display ospf peer command, you can find that the OSPF neighbor relationship is in Full state. Run the show ip routing-table & display ip routing-table command on the PE (RT-A, RT-C), and you can view the Loopback0 routes imported from the peer.
RT-A# show ip ospf neighbor
[RT-C] display ospf peer
RT-A# show ip routing-table
[RT-C] display ip routing-table
Step 4 Configure MPLS basic capability and LDP on MPLS backbone network.
# Configure RT-A.
RT-A(config)#mpls ip
RT-A(config)#mpls ldp router-id Loopback0 force
RT-A(config-if)#mpls ip
4
RT-A(config-if)#mpls label protocol ldp
# Configure RT-B.
RT-B(config)#mpls ip
RT-B(config)#mpls ldp router-id Loopback0 force
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
# Configure RT-C.
[RT-C]mpls lsr-id 10.0.255.31
[RT-C]mpls [RT-C]mpls ldp [RT-C-gigabitethernet1/0/2]mpls [RT-C-gigabitethernet1/0/2]mpls ldp
Step 5 Establish the remote LDP session on PE.
# Configure RT-C.
[PE2] mpls ldp remote-peer 1
[PE2-mpls-ldp-remote-1] remote-ip 10.0.255.11
[PE2-mpls-ldp-remote-1] quit
After the configuration, run the display mpls ldp session command on PE2 to check the establishment of the LDP session. You can find that the remote LDP session between PE1 and PE2 is newly set up.
[RT-C]display mpls ldp session
LDP Session(s) in Public Network
------------------------------------------------------------------------------
Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv
------------------------------------------------------------------------------
10.0.255.11:0 Operational DU Active 000:01:37 389/444
10.0.255.21:0 Operational DU Active 000:01:44 418/474
------------------------------------------------------------------------------
TOTAL: 2 session(s) Found.
LAM : Label Advertisement Mode SsnAge Unit : DDD:HH:MM
RT-A#sh mpls ldp neighbor
Peer LDP Ident: 10.0.255.21:0; Local LDP Ident 10.0.255.11:0
TCP connection: 10.0.255.21.11037 - 10.0.255.11.646
State: Oper; Msgs sent/rcvd: 154/155; Downstream
Up time: 02:08:12
LDP discovery sources:
GigabitEthernet2/2, Src IP addr: 10.0.1.2
5
Addresses bound to peer LDP Ident:
10.0.1.2 10.0.255.21 10.0.2.1
Peer LDP Ident: 10.0.255.31:0; Local LDP Ident 10.0.255.11:0
TCP connection: 10.0.255.31.49803 - 10.0.255.11.646
State: Oper; Msgs sent/rcvd: 510/452; Downstream
Up time: 01:47:50
LDP discovery sources:
Targeted Hello 10.0.255.11 -> 10.0.255.31, active, passive
Addresses bound to peer LDP Ident:
10.0.2.2 10.0.255.31
Step 6 Enable MPLS L2VPN on PE and create the VC connection.
# On RT-A, create a VC on sub interface Gigabit Ethernet 2/3.100, which connects PC-A through SW-A.
RT-A(config)#interface gigabitetherent 2/3
RT-A(config-if)#switchport
RT-A(config-if)# switchport trunk encapsulation dot1q
RT-A(config-if)# switchport mode trunk
RT-A(config-if)#no shut
RT-A(config)#interface gigabitetherent 2/3.100
RT-A(config-subif)#encapsulation dot1q 100
RT-A(config-subif)#xconnect 10.0.255.31 10 encap mpls
# On RT-C, create a VC on sub interface, which connects PC-C through SW-C.
[RT-C] mpls l2vpn
[RT-C-l2vpn] mpls l2vpn default martini
[RT-C] interface gigabitethernet1/0/6
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan 127
[RT-C-GigabitEthernet1/0/6] undo shutdown
[RT-C] interface gigabitethernet1/0/6.200
[RT-C-GigabitEthernet1/0/6.200] mpls l2vc 10.0.255.11 10
[RT-C-GigabitEthernet1/0/6.200]vlan-type dot1q 200
6
Check:- PC-A and PC-C can successfully ping each other.
Check the L2VPN connection on the PEs. You can find that an L2VC is set up and the VC status is Up.
RT-A#sh mpls l2transport vc
Local intf Local circuit Dest address VC ID Status
------------- -------------------------- --------------- ---------- ----------
Gi2/3.100 Eth VLAN 100 10.0.255.31 10 UP
[RT-C]display mpls l2vc interface GigabitEthernet 1/0/6.200
*client interface : GigabitEthernet1/0/6.200 is up
session state : up
AC state : up
VC state : up
VC ID : 10
VC type : VLAN
destination : 10.0.255.11
local group ID : 0 remote group ID : 0
local VC label : 146432 remote VC label : 20
local AC OAM State : up
local PSN State : up
local forwarding state : forwarding
remote AC OAM state : up
remote PSN state : up
remote forwarding state: forwarding
BFD for PW : unavailable
manual fault : not set
active state : active
forwarding entry : exist
link state : up
local VC MTU : 1500 remote VC MTU : 1500
local VCCV : Disable
remote VCCV : alert lsp-ping
local control word : disable remote control word : disable
tunnel policy name : --
traffic behavior name : --
PW template name : --
primary or secondary : primary
VC tunnel/token info : 1 tunnels/tokens
NO.0 TNL type : lsp , TNL ID : 0x1008001
create time : 0 days, 0 hours, 32 minutes, 48 seconds
up time : 0 days, 0 hours, 21 minutes, 25 seconds
last change time : 0 days, 0 hours, 21 minutes, 25 seconds
1
Lab 11- VPLS (using SVI on CX600)
CX600- RT-C, RT-D, RT-E C3400 – SW-D CX200D – SW-C, SW-E
RT-E 1/0/6
RT-C 1/0/2
2/0/0
RT-D
2/0/2
1/0/6
Ge 0/0/1
1/0/0 Ge 0/0/1
SW-C
SW-E
Group1- RT-C, SW-C Group2- RT-D, SW-D Group3- RT-E, SW-E
AS 65000 RT-C
Lo- 10.0.255.31/32 1/0/2 -10.0.1.1/30 1/0/6 –switchport
RT-D Lo- 10.0.255.41/32 2/0/0 -10.0.2.1/30 2/0/2 -10.0.1.2/30 2/0/8 –switchport
RT-E Lo- 10.0.255.51/32 1/0/0 -10.0.2.2/30 1/0/6 –switchport
Ge 0/1
2/0/8
SW-D
VLAN – 10, 20 & 30 vsi - 50
VC ID - 25
2
Configuration Procedure Step 1 Configure SW & RT for access
# Configure RT-C & SW-C.
[RT-C] interface gigabitethernet1/0/6
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-C-GigabitEthernet1/0/6] undo shutdown
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 10
[SW-C ]interface vlanif 10
[SW-C-vlanif10]ip address 1.0.0.1 255.0.0.0
[SW-C- vlanif10]undo shut
# Configure RT-D & SW-D.
[RT-D] interface gigabitethernet2/0/8
[RT-D-GigabitEthernet2/0/8]portswitch
[RT-D-GigabitEthernet2/0/8]port link-type trunk
[RT-D-GigabitEthernet2/0/8]port trunk allow-pass vlan all
[RT-D-GigabitEthernet2/0/8] undo shutdown
SW-D(config-if)# switchport mode trunk
SW-D(config-if)#switchport trunk allowed vlan all
SW-D(config-if)#port-type nni
SW-D(config-if)#no shut
SW-D(config)# vlan 20
SW-D(config)# interface vlan 20
SW-D(config-if)#ip address 1.0.0.2 255.0.0.0
SW-D(config-if)#no shut
# Configure RT-E & SW-E.
[RT-E] interface gigabitethernet1/0/6
[RT-E-GigabitEthernet1/0/6]portswitch
[RT-E-GigabitEthernet1/0/6]port link-type trunk
[RT-E-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-E-GigabitEthernet1/0/6] undo shutdown
[SW-E-gigabitethernet0/0/1]port link-type trunk
[SW-E-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-E-gigabitethernet0/0/1]undo shut
3
[SW-E ]vlan 30
[SW-E]interface vlanif 30
[SW-E-vlanif30]ip address 1.0.0.3 255.0.0.0
[SW-E- vlanif30]undo shut
Step 2 Configure OSPF.
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-D]ospf 100
[RT-D-ospf-100]area 0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.255.41 0.0.0.0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
[RT-E]ospf 100
[RT-E-ospf-100]area 0
[RT-E-ospf-100-area-0.0.0.0]network 10.0.255.51 0.0.0.0
[RT-E-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
Step 3 Configure basic MPLS capability and LDP.
# Configure RT-C. [RT-C]mpls lsr-id 10.0.255.31
[RT-C]mpls [RT-C]mpls ldp [RT-C-gigabitethernet1/0/2]mpls [RT-C-gigabitethernet1/0/2]mpls ldp
# Configure RT-D.
[RT-D]mpls lsr-id 10.0.255.41
[RT-D]mpls [RT-D]mpls ldp [RT-D-gigabitethernet2/0/0]mpls [RT-D-gigabitethernet2/0/0]mpls ldp [RT-D-gigabitethernet2/0/2]mpls [RT-D-gigabitethernet2/0/2]mpls ldp
# Configure RT-E.
[RT-E]mpls lsr-id 10.0.255.51
[RT-E]mpls [RT-E]mpls ldp [RT-E-gigabitethernet1/0/0]mpls
4
[RT-E-gigabitethernet1/0/0]mpls ldp
Step 4 Configure remote session of LDP.
# Configure RT-C.
[RT-C] mpls ldp remote-peer 1
[RT-C-mpls-ldp-remote-1] remote-ip 10.0.255.51
# Configure RT-E.
[RT-E] mpls ldp remote-peer 1
[RT-E-mpls-ldp-remote-1] remote-ip 10.0.255.31
After the configuration, run the display mpls ldp session command on PEs to check the establishment of the LDP session. You can find that the remote LDP session between PEs are newly set up.
[RT-C]disp mpls ldp session
LDP Session(s) in Public Network
------------------------------------------------------------------------------
Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv
------------------------------------------------------------------------------
10.0.255.41:0 Operational DU Active 000:00:56 227/255
10.0.255.51:0 Operational DU Active 000:04:56 1186/1350
------------------------------------------------------------------------------
TOTAL: 2 session(s) Found.
LAM : Label Advertisement Mode SsnAge Unit : DDD:HH:MM
Step 5 Enable MPLS L2VPN on PEs.
# Configure RT-C. [RT-C] mpls l2vpn
# Configure RT-D. [RT-D] mpls l2vpn
# Configure RT-E. [RT-E] mpls l2vpn
5
Step 6 Configure a VSI on each PE.
# Configure RT-C.
[RT-C]vsi 50 static
[RT-C-vsi-50]pwsignal ldp
[RT-C-vsi-50-ldp]vsi-id 25
[RT-C-vsi-50-ldp]peer 10.0.255.41
[RT-C-vsi-50-ldp]peer 10.0.255.51
# Configure RT-D. [RT-D]vsi 50 static
[RT-D-vsi-50]pwsignal ldp
[RT-D-vsi-50-ldp]vsi-id 25
[RT-D-vsi-50-ldp]peer 10.0.255.31
[RT-D-vsi-50-ldp]peer 10.0.255.51
# Configure RT-E. [RT-E]vsi 50 static
[RT-E-vsi-50]pwsignal ldp
[RT-E-vsi-50-ldp]vsi-id 25
[RT-E-vsi-50-ldp]peer 10.0.255.31
[RT-E-vsi-50-ldp]peer 10.0.255.41
Step 7 Bind the VSI with the interface on PE.
# Configure RT-C.
[RT-C] vlan 10
[RT-C] interface vlanif 10
[RT-C-vlanif10] l2 binding vsi 50
[RT-C-vlanif10]undo shut
# Configure RT-D. [RT-D] vlan 20
[RT-D] interface vlanif 20
[RT-D-vlanif20] l2 binding vsi 50
[RT-D-vlanif20]undo shut
# Configure RT-E. [RT-E] vlan 30
[RT-E] interface vlanif 30
[RT-E-vlanif30] l2 binding vsi 50
[RT-E-vlanif30]undo shut
6
Step 8 Verify the configuration.
After the configuration, run the following command on PEs, and you can see that VSI named 50 establishes a PW to PE1 & PE2 and the VSI is Up.
[RT-C]disp vsi name 50
Vsi Mem PW Mac Encap Mtu Vsi
Name Disc Type Learn Type Value State
--------------------------------------------------------------------------
50 static ldp unqualify vlan 1500 up
Check:-
Ping from [SW-C]ping 1.0.0.2
Ping from [SW-C]ping 1.0.0.3
Similarly try from other switches
1
Lab 12- VPLS (using SVI) (Optional) Note- VFI/VSI will be UP, but will not ping because 7609 don’t have OSM card.
CX600- RT-C C7609-RT-A, RT-B C3400 – SW-A CX200D – SW-B, SW-C
RT-C 1/0/6
RT-A 2/2
1/2
RT-B
1/1
2/3
Ge0/1
1/0/0 Ge 0/0/1
SW-A
SW-C
Group1- RT-A, SW-A Group2- RT-B, SW-B Group3- RT-C, SW-C
AS 65000 RT-A
Lo- 10.0.255.11/32 2/2 -10.0.1.1/30 2/3 –switchport
RT-B Lo- 10.0.255.21/32
1/1 -10.0.1.2/30 1/2 -10.0.2.1/30 1/4 –switchport
RT-C Lo- 10.0.255.31/32 1/0/0 -10.0.2.2/30 1/0/6 –switchport
Fe0/9
PC-A
PC-C Fe
0/0/9
Ge 0/0/1
1/4
PC-B SW-B
VLAN – 100,200 & 300 vfi/vsi - 2611 VC ID - 20
2
Configuration Procedure Step 1 Configure CE.
In our example CE is a PC, therefore configure PC-A- IP- 100.0.0.1/24 PC-B- IP- 100.0.0.2/24 PC-C- IP- 100.0.0.3/24
Step 2 Configure SW & RT for access
# Configure SW-A & RT-A.
RT-A(config)#interface gigabitetherent 2/3
RT-A(config-if)#switchport
RT-A(config-if)# switchport trunk encapsulation dot1q
RT-A(config-if)# switchport mode trunk
RT-A(config-if)#no shut
SW-A(config-if)# switchport mode trunk
SW-A(config-if)#switchport trunk allow vlan all
SW-A(config-if)#port-type nni
SW-A(config-if)#no shut
SW-A(config)# vlan 100
SW-A(config)# interface fastEthernet 0/9
SW-A(config-if)#switchport access vlan 100
SW-A(config-if)#port-type nni
SW-A(config-if)#no shut
# Configure SW-B & RT-B.
RT-B(config)#interface gigabitetherent 1/4
RT-B(config-if)#switchport
RT-B(config-if)# switchport trunk encapsulation dot1q
RT-B(config-if)# switchport mode trunk
RT-B(config-if)#no shut
[SW-B-gigabitethernet0/0/1]port link-type trunk
[SW-B-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-B-gigabitethernet0/0/1]bpdu enable
[SW-B-gigabitethernet0/0/1]undo shut
[SW-B ]vlan 200
[SW-B ]interface Ethernet 0/0/9
[SW-B-ethernet0/0/9]port link-type access
[SW-B-ethernet0/0/9]port default vlan 200
3
[SW-B-ethernet0/0/9]undo shut
# Configure SW-C & RT-C.
[RT-C] interface gigabitethernet1/0/6
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-C-GigabitEthernet1/0/6] undo shutdown
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]bpdu enable
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 300
[SW-C ]interface Ethernet 0/0/9
[SW-C-ethernet0/0/9]port link-type access
[SW-C-ethernet0/0/9]port default vlan 300
[SW-C-ethernet0/0/9]undo shut
Step 3 Configure OSPF.
RT-A(config)# router ospf 100
RT-A(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-A(config-router)# network 10.0.0.0 0.255.255.255 area 0
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.21 0.0.0.0 area 0
RT-B(config-router)# network 10.0.0.0 0.255.255.255 area 0
[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.0.0 0.255.255.255
Step 4 Configure basic MPLS capability and LDP.
# Configure RT-A. RT-A(config)#mpls ip
RT-A(config)#mpls ldp router-id Loopback0 force
RT-A(config-if)#mpls ip
RT-A(config-if)#mpls label protocol ldp
# Configure RT-B. RT-B(config)#mpls ip
RT-B(config)#mpls ldp router-id Loopback0 force
RT-B(config-if)#mpls ip
4
RT-B(config-if)#mpls label protocol ldp
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls label protocol ldp
# Configure RT-C. [RT-C]mpls lsr-id 10.0.255.31
[RT-C]mpls [RT-C]mpls ldp [RT-C-gigabitethernet1/0/0]mpls [RT-C-gigabitethernet1/0/0]mpls ldp
Step 5 Configure remote session of LDP.
# Configure RT-C.
[PE2] mpls ldp remote-peer 1
[PE2-mpls-ldp-remote-1] remote-ip 10.0.255.11
After the configuration, run the display mpls ldp session or show mpls ldp neighbor command on PEs to check the establishment of the LDP session. You can find that the remote LDP session between PEs are newly set up.
[RT-C]disp mpls ldp session
LDP Session(s) in Public Network
------------------------------------------------------------------------------
Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv
------------------------------------------------------------------------------
10.0.255.11:0 Operational DU Active 000:00:56 227/255
10.0.255.21:0 Operational DU Active 000:04:56 1186/1350
------------------------------------------------------------------------------
TOTAL: 2 session(s) Found.
LAM : Label Advertisement Mode SsnAge Unit : DDD:HH:MM
RT-B#sh mpls ldp neighbor
Peer LDP Ident: 10.0.255.11:0; Local LDP Ident 10.0.255.21:0
TCP connection: 10.0.255.11.646 - 10.0.255.21.11037
State: Oper; Msgs sent/rcvd: 364/362; Downstream
Up time: 05:11:27
LDP discovery sources:
GigabitEthernet1/1, Src IP addr: 10.0.1.1
Targeted Hello 10.0.255.21 -> 10.0.255.11, active, passive
Addresses bound to peer LDP Ident:
10.0.255.11 10.0.1.1
Peer LDP Ident: 10.0.255.31:0; Local LDP Ident 10.0.255.21:0
TCP connection: 10.0.255.31.51690 - 10.0.255.21.646
State: Oper; Msgs sent/rcvd: 1371/1200; Downstream
Up time: 04:58:30
5
LDP discovery sources:
GigabitEthernet1/2, Src IP addr: 10.0.2.2
Addresses bound to peer LDP Ident:
10.0.2.2 10.0.255.31
RT-A#sh mpls ldp neighbor
Peer LDP Ident: 10.0.255.21:0; Local LDP Ident 10.0.255.11:0
TCP connection: 10.0.255.21.11037 - 10.0.255.11.646
State: Oper; Msgs sent/rcvd: 367/369; Downstream
Up time: 05:15:35
LDP discovery sources:
GigabitEthernet2/2, Src IP addr: 10.0.1.2
Targeted Hello 10.0.255.11 -> 10.0.255.21, active, passive
Addresses bound to peer LDP Ident:
10.0.1.2 10.0.255.21 10.0.2.1
Peer LDP Ident: 10.0.255.31:0; Local LDP Ident 10.0.255.11:0
TCP connection: 10.0.255.31.51916 - 10.0.255.11.646
State: Oper; Msgs sent/rcvd: 298/261; Downstream
Up time: 01:02:43
LDP discovery sources:
Targeted Hello 10.0.255.11 -> 10.0.255.31, active, passive
Addresses bound to peer LDP Ident:
10.0.2.2 10.0.255.31
Step 6 Enable MPLS L2VPN on PEs.
# Configure RT-C. [RT-C] mpls l2vpn
Step 7 Configure a VFI/VSI on each PE.
# Configure RT-A.
RT-A(config)#l2 vfi 2611 manual
RT-A(config-vfi)#vpn id 20
RT-A(config-vfi)#neighbor 10.0.255.21 encapsulation mpls
RT-A(config-vfi)#neighbor 10.0.255.31 encapsulation mpls
# Configure RT-B.
RT-B(config)#l2 vfi 2611 manual
RT-A(config-vfi)#vpn id 20
RT-A(config-vfi)#neighbor 10.0.255.11 encapsulation mpls
RT-A(config-vfi)#neighbor 10.0.255.31 encapsulation mpls
# Configure RT-C.
[RT-C]vsi 2611 static
[RT-C-vsi-2611]pwsignal ldp
6
[RT-C-vsi-2611-ldp]vsi-id 20
[RT-C-vsi-2611-ldp]peer 10.0.255.11
[RT-C-vsi-2611-ldp]peer 10.0.255.21
Step 8 Bind the VSI/VFI with the interface on PE.
# Configure RT-A.
RT-A(config)#vlan 100
RT-A(config)#interface vlan 100
RT-A(config-if)#no ip address
RT-A(config-if)#xconnect vfi 2611
RT-A(config-if)#no shut
# Configure RT-B.
RT-B(config)#vlan 200
RT-B(config)#interface vlan 200
RT-B(config-if)#no ip address
RT-B(config-if)#xconnect vfi 2611
RT-B(config-if)#no shut
# Configure RT-C. [RT-C] vlan 300
[RT-C] interface vlanif 300
[RT-C-vlanif300] l2 binding vsi 2611
[RT-C-vlanif300]undo shut
Step 9 Verify the configuration.
After the configuration, run the following command on PEs, and you can see that VSI/VFI named 2611 establishes a PW to PE1 & PE2and the VSI is Up.
[RT-C]disp vsi name 2611
Vsi Mem PW Mac Encap Mtu Vsi
Name Disc Type Learn Type Value State
--------------------------------------------------------------------------
2611 static ldp unqualify vlan 1500 up
RT-B#sh vfi 2611
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No
VFI name: 2611, state: up, type: multipoint
VPN ID: 20
Local attachment circuits:
Vlan200
Neighbors connected via pseudowires:
7
Peer Address VC ID S
10.0.255.31 20 Y
10.0.255.11 20 Y
RT-A#sh vfi 2611
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No
VFI name: 2611, state: up, type: multipoint
VPN ID: 20
Local attachment circuits:
Vlan100
Neighbors connected via pseudowires:
Peer Address VC ID S
10.0.255.31 20 Y
10.0.255.21 20 Y