MPLS Handbook

MPLS Handbook About

This handbook aims to give hands-on practice on several MPLS VPN

technologies and implementaions

8/17/2014

1

Table of Contents

MPLS L3VPN Static CE-PE ................................................................................ 2

MPLS L3VPN RIPv2 CE-PE ............................................................................. 13

MPLS L3VPN OSPF CE-PE .............................................................................. 25

MPLS L3VPN ISIS CE-PE ............................................................................... 35

MPLS L3VPN BGP CE-PE ................................................................................ 46

MPLS Tunneling ........................................................................................... 55

MPLS L3VPN OSPF Sham-link ........................................................................ 67

OSPF Domain-ID .......................................................................................... 78

VRF Lite ...................................................................................................... 92

VRF Export-maps ......................................................................................... 96

MPLS AToM Eth to Eth ................................................................................ 105

MPLS AToM PPP to PPP................................................................................ 112

MPLS Inter-AS Xconnect ............................................................................. 118

MPLS L3VPN Inter-AS Option A .................................................................... 126

MPLS L3VPN Inter-AS Option B .................................................................... 138

Carrier supporting Carrier (CSC) .................................................................. 150

MPLS TE with OSPF .................................................................................... 168

MPLS 6PE .................................................................................................. 182

MPLS 6VPE ................................................................................................ 189

MPLS Internet Access ................................................................................. 195

MPLS QoS ................................................................................................. 205

MPLS EIGRP Backdoor Link .......................................................................... 227

MPLS BGP Soo ........................................................................................... 234

2

MPLS L3VPN Static CE-PE

Network Diagram

S1/0 S1/0

F2/0

F1/0 F1/0

F2/0

S1/0 S1/1

R4 R5

R2 R3

R1

192.1

.24.0

/24

192.1

.35.0

/24

192.

1.12

.0/2

4 192.1.13.0/24

2.2.2.2/32

4.4.4.4/32Lo0

Lo0 Lo0

Lo0

Lo0

1.1.1.1/32

3.3.3.3/32

5.5.5.5/32

Static Static

OSPF Area 0

IBGP

LSP

AS 100

Configurations VRF Configuration

R2

vrf definition MSSK rd 100:1

address-family ipv4 route-target export 100:1

route-target import 100:1 int f2/0

vrf forwarding MSSK ip address 192.1.24.2 255.255.255.0

R3


3

address-family ipv4

route-target export 100:1 route-target import 100:1

int f2/0 vrf forwarding MSSK

ip address 192.1.35.3 255.255.255.0

IGP Configuration R1

router ospf 1 router-id 1.1.1.1

network 1.1.1.1 0.0.0.0 area 0 network 192.1.12.1 0.0.0.0 area 0 network 192.1.13.1 0.0.0.0 area 0

R2


network 2.2.2.2 0.0.0.0 area 0 network 192.1.12.2 0.0.0.0 area 0

R3 router ospf 1

router-id 3.3.3.3 network 3.3.3.3 0.0.0.0 area 0 network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1 mpls label protocol ldp

mpls ldp router-id lo0 force

int s1/0 mpls ip

int s1/1 mpls ip


mpls ldp router-id Loopback0 force

4

int s1/0

mpls ip

R3 mpls label protocol ldp mpls ldp router-id Loopback0 force

int s1/0

mpls ip MP-BGP Configuration

R2

router bgp 100 no bgp default ipv4-unicast neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source lo0 address-family vpnv4

neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community both

R3 router bgp 100

neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source lo0

address-family vpnv4 neighbor 2.2.2.2 activate neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2 ip route vrf MSSK 4.4.4.4 255.255.255.255 192.1.24.4

R4 ip route 0.0.0.0 0.0.0.0 192.1.24.2

R3

ip route vrf MSSK 5.5.5.5 255.255.255.255 192.1.35.5 R5

ip route 0.0.0.0 0.0.0.0 192.1.35.3

5

VPN Configuration

R2 router bgp 100

address-family ipv4 vrf MSSK network 192.1.24.0 mask 255.255.255.0 redistribute static

R3

router bgp 100 address-family ipv4 vrf MSSK network 192.1.35.0 mask 255.255.255.0

redistribute static

Verifications R1#show mpls ldp neighbor

Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0 TCP connection: 2.2.2.2.38298 - 1.1.1.1.646

State: Oper; Msgs sent/rcvd: 66/66; Downstream Up time: 00:49:35

LDP discovery sources: Serial1/0, Src IP addr: 192.1.12.2 Addresses bound to peer LDP Ident:

192.1.12.2 2.2.2.2 Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0

TCP connection: 3.3.3.3.34974 - 1.1.1.1.646 State: Oper; Msgs sent/rcvd: 67/65; Downstream Up time: 00:49:34

LDP discovery sources: Serial1/1, Src IP addr: 192.1.13.3

Addresses bound to peer LDP Ident: 192.1.13.3 3.3.3.3

R1#show mpls interfaces Interface IP Tunnel BGP Static Operational

Serial1/0 Yes (ldp) No No No Yes Serial1/1 Yes (ldp) No No No Yes

R2#show mpls ldp neighbor Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0


LDP discovery sources:

6

Serial1/0, Src IP addr: 192.1.12.1 Addresses bound to peer LDP Ident:

192.1.12.1 192.1.13.1 1.1.1.1

R2#show mpls interfaces Interface IP Tunnel BGP Static Operational Serial1/0 Yes (ldp) No No No Yes

R3#show mpls ldp neighbor

Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0 TCP connection: 1.1.1.1.646 - 3.3.3.3.34974 State: Oper; Msgs sent/rcvd: 65/67; Downstream

Up time: 00:49:40 LDP discovery sources:

Serial1/0, Src IP addr: 192.1.13.1 Addresses bound to peer LDP Ident: 192.1.12.1 192.1.13.1 1.1.1.1

R3#show mpls interfaces

Interface IP Tunnel BGP Static Operational Serial1/0 Yes (ldp) No No No Yes

R2#sh ip route vrf MSSK static

Routing Table: MSSK Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets S 4.4.4.4 [1/0] via 192.1.24.4

R2#ping vrf MSSK 4.4.4.4 Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/12/40 ms

7

R3#sh ip route vrf MSSK static






5.0.0.0/32 is subnetted, 1 subnets S 5.5.5.5 [1/0] via 192.1.35.5


Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: !!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 8/21/68 ms R2#sh bgp vpnv4 unicast all summary

BGP router identifier 2.2.2.2, local AS number 100 BGP table version is 7, main routing table version 7

4 network entries using 624 bytes of memory 4 path entries using 320 bytes of memory 4/4 BGP path/bestpath attribute entries using 576 bytes of memory

1 BGP extended community entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory BGP using 1544 total bytes of memory BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down

State/PfxRcd 3.3.3.3 4 100 56 58 7 0 0 00:47:35 2

R2#sh bgp vpnv4 unicast all BGP table version is 7, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed,

Origin codes: i - IGP, e - EGP, ? - incomplete

8

RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 100:1 (default for vrf MSSK)

*> 4.4.4.4/32 192.1.24.4 0 32768 ? *>i 5.5.5.5/32 3.3.3.3 0 100 0 ? *> 192.1.24.0 0.0.0.0 0 32768 i

*>i 192.1.35.0 3.3.3.3 0 100 0 i

R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes BGP table version is 7, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed,

Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found


*> 4.4.4.4/32 192.1.24.4 0 32768 ? *> 192.1.24.0 0.0.0.0 0 32768 i

Total number of prefixes 2

R3#sh bgp vpnv4 unicast all summary BGP router identifier 3.3.3.3, local AS number 100

BGP table version is 7, main routing table version 7 4 network entries using 624 bytes of memory 4 path entries using 320 bytes of memory

4/4 BGP path/bestpath attribute entries using 576 bytes of memory 1 BGP extended community entries using 24 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1544 total bytes of memory

BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 2.2.2.2 4 100 58 56 7 0 0 00:47:48 2

R3#sh bgp vpnv4 unicast all

BGP table version is 7, local router ID is 3.3.3.3 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

x best-external, a additional-path, c RIB-compressed,

9


Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 100:1 (default for vrf MSSK) *>i 4.4.4.4/32 2.2.2.2 0 100 0 ? *> 5.5.5.5/32 192.1.35.5 0 32768 ?

*>i 192.1.24.0 2.2.2.2 0 100 0 i *> 192.1.35.0 0.0.0.0 0 32768 i

R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes BGP table version is 7, local router ID is 3.3.3.3

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete RPKI validation codes: V valid, I invalid, N Not found


Route Distinguisher: 100:1 (default for vrf MSSK) *> 5.5.5.5/32 192.1.35.5 0 32768 ?

*> 192.1.35.0 0.0.0.0 0 32768 i Total number of prefixes 2

R4#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP + - replicated route, % - next hop override

Gateway of last resort is 192.1.24.2 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 192.1.24.2 4.0.0.0/32 is subnetted, 1 subnets

C 4.4.4.4 is directly connected, Loopback0 192.1.24.0/24 is variably subnetted, 2 subnets, 2 masks

C 192.1.24.0/24 is directly connected, FastEthernet1/0 L 192.1.24.4/32 is directly connected, FastEthernet1/0

R4#ping 5.5.5.5 source lo0

10

Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:

Packet sent with a source address of 4.4.4.4 !!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/32 ms R5#sh ip route

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

+ - replicated route, % - next hop override Gateway of last resort is 192.1.35.3 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 192.1.35.3

5.0.0.0/32 is subnetted, 1 subnets C 5.5.5.5 is directly connected, Loopback0

192.1.35.0/24 is variably subnetted, 2 subnets, 2 masks C 192.1.35.0/24 is directly connected, FastEthernet1/0 L 192.1.35.5/32 is directly connected, FastEthernet1/0


Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds: Packet sent with a source address of 5.5.5.5

!!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/32 ms

R2#show mpls forwarding-table Local Outgoing Prefix Bytes Label Outgoing Next Hop

Label Label or Tunnel Id Switched interface 16 Pop Label 1.1.1.1/32 0 Se1/0 point2point

17 17 3.3.3.3/32 0 Se1/0 point2point 18 Pop Label 192.1.12.1/32 0 Se1/0 point2point 19 Pop Label 192.1.13.0/24 0 Se1/0 point2point

20 No Label 192.1.24.0/24[V] 0 aggregate/MSSK 21 No Label 4.4.4.4/32[V] 1140 Fa2/0 192.1.24.4


Label Label or Tunnel Id Switched interface

11

16 Pop Label 2.2.2.2/32 7810 Se1/0 point2point 17 Pop Label 3.3.3.3/32 7789 Se1/1 point2point

18 Pop Label 192.1.12.2/32 0 Se1/0 point2point 19 Pop Label 192.1.13.3/32 0 Se1/1 point2point


Label Label or Tunnel Id Switched interface 16 Pop Label 1.1.1.1/32 0 Se1/0 point2point

17 16 2.2.2.2/32 0 Se1/0 point2point 18 Pop Label 192.1.12.0/24 0 Se1/0 point2point 19 Pop Label 192.1.13.1/32 0 Se1/0 point2point

20 No Label 192.1.35.0/24[V] 0 aggregate/MSSK 21 No Label 5.5.5.5/32[V] 1140 Fa2/0 192.1.35.5

R1#debug mpls packet Packet debugging is on



Packet sent with a source address of 4.4.4.4 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms

R1#

*Sep 5 14:29:13.699: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254} - ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.703: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data

s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.715: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}

- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.715: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1

*Sep 5 14:29:13.731: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254} - ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1

*Sep 5 14:29:13.735: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.747: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}

- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.747: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data

s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.755: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254} - ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1

12

*Sep 5 14:29:13.755: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1


*Sep 5 14:29:13.767: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.779: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}

- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1 *Sep 5 14:29:13.779: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data


R1# *Sep 5 14:29:13.787: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data


*Sep 5 14:29:13.803: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1


*Sep 5 14:29:13.819: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1 R1#

13

MPLS L3VPN RIPv2 CE-PE

Network Diagram

S1/0 S1/0

F2/0

F1/0 F1/0

F2/0

S1/0 S1/1

R4 R5

R2 R3

R1

192.1

.24.0

/24

192.1

.35.0

/24

192.

1.12

.0/2

4 192.1.13.0/24

2.2.2.2/32

4.4.4.4/32Lo0

Lo0 Lo0

Lo0

Lo0

1.1.1.1/32

3.3.3.3/32

5.5.5.5/32

RIPv2 RIPv2

OSPF Area 0

IBGP

LSP

AS 100

Configurations

VRF Configuration R2



route-target import 100:1

int f2/0 vrf forwarding MSSK ip address 192.1.24.2 255.255.255.0

R3



14



ip address 192.1.35.3 255.255.255.0 IGP Configuration

R1

router ospf 1 router-id 1.1.1.1 network 1.1.1.1 0.0.0.0 area 0


R2 router ospf 1

router-id 2.2.2.2 network 2.2.2.2 0.0.0.0 area 0

network 192.1.12.2 0.0.0.0 area 0

R3 router ospf 1 router-id 3.3.3.3




mpls ldp router-id lo0 force int s1/0

mpls ip

int s1/1 mpls ip


mpls ldp router-id Loopback0 force int s1/0

mpls ip

15

R3

mpls label protocol ldp mpls ldp router-id Loopback0 force

int s1/0 mpls ip

MP-BGP Configuration

R2 router bgp 100

no bgp default ipv4-unicast neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source lo0 address-family vpnv4 neighbor 3.3.3.3 activate

neighbor 3.3.3.3 send-community both

R3 router bgp 100

no bgp default ipv4-unicast neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source lo0

address-family vpnv4 neighbor 2.2.2.2 activate

neighbor 2.2.2.2 send-community both CE-PE routing Configuration

R2 router rip

address-family ipv4 vrf MSSK no auto-summary

version 2 network 192.1.24.2

R4 router rip

no auto-summary version 2 network 4.4.4.4

network 192.1.24.4

16

R3 router rip

address-family ipv4 vrf MSSK no auto-summary

version 2 network 192.1.35.3

R5 router rip

no auto-summary version 2 network 5.5.5.5

network 192.1.35.5

VPN Configuration R2

router bgp 100 address-family ipv4 vrf MSSK

redistribute rip

router rip address-family ipv4 vrf MSSK redistribute bgp 100 metric 1

R3

router bgp 100 address-family ipv4 vrf MSSK redistribute rip

router rip

address-family ipv4 vrf MSSK redistribute bgp 100 metric 1

Verifications

R1#show mpls ldp neighbor Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0 TCP connection: 2.2.2.2.38298 - 1.1.1.1.646



192.1.12.2 2.2.2.2

17




192.1.13.3 3.3.3.3


Serial1/1 Yes (ldp) No No No Yes

R2#show mpls ldp neighbor Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0 TCP connection: 1.1.1.1.646 - 2.2.2.2.38298



Addresses bound to peer LDP Ident: 192.1.12.1 192.1.13.1 1.1.1.1


Serial1/0 Yes (ldp) No No No Yes R3#show mpls ldp neighbor


State: Oper; Msgs sent/rcvd: 65/67; Downstream Up time: 00:49:40 LDP discovery sources:


192.1.12.1 192.1.13.1 1.1.1.1 R3#show mpls interfaces


R2#sh ip route vrf MSSK rip

Routing Table: MSSK

18


N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

+ - replicated route, % - next hop override

Gateway of last resort is not set 4.0.0.0/32 is subnetted, 1 subnets

R 4.4.4.4 [120/1] via 192.1.24.4, 00:00:15, FastEthernet2/0

R2#ping vrf MSSK 4.4.4.4 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:


R3#sh ip route vrf MSSK rip


D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route



5.0.0.0/32 is subnetted, 1 subnets R 5.5.5.5 [120/1] via 192.1.35.5, 00:00:21, FastEthernet2/0


Sending 5, 100-byte ICMP Echos to 5.5.5.55, timeout is 2 seconds: .

Success rate is 0 percent (0/1) R3#ping vrf MSSK 5.5.5.5 Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:

19


R2#sh bgp vpnv4 unicast all summary

BGP router identifier 2.2.2.2, local AS number 100 BGP table version is 12, main routing table version 12 4 network entries using 624 bytes of memory

4 path entries using 320 bytes of memory 4/4 BGP path/bestpath attribute entries using 576 bytes of memory

1 BGP extended community entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory

BGP using 1544 total bytes of memory BGP activity 6/2 prefixes, 6/2 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

3.3.3.3 4 100 92 93 12 0 0 01:18:58 2





*> 4.4.4.4/32 192.1.24.4 1 32768 ? *>i 5.5.5.5/32 3.3.3.3 1 100 0 ?

*> 192.1.24.0 0.0.0.0 0 32768 i *>i 192.1.35.0 3.3.3.3 0 100 0 i





*> 4.4.4.4/32 192.1.24.4 1 32768 ?

20

*> 192.1.24.0 0.0.0.0 0 32768 i


R3#sh bgp vpnv4 unicast all summary BGP router identifier 3.3.3.3, local AS number 100 BGP table version is 12, main routing table version 12

4 network entries using 624 bytes of memory 4 path entries using 320 bytes of memory

4/4 BGP path/bestpath attribute entries using 576 bytes of memory 1 BGP extended community entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory BGP using 1544 total bytes of memory

BGP activity 6/2 prefixes, 6/2 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down

State/PfxRcd 2.2.2.2 4 100 94 92 12 0 0 01:19:28 2



x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete

RPKI validation codes: V valid, I invalid, N Not found Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 100:1 (default for vrf MSSK) *>i 4.4.4.4/32 2.2.2.2 1 100 0 ?

*> 5.5.5.5/32 192.1.35.5 1 32768 ? *>i 192.1.24.0 2.2.2.2 0 100 0 i *> 192.1.35.0 0.0.0.0 0 32768 i

R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes




Route Distinguisher: 100:1 (default for vrf MSSK)

21

*> 5.5.5.5/32 192.1.35.5 1 32768 ? *> 192.1.35.0 0.0.0.0 0 32768 i


R4#sh ip route rip Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP





5.0.0.0/32 is subnetted, 1 subnets R 5.5.5.5 [120/1] via 192.1.24.2, 00:00:21, FastEthernet1/0

R 192.1.35.0/24 [120/1] via 192.1.24.2, 00:00:21, FastEthernet1/0

R4#ping 5.5.5.5 source lo0 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:


Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/36 ms R5#sh ip route rip




+ - replicated route, % - next hop override Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets

R 4.4.4.4 [120/1] via 192.1.35.3, 00:00:03, FastEthernet1/0 R 192.1.24.0/24 [120/1] via 192.1.35.3, 00:00:03, FastEthernet1/0


22



Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/24 ms R2#sh ip route vrf MSSK 4.4.4.4

Routing Table: MSSK

Routing entry for 4.4.4.4/32 Known via "rip", distance 120, metric 1 Redistributing via bgp 100, rip

Advertised by bgp 100 Last update from 192.1.24.4 on FastEthernet2/0, 00:00:13 ago

Routing Descriptor Blocks: * 192.1.24.4, from 192.1.24.4, 00:00:13 ago, via FastEthernet2/0 Route metric is 1, traffic share count is 1

R3#sh bgp vpnv4 unicast all 4.4.4.4/32

BGP routing table entry for 100:1:4.4.4.4/32, version 11 Paths: (1 available, best #1, table MSSK)

Not advertised to any peer Refresh Epoch 1 Local

2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2) Origin incomplete, metric 1, localpref 100, valid, internal, best

Extended Community: RT:100:1 mpls labels in/out nolabel/22 rx pathid: 0, tx pathid: 0x0

R5#sh ip route 4.4.4.4

Routing entry for 4.4.4.4/32 Known via "rip", distance 120, metric 1 Redistributing via rip

Last update from 192.1.35.3 on FastEthernet1/0, 00:00:21 ago Routing Descriptor Blocks:

* 192.1.35.3, from 192.1.35.3, 00:00:21 ago, via FastEthernet1/0 Route metric is 1, traffic share count is 1

R2 router rip

address-family ipv4 vrf MSSK no redistribute bgp 100 metric 1 redistribute bgp 100 metric transparent

23

R3 router rip

address-family ipv4 vrf MSSK no redistribute bgp 100 metric 1

redistribute bgp 100 metric transparent R2#sh ip route vrf MSSK 4.4.4.4

Routing Table: MSSK

Routing entry for 4.4.4.4/32 Known via "rip", distance 120, metric 1 Redistributing via bgp 100, rip

Advertised by bgp 100 Last update from 192.1.24.4 on FastEthernet2/0, 00:00:11 ago

Routing Descriptor Blocks: * 192.1.24.4, from 192.1.24.4, 00:00:11 ago, via FastEthernet2/0 Route metric is 1, traffic share count is 1

R3#sh bgp vpnv4 unicast all 4.4.4.4/32



2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2) Origin incomplete, metric 1, localpref 100, valid, internal, best

Extended Community: RT:100:1 mpls labels in/out nolabel/22 rx pathid: 0, tx pathid: 0x0

R5#sh ip route 4.4.4.4

Routing entry for 4.4.4.4/32 Known via "rip", distance 120, metric 2 Redistributing via rip



R5#sh ip route rip Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP


i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

24




R 4.4.4.4 [120/2] via 192.1.35.3, 00:00:23, FastEthernet1/0 R 192.1.24.0/24 [120/1] via 192.1.35.3, 00:00:23, FastEthernet1/0

25

MPLS L3VPN OSPF CE-PE

Network Diagram

S1/0 S1/0

F2/0

F1/0 F1/0

F2/0

S1/0 S1/1

R4 R5

R2 R3

R1

192.1

.24.0

/24

192.1

.35.0

/24

192.

1.12

.0/2

4 192.1.13.0/24

2.2.2.2/32

4.4.4.4/32Lo0

Lo0 Lo0

Lo0

Lo0

1.1.1.1/32

3.3.3.3/32

5.5.5.5/32

OSPF A0

OSPF A0

OSPF Area 0

IBGP

LSP

AS 100

Configurations

VRF Configuration

R2 vrf definition MSSK

rd 100:1 address-family ipv4



ip address 192.1.24.2 255.255.255.0

R3 vrf definition MSSK rd 100:1

address-family ipv4

26


int f2/0


IGP Configuration



network 192.1.13.1 0.0.0.0 area 0 R2



R3 router ospf 1


network 192.1.13.3 0.0.0.0 area 0 MPLS LDP Configuration

R1

mpls label protocol ldp mpls ldp router-id lo0 force

int s1/0 mpls ip

int s1/1 mpls ip

R2


int s1/0

27

mpls ip



mpls ip

MP-BGP Configuration R2

router bgp 100 no bgp default ipv4-unicast

neighbor 3.3.3.3 remote-as 100 neighbor 3.3.3.3 update-source lo0 address-family vpnv4


R3

router bgp 100 neighbor 2.2.2.2 remote-as 100 neighbor 2.2.2.2 update-source lo0

address-family vpnv4 neighbor 2.2.2.2 activate

neighbor 2.2.2.2 send-community both CE-PE routing Configuration

R2 router ospf 100 vrf MSSK

network 192.1.24.2 0.0.0.0 area 0




network 192.1.35.3 0.0.0.0 area 0

R5

28



VPN Configuration


redistribute bgp 100 subnets router bgp 100 address-family ipv4 vrf MSSK

redistribute ospf 100 vrf MSSK

R3 router ospf 100 vrf MSSK redistribute bgp 100 subnets


redistribute ospf 100 vrf MSSK

Verifications R1#show mpls ldp neighbor




192.1.12.2 2.2.2.2 Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0 TCP connection: 3.3.3.3.34974 - 1.1.1.1.646



192.1.13.3 3.3.3.3


Serial1/1 Yes (ldp) No No No Yes

29





192.1.12.1 192.1.13.1 1.1.1.1 R2#show mpls interfaces



TCP connection: 1.1.1.1.646 - 3.3.3.3.34974 State: Oper; Msgs sent/rcvd: 65/67; Downstream





R2#sh ip route vrf MSSK ospf

Routing Table: MSSK Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area





O 4.4.4.4 [110/2] via 192.1.24.4, 00:01:36, FastEthernet2/0

30

R2#ping vrf MSSK 4.4.4.4



R3#sh ip route vrf MSSK ospf

Routing Table: MSSK Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area





5.0.0.0/32 is subnetted, 1 subnets O 5.5.5.5 [110/2] via 192.1.35.5, 00:01:44, FastEthernet2/0









3.3.3.3 4 100 4831 4833 22 0 0 3d01h 2

31


BGP table version is 22, local router ID is 2.2.2.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed, Origin codes: i - IGP, e - EGP, ? - incomplete


Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 100:1 (default for vrf MSSK) *> 4.4.4.4/32 192.1.24.4 2 32768 ?

*>i 5.5.5.5/32 3.3.3.3 2 100 0 ? *> 192.1.24.0 0.0.0.0 0 32768 i

*>i 192.1.35.0 3.3.3.3 0 100 0 i R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes


r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter, x best-external, a additional-path, c RIB-compressed,



*> 4.4.4.4/32 192.1.24.4 2 32768 ? *> 192.1.24.0 0.0.0.0 0 32768 i


R3#sh bgp vpnv4 unicast all summary BGP router identifier 3.3.3.3, local AS number 100 BGP table version is 22, main routing table version 22

4 network entries using 624 bytes of memory 4 path entries using 320 bytes of memory

4/4 BGP path/bestpath attribute entries using 576 bytes of memory 3 BGP extended community entries using 104 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory BGP using 1624 total bytes of memory

BGP activity 10/6 prefixes, 10/6 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down

State/PfxRcd

32

2.2.2.2 4 100 4833 4832 22 0 0 3d01h 2





*>i 4.4.4.4/32 2.2.2.2 2 100 0 ? *> 5.5.5.5/32 192.1.35.5 2 32768 ?

*>i 192.1.24.0 2.2.2.2 0 100 0 i *> 192.1.35.0 0.0.0.0 0 32768 i





Route Distinguisher: 100:1 (default for vrf MSSK) *> 5.5.5.5/32 192.1.35.5 2 32768 ? *> 192.1.35.0 0.0.0.0 0 32768 i


R4#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface 192.1.24.2 1 FULL/BDR 00:00:37 192.1.24.2 FastEthernet1/0

R4#sh ip route ospf Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP



o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

33



5.0.0.0/32 is subnetted, 1 subnets O IA 5.5.5.5 [110/3] via 192.1.24.2, 00:02:27, FastEthernet1/0 O E2 192.1.35.0/24 [110/1] via 192.1.24.2, 00:02:57, FastEthernet1/0

R4#ping 5.5.5.5

Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: !!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 32/39/44 ms

R5#sh ip ospf neighbor Neighbor ID Pri State Dead Time Address Interface

192.1.35.3 1 FULL/BDR 00:00:39 192.1.35.3 FastEthernet1/0 R5#sh ip route ospf




+ - replicated route, % - next hop override Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets

O IA 4.4.4.4 [110/3] via 192.1.35.3, 00:03:00, FastEthernet1/0 O E2 192.1.24.0/24 [110/1] via 192.1.35.3, 00:03:01, FastEthernet1/0

R5#ping 4.4.4.4 Type escape sequence to abort.


R2#sh ip route vrf MSSK 4.4.4.4

Routing Table: MSSK Routing entry for 4.4.4.4/32

Known via "ospf 100", distance 110, metric 2, type intra area

34

Redistributing via bgp 100 Advertised by bgp 100



R3#sh bgp vpnv4 unicast all 4.4.4.4/32 BGP routing table entry for 100:1:4.4.4.4/32, version 21

Paths: (1 available, best #1, table MSSK) Not advertised to any peer Refresh Epoch 1

Local 2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)

Origin incomplete, metric 2, localpref 100, valid, internal, best Extended Community: RT:100:1 OSPF DOMAIN ID:0x0005:0x000000640200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.24.2:0

mpls labels in/out nolabel/22 rx pathid: 0, tx pathid: 0x0

35

MPLS L3VPN ISIS CE-PE Network Diagram

S1/0 S1/0

F2/0

F1/0 F1/0

F2/0

S1/0 S1/1

R4 R5

R2 R3

R1

192.1

.24.0

/24

192.1

.35.0

/24

192.

1.12

.0/2

4 192.1.13.0/24

2.2.2.2/32

4.4.4.4/32Lo0

Lo0 Lo0

Lo0

Lo0

1.1.1.1/32

3.3.3.3/32

5.5.5.5/32

ISIS L2

ISISL2

OSPF Area 0

IBGP

LSP

AS 100

Configurations

VRF Configuration





ip address 192.1.24.2 255.255.255.0


address-family ipv4

route-target export 100:1

36



IGP Configuration

R1 router ospf 1

router-id 1.1.1.1 network 1.1.1.1 0.0.0.0 area 0 network 192.1.12.1 0.0.0.0 area 0

network 192.1.13.1 0.0.0.0 area 0



R3

router ospf 1 router-id 3.3.3.3 network 3.3.3.3 0.0.0.0 area 0

network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration R1


int s1/0 mpls ip

int s1/1

mpls ip R2


int s1/0 mpls ip

37

R3


int s1/0 mpls ip

MP-BGP Configuration

R2 router bgp 100

no bgp default ipv4-unicast neighbor 3.3.3.3 remote-as 100

neighbor 3.3.3.3 update-source lo0 address-family vpnv4 neighbor 3.3.3.3 activate

neighbor 3.3.3.3 send-community both

R3 router bgp 100




R2 router isis 1 vrf MSSK

net 49.0001.0000.0000.0002.00 is-type level-2-only

int f2/0 ip router isis 1

R4

router isis 1 net 49.0001.0000.0000.0004.00 passive-interface lo0

is-type level-2-only

int f1/0

38

ip router isis 1

R3 router isis 1

vrf MSSK net 49.0001.0000.0000.0003.00 is-type level-2-only

int f2/0

ip router isis 1 R5

router isis 1 net 49.0001.0000.0000.0005.00

passive-interface lo0 is-type level-2-only

int f1/0 ip router isis 1

VPN Configuration

R2 router isis 1

vrf MSSK redistribute bgp 100 ip level-2


redistribute isis 1 ip level-2

R3 router isis 1 vrf MSSK

redistribute bgp 100 ip level-2

router bgp 100 address-family ipv4 vrf MSSK redistribute isis 1 ip level-2

Verifications


TCP connection: 2.2.2.2.38298 - 1.1.1.1.646

39



Addresses bound to peer LDP Ident: 192.1.12.2 2.2.2.2 Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0

TCP connection: 3.3.3.3.34974 - 1.1.1.1.646 State: Oper; Msgs sent/rcvd: 67/65; Downstream

Up time: 00:49:34 LDP discovery sources: Serial1/1, Src IP addr: 192.1.13.3

Addresses bound to peer LDP Ident: 192.1.13.3 3.3.3.3


Serial1/0 Yes (ldp) No No No Yes Serial1/1 Yes (ldp) No No No Yes


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0 TCP connection: 1.1.1.1.646 - 2.2.2.2.38298 State: Oper; Msgs sent/rcvd: 66/66; Downstream








Addresses bound to peer LDP Ident: 192.1.12.1 192.1.13.1 1.1.1.1


40


R2#sh ip route vrf MSSK isis






4.0.0.0/32 is subnetted, 1 subnets i L2 4.4.4.4 [115/10] via 192.1.24.4, 00:03:25, FastEthernet2/0



R3#sh ip route vrf MSSK isis








!!!!!

41


R2#sh bgp vpnv4 unicast all summary BGP router identifier 2.2.2.2, local AS number 100

BGP table version is 27, main routing table version 27 4 network entries using 624 bytes of memory 4 path entries using 320 bytes of memory

4/4 BGP path/bestpath attribute entries using 576 bytes of memory 1 BGP extended community entries using 24 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1544 total bytes of memory

BGP activity 12/8 prefixes, 12/8 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 3.3.3.3 4 100 4941 4943 27 0 0 3d02h 2






*>i 5.5.5.5/32 3.3.3.3 10 100 0 ? *> 192.1.24.0 0.0.0.0 0 32768 i

*>i 192.1.35.0 3.3.3.3 0 100 0 i R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes





*> 192.1.24.0 0.0.0.0 0 32768 i

42








2.2.2.2 4 100 4943 4941 27 0 0 3d02h 2





*>i 4.4.4.4/32 2.2.2.2 10 100 0 ? *> 5.5.5.5/32 192.1.35.5 10 32768 ?

*>i 192.1.24.0 2.2.2.2 0 100 0 i *> 192.1.35.0 0.0.0.0 0 32768 i





*> 5.5.5.5/32 192.1.35.5 10 32768 ?

43

*> 192.1.35.0 0.0.0.0 0 32768 i


R4#sh isis neighbors Tag 1:

System Id Type Interface IP Address State Holdtime Circuit Id R2 L2 Fa1/0 192.1.24.2 UP 28 R4.01

R4#show clns neighbors Tag 1:

System Id Interface SNPA State Holdtime Type Protocol R2 Fa1/0 ca01.7a82.0038 Up 25 L2 IS-IS

R4#show ip route isis Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area





5.0.0.0/32 is subnetted, 1 subnets i L2 5.5.5.5 [115/10] via 192.1.24.2, 00:43:29, FastEthernet1/0 i L2 192.1.35.0/24 [115/10] via 192.1.24.2, 00:44:36, FastEthernet1/0


Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: Packet sent with a source address of 4.4.4.4


R5#sh isis neighbors

Tag 1: System Id Type Interface IP Address State Holdtime Circuit Id

R3 L2 Fa1/0 192.1.35.3 UP 26 R5.01 R5#show clns neighbors

Tag 1:

44

System Id Interface SNPA State Holdtime Type Protocol R3 Fa1/0 ca02.7a92.0038 Up 24 L2 IS-IS

R5#show ip route isis






i L2 192.1.24.0/24 [115/10] via 192.1.35.3, 00:44:14, FastEthernet1/0

R5#ping 4.4.4.4 source lo0 Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds: Packet sent with a source address of 5.5.5.5 !!!!!


R2#sh ip route vrf MSSK 4.4.4.4 Routing Table: MSSK

Routing entry for 4.4.4.4/32 Known via "isis", distance 115, metric 10, type level-2

Redistributing via bgp 100, isis 1 Advertised by bgp 100 level-2 Last update from 192.1.24.4 on FastEthernet2/0, 00:47:28 ago

Routing Descriptor Blocks: * 192.1.24.4, from 4.4.4.4, 00:47:28 ago, via FastEthernet2/0

Route metric is 10, traffic share count is 1 R3#sh bgp vpnv4 unicast all 4.4.4.4/32



2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)

45

Origin incomplete, metric 10, localpref 100, valid, internal, best Extended Community: RT:100:1

mpls labels in/out nolabel/21 rx pathid: 0, tx pathid: 0x0

46

MPLS L3VPN BGP CE-PE Network Diagram

S1/0 S1/0

F2/0

F1/0 F1/0

F2/0

S1/0 S1/1

R4 R5

R2 R3

R1

192.1

.24.0

/24

192.1

.35.0

/24

192.

1.12

.0/2

4 192.1.13.0/24

2.2.2.2/32

4.4.4.4/32Lo0

Lo0 Lo0

Lo0

Lo0

1.1.1.1/32

3.3.3.3/32

5.5.5.5/32

BGP

OSPF Area 0

IBGP

LSP

AS 100

AS 1AS 1

Configurations

VRF Configuration





ip address 192.1.24.2 255.255.255.0


address-family ipv4

47


int f2/0


IGP Configuration



network 192.1.13.1 0.0.0.0 area 0 R2



R3 router ospf 1


network 192.1.13.3 0.0.0.0 area 0 MPLS LDP Configuration

R1


int s1/0 mpls ip

int s1/1 mpls ip

R2


int s1/0

48

mpls ip



mpls ip

MP-BGP Configuration R2

router bgp 100 no bgp default ipv4-unicast



R3


neighbor 2.2.2.2 update-source lo0 address-family vpnv4



R2


neighbor 192.1.24.4 remote-as 1 neighbor 192.1.24.4 activate network 192.1.24.0 mask 255.255.255.0

R4


address-family ipv4 neighbor 192.1.24.2 activate

network 4.4.4.4 mask 255.255.255.255

49

R3


neighbor 192.1.35.5 remote-as 1 neighbor 192.1.35.5 activate network 192.1.35.0 mask 255.255.255.0

R5


address-family ipv4 neighbor 192.1.35.3 activate

network 5.5.5.5 mask 255.255.255.255 Verifications

R2#sh ip route vrf MSSK bgp

Routing Table: MSSK





4.0.0.0/32 is subnetted, 1 subnets B 4.4.4.4 [20/0] via 192.1.24.4, 00:05:47


B 192.1.35.0/24 [200/0] via 3.3.3.3, 00:00:33 R2#ping vrf MSSK 4.4.4.4




50



R3#sh ip route vrf MSSK bgp







5.0.0.0/32 is subnetted, 1 subnets B 5.5.5.5 [20/0] via 192.1.35.5, 00:04:13 B 192.1.24.0/24 [200/0] via 2.2.2.2, 00:01:47


Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds: !!!!!




R4#sh ip bgp BGP table version is 4, local router ID is 4.4.4.4



51

Network Next Hop Metric LocPrf Weight Path *> 4.4.4.4/32 0.0.0.0 0 32768 i

r> 192.1.24.0 192.1.24.2 0 0 100 i *> 192.1.35.0 192.1.24.2 0 100 i

R5#sh ip bgp BGP table version is 4, local router ID is 5.5.5.5




*> 5.5.5.5/32 0.0.0.0 0 32768 i *> 192.1.24.0 192.1.35.3 0 100 i r> 192.1.35.0 192.1.35.3 0 0 100 i

As we can see from last two outputs above, neither R4 or R5 learned each other

loopback networks, let us check if they are advertised from the PE side toward each of them

R2#sh bgp vpnv4 unicast vrf MSSK neighbors 192.1.24.4 advertised-routes BGP table version is 7, local router ID is 2.2.2.2




Route Distinguisher: 100:1 (default for vrf MSSK) *>i 5.5.5.5/32 3.3.3.3 0 100 0 1 i *> 192.1.24.0 0.0.0.0 0 32768 i

*>i 192.1.35.0 3.3.3.3 0 100 0 i

Total number of prefixes 3 R3#sh bgp vpnv4 unicast vrf MSSK neighbors 192.1.35.5 advertised-routes




52


Route Distinguisher: 100:1 (default for vrf MSSK) *>i 4.4.4.4/32 2.2.2.2 0 100 0 1 i

*>i 192.1.24.0 2.2.2.2 0 100 0 i *> 192.1.35.0 0.0.0.0 0 32768 i


As seen, the PE routers learn those routes for both CEs and advertise toward them as well, so what is the issue? Let us turn debug on R4 for coming BGP updates and see what the output can tells

us

R4 debug ip bgp updates clear ip bgp * in

*Sep 13 03:10:27.647: BGP(0): 192.1.24.2 rcv UPDATE about 5.5.5.5/32 --

DENIED due to: AS-PATH contains our own AS;

So the issue is clear now, BGP speaker will not accept an update that contains its own AS number, so what could we do? We can use the as-override feature from the PE side toward each CE

R2

router bgp 100 address-family ipv4 vrf MSSK neighbor 192.1.24.4 as-override

clear ip bgp * out

R3 router bgp 100

address-family ipv4 vrf MSSK neighbor 192.1.35.5 as-override

clear ip bgp * out

R4# *Sep 13 03:13:11.819: BGP(0): 192.1.24.2 rcvd UPDATE w/ attr: nexthop

192.1.24.2, origin i, merged path 100, AS_PATH R4#sh ip bgp

BGP table version is 5, local router ID is 4.4.4.4

53




*> 4.4.4.4/32 0.0.0.0 0 32768 i *> 5.5.5.5/32 192.1.24.2 0 100 100 i

r> 192.1.24.0 192.1.24.2 0 0 100 i *> 192.1.35.0 192.1.24.2 0 100 i


Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds: Packet sent with a source address of 4.4.4.4 !!!!!


R4#traceroute 5.5.5.5 source lo0 numer Type escape sequence to abort.

Tracing the route to 5.5.5.5 VRF info: (vrf in name/id, vrf out name/id) 1 192.1.24.2 [AS 100] 16 msec 12 msec 4 msec

2 192.1.12.1 [MPLS: Labels 17/20 Exp 0] 32 msec 16 msec 20 msec 3 192.1.35.3 [AS 100] [MPLS: Label 20 Exp 0] 16 msec 16 msec 20 msec

4 192.1.35.5 [AS 100] 20 msec * 24 msec R5#sh ip bgp




Network Next Hop Metric LocPrf Weight Path *> 4.4.4.4/32 192.1.35.3 0 100 100 i *> 5.5.5.5/32 0.0.0.0 0 32768 i

*> 192.1.24.0 192.1.35.3 0 100 i r> 192.1.35.0 192.1.35.3 0 0 100 i


Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:

54



R5#traceroute 4.4.4.4 source lo0 numeric Type escape sequence to abort. Tracing the route to 4.4.4.4

VRF info: (vrf in name/id, vrf out name/id) 1 192.1.35.3 [AS 100] 16 msec 8 msec 4 msec

2 192.1.13.1 [MPLS: Labels 16/22 Exp 0] 20 msec 24 msec 20 msec 3 192.1.24.2 [AS 100] [MPLS: Label 22 Exp 0] 16 msec 16 msec 16 msec 4 192.1.24.4 [AS 100] 32 msec * 16 msec

55

MPLS Tunneling

Network Diagram

R4

R3 R6

R7

R8

R2

R5

F0/0

F0/1

F0/1

F0/1

F0/1

F0/0

F0/0

F0/0

F0/0

F0/0

F0/1

MPLS Backbone

ISIS Area 49.0001

R1

F0/0

F0/1

F0/0

Configurations

IGP Configuration

R2

router isis 1

net 49.0000.0000.0000.0002.00


passive-interface Loopback0

56

interface FastEthernet0/1

ip router isis 1

R3

router isis 1

net 49.0000.0000.0000.0003.00




ip router isis 1


ip router isis 1

R4

router isis 1

net 49.0000.0000.0000.0004.00




ip router isis 1


ip router isis 1

R5

router isis 1

net 49.0000.0000.0000.0005.00




ip router isis 1


ip router isis 1

57

R6

router isis 1

net 49.0000.0000.0000.0006.00




ip router isis 1


ip router isis 1

R7

router isis 1

net 49.0000.0000.0000.0007.00




ip router isis 1


R2

mpls label protocol ldp



mpls ip

R3




mpls ip


58

mpls ip

R4




mpls ip


mpls ip

R5




mpls ip


mpls ip

R6




mpls ip


mpls ip

R7




mpls ip

59

BGP Configuration

R1

router bgp 1

no bgp default ipv4-unicast

neighbor 192.168.12.2 remote-as 100

address-family ipv4

neighbor 192.168.12.2 activate

network 1.1.1.1 mask 255.255.255.255

R2

router bgp 100




neighbor 7.7.7.7 update-source lo0

address-family ipv4



neighbor 7.7.7.7 next-hop-self

R8

router bgp 20



R8address-family ipv4


network 8.8.8.8 mask 255.255.255.255

R7

router bgp 100




neighbor 2.2.2.2 update-source lo0

address-family ipv4



60

neighbor 2.2.2.2 next-hop-self

Verification

R1#sh ip bgp summary

BGP router identifier 1.1.1.

Documents

MPLS Handbook