Tutorial about MPLS Implementation with Cisco Router, this second of two chapter discuss about MPLS Configuration, LDP Configuration, VPN Services, L2VPN (VLL & VPLS) and L3VPN (VPRN).
it also contain case study and implementation of VLL, VPLS, and VPRN
3. After all IGP (interior gateway protocol, OSPF)
run on all routers, and each router know each
other end to end, the next step is to
implement MPLS feature. Kindly remember
that MPLS is just a feature, it is NOT a new
routing protocol. This feature is used so each
router can exchange packets based on label,
not IP Lookup anymore.
4. To enable MPLS feature on the routers (P & PE), the step-by-
step needs to be done are:
Enable cef (cisco express forwarding), forwarding feature from
cisco
Define Label Protocol that will be used. There are 3 protocols
in here, first on is LSP (static Label Switched Path), LDP (Label
Distribution Protocol, dynamic, the LDP path follows IGP
(OSPF)), and the last one is RSVP (Reservation Protocol), used
to manipulate standard path by LDP, usually RSVP used to
maximize unused path in IGP or Traffic Engineering purpose.
Define router-id that will be used by LDP, the loopback IP
address usually used by router-id, because loopback interface
is stable, and never down. Make sure this loopback ip can be
reached from all routers.
The last one, enable MPLS on each backbone interface.
5. Detail commands can be described below :
ip cef (to enable cisco express forwarding)
mpls label protocol ldp (enable ldp protocol)
mpls ldp router-id loopback 0 force (use
loopback as router-id)
interface FastEthernet0/0
ip address x.x.x.x y.y.y.y
no shutdown
mpls ip (enable mpls feature on the interface)
6. PRJKTKPI01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PRJKTKPI01
interface Loopback0
ip address 10.0.0.1 255.255.255.255
!
interface FastEthernet0/0
description to PRJKTKPI02 f0/0
ip address 10.10.10.1 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PRKALBJM01 f0/1
ip address 10.10.10.14 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet1/0
description to PEJKTKPI01 f0/1
no switchport
ip address 10.10.20.1 255.255.255.252
duplex full
speed 100
mpls ip
!
interface FastEthernet1/1
description to PEBTNTGR01 f0/0
no switchport
ip address 10.10.20.5 255.255.255.252
duplex full
speed 100
mpls ip
PRJKTKPI02:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PRJKTKPI02
interface Loopback0
ip address 10.0.0.2 255.255.255.255
!
interface FastEthernet0/0
description to PRJKTKPI01 f0/0
ip address 10.10.10.2 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PRJTMSBY01 f0/1
ip address 10.10.10.5 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet1/0
description to PEJKTKPI02 f0/1
no switchport
ip address 10.10.20.22 255.255.255.252
duplex full
speed 100
mpls ip
!
interface FastEthernet1/0
description PEJBRBKS01 f0/0
no switchport
ip address 10.10.20.18 255.255.255.252
duplex full
speed 100
mpls ip
PEJKTKPI01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEJKTKPI01
interface Loopback0
ip address 10.0.0.3 255.255.255.255
!
interface FastEthernet0/0
description to PEJKTKPI02 f0/0
ip address 10.10.20.25 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PRJKTKPI01 f1/0
ip address 10.10.20.2 255.255.255.252
speed 100
full-duplex
mpls ip
7. PEJKTKPI02:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEJKTKPI02
interface Loopback0
ip address 10.0.0.4 255.255.255.255
!
interface FastEthernet0/0
description PEJKTKPI01 f0/0
ip address 10.10.20.26 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description PRJKTKPI02 f1/0
ip address 10.10.20.21 255.255.255.252
speed 100
full-duplex
mpls ip
PEBTNTGR01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEBTNTGR01
interface Loopback0
ip address 10.0.0.5 255.255.255.255
!
interface FastEthernet0/0
description to PEJKTKPI01 f1/0
ip address 10.10.20.6 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PEJBRBGR01 f0/1
ip address 10.10.20.9 255.255.255.252
speed 100
full-duplex
mpls ip
PEJBRBGR01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEJBRBGR01
interface Loopback0
ip address 10.0.0.7 255.255.255.255
!
interface FastEthernet0/0
description to PEJBRBKS01 f0/1
ip address 10.10.20.13 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PEBTNTGR01 f0/1
ip address 10.10.20.10 255.255.255.252
speed 100
full-duplex
mpls ip
8. PEJBRBKS01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEJBRBKS01
interface Loopback0
ip address 10.0.0.6 255.255.255.255
!
interface FastEthernet0/0
description to PEJKTKPI02 f1/0
ip address 10.10.20.17 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PEJBRBGR01 f0/0
ip address 10.10.20.14 255.255.255.252
speed 100
full-duplex
mpls ip
PRJTMSBY01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PRJTMSBY01
interface Loopback0
ip address 10.0.0.8 255.255.255.255
!
interface FastEthernet0/0
description to PRKALBJM01 f0/0
ip address 10.10.10.9 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PRJKTKPI02 f0/1
ip address 10.10.10.6 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet1/0
description to PEJTMSBY01 f0/0
no switchport
ip address 10.10.30.1 255.255.255.252
duplex full
speed 100
mpls ip
!
interface FastEthernet1/1
description to PEJTMMDN01 f0/0
no switchport
ip address 10.10.30.14 255.255.255.252
duplex full
speed 100
mpls ip
PEJTMSBY01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEJTMSBY01
interface Loopback0
ip address 10.0.0.9 255.255.255.255
!
interface FastEthernet0/0
description to PRJTMSBY01 f1/0
ip address 10.10.30.2 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PEJTMMLG01 f0/0
ip address 10.10.30.5 255.255.255.252
speed 100
full-duplex
mpls ip
9. PEJTMMLG01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEJTMMLG01
interface Loopback0
ip address 10.0.0.10 255.255.255.255
!
interface FastEthernet0/0
description to PEJTMSBY01 f0/1
ip address 10.10.30.6 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PEJTMMDN01 f0/1
ip address 10.10.30.9 255.255.255.252
speed 100
full-duplex
mpls ip
PEJTMMDN01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEJTMMDN01
interface Loopback0
ip address 10.0.0.11 255.255.255.255
!
interface FastEthernet0/0
description to PRJTMSBY01 f1/1
ip address 10.10.30.13 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PEJTMMLG01 f0/1
ip address 10.10.30.10 255.255.255.252
speed 100
full-duplex
mpls ip
!
PRKALBJM01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PRKALBJM01
interface Loopback0
ip address 10.0.0.12 255.255.255.255
!
interface FastEthernet0/0
description to PRJTMSBY01 f0/0
ip address 10.10.10.10 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PRJKTKPI01 f0/1
ip address 10.10.10.13 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet1/0
description to PEKALBJM01 f0/0
no switchport
ip address 10.10.40.1 255.255.255.252
duplex full
speed 100
mpls ip
!
interface FastEthernet1/1
description to PEKALBJM01 f0/1
no switchport
ip address 10.10.40.5 255.255.255.252
duplex full
speed 100
mpls ip
10. PEKALBJM01:
ip cef
mpls label protocol ldp
mpls ldp router-id loopback 0 force
hostname PEKALBJM01
interface Loopback0
ip address 10.0.0.13 255.255.255.255
!
interface FastEthernet0/0
description to PRKALBJM01 f1/0
ip address 10.10.40.2 255.255.255.252
speed 100
full-duplex
mpls ip
!
interface FastEthernet0/1
description to PRKALBJM01 f1/1
ip address 10.10.40.6 255.255.255.252
speed 100
full-duplex
mpls ip
11. Don’t forget to save router configuration by
typing :
“copy running-config startup-config”.
12. Verify configuration : from privileged mode,
type “show run”, check on the interface, make
sure all configuration were entered.
13. Verify mpls interface, make sure operational,
and use LDP protocol.
14. Next one, check to the neighbor by typing
“show mpls ldp neighbor”, make sure
neighbor LDP is running. Can be checked from
uptime, state, message sent-received
15. After that, check the forwarding table, from
here we can see the the label routing process
(pop, swap, push), next hop, and the outgoing
interface.
16. The last step is lsp ping & trace, is a function
to do ping & trace based on LSP (Label
Switched Path) that already generated.
17. By this LSP trace & ping feature, we can know
the hop that passed by MPLS labels.
18. In this part, we will discuss about services that
run on MPLS, it is VPN (Virtual Private Network).
With this VPN service, allowing IP reuse in the
MPLS cloud without crashing each others.
The VPN services in MPLS globally divided by 2
types, there are:
1. L2VPN (Layer 2 Virtual Private Network)
2. L3VPN (Layer 3 Virtual Private Network).
19. 1. L2VPN
› L2VPN is a private layer 2 virtual network,
where it looks like CE were connected each
other directly. So it is possible to allow of
using the same subnet between CE.
2. L3VPN
› L3VPN is a private layer 3 virtual network, that
run under layer 3, where PE router in service
provider side also do routing towards client.
20. L2VPN
The L2VPN service itself were divided to 2
types::
VLL (Virtual Leased Line) or usually known as
Atom (Any Transport to MPLS), or Pseudowire
Service
VPLS (Virtual Private LAN Service)
21. VLL base is Point to Point, so when VLL service
created, there will be only 2 points, it’s near
end & far end. VLL also can emulate E1
interface, SDH, Serial, etc into MPLS.
Service Provider Network
HQ Router Company B
Branch Router Company B
10.10.10.1/30
10.10.10.2/30
Peer to Peer Tunnel Service for Company B
HQ Router Company A Branch Router Company A
PE PE
Peer to Peer Tunnel Service for Company A
10.10.10.1/30 10.10.10.1/30
22. In VLL service, PE Router only works as Tunnel
Provider between CE in the different VPN
services.
IP reuse can be used in VLL service, where it
looks like between CE were in the same
subnet, connected directly without knowing
that PE router were in the middle of the
connection.
23. VPLS connection can be Point to Point, or Point to
Multipoint, so when VPLS service were created, it
can be configured one point as the main center, and
the other point as distribution link.
24. In this VPLS service, PE Router act as same as
VLL services, but in this case, PE can do lot
more Peering, so it can create multipoint
cloud. IP reuse also can be implemented
between CE. Where it looks like between CE
were in the same subnet, connected directly
without knowing that PE router were in the
middle of the connection.
25. L3VPN or in other word VPRN (Virtual Private Routed
Network) is a layer 3 virtual private networks. Where
PE router in the Service Provider network also do
routing towards client. So each PE-CE connection
needs its own IP block.
HQ Router
Company B
Branch Router 1
Company B
10.10.10.2/30
10.10.30.2/30
Layer 3 Tunnel Service for Customer B
Branch Router 2
Company B
10.10.20.2/30
Layer 3 Tunnel Service for Customer B
PE
10.10.10.1/30
10.10.20.1/30
10.10.30.1/30
Layer 3 Tunnel Service for Customer A
PEPE
Branh Router 1
Company A
HQ Router
Company A
10.10.10.2/30
10.10.10.1/30
10.10.30.2/30
10.10.30.1/30
26. Unlike the two previous services, on VPRN, PE
router act as default gateway for each CE, so
CE can communicate with other cloud. This
system usually called as VRF (Virtual Router
Forwarding). IP also can be used and not
crashed each others because each service run
on different VRF (Virtual Routing Forwarding).
28. IT OSS team were doing some DRC (Disaster Recovery
Center) implementation trial for their Database Server.
There are 2 servers in the Tangerang and Banjarmasin
that needs to be connected and synchronize data
realtime.
Server act as main & backup, main side served by
Tangerang, and backup side in Banjarmasin.
Banjarmasin were chosen as backup because the city
doesn’t have disaster history so it is very eligible to act
as backup center.
Service that they want is VLL.
IP block that will be used : Point to Point 172.16.1.0/30.
29. Service Provider Network
172.16.1.1/30 172.16.1.2/30
Peer to Peer Tunnel Service for OSS DRC
PE Tangerang
PEBTNTGR01
PE Kalimantan
PEKALBJM01
Server#1
Tangerang
Server#2
Banjarmasin
30. From requirement above, team will alocate 1
port Fast-Ethernet in the router to connect to
the Server
PEBTNTGR01
Loopback0 10.0.0.5/32
Fa0/0 To DBServer #1 Gi 0/0 VLL 100 DBServer #1 Gi 0/0 VLL
Fa0/1
Fa1/0 To PRJKTKPI01 Fa1/3 10.10.20.6/30 PRJKTKPI01 Fa1/3 10.10.20.5/30
Fa1/1 To PEJBRBGR01 Fa1/1 10.10.20.9/30 PEJBRBGR01 Fa1/1 10.10.20.10/30
PEKALBJM01
Loopback0 10.0.0.13/32
Fa0/0 To DBServer #2 Gi 0/0 VLL 100 DBServer #2 Gi 0/0 VLL
Fa0/1
Fa1/0 To PRKALBJM01 Fa1/2 10.10.40.2/30 PRKALBJM01 Fa1/2 10.10.40.1/30
Fa1/1 To PRKALBJM01 Fa1/3 10.10.40.6/30 PRKALBJM01 Fa1/3 10.10.40.5/30
31. From connection table above, Server2 Gi0/0
will connect to PEKALBJM01 Fa0/0, and Server
1 Gi0/0 will connect to PEBTNTGR01 Fa0/0
32. We do configuration only at the PEs, because P
Router doesn’t have any services and P Router
only do label swapping process.
Command needs to be added to interface
towards server xconnect x.x.x.x yyy encapsulation
mpls
x.x.x.x = Target PE ip address
yyyy = virtual circuit number, must be unique
and different on each customer/service
33. PEBTNTGR01 :
interface FastEthernet0/0
description To DBServer#1 Gi0/0
no ip address
duplex auto
speed auto
xconnect 10.0.0.13 100 encapsulation mpls
end
PEKALBJM01 :
interface FastEthernet0/0
description To DBServer#2 Gi0/0
no ip address
duplex auto
speed auto
xconnect 10.0.0.5 100 encapsulation mpls
end
34.
35.
36. Make sure correct peering on both side, and
make sure all the status is up on each PE
router by typing “show mpls l2transport vc
100”
37. With command “show mpls l2transport vc 100
detail”, we can check status, incoming and
outgoing packets from the VLL Service
38. After verification passed, try to ping from
Server#1 to Server#2 and vice versa.
Ping test from Server 1
41. 3 NMS servers on different location (Surabaya,
Malang, Madiun) needs to be connected each
other. To allow single subnet usage, the
connection should be based on Layer 2 so there is
no routing needed to reach each others.
The user request VPLS technology to reach this
goal.
The user ask to create full meshed point to
multipoint to provide layer 2 redundancy.
IP Block that will be used is 172.16.1.0/24
42.
43. From requirement above, team will alocate 1
port Fast-Ethernet in the router to connect to
each NMS Server
Area Site Name Device Name Interface Description IP Address Peer device Peer Interface Peer IP Address
Loopback0 10.0.0.9/32
Fa0/0 To NMS#1 Fa 0 VPLS NMS NMS#1 Fa 0 172.16.1.1/24
Fa0/1
Fa1/0 To PRJTMSBY01 Fa1/2 10.10.30.2/30 PRJTMSBY01 Fa1/2 10.10.30.1/30
Fa1/1 To PEJTMMLG01 Fa1/0 10.10.30.5/30 PEJTMMLG01 Fa1/0 10.10.30.6/30
Loopback0 10.0.0.10/32
Fa0/0 To NMS#2 Fa 0 VPLS NMS NMS#2 Fa 0 172.16.1.2/24
Fa0/1
Fa1/0 To PEJTMSBY01 Fa1/1 10.10.30.6/30 PEJTMSBY01 Fa1/1 10.10.30.5/30
Fa1/1 To PEJTMMDN01 Fa1/1 10.10.30.9/30 PEJTMMDN01 Fa1/1 10.10.30.10/30
Loopback0 10.0.0.11/32
Fa0/0 To NMS#3 Fa 0 VPLS NMS NMS#3 Fa 0 172.16.1.3/24
Fa0/1
Fa1/0 To PRJTMSBY01 Fa1/3 10.10.30.13/30 PRJTMSBY01 Fa1/3 10.10.30.14/30
Fa1/1 To PEJTMMLG01 Fa1/1 10.10.30.10/30 PEJTMMLG01 Fa1/1 10.10.30.19/30
PEJTMSBY01PEJTMMDN01
Madiun
Local Side Remote Side
PEJTMMLG01
SurabayaMalang
44. From connection table described before, NMS1
Fa0 will connect to PEJTMSBY01 Fa0/0, NMS2
Fa0 will connect to PEJTMMLG01 Fa0/0, and
NMS3 Fa0 will connect to PEJTMMDN01 Fa0/0
45. VPLS Configuration can be described below :
1. create L2 VFI name
2. define VPN id
3. define target peer neighbor
4. assign interface towards CE to VFI
46. Example :
l2 vfi cust-one manual
vpn id 1
neighbor 1.1.1.1 encapsulation mpls
neighbor 2.2.2.2 encapsulation mpls
!
Interface FastEthernet0/0
no ip address
xconnect vfi cust-one
!
47. PEJTMSBY01
l2 vfi NMS_NETWORKS manual
vpn id 1
neighbor 10.0.0.10 encapsulation mpls
neighbor 10.0.0.11 encapsulation mpls
!
interface FastEthernet0/0
description to CE
no ip address
xconnect vfi NMS_NETWORKS
PEJTMMLG01
l2 vfi NMS_NETWORKS manual
vpn id 1
neighbor 10.0.0.9 encapsulation mpls
neighbor 10.0.0.11 encapsulation mpls
!
interface FastEthernet0/0
description to CE
no ip address
xconnect vfi NMS_NETWORKS
PEJTMMDN01
l2 vfi NMS_NETWORKS manual
vpn id 1
neighbor 10.0.0.9 encapsulation mpls
neighbor 10.0.0.10 encapsulation mpls
!
interface FastEthernet0/0
description to CE
no ip address
xconnect vfi NMS_NETWORKS
48. Verify the VPLS status by typing “show vfi
NMS_NETWORKS”
PEJTMSBY01#show vfi NMS_NETWORKS
VFI name: NMS_NETWORKS, state: up
Local attachment circuits:
FastEthernet0/0
Neighbors connected via pseudowires:
10.0.0.10 10.0.0.11
PEJTMMLG01#show vfi NMS_NETWORKS
VFI name: NMS_NETWORKS, state: up
Local attachment circuits:
FastEthernet0/0
Neighbors connected via pseudowires:
10.0.0.9 10.0.0.11
PEJTMSBY01#show vfi NMS_NETWORKS
VFI name: NMS_NETWORKS, state: up
Local attachment circuits:
FastEthernet0/0
Neighbors connected via pseudowires:
10.0.0.9 10.0.0.10
53. ABC Corporate Networks needs to be connected
each others. from Bekasi, Bogor, and Tangerang
branch.
Each location have different network address.
Bekasi = 192.168.1.0/24
Bogor = 192.168.2.0/24
Tangerang = 192.168.3.0/24
The user request VPRN technology to allow each
network to reach others.
PE-CE Point to Point IP that will be used are :
1. PE-CE Bekasi = 172.16.1.0/30
2. PE-CE Bogor = 172.16.1.4/30
3. PE-CE Tangerang = 172.16.1.8/30
54.
55. From requirement above, team will alocate 1 port
Fast-Ethernet in the router to connect to each NMS
Server.
We wont use PEBTNTGR01 Fa0/0 because already
used by VLL case before.
Device Name Interface Description IP Address Peer device Peer InterfacePeer IP Address Remark
Loopback0 10.0.0.5/32
Fa0/0 To DBServer #1 Gi 0/0 VLL 100 DBServer #1 Gi 0/0 172.16.1.1/30 Service VLL 100
Fa0/1 To CE_ABC_TGR Fa0/0 172.16.1.9/30 CE_ABC_TGR Fa0/0 172.16.1.10/30 Service VPRN ABC
Fa1/0 To PRJKTKPI01 Fa1/3 10.10.20.6/30 PRJKTKPI01 Fa1/3 10.10.20.5/30 Backbone Interface
Fa1/1 To PEJBRBGR01 Fa1/1 10.10.20.9/30 PEJBRBGR01 Fa1/1 10.10.20.10/30 Backbone Interface
Loopback0 10.0.0.6/32
Fa0/0 To CE_ABC_BKS Fa0/0 172.16.1.1/30 CE_ABC_BKS Fa0/0 172.16.1.2/30 Service VPRN ABC
Fa0/1
Fa1/0 To PRJKTKPI02 Fa1/3 10.10.20.17/30 PRJKTKPI02 Fa1/3 10.10.20.18/30 Backbone Interface
Fa1/1 To PEJBRBGR01 Fa1/0 10.10.20.14/30 PEJBRBGR01 Fa1/0 10.10.20.13/30 Backbone Interface
Loopback0 10.0.0.7/32
Fa0/0 To CE_ABC_BGR Fa0/0 172.16.1.3/30 CE_ABC_BGR Fa0/0 172.16.1.4/30 Service VPRN ABC
Fa0/1
Fa1/0 To PEJBRBKS01 Fa1/1 10.10.20.13/30 PEJBRBKS01 Fa1/1 10.10.20.14/30 Backbone Interface
Fa1/1 To PEBTNTGR01 Fa1/1 10.10.20.10/30 PEBTNTGR01 Fa1/1 10.10.20.9/30 Backbone Interface
PEJBRBGR01
Local Side Remote Side
PEBTNTGR01PEJBRBKS01
56. From connection table described before,
CE_ABC_BKS Fa0 will connect to PEJBRBKS01
Fa0/0, CE_ABC_BGR Fa0 will connect to
PEJBRBGR01 Fa0/0, and CE_ABC_TGR Fa0 will
connect to PEBTNMDN01 Fa0/1
57. There are 5 steps to configure VPRN services on
cisco router:
1. Configure VRF, RD & RT
2. Configure BGP neighborship between each
service
3. Configure MP-BGP to allow each VRF
communicate each other
4. Import/redistribute routing (if any configured)
5. Apply VRF to desired interface
58. ip vrf xxx : vrf name, locally significant
rd : route distinguisher, process id for vrf
name above, locally significant
rt : route target, process id to be exported &
imported through network
PEJBRBKS01
ip vrf ABC_CORP
rd 1:1
route-target export 1:1
route-target import 1:1
!
PEJBRBGR01
ip vrf ABC_CORP
rd 1:1
route-target export 1:1
route-target import 1:1
!
PEJBRTGR01
ip vrf ABC_CORP
rd 1:1
route-target export 1:1
route-target import 1:1
!
59. BGP Neighborship is needed to allow MP-BGP*
communicate to each other and pass ip vrf through
networks.
*MP-BGP = Multi Protocol BGP, extension of BGP
Protocol
BGP Number :
0 & 65535 = reserved, asn 0 for non-routed networks
64496-64511 = reserved for use in documentation
and sample code.
64512-65534 = private purpose
Others = Assigned by IANA (www.iana.org)
64. Because in this case we use static route, we
also need to add static route in VRF to allow
PE know the networks behind CE.
PEJBRBKS01, PEJBRBGR01, PEBTNTGR01 :
ip route vrf ABC_CORP 192.168.1.0 255.255.255.0 172.16.1.2
ip route vrf ABC_CORP 192.168.2.0 255.255.255.0 172.16.1.6
ip route vrf ABC_CORP 192.168.3.0 255.255.255.0 172.16.1.10
65. Last thing, configure interface where we will
attach vrf.PEJBRBKS01
interface FastEthernet0/0
ip vrf forwarding ABC_CORP
ip address 172.16.1.1 255.255.255.252
duplex auto
speed auto
!
PEJBRBGR01
interface FastEthernet0/0
ip vrf forwarding ABC_CORP
ip address 172.16.1.5 255.255.255.252
duplex auto
speed auto
!
PEBTNTGR01
interface FastEthernet0/1
ip vrf forwarding ABC_CORP
ip address 172.16.1.9 255.255.255.252
duplex auto
speed auto
!
66. Make sure VRF peering is up and recognized,
and VRF ip routing is shown up in the PE.
Use command “show ip route vrf ABC_CORP”
67. On CE side, configure IP address to Service
Provider and to LAN.
CE_ABC_BGR
interface Ethernet0
description to SW_ABC_BGR Fa1
ip address 192.168.2.1 255.255.255.0
half-duplex
!
interface FastEthernet0
description to SP_gateway
ip address 172.16.1.6 255.255.255.252
speed auto
!
ip route 0.0.0.0 0.0.0.0 172.16.1.5
CE_ABC_BKS
interface Ethernet0
description to SW_ABC_BKS Fa1
ip address 192.168.1.1 255.255.255.0
half-duplex
!
interface FastEthernet0
description to SP_gateway
ip address 172.16.1.2 255.255.255.252
speed auto
!
ip route 0.0.0.0 0.0.0.0 172.16.1.1
68. CE_ABC_TGR
interface Ethernet0
description to SW_ABC_TGR Fa1
ip address 192.168.3.1 255.255.255.0
half-duplex
!
interface FastEthernet0
description to SP_gateway
ip address 172.16.1.10 255.255.255.252
speed auto
!
ip route 0.0.0.0 0.0.0.0 172.16.1.9