mpls deployment chapter 2 - services1

7/29/2019 MPLS Deployment Chapter 2 - Services1

1/73

Muhammad Syarifuddin, CCNA, CCNP, NRS-1

http://id.linkedin.com/in/syarifuddin
http://id.linkedin.com/in/syarifuddinhttp://id.linkedin.com/in/syarifuddinhttp://id.linkedin.com/in/syarifuddin


2/73

Chapter 1 Basic :http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1

Chapter 2 Services :http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1

Chapter 3 Optimization :http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimization
http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-3-optimizationhttp://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-2-services1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1http://www.slideshare.net/ariefcakep/mpls-deployment-chapter-1-basic1


3/73

After all IGP (interior gateway protocol, OSPF)run on all routers, and each router know eachother end to end, the next step is toimplement MPLS feature. Kindly remember

that MPLS is just a feature, it is NOT a newrouting protocol. This feature is used so eachrouter can exchange packets based on label,not IP Lookup anymore.


4/73

To enable MPLS feature on the routers (P & PE), the step-by-step needs to be done are:

Enable cef (cisco express forwarding), forwarding feature fromcisco

Define Label Protocol that will be used. There are 3 protocols

in here, first on is LSP (static Label Switched Path), LDP (LabelDistribution Protocol, dynamic, the LDP path follows IGP(OSPF)), and the last one is RSVP (Reservation Protocol), usedto manipulate standard path by LDP, usually RSVP used tomaximize unused path in IGP or Traffic Engineering purpose.

Define router-id that will be used by LDP, the loopback IPaddress usually used by router-id, because loopback interfaceis stable, and never down. Make sure this loopback ip can bereached from all routers.

The last one, enable MPLS on each backbone interface.


5/73

Detail commands can be described below : ip cef (to enable cisco express forwarding)

mpls label protocol ldp (enable ldp protocol)

mpls ldp router-id loopback 0 force (useloopback as router-id)

interface FastEthernet0/0

ip address x.x.x.x y.y.y.y

no shutdown

mpls ip (enable mpls feature on the interface)


6/73

PRJKTKPI01:

ip cef

mpls label protocol ldp

mpls ldp router-id loopback 0 force

hostname PRJKTKPI01

interface Loopback0

ip address 10.0.0.1 255.255.255.255

!


description to PRJKTKPI02 f0/0

ip address 10.10.10.1 255.255.255.252

speed 100

full-duplex

mpls ip!


description to PRKALBJM01 f0/1

ip address 10.10.10.14 255.255.255.252

speed 100

full-duplex

mpls ip

!


description to PEJKTKPI01 f0/1

no switchport

ip address 10.10.20.1 255.255.255.252

duplex full

speed 100

mpls ip

!


description to PEBTNTGR01 f0/0

no switchport

ip address 10.10.20.5 255.255.255.252

duplex fullspeed 100

mpls ip

PRJKTKPI02:

ip cef



hostname PRJKTKPI02

interface Loopback0

ip address 10.0.0.2 255.255.255.255

!



ip address 10.10.10.2 255.255.255.252

speed 100

full-duplex

mpls ip!


description to PRJTMSBY01 f0/1

ip address 10.10.10.5 255.255.255.252

speed 100

full-duplex

mpls ip

!



no switchport

ip address 10.10.20.22 255.255.255.252

duplex full

speed 100

mpls ip

!


description PEJBRBKS01 f0/0

no switchport

ip address 10.10.20.18 255.255.255.252


mpls ip

PEJKTKPI01:

ip cef



hostname PEJKTKPI01

interface Loopback0

ip address 10.0.0.3 255.255.255.255

!



ip address 10.10.20.25 255.255.255.252

speed 100

full-duplex

mpls ip!



ip address 10.10.20.2 255.255.255.252

speed 100

full-duplex

mpls ip


7/73

PEJKTKPI02:

ip cefmpls label protocol ldp


hostname PEJKTKPI02

interface Loopback0

ip address 10.0.0.4 255.255.255.255

!


description PEJKTKPI01 f0/0

ip address 10.10.20.26 255.255.255.252

speed 100

full-duplex

mpls ip

!


description PRJKTKPI02 f1/0

ip address 10.10.20.21 255.255.255.252

speed 100

full-duplex

mpls ip

PEBTNTGR01:



hostname PEBTNTGR01

interface Loopback0

ip address 10.0.0.5 255.255.255.255

!



ip address 10.10.20.6 255.255.255.252

speed 100

full-duplex

mpls ip

!


description to PEJBRBGR01 f0/1

ip address 10.10.20.9 255.255.255.252

speed 100

full-duplex

mpls ip

PEJBRBGR01:



hostname PEJBRBGR01

interface Loopback0

ip address 10.0.0.7 255.255.255.255

!


description to PEJBRBKS01 f0/1

ip address 10.10.20.13 255.255.255.252

speed 100

full-duplex

mpls ip

!


description to PEBTNTGR01 f0/1

ip address 10.10.20.10 255.255.255.252

speed 100

full-duplex

mpls ip


8/73

PEJBRBKS01:

ip cef

mpls label protocol ldpmpls ldp router-id loopback 0 force

hostname PEJBRBKS01

interface Loopback0

ip address 10.0.0.6 255.255.255.255

!



ip address 10.10.20.17 255.255.255.252

speed 100

full-duplex

mpls ip!


description to PEJBRBGR01 f0/0

ip address 10.10.20.14 255.255.255.252

speed 100

full-duplex

mpls ip

PRJTMSBY01:

ip cef


hostname PRJTMSBY01

interface Loopback0

ip address 10.0.0.8 255.255.255.255

!



ip address 10.10.10.9 255.255.255.252

speed 100

full-duplex

mpls ip!



ip address 10.10.10.6 255.255.255.252

speed 100

full-duplex

mpls ip

!


description to PEJTMSBY01 f0/0

no switchport

ip address 10.10.30.1 255.255.255.252

duplex full

speed 100

mpls ip

!


description to PEJTMMDN01 f0/0

no switchport

ip address 10.10.30.14 255.255.255.252


mpls ip

PEJTMSBY01:

ip cef


hostname PEJTMSBY01

interface Loopback0

ip address 10.0.0.9 255.255.255.255

!



ip address 10.10.30.2 255.255.255.252

speed 100

full-duplex

mpls ip!


description to PEJTMMLG01 f0/0

ip address 10.10.30.5 255.255.255.252

speed 100

full-duplex

mpls ip


9/73

PEJTMMLG01:

ip cef



hostname PEJTMMLG01

interface Loopback0

ip address 10.0.0.10 255.255.255.255

!


description to PEJTMSBY01 f0/1

ip address 10.10.30.6 255.255.255.252

speed 100

full-duplex

mpls ip!


description to PEJTMMDN01 f0/1

ip address 10.10.30.9 255.255.255.252

speed 100

full-duplex

mpls ip

PEJTMMDN01:

ip cef



hostname PEJTMMDN01

interface Loopback0

ip address 10.0.0.11 255.255.255.255

!



ip address 10.10.30.13 255.255.255.252

speed 100

full-duplex

mpls ip!


description to PEJTMMLG01 f0/1

ip address 10.10.30.10 255.255.255.252

speed 100

full-duplex

mpls ip

!

PRKALBJM01:

ip cef



hostname PRKALBJM01

interface Loopback0

ip address 10.0.0.12 255.255.255.255

!



ip address 10.10.10.10 255.255.255.252

speed 100

full-duplex

mpls ip!



ip address 10.10.10.13 255.255.255.252

speed 100

full-duplex

mpls ip

!


description to PEKALBJM01 f0/0

no switchport

ip address 10.10.40.1 255.255.255.252

duplex full

speed 100

mpls ip

!


description to PEKALBJM01 f0/1

no switchport

ip address 10.10.40.5 255.255.255.252


mpls ip


10/73

PEKALBJM01:



hostname PEKALBJM01

interface Loopback0

ip address 10.0.0.13 255.255.255.255

!



ip address 10.10.40.2 255.255.255.252

speed 100

full-duplex

mpls ip

!



ip address 10.10.40.6 255.255.255.252

speed 100

full-duplex

mpls ip


11/73

Dont forget to save router configuration bytyping :

copy running-config startup-config.


12/73

Verify configuration : from privileged mode,type show run, check on the interface, makesure all configuration were entered.


13/73

Verify mpls interface, make sure operational,and use LDP protocol.


14/73

Next one, check to the neighbor by typingshow mpls ldp neighbor, make sureneighbor LDP is running. Can be checked fromuptime, state, message sent-received


15/73

After that, check the forwarding table, fromhere we can see the the label routing process(pop, swap, push), next hop, and the outgoinginterface.


16/73

The last step is lsp ping & trace, is a function

to do ping & trace based on LSP (LabelSwitched Path) that already generated.


17/73

By this LSP trace & ping feature, we can knowthe hop that passed by MPLS labels.


18/73

In this part, we will discuss about services thatrun on MPLS, it is VPN (Virtual Private Network).With this VPN service, allowing IP reuse in theMPLS cloud without crashing each others.

The VPN services in MPLS globally divided by 2types, there are:

1. L2VPN (Layer 2 Virtual Private Network)

2. L3VPN (Layer 3 Virtual Private Network).


19/73

1. L2VPN L2VPN is a private layer 2 virtual network,

where it looks like CE were connected eachother directly. So it is possible to allow ofusing the same subnet between CE.

2. L3VPN L3VPN is a private layer 3 virtual network, that

run under layer 3, where PE router in serviceprovider side also do routing towards client.


20/73

L2VPN The L2VPN service itself were divided to 2

types::

VLL (Virtual Leased Line) or usually known as

Atom (Any Transport to MPLS), or PseudowireService

VPLS (Virtual Private LAN Service)


21/73

VLL base is Point to Point, so when VLL servicecreated, there will be only 2 points, its nearend & far end. VLL also can emulate E1interface, SDH, Serial, etc into MPLS.

Service Provider Network

HQ Router Company BBranch Router Company B

10.10.10.1/3010.10.10.2/30

Peer to Peer Tunnel Service for Company B

HQ Router Company A Branch Router Company A

PE PE

Peer to Peer Tunnel Service for Company A

10.10.10.1/30 10.10.10.1/30


22/73

In VLL service, PE Router only works as TunnelProvider between CE in the different VPNservices.

IP reuse can be used in VLL service, where itlooks like between CE were in the samesubnet, connected directly without knowingthat PE router were in the middle of the

connection.


23/73

VPLS connection can be Point to Point, or Point toMultipoint, so when VPLS service were created, itcan be configured one point as the main center, andthe other point as distribution link.


24/73

In this VPLS service, PE Router act as same asVLL services, but in this case, PE can do lotmore Peering, so it can create multipointcloud. IP reuse also can be implementedbetween CE. Where it looks like between CEwere in the same subnet, connected directlywithout knowing that PE router were in themiddle of the connection.


25/73

L3VPN or in other word VPRN (Virtual Private RoutedNetwork) is a layer 3 virtual private networks. WherePE router in the Service Provider network also dorouting towards client. So each PE-CE connectionneeds its own IP block.

HQ Router

Company B

Branch Router 1

Company B

10.10.10.2/30

10.10.30.2/30

Layer 3 Tunnel Service for Customer B

Branch Router 2Company B

10.10.20.2/30

Layer 3 Tunnel Service for Customer B

PE

10.10.10.1/30

10.10.20.1/30

10.10.30.1/30

Layer 3 Tunnel Service for Customer A

PEPE

Branh Router 1

Company AHQ Router

Company A

10.10.10.2/30

10.10.10.1/30

10.10.30.2/30

10.10.30.1/30


26/73

Unlike the two previous services, on VPRN, PErouter act as default gateway for each CE, soCE can communicate with other cloud. Thissystem usually called as VRF (Virtual Router

Forwarding). IP also can be used and notcrashed each others because each service runon different VRF (Virtual Routing Forwarding).


27/73

VLL Configuration VPLS Configuration

VPRN Configuration


28/73

IT OSS team were doing some DRC (Disaster RecoveryCenter) implementation trial for their Database Server.

There are 2 servers in the Tangerang and Banjarmasinthat needs to be connected and synchronize datarealtime.

Server act as main & backup, main side served byTangerang, and backup side in Banjarmasin.

Banjarmasin were chosen as backup because the citydoesnt have disaster history so it is very eligible to actas backup center.

Service that they want is VLL.

IP block that will be used : Point to Point 172.16.1.0/30.


29/73

Service Provider Network

172.16.1.1/30 172.16.1.2/30

Peer to Peer Tunnel Service for OSS DRC

PE Tangerang

PEBTNTGR01PE KalimantanPEKALBJM01

Server#1

Tangerang

Server#2

Banjarmasin


30/73

From requirement above, team will alocate 1port Fast-Ethernet in the router to connect tothe Server

PEBTN

TGR01

Loopback0 10.0.0.5/32

Fa0/0 To DBServer #1 Gi 0/0 VLL 100 DBServer #1 Gi 0/0 VLL

Fa0/1Fa1/0 To PRJKTKPI01 Fa1/3 10.10.20.6/30 PRJKTKPI01 Fa1/3 10.10.20.5/30

Fa1/1 To PEJBRBGR01 Fa1/1 10.10.20.9/30 PEJBRBGR01 Fa1/1 10.10.20.10/30

PEKALBJM01

Loopback0 10.0.0.13/32

Fa0/0 To DBServer #2 Gi 0/0 VLL 100 DBServer #2 Gi 0/0 VLL

Fa0/1

Fa1/0 To PRKALBJM01 Fa1/2 10.10.40.2/30 PRKALBJM01 Fa1/2 10.10.40.1/30

Fa1/1 To PRKALBJM01 Fa1/3 10.10.40.6/30 PRKALBJM01 Fa1/3 10.10.40.5/30


31/73

From connection table above, Server2 Gi0/0will connect to PEKALBJM01 Fa0/0, and Server1 Gi0/0 will connect to PEBTNTGR01 Fa0/0


32/73

We do configuration only at the PEs, because PRouter doesnt have any services and P Routeronly do label swapping process.

Command needs to be added to interface

towards server xconnect x.x.x.x yyy encapsulationmpls

x.x.x.x = Target PE ip address

yyyy = virtual circuit number, must be unique

and different on each customer/service


33/73

PEBTNTGR01 :


description To DBServer#1 Gi0/0

no ip address

duplex auto

speed auto

xconnect 10.0.0.13 100 encapsulation mpls

end

PEKALBJM01 :


description To DBServer#2 Gi0/0

no ip address

duplex auto

speed auto

xconnect 10.0.0.5 100 encapsulation mpls

end


34/73


35/73


36/73

Make sure correct peering on both side, and

make sure all the status is up on each PErouter by typing show mpls l2transport vc100


37/73

With command show mpls l2transport vc 100detail, we can check status, incoming andoutgoing packets from the VLL Service


38/73

After verification passed, try to ping from

Server#1 to Server#2 and vice versa. Ping test from Server 1


39/73

Ping test from Server#2


40/73


VPRN Configuration


41/73

3 NMS servers on different location (Surabaya,Malang, Madiun) needs to be connected eachother. To allow single subnet usage, theconnection should be based on Layer 2 so there isno routing needed to reach each others.

The user request VPLS technology to reach thisgoal.

The user ask to create full meshed point tomultipoint to provide layer 2 redundancy.

IP Block that will be used is 172.16.1.0/24


42/73


43/73

From requirement above, team will alocate 1

port Fast-Ethernet in the router to connect toeach NMS Server

Area Site Name Device Name Interface Description IP Address Peer device Peer Interface Peer IP Address

Loopback0 10.0.0.9/32Fa0/0 To NMS#1 Fa 0 VPLS NMS NMS#1 Fa 0 172.16.1.1/24

Fa0/1

Fa1/0 To PRJTMSBY01 Fa1/2 10.10.30.2/30 PRJTMSBY01 Fa1/2 10.10.30.1/30

Fa1/1 To PEJTMMLG01 Fa1/0 10.10.30.5/30 PEJTMMLG01 Fa1/0 10.10.30.6/30

Loopback0 10.0.0.10/32

Fa0/0 To NMS#2 Fa 0 VPLS NMS NMS#2 Fa 0 172.16.1.2/24

Fa0/1

Fa1/0 To PEJTMSBY01 Fa1/1 10.10.30.6/30 PEJTMSBY01 Fa1/1 10.10.30.5/30Fa1/1 To PEJTMMDN01 Fa1/1 10.10.30.9/30 PEJTMMDN01 Fa1/1 10.10.30.10/30

Loopback0 10.0.0.11/32

Fa0/0 To NMS#3 Fa 0 VPLS NMS NMS#3 Fa 0 172.16.1.3/24

Fa0/1

Fa1/0 To PRJTMSBY01 Fa1/3 10.10.30.13/30 PRJTMSBY01 Fa1/3 10.10.30.14/30

Fa1/1 To PEJTMMLG01 Fa1/1 10.10.30.10/30 PEJTMMLG01 Fa1/1 10.10.30.19/30

PEJTMSBY01

PEJTMMDN01

Madiun

Local Side Remote Side

PEJT

MMLG01

Surabaya

Malang


44/73

From connection table described before, NMS1

Fa0 will connect to PEJTMSBY01 Fa0/0, NMS2Fa0 will connect to PEJTMMLG01 Fa0/0, andNMS3 Fa0 will connect to PEJTMMDN01 Fa0/0


45/73

VPLS Configuration can be described below : 1. create L2 VFI name

2. define VPN id

3. define target peer neighbor

4. assign interface towards CE to VFI


46/73

Example : l2 vfi cust-one manual vpn id 1 neighbor 1.1.1.1 encapsulation mpls neighbor 2.2.2.2 encapsulation mpls

! Interface FastEthernet0/0 no ip address xconnect vfi cust-one !


47/73

PEJTMSBY01

l2 vfi NMS_NETWORKS manual

vpn id 1

neighbor 10.0.0.10 encapsulation mpls


!


description to CEno ip address

xconnect vfi NMS_NETWORKS

PEJTMMLG01


vpn id 1



!


description to CEno ip address


PEJTMMDN01


vpn id 1

neighbor 10.0.0.9 encapsulation mplsneighbor 10.0.0.10 encapsulation mpls

!


description to CE

no ip address



48/73

Verify the VPLS status by typing show vfiNMS_NETWORKS

PEJTMSBY01#show vfi NMS_NETWORKS

VFI name: NMS_NETWORKS, state: up

Local attachment circuits:

FastEthernet0/0

Neighbors connected via pseudowires:

10.0.0.10 10.0.0.11

PEJTMMLG01#show vfi NMS_NETWORKS



FastEthernet0/0

Neighbors connected via pseudowires:

10.0.0.9 10.0.0.11

PEJTMSBY01#show vfi NMS_NETWORKS



FastEthernet0/0Neighbors connected via pseudowires:

10.0.0.9 10.0.0.10


49/73

Ping test from NMS1 to NMS2 & NMS3


50/73



51/73



52/73


VPRN Configuration


53/73

ABC Corporate Networks needs to be connectedeach others. from Bekasi, Bogor, and Tangerangbranch.

Each location have different network address.

Bekasi = 192.168.1.0/24

Bogor = 192.168.2.0/24

Tangerang = 192.168.3.0/24

The user request VPRN technology to allow eachnetwork to reach others.

PE-CE Point to Point IP that will be used are :

1. PE-CE Bekasi = 172.16.1.0/30

2. PE-CE Bogor = 172.16.1.4/30

3. PE-CE Tangerang = 172.16.1.8/30


54/73


55/73

From requirement above, team will alocate 1 port

Fast-Ethernet in the router to connect to each NMSServer.

We wont use PEBTNTGR01 Fa0/0 because alreadyused by VLL case before.

Device Name Interface Description IP Address Peer device Peer Interfac Peer IP Address Remark

Loopback0 10.0.0.5/32

Fa0/0 To DBServer #1 Gi 0/0 VLL 100 DBServer #1 Gi 0/0 172.16.1.1/30 Service VLL 100

Fa0/1 To CE_ABC_TGR Fa0/0 172.16.1.9/30 CE_ABC_TGR Fa0/0 172.16.1.10/30 Service VPRN ABC

Fa1/0 To PRJKTKPI01 Fa1/3 10.10.20.6/30 PRJKTKPI01 Fa1/3 10.10.20.5/30 Backbone Interface

Fa1/1 To PEJBRBGR01 Fa1/1 10.10.20.9/30 PEJBRBGR01 Fa1/1 10.10.20.10/30 Backbone Interface

Loopback0 10.0.0.6/32

Fa0/0 To CE_ABC_BKS Fa0/0 172.16.1.1/30 CE_ABC_BKS Fa0/0 172.16.1.2/30 Service VPRN ABC

Fa0/1

Fa1/0 To PRJKTKPI02 Fa1/3 10.10.20.17/30 PRJKTKPI02 Fa1/3 10.10.20.18/30 Backbone Interface

Fa1/1 To PEJBRBGR01 Fa1/0 10.10.20.14/30 PEJBRBGR01 Fa1/0 10.10.20.13/30 Backbone Interface

Loopback0 10.0.0.7/32

Fa0/0 To CE_ABC_BGR Fa0/0 172.16.1.3/30 CE_ABC_BGR Fa0/0 172.16.1.4/30 Service VPRN ABC

Fa0/1

Fa1/0 To PEJBRBKS01 Fa1/1 10.10.20.13/30 PEJBRBKS01 Fa1/1 10.10.20.14/30 Backbone Interface

Fa1/1 To PEBTNTGR01 Fa1/1 10.10.20.10/30 PEBTNTGR01 Fa1/1 10.10.20.9/30 Backbone InterfacePEJBRBGR01

Local Side Remote Side

PEBTNTGR01

PEJBRBKS0

1


56/73

From connection table described before,

CE_ABC_BKS Fa0 will connect to PEJBRBKS01Fa0/0, CE_ABC_BGR Fa0 will connect toPEJBRBGR01 Fa0/0, and CE_ABC_TGR Fa0 willconnect to PEBTNMDN01 Fa0/1


57/73

There are 5 steps to configure VPRN services on

cisco router: 1. Configure VRF, RD & RT

2. Configure BGP neighborship between eachservice

3. Configure MP-BGP to allow each VRFcommunicate each other

4. Import/redistribute routing (if any configured)

5. Apply VRF to desired interface


58/73

ip vrf xxx : vrf name, locally significant rd : route distinguisher, process id for vrf

name above, locally significant

rt : route target, process id to be exported &imported through network

PEJBRBKS01

ip vrf ABC_CORP

rd 1:1

route-target export 1:1

route-target import 1:1

!

PEJBRBGR01

ip vrf ABC_CORP

rd 1:1



!

PEJBRTGR01

ip vrf ABC_CORP

rd 1:1



!


59/73

BGP Neighborship is needed to allow MP-BGP*

communicate to each other and pass ip vrf throughnetworks.

*MP-BGP = Multi Protocol BGP, extension of BGPProtocol

BGP Number :

0 & 65535 = reserved, asn 0 for non-routed networks 64496-64511 = reserved for use in documentation

and sample code. 64512-65534 = private purpose Others = Assigned by IANA (www.iana.org)


60/73

PEJBRBKS01

router bgp 65100no synchronization

bgp log-neighbor-changes

neighbor 10.0.0.5 remote-as 65100

neighbor 10.0.0.5 update-source Loopback0



no auto-summary!

PEJBRBKS01

router bgp 65100

no synchronization


neighbor 10.0.0.6 remote-as 65100neighbor 10.0.0.6 update-source Loopback0



no auto-summary

PEJBRBGR01

router bgp 65100no synchronization






no auto-summary!


61/73

Make sure BGP is up, and can communicatewith configured neighbors


62/73

PEJBRBKS01

router bgp 65100address-family vpnv4

neighbor 10.0.0.5 activate

neighbor 10.0.0.5 send-community both



exit-address-family

address-family ipv4 vrf ABC_CORP

redistribute connected

redistribute static

no synchronization

exit-address-family

PEJBRBGR01






exit-address-family



redistribute static

no synchronization

exit-address-family


63/73

PEBTNTGR01






exit-address-family



redistribute static

no synchronization

exit-address-family


64/73

Because in this case we use static route, wealso need to add static route in VRF to allowPE know the networks behind CE.

PEJBRBKS01, PEJBRBGR01, PEBTNTGR01 :

ip route vrf ABC_CORP 192.168.1.0 255.255.255.0 172.16.1.2ip route vrf ABC_CORP 192.168.2.0 255.255.255.0 172.16.1.6

ip route vrf ABC_CORP 192.168.3.0 255.255.255.0 172.16.1.10


65/73

Last thing, configure interface where we willattach vrf.PEJBRBKS01interface FastEthernet0/0

ip vrf forwarding ABC_CORP

ip address 172.16.1.1 255.255.255.252

duplex auto

speed auto

!

PEJBRBGR01



ip address 172.16.1.5 255.255.255.252

duplex auto

speed auto

!

PEBTNTGR01



ip address 172.16.1.9 255.255.255.252duplex auto

speed auto

!


66/73

Make sure VRF peering is up and recognized,

and VRF ip routing is shown up in the PE.

Use command show ip route vrf ABC_CORP


67/73

On CE side, configure IP address to ServiceProvider and to LAN.CE_ABC_BGR

interface Ethernet0

description to SW_ABC_BGR Fa1

ip address 192.168.2.1 255.255.255.0

half-duplex

!

interface FastEthernet0

description to SP_gateway

ip address 172.16.1.6 255.255.255.252

speed auto

!

ip route 0.0.0.0 0.0.0.0 172.16.1.5

CE_ABC_BKS

interface Ethernet0

description to SW_ABC_BKS Fa1

ip address 192.168.1.1 255.255.255.0

half-duplex

!



ip address 172.16.1.2 255.255.255.252

speed auto

!

ip route 0.0.0.0 0.0.0.0 172.16.1.1


68/73

CE_ABC_TGR

interface Ethernet0description to SW_ABC_TGR Fa1

ip address 192.168.3.1 255.255.255.0

half-duplex

!



ip address 172.16.1.10 255.255.255.252

speed auto

!

ip route 0.0.0.0 0.0.0.0 172.16.1.9


69/73

Client Bekasi Client Bogor

Client Tangerang


70/73

Test ping from Client in Bekasi to CE RouterBekasi


71/73

Test ping from Client in Bekasi to CE RouterBogor and Client Bogor


72/73

Test ping from Client in Bekasi to CE RouterTangerang and Client Tangerang


73/73

Next, Chapter 3.

MPLS Optimization

mpls deployment chapter 2 - services1

Documents