Thursday, February 23, 2023

MPLS L3VPN Building LAB

Step to Configuring the MPLS

  • Step. 1: Make MPLS infrastructure, i.e., IGP domain with a label distribution protocol 
  • Step. 2: Attach customer edge router
  • Step. 3: Create VRF on PE and run VRF at customer interface.
  • Step. 4: Run MP-BGP between PE1 and PE2
  • Step. 5: Run PE-CE routing protocol
  • Step. 6: Redistribution of route between IS-IS, MP-BGP and PE-CE routing protocol.

MPLS L3VPN Building LAB

Step. 1: Make MPLS infrastructure, i.e., IGP domain with a label distribution protocol


Refer the section of MPLS Building LAB

Make sure there is reachable between PE1 and PE2 Router and in trace label has been attached.

PE1#ping 5.5.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/83/116 ms
PE1#traceroute 5.5.5.5 source lo0
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.20.1 [MPLS: Label 205 Exp 0] 64 msec 84 msec 88 msec
  2 192.168.20.3 [MPLS: Label 305 Exp 0] 56 msec 44 msec 72 msec
  3 192.168.20.5 88 msec 88 msec 72 msec
PE1#
---------------------------------------------------------------------------------------------------------------------------------------
PE5#ping 1.1.1.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 68/80/92 ms
PE5#traceroute 1.1.1.1 source lo0
Type escape sequence to abort.
Tracing the route to 1.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.20.4 [MPLS: Label 304 Exp 0] 64 msec 92 msec 88 msec
  2 192.168.20.2 [MPLS: Label 204 Exp 0] 68 msec 52 msec 40 msec
  3 192.168.20.0 96 msec 80 msec 104 msec
PE5#

Step. 2: Attach customer edge router

Attached customer edge router CE_A1 and CE_B1 to router PE1, and attached customer edge router CE_A2 and CE_B2 to router PE2.

Configuration for Customer Router CE_A1

Configure terminal
interface Ethernet3/0
 ip address 192.168.10.0 255.255.255.254
no shutdown
 duplex full
exit
!
interface Loopback0
 ip address 11.11.11.11 255.255.255.255
end
wr

Configuration for Customer Router CE_A2

Configure terminal
interface Ethernet3/0
 ip address 192.168.30.0 255.255.255.254
no shutdown
 duplex full
exit
!
interface Loopback0
 ip address 22.22.22.22 255.255.255.255
end
wr

Configuration for Customer Router CE_B1

Configure terminal
interface Ethernet3/1
 ip address 192.168.10.0 255.255.255.254
no shutdown
 duplex full
exit
!
interface Loopback0
 ip address 33.33.33.33 255.255.255.255
end
wr

Configuration for Customer Router CE_B2

Configure terminal
interface Ethernet3/1
 ip address 192.168.30.0 255.255.255.254
no shutdown
 duplex full
exit
!
interface Loopback0
 ip address 44.44.44.44 255.255.255.255
end
wr 

Configuration for PE1 Router

Configure terminal
interface Ethernet3/0
 ip address 192.168.10.1 255.255.255.254
 no shutdown
 duplex full
exit
!
interface Ethernet3/1
 ip address 192.168.10.1 255.255.255.254
 no shutdown
 duplex full
exit
!
end
wr

Configuration for PE5 Router

Configure terminal
interface Ethernet3/0
 ip address 192.168.30.1 255.255.255.254
 no shutdown
 duplex full
exit
!
interface Ethernet3/1
 ip address 192.168.30.1 255.255.255.254
 no shutdown
 duplex full
exit
!
end
wr

Step. 3: Create VRF on PE and run VRF instance at customer interface.

Configuration for PE1 Router

configure terminal
vrf definition A
 rd 12:1
 !
 address-family ipv4
  route-target export 12:11
  route-target import 12:22
 exit-address-family
!
!
interface Ethernet3/0
 vrf forwarding A
 ip address 192.168.10.1 255.255.255.254
 duplex full
!
!
vrf definition B
 rd 12:2
 !
 address-family ipv4
  route-target export 12:33
  route-target import 12:44
 exit-address-family
!
!
interface Ethernet3/1
 vrf forwarding B
 ip address 192.168.10.1 255.255.255.254
no shutdown
 duplex full
exit
!
end
wr

Configuration for PE5 Router

configure terminal
vrf definition A
 rd 12:1
 !
 address-family ipv4
  route-target export 12:22
  route-target import 12:11
 exit-address-family
!
!
interface Ethernet3/0
 vrf forwarding A
 ip address 192.168.30.1 255.255.255.254
 duplex full
!
!
vrf definition B
 rd 12:2
 !
 address-family ipv4
  route-target export 12:44
  route-target import 12:33
 exit-address-family
!
!
interface Ethernet3/1
 vrf forwarding B
 ip address 192.168.30.1 255.255.255.254
no shutdown
 duplex full
!
end
wr

In VRF table of A and B, there should be their individual customer routes learned

PE1#show ip route vrf A
Routing Table: A
Gateway of last resort is not set
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/31 is directly connected, Ethernet3/0
L        192.168.10.1/32 is directly connected, Ethernet3/0
PE1#show ip route vrf B
 
Routing Table: B
Gateway of last resort is not set
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/31 is directly connected, Ethernet3/1
L        192.168.10.1/32 is directly connected, Ethernet3/1
PE1#
-----------------------------------------------------------------------------------------------------------------------------------------
PE5#show ip route vrf A
Routing Table: A
Gateway of last resort is not set
      192.168.30.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.30.0/31 is directly connected, Ethernet3/0
L        192.168.30.1/32 is directly connected, Ethernet3/0
PE5#show ip route vrf B
Routing Table: B
Gateway of last resort is not set
      192.168.30.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.30.0/31 is directly connected, Ethernet3/1
L        192.168.30.1/32 is directly connected, Ethernet3/1
PE5#

Step. 4: Run MP-BGP between PE1 and PE5  

Configuration for PE1 Router

configure terminal
ip bgp-community new-format
!
router bgp 12
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 12
neighbor 5.5.5.5 update-source loopback0
address-family vpnv4
 neighbor 5.5.5.5 activate
 neighbor 5.5.5.5 send-community both
exit
end
wr

Configuration for PE5 Router

configure terminal
ip bgp-community new-format
!
router bgp 12
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 12
neighbor 1.1.1.1 update-source loopback0
address-family vpnv4
 neighbor 1.1.1.1 activate
 neighbor 1.1.1.1 send-community both
exit
!
end
wr

PE1#
*Feb 23 10:23:36.759: %BGP-5-ADJCHANGE: neighbor 5.5.5.5 Up
PE1#

Step. 5: Run PE-CE routing protocol

PE-CE Routing Protocol between CE_A1 and PE1 – OSPF

Configuration on CE_A1

configure terminal
interface Loopback0
 ip address 11.11.11.11 255.255.255.255
 ip ospf 1 area 1
!
router ospf 1
 network 192.168.10.0 0.0.0.255 area 1
!
end
!

Configuration on PE1

configure terminal
router ospf 10 vrf A
 network 192.168.10.0 0.0.0.255 area 1
end
!

PE1#
*Feb 23 10:31:05.103: %OSPF-5-ADJCHG: Process 10, Nbr 11.11.11.11 on Ethernet3/0 from LOADING to FULL, Loading Done
PE1#

PE-CE Routing Protocol between CE_A2 and PE5 – BGP AS 22 

Configuration on CE_A2

configure terminal
ip bgp-community new-format
!
router bgp 22
neighbor 192.168.30.1 remote-as 12
address-family ipv4
 neighbor 192.168.30.1 activate
 neighbor 192.168.30.1 send-community
 redistribute connected
exit
!
end
wr

Configuration on PE5

configure terminal
router bgp 12
address-family ipv4 vrf A
 neighbor 192.168.30.0 remote-as 22
 neighbor 192.168.30.0 activate
 neighbor 192.168.30.0 send-community
exit
!
end
wr

PE5#
*Feb 23 10:32:36.155: %BGP-5-ADJCHANGE: neighbor 192.168.30.0 vpn vrf A Up
PE5#

PE-CE Routing Protocol between CE_B1 and PE1 – EIGRP AS 33

Configuration on CE_B1

configure terminal
router eigrp 33
 no auto-summary
 network 192.168.10.0 0.0.0.255
 redistribute connected metric 1 1 1 1 1
end
wr

Configuration on PE1

configure terminal
router eigrp 33
 address-family ipv4 vrf B
  autonomous-system 33
  no auto-summary
  network 192.168.10.0 0.0.0.255
end
wr 

PE1#
*Feb 23 10:35:33.463: %DUAL-5-NBRCHANGE: EIGRP-IPv4 33: Neighbor 192.168.10.0 (Ethernet3/1) is up: new adjacency
PE1#

PE-CE Routing Protocol between CE_B2 and PE5 – OSPF

Configuration on CE_B2

configure terminal
interface Loopback0
 ip address 44.44.44.44 255.255.255.255
 ip ospf 1 area 1
!
router ospf 1
 network 192.168.30.0 0.0.0.255 area 1
!
end
wr
!

Configuration on PE5

configure terminal
router ospf 10 vrf B
 network 192.168.30.0 0.0.0.255 area 1
end
!

PE5#
*Feb 23 10:37:39.071: %OSPF-5-ADJCHG: Process 10, Nbr 44.44.44.44 on Ethernet3/1 from LOADING to FULL, Loading Done
PE5#

From PE1 and PE5 router, loopback interface of the customer connected should be reachable

PE1#ping vrf A 11.11.11.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/32 ms
PE1#ping vrf B 33.33.33.33
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 33.33.33.33, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/32 ms
PE1#
-------------------------------------------------------------------------------------------------------------------------------------
PE5#ping vrf A 22.22.22.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/29/36 ms
PE5#ping vrf B 44.44.44.44
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 44.44.44.44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/21/28 ms
PE5#

Step. 6: Redistribution of route between OSPF, MP-BGP and PE-CE routing protocol.

Redistribution of route between CE_A1 and CE_A2

Configuration on PE1 Router:

Configure terminal
router bgp 12
 address-family ipv4 vrf A
  redistribute ospf 10 metric 1
exit
exit
!
router ospf 10 vrf A
 redistribute bgp 12 subnets            
exit
!
end
wr

No redistribution required between CE_A2 and PE5, as we have use BGP as PE-CE routing protocol

Routing Table of CE_A1 and CE_A2

CE_A1#show ip route
Gateway of last resort is not set
 
      11.0.0.0/32 is subnetted, 1 subnets
C        11.11.11.11 is directly connected, Loopback0
      22.0.0.0/32 is subnetted, 1 subnets
O E2     22.22.22.22 [110/1] via 192.168.10.1, 00:03:33, Ethernet3/0
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/31 is directly connected, Ethernet3/0
L        192.168.10.0/32 is directly connected, Ethernet3/0
      192.168.30.0/31 is subnetted, 1 subnets
O E2     192.168.30.0 [110/1] via 192.168.10.1, 00:03:33, Ethernet3/0
CE_A1#
------------------------------------------------------------------------------------------------------------------------------------
CE_A2#show ip route
Gateway of last resort is not set
 
      11.0.0.0/32 is subnetted, 1 subnets
B        11.11.11.11 [20/0] via 192.168.30.1, 00:04:13
      22.0.0.0/32 is subnetted, 1 subnets
C        22.22.22.22 is directly connected, Loopback0
      192.168.10.0/31 is subnetted, 1 subnets
B        192.168.10.0 [20/0] via 192.168.30.1, 00:04:13
      192.168.30.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.30.0/31 is directly connected, Ethernet3/0
L        192.168.30.0/32 is directly connected, Ethernet3/0
CE_A2#

Redistribution of routes between CE_B1 and CE_B2

Configuration on PE1

Configure terminal
router bgp 12
address-family ipv4 vrf B
redistribute eigrp 33 metric 1
exit          
exit
!
router eigrp 33
address-family ipv4 vrf B
redistribute bgp 12 metric 1 1 1 1 1
exit          
!
end
wr

Configuration on PE5

Configure terminal
router bgp 12
address-family ipv4 vrf B
redistribute ospf 10 metric 1
exit
exit
!
router ospf 10 vrf B
redistribute bgp 12 subnets
exit
!
end
wr

Routing table of CE_B1 and CE_B2

CE_B1#show ip route
Gateway of last resort is not set
 
      33.0.0.0/32 is subnetted, 1 subnets
C        33.33.33.33 is directly connected, Loopback0
      44.0.0.0/32 is subnetted, 1 subnets
D EX     44.44.44.44 [170/2560025856] via 192.168.10.1, 00:15:05, Ethernet3/1
      192.168.10.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.10.0/31 is directly connected, Ethernet3/1
L        192.168.10.0/32 is directly connected, Ethernet3/1
      192.168.30.0/31 is subnetted, 1 subnets
D EX     192.168.30.0 [170/2560025856] via 192.168.10.1, 00:15:05, Ethernet3/1
CE_B1#
-------------------------------------------------------------------------------------------------------------------------------------
CE_B2#show ip route
Gateway of last resort is not set
 
      33.0.0.0/32 is subnetted, 1 subnets
O E2     33.33.33.33 [110/1] via 192.168.30.1, 00:14:39, Ethernet3/1
      44.0.0.0/32 is subnetted, 1 subnets
C        44.44.44.44 is directly connected, Loopback0
      192.168.10.0/31 is subnetted, 1 subnets
O E2     192.168.10.0 [110/1] via 192.168.30.1, 00:14:39, Ethernet3/1
      192.168.30.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.30.0/31 is directly connected, Ethernet3/1
L        192.168.30.0/32 is directly connected, Ethernet3/1
CE_B2# 

Final Output

Though customer A and B having same IP address, can communicate over the MPLS infrastructure as below:
(CE_A1 can communicate with CE_A2, and CE_B1 can communicate with CE_B2)

CE_A1#ping 22.22.22.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 128/144/172 ms
CE_A1#ping 192.168.30.0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.30.0, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 112/132/156 ms
CE_A1#ping 192.168.30.0 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.30.0, timeout is 2 seconds:
Packet sent with a source address of 11.11.11.11
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 120/138/164 ms
CE_A1#traceroute 22.22.22.22
Type escape sequence to abort.
Tracing the route to 22.22.22.22
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.10.1 16 msec 28 msec 32 msec
  2 192.168.20.1 [MPLS: Labels 205/508 Exp 0] 124 msec 128 msec 136 msec
  3 192.168.20.3 [MPLS: Labels 305/508 Exp 0] 160 msec 116 msec 164 msec
  4 192.168.30.1 [MPLS: Label 508 Exp 0] 104 msec 120 msec 124 msec
  5 192.168.30.0 104 msec 180 msec 120 msec
CE_A1#

------------------------------------------------------------------------------------------------------------------------------------
CE_A2#ping 192.168.10.0 sou
CE_A2#ping 192.168.10.0 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.0, timeout is 2 seconds:
Packet sent with a source address of 22.22.22.22
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 128/140/156 ms
CE_A2#ping 11.11.11.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 124/144/180 ms
CE_A2#traceroute 11.11.11.11
Type escape sequence to abort.
Tracing the route to 11.11.11.11
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.30.1 24 msec 24 msec 28 msec
  2 192.168.20.4 [MPLS: Labels 304/108 Exp 0] 152 msec 128 msec 152 msec
  3 192.168.20.2 [MPLS: Labels 204/108 Exp 0] 144 msec 148 msec 152 msec
  4 192.168.10.1 [AS 12] [MPLS: Label 108 Exp 0] 136 msec 120 msec 100 msec
  5 192.168.10.0 [AS 12] 168 msec 128 msec 168 msec
CE_A2#
-----------------------------------------------------------------------------------------------------------------------------------
CE_B1#ping 192.168.30.0 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.30.0, timeout is 2 seconds:
Packet sent with a source address of 33.33.33.33
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 124/144/164 ms
CE_B1#ping 44.44.44.44
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 44.44.44.44, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 124/142/164 ms
CE_B1#traceroute 44.44.44.44
Type escape sequence to abort.
Tracing the route to 44.44.44.44
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.10.1 20 msec 24 msec 20 msec
  2 192.168.20.1 [MPLS: Labels 205/510 Exp 0] 152 msec 140 msec 128 msec
  3 192.168.20.3 [MPLS: Labels 305/510 Exp 0] 136 msec 160 msec 140 msec
  4 192.168.30.1 [MPLS: Label 510 Exp 0] 120 msec 136 msec 120 msec
  5 192.168.30.0 176 msec 160 msec 172 msec
CE_B1#
----------------------------------------------------------------------------------------------------------------------------------
CE_B2#ping 192.168.10.0 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.10.0, timeout is 2 seconds:
Packet sent with a source address of 44.44.44.44
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 132/145/164 ms
CE_B2#ping 33.33.33.33
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 33.33.33.33, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 128/145/172 ms
CE_B2#traceroute 33.33.33.33
Type escape sequence to abort.
Tracing the route to 33.33.33.33
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.30.1 20 msec 28 msec 28 msec
  2 192.168.20.4 [MPLS: Labels 304/110 Exp 0] 136 msec 152 msec 180 msec
  3 192.168.20.2 [MPLS: Labels 204/110 Exp 0] 140 msec 120 msec 136 msec
  4 192.168.10.1 [MPLS: Label 110 Exp 0] 132 msec 120 msec 120 msec
  5 192.168.10.0 120 msec 168 msec 156 msec
CE_B2# 

By at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)