Documenti di Didattica
Documenti di Professioni
Documenti di Cultura
Objectives
Upon completion of this lesson, you will
be able to perform the following tasks:
Configure Virtual Routing and Forwarding
tables
Configure Multi-protocol BGP in MPLS VPN
backbone
Configure PE-CE routing protocols
Configure advanced MPLS VPN features
Monitor MPLS VPN operations
Troubleshoot MPLS VPN implementation
2001, Cisco Systems, Inc.
MPLS v1.08-2
MPLS v1.08-3
Objectives
Upon completion of this section, you will be
able to perform the following tasks:
Describe the concept of Virtual Routing and
Forwarding tables
Describe the concept of routing protocol
contexts
Describe the interaction between PE-CE
routing protocols, backbone MP-BGP, and
virtual routing and forwarding tables
MPLS v1.08-4
MPLS v1.08-5
10.1.1.0/24
RI
P
CE-VPN-A
RIP
VPN B
CE-VPN-B
10.1.1.0/24
PE Router
MPLS v1.08-7
MPLS v1.08-8
CE-RIP-B
MPLS v1.08-9
CE-RIP-B
MPLS v1.08-10
CE-RIP-B
MPLS v1.08-11
CE-RIP-B
RIP routes entered in the VRF routing table are redistributed into BGP
for further propagation into the MPLS VPN backbone.
Redistribution between RIP and BGP has to be configured for proper
MPLS VPN operation.
MPLS v1.08-12
CE-RIP-B
MPLS v1.08-13
CE-RIP-B
MPLS v1.08-14
CE-RIP-B
MPLS v1.08-15
CE-RIP-B
MP-IBGP routes imported into a VRF are redistributed into the instance
of RIP configured for that VRF.
Redistribution between BGP and RIP has to be configured for endto-end RIP routing between CE routers.
2001, Cisco Systems, Inc.
MPLS v1.08-16
CE-RIP-B
Routes redistributed from BGP into a VRF instance of RIP are sent to
RIP-speaking CE routers.
MPLS v1.08-17
Summary
After completing this section, you should be
able to perform the following tasks:
Describe the concept of Virtual Routing and
Forwarding table
Describe the concept of routing protocol
contexts
Describe the interaction between PE-CE
routing protocols, backbone MP-BGP and
virtual routing and forwarding tables
MPLS v1.08-18
Review Questions
Which data structures are associated with a VRF?
How many interfaces can be associated
with a VRF?
How many VRFs can be associated with an interface?
What is a routing protocol context?
How are routing protocol contexts implemented
in RIP?
How are routing protocol contexts implemented
in OSPF?
How is a RIP route propagated into MP-BGP?
When is a MP-BGP route inserted into a VRF?
2001, Cisco Systems, Inc.
MPLS v1.08-19
MPLS v1.08-20
Objectives
Upon completion of this section, you will
be able to perform the following tasks:
Create a Virtual Routing and Forwarding
Table
Specify Routing Distinguisher and Route
Targets for the created VRF
Associate interfaces with the VRF
MPLS v1.08-21
MPLS v1.08-22
ip vrf name
rd route-distinguisher
MPLS v1.08-23
route-target export RT
route-target import RT
MPLS v1.08-24
route-target both RT
MPLS v1.08-25
Assigning an Interface to
VRF Table
router(config-if)#
MPLS v1.08-26
CE-RIP-A2
CE-BGP-A1
CE-BGP-A2
PE-Site-X
PE-Site-Y
CE-RIP-B1
CE-RIP-B2
MPLS v1.08-27
CE-BGP-A1
CE-RIP-B1
PE-Site-X
rd 115:43
CE-RIP-A2
route-target both 115:43
!
ip vrf Customer_B
CE-BGP-A2
rd 115:47
route-target
both 115:47
PE-Site-Y
!
interface serial 1/0/1
CE-RIP-B2
ip forwarding vrf Customer_A
ip address 10.1.0.1 255.255.255.252
!
interface serial 1/0/2
ip vrf forwarding Customer_A
ip address 10.1.0.5 255.255.255.252
!
interface serial 1/1/3
ip vrf forwarding Customer_B
ip address 10.2.0.1 255.255.255.252
MPLS v1.08-28
Summary
After completing this section, you should
be able to perform the following tasks:
Create a Virtual Routing and Forwarding Table
Specify Route Distinguisher and Route
Targets for the created VRF
Associate interfaces with the VRF
MPLS v1.08-29
Review Questions
Which commands do you use to create a VRF?
Which VRF parameters must be specified for a VRF to
become operational?
How do you associate an interface with a VRF?
What happens to an existing interface configuration
when you associate the interface with a VRF?
How many formats can you use to specify RD and
RT? What are these formats?
How many route targets can you configure on a VRF?
How many import route targets have to match a route
for the route to be imported into the VRF?
2001, Cisco Systems, Inc.
MPLS v1.08-30
MPLS v1.08-31
Objectives
Upon completion of this section, you will be able
to perform the following tasks:
Configure BGP address families
Configure MP-BGP neighbors
Configure inter-AS MP-BGP neighbors
Configure additional mandatory parameters on
MP-BGP neighbors
Configure propagation of standard and
extended BGP communities
Selectively enable IPv4 and MP-BGP sections
between BGP neighbors
2001, Cisco Systems, Inc.
MPLS v1.08-32
MPLS v1.08-33
address-family vpnv4
MPLS v1.08-34
BGP Neighbors
MP-BGP neighbors are configured
under the BGP routing process.
These neighbors need to be activated for
each global address family they support.
Per-address-family parameters can be
configured for these neighbors.
MPLS v1.08-35
Configuring MP-BGP
MPLS VPN MP-BGP configuration steps:
Configure MP-BGP neighbor under BGP
routing process
Configure BGP address family VPNv4
Activate configured BGP neighbor for VPNv4
route exchange
Specify additional parameters for VPNv4
route exchange (filters, next hops, and so
forth)
2001, Cisco Systems, Inc.
MPLS v1.08-36
Configuring MP-IBGP
router(config)#
address-family vpnv4
MPLS v1.08-37
Configuring MP-IBGP
router(config-router-af)#
MPLS v1.08-38
Configuring MP-EBGP
router(config)#
address-family vpnv4
neighbor IP-address activate
MPLS v1.08-39
MPLS v1.08-40
Configuring MP-BGP
BGP Community Propagation
router(config-router-af)#
MPLS v1.08-41
CE-RIP-A2
CE-BGP-A1
CE-BGP-A2
CE-RIP-B1
PE-Site-X
PE-Site-Y
interface loopback 0
ip address 172.16.1.1 255.255.255.255 CE-RIP-B2
!
router bgp 115
neighbor 172.16.1.2 remote-as 115
neighbor 172.16.1.2 update-source loopback 0
!
address-family vpnv4
neighbor 172.16.1.2 activate
neighbor 172.16.1.2 next-hop-self
neighbor 172.16.1.2 send-community both
MPLS v1.08-42
Configuring MP-BGP
Disabling IPv4 Route Exchange
router(config-router)#
MPLS v1.08-43
12703
12703
12703
MPLS v1.08-44
Summary
After completing this section, you should be
able to perform the following tasks:
Configure BGP address families
Configure MP-BGP neighbors
Configure inter-AS MP-BGP neighbors
Configure additional mandatory parameters
on MP-BGP neighbors
Configure propagation of standard and
extended BGP communities
Selectively enable IPv4 and MP-BGP
sections between BGP neighbors
2001, Cisco Systems, Inc.
MPLS v1.08-45
Review Questions
What is a BGP address family?
How many BGP address families do you have to
configure on a PE router?
In which address family is the MP-IBGP neighbor
configured?
What are the mandatory parameters that you have to
configure on a MP-BGP neighbor?
What additional parameters have to be configured to
support MP-EBGP neighbors?
How do you enable community propagation for VPNv4
MP-BGP sessions?
Why would you want to disable propagation of IPv4
routing updates between MP-BGP neighbors?
How is the propagation of IPv4 routing updates between
MP-BGP neighbors disabled?
2001, Cisco Systems, Inc.
MPLS v1.08-46
MPLS v1.08-47
Objectives
Upon completion of this section, you will be
able to perform the following tasks:
Configure VRF address families in routing
protocols
Configure per-VRF BGP parameters
Configure static routes within a VRF
Configure per-VRF OSPF process
Propagate RIP, OSPF, and static routes
across a MP-BGP backbone
2001, Cisco Systems, Inc.
MPLS v1.08-48
Configuring PE-CE
Routing Protocols
PE-CE routing protocols are configured for
individual VRFs.
Per-VRF routing protocols can be configured in
two ways:
There is only one BGP or RIP process per router,
per-VRF parameters are specified in routing
contexts, which are selected with the address family
command.
A separate OSPF process has to be started for each
VRF.
MPLS v1.08-49
router rip
address-family ipv4 vrf vrf-name
... Per-VRF RIP definitions ...
Similar to BGP, select per-VRF RIP context with the address-family
command.
Configure all per-VRF RIP parameters therestarting with network
numbers.
2001, Cisco Systems, Inc.
MPLS v1.08-50
MPLS v1.08-51
CE-BGP-A1
CE-BGP-A2
MPLS
PE-Site-X
PE-Site-Y
CE-RIP-B1
CE-RIP-B2
MPLS v1.08-52
MPLS v1.08-53
router rip
address-family ipv4 vrf vrf-name
redistribute bgp metric transparent
MPLS v1.08-54
CE-RIP-A2
CE-BGP-A1
CE-BGP-A2
CE-RIP-B1
PE-Site-X
PE-Site-Y
router rip
CE-RIP-B2
version 2
address-family ipv4 vrf Customer_ABC
network 10.0.0.0
redistribute bgp 12703 metric transparent
!
router bgp 12703
address-family ipv4 vrf Customer_ABC
redistribute rip
MPLS v1.08-55
MPLS v1.08-56
Configuring PE-CE
OSPF Routing
router(config)#
MPLS v1.08-57
Configuring Per-VRF
Static Routes
router(config)#
MPLS v1.08-58
Summary
After completing this section, you should
be able to perform the following tasks:
Configure VRF address families in routing
protocols
Configure per-VRF BGP parameters
Configure static routes within a VRF
Configure per-VRF OSPF process
Propagate RIP, OSPF, and static routes across
a MP-BGP backbone
2001, Cisco Systems, Inc.
MPLS v1.08-59
Review Questions
How do you configure the routing context in RIP?
How do you configure the routing context in
OSPF?
How many VPN OSPF processes can run
simultaneously in an MPLS VPN PE-router?
Where do you configure a CE EBGP neighbor?
How do you propagate static VRF routes between
PE routers?
How do you propagate RIP metric across the
MPLS VPN backbone?
2001, Cisco Systems, Inc.
MPLS v1.08-60
MPLS v1.08-61
MPLS v1.08-62
Objectives
Upon completion of this section, you will
be able to perform the following tasks:
Monitor individual VRFs and routing
protocols running in them
Monitor MP-BGP sessions between the PE
routers
Monitor inter-AS MP-BGP sessions between
the PE routers
Monitor MP-BGP table
Monitor CEF and LFIB structures associated
with MPLS VPN
2001, Cisco Systems, Inc.
MPLS v1.08-63
Monitoring VRF
router#
show ip vrf
MPLS v1.08-64
show ip vrf
Router#show ip vrf
Name
SiteA2
SiteB
SiteX
Router#
Default RD
103:30
103:11
103:20
Interfaces
Serial1/0.20
Serial1/0.100
Ethernet0/0
MPLS v1.08-65
MPLS v1.08-66
VRF
SiteA2
SiteB
SiteX
Protocol
up
up
up
MPLS v1.08-67
MPLS v1.08-68
MPLS v1.08-69
rest deleted
MPLS v1.08-70
MPLS v1.08-71
router#
MPLS v1.08-72
MPLS v1.08-73
MPLS v1.08-74
Monitoring an MP-BGP
VPNv4 Table
router#
MPLS v1.08-75
MPLS v1.08-76
MPLS v1.08-77
MPLS v1.08-78
MPLS v1.08-79
vrf SiteA2
Bytes tag
switched
0
0
0
Outgoing
interface
Next Hop
Se1/0.20
Se1/0.20
point2point
point2point
tags 37 detail
Outgoing
Next Hop
interface
Se1/0.20
point2point
MPLS v1.08-80
MPLS v1.08-81
MPLS v1.08-82
Summary
After completing this section, you should
be able to perform the following tasks:
Monitor individual VRFs and routing
protocols running in them
Monitor MP-BGP sessions between the PE
routers
Monitor inter-AS MP-BGP sessions between
the PE routers
Monitor MP-BGP table
Monitor CEF and LFIB structures associated
with MPLS VPN
2001, Cisco Systems, Inc.
MPLS v1.08-83
Review Questions
MPLS v1.08-84
Troubleshooting
MPLS VPN
2001, Cisco Systems, Inc.
MPLS v1.08-85
Objectives
Upon completion of this section, you will
be able to perform the following tasks:
Verify proper PE-to-PE connectivity
Verify proper redistribution of VPN routes
and creation of MPLS labels
Verify VPN route propagation and data
forwarding
MPLS v1.08-86
MPLS v1.08-87
MPLS v1.08-88
CE-Spoke
PE-1
PE-2
CE-Spoke
CE-Spoke
MPLS v1.08-89
CE-Spoke
PE-1
CE-Spoke
PE-2
CE-Spoke
MPLS v1.08-90
CE-Spoke
PE-1
PE-2
CE-Spoke
CE-Spoke
MPLS v1.08-91
CE-Spoke
PE-1
PE-2
CE-Spoke
CE-Spoke
MPLS v1.08-92
CE-Spoke
PE-1
PE-2
CE-Spoke
CE-Spoke
MPLS v1.08-93
CE-Spoke
PE-1
CE-Spoke
PE-2
CE-Spoke
MPLS v1.08-94
CE-Spoke
PE-1
CE-Spoke
PE-2
CE-Spoke
MPLS v1.08-95
MPLS v1.08-96
CE-Spoke
PE-1
PE-2
CE-Spoke
CE-Spoke
MPLS v1.08-97
MPLS v1.08-98
CE-Spoke
PE-1
PE-2
CE-Spoke
CE-Spoke
MPLS v1.08-99
CE-Spoke
PE-1
CE-Spoke
PE-2
CE-Spoke
Is there an end-to-end label switched path tunnel (LSP tunnel) between PE routers?
Check summarization issuesBGP next hop should be reachable as host route.
Quick checkif time-to-live (TTL) propagation is disabled, the trace from PE-2 to
PE-1 should contain only one hop.
If needed, check LFIB values hop-by-hop.
Check for MTU issues on the pathMPLS VPN requires a larger label header
than pure MPLS.
MPLS v1.08-100
CE-Spoke
PE-1
CE-Spoke
PE-2
CE-Spoke
MPLS v1.08-101
Summary
After completing this section, you should
be able to perform the following tasks:
Verify proper PE-to-PE connectivity
Verify proper redistribution of VPN routes and
creation of MPLS labels
Verify VPN route propagation and data
forwarding
MPLS v1.08-102
Review Questions
What are the preliminary MPLS VPN troubleshooting steps?
How would you verify routing information exchange between PE
routers?
How would you verify that the VPNv4 routes are entered in the proper
VRF?
How would you verify redistribution of VPNv4 routes into PE-CE
routing protocol?
How would you test end-to-end data flow between PE routers?
How would you verify that the CE routes get redistributed into MP-BGP
with proper route targets?
How would you check for potential MTU size issues on the path taken
by PE-to-PE LSP?
How would you verify that the PE router ingress interface supports
CEF switching?
MPLS v1.08-103
Advanced VRF
Import/Export Features
2001, Cisco Systems, Inc.
MPLS v1.08-104
Objectives
Upon completion of this section, you will be
able to perform the following tasks:
Configure import and export route maps
within VRFs
Configure limits on the number of routes
accepted from a BGP neighbor
Configure limits on the total number of
routes in a VRF
MPLS v1.08-105
Selective export:
Specify additional RTs attached to exported
routes.
MPLS v1.08-106
MPLS v1.08-107
Configuring Selective
VRF import
router(config-vrf)#
MPLS v1.08-108
AS 115
VPN-IPv4 update:
RD:192.168.30.3/32
RT=115:317
PE-Site-X
ip vrf Site_A
rd 115:317
import map RTMAP
route-target both 115:317
!
access-list 10 permit 192.168.30.0
!
route-map RTMAP permit 10
match ip address 10
2001, Cisco Systems, Inc.
VPN-IPv4 update:
RD:192.168.31.0/24
RT=115:317
MPLS v1.08-109
Selective Export
Routes from a VRF might have to be exported with
different RTs:
An example would be export management routes with
particular RTs.
MPLS v1.08-110
router(config)#
Configuring Selective
VRF Export
MPLS v1.08-111
AS 115
VPN-IPv4 update:
RD:192.168.0.5/32
RT=115:317
VPN-IPv4 update:
RD:192.168.30.0/24
RT=115:317 115:273
PE-Site-X
ip vrf Site_A
rd 115:317
export map RTMAP
route-target both 115:317
!
access-list 10 permit 192.168.30.0 0.0.0.0
!
route-map RTMAP permit 10
match ip address 10
set extcommunity rt 115:273 additive
2001, Cisco Systems, Inc.
MPLS v1.08-112
MPLS v1.08-113
MPLS v1.08-114
MPLS v1.08-115
MPLS v1.08-116
AS 115
IPv4 update:
192.168.50.0/24
IPv4 update:
192.168.55.0/24
VPN-IPv4 update:
RD:192.168.60.0/24
RT=100:1
PE-Site-X
VPN-IPv4 update:
RD:192.168.70.0/24
RT=100:1
PE-Site-Y
ip vrf Site_A
rd 115:317
route-target both 115:317
maximum-routes 4 75
MPLS v1.08-117
Summary
After completing this section, you should be
able to perform the following tasks:
Configure import and export route maps
within VRFs
Configure limits on the number of routes
accepted from a BGP neighbor
Configure limits on the total number of routes
in a VRF
MPLS v1.08-118
Review Questions
Why would you need the selective VRF import command?
How does the import route-map affect VRF import process?
Why would you need the selective VRF export command?
How does the export route-map affect VRF export process?
Which BGP attributes can be set with an export route-map?
Why would you need the VRF route limit command?
How many VRF route-limiting options does IOS offer?
When would you want to use the BGP maximum-prefix
parameter?
When would you want to use the VRF route-limit?
MPLS v1.08-119
MPLS v1.08-120
Objectives
Upon completion of this section, you will be
able to perform the following tasks:
Describe and properly use the AS-Override
feature
Describe and properly use the Allowas-in
feature
Configure Site-Of-Origin (SOO) on incoming
interface or BGP neighbor
MPLS v1.08-121
10.1.0.0/16 213
P-Network
AS 115
PE-Site-X
i 10.1.0.0/16 213
Site B
AS 213
PE-Site-Y
CE-BGP-A2
MPLS v1.08-122
AS-Override Overview
New AS path update procedures have been
implemented in order to reuse the same AS
number on all VPN sites.
The procedures allow the use of private as
well as public AS number.
The same AS number may be used for all
sites, whatever is their VPN.
MPLS v1.08-123
AS-Override Implementation
With AS-Override configured, the AS path
update procedure on the PE router is as
follows:
If the first AS number in AS path is equal to the
neighboring one, it is replaced with the
provider AS number.
If the first AS number has multiple occurrences
(due to AS path prepend), all occurrences are
replaced with the provider AS number.
After this operation, the provider AS number is
prepended to the AS path.
2001, Cisco Systems, Inc.
MPLS v1.08-124
Configuring AS-Override
router(config-router-af)#
MPLS v1.08-125
AS-Override in Action
router bgp 115
address-family ipv4 vrf Customer_A
neighbor 10.200.2.1 remote-as 213
neighbor 10.200.2.1 activate
neighbor 10.200.2.1 as-override
Site A
AS 213
CE-BGP-A1
10.1.0.0/16 213
AS 115
Site B
AS 213
PE-Site-X
i 10.1.0.0/16 213
PE-Site-Y
CE-BGP-A2
MPLS v1.08-126
AS 115
PE-Site-X
Site B
AS 213
PE-Site-Y
CE-BGP-A2
MPLS v1.08-127
VPN-B
CE-BGP-A1
MPLS v1.08-128
PE-1
P-Network
AS 115
VPN-B
PE-2
CE-BGP-A1
C-Network
AS 213
P-Network
AS 115
MPLS v1.08-129
PE-1
VPN-B
10.1.0.0/16 115
P-Network
AS 115
CE-BGP-A110.1.0.0/16
C-Network
AS 213
213 115
PE-2
P-Network
AS 115
MPLS v1.08-130
Allowas-in
The allowas-in BGP option disables the
AS path check on the PE router.
The number of occurrences of routers own
AS number is limited to suppress real routing
loops.
The limit has to be configured.
The PE router will only reject the update only
if its AS number appears in the AS path more
often than the configured limit.
MPLS v1.08-131
Configuring Allowas-in
router(config-router)#
MPLS v1.08-132
MPLS v1.08-133
MPLS v1.08-134
MPLS v1.08-135
MPLS v1.08-136
MPLS v1.08-137
MPLS v1.08-138
Summary
After completing this section, you should
be able to perform the following tasks:
Describe and properly use the AS-Override
feature
Describe and properly use the Allowas-in
feature
Configure Site-Of-Origin (SOO) on incoming
interface or BGP neighbor
MPLS v1.08-139
Review Questions
MPLS v1.08-140
Summary
After completing this lesson, you should be able
to perform the following tasks:
Configure Virtual Routing and Forwarding tables
Configure Multi-protocol BGP in MPLS VPN
backbone
Configure PE-CE routing protocols
Configure advanced MPLS VPN features
Monitor MPLS VPN operations
Troubleshoot MPLS VPN implementation
2001, Cisco Systems, Inc.
MPLS v1.08-141
MPLS v1.08-142