++++++++++++++++++++++++++++++++++++++++++++++ MPLS VPN Configuration Steps ++++++++++++++++++++++++++++++++++++++++++++++ 1. Configure the Underlay IGP within the SP Network 2. Configure MPLS Unicast Routing using LDP 3. Configure the PE Routers with MP-BGP (VPNv4 - VPNv6) ---------------------------------------------------- 4. Configure the PE Router for Each Customer using a VRF A. Create the VRF B. Configure the PE-CE Interface within the VRF C. Configure the PE-CE Routing Protocol and Redistribution 5. Configure the PE-CE Routing Protocol on the CE Router ************************************************************** Lab 1 - Configure the Underlay IGP within the SP Network ************************************************************** ---- R1 ---- Interface loopback0 ip ospf network point-to-point ! router ospf 1 router-id 0.0.0.1 network 192.1.12.0 0.0.0.255 area 0 network 1.0.0.0 0.255.255.255 area 0 ---- R2 ---- Interface loopback0 ip ospf network point-to-point ! router ospf 1 router-id 0.0.0.2 network 192.1.12.0 0.0.0.255 area 0 network 192.1.23.0 0.0.0.255 area 0 network 2.0.0.0 0.255.255.255 area 0 ---- R3 ---- Interface loopback0 ip ospf network point-to-point ! router ospf 1 router-id 0.0.0.3 network 192.1.23.0 0.0.0.255 area 0 network 192.1.34.0 0.0.0.255 area 0 network 3.0.0.0 0.255.255.255 area 0 ---- R4 ---- Interface loopback0 ip ospf network point-to-point ! router ospf 1 router-id 0.0.0.4 network 192.1.34.0 0.0.0.255 area 0 network 4.0.0.0 0.255.255.255 area 0 ************************************************************** Lab 2 - Configure MPLS Unicast Routing using LDP ************************************************************** ---- R1 ---- mpls ldp router-id loopback0 ! Interface E0/0 mpls ip ---- R2 ---- mpls ldp router-id loopback0 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ---- R3 ---- mpls ldp router-id loopback0 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ---- R4 ---- mpls ldp router-id loopback0 ! Interface E0/0 mpls ip ************************************************************** Lab 3 - Configure the PE Routers with MP-BGP ************************************************************** ---- R1 ---- router bgp 1000 neighbor 4.4.4.4 remote-as 1000 neighbor 4.4.4.4 update-source loopback0 ! address-family vpnv4 neighbor 4.4.4.4 activate ---- R4 ---- router bgp 1000 neighbor 1.1.1.1 remote-as 1000 neighbor 1.1.1.1 update-source loopback0 ! address-family vpnv4 neighbor 1.1.1.1 activate ************************************************************************ Lab 4 - Configure the PE Router for Each Customer using a VRF - CUST-A ************************************************************************ ---- R1 ---- vrf definition CUST-A rd 1000:1 route-target both 1000:1 address-family ipv4 ! Interface E0/1 vrf forwarding CUST-A ip address 192.1.15.1 255.255.255.0 no shut ! router ospf 11 vrf CUST-A network 192.1.15.0 0.0.0.255 area 0 redistribute bgp 1000 ! router bgp 1000 address-family ipv4 vrf CUST-A redistribute ospf 11 ---- R4 ---- vrf definition CUST-A rd 1000:1 route-target both 1000:1 address-family ipv4 ! Interface E0/2 vrf forwarding CUST-A ip address 192.1.48.4 255.255.255.0 no shut ! router ospf 11 vrf CUST-A network 192.1.48.0 0.0.0.255 area 0 redistribute bgp 1000 ! router bgp 1000 address-family ipv4 vrf CUST-A redistribute ospf 11 ************************************************************************ Lab 5 - Configure the PE-CE Routing Protocol on the CE Router - CUST-A ************************************************************************ ---- R5 ---- router ospf 1 network 192.1.15.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ---- R8 ---- router ospf 1 network 192.1.48.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ************************************************************************ Lab 6 - Configure the PE Router for Each Customer using a VRF - CUST-B ************************************************************************ ---- R1 ---- vrf definition CUST-B rd 1000:2 route-target both 1000:2 address-family ipv4 ! Interface E0/2 vrf forwarding CUST-B ip address 192.1.16.1 255.255.255.0 no shut ! router ospf 6 vrf CUST-B network 192.1.16.0 0.0.0.255 area 0 redistribute bgp 1000 ! router bgp 1000 address-family ipv4 vrf CUST-B redistribute ospf 6 ---- R4 ---- vrf definition CUST-B rd 1000:2 route-target both 1000:2 address-family ipv4 ! Interface E0/1 vrf forwarding CUST-B ip address 192.1.47.4 255.255.255.0 no shut ! router ospf 7 vrf CUST-B network 192.1.47.0 0.0.0.255 area 0 redistribute bgp 1000 ! router bgp 1000 address-family ipv4 vrf CUST-B redistribute ospf 7 ************************************************************************ Lab 7 - Configure the PE-CE Routing Protocol on the CE Router - CUST-B ************************************************************************ ---- R6 ---- router ospf 1 network 192.1.16.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ---- R7 ---- router ospf 1 network 192.1.47.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ************************************************************************ Lab 8 - Configuring the Domain-ID for OSPF ************************************************************************ ---- R1 ---- router ospf 6 vrf CUST-B domain-id 0.0.0.67 ---- R4 ---- router ospf 7 vrf CUST-B domain-id 0.0.0.67 ************************************************************************ Lab 9 - Configuring the Sham Link ************************************************************************ ===================================================================== 1. Configure the backdoor link between R6 & R7 & enable it in OSPF ===================================================================== ---- R6 ---- Interface E0/1 ip address 192.168.1.6 255.255.255.0 ip ospf cost 1000 no shut ! router ospf 1 network 192.168.1.0 0.0.0.255 area 0 ---- R7 ---- Interface E0/1 ip address 192.168.1.7 255.255.255.0 ip ospf cost 1000 no shut ! router ospf 1 network 192.168.1.0 0.0.0.255 area 0 ===================================================================== 2. Configure a Sham Link between the PE Routers for CUST-B ===================================================================== ---- R1 ---- Interface loopback99 vrf forwarding CUST-B ip address 10.67.67.1 255.255.255.255 ! router bgp 1000 address-family ipv4 vrf CUST-B network 10.67.67.1 mask 255.255.255.255 ! router ospf 6 vrf CUST-B area 0 sham-link 10.67.67.1 10.67.67.4 ---- R4 ---- Interface loopback99 vrf forwarding CUST-B ip address 10.67.67.4 255.255.255.255 ! router bgp 1000 address-family ipv4 vrf CUST-B network 10.67.67.4 mask 255.255.255.255 ! router ospf 7 vrf CUST-B area 0 sham-link 10.67.67.4 10.67.67.1 ************************************************************************ Lab 10 - Configuring BGP as the PE-CE Protocol ************************************************************************ ===================================================================== 1. De-Configure CUST-A & CUST-B ===================================================================== ---- R1 ---- no vrf definition CUST-A no vrf definition CUST-B ---- R4 ---- no vrf definition CUST-A no vrf definition CUST-B ---- R5 ---- no router ospf 1 ---- R6 ---- no router ospf 1 ---- R7 ---- no router ospf 1 ---- R8 ---- no router ospf 1 ===================================================================== 2. Configure the PE Routers for CUST-A ===================================================================== ---- R1 ---- vrf definition CUST-A rd 1000:1 route-target both 1000:1 address-family ipv4 ! Interface E0/1 vrf forwarding CUST-A ip address 192.1.15.1 255.255.255.0 no shut ! router bgp 1000 address-family ipv4 vrf CUST-A neighbor 192.1.15.5 remote-as 65005 ---- R4 ---- vrf definition CUST-A rd 1000:1 route-target both 1000:1 address-family ipv4 ! Interface E0/2 vrf forwarding CUST-A ip address 192.1.48.4 255.255.255.0 no shut ! router bgp 1000 address-family ipv4 vrf CUST-A neighbor 192.1.48.8 remote-as 65008 ===================================================================== 3. Configure the CE Routers for CUST-A ===================================================================== ---- R5 ---- router bgp 65005 neighbor 192.1.15.1 remote-as 1000 network 10.1.1.0 mask 255.255.255.0 network 10.5.5.0 mask 255.255.255.0 ---- R8 ---- router bgp 65008 neighbor 192.1.48.4 remote-as 1000 network 10.2.2.0 mask 255.255.255.0 network 10.8.8.0 mask 255.255.255.0 ===================================================================== 4. Configure the PE Routers for CUST-B ===================================================================== ---- R1 ---- vrf definition CUST-B rd 1000:2 route-target both 1000:2 address-family ipv4 ! Interface E0/2 vrf forwarding CUST-B ip address 192.1.16.1 255.255.255.0 no shut ! router bgp 1000 address-family ipv4 vrf CUST-B neighbor 192.1.16.6 remote-as 65002 ---- R4 ---- vrf definition CUST-B rd 1000:2 route-target both 1000:2 address-family ipv4 ! Interface E0/1 vrf forwarding CUST-B ip address 192.1.47.4 255.255.255.0 no shut ! router bgp 1000 address-family ipv4 vrf CUST-B neighbor 192.1.47.7 remote-as 65002 ===================================================================== 5. Configure the CE Routers for CUST-B ===================================================================== ---- R6 ---- router bgp 65002 neighbor 192.1.16.1 remote-as 1000 network 10.1.1.0 mask 255.255.255.0 network 10.6.6.0 mask 255.255.255.0 ---- R7 ---- router bgp 65002 neighbor 192.1.47.4 remote-as 1000 network 10.2.2.0 mask 255.255.255.0 network 10.7.7.0 mask 255.255.255.0 ************************************************************************ Lab 11 - Configuring the AS-Override Option - PE Solution ************************************************************************ ---- R4 ---- router bgp 1000 address-family ipv4 vrf CUST-B neighbor 192.1.47.7 as-override ************************************************************************ Lab 12 - Configuring the Allowas-in - CE Solution ************************************************************************ ---- R6 ---- router bgp 65002 neighbor 192.1.16.1 allowas-in ************************************************************************ Lab 13 - Configuring Route Leaking between VRFs - Extranets ************************************************************************ ---- R1 ---- access-list 1 permit 10.5.5.0 0.0.0.255 ! route-map EM-CUST-A match ip address 1 set extcommunity rt 1000:99 ! vrf definition CUST-A address-family ipv4 export map EM-CUST-A route-target import 1000:99 route-target import 1000:1 access-list 2 permit 10.6.6.0 0.0.0.255 ! route-map EM-CUST-B match ip address 2 set extcommunity rt 1000:99 ! vrf definition CUST-B address-family ipv4 export map EM-CUST-B route-target import 1000:99 route-target import 1000:2 ---- R4 ---- access-list 1 permit 10.8.8.0 0.0.0.255 ! route-map EM-CUST-A match ip address 1 set extcommunity rt 1000:99 ! vrf definition CUST-A address-family ipv4 export map EM-CUST-A route-target import 1000:99 route-target import 1000:1 access-list 2 permit 10.7.7.0 0.0.0.255 ! route-map EM-CUST-B match ip address 2 set extcommunity rt 1000:99 ! vrf definition CUST-B address-family ipv4 export map EM-CUST-B route-target import 1000:99 route-target import 1000:2 ************************************************************************ Lab 14 - Configure the Core for MP-BGP for the VPNv6 address-family ************************************************************************ ---- R1 ---- ipv6 unicast-routing ! router bgp 1000 address-family vpnv6 neighbor 4.4.4.4 activate ---- R4 ---- ipv6 unicast-routing ! router bgp 1000 address-family vpnv6 neighbor 1.1.1.1 activate ************************************************************************ Lab 15 - Configure the PE-Routers for IPv6 - CUST-A ************************************************************************ ---- R1 ---- vrf definition CUST-A address-family ipv6 route-target both 1000:1 ! Interface E0/1 ipv6 address FC00:192:1:15::1/64 ! router bgp 1000 address-family ipv6 vrf CUST-A neighbor FC00:192:1:15::5 remote-as 65005 ---- R4 ---- vrf definition CUST-A address-family ipv6 route-target both 1000:1 ! Interface E0/2 ipv6 address FC00:192:1:48::4/64 ! router bgp 1000 address-family ipv6 vrf CUST-A neighbor FC00:192:1:48::8 remote-as 65008 ---- R4 ---- vrf definition CUST-A rd 1000:1 route-target both 1000:1 address-family ipv4 ! Interface E0/2 vrf forwarding CUST-A ip address 192.1.48.4 255.255.255.0 no shut ! router bgp 1000 address-family ipv4 vrf CUST-A neighbor 192.1.48.8 remote-as 65008 ************************************************************************ Lab 16 - Configure the CE-Routers for IPv6 - CUST-A ************************************************************************ ---- R5 ---- ipv6 unicast-routing ! Interface Loopback0 ipv6 address fc00:10:5:5::5/64 ! Interface Loopback1 ipv6 address fc00:10:1:1::1/64 ! Interface E0/0 ipv6 address fc00:192:1:15::5/64 ! router bgp 65005 address-family ipv6 neighbor fc00:192:1:15::1 remote-as 1000 network fc00:10:1:1::/64 network fc00:10:5:5::/64 ---- R8 ---- ipv6 unicast-routing ! Interface Loopback0 ipv6 address fc00:10:8:8::8/64 ! Interface Loopback1 ipv6 address fc00:10:2:2::2/64 ! Interface E0/0 ipv6 address fc00:192:1:48::8/64 ! router bgp 65008 address-family ipv6 neighbor fc00:192:1:48::4 remote-as 1000 network fc00:10:2:2::/64 network fc00:10:8:8::/64