MPLS Configuration Lab
This lab was something I worked on last week and for some reason it stuck in
my head very well. I can put together a basic MPLS configuration now from
memory which is definitely a step up from where I was. Here are a few details
of what I put together.
• VRF 1 = Client1
o Two routers, two locations
o 192.168.1.0/24 and 192.168.2.0/24
• VRF 2 = Client2
o Two Routers, two locations
o 172.16.1.0/24
o 172.16.2.0/24
• Two PE Routers – PE1 and PE2. They are connected with the 10.0.0.0/24
network. PE1 has a loopback of 1.1.1.1 and PE2 has 2.2.2.2. This Provider
network could easily be increased in size and number of devices. Most
labs will use OSPF or EIGRP for the Provider network with a BGP
connection between the specific provider edge devices connecting to the
client.
Here’s what the topology looks like:
The first thing that I did was create the basic interface connections. I will omit
that step for the sake of keeping this post to the point. Next, I created the
VRF’s on each PE router:
ip vrf Client1
rd 65000:1
route-target export 65000:1
route-target import 65000:1
!
ip vrf Client2
rd 65000:2
route-target export 65000:2
route-target import 65000:2
Basically what you first do is create a VRF with a unique name. Next you set the
route distinguisher. This allows you to share only Client 1’s routes with other
Client 1 devices and so on. The route targets allow you to customize the setup a
bit more in the sense that you choose the route distinguisher that you exports
as and then customize which routes you wish to accept as well. For the sake of
this lab, we’ll keep it simple though. Once the VRF’s are created, they need to
be attached to client facing interfaces to designate the traffic that should be
transferred accordingly. Just takes one command, but definitely not something
to forget.
interface Ethernet0/0
ip vrf forwarding Client1
Next, I take care of the client side OSPF connections. On the client devices
there is nothing special. Just standard OSPF setup. The PE routers are where
things are a bit different. We are going to setup two OSPF processes. Then we
will tie each process to a specific interface:
router ospf 1 vrf Client1
router-id 192.168.1.1
!
router ospf 2 vrf Client2
router-id 172.16.1.1
!
interface Ethernet0/0
ip vrf forwarding Client1
ip address 192.168.1.1 255.255.255.0
ip ospf 1 area 0
!
interface Ethernet0/1
ip vrf forwarding Client2
ip address 172.16.1.1 255.255.255.0
ip ospf 2 area 0
Client 1 is now communicating with PE1’s VRF 1 and Client 2 on VRF 2. Once
the OSPF configuration is done on the client’s device, the connections should be
established:
PE1#sh ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.1.2 1 FULL/DR 00:00:38 172.16.1.2 Ethernet0/1
192.168.1.2 1 FULL/DR 00:00:33 192.168.1.2 Ethernet0/0
PE1#
Now where the real fun begins: the BGP portion of the lab.
A basic BGP Configuration would look like this:
router bgp 65000
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 65000
neighbor 2.2.2.2 update-source Loopback0
That got a basic BGP connection established between the two PE routers. Next,
we need to need to configure BGP for the vpnv4 address family. This establishes
which devices will be a part of these client tunnels:
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
The neighbor is first activated and then we choose to send extended
communities to make sure the route distinguishers are shared correctly. Now
we need to define the VRF’s that will be shared:
address-family ipv4 vrf Client1
exit-address-family
!
address-family ipv4 vrf Client2
exit-address-family
!
So what we have here is basic routing protocol configuration including OSPF and
BGP as well as two VRF’s, one for each “client”. OSPF and BGP are still separate
from each other. We need to begin sharing routes between the each of them.
This will be accomplished with route redistribution. It will look a bit like this:
router ospf 1 vrf Client1
router-id 192.168.1.1
redistribute bgp 65000 subnets
!
router ospf 2 vrf Client2
router-id 172.16.1.1
redistribute bgp 65000 subnets
!
router bgp 65000
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 65000
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
neighbor 2.2.2.2 activate
exit-address-family
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf Client1
redistribute ospf 1
exit-address-family
!
address-family ipv4 vrf Client2
redistribute ospf 2
exit-address-family
!
Everything should be working now right? You will notice that Client-1-1 still
can’t see routes on Client-1-2’s side. This is a MPLS lab after all, we need to
configure MPLS!
***Normally I would do this first, but I saved it for the end of this lab***
Globally, the command “mpls ip” needs to be configured on each PE router.
Next the interfaces facing the MPLS network (in this case the provider network)
need to have that same identical command configure. Here is the config from
PE1:
mpls ip
!
interface Ethernet0/2
ip address 10.0.0.1 255.255.255.0
mpls ip
Once completed on both ends, you should be alerted to the new MPLS
connection:
PE1(config)#interface e0/2
PE1(config-if)#mpls ip
PE1(config-if)#
*Aug 7 11:56:32.209: %LDP-5-NBRCHG: LDP Neighbor 2.2.2.2:0 (2) is
UP
PE1(config-if)#
A quick show command can show us some more details about the connection as
well:
PE1#sh mpls interfaces
Interface IP Tunnel BGP Static Operational
Ethernet0/2 Yes (ldp) No No No Yes
PE1#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.34380 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 8/8; Downstream
Up time: 00:02:15
LDP discovery sources:
Ethernet0/2, Src IP addr: 10.0.0.2
Addresses bound to peer LDP Ident:
10.0.0.2 2.2.2.2
PE1#
PE1#show mpls ldp bindings
lib entry: 1.1.1.1/32, rev 2
local binding: label: imp-null
remote binding: lsr: 2.2.2.2:0, label: 17
lib entry: 2.2.2.2/32, rev 4
local binding: label: 16
remote binding: lsr: 2.2.2.2:0, label: imp-null
lib entry: 10.0.0.0/24, rev 6
local binding: label: imp-null
remote binding: lsr: 2.2.2.2:0, label: imp-null
PE1#