Home » MPLS » Basic MPLS VPN Configuration

Basic MPLS VPN Configuration

The network topology  is  a very simple MPLS VPN configuration for two customers using overlapping address space and each customer has 2 sites connecting to the Provider network.
R1,R2 and R3 are the provider routers, R1 being the P-Router and R2,R3 PE-Routers.
Customer-1 is using BGP to connect to the Provider network, and customer-1 routers are R4 and R6.
Customer-2 is using static routing to connect to Provider network, and customer-2 routers are R5 and R7.
In the Provider network, we have defined a VRF for each of these customers and accommodated for the BGP routing for Customer-1 and Static Routing for Customer-2.
Both Customer-1 and Customer-2 are using the IP address space 192.168.10.0/24 and 192.168.20.0/24 at each of their sites.

Configuring PE Routers correctly is the key in getting the MPLS VPN up and running. From the above network diagram,  configuration steps are listed for the PE-Router R2. Rest of the configurations for all other routers in this network can be found after the steps discussed in R2’s configuration.

Step By Step Configuration on PE-Router R2.

1. Define the VRFs, one each per customer and associate them with RD and RT values.
R2(config)#ip vrf cust1
R2(config-vrf)#rd 65000:100
R2(config-vrf)#route-target both 65000:100
R2(config-vrf)#exit

R2(config)#ip vrf cust2
R2(config-vrf)#rd 65000:200
R2(config-vrf)#route-target 65000:200
R2(config-vrf)#exit

2. Assign the customer Interfaces to the respective VRF and then assign IP address,encapsulation to the interface.
Note if the Interface already has an IP address, then assigning that interface to VRF will remove the IP address from the interface and you will have to configure the IP address again. The same goes true when an Interface is removed from a VRF.

R2(config)#int s1/0
R2(config-if)#ip vrf forwarding cust1
R2(config-if)#encap ppp
R2(config-if)#desc To-R4
R2(config-if)#ip address 172.16.90.1 255.255.255.252
R2(config-if)#no shut

R2(config-if)#int s1/1
R2(config-if)#ip vrf forwarding cust2
R2(config-if)#ip address 172.16.100.1 255.255.255.252
R2(config-if)#encap ppp
R2(config-if)#no shut
R2(config-if)#desc To-R5

3. Define Loopback Interface to be used for MP-BGP with the other PE Router.
R2(config)#int lo0
R2(config-if)#ip add 10.1.1.102 255.255.255.255
R2(config-if)#end

4. Configure the MPLS label protocol and Router-ID interface.
R2(config)#mpls label protocol ldp
R2(config)#mpls ldp router-id lo0

5.  Here we configured the interface to be used in LDP.
R2(config)#int fa0/0
R2(config-if)#ip add 10.1.1.1 255.255.255.252
R2(config-if)#desc to-R1
R2(config-if)#mpls ip
R2(config-if)#no shut

6. configure BGP with the customer-1 CE. Note that the BGP is defined under address family VRF.
R2(config)#router bgp 65000
R2(config-router)#address-family ipv4 vrf cust1
R2(config-router-af)#neighbor 172.16.90.2 remote-as 65531
R2(config-router-af)#neighbor 172.16.90.2 soft-reconfiguration in
R2(config-router-af)#nei 172.16.90.2 as-override
R2(config-router-af)#exit

7. Since Customer-2 is doing static routing we have redistributed the static and connected routes, (static route defined in next step)
R2(config-router)#address-family ipv4 vrf cust2
R2(config-router-af)#redistribute static
R2(config-router-af)#redistribute connected
R2(config-router-af)#end

8. Define the static route under the VRF to appropriately forward the customer-2’s traffic between their sites.
R2(config)#ip route vrf cust2 192.168.10.0 255.255.255.0 172.16.100.2

9. Define BGP with the other PE-Router.
R2(config-router)#neighbor 10.1.1.103 remote-as 65000
R2(config-router)#no auto-summary
R2(config-router)#no synchronization
R2(config-router)#neighbor 10.1.1.103 update-source loopback 0
R2(config-router)#neighbor 10.1.1.103 next-hop-self

10. Activate iBGP with other PE Router and define send community extended for the RT values to be sent and received, RT values used the extended community and have to be configured.
R2(config-router)#address-family vpnv4
R2(config-router-af)#neighbor 10.1.1.103 activate
R2(config-router-af)#neighbor 10.1.1.103 send-community extended
R2(config-router-af)#end

11. Configure OSPF, and once OSPF is up  between PE and P routers you will see the LDP messages being exchanged.

R2(config)#router ospf 1
R2(config-router)#network 10.1.1.0 0.0.0.255 area 0

ROUTER- R3 Configs (Only Required Configurations Posted Here)

ip cef
!
!
ip vrf cust1
rd 65000:100
route-target export 65000:100
route-target import 65000:100
!
ip vrf cust2
rd 65000:200
route-target export 65000:200
route-target import 65000:200
!
!
!
no ip domain lookup
mpls label protocol ldp
interface Loopback0
ip address 10.1.1.103 255.255.255.255
!
!
interface FastEthernet0/0
description to-R1
ip address 10.1.1.6 255.255.255.252
duplex auto
speed auto
mpls ip

interface Serial1/0
description to-R6
ip vrf forwarding cust1
ip address 172.16.110.1 255.255.255.252
encapsulation ppp
serial restart-delay 0

interface Serial1/1
description to-R7
ip vrf forwarding cust2
ip address 172.16.120.1 255.255.255.252
encapsulation ppp
serial restart-delay 0

router ospf 1
log-adjacency-changes
network 10.1.1.0 0.0.0.255 area 0
!
router bgp 65000
no synchronization
bgp log-neighbor-changes
neighbor 10.1.1.102 remote-as 65000
neighbor 10.1.1.102 update-source Loopback0
neighbor 10.1.1.102 next-hop-self
neighbor 10.1.1.102 soft-reconfiguration inbound
no auto-summary
!
address-family vpnv4
neighbor 10.1.1.102 activate
neighbor 10.1.1.102 send-community extended
exit-address-family
!
address-family ipv4 vrf cust1
no synchronization
neighbor 172.16.110.2 remote-as 65531
neighbor 172.16.110.2 activate
neighbor 172.16.110.2 as-override
neighbor 172.16.110.2 soft-reconfiguration inbound
exit-address-family
!
address-family ipv4 vrf cust2
no synchronization
redistribute connected
redistribute static
exit-address-family

ip route vrf cust2 192.168.20.0 255.255.255.0 172.16.120.2
mpls ldp router-id Loopback0

ROUTER- R1 Configs (Only Required Configurations Posted Here)
ip cef
!
no ip domain lookup
!
mpls label protocol ldp
!
interface Loopback0
ip address 10.1.1.101 255.255.255.255
!
!
interface FastEthernet0/0
description to-R2
ip address 10.1.1.2 255.255.255.252
duplex auto
speed auto
mpls ip
!
!
interface FastEthernet0/1
description to-R3
ip address 10.1.1.5 255.255.255.252
duplex auto
speed auto
mpls ip
!
router ospf 1
log-adjacency-changes
network 10.1.1.0 0.0.0.255 area 0
!
mpls ldp router-id Loopback0
!

Customer Routers Configuration

Customer-1 BGP Routing Customer-2 Static Routing
Router R4 (Customer-1 Site-1) Router R5 (Customer-2 Site-1)
interface Loopback0
ip address 192.168.10.1 255.255.255.255
!
interface Serial1/0
description to-R2
ip address 172.16.90.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
!
router bgp 65531
no synchronization
bgp log-neighbor-changes
redistribute connected
redistribute static
neighbor 172.16.90.1 remote-as 65000
neighbor 172.16.90.1 soft-reconfiguration inbound
no auto-summary
!
ip route 192.168.10.0 255.255.255.0 Null0
!
interface Loopback0
ip address 192.168.10.1 255.255.255.255
!
interface Serial1/0
description to-R2
ip address 172.16.100.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
!
ip route 0.0.0.0 0.0.0.0 Serial1/0 172.16.100.1 name to-isp
ip route 192.168.10.0 255.255.255.0 Null0
Router R6 (Customer-1 Site-2) Router R7 (Customer-2 Site-2)
interface Loopback0
ip address 192.168.20.1 255.255.255.255
!
interface Serial1/0
description To-R3
ip address 172.16.110.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
!
router bgp 65531
no synchronization
bgp log-neighbor-changes
redistribute connected
redistribute static
neighbor 172.16.110.1 remote-as 65000
neighbor 172.16.110.1 soft-reconfiguration inbound
no auto-summary
!
ip route 192.168.20.0 255.255.255.0 Null0
interface Loopback0
ip address 192.168.20.1 255.255.255.255
!
interface Serial1/0
description to-R3
ip address 172.16.120.2 255.255.255.252
encapsulation ppp
serial restart-delay 0
!
ip route 0.0.0.0 0.0.0.0 172.16.120.1 name to-isp
ip route 192.168.20.0 255.255.255.0 Null0
!

traceroutes after the configurations were completed
traceroutes from customer routers:

R4#traceroute 192.168.20.1
Type escape sequence to abort.
Tracing the route to 192.168.20.1
1 172.16.90.1 44 msec 52 msec 52 msec
2 10.1.1.2 [MPLS: Labels 17/25 Exp 0] 124 msec 196 msec 44 msec
3 172.16.110.1 [AS 65000] [MPLS: Label 25 Exp 0] 152 msec 56 msec 76 msec
4 172.16.110.2 [AS 65000] 128 msec * 28 msec

R5#traceroute 192.168.20.1
Type escape sequence to abort.
Tracing the route to 192.168.20.1
1 172.16.100.1 20 msec 76 msec 24 msec
2 10.1.1.2 [MPLS: Labels 17/19 Exp 0] 112 msec 108 msec 116 msec
3 172.16.120.1 [MPLS: Label 19 Exp 0] 148 msec 56 msec 84 msec
4 172.16.120.2 164 msec * 20 msec

R6#traceroute 192.168.10.1
Type escape sequence to abort.
Tracing the route to 192.168.10.1
1 172.16.110.1 12 msec 40 msec 4 msec
2 10.1.1.5 [MPLS: Labels 16/25 Exp 0] 216 msec 252 msec 104 msec
3 172.16.90.1 [AS 65000] [MPLS: Label 25 Exp 0] 72 msec 104 msec 68 msec
4 172.16.90.2 [AS 65000] 64 msec * 104 msec

R7#traceroute 192.168.10.1
Type escape sequence to abort.
Tracing the route to 192.168.10.1
1 172.16.120.1 72 msec 8 msec 44 msec
2 10.1.1.5 [MPLS: Labels 16/21 Exp 0] 140 msec 160 msec 84 msec
3 172.16.100.1 [MPLS: Label 21 Exp 0] 100 msec 36 msec 100 msec
4 172.16.100.2 108 msec 256 msec *


Incoming search terms for the article:

Leave a Reply