MPLS

Basic MPLS with OPSF at Core and Default Route to Customer

September 14, 2016 by

Disclaimer

This Configuration Guide is designed to assist members to enhance their skills in particular technology area. While every effort has been made to ensure that all material is as complete and accurate as possible, the enclosed material is presented on an “as is” basis. Neither the authors nor Forum assume any liability or responsibility to any person or entity with respect to loss or damages incurred from the information contained in this guide. This configuration guide was developed by Forum. Any similarities between material presented in this configuration guide and any other material is completely coincidental.

IOS used: c7200-p-mz.120-32.S.bin

basic-mpls-with-opsf-at-c-007

A1 Router Initial Config: ! interface Loopback0 ip address 203.1.0.1 255.255.255.255 no ip directed-bro ! interface Loopback1 ip address 203.1.1.1 255.255.255.0 no ip directed-broadcast ! interface FastEthernet0/0 ip address 150.1.31.2 255.255.255.252 no ip directed-broadcast duplex half speed auto !	PE1 Router Initial Config: ! interface Loopback0 ip address 192.168.3.1 255.255.255.255 no ip directed-broadcast ! interface Serial2/0 ip address 192.168.3.22 255.255.255.252 no ip directed-broadcast ! interface FastEthernet0/0 ip address 150.1.31.1 255.255.255.252 no ip directed-broadcast duplex half speed
A2 Router Initial Config: ! interface Loopback0 ip address 203.1.0.2 255.255.255.255 no ip directed-broadcast ! interface Loopback1 ip address 203.1.2.1 255.255.255.0 no ip directed-broadcast ! interface FastEthernet0/0 ip address 150.1.31.6 255.255.255.252 no ip directed-broadcast duplex half speed auto !	PE2 Router Initial Config: ! interface Loopback0 ip address 192.168.3.2 255.255.255.255 no ip directed-broadcast ! interface Serial2/0 ip address 192.168.3.21 255.255.255.252 no ip directed-broadcast ! interface Serial2/1 ip address 192.168.3.18 255.255.255.252 no ip directed-broadcast ! interface FastEthernet0/0 ip address 150.1.31.5 255.255.255.252 no ip directed-broadcast duplex half speed auto
A3 Router Initial Config: ! interface Loopback1 ip address 203.1.0.3 255.255.255.255 no ip directed-broadcast ! interface Loopback2 ip address 203.1.3.1 255.255.255.0 no ip directed-broadcast ! interface FastEthernet0/0 ip address 150.1.31.14 255.255.255.252 no ip directed-broadcast duplex half speed auto !	PE3 Router Initial Config: ! interface Loopback1 ip address 192.168.3.3 255.255.255.255 no ip directed-broadcast ! interface Serial2/0 ip address 192.168.3.13 255.255.255.252 no ip directed-broadcast no fair-queue ! interface Serial2/1 ip address 192.168.3.10 255.255.255.252 no ip directed-broadcast ! interface FastEthernet0/0 ip address 150.1.3.13 255.255.255.252 no ip directed-broadcast duplex half spee
A4 Router Initial Config: ! interface Loopback1 ip address 203.1.0.4 255.255.255.255 no ip directed-broadcast ! interface Loopback2 ip address 203.1.4.1 255.255.255.0 no ip directed-broadcast ! interface FastEthernet0/0 ip address 150.1.31.18 255.255.255.252 no ip directed-broadcast duplex half speed auto !	PE4 Router Initial Config: ! interface Loopback1 ip address 192.168.3.4 255.255.255.255 no ip directed-broadcast ! interface Serial2/1 ip address 192.168.3.9 255.255.255.252 no ip directed ! interface FastEthernet0/0 ip address 150.1.31.17 255.255.255.252 no ip directed-broadcast duplex half speed auto !
P Router Config: ! ip cef mpls label protocol ldp ! interface Loopback0 ip address 192.168.3.5 255.255.255.255 no ip directed-broadcast ! ip address 192.168.3.14 255.255.255.252 no ip directed-broadcast tag-switching ip ! interface Serial2/1 ip address 192.168.3.17 255.255.255.252 no ip directed-broadcast tag-switching ip ! router ospf 1 log-adjacency-changes network 192.168.3.0 0.0.0.255 area 0 !

Task 1: BASIC MPLS Setup

1: Configure OSPF on all Provider edge and core routers to learn internal routes.

Configure OSPF on all PE-routers and P-router
(Config)# router ospf 1
(Config-router)# network 192.168.0.0 0.0.255.255 area 0

Verification

Nine routes of 192.168.0.0 network should be visible in routing table:
PE4#sho ip route
 192.168.3.0/24 is variably subnetted, 9 subnets, 2 masks
C 192.168.3.8/30 is directly connected, Serial2/1
O 192.168.3.12/30 [110/96] via 192.168.3.10, 01:35:03, Serial2/1
O 192.168.3.3/32 [110/49] via 192.168.3.10, 01:35:03, Serial2/1
O 192.168.3.2/32 [110/145] via 192.168.3.10, 01:35:03, Serial2/1
O 192.168.3.1/32 [110/193] via 192.168.3.10, 01:35:03, Serial2/1
O 192.168.3.5/32 [110/97] via 192.168.3.10, 01:35:03, Serial2/1
C 192.168.3.4/32 is directly connected, Loopback0
O 192.168.3.16/30 [110/144] via 192.168.3.10, 01:35:03, Serial2/1
O 192.168.3.20/30 [110/192] via 192.168.3.10, 01:35:03, Serial2/1

2: Configure MPLS in the backbone

Enable CEF switching and MPLS switching on all PE routers and the P router. Enter the
following command on all service provider routers:
(Config)# ip cef
Default label is TDP if you wish to change this to LDP then give following to Enable LDP Set
Lable Distribution Protocol on the router to be LDP and Lo0 as the interface to be used for
LDP updates
(Config)# mpls label protocol ldp
(Config)# mpls ldp router-id loopback0

3: Configure MPLS on all core interfaces of all service provider routers. Do not configure MPLS on any interfaces toward

customers or external backbones.

Enter the following command on all links between the service provider routers. Do not
configure MPLS on PE-CE links.
(Config-if)# tag-switching ip OR mpls ip
“tag-switching ip” command if using TDP, “mpls ip” if using LDP.

Verification:

show ip route– check all ip route;
show mpls forwarding– see if labels have been assigned for each route;
show mpls forwarding details- details on label;
show mpls interface- see if mpls is enabled on an interface;
show mpls ldp discovery- see if ldp can discover its neigh;
show mpls ldp neigh- see details of neigh.
Display TDP neighbors on the core routers to verify proper TDP operation.
You should get a printout similar to the one below:
PE3#show tag-switching tdp neighbor
 Peer TDP Ident: 192.168.3.5:0; Local TDP Ident 192.168.3.3:0
 TCP connection: 192.168.3.5.11003 - 192.168.3.3.711
 State: Oper; PIEs sent/rcvd: 5/6; Downstream
 Up time: 00:01:52
 TDP discovery sources:
 Serial0/0.1, Src IP addr: 192.168.3.14
 Addresses bound to peer TDP Ident:
 192.168.3.5   192.168.3.17   192.168.3.14
 Peer TDP Ident: 192.168.3.4:0; Local TDP Ident 192.168.3.3:0
 TCP connection: 192.168.3.4.11002 - 192.168.3.3.711
 State: Oper; PIEs sent/rcvd: 5/5; Downstream
 Up time: 00:01:38
 TDP discovery sources:
 Serial0/0.2, Src IP addr: 192.168.3.9
 Addresses bound to peer TDP Ident:
 192.168.3.4 192.168.20.3 192.168.3.9

Display TDP label bindings on your routers to verify that every IGP route has a local label
and a label from all TDP neighbors. You should get a printout similar to the one below:
PE3#show tag-switching tdp bindings 192.168.3.1 255.255.255.255
 tib entry: 192.168.3.1 255.255.255.255, rev 22
 local binding: tag: 21
 remote binding: tsr: 192.168.3.5:0, tag: 21
 remote binding: tsr: 192.168.3.4:0, tag: 20

Task 2: Understanding TTL propagation

1. Configure default route on all CE-routers (A1, A2, A3, A4)

Configure default route on A1 customer edge router.
(Config)# ip route 0.0.0.0 0.0.0.0 150.1.31.1
Configure default route on A2 customer edge router. 
(Config)# ip route 0.0.0.0 0.0.0.0 150.1.31.5
Configure default route on A3 customer edge router.
(Config)# ip route 0.0.0.0 0.0.0.0 150.1.31.13
Configure default route on A4 customer edge router.
(Config)# ip route 0.0.0.0 0.0.0.0 150.1.31.17
2. Configure default route on all PE-routers (PE1, PE2, PE3, PE4)
Configure static routes on PE1 router to reach loopbacks on A1 customer edge router.
(Config)# ip route 203.1.0.1 255.255.255.255 150.1.31.2
(Config)# ip route 203.1.1.0 255.255.255.0 150.1.31.2
Configure static routes on PE2 router to reach loopbacks on A2 customer edge router.
(Config)# ip route 203.1.0.2 255.255.255.255 150.1.31.6
(Config)# ip route 203.1.2.0 255.255.255.0 150.1.31.6
Configure static routes on PE3 router to reach loopbacks on A3 customer edge router.
(Config)# ip route 203.1.0.3 255.255.255.255 150.1.31.14
(Config)# ip route 203.1.3.0 255.255.255.0 150.1.31.14
Configure static routes on PE4 router to reach loopbacks on A4 customer edge router.
(Config)# ip route 203.1.0.4 255.255.255.255 150.1.31.18
(Config)# ip route 203.1.4.0 255.255.255.0 150.1.31.18

3. Redistribute static route in OSPF domain on all PE-routers

Redistribute static routes on PE1, PE2, PE3, PE4.
(Config)# router ospf 1
(Config-router)# redistribute static subnet
(Config-router)# redistribute connected subnet

Verification

A1#show ip route
Gateway of last resort is 150.1.31.1 to network 0.0.0.0
C 203.1.1.0/24 is directly connected, Loopback1
 203.1.0.0/32 is subnetted, 1 subnets
C 203.1.0.1 is directly connected, Loopback0
 150.1.0.0/30 is subnetted, 1 subnets
C 150.1.31.0 is directly connected, FastEthernet0/0
S* 0.0.0.0/0 [1/0] via 150.1.31.1
PE1#show ip route
S 203.1.1.0/24 [1/0] via 150.1.31.2
 203.1.0.0/32 is subnetted, 1 subnets
S 203.1.0.1 [1/0] via 150.1.31.2
Perform trace from A1 toward 203.1.4.1 you should see all your core routers in the path.
A sample trace printout is shown below:
A1#trace 203.1.4.1
Type escape sequence to abort.
Tracing the route to 203.1.4.1
 1 150.1.31.1 84 msec 44 msec 72 msec
 2 192.168.3.21 328 msec 432 msec 280 msec
 3 192.168.3.17 376 msec 276 msec 268 msec
 4 192.168.3.13 296 msec 292 msec 196 msec
 5 192.168.3.9 456 msec 336 msec 268 msec
 6 150.1.31.18 436 msec * 292 msec

Task 3: Disable IP TTL Propagation

4. Disable IP TTL propagation on all service provider routers that perform labeling of incoming IP packets.

Disable TTL propagation on all PE routers with the following command:
(Config)#no tag-switching ip propagate-ttl

Verification:

Perform trace from A1 toward 203.1.4.1 you should see only the ingress and egress core router
in the path. A sampletrace printout is shown below:
A2#trace 128.1.4.1
Type escape sequence to abort.
Tracing the route to 192.168.20.20

 1 150.1.31.1 84 msec 44 msec 72 msec
 2 192.168.3.9 456 msec 336 msec 268 msec
 3 150.1.31.18 436 msec * 292 msec

Carrier Supporting Carrier

September 14, 2016 by

Carrier Supporting Carrier

basic-mpls-with-opsf-at-c-007

CE1 Router: ip cef ! interface Loopback1 ip address 203.1.0.1 255.255.255.255 ! interface Loopback2 ip address 203.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 150.1.1.2 255.255.255.252 ! ip route 0.0.0.0 0.0.0.0 150.1.1.1 ! end	CE2 Router: ip cef ! interface Loopback1 ip address 203.1.0.4 255.255.255.255 ! interface Loopback2 ip address 203.1.4.1 255.255.255.0 ! interface FastEthernet0/0 ip address 150.1.1.6 255.255.255.252 ! ip route 0.0.0.0 0.0.0.0 150.1.1.5 ! end
PE1 Router: ip cef! ip vrf vpna rd 3:1 route-target export 3:1 route-target import 3:1 ! mpls label protocol ldp ! interface Loopback1 ip address 1.1.1.1 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding vpna ip address 150.1.1.1 255.255.255.252 ! interface Serial2/0 ip address 10.0.0.1 255.255.255.0 mpls ip ! router ospf 1 network 1.1.1.1 0.0.0.0 area 0 network 10.0.0.0 0.0.0.255 area 0 ! router bgp 65100 no synchronization neighbor 6.6.6.6 remote-as 65100 neighbor 6.6.6.6 update-source Loopback1 no auto-summary ! address-family vpnv4 neighbor 6.6.6.6 activate neighbor 6.6.6.6 send-community extended exit-address-family ! address-family ipv4 vrf vpna redistribute connected redistribute static no synchronization exit-address-family ! ip route vrf vpna 203.1.0.1 255.255.255.255 150.1.1.2 ip route vrf vpna 203.1.1.0 255.255.255.0 150.1.1.2 ! mpls ldp router-id Loopback1 ! end	PE6 Router: ip cef!ip vrf vpna rd 3:1 route-target export 3:1 route-target import 3:1 ! mpls label protocol ldp ! interface Loopback1 ip address 6.6.6.6 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding vpna ip address 150.1.1.5 255.255.255.252 ! interface Serial2/0 ip address 30.0.0.6 255.255.255.0 mpls ip ! router ospf 1 network 6.6.6.6 0.0.0.0 area 0 network 30.0.0.6 0.0.0.0 area 0 ! router bgp 65100 no synchronization neighbor 1.1.1.1 remote-as 65100 neighbor 1.1.1.1 update-source Loopback1 no auto-summary ! address-family vpnv4 neighbor 1.1.1.1 activate neighbor 1.1.1.1 send-community extended exit-address-family ! address-family ipv4 vrf vpna redistribute connected redistribute static no synchronization exit-address-family ! ip route vrf vpna 203.1.0.4 255.255.255.255 150.1.1.6 ip route vrf vpna 203.1.4.0 255.255.255.0 150.1.1.6 ! mpls ldp router-id Loopback1 ! end
PE2 Router: ip cef!mpls label protocol ldp ! interface Loopback1 ip address 2.2.2.2 255.255.255.255 ! interface Serial2/0 ip address 10.0.0.2 255.255.255.0 mpls ip ! interface Serial2/1 ip address 23.0.0.2 255.255.255.0 ! router ospf 1 redistribute bgp 65100 metric 10 subnets network 2.2.2.2 0.0.0.0 area 0 network 10.0.0.0 0.255.255.255 area 0 network 23.0.0.0 0.255.255.255 area 0 ! router bgp 65100 no synchronization redistribute ospf 1 metric 10 match internal external 1 external 2 neighbor 23.0.0.3 remote-as 65000 neighbor 23.0.0.3 send-label no auto-summary ! mpls ldp router-id Loopback1 ! end	PE5 Router: :ip cef!mpls label protocol ldp ! interface Loopback1 ip address 5.5.5.5 255.255.255.255 ! interface Serial2/0 ip address 30.0.0.5 255.255.255.0 mpls ip ! interface Serial2/1 ip address 45.0.0.5 255.255.255.0 ! router ospf 1 redistribute bgp 65100 metric 10 subnets network 5.5.5.5 0.0.0.0 area 0 network 30.0.0.0 0.255.255.255 area 0 network 45.0.0.0 0.255.255.255 area 0 ! router bgp 65100 no synchronization redistribute ospf 1 metric 10 match internal external 1 external 2 neighbor 45.0.0.4 remote-as 65000 neighbor 45.0.0.4 send-label no auto-summary ! mpls ldp router-id Loopback1 ! end
PE3 Router: ip cef!ip vrf SP1-vpna rd 3:11 route-target export 3:11 route-target import 3:11 ! mpls label protocol ldp ! interface Loopback1 ip address 3.3.3.3 255.255.255.255 ! interface Serial2/0 ip address 20.0.0.3 255.255.255.0 mpls ip ! interface Serial2/1 ip vrf forwarding SP1-vpna ip address 23.0.0.3 255.255.255.0 ! router ospf 64 network 3.3.3.3 0.0.0.0 area 0 network 20.0.0.0 0.255.255.255 area 0 ! router bgp 65000 no synchronization neighbor 4.4.4.4 remote-as 65000 neighbor 4.4.4.4 update-source Loopback1 no auto-summary ! address-family vpnv4 neighbor 4.4.4.4 activate neighbor 4.4.4.4 send-community extended exit-address-family ! address-family ipv4 vrf SP1-vpna redistribute connected neighbor 23.0.0.2 remote-as 65100 neighbor 23.0.0.2 activate neighbor 23.0.0.2 as-override neighbor 23.0.0.2 send-label no synchronization exit-address-family ! mpls ldp router-id Loopback1 force ! end	PE4 Router: ip cef!ip vrf SP1-vpna rd 3:11 route-target export 3:11 route-target import 3:11 ! mpls label protocol ldp ! interface Loopback1 ip address 4.4.4.4 255.255.255.255 ! interface Serial2/0 ip address 20.0.0.4 255.255.255.0 mpls ip ! interface Serial2/1 ip vrf forwarding SP1-vpna ip address 45.0.0.4 255.255.255.0 ! router ospf 64 network 4.4.4.4 0.0.0.0 area 0 network 20.0.0.0 0.255.255.255 area 0 ! router bgp 65000 no synchronization neighbor 3.3.3.3 remote-as 65000 neighbor 3.3.3.3 update-source Loopback1 no auto-summary ! address-family vpnv4 neighbor 3.3.3.3 activate neighbor 3.3.3.3 send-community extended exit-address-family ! address-family ipv4 vrf SP1-vpna redistribute connected neighbor 45.0.0.5 remote-as 65100 neighbor 45.0.0.5 activate neighbor 45.0.0.5 as-override neighbor 45.0.0.5 send-label no synchronization exit-address-family ! mpls ldp router-id Loopback1 force ! end

Complex MPLS VPN with OSPF

September 14, 2016 by

Complex MPLS VPN with OSPF on CE-PE Routers

IOS used: c7200-p-mz.120-32.S.bin

complex-mpls-vpn-with-osp-007

Task 1: BASIC OSPF and MPLS setup

Configure OSPF and MPLS on all PE-routers and P-router

Step 1: Configure following on respective P and PE routers

PE2 Router Initial Config: hostname PE2 ! ip cef mpls label protocol ldp no tag-switching ip propagate-ttl ! interface Loopback0 ip address 192.168.3.2 255.255.255.255 ! interface FastEthernet1/0 description link_to_P ip address 192.168.3.18 255.255.255.252 tag-switching ip no shutdown ! interface Serial2/0 description link_to_A2 ip address 150.1.31.5 255.255.255.252 no shutdown ! interface Serial2/1 description link_to_B1 ip address 150.1.32.1 255.255.255.252 no shutdown ! interface Serial2/2 description link_to_A1 ip address 150.1.31.9 255.255.255.252 no shutdown ! router ospf 64 log-adjacency-changes network 192.168.0.0 0.0.255.255 area 0 ! end	PE3 Router Initial Config: hostname PE3 ! ip cef mpls label protocol ldp no tag-switching ip propagate-ttl ! interface Loopback0 ip address 192.168.3.3 255.255.255.255 ! interface FastEthernet0/0 description link_to_P ip address 192.168.3.13 255.255.255.252 tag-switching ip no shutdown ! interface Serial2/0 description link_to_B1 ip address 150.1.32.9 255.255.255.252 no shutdown ! interface Serial2/1 description link_to_A1 ip address 150.1.31.1 255.255.255.252 no shutdown ! interface Serial2/2 description link_to_B2 ip address 150.1.32.5 255.255.255.252 no shutdown ! router ospf 64 log-adjacency-changes network 192.168.0.0 0.0.255.255 area 0 ! end
P Router Config: hostname P ! ip cef mpls label protocol ldp no tag-switching ip propagate-ttl ! interface Loopback0 ip address 192.168.3.5 255.255.255.255 ! interface FastEthernet0/0 description link_to_PE3 ip address 192.168.3.14 255.255.255.252 tag-switching ip no shutdown ! interface FastEthernet1/0 description link_to_PE2 ip address 192.168.3.17 255.255.255.252 tag-switching ip no shutdown ! router ospf 64 log-adjacency-changes network 192.168.0.0 0.0.255.255 area 0 ! end
A2 Router Initial Config: hostname A2 ! interface Loopback0 ip address 203.1.0.2 255.255.255.255 ! interface Loopback1 ip address 203.1.2.1 255.255.255.0 ! interface Serial2/0 ip address 150.1.31.6 255.255.255.252 clock rate 64000 no shutdown ! end	B1 Router Initial Config: hostname B1 ! interface Loopback0 ip address 203.2.0.1 255.255.255.255 ! interface Loopback1 ip address 203.2.1.1 255.255.255.0 ! interface Serial2/0 ip address 150.1.32.10 255.255.255.252 clock rate 64000 no shutdown ! interface Serial2/1 ip address 150.1.32.2 255.255.255.252 clock rate 64000 no shutdown ! end
A1 Router Initial Config: hostname A1 ! interface Loopback0 ip address 203.1.1.1 255.255.255.0 ! interface Loopback1 ip address 203.1.0.1 255.255.255.255 ! interface Serial2/1 ip address 150.1.31.2 255.255.255.252 clock rate 64000 no shutdown ! interface Serial2/2 ip address 150.1.31.10 255.255.255.252 clock rate 64000 no shutdown ! end	B2 Router Initial Config: hostname B2 ! interface Loopback0 ip address 203.2.0.2 255.255.255.255 ! interface Loopback1 ip address 203.2.2.1 255.255.255.0 ! interface Serial2/2 ip address 150.1.32.6 255.255.255.252 clock rate 64000 no shutdown ! end

Task 2: Configure Multi-protocol BGPConfigure multi-protocol BGP between

provider-edge (PE) routers.

Step 1 Enable BGP sessions on all PE routers in your Service Provider backbone.

Step 2 Activate VPNv4 BGP sessions between all PE routers in your Service Provider backbone.

Configure the following on PE2 router:

PE2(config)#
router bgp 3
 neighbor 192.168.3.3 remote-as 3
 neighbor 192.168.3.3 update-source Loopback0
 !
 address-family ipv4
 no auto-summary
 no synchronization
 neighbor 192.168.3.3 activate
 network 192.168.3.2 mask 255.255.255.255
exit-address-family
 !
 address-family vpnv4
 neighbor 192.168.3.3 activate
 neighbor 192.168.3.3 send-community extended
 exit-address-family

Configure following on PE3 router:

PE3(config)#
 router bgp 3
 bgp log-neighbor-changes
 neighbor 192.168.3.2 remote-as 3
 neighbor 192.168.3.2 update-source Loopback0
 !
 address-family ipv4
 no auto-summary
 no synchronization
 neighbor 192.168.3.2 activate
 network 192.168.3.3 mask 255.255.255.255
 exit-address-family
 !
 address-family vpnv4
 neighbor 192.168.3.2 activate
 neighbor 192.168.3.2 send-community extended
 exit-address-family

Task 3: Design your VPN Solution

Create the virtual private network (VRF) on provider edge (PE2):PE2(config)#

ip vrf a
 rd 3:1
 route-target both 3:1
!
ip vrf a_central
rd 3:11
route-target both 3:1
 route-target both 3:30
!
ip vrf b_central
rd 3:21
route-target both 3:2
route-target both 3:30

Create the virtual private network (VRF) on provider edge (PE3):

PE3(config)#

ip vrf a_central rd 3:11 route-target both 3:1 route-target both 3:30
!
 ip vrf b
 rd 3:2
route-target both 3:2 ! ip vrf b_central rd 3:21 route-target both 3:2 route-target both 3:30

Task 4: Create VRFs for A2, B1, A1 and B2

Attach the provider edge-to-customer edge (PE-CE) link to the newly created VRFs with the
following commands on PE2:PE2(config)#
interface Serial2/0
 ip vrf forwarding a
 ip address 150.1.31.5 255.255.255.252
!
interface Serial2/1
 ip vrf forwarding b_central
ip address 150.1.32.1 255.255.255.252
!
interface Serial2/2
ip vrf forwarding a_central
ip address 150.1.31.9 255.255.255.252

Note: “ip vrf forwarding name” command removes the IP address from interface,
so IP address need to be re- configured.

 Attach the PE-CE link to the newly created VRFs with the following commands on PE3:
 PE3(config)#
 interface Serial2/0
 ip vrf forwarding b_central
 ip address 150.1.32.9 255.255.255.252
 !
 interface Serial2/1
 ip vrf forwarding a_central
 ip address 150.1.31.1 255.255.255.252
 !
 interface Serial2/2
 ip vrf forwarding b
 ip address 150.1.32.5 255.255.255.252

Task 5: Configure OSPF on CE Routers

The following commands need to be entered on the A2 router:
A2(config)#
 router ospf 3
 network 0.0.0.0 255.255.255.255 area 0
The following commands need to be entered on the B1 router:
B1(config)#
router ospf 3
 network 0.0.0.0 255.255.255.255 area 0
The following commands need to be entered on the A1 router:
A1(config)#
router ospf 3
 network 0.0.0.0 255.255.255.255 area 0
The following commands need to be entered on the B2 router:
B2(config)#
router ospf 3
 network 0.0.0.0 255.255.255.255 area 0

Task 6: Configure new VRFs for A2, B1, A1, B2 on PE routers

The following commands need to be entered on PE2:

PE2(config)#
 router ospf 3 vrf a_central
 log-adjacency-changes
 redistribute bgp 3 subnets
 network 150.1.0.0 0.0.255.255 area 0
!
router ospf 4 vrf b_central
 log-adjacency-changes
 redistribute bgp 3 subnets
 network 150.1.0.0 0.0.255.255 area 0
!
router ospf 7 vrf a
 log-adjacency-changes
 redistribute bgp 3 subnets
 network 150.1.0.0 0.0.255.255 area 0

The following commands need to be entered on PE3 router:

PE3(config)#
router ospf 4 vrf b_central
 log-adjacency-changes
 redistribute bgp 3 subnets
 network 150.1.0.0 0.0.255.255 area 0
!
router ospf 3 vrf a_central
 log-adjacency-changes
 redistribute bgp 3 subnets
 network 150.1.0.0 0.0.255.255 area 0
!
router ospf 6 vrf b
 log-adjacency-changes
 redistribute bgp 3 subnets
 network 150.1.0.0 0.0.255.255 area 0

Task 7: Redistribute vrf – ospf in BGP Routing Protocol

The following commands need to be entered on PE2:

PE2(config)#
router bgp 3
 bgp log-neighbor-changes
 neighbor 192.168.3.3 remote-as 3
 neighbor 192.168.3.3 update-source Loopback0
 !
 address-family ipv4 vrf b_central
 redistribute ospf 4 vrf b_central
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf a_central
 redistribute ospf 3 vrf a_central
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf a
 redistribute ospf 7 vrf a
 no synchronization
 exit-address-family

The following commands need to be entered on PE3 router:

PE3(config)#
router bgp 3
 bgp log-neighbor-changes
 neighbor 192.168.3.2 remote-as 3
 neighbor 192.168.3.2 update-source Loopback0
 !
address-family ipv4 vrf b_central
 redistribute ospf 4 vrf b_central
 no synchronization
 exit-address-family
!
 address-family ipv4 vrf b
 redistribute ospf 6 vrf b
 no synchronization
exit-address-family
!
address-family ipv4 vrf a_central
redistribute ospf 3 vrf a_central
no synchronization
exit-address-family

Verification

Step 1: Verify the OSPF adjacency on A2, B1, A1, B2 and on PE2, PE3.

Use the “show ip ospf neighbor” command. You should get a printout similar to the one below:PE3#show ip ospf neighbor

Neighbor ID	Pri	State	Dead Time	Address	Interface
192.168.3.5	1	FULL/DR	00:00:39	192.168.3.14	FastEthernet0/0
203.2.2.1	0	FULL/ -	00:00:35	150.1.32.6	Serial2/2
203.1.1.1	0	FULL/ -	00:00:35	150.1.31.2	Serial2/1
203.2.1.1	0	FULL/ -	00:00:35	150.1.32.10	Serial2/0

Step 2: Check the OSPF topology database on A1.

Use the “show ip ospf database” command. You should see router link states (resulting from
OSPF connectivity between the PE and the CE router) and type-5 external link states.
A1#show ip ospf database
OSPF Router with ID (203.1.1.1) (Process ID 3)

Router Link States (Area 0)
Link ID	ADV Router	Age	Seq#	Checksum	Link Count
150.1.31.1	150.1.31.1	253	0x80000002	0x5ABC	2
150.1.31.9	150.1.31.9	283	0x80000002	0xFAFB	2
203.1.1.1	203.1.1.1	253	0x80000003	0x3057	6

Type-5 AS External Link States
Link ID	ADV Router	Age	Seq#	Checksum	Tag
150.1.31.4	150.1.31.1	199	0x80000001	0x264A	3489660931
150.1.31.4	150.1.31.9	216	0x80000001	0xF572	3489660931
150.1.32.0	150.1.31.1	153	0x80000002	0xFA18	3489660931
150.1.32.0	150.1.31.9	216	0x80000001	0x1358	3489660931
150.1.32.8	150.1.31.1	153	0x80000002	0xF079	3489660931
150.1.32.8	150.1.31.9	216	0x80000001	0x7C87	3489660931
203.1.0.2	150.1.31.1	199	0x80000001	0xD058	3489660931
203.1.0.2	150.1.31.9	216	0x80000001	0xA080	3489660931
203.1.2.1	150.1.31.1	199	0x80000001	0xC463	3489660931
203.1.2.1	150.1.31.9	216	0x80000001	0x948B	3489660931
203.2.0.1	150.1.31.1	199	0x80000001	0xCE5A	3489660931
203.2.0.1	150.1.31.9	218	0x80000001	0x9E82	3489660931
203.2.1.1	150.1.31.1	200	0x80000001	0xC364	3489660931
203.2.1.1	150.1.31.9	218	0x80000001	0x938C	3489660931

Step 3: Inspect individual link-state advertisement (LSA) on the CE router

Use “show ip ospf database type prefix” command and verify the settings of the down bit.
A1#sh ip ospf database external 150.1.31.4

        OSPF Router with ID (203.1.1.1) (Process ID 3)
Type-5 AS External Link States
Routing Bit Set on this LSA
  LS age: 859
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 150.1.31.4 (External Network Number )
  Advertising Router: 150.1.31.1
  LS Seq Number: 80000001
  Checksum: 0x264A
  Length: 36
  Network Mask: /30
        Metric Type: 2 (Larger than any link state path)
        TOS: 0
        Metric: 1
       Forward Address: 0.0.0.0
  External Route Tag: 3489660931
  Routing Bit Set on this LSA
  LS age: 877
  Options: (No TOS-capability, DC)
  LS Type: AS External Link
  Link State ID: 150.1.31.4 (External Network Number )
  Advertising Router: 150.1.31.9
  LS Seq Number: 80000001
  Checksum: 0xF572
  Length: 36
  Network Mask: /30
        Metric Type: 2 (Larger than any link state path)
        TOS: 0
        Metric: 1
        Forward Address: 0.0.0.0
External Route Tag: 3489660931

Step 4: Inspect the BGP routes on the PE routersand identify the OSPF specific attributes and their meaning.

Use the “show ip bgp vpnv4 vrf name prefix” command, which will produce a printout similar
to the one below:
PE3#show ip bgp vpnv4 vrf a_central 203.2.0.1
BGP routing table entry for 3:11:203.2.0.1/32, version 75
Paths: (1 available, best #1, table a_central)
  Not advertised to any peer
  Local, imported path from 3:21:203.2.0.1/32
    150.1.32.10 (via b_central) from 0.0.0.0 (192.168.3.3)
      Origin incomplete, metric 49, localpref 100, weight 32768, valid, external, best
      Extended Community: RT:3:2 RT:3:30 OSPF DOMAIN ID:0x0005:0x000000040200
        OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:150.1.32.9:512

Step 5: Inspect the OSPF routes on the PE routers and verify that the OSPF routes announced by other PE routers are not used(as indicated by the routing bit not set printout).

Step 6: Verify connectivity across VPN by using ping and trace commands on the CE routers and ping vrf and trace vrf commands on the PE routers.

EoMPLS Carrying One VLAN (VLAN-ID Rewrite)

September 14, 2016 by

EoMPLS – Pseudowire Tunnel (Ethernet Port Mode)

eompls-pseudowire-tunnel-007

CE1 Router:
ip cef
!
interface FastEthernet0/0
description Connected to PE1
ip address 50.50.50.1 255.255.255.252
!
end

CE2 Router:
ip cef
!
interface FastEthernet0/0
description Connected to PE2
ip address 50.50.50.2 255.255.255.252
!
end

PE1 Router:
ip cef
!
mpls label protocol ldp
pseudowire-class MPLS_Encapsulation
encapsulation mpls
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
description Connected to CE1
xconnect 2.2.2.2 1000 pw-class
MPLS_Encapsulation
!
interface Serial2/0
ip address 192.168.3.22 255.255.255.252
ip ospf 1 area 0
tag-switching ip
!
router ospf 1
!
tag-switching tdp router-id Loopback0 force
!
end

PE2 Router:
ip cef
!
mpls label protocol ldp
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip ospf 1 area 0
!
interface FastEthernet0/0
description Connected to CE2
xconnect 1.1.1.1 1000 encapsulation
mpls
!
interface Serial2/0
ip address 192.168.3.21
255.255.255.252
ip ospf 1 area 0
tag-switching ip
!
router ospf 1
!
tag-switching tdp router-id Loopback0
force
!
end

Verification:

CE1#ping 50.50.50.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 50.50.50.2, timeout is 2 seconds:
! ! ! ! !
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/118/236 ms
CE2#ping 50.50.50.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 50.50.50.1, timeout is 2 seconds:
! ! ! ! !
Success rate is 100 percent (5/5), round-trip min/avg/max = 104/172/248 ms

PE1#show mpls l2transport vc
Local intf	Local circuit	Dest address	VC ID	Status
----------	----------	----------	----------	---------
Fa0/0	Ethernet	2.2.2.2	1000	UP

PE2#show mpls l2transport vc
Local intf	Local circuit	Dest address	VC ID	Status
----------	----------	----------	----------	----------
Fa0/0	Ethernet	1.1.1.1	1000	UP

PE1#debug mpls l2transport signaling message
AToM LDP message debugging is on
00:01:14: AToM LDP [2.2.2.2]: Sending label mapping msg
vc type 5, cbit 1, vc id 1000, group id 0, vc label 16, status 0, mtu 1500
00:01:14: AToM LDP [2.2.2.2]: Received label mapping msg, id 8, graceful restart
instance 1
vc type 5, cbit 1, vc id 1000, group id 0, vc label 16, status 0, mtu 1500

NOTE: As seen above VC labels are exchanged between PE routers after the targeted-LDP session
is established. It also shows each peer sends a Label Mapping message which contains FEC TLV,
Label TLV and optional interfaceparameters. VC Type 5 indicates Ethernet Port mode.

PE1#show mpls l2transport vc detail
Local interface: Fa0/0 up, line protocol up, Ethernet up
Destination address: 2.2.2.2, VC ID: 1000, VC status: up
Next hop: point2point
Output interface: Se2/0, imposed label stack {18}
Create time: 00:12:43, last status change time: 00:12:15
Signaling protocol: LDP, peer 2.2.2.2:0 up
MPLS VC labels: local 18, remote 18
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description: Connected to CE2
Sequencing: receive disabled, send disabled

VC statistics:
packet totals: receive 97, send 98
byte totals: receive 10984, send 11106
packet drops: receive 0, seq error 0, send 0

EoMPLS Carrying One VLAN

September 14, 2016 by

EoMPLS Carrying Simple Ethernet

Disclaimer
This Configuration Guide is designed to assist members to enhance their skills in particular technology area. While
every effort has been made to ensure that all material is as complete and accurate as possible, the enclosed material
is presented on an “as is” basis. Neither the authors nor Forum assume any liability or responsibility to any person or
entity with respect to loss or damages incurred from the information contained in this guide. This configuration guide
was developed by Forum. Any similarities between material presented in this configuration guide and any other
material is completely coincidental.
Summary: The Attachment Circuit (AC) can be Ethernet port or 802.1Q sub-interface (VLAN). For each AC, LDP
signals different VC type via the targeted LDP session. VC Type 5 for Ethernet Port mode and VC Type 4 for
Ethernet VLAN mode. Here, Ethernet Port mode is described. In Ethernet Port mode, a VLAN header might or might
not be present on the frame. In any case, the PE router carries the frame transparently. This allows an Ethernet
Trunk to be carried over a single Pseudowire.

CE1 Router:

ip cef
 !
 interface FastEthernet0/0
 description Connected to PE1
 ip address 150.1.31.2 255.255.255.252
 !
 end

CE2 Router:

ip cef
 !
 interface FastEthernet0/0
 description Connected to PE1
 ip address 150.1.31.6 255.255.255.252
 !
 end

PE1 Router:
 ip cef
 mpls label protocol ldp
 !
 pseudowire-class MPLS_Encapsulation
 encapsulation mpls
 !
 interface Loopback0
 ip address 192.168.3.1 255.255.255.255
 ip ospf 1 area 0
 !
 interface FastEthernet0/0
 description Connected to CE1
 xconnect 192.168.3.2 1000 pw-class
 MPLS_Encapsulation
 !
 interface Serial2/0
 ip address 192.168.3.22 255.255.255.252
 ip ospf 1 area 0
 tag-switching ip
 !
 router ospf 1
 !
 tag-switching tdp router-id Loopback0 force
 !
 end

PE2 Router:
 ip cef
 !
 mpls label protocol ldp
 !
 interface Loopback0
 ip address 192.168.3.2
 255.255.255.255
 ip ospf 1 area 0
 !
 interface FastEthernet0/0
 description Connected to CE2
 xconnect 192.168.3.1 1000
 encapsulation mpls
 !
 interface Serial2/0
 ip address 192.168.3.21
 255.255.255.252
 ip ospf 1 area 0
 tag-switching ip
 !
 router ospf 1
 !
 tag-switching tdp router-id Loopback0
 force
 !
 end

Verification

PE1#show mpls l2transport vc

Local intf Local circuit Dest address VC ID Status
———– ————— —————- ——– ——–

Fa0/0 Ethernet 192.168.3.2 2000 UP

PE2#show mpls l2transport vc

Local intf	Local circuit	Dest address	VC ID	Status
———–	———–	———–	———–	———–
Fa0/0	Ethernet	192.168.3.1	2000	UP

PE1#sh mpls l2transport vc detail
Local interface: Fa0/0 up, line protocol up, Ethernet up
 Destination address: 192.168.3.2, VC ID: 2000, VC status: up
 Preferred path: not configured
 Default path: active
 Next hop: point2point
 Output interface: Se2/0, imposed label stack {17}
 Create time: 00:22:38, last status change time: 00:21:57
 Signaling protocol: LDP, peer 192.168.3.2:0 up
 MPLS VC labels: local 17, remote 17
 Group ID: local 0, remote 0
 MTU: local 1500, remote 1500
 Remote interface description: Connected to CE2
 Sequencing: receive disabled, send disabled
 VC statistics:
 packet totals: receive 157, send 154
 byte totals: receive 17709, send 17380
 packet drops: receive 0, seq error 0, send 0

PE2#sh mpls l2transport vc detail
Local interface: Fa0/0 up, line protocol up, Ethernet up
 Destination address: 192.168.3.1, VC ID: 2000, VC status: up
 Preferred path: not configured
 Default path: active
 Next hop: point2point
 Output interface: Se2/0, imposed label stack {17}
 Create time: 00:23:19, last status change time: 00:23:14
 Signaling protocol: LDP, peer 192.168.3.1:0 up
 MPLS VC labels: local 17, remote 17
 Group ID: local 0, remote 0
 MTU: local 1500, remote 1500
 Remote interface description: Connected to CE1
 Sequencing: receive disabled, send disabled
 VC statistics:
 packet totals: receive 162, send 165
 byte totals: receive 18238, send 18572
 packet drops: receive 0, seq error 0, send 0

EoMPLS Carrying Simple Ethernet

September 14, 2016 by

EoMPLS Carrying Simple Ethernet

CE1 Router:

ip cef
 !
 interface FastEthernet0/0
 description Connected to PE1
 ip address 150.1.31.2 255.255.255.252
 !
 end

CE2 Router:

ip cef
 !
 interface FastEthernet0/0
 description Connected to PE1
 ip address 150.1.31.6 255.255.255.252
 !
 end

PE1 Router:
 ip cef
 mpls label protocol ldp
 !
 pseudowire-class MPLS_Encapsulation
 encapsulation mpls
 !
 interface Loopback0
 ip address 192.168.3.1 255.255.255.255
 ip ospf 1 area 0
 !
 interface FastEthernet0/0
 description Connected to CE1
 xconnect 192.168.3.2 1000 pw-class
 MPLS_Encapsulation
 !
 interface Serial2/0
 ip address 192.168.3.22 255.255.255.252
 ip ospf 1 area 0
 tag-switching ip
 !
 router ospf 1
 !
 tag-switching tdp router-id Loopback0 force
 !
 end

PE2 Router:
 ip cef
 !
 mpls label protocol ldp
 !
 interface Loopback0
 ip address 192.168.3.2
 255.255.255.255
 ip ospf 1 area 0
 !
 interface FastEthernet0/0
 description Connected to CE2
 xconnect 192.168.3.1 1000
 encapsulation mpls
 !
 interface Serial2/0
 ip address 192.168.3.21
 255.255.255.252
 ip ospf 1 area 0
 tag-switching ip
 !
 router ospf 1
 !
 tag-switching tdp router-id Loopback0
 force
 !
 end

Verification

PE1#show mpls l2transport vc

Local intf	Local circuit	Dest address	VC ID	Status
-----------	-----------	-----------	-----------	-----------
Fa0/0	Ethernet	192.168.3.2	2000	UP

PE2#show mpls l2transport vc

Local intf	Local circuit	Dest address	VC ID	Status
-----------	-----------	-----------	-----------	-----------
Fa0/0	Ethernet	192.168.3.1	2000	UP

PE1#sh mpls l2transport vc detail
Local interface: Fa0/0 up, line protocol up, Ethernet up
 Destination address: 192.168.3.2, VC ID: 2000, VC status: up
 Preferred path: not configured
 Default path: active
 Next hop: point2point
 Output interface: Se2/0, imposed label stack {17}
 Create time: 00:22:38, last status change time: 00:21:57
 Signaling protocol: LDP, peer 192.168.3.2:0 up
 MPLS VC labels: local 17, remote 17
 Group ID: local 0, remote 0
 MTU: local 1500, remote 1500
 Remote interface description: Connected to CE2
 Sequencing: receive disabled, send disabled
 VC statistics:
 packet totals: receive 157, send 154
 byte totals: receive 17709, send 17380
 packet drops: receive 0, seq error 0, send 0

PE2#sh mpls l2transport vc detail
Local interface: Fa0/0 up, line protocol up, Ethernet up
 Destination address: 192.168.3.1, VC ID: 2000, VC status: up
 Preferred path: not configured
 Default path: active
 Next hop: point2point
 Output interface: Se2/0, imposed label stack {17}
 Create time: 00:23:19, last status change time: 00:23:14
 Signaling protocol: LDP, peer 192.168.3.1:0 up
 MPLS VC labels: local 17, remote 17
 Group ID: local 0, remote 0
 MTU: local 1500, remote 1500
 Remote interface description: Connected to CE1
 Sequencing: receive disabled, send disabled
 VC statistics:
 packet totals: receive 162, send 165
 byte totals: receive 18238, send 18572
 packet drops: receive 0, seq error 0, send 0

Internet connectivity through Route Leaking

September 14, 2016 by

internet-connectivity-thr-007

CE1 Router: ip cef ! interface Loopback0 ip address 203.1.0.1 255.255.255.255 ! interface Loopback1 ip address 203.1.1.1 255.255.255.0 ! interface FastEthernet0/0 ip address 150.1.31.18 255.255.255.252 ! router bgp 1 no synchronization network 203.1.0.1 mask 255.255.255.255 network 203.1.1.0 redistribute connected neighbor 150.1.31.17 remote-as 3 neighbor 150.1.31.17 allowas-in no auto-summary ! ip route 0.0.0.0 0.0.0.0 150.1.31.17 ! end	CE2 Router: ip cef ! interface Loopback0 ip address 203.1.0.2 255.255.255.255 ! interface Loopback1 ip address 203.1.2.1 255.255.255.0 ! interface FastEthernet0/0 ip address 150.1.31.14 255.255.255.252 ! router bgp 1 no synchronization network 203.1.0.2 mask 255.255.255.255 network 203.1.2.0 redistribute connected neighbor 150.1.31.13 remote-as 3 neighbor 150.1.31.13 allowas-in no auto-summary ! ip route 0.0.0.0 0.0.0.0 150.1.31.13 ! end
PE1 Router: ip cef! ip vrf vpna rd 3:10 route-target export 3:10 route-target import 3:10 ! mpls label protocol ldp ! interface Loopback1 ip address 192.168.3.1 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding vpna ip address 150.1.31.17 255.255.255.252 ! interface Serial2/0 ip address 192.168.3.18 255.255.255.252 mpls ip ! router ospf 1 redistribute static subnets network 192.168.3.0 0.0.0.255 area 0 ! router bgp 3 neighbor 192.168.3.2 remote-as 3 neighbor 192.168.3.2 update-source Loopback1 neighbor 192.168.3.4 remote-as 3 neighbor 192.168.3.4 update-source Loopback1 ! address-family ipv4 neighbor 192.168.3.2 activate neighbor 192.168.3.2 next-hop-self neighbor 192.168.3.2 soft-reconfiguration inbound neighbor 192.168.3.4 activate neighbor 192.168.3.4 next-hop-self neighbor 192.168.3.4 soft-reconfiguration inbound no auto-summary no synchronization network 192.168.3.1 mask 255.255.255.255 exit-address-family ! address-family vpnv4 neighbor 192.168.3.2 activate neighbor 192.168.3.2 send-community extended exit-address-family ! address-family ipv4 vrf vpna neighbor 150.1.31.18 remote-as 1 neighbor 150.1.31.18 activate neighbor 150.1.31.18 as-override no synchronization exit-address-family ! ip route 203.1.0.1 255.255.255.255 FastEthernet0/0 150.1.31.18 ip route 203.1.1.0 255.255.255.0 FastEthernet0/0 150.1.31.18 ip route vrf vpna 0.0.0.0 0.0.0.0 150.1.31.9 global ! mpls ldp router-id Loopback1 ! end	PE2 Router: ip cef ! ip vrf vpna rd 3:10 route-target export 3:10 route-target import 3:10 ! mpls label protocol ldp ! interface Loopback1 ip address 192.168.3.2 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding vpna ip address 150.1.31.13 255.255.255.252 ! interface Serial2/1 ip address 192.168.3.13 255.255.255.252 mpls ip ! router ospf 1 redistribute static subnets network 192.168.3.0 0.0.0.255 area 0 ! router bgp 3 neighbor 192.168.3.1 remote-as 3 neighbor 192.168.3.1 update-source Loopback1 neighbor 192.168.3.4 remote-as 3 neighbor 192.168.3.4 update-source Loopback1 ! address-family ipv4 neighbor 192.168.3.1 activate neighbor 192.168.3.1 next-hop-self neighbor 192.168.3.1 soft-reconfiguration inbound neighbor 192.168.3.4 activate neighbor 192.168.3.4 next-hop-self neighbor 192.168.3.4 soft-reconfiguration inbound no auto-summary no synchronization network 192.168.3.2 mask 255.255.255.255 exit-address-family ! address-family vpnv4 neighbor 192.168.3.1 activate neighbor 192.168.3.1 send-community extended exit-address-family ! address-family ipv4 vrf vpna neighbor 150.1.31.14 remote-as 1 neighbor 150.1.31.14 activate neighbor 150.1.31.14 as-override no synchronization exit-address-family ! ip route 203.1.0.2 255.255.255.255 FastEthernet0/0 150.1.31.14 ip route 203.1.2.0 255.255.255.0 FastEthernet0/0 150.1.31.14 ip route vrf vpna 0.0.0.0 0.0.0.0 150.1.31.9 global ! mpls ldp router-id Loopback1 ! end
P Router: ip cef ! mpls label protocol ldp ! interface Loopback1 ip address 192.168.3.3 255.255.255.255 ! interface Serial2/0 ip address 192.168.3.17 255.255.255.252 mpls ip ! interface Serial2/1 ip address 192.168.3.14 255.255.255.252 mpls ip ! interface Serial2/2 ip address 192.168.3.9 255.255.255.252 mpls ip ! router ospf 1 network 192.168.3.0 0.0.0.255 area 0 ! mpls ldp router-id Loopback1 ! end Internet Router: ip cef ! interface Loopback1 ip address 100.100.100.100 255.255.255.255 ! interface FastEthernet0/0 ip address 150.1.31.10 255.255.255.252 ! router bgp 200 no synchronization network 100.100.100.100 mask 255.255.255.255 neighbor 150.1.31.9 remote-as 3 neighbor 150.1.31.9 soft-reconfiguration inbound no auto-summary ! end	IGW Router: ip cef ! mpls label protocol ldp ! interface Loopback1 ip address 192.168.3.4 255.255.255.255 ! interface FastEthernet0/0 ip address 150.1.31.9 255.255.255.252 ! interface Serial2/2 ip address 192.168.3.10 255.255.255.252 mpls ip ! router ospf 1 network 0.0.0.0 255.255.255.255 area 0 ! router bgp 3 no synchronization network 192.168.3.4 mask 255.255.255.255 network 203.1.0.1 mask 255.255.255.255 network 203.1.0.2 mask 255.255.255.255 network 203.1.1.0 network 203.1.2.0 neighbor 150.1.31.10 remote-as 200 neighbor 150.1.31.10 soft-reconfiguration inbound neighbor 192.168.3.1 remote-as 3 neighbor 192.168.3.1 update-source Loopback1 neighbor 192.168.3.1 next-hop-self neighbor 192.168.3.1 soft-reconfiguration inbound neighbor 192.168.3.2 remote-as 3 neighbor 192.168.3.2 update-source Loopback1 neighbor 192.168.3.2 next-hop-self neighbor 192.168.3.2 soft-reconfiguration inbound no auto-summary ! mpls ldp router-id Loopback1 ! end
Verification: CE1#ping 100.100.100.100 source 203.1.1.1 Sending 5, 100-byte ICMP Echos to 100.100.100.100, timeout is 2 seconds: Packet sent with a source address of 203.1.1.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 732/473/672 ms CE2#ping 100.100.100.100 source 203.1.2.1 Sending 5, 100-byte ICMP Echos to 100.100.100.100, timeout is 2 seconds: Packet sent with a source address of 203.1.2.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 388/595/1044 ms PE1#show ip route vrf vpna Routing Table: vpna Gateway of last resort is 150.1.31.9 to network 0.0.0.0 B 203.1.2.0/24 [200/0] via 192.168.3.2, 00:13:54 B 203.1.1.0/24 [20/0] via 150.1.31.18, 00:14:00 203.1.0.0/32 is subnetted, 2 subnets B 203.1.0.2 [200/0] via 192.168.3.2, 00:13:54 B 203.1.0.1 [20/0] via 150.1.31.18, 00:14:00 150.1.0.0/30 is subnetted, 2 subnets B 150.1.31.12 [200/0] via 192.168.3.2, 00:13:54 C 150.1.31.16 is directly connected, FastEthernet0/0 S* 0.0.0.0/0 [1/0] via 150.1.31.9 INTERNET#show ip route Gateway of last resort is not set 100.0.0.0/32 is subnetted, 1 subnets C 100.100.100.100 is directly connected, Loopback1 B 203.1.2.0/24 [20/20] via 150.1.31.9, 00:16:47 B 203.1.1.0/24 [20/20] via 150.1.31.9, 00:16:47 203.1.0.0/32 is subnetted, 2 subnets B 203.1.0.2 [20/20] via 150.1.31.9, 00:16:47 B 203.1.0.1 [20/20] via 150.1.31.9, 00:16:47 150.1.0.0/30 is subnetted, 1 subnets C 150.1.31.8 is directly connected, FastEthernet0/0 192.168.3.0/32 is subnetted, 3 subnets B 192.168.3.2 [20/0] via 150.1.31.9, 00:16:47 B 192.168.3.1 [20/0] via 150.1.31.9, 00:16:47 B 192.168.3.4 [20/0] via 150.1.31.9, 00:16:47

Layer3 VPN with OSPF Protocol between CE-PE

September 14, 2016 by

Layer3 VPN with OSPF Protocol between CE-PE

layer3-vpn-with-ospf-prot-007

Task 1: BASIC OSPF MPLS and BGP Setup

Configure OSPF, MPLS, BGP on all PE-routers and P-router

Step 1: Configure following on respective P and PE routers

PE1 Router Initial Config:
hostname PE1
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.1 255.255.255.255
!
interface Fastethernet0/0
description *** Link to A1 ***
ip address 150.1.31.1 255.255.255.252
no shutdown
!
interface Serial2/0
description *** Link to PE2 ***
ip address 192.168.3.22 255.255.255.252
mpls ip
no shutdown
!
router ospf 1
Network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
neighbor 192.168.3.2 remote-as 3
neighbor 192.168.3.2 update-source
Loopback0
network 192.168.3.1 mask 255.255.255.255
!
end

PE2 Router Initial Config:
hostname PE2
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.2 255.255.255.255
!
interface FastEthernet0/0
description *** Link to A2 ***
ip address 150.1.31.5 255.255.255.252
no shutdown
!
interface Serial2/0
description *** Link to PE1 ***
ip address 192.168.3.21 255.255.255.252
mpls ip
no shutdown
!
interface Serial2/1
description *** Link to P ***
Ip address 192.168.3.18 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
network 192.168.3.2 mask 255.255.255.255
neighbor 192.168.3.3 remote-as 3
neighbor 192.168.3.3 update-source
Loopback0
neighbor 192.168.3.1 remote-as 3
neighbor 192.168.3.1 update-source
Loopback0
neighbor 192.168.3.1 route-reflector-client
!
end

PE3 Router Initial Config:
hostname PE3
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.3 255.255.255.255
!
interface FastEthernet0/0
description *** Link to A3 ***
ip address 150.1.31.13 255.255.255.252
no shutdown
!
interface Serial2/1
description *** Link to PE4 ***
ip address 192.168.3.10 255.255.255.252
mpls ip
no shutdown
!
interface Serial2/0
description *** Link to P ***
ip address 192.168.3.13 255.255.255.252
mpls ip
no shutdown
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
network 192.168.3.3 mask 255.255.255.255
neighbor 192.168.3.2 remote-as 3
neighbor 192.168.3.2 update-source Lo0
neighbor 192.168.3.4 remote-as 3
neighbor 192.168.3.4 update-source Lo0
neighbor 192.168.3.4 route-reflector-client
!
end

PE4 Router Initial Config:
hostname PE4
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.4 255.255.255.255
!
interface FastEthernet0/0
description *** Link to A4 ***
ip address 150.1.31.17 255.255.255.252
no shutdown
!
interface Serial2/1
description *** Link to PE3 ***
ip address 192.168.3.9 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
Router ospf 1
Network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
neighbor 192.168.3.3 remote-as 3
neighbor 192.168.3.3 update-source lo0
network 192.168.3.4 mask 255.255.255.255
!
end

P Router Config:
hostname P
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.5 255.255.255.255
!
interface Serial2/0
description *** Link to PE3 ***
ip address 192.168.3.14 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
interface Serial2/1
description *** Link to PE2 ***
ip address 192.168.3.17 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
end

Verification

PE1#sh ip route
 150.1.0.0/30 is subnetted, 1 subnets
C 150.1.31.0 is directly connected, FastEthernet0/0
 192.168.3.0/24 is variably subnetted, 9 subnets, 2 masks
O 192.168.3.8/30 [110/256] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.12/30 [110/192] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.3/32 [110/193] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.2/32 [110/65] via 192.168.3.21, 00:02:51, Serial1/0
C 192.168.3.1/32 is directly connected, Loopback0
O 192.168.3.5/32 [110/129] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.4/32 [110/257] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.16/30 [110/128] via 192.168.3.21, 00:02:51, Serial1/0
C 192.168.3.20/30 is directly connected, Serial1/0
PE4#sh ip bgp
BGP table version is 5, local router ID is 192.168.3.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              S Stale 
Origin codes: i-IGP, e-EGP, ?-incomplete

Network	Next Hop	Metric	LocPrf	Weight	Path
*>i192.168.3.1/32	192.168.3.1	0	100	0	i
*>i192.168.3.2/32	192.168.3.2	0	100	0	i
*>i192.168.3.3/32	192.168.3.3	0	100	0	i
*> 192.168.3.4/32	0.0.0.0	0		32768	i

A1 Router Initial Config:
hostname A1
!
interface Loopback0
ip address 203.1.0.1 255.255.255.255
!
interface Loopback1
ip address 203.1.1.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE1 ***
ip address 150.1.31.2 255.255.255.252
no shutdown
!
end

A2 Router Initial Config:
hostname A2
!
interface Loopback0
ip address 203.1.0.2 255.255.255.255
!
interface Loopback1
ip address 203.1.2.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE2 ***
ip address 150.1.31.6 255.255.255.252
no shutdown
!
end

A3 Router Initial Config:
hostname A3
!
interface Loopback0
ip address 203.1.0.3 255.255.255.255
!
interface Loopback1
ip address 203.1.3.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE3 ***
ip address 150.1.31.14 255.255.255.252
no shutdown
!
end

A4 Router Initial Config:
hostname A4
!
interface Loopback0
ip address 203.1.0.4 255.255.255.255
!
interface Loopback1
ip address 203.1.4.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE4 ***
ip address 150.1.31.18 255.255.255.252
no shutdown
!
end

Task 2: Configure Multiprotocol BGP

Configure multi-protocol BGP between provider-edge (PE)
routers.

Step 1 Activate VPNv4 BGP sessions between all PE routers in your Service Provider backbone.

Step 2 On the PE routers acting as route reflectors, configure the route-reflector clients under the VPNv4 address
family.

The following commands need to be entered on the PE-routers:
PE1(config)#
router bgp 3
address-family vpnv4
 neighbor 192.168.3.2 activate
 no auto-summary

PE2(config)#
router bgp 3
 address-family vpnv4
 neighbor 192.168.3.1 activate
 neighbor 192.168.3.1 route-reflector-client
 neighbor 192.168.3.3 activate
 no auto-summary

PE3(config)#
router bgp 3
 address-family vpnv4
 neighbor 192.168.3.2 activate
 neighbor 192.168.3.4 activate
 neighbor 192.168.3.4 route-reflector-client
 no auto-summary

PE4(config)#
router bgp 3
 address-family vpnv4
 neighbor 192.168.3.3 activate
 no auto-summary

Task 3: Configure VRF Tables

The following commands need to be entered on PE router:
PE1(config)#
ip vrf vpna
 rd 3:10
 route-target both 3:10
!
interface FastEthernet0/0
 description *** Link to A1 ***
 ip vrf forwarding vpna
 ip address 150.1.31.1 255.255.255.252
Note: "ip vrf forwarding vpna" will remove IP address,
so IP address need to be reconfigured

PE2(config)#
ip vrf vpna
 rd 3:10
 route-target both 3:10 
!
interface FastEthernet0/0
 description *** Link to A2 ***
 ip vrf forwarding vpna
 ip address 150.1.31.5 255.255.255.252

PE3(config)#
ip vrf vpna
 rd 3:10
 route-target both 3:10
!
interface fastEthernet0/0
 description *** Link to A3 ***
 ip vrf forwarding vpna
 ip address 150.1.31.13 255.255.255.252

PE4(config)#
ip vrf vpna
 rd 3:10
 route-target both 3:10
!
interface FastEthernet0/0
 description *** Link to A4 ***
 ip vrf forwarding vpna
 ip address 150.1.31.17 255.255.255.252

Verification

PE3#show ip vrf

Name	Default RD	Interfaces
vpna	3:10	FastEthernet0/0

Task 3: Configure PE-CE Routing

Configure OSPF Routing Protocol between PE and CE router.

Step 1: Configure OSPF on all PE routers to learn routes from respective CE routers.

Step 2: Configure IPv4 BGP instance for customer VRF VPNA on PE routers

Step 3: Redistribute between OSPF and BGP on PE routers

The following commands need to be entered on all PE router:
router ospf 3 vrf vpna
 log-adjacency-changes
 redistribute bgp 3 subnets
 network 150.1.0.0 0.0.255.255 area 0
!
router bgp 3
 address-family ipv4 vrf vpna
 redistribute ospf 3 vrf vpna

Step 4: Configure OSPF on all CE routers

The following commands need to be entered on all CE router:
(config)#
router ospf 3
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0

Verification:

Step 5 To check status of link between PE and CE use VRF Ping. Normal ping will not work as your PE – CE link and interface is not part of global routing table, it is now part of VRF table.

A sample VRF Ping printout is shown below:
PE1#ping 150.1.31.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.31.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
PE1#ping vrf vpna 150.1.31.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.31.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/47/68 ms

Step 6 A sample VRF Telnet printout is shown below:

PE1#telnet 150.1.31.2 /vrf vpna
Trying 150.1.31.2 ... Open
User Access Verification
Password:

Step 7 To check VRF table for VPNA give following command on PE1 router

PE1#show ip route vrf vpna
Routing Table: vpna
Codes: C-connected, S- static, I-IGRP, R-RIP, M-mobile, B-BGP
 D-EIGRP, EX-EIGRP external, O-OSPF, IA-OSPF inter area
 N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2
 E1-OSPF external type 1, E2-OSPF external type 2, E-EGP
 i-IS-IS, su-IS-IS summary, L1-IS-IS level-1, L2-IS-IS level-2
 ia-IS-IS inter area, *-candidate default, U-per-user static route
 o-ODR

Gateway of last resort is not set

203.1.4.0/32 is subnetted, 1 subnets
B 203.1.4.1 [200/2] via 192.168.3.4, 00:13:43
 203.1.3.0/32 is subnetted, 1 subnets
B 203.1.3.1 [200/2] via 192.168.3.3, 00:13:58
 203.1.2.0/32 is subnetted, 1 subnets
B 203.1.2.1 [200/2] via 192.168.3.2, 00:13:58
 203.1.1.0/32 is subnetted, 1 subnets
O 203.1.1.1 [110/2] via 150.1.31.2, 00:14:16, FastEthernet0/0
 203.1.0.0/32 is subnetted, 4 subnets
B 203.1.0.2 [200/2] via 192.168.3.2, 00:13:58
B 203.1.0.3 [200/2] via 192.168.3.3, 00:13:58
O 203.1.0.1 [110/2] via 150.1.31.2, 00:14:18, FastEthernet0/0
B 203.1.0.4 [200/2] via 192.168.3.4, 00:13:45
 150.1.0.0/30 is subnetted, 5 subnets
B 150.1.31.8 [200/0] via 192.168.3.3, 00:13:45
B 150.1.31.12 [200/0] via 192.168.3.3, 00:13:45
C 150.1.31.0 is directly connected, FastEthernet0/0
B 150.1.31.4 [200/0] via 192.168.3.2, 00:14:01
B 150.1.31.16 [200/0] via 192.168.3.4, 00:13:45

PE1#

Step 8 To check BGP table for VRF VPNA give following command on PE1 router

PE1#show ip bgp vpnv4 vrf vpna
BGP table version is 25, local router ID is 192.168.3.1
Status codes: s suppressed, d damped, h history, *valid, >best, i-internal,
 r RIB-failure, S Stale 
Origin codes: i-IGP, e-EGP, ?-incomplete

Network Route Distinguisher	Next Hop 3:10	Metric (default for vrf vpna)	LocPrf	Weight	Path
*> 150.1.31.0/30	0.0.0.0	0		32768	?
	192.168.3.2	0	100	0	?
*>i150.1.31.8/30	192.168.3.3	0	100	0	?
*>i150.1.31.12/30	192.168.3.3	0	100	0	?
*>i150.1.31.16/30	192.168.3.4	0	100	0	?
*> 203.1.0.1/32	150.1.31.2	2		32768	?
*>i203.1.0.2/32	192.168.3.2	2	100	0	?
*>i203.1.0.3/32	192.168.3.3	2	100	0	?
*>i203.1.0.4/32	192.168.3.4	2	100	0	?
*> 203.1.1.1/32	150.1.31.2	2		32768	?
*>i203.1.2.1/32	192.168.3.2	2	100	0	?
*>i203.1.3.1/32	192.168.3.3	2	100	0	?
*>i203.1.4.1/32	192.168.3.4	2	100	0	?

PE1#

Step 9 To check CE Routing table give following command on A1 router

A1#show ip route
Codes: C-connected, S-static, I-IGRP, R-RIP, M-mobile, B-BGP
 D-EIGRP, EX-EIGRP external, O-OSPF, IA-OSPF inter area
 N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2
 E1-OSPF external type 1, E2-OSPF external type 2, E-EGP
 i-IS-IS, su-IS-IS summary, L1-IS-IS level-1, L2-IS-IS level-2
 ia-IS-IS inter area, *-candidate default, U-per-user static route
 o-ODR

Gateway of last resort is not set

203.1.4.0/32 is subnetted, 1 subnets
O IA 203.1.4.1 [110/3] via 150.1.31.1, 00:16:27, FastEthernet0/0
 203.1.3.0/32 is subnetted, 1 subnets
O IA 203.1.3.1 [110/3] via 150.1.31.1, 00:16:27, FastEthernet0/0
 203.1.2.0/32 is subnetted, 1 subnets
O IA 203.1.2.1 [110/3] via 150.1.31.1, 00:16:27, FastEthernet0/0
C 203.1.1.0/24 is directly connected, Loopback1
 203.1.0.0/32 is subnetted, 4 subnets
O IA 203.1.0.2 [110/3] via 150.1.31.1, 00:16:27, FastEthernet0/0
O IA 203.1.0.3 [110/3] via 150.1.31.1, 00:16:27, FastEthernet0/0
C 203.1.0.1 is directly connected, Loopback0
O IA 203.1.0.4 [110/3] via 150.1.31.1, 00:16:27, FastEthernet0/0
 150.1.0.0/30 is subnetted, 5 subnets
O IA 150.1.31.8 [110/2] via 150.1.31.1, 00:16:34, FastEthernet0/0
O IA 150.1.31.12 [110/2] via 150.1.31.1, 00:16:34, FastEthernet0/0
C 150.1.31.0 is directly connected, FastEthernet0/0
O IA 150.1.31.4 [110/2] via 150.1.31.1, 00:16:34, FastEthernet0/0
O IA 150.1.31.16 [110/2] via 150.1.31.1, 00:16:34, FastEthernet0/0

A1#

Step 10 To check CE Routing table give following command on A4 router

A4#show ip route

Codes: C-connected, S-static, I-IGRP, R-RIP, M-mobile, B-BGP
D-EIGRP, EX-EIGRP external, O-OSPF, IA-OSPF inter area
N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2
E1-OSPF external type 1, E2-OSPF external type 2, E-EGP
i-IS-IS, su-IS-IS summary, L1-IS-IS level-1, L2-IS-IS level-2
ia-IS-IS inter area, *-candidate default, U-per-user static route
o-ODR

Gateway of last resort is not set

C 203.1.4.0/24 is directly connected, Loopback1
 203.1.3.0/32 is subnetted, 1 subnets
O IA 203.1.3.1 [110/3] via 150.1.31.17, 00:18:33, FastEthernet0/0
 203.1.2.0/32 is subnetted, 1 subnets
O IA 203.1.2.1 [110/3] via 150.1.31.17, 00:18:33, FastEthernet0/0
 203.1.1.0/32 is subnetted, 1 subnets
O IA 203.1.1.1 [110/3] via 150.1.31.17, 00:18:33, FastEthernet0/0
 203.1.0.0/32 is subnetted, 4 subnets
O IA 203.1.0.2 [110/3] via 150.1.31.17, 00:18:33, FastEthernet0/0
O IA 203.1.0.3 [110/3] via 150.1.31.17, 00:18:33, FastEthernet0/0
O IA 203.1.0.1 [110/3] via 150.1.31.17, 00:18:33, FastEthernet0/0
C 203.1.0.4 is directly connected, Loopback0
 150.1.0.0/30 is subnetted, 5 subnets
O IA 150.1.31.8 [110/2] via 150.1.31.17, 00:18:34, FastEthernet0/0
O IA 150.1.31.12 [110/2] via 150.1.31.17, 00:18:34, FastEthernet0/0
O IA 150.1.31.0 [110/2] via 150.1.31.17, 00:18:34, FastEthernet0/0
O IA 150.1.31.4 [110/2] via 150.1.31.17, 00:18:34, FastEthernet0/0
C 150.1.31.16 is directly connected, FastEthernet0/0

Layer3 VPN with RIP protocol between CE-PE

September 14, 2016 by

Layer3 VPN with RIP protocol between CE-PE

layer3-vpn-with-ospf-prot-007

Task 1: BASIC OSPF MPLS and BGP Setu

Configure OSPF, MPLS, BGP on all PE-routers and P-router

Step 1. Configure following on respective P and PE routers:

PE1 Router Initial Config:
hostname PE1
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.1 255.255.255.255
!
interface Fastethernet0/0
description *** Link to A1 ***
ip address 150.1.31.1 255.255.255.252
no shutdown
!
interface Serial2/0
description *** Link to PE2 ***
ip address 192.168.3.22 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
router ospf 1
Network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
neighbor 192.168.3.2 remote-as 3
neighbor 192.168.3.2 update-source
Loopback0
network 192.168.3.1 mask 255.255.255.255
!
end

PE2 Router Initial Config:
hostname PE2
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.2 255.255.255.255
!
interface FastEthernet0/0
description *** Link to A2 ***
ip address 150.1.31.5 255.255.255.252
no shutdown
!
interface Serial2/0
description *** Link to PE1 ***
ip address 192.168.3.21 255.255.255.252
mpls ip
no shutdown
!
interface Serial2/1
description *** Link to P ***
Ip address 192.168.3.18 255.255.255.252
mpls ip
no shutdown
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
network 192.168.3.2 mask 255.255.255.255
neighbor 192.168.3.3 remote-as 3
neighbor 192.168.3.3 update-source
Loopback0
neighbor 192.168.3.1 remote-as 3
neighbor 192.168.3.1 update-source
Loopback0
neighbor 192.168.3.1 route-reflector-client
!
end

PE3 Router Initial Config:
hostname PE3
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.3 255.255.255.255
!
interface FastEthernet0/0
description *** Link to A3 ***
ip address 150.1.31.13 255.255.255.252
no shutdown
!
interface Serial2/1
description *** Link to PE4 ***
ip address 192.168.3.10 255.255.255.252
mpls ip
no shutdown
!
interface Serial2/0
description *** Link to P ***
ip address 192.168.3.13 255.255.255.252
mpls ip
no shutdown
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
network 192.168.3.3 mask 255.255.255.255
neighbor 192.168.3.2 remote-as 3
neighbor 192.168.3.2 update-source
Loopback0
neighbor 192.168.3.4 remote-as 3
neighbor 192.168.3.4 update-source
Loopback0
neighbor 192.168.3.4 route-reflector-client
!
end

PE4 Router Initial Config:
hostname PE4
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.4 255.255.255.255
!
interface FastEthernet0/0
description *** Link to A4 ***
ip address 150.1.31.17 255.255.255.252
no shutdown
!
interface Serial2/1
description *** Link to PE3 ***
ip address 192.168.3.9 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
Router ospf 1
Network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
no auto-summary
neighbor 192.168.3.3 remote-as 3
neighbor 192.168.3.3 update-source
Loopback0
network 192.168.3.4 mask 255.255.255.255
!
end

P Router Config:
hostname P
!
ip cef
mpls label protocol ldp
mpls ldp router-id Loopback0
!
interface Loopback0
ip address 192.168.3.5 255.255.255.255
!
interface Serial2/0
description *** Link to PE3 ***
ip address 192.168.3.14 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
interface Serial2/1
description *** Link to PE2 ***
ip address 192.168.3.17 255.255.255.252
clock rate 64000
mpls ip
no shutdown
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
end

Verification

PE1#sh ip route
 150.1.0.0/30 is subnetted, 1 subnets
C 150.1.31.0 is directly connected, FastEthernet0/0
 192.168.3.0/24 is variably subnetted, 9 subnets, 2 masks
O 192.168.3.8/30 [110/256] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.12/30 [110/192] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.3/32 [110/193] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.2/32 [110/65] via 192.168.3.21, 00:02:51, Serial1/0
C 192.168.3.1/32 is directly connected, Loopback0
O 192.168.3.5/32 [110/129] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.4/32 [110/257] via 192.168.3.21, 00:02:51, Serial1/0
O 192.168.3.16/30 [110/128] via 192.168.3.21, 00:02:51, Serial1/0
C 192.168.3.20/30 is directly connected, Serial1/0

PE4#sh ip bgp
BGP table version is 5, local router ID is 192.168.3.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              S Stale 
Origin codes: i - IGP, e - EGP, ? - incomplete

Network	Next Hop	Metric	LocPrf	Weight	Path
*>i192.168.3.1/32	192.168.3.1	0	100	0	i
*>i192.168.3.2/32	192.168.3.2	0	100	0	i
*>i192.168.3.3/32	192.168.3.3	0	100	0	i
*> 192.168.3.4/32	0.0.0.0	0		32768	i

A1 Router Initial Config:
hostname A1
!
interface Loopback0
ip address 203.1.0.1 255.255.255.255
!
interface Loopback1
ip address 203.1.1.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE1 ***
ip address 150.1.31.2 255.255.255.252
no shutdown
!
end

A2 Router Initial Config:
hostname A2
!
interface Loopback0
ip address 203.1.0.2 255.255.255.255
!
interface Loopback1
ip address 203.1.2.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE2 ***
ip address 150.1.31.6 255.255.255.252
no shutdown
!
end

A3 Router Initial Config:
hostname A3
!
interface Loopback0
ip address 203.1.0.3 255.255.255.255
!
interface Loopback1
ip address 203.1.3.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE3 ***
ip address 150.1.31.14 255.255.255.252
no shutdown
!
end

A3 Router Initial Config:
hostname A3
!
interface Loopback0
ip address 203.1.0.3 255.255.255.255
!
interface Loopback1
ip address 203.1.3.1 255.255.255.0
!
interface FastEthernet0/0
description *** Link to PE3 ***
ip address 150.1.31.14 255.255.255.252
no shutdown
!
end

Task 2: Configure Multiprotocol BGP

Configure multi-protocol BGP between provider-edge (PE) routers.

Step 1 Activate VPNv4 BGP sessions between all PE routers in your Service Provider backbone.

Step 2 On the PE routers acting as route reflectors, configure the route-reflector clients under the VPNv4 address family.

The following commands need to be entered on the PE-routers:
PE1(config)#
router bgp 3
address-family vpnv4
 neighbor 192.168.3.2 activate
 no auto-summary

PE2(config)#
router bgp 3
 address-family vpnv4
 neighbor 192.168.3.1 activate
 neighbor 192.168.3.1 route-reflector-client
 neighbor 192.168.3.3 activate
 no auto-summary

PE3(config)#
router bgp 3
 address-family vpnv4
 neighbor 192.168.3.2 activate
 neighbor 192.168.3.4 activate
 neighbor 192.168.3.4 route-reflector-client
 no auto-summary

PE4(config)#
router bgp 3
 address-family vpnv4
 neighbor 192.168.3.3 activate
 no auto-summary

Task 3: Configure VRF Tables

The following commands need to be entered on PE router:
PE1(config)#
ip vrf vpna
 rd 3:10
 route-target both 3:10
!
interface FastEthernet0/0
 description *** Link to A1 ***
 ip vrf forwarding vpna
 ip address 150.1.31.1 255.255.255.252
Note: "ip vrf forwarding vpna" will remove IP address,
so IP address need to be reconfigured

PE2(config)#
ip vrf vpna
 rd 3:10 
 route-target both 3:10
!
interface FastEthernet0/0
 description *** Link to A2 ***
 ip vrf forwarding vpna
 ip address 150.1.31.5 255.255.255.252

PE3(config)#
ip vrf vpna
 rd 3:10
 route-target both 3:10
!
interface fastEthernet0/0
 description *** Link to A3 ***
 ip vrf forwarding vpna
 ip address 150.1.31.13 255.255.255.252

PE4(config)#
ip vrf vpna
 rd 3:10
 route-target both 3:10
!
interface FastEthernet0/0
 description *** Link to A4 ***
 ip vrf forwarding vpna
 ip address 150.1.31.17 255.255.255.252

Verification

PE3#show ip vrf

Name	Default RD	Interfaces
vpna	3:10	FastEthernet0/0

Task 3: Configure PE-CE Routing

Configure RIP Routing Protocol between PE and CE router.

Step 1 Configure RIP on all PE routers to learn routes from respective CE routers.

Step 2 Configure IPv4 BGP instance for customer VRF VPNA on PE routers

Step 3 Redistribute between RIP and BGP on PE routers

The following commands need to be entered on all PE router:
router rip
 version 2
 address-family ipv4 vrf vpna
 redistribute bgp 3 metric transparent
 network 150.1.0.0
!
router bgp 3
 address-family ipv4 vrf vpna
 redistribute rip

Step 4: Configure RIP on all CE routers

The following commands need to be entered on CE router:
A1(config)#
router rip
 version 2
 network 150.1.0.0 
 network 203.1.0.0
 network 203.1.1.0
 no auto-summary

A2(config)#
router rip
 version 2
 network 150.1.0.0
 network 203.1.0.0
 network 203.1.2.0
 no auto-summary

A3(config)#
router rip
 version 2
 network 150.1.0.0
 network 203.1.0.0
 network 203.1.3.0
 no auto-summary

A4(config)#
router rip
 version 2
 network 150.1.0.0
 network 203.1.0.0
 network 203.1.4.0
 no auto-summary

Verification:

Step 5 To check status of link between PE and CE use VRF Ping. Normal ping will not work as your PE – CE link
and interface is not part of global routing table, it is now part of VRF table.

A sample VRF Ping printout is shown below:
PE1#ping 150.1.31.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.31.2, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
PE1#ping vrf vpna 150.1.31.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 150.1.31.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/47/68 ms
Step 6 A sample VRF Telnet printout is shown below:
PE1#telnet 150.1.31.2 /vrf vpna
Trying 150.1.31.2 ... Open
User Access Verification
Password:

Step 7 To check VRF table for VPNA give following command on PE1 router

PE1#show ip route vrf vpna
Routing Table: vpna
Codes: C-connected, S-static, I-IGRP, R-RIP, M-mobile, B-BGP
 D-EIGRP, EX-EIGRP external, O-OSPF, IA-OSPF inter area
 N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2
 E1-OSPF external type 1, E2-OSPF external type 2, E-EGP
 i-IS-IS, su-IS-IS summary, L1-IS-IS level-1, L2-IS-IS level-2
 ia-IS-IS inter area, *-candidate default, U-per-user static route 
 o-ODR

Gateway of last resort is not set

B 203.1.4.0/24 [200/1] via 192.168.3.4, 00:37:06
B 203.1.3.0/24 [200/1] via 192.168.3.3, 00:37:21
B 203.1.2.0/24 [200/1] via 192.168.3.2, 00:37:36
R 203.1.1.0/24 [120/1] via 150.1.31.2, 00:00:10, FastEthernet0/0
 203.1.0.0/32 is subnetted, 4 subnets
B 203.1.0.2 [200/1] via 192.168.3.2, 00:37:36
B 203.1.0.3 [200/1] via 192.168.3.3, 00:37:21
R 203.1.0.1 [120/1] via 150.1.31.2, 00:00:10, FastEthernet0/0
B 203.1.0.4 [200/1] via 192.168.3.4, 00:37:06
 150.1.0.0/30 is subnetted, 4 subnets
B 150.1.31.12 [200/0] via 192.168.3.3, 00:37:36
C 150.1.31.0 is directly connected, FastEthernet0/0
B 150.1.31.4 [200/0] via 192.168.3.2, 00:37:52
B 150.1.31.16 [200/0] via 192.168.3.4, 00:37:37
PE1#

Step 8 To check BGP table for VRF VPNA give following command on PE1 router

PE1#show ip bgp vpnv4 vrf vpna
BGP table version is 25, local router ID is 192.168.3.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
 r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network	Next Hop	Metric	LocPrf	Weight	Path
*> 150.1.31.0/30	0.0.0.0	0		32768	?
*>i150.1.31.4/30	192.168.3.2	0	100	0	?
*>i150.1.31.12/30	192.168.3.3	0	100	0	?
*>i150.1.31.16/30	192.168.3.4	0	100	0	?
*> 203.1.0.1/32	150.1.31.2	1		32768	?
*>i203.1.0.2/32	192.168.3.2	1	100	0	?
*>i203.1.0.3/32	192.168.3.3	1	100	0	?
*>i203.1.0.4/32	192.168.3.4	1	100	0	?
*> 203.1.1.0	150.1.31.2	1		32768	?
*>i203.1.2.0	192.168.3.2	1	100	0	?
*>i203.1.3.0	192.168.3.3	1	100	0	?
*>i203.1.4.0	192.168.3.4	1	100	0	?

PE1#

Step 9 To check CE Routing table give following command on A1 router

A1#show ip route
Codes: C-connected, S-static, I-IGRP, R-RIP, M-mobile, B-BGP
 D-EIGRP, EX-EIGRP external, O-OSPF, IA-OSPF inter area
 N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2
 E1-OSPF external type 1, E2-OSPF external type 2, E-EGP
 i-IS-IS, su-IS-IS summary, L1-IS-IS level-1, L2-IS-IS level-2
 ia-IS-IS inter area, *-candidate default, U-per-user static route
 o-ODR

Gateway of last resort is not set

R 203.1.4.0/24 [120/2] via 150.1.31.1, 00:00:26, FastEthernet0/0
R 203.1.3.0/24 [120/2] via 150.1.31.1, 00:00:26, FastEthernet0/0
R 203.1.2.0/24 [120/2] via 150.1.31.1, 00:00:26, FastEthernet0/0
C 203.1.1.0/24 is directly connected, Loopback1
 203.1.0.0/32 is subnetted, 4 subnets 
R 203.1.0.2 [120/2] via 150.1.31.1, 00:00:26, FastEthernet0/0
R 203.1.0.3 [120/2] via 150.1.31.1, 00:00:26, FastEthernet0/0
C 203.1.0.1 is directly connected, Loopback0
R 203.1.0.4 [120/2] via 150.1.31.1, 00:00:26, FastEthernet0/0
 150.1.0.0/30 is subnetted, 4 subnets
R 150.1.31.12 [120/1] via 150.1.31.1, 00:00:26, FastEthernet0/0
C 150.1.31.0 is directly connected, FastEthernet0/0
R 150.1.31.4 [120/1] via 150.1.31.1, 00:00:26, FastEthernet0/0
R 150.1.31.16 [120/1] via 150.1.31.1, 00:00:28, FastEthernet0/0
A1#

Step 10: To check CE Routing table give following command on A4 router

A4#show ip route
Codes: C-connected, S-static, I-IGRP, R-RIP, M-mobile, B-BGP
 D-EIGRP, EX-EIGRP external, O-OSPF, IA-OSPF inter area
 N1-OSPF NSSA external type 1, N2-OSPF NSSA external type 2
 E1-OSPF external type 1, E2-OSPF external type 2, E-EGP
 i-IS-IS, su-IS-IS summary, L1-IS-IS level-1, L2-IS-IS level-2
 ia-IS-IS inter area, *-candidate default, U-per-user static route
 o-ODR

Gateway of last resort is not set

C 203.1.4.0/24 is directly connected, Loopback1
R 203.1.3.0/24 [120/2] via 150.1.31.17, 00:00:14, FastEthernet0/0
R 203.1.2.0/24 [120/2] via 150.1.31.17, 00:00:14, FastEthernet0/0
R 203.1.1.0/24 [120/2] via 150.1.31.17, 00:00:14, FastEthernet0/0
 203.1.0.0/32 is subnetted, 4 subnets
R 203.1.0.2 [120/2] via 150.1.31.17, 00:00:14, FastEthernet0/0
R 203.1.0.3 [120/2] via 150.1.31.17, 00:00:14, FastEthernet0/0
R 203.1.0.1 [120/2] via 150.1.31.17, 00:00:14, FastEthernet0/0
C 203.1.0.4 is directly connected, Loopback0
 150.1.0.0/30 is subnetted, 4 subnets
R 150.1.31.12 [120/1] via 150.1.31.17, 00:00:14, FastEthernet0/0
R 150.1.31.0 [120/1] via 150.1.31.17, 00:00:14, FastEthernet0/0
R 150.1.31.4 [120/1] via 150.1.31.17, 00:00:14, FastEthernet0/0
C 150.1.31.16 is directly connected, FastEthernet0/0

Multi-VRF or VRF-Lite

September 14, 2016 by

Multi-VRF or VRF-Lite

layer3-vpn-with-ospf-prot-007

CE1 Router:
ip cef
!
ip vrf vpna
rd 3:10
route-target export 3:10
route-target import 3:10
!
ip vrf vpnb
rd 3:20
route-target export 3:20
route-target import 3:20
!
ip vrf vpnc
rd 3:30
route-target export 3:30
route-target import 3:30
!
interface Loopback10
ip vrf forwarding vpna
ip address 10.0.0.1 255.255.255.0
!
interface Loopback11
ip vrf forwarding vpnb
ip address 20.0.0.1 255.255.255.0
!
interface Loopback12
ip vrf forwarding vpnc
ip address 30.0.0.1 255.255.255.0
!
interface FastEthernet0/0.1
encapsulation dot1Q 10
ip vrf forwarding vpna
ip address 150.1.40.2 255.255.255.252
!
interface FastEthernet0/0.2
encapsulation dot1Q 20
ip vrf forwarding vpnb
ip address 150.1.40.6 255.255.255.252
!
interface FastEthernet0/0.3
encapsulation dot1Q 30
ip vrf forwarding vpnc
ip address 150.1.40.10 255.255.255.252
!
router ospf 10 vrf vpna
capability vrf-lite
network 10.0.0.0 0.0.0.255 area 0
network 150.1.40.0 0.0.0.3 area 0 

!
router ospf 20 vrf vpnb
capability vrf-lite
network 20.0.0.0 0.0.0.255 area 0
network 150.1.40.4 0.0.0.3 area 0
!
router ospf 30 vrf vpnc
capability vrf-lite
network 30.0.0.0 0.0.0.255 area 0
network 150.1.40.8 0.0.0.3 area 0
!
end

CE2 Router:
interface Loopback0
ip address 203.1.0.2 255.255.255.255
!
interface Loopback1
ip address 203.1.2.1 255.255.255.0
!
interface FastEthernet0/0
ip address 150.1.31.6 255.255.255.252
!
router ospf 10
network 0.0.0.0 255.255.255.255 area 0
!
end
CE3 Router:
interface Loopback0
ip address 203.1.0.3 255.255.255.255
!
interface Loopback1
ip address 203.1.3.1 255.255.255.0
!
interface FastEthernet0/0
ip address 150.1.31.14 255.255.255.252
!
router ospf 20
network 0.0.0.0 255.255.255.255 area 0
!
end
CE4 Router:
interface Loopback0
ip address 203.1.0.4 255.255.255.255
!
interface Loopback1
ip address 203.1.4.1 255.255.255.0
!
interface FastEthernet0/0
ip address 150.1.31.18 255.255.255.252
!
router ospf 30
network 0.0.0.0 255.255.255.255 area 0
!
end

PE1 Router:
ip cef
!
ip vrf vpna
rd 3:10
route-target export 3:10
route-target import 3:10
!
ip vrf vpnb
rd 3:20
route-target export 3:20
route-target import 3:20
!
ip vrf vpnc
rd 3:30
route-target export 3:30
route-target import 3:30
!
mpls label protocol ldp
!
interface Loopback0
ip address 192.168.3.1 255.255.255.255
no ip directed-broadcast
!
interface FastEthernet0/0.1
encapsulation dot1Q 10
ip vrf forwarding vpna
ip address 150.1.40.1 255.255.255.252
no ip directed-broadcast
!
interface FastEthernet0/0.2
encapsulation dot1Q 20
ip vrf forwarding vpnb
ip address 150.1.40.5 255.255.255.252
no ip directed-broadcast
!
interface FastEthernet0/0.3
encapsulation dot1Q 30
ip vrf forwarding vpnc
ip address 150.1.40.9 255.255.255.252
no ip directed-broadcast
!
interface Serial2/0
description *** Link to PE2 ***
ip address 192.168.3.22 255.255.255.252
tag-switching ip
!
router ospf 10 vrf vpna
redistribute bgp 3 subnets
network 150.1.40.0 0.0.0.3 area 0
!
router ospf 20 vrf vpnb
redistribute bgp 3 subnets
network 150.1.40.4 0.0.0.3 area 0
!
router ospf 30 vrf vpnc
redistribute bgp 3 subnets
network 150.1.40.8 0.0.0.3 area 0
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
bgp log-neighbor-changes
network 192.168.3.1 mask 255.255.255.255
neighbor 192.168.3.2 remote-as 3
neighbor 192.168.3.2 update-source
Loopback0
no auto-summary
!
address-family vpnv4
neighbor 192.168.3.2 activate
neighbor 192.168.3.2 send-community
extended
exit-address-family
!
address-family ipv4 vrf vpnc
redistribute ospf 30 vrf vpnc
no synchronization
exit-address-family
!
address-family ipv4 vrf vpnb
redistribute ospf 20 vrf vpnb
no synchronization
exit-address-family
!
address-family ipv4 vrf vpna
redistribute ospf 10 vrf vpna
no synchronization
exit-address-family
!
tag-switching tdp router-id Loopback0
end

P Router:
ip cef
!
mpls label protocol ldp
!
interface Loopback0
ip address 192.168.3.5 255.255.255.255
no ip directed-broadcast
!
interface Serial2/0
ip address 192.168.3.14 255.255.255.252
tag-switching ip
!
interface Serial2/1
ip address 192.168.3.17 255.255.255.252
tag-switching ip
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
tag-switching tdp router-id Loopback0
!
end
PE3 Router:
ip cef
!
ip vrf vpnb
rd 3:20
route-target export 3:20
route-target import 3:20
!
mpls label protocol ldp
!
interface Loopback0
ip address 192.168.3.3 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding vpnb
ip address 150.1.31.13 255.255.255.252
!
interface Serial2/0
ip address 192.168.3.13 255.255.255.252
tag-switching ip
!
interface Serial2/1
ip address 192.168.3.10 255.255.255.252
tag-switching ip
!
router ospf 20 vrf vpnb
redistribute bgp 3 subnets
network 150.1.0.0 0.0.255.255 area 0
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
network 192.168.3.3 mask 255.255.255.255
neighbor 192.168.3.2 remote-as 3
neighbor 192.168.3.2 update-source Loopback0
neighbor 192.168.3.2 route-reflector-client
neighbor 192.168.3.4 remote-as 3
neighbor 192.168.3.4 update-source Loopback0
neighbor 192.168.3.4 route-reflector-client
no auto-summary
!
address-family vpnv4
neighbor 192.168.3.2 activate
neighbor 192.168.3.2 send-community extended
neighbor 192.168.3.4 activate
neighbor 192.168.3.4 send-community extended
neighbor 192.168.3.4 route-reflector-client
exit-address-family
!
address-family ipv4 vrf vpnb
redistribute ospf 20 vrf vpnb
no synchronization
exit-address-family
!
tag-switching tdp router-id Loopback0
!
end

PE2 Router:
ip cef
!
ip vrf vpna
rd 3:10
route-target export 3:10
route-target import 3:10
!
mpls label protocol ldp
!
interface Loopback0
ip address 192.168.3.2 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding vpna
ip address 150.1.31.5 255.255.255.252
!
interface Serial2/0
ip address 192.168.3.21 255.255.255.252
tag-switching ip
!
interface Serial2/1
ip address 192.168.3.18 255.255.255.252
tag-switching ip
!
router ospf 10 vrf vpna
redistribute bgp 3 subnets
network 150.1.0.0 0.0.255.255 area 0
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
network 192.168.3.2 mask 255.255.255.255
neighbor 192.168.3.1 remote-as 3
neighbor 192.168.3.1 update-source
Loopback0
neighbor 192.168.3.1 route-reflector-client
neighbor 192.168.3.3 remote-as 3
neighbor 192.168.3.3 update-source
Loopback0
neighbor 192.168.3.3 route-reflector-client
no auto-summary
!
address-family vpnv4
neighbor 192.168.3.1 activate
neighbor 192.168.3.1 send-community
extended
neighbor 192.168.3.1 route-reflector-client
neighbor 192.168.3.3 activate
neighbor 192.168.3.3 send-community
extended
exit-address-family
address-family ipv4 vrf vpna
redistribute ospf 10 vrf vpna
no synchronization
exit-address-family
!
tag-switching tdp router-id Loopback0
!
end

PE4 Router:
ip cef
!
ip vrf vpnc
rd 3:30
route-target export 3:30
route-target import 3:30
!
mpls label protocol ldp
!
interface Loopback0
ip address 192.168.3.4 255.255.255.255
!
interface FastEthernet0/0
ip vrf forwarding vpnc
ip address 150.1.31.17 255.255.255.252
!
interface Serial2/1
ip address 192.168.3.9 255.255.255.252
tag-switching ip
!
router ospf 30 vrf vpnc
redistribute bgp 3 subnets
network 150.1.0.0 0.0.255.255 area 0
!
router ospf 1
network 192.168.3.0 0.0.0.255 area 0
!
router bgp 3
no synchronization
network 192.168.3.4 mask 255.255.255.255
neighbor 192.168.3.3 remote-as 3
neighbor 192.168.3.3 update-source
Loopback0
no auto-summary
!
address-family vpnv4
neighbor 192.168.3.3 activate
neighbor 192.168.3.3 send-community
extended
exit-address-family
!
address-family ipv4 vrf vpnc
redistribute ospf 30 vrf vpnc
no synchronization
exit-address-family
!
tag-switching tdp router-id Loopback0
!
end