Está en la página 1de 279

MPLS Handbook

Mohammad Khalil CCIE #35484 (RS,SP)

This handbook aims to give hands-on practice on several MPLS VPN technologies
and implementaions

1/12/2015
Table of Contents

MPLS L3VPN Static CE-PE ................................................................................ 2


MPLS L3VPN RIPv2 CE-PE ............................................................................. 13
MPLS L3VPN OSPF CE-PE .............................................................................. 25
MPLS L3VPN ISIS CE-PE ............................................................................... 35
MPLS L3VPN BGP CE-PE ................................................................................ 46
MPLS Tunneling ........................................................................................... 55
MPLS L3VPN OSPF Sham-link ........................................................................ 67
OSPF Domain-ID .......................................................................................... 78
VRF Lite ...................................................................................................... 92
VRF Export-maps ......................................................................................... 96
MPLS AToM Eth to Eth ................................................................................ 105
MPLS AToM PPP to PPP................................................................................ 112
MPLS Inter-AS Xconnect ............................................................................. 118
MPLS L3VPN Inter-AS Option A .................................................................... 126
MPLS L3VPN Inter-AS Option B .................................................................... 138
Carrier supporting Carrier (CSC) .................................................................. 150
MPLS TE with OSPF .................................................................................... 168
MPLS 6PE .................................................................................................. 182
MPLS 6VPE ................................................................................................ 189
MPLS Internet Access ................................................................................. 195
MPLS QoS ................................................................................................. 205
MPLS EIGRP Backdoor Link.......................................................................... 229
MPLS BGP Soo ........................................................................................... 236
Full scale Lab............................................................................................. 244

1
MPLS L3VPN Static CE-PE
Network Diagram

Lo0
1.1.1.1/32

OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .1
2 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24

192.1.35.0/24
F2/0 F2/0

Static Static

F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
vrf definition MSSK
rd 100:1

2
address-family ipv4
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

3
int s1/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
ip route vrf MSSK 4.4.4.4 255.255.255.255 192.1.24.4

R4
ip route 0.0.0.0 0.0.0.0 192.1.24.2

R3
ip route vrf MSSK 5.5.5.5 255.255.255.255 192.1.35.5

R5
ip route 0.0.0.0 0.0.0.0 192.1.35.3

VPN Configuration

4
R2
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.24.0 mask 255.255.255.0
redistribute static

R3
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.35.0 mask 255.255.255.0
redistribute static

Verifications

R1#show mpls ldp neighbor


Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3 3.3.3.3

R1#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes
Serial1/1 Yes (ldp) No No No Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1

5
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R2#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R3#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R2#sh ip route vrf MSSK static

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


S 4.4.4.4 [1/0] via 192.1.24.4

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/12/40 ms

R3#sh ip route vrf MSSK static

6
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


S 5.5.5.5 [1/0] via 192.1.35.5

R3#ping vrf MSSK 5.5.5.5


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/21/68 ms

R2#sh bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
3.3.3.3 4 100 56 58 7 0 0 00:47:35 2

R2#sh bgp vpnv4 unicast all


BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

7
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 0 32768 ?
*>i 5.5.5.5/32 3.3.3.3 0 100 0?
*> 192.1.24.0 0.0.0.0 0 32768 i
*>i 192.1.35.0 3.3.3.3 0 100 0i

R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes


BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 0 32768 ?
*> 192.1.24.0 0.0.0.0 0 32768 i

Total number of prefixes 2

R3#sh bgp vpnv4 unicast all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 100 58 56 7 0 0 00:47:48 2

R3#sh bgp vpnv4 unicast all


BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete

8
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32 2.2.2.2 0 100 0?
*> 5.5.5.5/32 192.1.35.5 0 32768 ?
*>i 192.1.24.0 2.2.2.2 0 100 0i
*> 192.1.35.0 0.0.0.0 0 32768 i

R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes


BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 5.5.5.5/32 192.1.35.5 0 32768 ?
*> 192.1.35.0 0.0.0.0 0 32768 i

Total number of prefixes 2

R4#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is 192.1.24.2 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 192.1.24.2


4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
192.1.24.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.1.24.0/24 is directly connected, FastEthernet1/0
L 192.1.24.4/32 is directly connected, FastEthernet1/0

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.

9
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/32 ms

R5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is 192.1.35.3 to network 0.0.0.0

S* 0.0.0.0/0 [1/0] via 192.1.35.3


5.0.0.0/32 is subnetted, 1 subnets
C 5.5.5.5 is directly connected, Loopback0
192.1.35.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.1.35.0/24 is directly connected, FastEthernet1/0
L 192.1.35.5/32 is directly connected, FastEthernet1/0

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/32 ms

R2#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 1.1.1.1/32 0 Se1/0 point2point
17 17 3.3.3.3/32 0 Se1/0 point2point
18 Pop Label 192.1.12.1/32 0 Se1/0 point2point
19 Pop Label 192.1.13.0/24 0 Se1/0 point2point
20 No Label 192.1.24.0/24[V] 0 aggregate/MSSK
21 No Label 4.4.4.4/32[V] 1140 Fa2/0 192.1.24.4

R1#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 2.2.2.2/32 7810 Se1/0 point2point

10
17 Pop Label 3.3.3.3/32 7789 Se1/1 point2point
18 Pop Label 192.1.12.2/32 0 Se1/0 point2point
19 Pop Label 192.1.13.3/32 0 Se1/1 point2point

R3#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 1.1.1.1/32 0 Se1/0 point2point
17 16 2.2.2.2/32 0 Se1/0 point2point
18 Pop Label 192.1.12.0/24 0 Se1/0 point2point
19 Pop Label 192.1.13.1/32 0 Se1/0 point2point
20 No Label 192.1.35.0/24[V] 0 aggregate/MSSK
21 No Label 5.5.5.5/32[V] 1140 Fa2/0 192.1.35.5

R1#debug mpls packet


Packet debugging is on

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms

R1#
*Sep 5 14:29:13.699: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.703: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.715: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.715: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.731: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.735: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.747: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.747: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.755: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.755: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1

11
*Sep 5 14:29:13.767: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.767: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.779: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.779: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.787: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
R1#
*Sep 5 14:29:13.787: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.799: MPLS les: Se1/0: rx: Len 112 Stack {17 0 254} {21 0 254}
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.803: MPLS les: Se1/1: tx: Len 108 Stack {21 0 253} - ipv4 data
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.819: MPLS les: Se1/1: rx: Len 112 Stack {16 0 254} {21 0 254}
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.819: MPLS les: Se1/0: tx: Len 108 Stack {21 0 253} - ipv4 data
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
R1#

12
MPLS L3VPN RIPv2 CE-PE
Network Diagram

Lo0
1.1.1.1/32

OSPF 4 R1 19
/2 2.
1. AS 100
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24

192.1.35.0/24
F2/0 F2/0

RIPv2 RIPv2

F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

13
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

14
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.24.2

R4
router rip
no auto-summary
version 2
network 4.4.4.4
network 192.1.24.4

R3
router rip

15
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.35.3

R5
router rip
no auto-summary
version 2
network 5.5.5.5
network 192.1.35.5

VPN Configuration

R2
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip

router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

R3
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip

router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

Verifications

R1#show mpls ldp neighbor


Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646

16
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3 3.3.3.3

R1#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes
Serial1/1 Yes (ldp) No No No Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R2#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R3#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R2#sh ip route vrf MSSK rip

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

17
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


R 4.4.4.4 [120/1] via 192.1.24.4, 00:00:15, FastEthernet2/0

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/20/56 ms

R3#sh ip route vrf MSSK rip

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


R 5.5.5.5 [120/1] via 192.1.35.5, 00:00:21, FastEthernet2/0

R3#ping vrf MSSK 5.5.5.55


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.55, timeout is 2 seconds:
.
Success rate is 0 percent (0/1)
R3#ping vrf MSSK 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/12 ms

18
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 12, main routing table version 12
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 6/2 prefixes, 6/2 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
3.3.3.3 4 100 92 93 12 0 0 01:18:58 2

R2#sh bgp vpnv4 unicast all


BGP table version is 12, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 1 32768 ?
*>i 5.5.5.5/32 3.3.3.3 1 100 0?
*> 192.1.24.0 0.0.0.0 0 32768 i
*>i 192.1.35.0 3.3.3.3 0 100 0i

R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes


BGP table version is 12, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 1 32768 ?
*> 192.1.24.0 0.0.0.0 0 32768 i

19
Total number of prefixes 2

R3#sh bgp vpnv4 unicast all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 12, main routing table version 12
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 6/2 prefixes, 6/2 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 100 94 92 12 0 0 01:19:28 2

R3#sh bgp vpnv4 unicast all


BGP table version is 12, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32 2.2.2.2 1 100 0?
*> 5.5.5.5/32 192.1.35.5 1 32768 ?
*>i 192.1.24.0 2.2.2.2 0 100 0i
*> 192.1.35.0 0.0.0.0 0 32768 i

R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes


BGP table version is 12, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 5.5.5.5/32 192.1.35.5 1 32768 ?
*> 192.1.35.0 0.0.0.0 0 32768 i

20
Total number of prefixes 2

R4#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


R 5.5.5.5 [120/1] via 192.1.24.2, 00:00:21, FastEthernet1/0
R 192.1.35.0/24 [120/1] via 192.1.24.2, 00:00:21, FastEthernet1/0

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/36 ms

R5#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


R 4.4.4.4 [120/1] via 192.1.35.3, 00:00:03, FastEthernet1/0
R 192.1.24.0/24 [120/1] via 192.1.35.3, 00:00:03, FastEthernet1/0

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:

21
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/24 ms

R2#sh ip route vrf MSSK 4.4.4.4

Routing Table: MSSK


Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 1
Redistributing via bgp 100, rip
Advertised by bgp 100
Last update from 192.1.24.4 on FastEthernet2/0, 00:00:13 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 192.1.24.4, 00:00:13 ago, via FastEthernet2/0
Route metric is 1, traffic share count is 1

R3#sh bgp vpnv4 unicast all 4.4.4.4/32


BGP routing table entry for 100:1:4.4.4.4/32, version 11
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 1, localpref 100, valid, internal, best
Extended Community: RT:100:1
mpls labels in/out nolabel/22
rx pathid: 0, tx pathid: 0x0

R5#sh ip route 4.4.4.4


Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 1
Redistributing via rip
Last update from 192.1.35.3 on FastEthernet1/0, 00:00:21 ago
Routing Descriptor Blocks:
* 192.1.35.3, from 192.1.35.3, 00:00:21 ago, via FastEthernet1/0
Route metric is 1, traffic share count is 1

R2
router rip
address-family ipv4 vrf MSSK
no redistribute bgp 100 metric 1
redistribute bgp 100 metric transparent

R3
router rip

22
address-family ipv4 vrf MSSK
no redistribute bgp 100 metric 1
redistribute bgp 100 metric transparent

R2#sh ip route vrf MSSK 4.4.4.4

Routing Table: MSSK


Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 1
Redistributing via bgp 100, rip
Advertised by bgp 100
Last update from 192.1.24.4 on FastEthernet2/0, 00:00:11 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 192.1.24.4, 00:00:11 ago, via FastEthernet2/0
Route metric is 1, traffic share count is 1

R3#sh bgp vpnv4 unicast all 4.4.4.4/32


BGP routing table entry for 100:1:4.4.4.4/32, version 11
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 1, localpref 100, valid, internal, best
Extended Community: RT:100:1
mpls labels in/out nolabel/22
rx pathid: 0, tx pathid: 0x0

R5#sh ip route 4.4.4.4


Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 2
Redistributing via rip
Last update from 192.1.35.3 on FastEthernet1/0, 00:00:06 ago
Routing Descriptor Blocks:
* 192.1.35.3, from 192.1.35.3, 00:00:06 ago, via FastEthernet1/0
Route metric is 2, traffic share count is 1

R5#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

23
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


R 4.4.4.4 [120/2] via 192.1.35.3, 00:00:23, FastEthernet1/0
R 192.1.24.0/24 [120/1] via 192.1.35.3, 00:00:23, FastEthernet1/0

24
MPLS L3VPN OSPF CE-PE
Network Diagram

Lo0
1.1.1.1/32

OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .1
2 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24

192.1.35.0/24
F2/0 F2/0
OSPF OSPF
A0 A0
F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1

25
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

26
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
router ospf 100 vrf MSSK
network 192.1.24.2 0.0.0.0 area 0

R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0

R3
router ospf 100 vrf MSSK
network 192.1.35.3 0.0.0.0 area 0

R5
router ospf 100

27
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0

VPN Configuration

R2
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK

R3
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK

Verifications

R1#show mpls ldp neighbor


Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3 3.3.3.3

R1#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes
Serial1/1 Yes (ldp) No No No Yes

28
R2#show mpls ldp neighbor
Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R2#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R3#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R2#sh ip route vrf MSSK ospf

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


O 4.4.4.4 [110/2] via 192.1.24.4, 00:01:36, FastEthernet2/0

29
R2#ping vrf MSSK 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/10/24 ms

R3#sh ip route vrf MSSK ospf

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


O 5.5.5.5 [110/2] via 192.1.35.5, 00:01:44, FastEthernet2/0

R3#ping vrf MSSK 5.5.5.5


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/11/24 ms

R2#sh bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 22, main routing table version 22
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
3 BGP extended community entries using 104 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1624 total bytes of memory
BGP activity 10/6 prefixes, 10/6 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
3.3.3.3 4 100 4831 4833 22 0 0 3d01h 2

30
R2#sh bgp vpnv4 unicast all
BGP table version is 22, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 2 32768 ?
*>i 5.5.5.5/32 3.3.3.3 2 100 0?
*> 192.1.24.0 0.0.0.0 0 32768 i
*>i 192.1.35.0 3.3.3.3 0 100 0i

R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes


BGP table version is 22, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 2 32768 ?
*> 192.1.24.0 0.0.0.0 0 32768 i

Total number of prefixes 2

R3#sh bgp vpnv4 unicast all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 22, main routing table version 22
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
3 BGP extended community entries using 104 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1624 total bytes of memory
BGP activity 10/6 prefixes, 10/6 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 100 4833 4832 22 0 0 3d01h 2

31
R3#sh bgp vpnv4 unicast all
BGP table version is 22, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32 2.2.2.2 2 100 0?
*> 5.5.5.5/32 192.1.35.5 2 32768 ?
*>i 192.1.24.0 2.2.2.2 0 100 0i
*> 192.1.35.0 0.0.0.0 0 32768 i

R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes


BGP table version is 22, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 5.5.5.5/32 192.1.35.5 2 32768 ?
*> 192.1.35.0 0.0.0.0 0 32768 i

Total number of prefixes 2

R4#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.24.2 1 FULL/BDR 00:00:37 192.1.24.2 FastEthernet1/0

R4#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

32
Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


O IA 5.5.5.5 [110/3] via 192.1.24.2, 00:02:27, FastEthernet1/0
O E2 192.1.35.0/24 [110/1] via 192.1.24.2, 00:02:57, FastEthernet1/0

R4#ping 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/39/44 ms

R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.35.3 1 FULL/BDR 00:00:39 192.1.35.3 FastEthernet1/0
R5#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


O IA 4.4.4.4 [110/3] via 192.1.35.3, 00:03:00, FastEthernet1/0
O E2 192.1.24.0/24 [110/1] via 192.1.35.3, 00:03:01, FastEthernet1/0

R5#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/40 ms

R2#sh ip route vrf MSSK 4.4.4.4

Routing Table: MSSK


Routing entry for 4.4.4.4/32
Known via "ospf 100", distance 110, metric 2, type intra area
Redistributing via bgp 100

33
Advertised by bgp 100
Last update from 192.1.24.4 on FastEthernet2/0, 00:09:05 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 4.4.4.4, 00:09:05 ago, via FastEthernet2/0
Route metric is 2, traffic share count is 1

R3#sh bgp vpnv4 unicast all 4.4.4.4/32


BGP routing table entry for 100:1:4.4.4.4/32, version 21
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 2, localpref 100, valid, internal, best
Extended Community: RT:100:1 OSPF DOMAIN ID:0x0005:0x000000640200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.24.2:0
mpls labels in/out nolabel/22
rx pathid: 0, tx pathid: 0x0

34
MPLS L3VPN ISIS CE-PE
Network Diagram

Lo0
1.1.1.1/32

OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24

192.1.35.0/24
F2/0 F2/0
ISIS ISIS
L2 L2
F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

35
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

36
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
router isis 1
vrf MSSK
net 49.0001.0000.0000.0002.00
is-type level-2-only

int f2/0
ip router isis 1

R4
router isis 1
net 49.0001.0000.0000.0004.00
passive-interface lo0
is-type level-2-only

int f1/0
ip router isis 1

37
R3
router isis 1
vrf MSSK
net 49.0001.0000.0000.0003.00
is-type level-2-only

int f2/0
ip router isis 1

R5
router isis 1
net 49.0001.0000.0000.0005.00
passive-interface lo0
is-type level-2-only

int f1/0
ip router isis 1

VPN Configuration

R2
router isis 1
vrf MSSK
redistribute bgp 100 ip level-2

router bgp 100


address-family ipv4 vrf MSSK
redistribute isis 1 ip level-2

R3
router isis 1
vrf MSSK
redistribute bgp 100 ip level-2

router bgp 100


address-family ipv4 vrf MSSK
redistribute isis 1 ip level-2

Verifications

R1#show mpls ldp neighbor


Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream

38
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3 3.3.3.3

R1#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes
Serial1/1 Yes (ldp) No No No Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R2#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R3#show mpls interfaces


Interface IP Tunnel BGP Static Operational

39
Serial1/0 Yes (ldp) No No No Yes

R2#sh ip route vrf MSSK isis

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


i L2 4.4.4.4 [115/10] via 192.1.24.4, 00:03:25, FastEthernet2/0
R2#ping vrf MSSK 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/11/32 ms

R3#sh ip route vrf MSSK isis

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


i L2 5.5.5.5 [115/10] via 192.1.35.5, 00:02:23, FastEthernet2/0
R3#ping vrf MSSK 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/14/44 ms

40
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 27, main routing table version 27
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 12/8 prefixes, 12/8 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
3.3.3.3 4 100 4941 4943 27 0 0 3d02h 2

R2#sh bgp vpnv4 unicast all


BGP table version is 27, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 10 32768 ?
*>i 5.5.5.5/32 3.3.3.3 10 100 0?
*> 192.1.24.0 0.0.0.0 0 32768 i
*>i 192.1.35.0 3.3.3.3 0 100 0i

R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes


BGP table version is 27, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 10 32768 ?
*> 192.1.24.0 0.0.0.0 0 32768 i

41
Total number of prefixes 2

R3#sh bgp vpnv4 unicast all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 27, main routing table version 27
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 12/8 prefixes, 12/8 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 100 4943 4941 27 0 0 3d02h 2

R3#sh bgp vpnv4 unicast all


BGP table version is 27, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32 2.2.2.2 10 100 0?
*> 5.5.5.5/32 192.1.35.5 10 32768 ?
*>i 192.1.24.0 2.2.2.2 0 100 0i
*> 192.1.35.0 0.0.0.0 0 32768 i

R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes


BGP table version is 27, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 5.5.5.5/32 192.1.35.5 10 32768 ?
*> 192.1.35.0 0.0.0.0 0 32768 i

42
Total number of prefixes 2

R4#sh isis neighbors

Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R2 L2 Fa1/0 192.1.24.2 UP 28 R4.01

R4#show clns neighbors


Tag 1:
System Id Interface SNPA State Holdtime Type Protocol
R2 Fa1/0 ca01.7a82.0038 Up 25 L2 IS-IS
R4#show ip route isis
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


i L2 5.5.5.5 [115/10] via 192.1.24.2, 00:43:29, FastEthernet1/0
i L2 192.1.35.0/24 [115/10] via 192.1.24.2, 00:44:36, FastEthernet1/0

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/33/72 ms

R5#sh isis neighbors

Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L2 Fa1/0 192.1.35.3 UP 26 R5.01

R5#show clns neighbors


Tag 1:
System Id Interface SNPA State Holdtime Type Protocol

43
R3 Fa1/0 ca02.7a92.0038 Up 24 L2 IS-IS

R5#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


i L2 4.4.4.4 [115/10] via 192.1.35.3, 00:02:48, FastEthernet1/0
i L2 192.1.24.0/24 [115/10] via 192.1.35.3, 00:44:14, FastEthernet1/0

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/36/56 ms

R2#sh ip route vrf MSSK 4.4.4.4

Routing Table: MSSK


Routing entry for 4.4.4.4/32
Known via "isis", distance 115, metric 10, type level-2
Redistributing via bgp 100, isis 1
Advertised by bgp 100 level-2
Last update from 192.1.24.4 on FastEthernet2/0, 00:47:28 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 4.4.4.4, 00:47:28 ago, via FastEthernet2/0
Route metric is 10, traffic share count is 1

R3#sh bgp vpnv4 unicast all 4.4.4.4/32


BGP routing table entry for 100:1:4.4.4.4/32, version 27
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 10, localpref 100, valid, internal, best

44
Extended Community: RT:100:1
mpls labels in/out nolabel/21
rx pathid: 0, tx pathid: 0x0

45
MPLS L3VPN BGP CE-PE
Network Diagram

Lo0
1.1.1.1/32

OSPF 24
R1 19
2. AS 100
0/ 1.1
Area 0 .12. S1/0 S1/1 3
1 .0
2. /2
19 4
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24

192.1.35.0/24
F2/0 F2/0

BGP

F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32
AS 1 AS 1

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
vrf definition MSSK
rd 100:1

address-family ipv4

46
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0

47
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.24.4 remote-as 1
neighbor 192.1.24.4 activate
network 192.1.24.0 mask 255.255.255.0

R4
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.24.2 remote-as 100
address-family ipv4
neighbor 192.1.24.2 activate
network 4.4.4.4 mask 255.255.255.255

48
R3
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.35.5 remote-as 1
neighbor 192.1.35.5 activate
network 192.1.35.0 mask 255.255.255.0

R5
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.35.3 remote-as 100
address-family ipv4
neighbor 192.1.35.3 activate
network 5.5.5.5 mask 255.255.255.255

Verifications

R2#sh ip route vrf MSSK bgp

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


B 4.4.4.4 [20/0] via 192.1.24.4, 00:05:47
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [200/0] via 3.3.3.3, 00:03:32
B 192.1.35.0/24 [200/0] via 3.3.3.3, 00:00:33

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/24 ms

R2#ping vrf MSSK 5.5.5.5

49
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/21/32 ms

R3#sh ip route vrf MSSK bgp

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


B 4.4.4.4 [200/0] via 2.2.2.2, 00:06:27
5.0.0.0/32 is subnetted, 1 subnets
B 5.5.5.5 [20/0] via 192.1.35.5, 00:04:13
B 192.1.24.0/24 [200/0] via 2.2.2.2, 00:01:47

R3#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/28 ms

R3#ping vrf MSSK 5.5.5.5


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/16 ms

R4#sh ip bgp
BGP table version is 4, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

50
Network Next Hop Metric LocPrf Weight Path
*> 4.4.4.4/32 0.0.0.0 0 32768 i
r> 192.1.24.0 192.1.24.2 0 0 100 i
*> 192.1.35.0 192.1.24.2 0 100 i

R5#sh ip bgp
BGP table version is 4, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 5.5.5.5/32 0.0.0.0 0 32768 i
*> 192.1.24.0 192.1.35.3 0 100 i
r> 192.1.35.0 192.1.35.3 0 0 100 i

As we can see from last two outputs above, neither R4 or R5 learned each other
loopback networks, let us check if they are advertised from the PE side toward each
of them

R2#sh bgp vpnv4 unicast vrf MSSK neighbors 192.1.24.4 advertised-routes


BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 5.5.5.5/32 3.3.3.3 0 100 01i
*> 192.1.24.0 0.0.0.0 0 32768 i
*>i 192.1.35.0 3.3.3.3 0 100 0i

Total number of prefixes 3

R3#sh bgp vpnv4 unicast vrf MSSK neighbors 192.1.35.5 advertised-routes


BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

51
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32 2.2.2.2 0 100 01i
*>i 192.1.24.0 2.2.2.2 0 100 0i
*> 192.1.35.0 0.0.0.0 0 32768 i

Total number of prefixes 3

As seen, the PE routers learn those routes for both CEs and advertise toward them
as well, so what is the issue?
Let us turn debug on R4 for coming BGP updates and see what the output can tells
us

R4
debug ip bgp updates
clear ip bgp * in

*Sep 13 03:10:27.647: BGP(0): 192.1.24.2 rcv UPDATE about 5.5.5.5/32 --


DENIED due to: AS-PATH contains our own AS;

So the issue is clear now, BGP speaker will not accept an update that contains its
own AS number, so what could we do? We can use the as-override feature from the
PE side toward each CE

R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.24.4 as-override

clear ip bgp * out

R3
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.35.5 as-override

clear ip bgp * out

R4#
*Sep 13 03:13:11.819: BGP(0): 192.1.24.2 rcvd UPDATE w/ attr: nexthop
192.1.24.2, origin i, merged path 100, AS_PATH

R4#sh ip bgp
BGP table version is 5, local router ID is 4.4.4.4

52
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 4.4.4.4/32 0.0.0.0 0 32768 i
*> 5.5.5.5/32 192.1.24.2 0 100 100 i
r> 192.1.24.0 192.1.24.2 0 0 100 i
*> 192.1.35.0 192.1.24.2 0 100 i

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/34/68 ms

R4#traceroute 5.5.5.5 source lo0 numer


Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.24.2 [AS 100] 16 msec 12 msec 4 msec
2 192.1.12.1 [MPLS: Labels 17/20 Exp 0] 32 msec 16 msec 20 msec
3 192.1.35.3 [AS 100] [MPLS: Label 20 Exp 0] 16 msec 16 msec 20 msec
4 192.1.35.5 [AS 100] 20 msec * 24 msec

R5#sh ip bgp
BGP table version is 5, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 4.4.4.4/32 192.1.35.3 0 100 100 i
*> 5.5.5.5/32 0.0.0.0 0 32768 i
*> 192.1.24.0 192.1.35.3 0 100 i
r> 192.1.35.0 192.1.35.3 0 0 100 i

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:

53
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/28 ms

R5#traceroute 4.4.4.4 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.35.3 [AS 100] 16 msec 8 msec 4 msec
2 192.1.13.1 [MPLS: Labels 16/22 Exp 0] 20 msec 24 msec 20 msec
3 192.1.24.2 [AS 100] [MPLS: Label 22 Exp 0] 16 msec 16 msec 16 msec
4 192.1.24.4 [AS 100] 32 msec * 16 msec

54
MPLS Tunneling
Network Diagram

R1 R8
F0/0 F0/0

F0/0 F0/1

R2 R7
F0/1 F0/0

F0/0 R3 R6 F0/1

F0/1 F0/0

F0/0 F0/1

R4 R5
F0/1 F0/0

MPLS Backbone
ISIS Area 49.0001

Configurations

IGP Configuration

R2
router isis 1
net 49.0000.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet0/1

55
ip router isis 1

R3
router isis 1
net 49.0000.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet0/0
ip router isis 1

interface FastEthernet0/1
ip router isis 1

R4
router isis 1
net 49.0000.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet0/0
ip router isis 1

interface FastEthernet0/1
ip router isis 1

R5
router isis 1
net 49.0000.0000.0000.0005.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet0/0
ip router isis 1

interface FastEthernet0/1
ip router isis 1

56
R6
router isis 1
net 49.0000.0000.0000.0006.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet0/0
ip router isis 1

interface FastEthernet0/1
ip router isis 1

R7
router isis 1
net 49.0000.0000.0000.0007.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet0/0
ip router isis 1

MPLS LDP Configuration

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet0/1
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet0/0
mpls ip

interface FastEthernet0/1
mpls ip

57
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet0/0
mpls ip

interface FastEthernet0/1
mpls ip

R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet0/0
mpls ip

interface FastEthernet0/1
mpls ip

R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet0/0
mpls ip

interface FastEthernet0/1
mpls ip

R7
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet0/0
mpls ip

58
BGP Configuration

R1
router bgp 1
no bgp default ipv4-unicast
neighbor 192.168.12.2 remote-as 100
address-family ipv4
neighbor 192.168.12.2 activate
network 1.1.1.1 mask 255.255.255.255

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 192.168.12.1 remote-as 1
neighbor 7.7.7.7 remote-as 100
neighbor 7.7.7.7 update-source lo0
address-family ipv4
neighbor 192.168.12.1 activate
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 next-hop-self

R8
router bgp 20
no bgp default ipv4-unicast
neighbor 192.168.78.7 remote-as 100
R8address-family ipv4
neighbor 192.168.78.7 activate
network 8.8.8.8 mask 255.255.255.255

R7
router bgp 100
no bgp default ipv4-unicast
neighbor 192.168.78.8 remote-as 20
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family ipv4
neighbor 192.168.78.8 activate
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 next-hop-self

59
Verification

R1#sh ip bgp summary


BGP router identifier 1.1.1.1, local AS number 1
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 772 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


192.168.12.2 4 100 7 6 3 0 0 00:02:51 1

R1#sh ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


*> 1.1.1.1/32 0.0.0.0 0 32768 i
*> 8.8.8.8/32 192.168.12.2 0 100 20 i

R1#ping 8.8.8.8 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms

R8#sh ip bgp summary


BGP router identifier 8.8.8.8, local AS number 20

60
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 772 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


192.168.78.7 4 100 5 5 3 0 0 00:01:51 1

R8#sh ip bgp
BGP table version is 3, local router ID is 8.8.8.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


*> 1.1.1.1/32 192.168.78.7 0 100 1 i
*> 8.8.8.8/32 0.0.0.0 0 32768 i

R8#ping 1.1.1.1 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms

R2#sh ip bgp summary


BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory

61
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 828 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


7.7.7.7 4 100 6 6 3 0 0 00:02:42 1
192.168.12.1 4 1 8 9 3 0 0 00:04:02 1

R2#sh ip bgp
BGP table version is 3, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


*> 1.1.1.1/32 192.168.12.1 0 01i
*>i8.8.8.8/32 7.7.7.7 0 100 0 20 i

R7#sh ip bgp summary


BGP router identifier 7.7.7.7, local AS number 100
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 828 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


2.2.2.2 4 100 6 6 3 0 0 00:02:55 1
192.168.78.8 4 20 6 6 3 0 0 00:02:50 1

R7#sh ip bgp
BGP table version is 3, local router ID is 7.7.7.7

62
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


*>i1.1.1.1/32 2.2.2.2 0 100 01i
*> 8.8.8.8/32 192.168.78.8 0 0 20 i

Now, if we wanted to trace the packet as it traverses through the backbone and
check label assignments, we will enable debug mpls packets on the MPLS routers
(R3 through R6) and initiate an ICMP packet from R8 towards R1

R3 R6
debug mpls packets

R2#show mpls forwarding-table


Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 3.3.3.3/32 0 Fa0/1 192.168.23.3
17 Pop tag 192.168.34.0/24 0 Fa0/1 192.168.23.3
18 17 4.4.4.4/32 0 Fa0/1 192.168.23.3
19 18 192.168.45.0/24 0 Fa0/1 192.168.23.3
20 19 5.5.5.5/32 0 Fa0/1 192.168.23.3
21 20 192.168.56.0/24 0 Fa0/1 192.168.23.3
22 21 6.6.6.6/32 0 Fa0/1 192.168.23.3
23 23 7.7.7.7/32 0 Fa0/1 192.168.23.3
24 22 192.168.67.0/24 0 Fa0/1 192.168.23.3

R3#show mpls forwarding-table


Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 2.2.2.2/32 104567 Fa0/0 192.168.23.2
17 Pop tag 4.4.4.4/32 0 Fa0/1 192.168.34.4
18 Pop tag 192.168.45.0/24 0 Fa0/1 192.168.34.4
19 18 5.5.5.5/32 0 Fa0/1 192.168.34.4
20 20 192.168.56.0/24 0 Fa0/1 192.168.34.4
21 21 6.6.6.6/32 0 Fa0/1 192.168.34.4
22 22 192.168.67.0/24 0 Fa0/1 192.168.34.4
23 23 7.7.7.7/32 65271 Fa0/1 192.168.34.4

63
R4#show mpls forwarding-table
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 3.3.3.3/32 0 Fa0/0 192.168.34.3
17 Pop tag 192.168.23.0/24 0 Fa0/0 192.168.34.3
18 Pop tag 5.5.5.5/32 0 Fa0/1 192.168.45.5
19 16 2.2.2.2/32 111037 Fa0/0 192.168.34.3
20 Pop tag 192.168.56.0/24 0 Fa0/1 192.168.45.5
21 18 6.6.6.6/32 0 Fa0/1 192.168.45.5
22 21 192.168.67.0/24 0 Fa0/1 192.168.45.5
23 23 7.7.7.7/32 65271 Fa0/1 192.168.45.5

R5#show mpls forwarding-table


Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 4.4.4.4/32 0 Fa0/0 192.168.45.4
17 Pop tag 192.168.34.0/24 0 Fa0/0 192.168.45.4
18 Pop tag 6.6.6.6/32 0 Fa0/1 192.168.56.6
19 16 3.3.3.3/32 0 Fa0/0 192.168.45.4
20 19 2.2.2.2/32 111037 Fa0/0 192.168.45.4
21 Pop tag 192.168.67.0/24 0 Fa0/1 192.168.56.6
22 17 192.168.23.0/24 0 Fa0/0 192.168.45.4
23 18 7.7.7.7/32 65271 Fa0/1 192.168.56.6

R6#show mpls forwarding-table


Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 5.5.5.5/32 0 Fa0/0 192.168.56.5
17 Pop tag 192.168.45.0/24 0 Fa0/0 192.168.56.5
18 Pop tag 7.7.7.7/32 61950 Fa0/1 192.168.67.7
19 16 4.4.4.4/32 0 Fa0/0 192.168.56.5
20 19 3.3.3.3/32 0 Fa0/0 192.168.56.5
21 20 2.2.2.2/32 111174 Fa0/0 192.168.56.5
22 17 192.168.34.0/24 0 Fa0/0 192.168.56.5
23 22 192.168.23.0/24 0 Fa0/0 192.168.56.5

R7#show mpls forwarding-table


Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface

64
16 Pop tag 6.6.6.6/32 0 Fa0/0 192.168.67.6
17 Pop tag 192.168.56.0/24 0 Fa0/0 192.168.67.6
18 16 5.5.5.5/32 0 Fa0/0 192.168.67.6
19 19 4.4.4.4/32 0 Fa0/0 192.168.67.6
20 20 3.3.3.3/32 0 Fa0/0 192.168.67.6
21 21 2.2.2.2/32 0 Fa0/0 192.168.67.6
22 17 192.168.45.0/24 0 Fa0/0 192.168.67.6
23 22 192.168.34.0/24 0 Fa0/0 192.168.67.6
24 23 192.168.23.0/24 0 Fa0/0 192.168.67.6

R6#
*Mar 1 13:38:13.812: MPLS: Fa0/1: recvd: CoS=0, TTL=254, Label(s)=21
*Mar 1 13:38:13.812: MPLS: Fa0/0: xmit: CoS=0, TTL=253, Label(s)=20

R5#
*Mar 1 13:38:03.440: MPLS: Fa0/1: recvd: CoS=0, TTL=253, Label(s)=20
*Mar 1 13:38:03.440: MPLS: Fa0/0: xmit: CoS=0, TTL=252, Label(s)=19
R4#
*Mar 1 13:38:01.684: MPLS: Fa0/1: recvd: CoS=0, TTL=252, Label(s)=19
*Mar 1 13:38:01.684: MPLS: Fa0/0: xmit: CoS=0, TTL=251, Label(s)=16

R3#
*Mar 1 13:38:14.572: MPLS: Fa0/1: recvd: CoS=0, TTL=251, Label(s)=16
*Mar 1 13:38:14.572: MPLS: Fa0/0: xmit: (no label)

Note: we can see the no label keyword which is due to PHP

As can be seen from the debug outputs above that the precedence value is 0 which
is copied from the packet header to the MPLS header (CoS)

R1
access-list 100 permit ip any any precedence critical
access-list 100 permit ip any any precedence flash
access-list 100 permit ip any any precedence flash-override
access-list 100 permit ip any any precedence immediate
access-list 100 permit ip any any precedence internet
access-list 100 permit ip any any precedence network
access-list 100 permit ip any any precedence priority
access-list 100 permit ip any any precedence routine

65
int f0/0
ip access-group 100 in

R8#ping 1.1.1.1 source lo0

R1# sh access-lists
Extended IP access list 100
10 permit ip any any precedence critical
20 permit ip any any precedence flash
30 permit ip any any precedence flash-override
40 permit ip any any precedence immediate
50 permit ip any any precedence internet
60 permit ip any any precedence network
70 permit ip any any precedence priority
80 permit ip any any precedence routine (5 matches)

66
MPLS L3VPN OSPF Sham-link
Network Diagram

Lo0
1.1.1.1/32

OSPF 4 R1 19
AS 100
/2 2.
1.
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24

192.1.35.0/24
F2/0 F2/0
OSPF OSPF
A0 A0
F1/0 F1/0

Lo0
Lo0 R4 OSPF A0 R5
5.5.5.5/32
4.4.4.4/32 192.1.45.0/24

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

67
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

68
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
router ospf 100 vrf MSSK
network 192.1.24.2 0.0.0.0 area 0

R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0

R3
router ospf 100 vrf MSSK
network 192.1.35.3 0.0.0.0 area 0

R5
router ospf 100

69
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0

CE-CE Link Configuration

R4
router ospf 100
network 192.1.45.4 0.0.0.0 area 0

R5
router ospf 100
network 192.1.45.5 0.0.0.0 area 0

VPN Configuration

R2
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK

R3
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK

Verifications

R2#sh ip route vrf MSSK ospf

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

70
4.0.0.0/32 is subnetted, 1 subnets
O 4.4.4.4 [110/2] via 192.1.24.4, 00:00:25, FastEthernet2/0
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/3] via 192.1.24.4, 00:00:25, FastEthernet2/0
O 192.1.35.0/24 [110/3] via 192.1.24.4, 00:00:15, FastEthernet2/0
O 192.1.45.0/24 [110/2] via 192.1.24.4, 00:00:25, FastEthernet2/0

As can be seen from the output below, R2 should learn R5 loopback via iBGP not via
OSPF as we are configuring MPLS L3VPN
R5 loopback was learned via OSPF and has an AD value of 110 and cost of 3 (which
roughly means it crossed three FastEthernet links)

R3#sh ip route vrf MSSK ospf

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


O 4.4.4.4 [110/3] via 192.1.35.5, 00:02:43, FastEthernet2/0
5.0.0.0/32 is subnetted, 1 subnets
O 5.5.5.5 [110/2] via 192.1.35.5, 00:02:43, FastEthernet2/0
O 192.1.24.0/24 [110/3] via 192.1.35.5, 00:02:43, FastEthernet2/0
O 192.1.45.0/24 [110/2] via 192.1.35.5, 00:02:43, FastEthernet2/0

R2#show bgp vpnv4 unicast all


BGP table version is 46, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
* i 4.4.4.4/32 3.3.3.3 3 100 0?

71
*> 192.1.24.4 2 32768 ?
* i 5.5.5.5/32 3.3.3.3 2 100 0?
*> 192.1.24.4 3 32768 ?
* i 192.1.24.0 3.3.3.3 3 100 0?
*> 0.0.0.0 0 32768 ?
*> 192.1.35.0 192.1.24.4 3 32768 ?
*i 3.3.3.3 0 100 0?
* i 192.1.45.0 3.3.3.3 2 100 0?
*> 192.1.24.4 2 32768 ?

R3#show bgp vpnv4 unicast all


BGP table version is 65, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.35.5 3 32768 ?
*i 2.2.2.2 2 100 0?
*> 5.5.5.5/32 192.1.35.5 2 32768 ?
*i 2.2.2.2 3 100 0?
*> 192.1.24.0 192.1.35.5 3 32768 ?
*i 2.2.2.2 0 100 0?
* i 192.1.35.0 2.2.2.2 3 100 0?
*> 0.0.0.0 0 32768 ?
*> 192.1.45.0 192.1.35.5 2 32768 ?
*i 2.2.2.2 2 100 0?

Let us check from the CEs side

R4#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


5.5.5.5 1 FULL/BDR 00:00:39 192.1.45.5 FastEthernet1/1
192.1.24.2 1 FULL/DR 00:00:35 192.1.24.2 FastEthernet1/0

R4#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

72
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


O 5.5.5.5 [110/2] via 192.1.45.5, 00:04:48, FastEthernet1/1
O 192.1.35.0/24 [110/2] via 192.1.45.5, 00:04:38, FastEthernet1/1

R4#traceroute 5.5.5.5 numeric


Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.45.5 12 msec * 0 msec

R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


4.4.4.4 1 FULL/DR 00:00:37 192.1.45.4 FastEthernet1/1
192.1.35.3 1 FULL/DR 00:00:34 192.1.35.3 FastEthernet1/0

R5#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


O 4.4.4.4 [110/2] via 192.1.45.4, 00:05:11, FastEthernet1/1
O 192.1.24.0/24 [110/2] via 192.1.45.4, 00:05:11, FastEthernet1/1

R5#traceroute 4.4.4.4 numeric


Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.45.4 16 msec * 0 msec

73
As we can see, the traffic between the CEs is crossing the backdoor link and not the
primary one, which is supposed to be the MPLS L3VPN connection
So, we should configure what so called OSPF sham link, which is a virtual link
configured between the PEs inside the OSPF that resides between the PE and CE
Sham link is established with source and destination which should be attached to
the specific VRF of concern; as well it should be advertised in iBGP under the VRF
address-family
Not to forget that the cost of the backdoor link reverts to default (which is 1), so we
will implement the OSPF cost on the interfaces involved in the backdoor on both
CEs

R2
interface Loopback1
vrf forwarding MSSK
ip address 22.22.22.22 255.255.255.255

router ospf 100 vrf MSSK


area 0 sham-link 22.22.22.22 33.33.33.33

router bgp 100


address-family ipv4 vrf MSSK
network 22.22.22.22 mask 255.255.255.255

R4
interface FastEthernet1/1
ip ospf cost 100

R3
interface Loopback1
vrf forwarding MSSK
ip address 33.33.33.33 255.255.255.255

router ospf 100 vrf MSSK


area 0 sham-link 33.33.33.33 22.22.22.22

router bgp 100


address-family ipv4 vrf MSSK
network 33.33.33.33 mask 255.255.255.255

R5
interface FastEthernet1/1
ip ospf cost 100

R2#show bgp vpnv4 unicast all


BGP table version is 67, local router ID is 2.2.2.2

74
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 2 32768 ?
r>i 5.5.5.5/32 3.3.3.3 2 100 0?
*> 22.22.22.22/32 0.0.0.0 0 32768 i
*>i 33.33.33.33/32 3.3.3.3 0 100 0i
*> 192.1.24.0 0.0.0.0 0 32768 ?
r>i 192.1.35.0 3.3.3.3 0 100 0?
* i 192.1.45.0 3.3.3.3 101 100 0?
*> 192.1.24.4 101 32768 ?

R2#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


1.1.1.1 0 FULL/ - 00:00:31 192.1.12.1 Serial1/0
192.1.35.3 0 FULL/ - - 33.33.33.33 OSPF_SL2
4.4.4.4 1 FULL/BDR 00:00:31 192.1.24.4 FastEthernet2/0

R2#sh ip ospf sham-links


Sham Link OSPF_SL2 to address 33.33.33.33 is up
Area 0 source address 22.22.22.22
Run as demand circuit
DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:02
Adjacency State FULL (Hello suppressed)
Index 2/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec

R3#show bgp vpnv4 unicast all


BGP table version is 91, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

75
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
r>i 4.4.4.4/32 2.2.2.2 2 100 0?
*> 5.5.5.5/32 192.1.35.5 2 32768 ?
*>i 22.22.22.22/32 2.2.2.2 0 100 0i
*> 33.33.33.33/32 0.0.0.0 0 32768 i
r>i 192.1.24.0 2.2.2.2 0 100 0?
*> 192.1.35.0 0.0.0.0 0 32768 ?
*> 192.1.45.0 192.1.35.5 101 32768 ?
*i 2.2.2.2 101 100 0?

R3#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


1.1.1.1 0 FULL/ - 00:00:39 192.1.13.1 Serial1/0
192.1.24.2 0 FULL/ - - 22.22.22.22 OSPF_SL2
5.5.5.5 1 FULL/BDR 00:00:35 192.1.35.5 FastEthernet2/0

R3#sh ip ospf sham-links


Sham Link OSPF_SL2 to address 22.22.22.22 is up
Area 0 source address 33.33.33.33
Run as demand circuit
DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:01
Adjacency State FULL (Hello suppressed)
Index 2/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec

R4#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets

76
O 5.5.5.5 [110/4] via 192.1.24.2, 00:01:07, FastEthernet1/0
22.0.0.0/32 is subnetted, 1 subnets
O E2 22.22.22.22 [110/1] via 192.1.24.2, 00:01:22, FastEthernet1/0
33.0.0.0/32 is subnetted, 1 subnets
O E2 33.33.33.33 [110/1] via 192.1.24.2, 00:01:15, FastEthernet1/0
O 192.1.35.0/24 [110/3] via 192.1.24.2, 00:01:07, FastEthernet1/0

R4#traceroute 5.5.5.5 numeric


Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.24.2 4 msec 4 msec 4 msec
2 192.1.12.1 [MPLS: Labels 19/25 Exp 0] 20 msec 16 msec 16 msec
3 192.1.35.3 [MPLS: Label 25 Exp 0] 16 msec 12 msec 12 msec
4 192.1.35.5 20 msec * 16 msec

R5#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


O 4.4.4.4 [110/4] via 192.1.35.3, 00:01:38, FastEthernet1/0
22.0.0.0/32 is subnetted, 1 subnets
O E2 22.22.22.22 [110/1] via 192.1.35.3, 00:01:38, FastEthernet1/0
33.0.0.0/32 is subnetted, 1 subnets
O E2 33.33.33.33 [110/1] via 192.1.35.3, 00:01:43, FastEthernet1/0
O 192.1.24.0/24 [110/3] via 192.1.35.3, 00:01:38, FastEthernet1/0

R5#traceroute 4.4.4.4 numeric


Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.35.3 8 msec 4 msec 4 msec
2 192.1.13.1 [MPLS: Labels 16/27 Exp 0] 16 msec 20 msec 16 msec
3 192.1.24.2 [MPLS: Label 27 Exp 0] 12 msec 12 msec 16 msec
4 192.1.24.4 16 msec * 16

77
OSPF Domain-ID
Network Diagram

MPLS Backbone R5 F0/1


OSPF Area 0 F0/0 F0/0
R2
S0/0

P2 203

FRSW

P3 302

IBGP
F0/0 S0/0
Lo0 3.3.3.3/32
Lo0 1.1.1.1/32 R1 R3
F0/1 F1/0 F0/0 F0/1

F0/0 F0/0 F0/0 F0/0


R4 R7 R6 R8

VRF VRF VRF VRF


RED BLUE RED BLUE

Configurations

VRF Configuration

R1
ip vrf BLUE
rd 150:10
route-target export 150:10
route-target import 150:10

ip vrf RED
rd 300:10

78
route-target export 300:10
route-target import 300:10

interface FastEthernet0/1
ip vrf forwarding RED
ip address 192.1.14.1 255.255.255.0

interface FastEthernet1/0
ip vrf forwarding BLUE
ip address 192.1.17.1 255.255.255.0

R3
ip vrf BLUE
rd 150:10
route-target export 150:10
route-target import 150:10

ip vrf RED
rd 300:10
route-target export 300:10
route-target import 300:10

interface FastEthernet0/0
ip vrf forwarding RED
ip address 192.1.36.3 255.255.255.0

interface FastEthernet0/1
ip vrf forwarding BLUE
ip address 192.1.38.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0

79
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0

R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int f0/0
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s0/0
mpls ip

int f0/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s0/0
mpls ip

R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f0/0
mpls ip

80
int f0/1
mpls ip

MP-BGP Configuration

R1
router bgp 10
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 10
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 10
neighbor 1.1.1.1 remote-as 10
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both

CE-PE routing Configuration

R1
router ospf 300 vrf RED
router-id 192.1.14.1
network 192.1.14.1 0.0.0.0 area 0

router ospf 150 vrf BLUE


router-id 192.1.17.1
network 192.1.17.1 0.0.0.0 area 0

R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0

R3
router ospf 300 vrf RED
router-id 192.1.36.3
network 192.1.36.3 0.0.0.0 area 0

81
router ospf 150 vrf BLUE
router-id 192.1.38.3
network 192.1.38.3 0.0.0.0 area 0

R4
router ospf 300
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.14.4 0.0.0.0 area 0

R6
router ospf 300
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.36.6 0.0.0.0 area 0

R7
router ospf 150
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 192.1.17.7 0.0.0.0 area 0

R8
router ospf 150
router-id 8.8.8.8
network 8.8.8.8 0.0.0.0 area 0
network 192.1.38.8 0.0.0.0 area 0

VPN Configuration

R1
router ospf 300 vrf RED
redistribute bgp 10 subnets

router ospf 150 vrf BLUE


redistribute bgp 10 subnets

router bgp 10
address-family ipv4 vrf RED
redistribute ospf 300 vrf RED

address-family ipv4 vrf BLUE


redistribute ospf 150 vrf BLUE

82
R3
router ospf 300 vrf RED
redistribute bgp 10 subnets

router ospf 150 vrf BLUE


redistribute bgp 10 subnets

router bgp 10
address-family ipv4 vrf RED
redistribute ospf 300 vrf RED

address-family ipv4 vrf BLUE


redistribute ospf 150 vrf BLUE

Verifications

R1#sh ip route vrf RED ospf

Routing Table: RED

4.0.0.0/32 is subnetted, 1 subnets


O 4.4.4.4 [110/2] via 192.1.14.4, 01:58:17, FastEthernet0/1

Routing Table: BLUE

7.0.0.0/32 is subnetted, 1 subnets


O 7.7.7.7 [110/2] via 192.1.17.7, 01:58:24, FastEthernet1/0

R3#sh ip route vrf RED ospf

Routing Table: RED

6.0.0.0/32 is subnetted, 1 subnets


O 6.6.6.6 [110/2] via 192.1.36.6, 01:58:30, FastEthernet0/0
R3#sh ip route vrf BLUE ospf

Routing Table: BLUE

8.0.0.0/32 is subnetted, 1 subnets


O 8.8.8.8 [110/2] via 192.1.38.8, 01:58:34, FastEthernet0/1

R1#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes


BGP table version is 85, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale

83
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 150:10 (default for vrf BLUE)
*> 7.7.7.7/32 192.1.17.7 2 32768 ?
*> 192.1.17.0 0.0.0.0 0 32768 ?
Route Distinguisher: 300:10 (default for vrf RED)
*> 4.4.4.4/32 192.1.14.4 2 32768 ?
*> 192.1.14.0 0.0.0.0 0 32768 ?

Total number of prefixes 4

R3#show bgp vpnv4 unicast all neighbors 1.1.1.1 advertised-routes


BGP table version is 88, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 150:10 (default for vrf BLUE)
*> 8.8.8.8/32 192.1.38.8 2 32768 ?
*> 192.1.38.0 0.0.0.0 0 32768 ?
Route Distinguisher: 300:10 (default for vrf RED)
*> 6.6.6.6/32 192.1.36.6 2 32768 ?
*> 192.1.36.0 0.0.0.0 0 32768 ?

Total number of prefixes 4

R4#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.14.1 1 FULL/BDR 00:00:37 192.1.14.1 FastEthernet0/0

R4#sh ip route ospf


6.0.0.0/32 is subnetted, 1 subnets
O IA 6.6.6.6 [110/3] via 192.1.14.1, 02:59:21, FastEthernet0/0
O IA 192.1.36.0/24 [110/2] via 192.1.14.1, 02:59:21, FastEthernet0/0

R4#sh ip route 6.6.6.6


Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 3, type inter area
Last update from 192.1.14.1 on FastEthernet0/0, 02:59:31 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 02:59:31 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1

84
R4#ping 6.6.6.6 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms

R4#traceroute 6.6.6.6 source lo0 numeric

Type escape sequence to abort.


Tracing the route to 6.6.6.6

1 192.1.14.1 4 msec 4 msec 4 msec


2 192.1.15.5 [MPLS: Labels 18/24 Exp 0] 16 msec 16 msec 16 msec
3 192.1.25.2 [MPLS: Labels 17/24 Exp 0] 16 msec 16 msec 20 msec
4 192.1.36.3 [MPLS: Label 24 Exp 0] 12 msec 12 msec 12 msec
5 192.1.36.6 16 msec * 12 msec

R6#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.36.3 1 FULL/BDR 00:00:35 192.1.36.3 FastEthernet0/0

R6#sh ip route ospf


O IA 192.1.14.0/24 [110/2] via 192.1.36.3, 02:59:07, FastEthernet0/0
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/3] via 192.1.36.3, 02:59:07, FastEthernet0/0

R6#sh ip route 4.4.4.4


Routing entry for 4.4.4.4/32
Known via "ospf 300", distance 110, metric 3, type inter area
Last update from 192.1.36.3 on FastEthernet0/0, 02:59:12 ago
Routing Descriptor Blocks:
* 192.1.36.3, from 192.1.36.3, 02:59:12 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1

R6#ping 4.4.4.4 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 6.6.6.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms

85
R6#traceroute 4.4.4.4 source lo0 numeric

Type escape sequence to abort.


Tracing the route to 4.4.4.4

1 192.1.36.3 4 msec 0 msec 8 msec


2 192.1.23.2 [MPLS: Labels 19/25 Exp 0] 16 msec 16 msec 16 msec
3 192.1.25.5 [MPLS: Labels 20/25 Exp 0] 16 msec 16 msec 16 msec
4 192.1.14.1 [MPLS: Label 25 Exp 0] 16 msec 12 msec 12 msec
5 192.1.14.4 16 msec * 16 msec

R7#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.17.1 1 FULL/BDR 00:00:37 192.1.17.1 FastEthernet0/0

R7#sh ip route ospf


O IA 192.1.38.0/24 [110/2] via 192.1.17.1, 03:00:33, FastEthernet0/0
8.0.0.0/32 is subnetted, 1 subnets
O IA 8.8.8.8 [110/3] via 192.1.17.1, 03:00:33, FastEthernet0/0

R7#sh ip route 8.8.8.8


Routing entry for 8.8.8.8/32
Known via "ospf 150", distance 110, metric 3, type inter area
Last update from 192.1.17.1 on FastEthernet0/0, 03:00:37 ago
Routing Descriptor Blocks:
* 192.1.17.1, from 192.1.17.1, 03:00:37 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1

R7#ping 8.8.8.8 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms

R7#traceroute 8.8.8.8 source lo0 numeric

Type escape sequence to abort.


Tracing the route to 8.8.8.8

1 192.1.17.1 4 msec 4 msec 4 msec


2 192.1.15.5 [MPLS: Labels 18/22 Exp 0] 16 msec 20 msec 16 msec

86
3 192.1.25.2 [MPLS: Labels 17/22 Exp 0] 16 msec 16 msec 16 msec
4 192.1.38.3 [MPLS: Label 22 Exp 0] 12 msec 16 msec 12 msec
5 192.1.38.8 16 msec * 16 msec

R8#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.38.3 1 FULL/BDR 00:00:39 192.1.38.3 FastEthernet0/0

R8#sh ip route ospf


7.0.0.0/32 is subnetted, 1 subnets
O IA 7.7.7.7 [110/3] via 192.1.38.3, 03:00:57, FastEthernet0/0
O IA 192.1.17.0/24 [110/2] via 192.1.38.3, 03:00:57, FastEthernet0/0

R8#sh ip route 7.7.7.7


Routing entry for 7.7.7.7/32
Known via "ospf 150", distance 110, metric 3, type inter area
Last update from 192.1.38.3 on FastEthernet0/0, 03:01:00 ago
Routing Descriptor Blocks:
* 192.1.38.3, from 192.1.38.3, 03:01:00 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1

R8#ping 7.7.7.7 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms

R8#traceroute 7.7.7.7 source lo0 numeric

Type escape sequence to abort.


Tracing the route to 7.7.7.7

1 192.1.38.3 4 msec 4 msec 4 msec


2 192.1.23.2 [MPLS: Labels 19/22 Exp 0] 20 msec 16 msec 16 msec
3 192.1.25.5 [MPLS: Labels 20/22 Exp 0] 16 msec 16 msec 16 msec
4 192.1.17.1 [MPLS: Label 22 Exp 0] 16 msec 12 msec 12 msec
5 192.1.17.7 16 msec * 12 msec

Let us now check the domain ID value for VRF BLUE


R1#sh ip ospf | inc Domain|ospf
Routing Process "ospf 1" with ID 1.1.1.1
Routing Process "ospf 300" with ID 192.1.14.1

87
Domain ID type 0x0005, value 0.0.1.44
Routing Process "ospf 150" with ID 192.1.17.1
Domain ID type 0x0005, value 0.0.0.150

R3#sh ip ospf | inc Domain|ospf


Routing Process "ospf 1" with ID 3.3.3.3
Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.150
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.1.44

As can be seen from the outputs above , the domain ID values for VRF BLUE is
derived from the OSPF process ID which is 150 , As well R7 is learning R8 loopback
network as inter area route as well as for R4 which is learning R6 loopback network
as inter area route

Let us try to set the value of domain ID for both VRFs, for VRF RED will choose the
value of 0.0.0.60 and for VRF BLUE 0.0.0.50

R1
router ospf 300 vrf RED
domain-id 0.0.0.60
router ospf 150 vrf BLUE
domain-id 0.0.0.50

R1#clear ip ospf process


Reset ALL OSPF processes? [no]: yes

R3
router ospf 300 vrf RED
domain-id 0.0.0.60
router ospf 150 vrf BLUE
domain-id 0.0.0.50

R3#clear ip ospf process


Reset ALL OSPF processes? [no]: yes

R1#sh ip ospf | inc Domain|ospf


Routing Process "ospf 1" with ID 1.1.1.1
Routing Process "ospf 300" with ID 192.1.14.1
Domain ID type 0x0005, value 0.0.0.60
Routing Process "ospf 150" with ID 192.1.17.1
Domain ID type 0x0005, value 0.0.0.50

R3#sh ip ospf | inc Domain|ospf

88
Routing Process "ospf 1" with ID 3.3.3.3
Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.50
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.0.60

Let us check R4s routing table


R4#sh ip route ospf | inc 6.6.6.6
O IA 6.6.6.6 [110/3] via 192.1.14.1, 00:00:12, FastEthernet0/0

Nothing has affected the route type, let us now try to change the domain ID on
R1for VRF RED to 0.0.0.120 and keep it as it is on R3

R1
router ospf 300 vrf RED
domain-id 0.0.0.120
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes

sh ip route ospf | inc 6.6.6.6


O E2 6.6.6.6 [110/2] via 192.1.14.1, 00:00:06, FastEthernet0/0

R4#sh ip route 6.6.6.6


Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 2
Tag Complete, Path Length == 1, AS 10, , type extern 2, forward metric 1
Last update from 192.1.14.1 on FastEthernet0/0, 00:00:15 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 00:00:15 ago, via FastEthernet0/0
Route metric is 2, traffic share count is 1
Route tag 3489660938

As we can see the route type has changed to external 2, let us revert back to the
same domain ID value 0.0.0.60 and change the OSPF process ID on R1 for VRF
RED from 300 to 301

R1
no router ospf 300 vrf RED
router ospf 301 vrf RED
router-id 192.1.14.1
domain-id 0.0.0.60
redistribute bgp 10 subnets
network 192.1.14.1 0.0.0.0 area 0

router bgp 10

89
address-family ipv4 vrf RED
redistribute ospf 301 vrf RED

R1#clear ip ospf process


Reset ALL OSPF processes? [no]: yes

Checking R4s routing table again

R4#sh ip route ospf | inc 6.6.6.6


O IA 6.6.6.6 [110/3] via 192.1.14.1, 00:00:07, FastEthernet0/0

R4#sh ip route 6.6.6.6


Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 3, type inter area
Last update from 192.1.14.1 on FastEthernet0/0, 00:00:16 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 00:00:16 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1

So changing the process ID will not affect the routing table as long the domain ID
values are configured manually under the OSPF process , now if we removed the
domain ID configuration from both R1 and R3 for VRF RED , the route type should
change to external 2 again , why? Because the domain ID value is derived from the
process ID value, so we have different process ID values: 300 and 301

R1
router ospf 301 vrf RED
no domain-id 0.0.0.60

R1#clear ip ospf process


Reset ALL OSPF processes? [no]: y

R3
router ospf 300 vrf RED
no domain-id 0.0.0.60

R3#clear ip ospf process


Reset ALL OSPF processes? [no]: yes

R1#sh ip ospf | inc Domain|ospf


Routing Process "ospf 1" with ID 1.1.1.1
Routing Process "ospf 301" with ID 192.1.14.1
Domain ID type 0x0005, value 0.0.1.45
Routing Process "ospf 150" with ID 192.1.17.1
Domain ID type 0x0005, value 0.0.0.50

90
R3#sh ip ospf | inc Domain|ospf
Routing Process "ospf 1" with ID 3.3.3.3
Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.50
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.1.44

R4#sh ip route ospf | inc 6.6.6.6


O E2 6.6.6.6 [110/2] via 192.1.14.1, 00:00:01, FastEthernet0/0
R4#sh ip route 6.6.6.6
Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 2
Tag Complete, Path Length == 1, AS 10, , type extern 2, forward metric 1
Last update from 192.1.14.1 on FastEthernet0/0, 00:00:02 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 00:00:02 ago, via FastEthernet0/0
Route metric is 2, traffic share count is 1
Route tag 3489660938

91
VRF Lite
Network Diagram

PE1 172.
24
1.0/ 16. 13.0
16.1
172. /24

172.16.12.0/24
CE1 CE3
lo0 192.168.1.1/24 lo0 192.168.3.1/24

CE2

lo1 192.168.2.1/24

Configurations

VRF Configuration

PE1
ip vrf CE1
ip vrf CEs

interface FastEthernet0/0
ip vrf forwarding CE1
ip address 172.16.11.1 255.255.255.0

interface FastEthernet0/1
ip vrf forwarding CEs
ip address 172.16.12.1 255.255.255.0

interface FastEthernet1/0
ip vrf forwarding CEs
ip address 172.16.13.1 255.255.255.0

IGP Configuration

PE1
router ospf 1 vrf CE1
network 172.16.11.1 0.0.0.0 area 0

router ospf 2 vrf CEs

92
network 172.16.12.1 0.0.0.0 area 0
network 172.16.13.1 0.0.0.0 area 0

CE1
router ospf 1
network 172.16.11.2 0.0.0.0 area 0
network 192.168.1.1 0.0.0.0 area 0

CE2
router ospf 2
network 172.16.12.2 0.0.0.0 area 0
network 192.168.2.1 0.0.0.0 area 0

CE3
router ospf 2
network 172.16.13.2 0.0.0.0 area 0
network 192.168.3.1 0.0.0.0 area 0

Verifications

PE1#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.168.3.1 1 FULL/BDR 00:00:39 172.16.13.2 FastEthernet1/0
192.168.2.1 1 FULL/DR 00:00:39 172.16.12.2 FastEthernet0/1
192.168.1.1 1 FULL/DR 00:00:33 172.16.11.2 FastEthernet0/0

PE1#sh ip route vrf CE1 ospf

Routing Table: CE1

192.168.1.0/32 is subnetted, 1 subnets


O 192.168.1.1 [110/2] via 172.16.11.2, 00:03:40, FastEthernet0/0

PE1#sh ip route vrf CEs ospf

Routing Table: CEs

192.168.2.0/32 is subnetted, 1 subnets


O 192.168.2.1 [110/2] via 172.16.12.2, 00:03:26, FastEthernet0/1
192.168.3.0/32 is subnetted, 1 subnets
O 192.168.3.1 [110/2] via 172.16.13.2, 00:03:36, FastEthernet1/0

CE1#sh ip ospf neighbor

93
Neighbor ID Pri State Dead Time Address Interface
172.16.11.1 1 FULL/BDR 00:00:35 172.16.11.1 FastEthernet0/0

CE1#sh ip route ospf

CE1#

CE2#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


172.16.13.1 1 FULL/BDR 00:00:35 172.16.12.1 FastEthernet0/0

CE2#sh ip route ospf


172.16.0.0/24 is subnetted, 2 subnets
O 172.16.13.0 [110/2] via 172.16.12.1, 00:03:33, FastEthernet0/0
192.168.3.0/32 is subnetted, 1 subnets
O 192.168.3.1 [110/3] via 172.16.12.1, 00:03:33, FastEthernet0/0

CE3#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


172.16.13.1 1 FULL/DR 00:00:38 172.16.13.1 FastEthernet0/0

CE3#sh ip route ospf


172.16.0.0/24 is subnetted, 2 subnets
O 172.16.12.0 [110/2] via 172.16.13.1, 00:03:36, FastEthernet0/0
192.168.2.0/32 is subnetted, 1 subnets
O 192.168.2.1 [110/3] via 172.16.13.1, 00:03:26, FastEthernet0/0

CE2#ping 192.168.3.1 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms

CE2#traceroute 192.168.3.1 source lo0 numeric

Type escape sequence to abort.


Tracing the route to 192.168.3.1

1 172.16.12.1 4 msec 12 msec 12 msec


2 172.16.13.2 24 msec * 16 msec

94
CE3#ping 192.168.2.1 source lo0

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.3.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/24 ms

CE3#traceroute 192.168.2.1 source lo0 numeric

Type escape sequence to abort.


Tracing the route to 192.168.2.1

1 172.16.13.1 4 msec 12 msec 12 msec


2 172.16.12.2 24 msec * 12 msec

As can be seen from the outputs above, CE1 has no knowledge about the loopbacks
of CE2 and CE3 as they are separated via VRF from PE1 side

95
VRF Export-maps
Network Diagram

Lo0
1.1.1.1/32

OSPF 4 R1 19
/2 2.
1. AS 100
.0 13
Area 0 .12 S1/0 S1/1 .0/
2.1 24
19
LSP
S1/0 S1/0
Lo0 R2 IBGP R3 Lo0
2.2.2.2/32 3.3.3.3/32
192.1.24.0/24

192.1.35.0/24
F2/0 F2/0

RIPv2 RIPv2

F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:2

address-family ipv4
export map EXPORT_MAP
route-target import 100:5

ip prefix-list R4LOOP seq 5 permit 4.4.4.4/32

route-map EXPORT_MAP permit 10


match ip address prefix-list R4LOOP
set extcommunity rt 2.2.2.2:4

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3

96
vrf definition MSSK
rd 100:3

address-family ipv4
export map EXPORT_MAP
route-target import 2.2.2.2:4

ip prefix-list R5LOOP seq 5 permit 5.5.5.5/32

route-map EXPORT_MAP permit 10


match ip address prefix-list R5LOOP
set extcommunity rt 100:5

int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0

97
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
router rip
address-family ipv4 vrf MSSK
no auto-summary

98
version 2
network 192.1.24.2

R4
router rip
no auto-summary
version 2
network 4.4.4.4
network 192.1.24.4

R3
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.35.3

R5
router rip
no auto-summary
version 2
network 5.5.5.5
network 192.1.35.5

VPN Configuration

R2
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip

router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

R3
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip

router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

99
Verifications

R1#show mpls ldp neighbor


Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3 3.3.3.3

R1#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes
Serial1/1 Yes (ldp) No No No Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R2#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:

100
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1 192.1.13.1 1.1.1.1

R3#show mpls interfaces


Interface IP Tunnel BGP Static Operational
Serial1/0 Yes (ldp) No No No Yes

R2#sh ip route vrf MSSK rip

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


R 4.4.4.4 [120/1] via 192.1.24.4, 00:00:15, FastEthernet2/0

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/20/56 ms

R3#sh ip route vrf MSSK rip

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

101
5.0.0.0/32 is subnetted, 1 subnets
R 5.5.5.5 [120/1] via 192.1.35.5, 00:00:21, FastEthernet2/0

R3#ping vrf MSSK 5.5.5.55


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.55, timeout is 2 seconds:
.
Success rate is 0 percent (0/1)
R3#ping vrf MSSK 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/12 ms

R3#show bgp vpnv4 unicast all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
3/3 BGP path/bestpath attribute entries using 432 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1424 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 100 14 14 5 0 0 00:09:30 1

R3#show bgp vpnv4 unicast all


BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:2
*>i 4.4.4.4/32 2.2.2.2 1 100 0?
Route Distinguisher: 100:3 (default for vrf MSSK)
*>i 4.4.4.4/32 2.2.2.2 1 100 0?
*> 5.5.5.5/32 192.1.35.5 1 32768 ?
*> 192.1.35.0 0.0.0.0 0 32768 ?

102
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
3/3 BGP path/bestpath attribute entries using 432 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1424 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
3.3.3.3 4 100 15 15 5 0 0 00:10:15 1

R2#sh bgp vpnv4 unicast all


BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:2 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.24.4 1 32768 ?
*>i 5.5.5.5/32 3.3.3.3 1 100 0?
*> 192.1.24.0 0.0.0.0 0 32768 ?
Route Distinguisher: 100:3
*>i 5.5.5.5/32 3.3.3.3 1 100 0?

R4#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

103
5.0.0.0/32 is subnetted, 1 subnets
R 5.5.5.5 [120/1] via 192.1.24.2, 00:00:16, FastEthernet1/0
R4#ping 5.5.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/23/28 ms

R5#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


R 4.4.4.4 [120/1] via 192.1.35.3, 00:00:00, FastEthernet1/0

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms

104
MPLS AToM Eth to Eth
Network Diagram

Lo0
OSPF Domain
3.3.3.3/32
Area 0
R3 19
24 2.1
.0/ .3
.23 4.
0/
1
2. 24
19
LSP

Lo0 R2 IBGP R4 Lo0


2.2.2.2/32 4.4.4.4/32
F1/1 F1/1

F1/0 192.1.15.1/24 F1/0 192.1.15.5/24

Lo0
Lo0 R1 R5
5.5.5.5/32
1.1.1.1/32

Configurations

IGP Configuration

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
network 192.1.34.3 0.0.0.0 area 0

R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.34.4 0.0.0.0 area 0

105
MPLS LDP Configuration

R2
mpls label protocol ldp
mpls ldp router-id lo0 force

int f1/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

int f1/1
mpls ip

R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

CE-CE routing Configuration

R1
router ospf 100
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0

R5
router ospf 100
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0

Pseudowire Configuration

R2
pseudowire-class MSSK
encapsulation mpls

106
int f1/1
xconnect 4.4.4.4 15 pw-class MSSK

R4
pseudowire-class MSSK
encapsulation mpls

int f1/1
xconnect 2.2.2.2 15 pw-class MSSK

Verifications

R2#show mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.54771 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 14/13; Downstream
Up time: 00:05:07
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 3.3.3.3
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 2.2.2.2:0
TCP connection: 4.4.4.4.28399 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 10/9; Downstream
Up time: 00:00:54
LDP discovery sources:
Targeted Hello 2.2.2.2 -> 4.4.4.4, active, passive
Addresses bound to peer LDP Ident:
192.1.34.4 4.4.4.4

R2#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 3.3.3.3/32 0 Fa1/0 192.1.23.3
17 Pop Label 192.1.34.0/24 0 Fa1/0 192.1.23.3
18 17 4.4.4.4/32 0 Fa1/0 192.1.23.3
19 No Label l2ckt(1) 2213 Fa1/1 point2point

R4#show mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 4.4.4.4:0
TCP connection: 3.3.3.3.646 - 4.4.4.4.54817
State: Oper; Msgs sent/rcvd: 14/13; Downstream
Up time: 00:05:09
LDP discovery sources:

107
FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 3.3.3.3
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 4.4.4.4:0
TCP connection: 2.2.2.2.646 - 4.4.4.4.28399
State: Oper; Msgs sent/rcvd: 10/10; Downstream
Up time: 00:01:08
LDP discovery sources:
Targeted Hello 4.4.4.4 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2 2.2.2.2

R4#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 16 2.2.2.2/32 0 Fa1/0 192.1.34.3
17 Pop Label 3.3.3.3/32 0 Fa1/0 192.1.34.3
18 Pop Label 192.1.23.0/24 0 Fa1/0 192.1.34.3
19 No Label l2ckt(1) 2570 Fa1/1 point2point

R2#show mpls l2transport summary


Destination address: 4.4.4.4, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0

R2#show mpls l2transport vc 15

Local intf Local circuit Dest address VC ID Status


------------- -------------------------- --------------- ---------- ----------
Fa1/1 Ethernet 4.4.4.4 15 UP

R4#show mpls l2transport summary


Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0

R4#show mpls l2transport vc 15

Local intf Local circuit Dest address VC ID Status


------------- -------------------------- --------------- ---------- ----------
Fa1/1 Ethernet 2.2.2.2 15 UP

R1#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

108
5.5.5.5 1 FULL/DR 00:00:35 192.1.15.5 FastEthernet1/0

R1#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


O 5.5.5.5 [110/2] via 192.1.15.5, 00:02:32, FastEthernet1/0

R1#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms

R1#traceroute 5.5.5.5 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.5 20 msec * 20 msec

R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


1.1.1.1 1 FULL/BDR 00:00:31 192.1.15.1 FastEthernet1/0

R5#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

109
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets


O 1.1.1.1 [110/2] via 192.1.15.1, 00:02:56, FastEthernet1/0

R5#ping 1.1.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/32 ms

R5#traceroute 1.1.1.1 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 1.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.1 28 msec * 12 msec

R3#debug mpls packet


Packet debugging is on
R3#
*Sep 12 16:56:20.079: MPLS turbo: Fa1/1: rx: Len 120 Stack {16 0 255} {19 0
255} CW {f:0 l:0 s:0}
*Sep 12 16:56:20.083: MPLS turbo: Fa1/0: tx: Len 116 Stack {19 0 254} CW {f:0
l:0 s:0}
*Sep 12 16:56:20.339: MPLS turbo: Fa1/1: rx: Len 86 Stack {16 0 255} {19 0
255} CW {f:0 l:0 s:0}
*Sep 12 16:56:20.339: MPLS turbo: Fa1/0: tx: Len 82 Stack {19 0 254} CW {f:0
l:0 s:0}
*Sep 12 16:56:20.507: MPLS turbo: Fa1/0: rx: Len 86 Stack {17 0 255} {19 0
255} CW {f:0 l:0 s:0}
*Sep 12 16:56:20.507: MPLS turbo: Fa1/1: tx: Len 82 Stack {19 0 254} CW {f:0
l:0 s:0}
*Sep 12 16:56:21.079: MPLS turbo: Fa1/0: rx: Len 140 Stack {17 0 255} {19 0
255} CW {f:0 l:0 s:0}
R3#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 2.2.2.2/32 15639 Fa1/0 192.1.23.2
17 Pop Label 4.4.4.4/32 15752 Fa1/1 192.1.34.4

R2#show mpls l2transport vc detail


Local interface: Fa1/1 up, line protocol up, Ethernet up
Destination address: 4.4.4.4, VC ID: 15, VC status: up
Output interface: Fa1/0, imposed label stack {17 19}

110
Preferred path: not configured
Default path: active
Next hop: 192.1.23.3
Create time: 00:05:28, last status change time: 00:05:25
Last label FSM state change time: 00:05:25
Signaling protocol: LDP, peer 4.4.4.4:0 up
Targeted Hello: 2.2.2.2(LDP Id) -> 4.4.4.4, LDP is UP
Status TLV support (local/remote) : enabled/supported
LDP route watch : enabled
Label/status state machine : established, LruRru
Last local dataplane status rcvd: No fault
Last BFD dataplane status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV status sent: No fault
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local 19, remote 19
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
Dataplane:
SSM segment/switch IDs: 4097/4096 (used), PWID: 1
VC statistics:
transit packet totals: receive 102, send 100
transit byte totals: receive 10310, send 12738
transit packet drops: receive 0, seq error 0, send 0

R2#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 3.3.3.3/32 0 Fa1/0 192.1.23.3
17 Pop Label 192.1.34.0/24 0 Fa1/0 192.1.23.3
18 17 4.4.4.4/32 0 Fa1/0 192.1.23.3
19 No Label l2ckt(1) 10618 Fa1/1 point2point

111
MPLS AToM PPP to PPP
Network Diagram

Lo0
OSPF Domain
3.3.3.3/32
Area 0
R3 19
24 2.1
.0/ .3
.23 4.
0/
1
2. 24
19

Lo0 R2 R4 Lo0
2.2.2.2/32 4.4.4.4/32
S2/0 S2/0

S1/0 192.1.15.1/24 S1/0 192.1.15.5/24

Lo0
Lo0 R1 R5
5.5.5.5/32
1.1.1.1/32

Configurations

IGP Configuration

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
network 192.1.34.3 0.0.0.0 area 0

R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.34.4 0.0.0.0 area 0

112
MPLS LDP Configuration

R2
mpls label protocol ldp
mpls ldp router-id lo0 force

int f1/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

int f1/1
mpls ip

R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

CE-CE routing Configuration

R1
router ospf 100
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0

R5
router ospf 100
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0

Pseudowire Configuration

R2
pseudowire-class MSSK
encapsulation mpls

113
int s2/0
xconnect 4.4.4.4 15 pw-class MSSK

R4
pseudowire-class MSSK
encapsulation mpls

int s2/0
xconnect 2.2.2.2 15 pw-class MSSK

Verifications

R2#sh mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.47549 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 10/10; Downstream
Up time: 00:02:20
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 3.3.3.3
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 2.2.2.2:0
TCP connection: 4.4.4.4.38194 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 9/9; Downstream
Up time: 00:00:24
LDP discovery sources:
Targeted Hello 2.2.2.2 -> 4.4.4.4, active, passive
Addresses bound to peer LDP Ident:
192.1.34.4 4.4.4.4

R2#sh mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 3.3.3.3/32 0 Fa1/0 192.1.23.3
17 Pop Label 192.1.34.0/24 0 Fa1/0 192.1.23.3
18 17 4.4.4.4/32 0 Fa1/0 192.1.23.3
19 No Label l2ckt(1) 1766 Se2/0 point2point

R4#sh mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 4.4.4.4:0
TCP connection: 3.3.3.3.646 - 4.4.4.4.13730
State: Oper; Msgs sent/rcvd: 10/11; Downstream
Up time: 00:02:35
LDP discovery sources:

114
FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 3.3.3.3
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 4.4.4.4:0
TCP connection: 2.2.2.2.646 - 4.4.4.4.38194
State: Oper; Msgs sent/rcvd: 9/10; Downstream
Up time: 00:00:53
LDP discovery sources:
Targeted Hello 4.4.4.4 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2 2.2.2.2

R4#sh mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 3.3.3.3/32 0 Fa1/0 192.1.34.3
17 16 2.2.2.2/32 0 Fa1/0 192.1.34.3
18 Pop Label 192.1.23.0/24 0 Fa1/0 192.1.34.3
19 No Label l2ckt(1) 2436 Se2/0 point2point

R2#sh mpls l2transport summary


Destination address: 4.4.4.4, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0

R2#sh mpls l2transport vc 15

Local intf Local circuit Dest address VC ID Status


------------- -------------------------- --------------- ---------- ----------
Se2/0 PPP 4.4.4.4 15 UP

R4#sh mpls l2transport summary


Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0

R4#sh mpls l2transport vc 15

Local intf Local circuit Dest address VC ID Status


------------- -------------------------- --------------- ---------- ----------
Se2/0 PPP 2.2.2.2 15 UP

R1#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface

115
5.5.5.5 0 FULL/ - 00:00:38 192.1.15.5 Serial1/0

R1#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

5.0.0.0/32 is subnetted, 1 subnets


O 5.5.5.5 [110/65] via 192.1.15.5, 00:02:14, Serial1/0

R1#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/24/36 ms

R1#traceroute 5.5.5.5 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.5 24 msec * 16 msec

R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


1.1.1.1 0 FULL/ - 00:00:31 192.1.15.1 Serial1/0

R5#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

116
Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets


O 1.1.1.1 [110/65] via 192.1.15.1, 00:02:53, Serial1/0

R5#ping 1.1.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/28 ms

R5#traceroute 1.1.1.1 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 1.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.1 28 msec * 28 msec Fa1/1 point2point

117
MPLS Inter-AS Xconnect
Network Diagram

P1/0 P1/0
F1/0 F1/0
R2 R3 R4 R5

F2/0 F2/0
S2/0 S2/0

S1/0 S1/0
R1 R6

AS100 AS200

Configurations

IGP Configuration

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0

R4
router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only

int lo0
ip router isis 1

int f2/0
ip router isis 1

118
R5
router isis 1
net 49.0001.0000.0000.0005.00
is-type level-2-only

int lo0
ip router isis 1

int f1/0
ip router isis 1

MPLS LDP Configuration

R2
mpls label protocol ldp
mpls ldp router-id lo0 force

int f1/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f2/0
mpls ip

R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f2/0
mpls ip

R5
mpls label protocol ldp
mpls ldp router-id lo0 force

int f1/0
mpls ip

119
Inter-AS BGP Configuration

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.34.4 remote-as 200
address-family ipv4
network 3.3.3.3 mask 255.255.255.255
neighbor 192.1.34.4 activate

R4
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.34.3 remote-as 100
address-family ipv4
network 4.4.4.4 mask 255.255.255.255
neighbor 192.1.34.3 activate

Pseudowire Configuration

R2
pseudowire-class MSSK
encapsulation mpls

int s2/0
xconnect 5.5.5.5 16 pw-class MSSK

R5
pseudowire-class MSSK
encapsulation mpls

int s2/0
xconnect 2.2.2.2 16 pw-class MSSK

Verifications

R3#sh ip bgp
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path

120
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*> 4.4.4.4/32 192.1.34.4 0 0 200 i

R4#sh ip bgp
BGP table version is 3, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 3.3.3.3/32 192.1.34.3 0 0 100 i
*> 4.4.4.4/32 0.0.0.0 0 32768 i

R2#show mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.62349 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 12/14; Downstream
Up time: 00:05:52
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.34.3 192.1.23.3 3.3.3.3

R5#sh mpls ldp neighbor


Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 5.5.5.5:0
TCP connection: 4.4.4.4.646 - 5.5.5.5.45835
State: Oper; Msgs sent/rcvd: 14/16; Downstream
Up time: 00:07:47
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.45.4
Addresses bound to peer LDP Ident:
192.1.34.4 192.1.45.4 4.4.4.4

R2#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 3.3.3.3/32 0 Fa1/0 192.1.23.3
17 No Label l2ckt() 0 drop

R5#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 4.4.4.4/32 0 Fa1/0 192.1.45.4

121
17 No Label l2ckt() 0 drop

R2#show mpls l2transport summary


Destination address: 5.5.5.5, total number of vc: 1
0 unknown, 0 up, 1 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby

R5#sh mpls l2transport summary


Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 0 up, 1 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby

Now, R2 (the PE in AS 100) does not know about the loopback of R5 (the PE in AS
200) and vice versa which are used to configure the xconnect peering, and in order
for MPLS to operate, LDP has to assign labels which is IGP responsibility, in order
for that to take place we will redistribute the routes in IGP (OSPF and ISIS in AS
100, 200 respectively) , as well we have to advertise R2 and R5 loopbacks in BGP

R3
router bgp 100
address-family ipv4
network 2.2.2.2 mask 255.255.255.255

ip prefix-list MSSK seq 5 permit 4.4.4.4/32


ip prefix-list MSSK seq 10 permit 5.5.5.5/32

route-map MSSK permit 10


match ip address prefix-list MSSK

router ospf 1
redistribute bgp 100 subnets route-map MSSK

R4
router bgp 200
address-family ipv4
network 5.5.5.5 mask 255.255.255.255

ip prefix-list MSSK seq 5 permit 2.2.2.2/32


ip prefix-list MSSK seq 10 permit 3.3.3.3/32

route-map MSSK permit 10


match ip address prefix-list MSSK

router isis 1
redistribute bgp 200 route-map MSSK

R3#sh ip bgp

122
BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 2.2.2.2/32 192.1.23.2 2 32768 i
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*> 4.4.4.4/32 192.1.34.4 0 0 200 i
*> 5.5.5.5/32 192.1.34.4 20 0 200 i

R4#sh ip bgp
BGP table version is 5, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 2.2.2.2/32 192.1.34.3 2 0 100 i
*> 3.3.3.3/32 192.1.34.3 0 0 100 i
*> 4.4.4.4/32 0.0.0.0 0 32768 i
*> 5.5.5.5/32 192.1.45.5 20 32768 i

R2#
*Sep 13 02:04:37.279: %LDP-5-NBRCHG: LDP Neighbor 5.5.5.5:0 (2) is UP

R5#
*Sep 13 02:04:37.803: %LDP-5-NBRCHG: LDP Neighbor 2.2.2.2:0 (2) is UP

R2#sh mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.62349 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 29/31; Downstream
Up time: 00:18:49
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.34.3 192.1.23.3 3.3.3.3
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 2.2.2.2:0
TCP connection: 5.5.5.5.52375 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 12/12; Downstream

123
Up time: 00:02:54
LDP discovery sources:
Targeted Hello 2.2.2.2 -> 5.5.5.5, active, passive
Addresses bound to peer LDP Ident:
192.1.45.5 5.5.5.5

R2#sh mpls l2transport summary


Destination address: 5.5.5.5, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0

R5#sh mpls ldp neighbor


Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 5.5.5.5:0
TCP connection: 4.4.4.4.646 - 5.5.5.5.45835
State: Oper; Msgs sent/rcvd: 32/32; Downstream
Up time: 00:20:41
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.45.4
Addresses bound to peer LDP Ident:
192.1.34.4 192.1.45.4 4.4.4.4
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 5.5.5.5:0
TCP connection: 2.2.2.2.646 - 5.5.5.5.52375
State: Oper; Msgs sent/rcvd: 12/13; Downstream
Up time: 00:03:11
LDP discovery sources:
Targeted Hello 5.5.5.5 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2 2.2.2.2

R5#sh mpls l2transport summary


Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0

R2#show mpls forwarding-table | inc 5.5.5.5


19 19 5.5.5.5/32 0 Fa1/0 192.1.23.3

R5#sh mpls forwarding-table | inc 2.2.2.2


18 18 2.2.2.2/32 0 Fa1/0 192.1.45.4

Now in order for the labels to be passed through the ASes, we have to configure the
BGP neighbors to send the labels

R3
router bgp 100

124
address-family ipv4
neighbor 192.1.34.4 send-label

R4
router bgp 200
address-family ipv4
neighbor 192.1.34.3 send-label

R3
*Sep 13 02:13:01.135: %BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding
command has been configured on interface: POS1/0

R4
*Sep 13 02:13:00.983: %BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding
command has been configured on interface: POS1/0

R2#show mpls l2transport vc 16

Local intf Local circuit Dest address VC ID Status


------------- -------------------------- --------------- ---------- ----------
Se2/0 PPP 5.5.5.5 16 UP

R5#show mpls l2transport vc 16

Local intf Local circuit Dest address VC ID Status


------------- -------------------------- --------------- ---------- ----------
Se2/0 PPP 2.2.2.2 16 UP

R1#ping 192.1.16.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/41/80 ms

R6#ping 192.1.16.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/31/48 ms

125
MPLS L3VPN Inter-AS Option A
Network Diagram

AS100 S1/0 S1/0 AS200


R1 R2
F2/0 F2/0

F1/0
F1/0
OSPF R3 R4 OSPF
A0 A0
F1/1
F1/1

F1/0 F1/0

R5 R6
F1/1 F1/1

R7 F1/0 F1/0
R8

Configurations

VRF Configuration

R1
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int s1/0
vrf forwarding MSSK
ip address 192.1.12.1 255.255.255.0

126
R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int s1/0
vrf forwarding MSSK
ip address 192.1.12.2 255.255.255.0

R5
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0

R6
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2

127
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.24.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.35.3 0.0.0.0 area 0

R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
network 192.1.46.4 0.0.0.0 area 0

R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0

R6
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int f2/0
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f2/0

128
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

int f1/1
mpls ip

R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

int f1/1
mpls ip

R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

MP-BGP Configuration

R1
router bgp 100
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
address-family vpnv4
neighbor 5.5.5.5 activate

129
neighbor 5.5.5.5 send-community both

R5
router bgp 100
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both

R2
router bgp 100
neighbor 6.6.6.6 remote-as 100
neighbor 6.6.6.6 update-source lo0
address-family vpnv4
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both

R6
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 12.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R1
router rip
address-family ipv4 vrf MSSK
network 192.1.12.0
no auto-summary
version 2

R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2

R7
router rip
version 2

130
network 7.0.0.0
network 192.1.57.0
no auto-summary

R2
address-family ipv4 vrf MSSK
network 192.1.12.0
no auto-summary
version 2

R6
router rip
address-family ipv4 vrf MSSK
network 192.1.68.0
no auto-summary
version 2

R8
router rip
version 2
network 8.0.0.0
network 192.1.68.0
no auto-summary

VPN Configuration

R1
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

router bgp 100


address-family ipv4 vrf MSSK
redistribute rip

R2
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1

router bgp 200


address-family ipv4 vrf MSSK
redistribute rip

131
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

router bgp 100


address-family ipv4 vrf MSSK
network 192.1.57.0
redistribute rip

R6
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1

address-family ipv4 vrf MSSK


network 192.1.68.0
redistribute rip

Verifications

R1#sh bgp vpnv4 unicast all summary


BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 9, main routing table version 9
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
5.5.5.5 4 100 31 28 9 0 0 00:21:36 2

R1#sh bgp vpnv4 unicast all


BGP table version is 9, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

132
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 7.7.7.7/32 5.5.5.5 1 100 0?
*> 8.8.8.8/32 192.1.12.2 1 32768 ?
*> 192.1.12.0 0.0.0.0 0 32768 ?
*> 192.1.12.2/32 0.0.0.0 0 32768 ?
*>i 192.1.57.0 5.5.5.5 0 100 0i
*> 192.1.68.0 192.1.12.2 1 32768 ?

R2#show bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 200
BGP table version is 9, main routing table version 9
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
6.6.6.6 4 200 30 29 9 0 0 00:20:56 2

R2#show bgp vpnv4 unicast all


BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32 192.1.12.1 1 32768 ?
*>i 8.8.8.8/32 6.6.6.6 1 100 0?
*> 192.1.12.0 0.0.0.0 0 32768 ?
*> 192.1.12.1/32 0.0.0.0 0 32768 ?
*> 192.1.57.0 192.1.12.1 1 32768 ?
*>i 192.1.68.0 6.6.6.6 0 100 0i

R5#show bgp vpnv4 unicast all summary


BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 11, main routing table version 11

133
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
1.1.1.1 4 100 28 32 11 0 0 00:22:00 4

R5#show bgp vpnv4 unicast all


BGP table version is 11, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32 192.1.57.7 1 32768 ?
*>i 8.8.8.8/32 1.1.1.1 1 100 0?
*>i 192.1.12.0 1.1.1.1 0 100 0?
*>i 192.1.12.2/32 1.1.1.1 0 100 0?
*> 192.1.57.0 0.0.0.0 0 32768 i
*>i 192.1.68.0 1.1.1.1 1 100 0?

R6#sh bgp vpnv4 unicast all summary


BGP router identifier 6.6.6.6, local AS number 200
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 200 29 31 11 0 0 00:21:18 4

134
R6#sh bgp vpnv4 unicast all
BGP table version is 11, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 7.7.7.7/32 2.2.2.2 1 100 0?
*> 8.8.8.8/32 192.1.68.8 1 32768 ?
*>i 192.1.12.0 2.2.2.2 0 100 0?
*>i 192.1.12.1/32 2.2.2.2 0 100 0?
*>i 192.1.57.0 2.2.2.2 1 100 0?
*> 192.1.68.0 0.0.0.0 0 32768 i

R7#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

8.0.0.0/32 is subnetted, 1 subnets


R 8.8.8.8 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
192.1.12.0/24 is variably subnetted, 2 subnets, 2 masks
R 192.1.12.0/24 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
R 192.1.12.2/32 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
R 192.1.68.0/24 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0

R7#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 84/103/144 ms

R7#traceroute 8.8.8.8 source lo0 numeric


Type escape sequence to abort.

135
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.57.5 16 msec 12 msec 16 msec
2 192.1.35.3 [MPLS: Labels 16/22 Exp 0] 72 msec 36 msec 64 msec
3 192.1.12.1 [MPLS: Label 22 Exp 0] 44 msec 20 msec 36 msec
4 192.1.12.2 60 msec 52 msec 44 msec
5 192.1.24.4 [MPLS: Labels 17/20 Exp 0] 96 msec 104 msec 116 msec
6 192.1.68.6 [MPLS: Label 20 Exp 0] 72 msec 100 msec 72 msec
7 192.1.68.8 88 msec * 88 msec

R8#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

7.0.0.0/32 is subnetted, 1 subnets


R 7.7.7.7 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0
192.1.12.0/24 is variably subnetted, 2 subnets, 2 masks
R 192.1.12.0/24 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0
R 192.1.12.1/32 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0
R 192.1.57.0/24 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0

R8#ping 7.7.7.7 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/90/108 ms

R8#traceroute 7.7.7.7 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.68.6 4 msec 16 msec 12 msec
2 192.1.46.4 [MPLS: Labels 16/20 Exp 0] 32 msec 44 msec 64 msec
3 192.1.12.2 [MPLS: Label 20 Exp 0] 28 msec 40 msec 48 msec
4 192.1.12.1 76 msec 52 msec 44 msec
5 192.1.13.3 [MPLS: Labels 17/20 Exp 0] 100 msec 76 msec 88 msec

136
6 192.1.57.5 [MPLS: Label 20 Exp 0] 68 msec 72 msec 72 msec
7 192.1.57.7 104 msec * 120 msec

R1#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
17 Pop Label 3.3.3.3/32 0 Fa2/0 192.1.13.3
18 Pop Label 192.1.35.0/24 0 Fa2/0 192.1.13.3
19 17 5.5.5.5/32 0 Fa2/0 192.1.13.3
20 No Label 192.1.12.0/24[V] 0 aggregate/MSSK
21 No Label 192.1.12.2/32[V] 0 Se1/0 point2point
22 No Label 8.8.8.8/32[V] 4548 Se1/0 point2point
23 No Label 192.1.68.0/24[V] 0 Se1/0 point2point

R2#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
17 Pop Label 4.4.4.4/32 0 Fa2/0 192.1.24.4
18 Pop Label 192.1.46.0/24 0 Fa2/0 192.1.24.4
19 17 6.6.6.6/32 0 Fa2/0 192.1.24.4
20 No Label 7.7.7.7/32[V] 3116 Se1/0 point2point
21 No Label 192.1.12.0/24[V] 0 aggregate/MSSK
22 No Label 192.1.12.1/32[V] 0 Se1/0 point2point
23 No Label 192.1.57.0/24[V] 1684 Se1/0 point2point

137
MPLS L3VPN Inter-AS Option B
Network Diagram

AS100 S1/0 S1/0 AS200


R1 R2
F2/0 F2/0

F1/0
F1/0
OSPF R3 R4 OSPF
A0 A0
F1/1
F1/1

F1/0 F1/0

R5 R6
F1/1 F1/1

R7 F1/0 F1/0
R8

Configurations

VRF Configuration

R5
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0

138
R6
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.24.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.35.3 0.0.0.0 area 0

R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
network 192.1.46.4 0.0.0.0 area 0

R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0

139
network 192.1.35.5 0.0.0.0 area 0

R6
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int f2/0
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f2/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

int f1/1
mpls ip

R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

int f1/1
mpls ip

140
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

MP-BGP Configuration

R1
router bgp 100
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
neighbor 192.1.12.2 remote-as 200
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community both
neighbor 5.5.5.5 next-hop-self
neighbor 192.1.12.2 activate
neighbor 192.1.12.2 send-community both

R5
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both

R2
router bgp 200
no bgp default ipv4-unicast
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 update-source lo0
neighbor 192.1.12.1 remote-as 100
address-family vpnv4

141
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both
neighbor 6.6.6.6 next-hop-self
neighbor 192.1.12.1 activate
neighbor 192.1.12.1 send-community both

R6
router bgp 200
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2

R7
router rip
version 2
network 7.0.0.0
network 192.1.57.0
no auto-summary

R6
router rip
address-family ipv4 vrf MSSK
network 192.1.68.0
no auto-summary
version 2

R8
router rip
version 2
network 8.0.0.0
network 192.1.68.0
no auto-summary

142
VPN Configuration

R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

router bgp 100


address-family ipv4 vrf MSSK
network 192.1.57.0
redistribute rip

R6
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1

router bgp 200


address-family ipv4 vrf MSSK
network 192.1.68.0
redistribute rip

Verifications

R1#show bgp vpnv4 unicast all summary


BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
5.5.5.5 4 100 9 9 5 0 0 00:03:10 2
192.1.12.2 4 200 9 9 5 0 0 00:02:59 2

R1#show bgp vpnv4 unicast all


BGP table version is 5, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

143
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1
*>i 7.7.7.7/32 5.5.5.5 1 100 0?
*> 8.8.8.8/32 192.1.12.2 0 200 ?
*>i 192.1.57.0 5.5.5.5 0 100 0i
*> 192.1.68.0 192.1.12.2 0 200 i

R2#show bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 200
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
6.6.6.6 4 200 9 9 5 0 0 00:03:12 2
192.1.12.1 4 100 9 9 5 0 0 00:03:12 2

R2#show bgp vpnv4 unicast all


BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1
*> 7.7.7.7/32 192.1.12.1 0 100 ?
*>i 8.8.8.8/32 6.6.6.6 1 100 0?
*> 192.1.57.0 192.1.12.1 0 100 i
*>i 192.1.68.0 6.6.6.6 0 100 0i

144
R5#show bgp vpnv4 unicast all summary
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
1.1.1.1 4 100 9 10 7 0 0 00:03:34 2

R5#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32 192.1.57.7 1 32768 ?
*>i 8.8.8.8/32 1.1.1.1 0 100 0 200 ?
*> 192.1.57.0 0.0.0.0 0 32768 i
*>i 192.1.68.0 1.1.1.1 0 100 0 200 i

R5#show bgp vpnv4 unicast all summary


BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

145
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
1.1.1.1 4 100 9 10 7 0 0 00:03:34 2

R5#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32 192.1.57.7 1 32768 ?
*>i 8.8.8.8/32 1.1.1.1 0 100 0 200 ?
*> 192.1.57.0 0.0.0.0 0 32768 i
*>i 192.1.68.0 1.1.1.1 0 100 0 200 i

R5#show bgp vpnv4 unicast all neighbors 1.1.1.1 advertised-routes


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32 192.1.57.7 1 32768 ?
*> 192.1.57.0 0.0.0.0 0 32768 i

Total number of prefixes 2

R6#show bgp vpnv4 unicast all summary


BGP router identifier 6.6.6.6, local AS number 200
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory

146
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 200 10 9 7 0 0 00:03:34 2

R6#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 7.7.7.7/32 2.2.2.2 0 100 0 100 ?
*> 8.8.8.8/32 192.1.68.8 1 32768 ?
*>i 192.1.57.0 2.2.2.2 0 100 0 100 i
*> 192.1.68.0 0.0.0.0 0 32768 i

R6#show bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes


BGP table version is 7, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 8.8.8.8/32 192.1.68.8 1 32768 ?
*> 192.1.68.0 0.0.0.0 0 32768 i

Total number of prefixes 2

R7#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

147
Gateway of last resort is not set

8.0.0.0/32 is subnetted, 1 subnets


R 8.8.8.8 [120/1] via 192.1.57.5, 00:00:26, FastEthernet1/0
R 192.1.68.0/24 [120/1] via 192.1.57.5, 00:00:26, FastEthernet1/0

R7#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/90/104 ms

R7#traceroute 8.8.8.8 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.57.5 8 msec 8 msec 8 msec
2 192.1.35.3 [MPLS: Labels 16/22 Exp 0] 84 msec 64 msec 96 msec
3 192.1.13.1 [MPLS: Label 22 Exp 0] 64 msec 52 msec 76 msec
4 192.1.12.2 [MPLS: Label 21 Exp 0] 100 msec 52 msec 108 msec
5 192.1.24.4 [MPLS: Labels 17/20 Exp 0] 80 msec 72 msec 120 msec
6 192.1.68.6 [MPLS: Label 20 Exp 0] 68 msec 104 msec 96 msec
7 192.1.68.8 84 msec * 136 msec

R8#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

7.0.0.0/32 is subnetted, 1 subnets


R 7.7.7.7 [120/1] via 192.1.68.6, 00:00:19, FastEthernet1/0
R 192.1.57.0/24 [120/1] via 192.1.68.6, 00:00:19, FastEthernet1/0

R8#ping 7.7.7.7 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:

148
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/83/108 ms

R8#traceroute 7.7.7.7 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.68.6 12 msec 12 msec 8 msec
2 192.1.46.4 [MPLS: Labels 16/20 Exp 0] 108 msec 92 msec 60 msec
3 192.1.24.2 [MPLS: Label 20 Exp 0] 112 msec 84 msec 88 msec
4 192.1.12.1 [MPLS: Label 20 Exp 0] 96 msec 80 msec 92 msec
5 192.1.13.3 [MPLS: Labels 17/20 Exp 0] 68 msec 112 msec 52 msec
6 192.1.57.5 [MPLS: Label 20 Exp 0] 64 msec 60 msec 72 msec
7 192.1.57.7 76 msec * 84 msec

149
Carrier supporting Carrier (CSC)
Network Diagram

R7

F1/0
RIPv2
F1/1
R5

F1/0
OSPF 1 P1/0 P1/0
F1/1 F1/0
R3 F1/0 R1 R2 R4
F2/0
F2/0
F2/0 F1/1
OSPF 1
F1/0 F1/0
R6 R9

F1/1 AS100 AS200 F1/1


EIGRP 68 RIPv2
F1/0 F1/0
R8 R10

Configurations

VRF Configuration

R3
vrf definition ABC
rd 100:1
address-family ipv4
route-target export 100:1

150
route-target import 100:1
route-target import 200:1

interface FastEthernet1/1
vrf forwarding ABC
ip address 192.1.35.3 255.255.255.0

interface FastEthernet2/0
vrf forwarding ABC
ip address 192.1.36.3 255.255.255.0

R4
vrf definition ABC
rd 200:1
address-family ipv4
route-target export 200:1
route-target import 200:1
route-target import 100:1

interface FastEthernet1/1
vrf forwarding ABC
ip address 192.1.49.4 255.255.255.0

IGP Configuration

R1
router isis 1
net 49.0001.0000.0000.0001.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet2/0
ip router isis 1

R2
router isis 1
net 49.0002.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet2/0
ip router isis 1

R3
router isis 1

151
net 49.0001.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet1/0
ip router isis 1

R4
router isis 1
net 49.0002.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0

interface FastEthernet1/0
ip router isis 1

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

interface FastEthernet2/0
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet2/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet1/0
mpls ip

R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface FastEthernet1/0
mpls ip

152
MP-BGP Configuration

R1
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 192.1.12.2 remote-as 200

address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
neighbor 3.3.3.3 route-reflector-client
neighbor 3.3.3.3 next-hop-self
neighbor 192.1.12.2 activate
neighbor 192.1.12.2 send-community both

R2
router bgp 200
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 update-source Loopback0
neighbor 192.1.12.1 remote-as 100

address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
neighbor 4.4.4.4 next-hop-self
neighbor 192.1.12.1 activate
neighbor 192.1.12.1 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0

address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both

R4
router bgp 200
no bgp default ipv4-unicast

153
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source Loopback0

address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R3
router ospf 1 vrf ABC
router-id 192.1.1.3
network 192.1.35.3 0.0.0.0 area 0
network 192.1.36.3 0.0.0.0 area 0

R4
router ospf 1 vrf ABC
router-id 192.1.1.4
network 192.1.49.4 0.0.0.0 area 0

R5
router ospf 1
router-id 192.1.1.5
network 192.1.35.5 0.0.0.0 area 0
network 192.1.1.5 0.0.0.0 area 0

R6
router ospf 1
router-id 192.1.1.6
network 192.1.1.6 0.0.0.0 area 0
network 192.1.36.6 0.0.0.0 area 0

R9
router ospf 1
router-id 192.1.1.9
network 192.1.1.9 0.0.0.0 area 0
network 192.1.49.9 0.0.0.0 area 0

VPN Configuration

R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
redistribute bgp 100 metric 10000 1 255 1 1500
router bgp 100

154
address-family ipv4 vrf MSSK
redistribute eigrp 1

R3
router ospf 1 vrf ABC
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf ABC
redistribute ospf 1 vrf ABC
network 192.1.35.0 mask 255.255.255.0
network 192.1.36.0 mask 255.255.255.0

R4
router ospf 1 vrf ABC
redistribute bgp 200 subnets

router bgp 200


address-family ipv4 vrf ABC
redistribute ospf 1 vrf ABC
network 192.1.49.0 mask 255.255.255.0

Verifications

R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.1.3 1 FULL/BDR 00:00:39 192.1.35.3 FastEthernet1/0
R5#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

192.1.1.0/32 is subnetted, 2 subnets


O 192.1.1.6 [110/3] via 192.1.35.3, 00:05:02, FastEthernet1/0
O 192.1.36.0/24 [110/2] via 192.1.35.3, 00:05:02, FastEthernet1/0

R5#ping 192.1.1.6 source lo0


Type escape sequence to abort.

155
Sending 5, 100-byte ICMP Echos to 192.1.1.6, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/52/140 ms

R5#traceroute 192.1.1.6 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 192.1.1.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.35.3 28 msec 12 msec 12 msec
2 192.1.36.6 48 msec * 28 msec

R6#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.1.3 1 FULL/BDR 00:00:31 192.1.36.3 FastEthernet1/0

R6#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

192.1.1.0/24 is variably subnetted, 3 subnets, 2 masks


O 192.1.1.5/32 [110/3] via 192.1.36.3, 00:06:02, FastEthernet1/0
O 192.1.35.0/24 [110/2] via 192.1.36.3, 00:06:02, FastEthernet1/0

R6#ping 192.1.1.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.5, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/36/44 ms

R6#traceroute 192.1.1.5 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 192.1.1.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.36.3 20 msec 12 msec 20 msec

156
2 192.1.35.5 44 msec * 36 msec

R9#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.1.4 1 FULL/DR 00:00:39 192.1.49.4 FastEthernet1/0

R9#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

Why R9 is not learning any routes from AS 100 ?

First , our VRF in AS 100 has to be configured to import the value from AS 200 and
vice versa

R3
vrf definition ABC
address-family ipv4
route-target import 200:1

R4
vrf definition ABC
address-family ipv4
route-target import 100:1

Next, our EBGP speakers will filter route-target by default

R1
router bgp 200
no bgp default route-target filter

R2
router bgp 200
no bgp default route-target filter

R9#sh ip route ospf

157
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

192.1.1.0/32 is subnetted, 3 subnets


O IA 192.1.1.5 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
O IA 192.1.1.6 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
O IA 192.1.35.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
O IA 192.1.36.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0

R9#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

192.1.1.0/32 is subnetted, 3 subnets


O IA 192.1.1.5 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
O IA 192.1.1.6 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
O IA 192.1.35.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
O IA 192.1.36.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0

R9#ping 192.1.1.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.5, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.9
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/91/120 ms

R9#ping 192.1.1.6 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.6, timeout is 2 seconds:

158
Packet sent with a source address of 192.1.1.9
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/87/100 ms

R9#traceroute 192.1.1.5 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 192.1.1.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.49.4 12 msec 24 msec 12 msec
2 192.1.24.2 [MPLS: Label 20 Exp 0] 72 msec 72 msec 84 msec
3 192.1.12.1 [MPLS: Label 20 Exp 0] 88 msec 92 msec 92 msec
4 192.1.35.3 [MPLS: Label 16 Exp 0] 56 msec 84 msec 48 msec
5 192.1.35.5 80 msec * 76 msec

R9#traceroute 192.1.1.6 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 192.1.1.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.49.4 20 msec 16 msec 16 msec
2 192.1.24.2 [MPLS: Label 21 Exp 0] 104 msec 104 msec 88 msec
3 192.1.12.1 [MPLS: Label 21 Exp 0] 92 msec 104 msec 60 msec
4 192.1.36.3 [MPLS: Label 17 Exp 0] 72 msec 44 msec 64 msec
5 192.1.36.6 64 msec * 60 msec

Now , we have achieved connectivity between our first customer sites , let us move
to our customers customer which will be referred to via VRF MSSK

VRF Configuration

R5
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1
route-target import 300:1

interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0

R6
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1

159
route-target import 300:1

interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0

R9
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1
route-target import 300:1

interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.109.9 255.255.255.0

MPLS LDP Configuration

R3
int FastEthernet1/1
mpls ip
int FastEthernet2/0
mpls ip

R4
int FastEthernet 1/1
mpls ip

R5
mpls label protocol ldp
mpls ldp router-id lo0 force

interface FastEthernet1/0
mpls ip

R6
mpls label protocol ldp
mpls ldp router-id lo0 force

interface FastEthernet1/0
mpls ip

R9
mpls label protocol ldp

160
mpls ldp router-id lo0 force

interface FastEthernet1/0
mpls ip

MP-BGP Configuration

R5
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.1.6 remote-as 100
neighbor 192.1.1.6 update-source Loopback0
neighbor 192.1.1.9 remote-as 200
neighbor 192.1.1.9 ebgp-multihop 255
neighbor 192.1.1.9 update-source Loopback0

address-family vpnv4
neighbor 192.1.1.6 activate
neighbor 192.1.1.6 send-community both
neighbor 192.1.1.9 activate
neighbor 192.1.1.9 send-community both
neighbor 192.1.1.9 next-hop-unchanged

R6
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.1.5 remote-as 100
neighbor 192.1.1.5 update-source Loopback0

address-family vpnv4
neighbor 192.1.1.5 activate
neighbor 192.1.1.5 send-community both

R9
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.1.5 remote-as 100
neighbor 192.1.1.5 ebgp-multihop 255
neighbor 192.1.1.5 update-source Loopback0

address-family vpnv4
neighbor 192.1.1.5 activate
neighbor 192.1.1.5 send-community both
neighbor 192.1.1.5 next-hop-unchanged

161
PE-CE routing Configuration

R5
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.57.0

R7
router rip
no auto-summary
version 2
network 172.1.0.0
network 192.1.57.0

R6
router eigrp 68
address-family ipv4 vrf MSSK autonomous-system 68
no auto-summary
network 192.1.68.0

R8
router eigrp 68
no auto-summary
network 172.1.0.0
network 192.1.68.0

R9
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.109.0

R10
router rip
no auto-summary
version 2
network 172.1.0.0
network 192.1.109.0

162
VPN Configuration

R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

router bgp 100


address-family ipv4 vrf MSSK
redistribute rip

R6
router eigrp 68
address-family ipv4 vrf MSSK autonomous-system 68
redistribute bgp 100
default-metric 10000 1000 255 1 1500

router bgp 100


address-family ipv4 vrf MSSK
redistribute eigrp 68

R9
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1

router bgp 200


address-family ipv4 vrf MSSK
redistribute rip

Verification

R5#sh ip route vrf MSSK rip

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

163
172.1.0.0/32 is subnetted, 3 subnets
R 172.1.1.7 [120/1] via 192.1.57.7, 00:00:00, FastEthernet1/1

R5#ping vrf MSSK 172.1.1.7


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/21/44 ms

R6#sh ip eigrp vrf MSSK neighbors


EIGRP-IPv4 Neighbors for AS(68) VRF(MSSK)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.1.68.8 Fa1/1 12 00:08:45 1038 5000 0 4

R6#sh ip route vrf MSSK eigrp

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

172.1.0.0/32 is subnetted, 3 subnets


D 172.1.1.8 [90/156160] via 192.1.68.8, 00:08:50, FastEthernet1/1

R6#ping vrf MSSK 172.1.1.8


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/50/68 ms

R9#sh ip route vrf MSSK rip

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

164
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

172.1.0.0/32 is subnetted, 3 subnets


R 172.1.1.10 [120/1] via 192.1.109.10, 00:00:02, FastEthernet1/1

R9#ping vrf MSSK 172.1.1.10


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/12/20 ms

R5#sh bgp vpnv4 unicast all summary


BGP router identifier 192.1.1.5, local AS number 100
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 524 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2828 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
192.1.1.6 4 100 11 12 11 0 0 00:06:37 2
192.1.1.9 4 200 11 12 11 0 0 00:06:28 2

R5#sh bgp vpnv4 unicast all


BGP table version is 11, local router ID is 192.1.1.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 300:1 (default for vrf MSSK)

165
*> 172.1.1.7/32 192.1.57.7 1 32768 ?
*>i 172.1.1.8/32 192.1.1.6 156160 100 0?
*> 172.1.1.10/32 192.1.1.9 1 0 200 ?
*> 192.1.57.0 0.0.0.0 0 32768 ?
*>i 192.1.68.0 192.1.1.6 0 100 0?
*> 192.1.109.0 192.1.1.9 0 0 200 ?

R6#sh bgp vpnv4 unicast all summary


BGP router identifier 192.1.1.6, local AS number 100
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 524 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2828 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
192.1.1.5 4 100 13 12 11 0 0 00:06:51 4

R6#sh bgp vpnv4 unicast all


BGP table version is 11, local router ID is 192.1.1.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 300:1 (default for vrf MSSK)
*>i 172.1.1.7/32 192.1.1.5 1 100 0?
*> 172.1.1.8/32 192.1.68.8 156160 32768 ?
*>i 172.1.1.10/32 192.1.1.9 1 100 0 200 ?
*>i 192.1.57.0 192.1.1.5 0 100 0?
*> 192.1.68.0 0.0.0.0 0 32768 ?
*>i 192.1.109.0 192.1.1.9 0 100 0 200 ?

R9#sh bgp vpnv4 unicast all summary


BGP router identifier 192.1.1.9, local AS number 200
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory

166
6 path entries using 480 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 144 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2448 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
192.1.1.5 4 100 13 12 11 0 0 00:06:53 4

R9#sh bgp vpnv4 unicast all


BGP table version is 11, local router ID is 192.1.1.9
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 300:1 (default for vrf MSSK)
*> 172.1.1.7/32 192.1.1.5 1 0 100 ?
*> 172.1.1.8/32 192.1.1.6 0 100 ?
*> 172.1.1.10/32 192.1.109.10 1 32768 ?
*> 192.1.57.0 192.1.1.5 0 0 100 ?
*> 192.1.68.0 192.1.1.6 0 100 ?
*> 192.1.109.0 0.0.0.0 0 32768 ?

167
MPLS TE with OSPF
Network Diagram

R6 R7
RIPv2 F1/0 F1/0
RIPv2

F1/1 F1/1

R4 F2/0
R1 R2 F2/0 R5
F1/0 F1/0 F1/0 F1/0
F1/1 F1/1

F1/0 F1/1 OSPF A0


R3 AS 100

Configurations

VRF Configuration

R4
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

int f1/1
vrf forwarding MSSK
ip address 192.1.46.4 255.255.255.0

R5
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

168
int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
network 192.1.14.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0

R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.14.4 0.0.0.0 area 0

R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0

MP-BGP Configuration

R4
router bgp 100

169
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community both

R5
router bgp 100
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source lo0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both

CE-PE routing Configuration

R4
router rip
address-family ipv4 vrf MSSK
network 192.1.46.0
no auto-summary
version 2

R6
router rip
version 2
network 6.0.0.0
network 192.1.46.0
no auto-summary

R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2

R7
router rip
version 2
network 7.0.0.0
network 192.1.57.0
no auto-summary

170
VPN Configuration

R4
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

router bgp 100


address-family ipv4 vrf MSSK
redistribute rip
network 192.1.46.0

R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

router bgp 100


address-family ipv4 vrf MSSK
redistribute rip
network 192.1.57.0

MPLS TE Configuration

R1
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet1/1
ip address 192.1.13.1 255.255.255.0
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth

router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0

R2
interface FastEthernet1/0
mpls traffic-eng tunnels

171
ip rsvp bandwidth

interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth

router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0

R3
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth

router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0

R4
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth

router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0

interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 5.5.5.5
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 dynamic

R5
interface FastEthernet1/0

172
mpls traffic-eng tunnels
ip rsvp bandwidth

router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0

interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 4.4.4.4
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 dynamic

Verifications

R4#show bgp vpnv4 unicast all summary


BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
5.5.5.5 4 100 77 77 7 0 0 01:05:24 2

R4#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 6.6.6.6/32 192.1.46.6 1 32768 ?
*>i 7.7.7.7/32 5.5.5.5 1 100 0?
*> 192.1.46.0 0.0.0.0 0 32768 i

173
*>i 192.1.57.0 5.5.5.5 0 100 0i

R5#show bgp vpnv4 unicast all summary


BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
4.4.4.4 4 100 77 77 7 0 0 01:05:37 2

R5#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 6.6.6.6/32 4.4.4.4 1 100 0?
*> 7.7.7.7/32 192.1.57.7 1 32768 ?
*>i 192.1.46.0 4.4.4.4 0 100 0i
*> 192.1.57.0 0.0.0.0 0 32768 i

R3#show mpls forwarding-table


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface

R4#sh int tun 0


Tunnel0 is up, line protocol is up
Hardware is Tunnel
Interface is unnumbered. Using address of Loopback0 (4.4.4.4)
MTU 17936 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set

174
Tunnel source 4.4.4.4, destination 5.5.5.5
Tunnel protocol/transport Label Switching
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output 00:00:02, output hang never
Last clearing of "show interface" counters 00:45:54
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
119 packets output, 6902 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

R5#show interfaces tunnel 0


Tunnel0 is up, line protocol is up
Hardware is Tunnel
Interface is unnumbered. Using address of Loopback0 (5.5.5.5)
MTU 17936 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 5.5.5.5, destination 4.4.4.4
Tunnel protocol/transport Label Switching
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output 00:00:03, output hang never
Last clearing of "show interface" counters 00:45:39
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
118 packets output, 7915 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets

175
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out

R4#show mpls traffic-eng tunnels summary


Signalling Summary:
LSP Tunnels Process: running
Passive LSP Listener: running
RSVP Process: running
Forwarding: enabled
Periodic reoptimization: every 3600 seconds, next in 2931 seconds
Periodic FRR Promotion: Not Running
Periodic auto-bw collection: every 300 seconds, next in 231 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
1 failed activations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1

P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0

R4#show mpls traffic-eng tunnels tunnel 0

Name: R4_t0 (Tunnel0) Destination: 5.5.5.5


Status:
Admin: up Oper: up Path: valid Signalling: connected
path option 1, type dynamic (Basis for Setup, path weight 3)

Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: dynamic path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled

InLabel : -
OutLabel : FastEthernet1/0, 16

176
Next Hop : 192.1.14.1
RSVP Signalling Info:
Src 4.4.4.4, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.14.4
Explicit Route: 192.1.14.1 192.1.12.1 192.1.12.2 192.1.25.2
192.1.25.5 5.5.5.5
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
Shortest Unconstrained Path Info:
Path Weight: 3 (TE)
Explicit Route: 192.1.14.4 192.1.14.1 192.1.12.1 192.1.12.2
192.1.25.2 192.1.25.5 5.5.5.5
History:
Tunnel:
Time since created: 46 minutes, 31 seconds
Time since path change: 46 minutes, 19 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 46 minutes, 19 seconds

R5#show mpls traffic-eng tunnels summary


Signalling Summary:
LSP Tunnels Process: running
Passive LSP Listener: running
RSVP Process: running
Forwarding: enabled
Periodic reoptimization: every 3600 seconds, next in 2927 seconds
Periodic FRR Promotion: Not Running
Periodic auto-bw collection: every 300 seconds, next in 227 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
1 failed activations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1

P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail

177
Midpoints: 0, Tails: 0

R5#show mpls traffic-eng tunnels tunnel 0

Name: R5_t0 (Tunnel0) Destination: 4.4.4.4


Status:
Admin: up Oper: up Path: valid Signalling: connected
path option 1, type dynamic (Basis for Setup, path weight 3)

Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: dynamic path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled

InLabel : -
OutLabel : FastEthernet1/0, 17
Next Hop : 192.1.25.2
RSVP Signalling Info:
Src 5.5.5.5, Dst 4.4.4.4, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.25.5
Explicit Route: 192.1.25.2 192.1.12.2 192.1.12.1 192.1.14.1
192.1.14.4 4.4.4.4
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
Shortest Unconstrained Path Info:
Path Weight: 3 (TE)
Explicit Route: 192.1.25.5 192.1.25.2 192.1.12.2 192.1.12.1
192.1.14.1 192.1.14.4 4.4.4.4
History:
Tunnel:
Time since created: 46 minutes, 34 seconds
Time since path change: 46 minutes, 32 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 46 minutes, 32 seconds

178
R4#show mpls forwarding-table detail
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.1.46.0/24[V] 3512 aggregate/MSSK
MAC/Encaps=0/0, MRU=0, Label Stack{}
VPN route: MSSK
No output feature configured
17 No Label 6.6.6.6/32[V] 4754 Fa1/1 192.1.46.6
MAC/Encaps=14/14, MRU=1504, Label Stack{}
CA0520C7001CCA0320B7001D0800
VPN route: MSSK
No output feature configured

R5#show mpls forwarding-table detail


Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.1.57.0/24[V] 2942 aggregate/MSSK
MAC/Encaps=0/0, MRU=0, Label Stack{}
VPN route: MSSK
No output feature configured
17 No Label 7.7.7.7/32[V] 4764 Fa1/1 192.1.57.7
MAC/Encaps=14/14, MRU=1504, Label Stack{}
CA0620D7001CCA0420C7001D0800
VPN route: MSSK
No output feature configured

R1#sh ip rsvp neighbor


Neighbor Encapsulation Time since msg rcvd/sent
192.1.12.2 Raw IP 00:00:13 00:00:07
192.1.14.4 Raw IP 00:00:05 00:00:21

* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.

R2#show ip rsvp neighbor


Neighbor Encapsulation Time since msg rcvd/sent
192.1.12.1 Raw IP 00:00:15 00:00:06
192.1.25.5 Raw IP 00:00:06 00:00:11

* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.

R3#sh ip rsvp neighbor


Neighbor Encapsulation Time since msg rcvd/sent

179
* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.

R6#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

7.0.0.0/32 is subnetted, 1 subnets


R 7.7.7.7 [120/1] via 192.1.46.4, 00:00:05, FastEthernet1/0
R 192.1.57.0/24 [120/1] via 192.1.46.4, 00:00:05, FastEthernet1/0

R6#ping 7.7.7.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/72/88 ms

R6#traceroute 7.7.7.7 numeric


Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.46.4 16 msec 12 msec 12 msec
2 192.1.14.1 [MPLS: Labels 16/17 Exp 0] 92 msec 88 msec 64 msec
3 192.1.12.2 [MPLS: Labels 16/17 Exp 0] 68 msec 64 msec 60 msec
4 192.1.57.5 [MPLS: Label 17 Exp 0] 68 msec 44 msec 56 msec
5 192.1.57.7 92 msec * 60 msec

R7#sh ip route rip


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

180
Gateway of last resort is not set

6.0.0.0/32 is subnetted, 1 subnets


R 6.6.6.6 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
R 192.1.46.0/24 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0

R7#ping 6.6.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/68/88 ms

R7#traceroute 6.6.6.6 numeric


Type escape sequence to abort.
Tracing the route to 6.6.6.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.57.5 8 msec 12 msec 8 msec
2 192.1.25.2 [MPLS: Labels 17/17 Exp 0] 84 msec 52 msec 64 msec
3 192.1.12.1 [MPLS: Labels 17/17 Exp 0] 48 msec 84 msec 56 msec
4 192.1.46.4 [MPLS: Label 17 Exp 0] 48 msec 44 msec 44 msec
5 192.1.46.6 48 msec * 76 msec

181
MPLS 6PE
Network Diagram

Lo0
OSPF Domain
1.1.1.1/32
Area 0
24
.0/ S1/0
R1 19
2.1
2 S1/1
.1 .13
2.1 .0/
19 24

Lo0 S1/0 LSP S1/0 Lo0


2.2.2.2/32 3.3.3.3/32
R2 IBGP R3
2001:db8:24::/64

2001:db8:35::/64
192.1.12.0/24

F2/0 F2/0

192.1.45.0/24
Static Static

F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32 2001:db8::5/128
2001:db8::4/128

Configurations

VRF Configuration

R2
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1

int f2/0
ip vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1

int f2/0
ip vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

182
IPv6 Addressing Configuration

R2
ipv6 unicast-routing
ipv6 cef

interface FastEthernet2/0
ipv6 address 2001:DB8:24::2/64

R3
ipv6 unicast-routing
ipv6 cef

interface FastEthernet2/0
ipv6 address 2001:DB8:35::3/64

R4
ipv6 unicast-routing
ipv6 cef

interface FastEthernet1/0
ipv6 address 2001:DB8:24::4/64

interface Loopback0
ipv6 address 2001:DB8::4/128

R5
ipv6 unicast-routing
ipv6 cef

interface FastEthernet1/0
ipv6 address 2001:DB8:35::5/64

interface Loopback0
ipv6 address 2001:DB8::5/128

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

183
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100

184
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
ipv6 route 2001:DB8::4/128 2001:DB8:24::4

R4
ipv6 route ::/0 2001:DB8:24::2

R3
ipv6 route 2001:DB8::5/128 2001:DB8:35::5

R5
ipv6 route ::/0 2001:DB8:35::3

VPN Configuration

R2
router bgp 100
address-family ipv6
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-label
network 2001:DB8:24::/64
redistribute static

R3
router bgp 100
address-family ipv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-label
network 2001:DB8:35::/64
redistribute static

185
Verifications

R2#show bgp ipv6 unicast summary


BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 672 bytes of memory
4 path entries using 416 bytes of memory
4/4 BGP path/bestpath attribute entries using 544 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1656 total bytes of memory
BGP activity 15/7 prefixes, 15/7 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
3.3.3.3 4 100 62 55 7 0 0 00:36:51 2

R2#show bgp ipv6 unicast


BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 2001:DB8::4/128 2001:DB8:24::4 0 32768 ?
*>i 2001:DB8::5/128 ::FFFF:3.3.3.3 0 100 0?
*> 2001:DB8:24::/64 :: 0 32768 i
*>i 2001:DB8:35::/64 ::FFFF:3.3.3.3 0 100 0i

R3#show bgp ipv6 unicast summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 672 bytes of memory
4 path entries using 416 bytes of memory
4/4 BGP path/bestpath attribute entries using 544 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1656 total bytes of memory
BGP activity 13/5 prefixes, 13/5 paths, scan interval 60 secs

186
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
2.2.2.2 4 100 55 62 7 0 0 00:37:11 2

R3#show bgp ipv6 unicast


BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*>i 2001:DB8::4/128 ::FFFF:2.2.2.2 0 100 0?
*> 2001:DB8::5/128 2001:DB8:35::5 0 32768 ?
*>i 2001:DB8:24::/64 ::FFFF:2.2.2.2 0 100 0i
*> 2001:DB8:35::/64 :: 0 32768 i

R4#sh ipv6 route


IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:24::2
LC 2001:DB8::4/128 [0/0]
via Loopback0, receive
C 2001:DB8:24::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:24::4/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive

R4#ping 2001:DB8::5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::5, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/25/44 ms

R5#sh ipv6 route

187
IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:35::3
LC 2001:DB8::5/128 [0/0]
via Loopback0, receive
C 2001:DB8:35::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:35::5/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive

R5#ping 2001:DB8::4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::4, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/20/28 ms

188
MPLS 6VPE
Network Diagram

Lo0
OSPF Domain
1.1.1.1/32
Area 0
24
.0/ S1/0
R1 19
2.1
2 S1/1
.1 .13
2.1 .0/
19 24

Lo0 S1/0 LSP S1/0 Lo0


2.2.2.2/32 3.3.3.3/32
R2 IBGP R3
2001:db8:24::/64

2001:db8:35::/64
192.1.12.0/24

F2/0 F2/0

192.1.45.0/24
Static Static

F1/0 F1/0

Lo0
Lo0 R4 R5
5.5.5.5/32
4.4.4.4/32 2001:db8::5/128
2001:db8::4/128

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
address-family ipv6
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1

189
route-target import 100:1
address-family ipv6
route-target export 100:1
route-target import 100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0

IPv6 Addressing Configuration

R2
ipv6 unicast-routing
ipv6 cef

interface FastEthernet2/0
ipv6 address 2001:DB8:24::2/64

R3
ipv6 unicast-routing
ipv6 cef

interface FastEthernet2/0
ipv6 address 2001:DB8:35::3/64

R4
ipv6 unicast-routing
ipv6 cef

interface FastEthernet1/0
ipv6 address 2001:DB8:24::4/64

interface Loopback0
ipv6 address 2001:DB8::4/128

R5
ipv6 unicast-routing
ipv6 cef

interface FastEthernet1/0
ipv6 address 2001:DB8:35::5/64

interface Loopback0
ipv6 address 2001:DB8::5/128

190
IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int s1/0
mpls ip

int s1/1
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s1/0

191
mpls ip

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv6
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

CE-PE routing Configuration

R2
ipv6 route vrf MSSK 2001:DB8::4/128 2001:DB8:24::4

R4
ipv6 route ::/0 2001:DB8:24::2

R3
ipv6 route vrf MSSK 2001:DB8::5/128 2001:DB8:35::5

R5
ipv6 route ::/0 2001:DB8:35::3

VPN Configuration

R2
router bgp 100
address-family ipv6 vrf MSSK
redistribute static
redistribute connected

192
R3
router bgp 100
address-family ipv6 vrf MSSK
redistribute static
redistribute connected

Verifications

R4#sh ipv6 route


IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:24::2
LC 2001:DB8::4/128 [0/0]
via Loopback0, receive
C 2001:DB8:24::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:24::4/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive

R4#ping 2001:DB8::5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::5, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/28 ms

R5#sh ipv6 route


IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:35::3
LC 2001:DB8::5/128 [0/0]

193
via Loopback0, receive
C 2001:DB8:35::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:35::5/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive

R5#ping 2001:DB8::4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::4, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms

194
MPLS Internet Access
Network Diagram

AS#100 R6 R7 AS#300

R2 R3 R4

AS#200 R1 AS#200 R5

AS#1 R8 Internet

Configurations

VRF Configuration

R2
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

interface FastEthernet1/0
vrf forwarding MSSK
ip address 172.1.12.2 255.255.255.0

195
R4
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

interface FastEthernet1/1
vrf forwarding MSSK
ip address 172.1.45.4 255.255.255.0

R6
vrf definition ABC
rd 200:1

address-family ipv4
route-target export 200:1
route-target import 200:1

interface FastEthernet1/1
vrf forwarding ABC
ip address 172.1.67.6 255.255.255.0

IGP Configuration

R2
mpls label protocol ldp
mpls ldp router-id lo0 force

router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig

interface FastEthernet1/1
ip router isis 1

R3
mpls label protocol ldp
mpls ldp router-id lo0 force

router isis 1
net 49.0001.0000.0000.0003.00

196
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig

interface FastEthernet1/0
ip router isis 1

interface FastEthernet1/1
ip router isis 1

interface FastEthernet2/0
ip router isis 1

R4
mpls label protocol ldp
mpls ldp router-id lo0 force

router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig

interface FastEthernet1/0
ip router isis 1

R6
mpls label protocol ldp
mpls ldp router-id lo0 force

router isis 1
net 49.0001.0000.0000.0006.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig

interface FastEthernet1/0
ip router isis 1

MP-BGP Configuration

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100

197
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R4
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
neighbor 6.6.6.6 remote-as 100
neighbor 6.6.6.6 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
neighbor 2.2.2.2 route-reflector-client
neighbor 2.2.2.2 next-hop-self
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
neighbor 4.4.4.4 route-reflector-client
neighbor 4.4.4.4 next-hop-self
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both
neighbor 6.6.6.6 route-reflector-client
neighbor 6.6.6.6 next-hop-self

R6
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

198
CE-PE routing Configuration

R1
router bgp 200
no bgp default ipv4-unicast
neighbor 172.1.12.2 remote-as 100
address-family ipv4
network 172.16.1.1 mask 255.255.255.255
neighbor 172.1.12.2 activate

R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 172.1.12.1 remote-as 200
neighbor 172.1.12.1 activate
neighbor 172.1.12.1 send-community both
neighbor 172.1.12.1 as-override

R4
router bgp 100
address-family ipv4 vrf MSSK
neighbor 172.1.45.5 remote-as 200
neighbor 172.1.45.5 activate
neighbor 172.1.45.5 send-community both
neighbor 172.1.45.5 as-override

R5
router bgp 200
no bgp default ipv4-unicast
neighbor 172.1.45.4 remote-as 100
address-family ipv4
network 172.16.5.5 mask 255.255.255.255
neighbor 172.1.45.4 activate

R6
router bgp 100
address-family ipv4 vrf ABC
neighbor 172.1.67.7 remote-as 300
neighbor 172.1.67.7 activate
neighbor 172.1.67.7 send-community both

R7
router bgp 300
no bgp default ipv4-unicast

199
neighbor 172.1.67.6 remote-as 100
address-family ipv4
network 192.168.7.7 mask 255.255.255.255
neighbor 172.1.67.6 activate

NAT Configuration

R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1

vrf definition ABC


rd 200:1
address-family ipv4
route-target export 200:1
route-target import 200:1

interface FastEthernet1/0
ip nat inside

interface FastEthernet1/1
ip nat inside

interface FastEthernet2/0
ip nat inside

interface FastEthernet2/1
ip nat outside

router bgp 100


neighbor 192.1.38.8 remote-as 1
address-family ipv4
network 212.118.0.0
network 212.118.1.0
neighbor 192.1.38.8 activate
address-family ipv4 vrf ABC
network 0.0.0.0
address-family ipv4 vrf MSSK
network 0.0.0.0

ip nat pool MSSK_POOL 212.118.0.0 212.118.0.255 prefix-length 24


ip nat pool ABC_POOL 212.118.1.0 212.118.1.255 prefix-length 24

200
ip nat inside source list RFC pool ABC_POOL vrf ABC
ip nat inside source list RFC pool MSSK_POOL vrf MSSK

ip access-list standard RFC


permit 10.0.0.0 0.255.255.255
permit 172.16.0.0 0.15.255.255
permit 192.168.0.0 0.0.255.255

ip route 212.118.0.0 255.255.255.0 Null0


ip route 212.118.1.0 255.255.255.0 Null0
ip route vrf MSSK 0.0.0.0 0.0.0.0 192.1.38.8 global
ip route vrf ABC 0.0.0.0 0.0.0.0 192.1.38.8 global

R8
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.38.3 remote-as 100
address-family ipv4
network 8.8.8.8 mask 255.255.255.255
neighbor 192.1.38.3 activate

Verifications

Let us first check VPN connectivity

R1#ping 172.16.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.5.5, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 580/646/724 ms

R5#ping 172.16.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/205/404 ms

And, according to the configuration above, each CE must have a default route in
their routing table

R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

201
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is 172.1.12.2 to network 0.0.0.0

B* 0.0.0.0/0 [20/0] via 172.1.12.2, 00:02:32


172.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.1.12.0/24 is directly connected, FastEthernet1/0
L 172.1.12.1/32 is directly connected, FastEthernet1/0
172.16.0.0/32 is subnetted, 2 subnets
C 172.16.1.1 is directly connected, Loopback0
B 172.16.5.5 [20/0] via 172.1.12.2, 00:15:03

R1#sh ip bgp
BGP table version is 4, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 0.0.0.0 172.1.12.2 0 100 i
*> 172.16.1.1/32 0.0.0.0 0 32768 i
*> 172.16.5.5/32 172.1.12.2 0 100 100 i

R5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is 172.1.45.4 to network 0.0.0.0

B* 0.0.0.0/0 [20/0] via 172.1.45.4, 00:02:44


172.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.1.45.0/24 is directly connected, FastEthernet1/0

202
L 172.1.45.5/32 is directly connected, FastEthernet1/0
172.16.0.0/32 is subnetted, 2 subnets
B 172.16.1.1 [20/0] via 172.1.45.4, 00:15:16
C 172.16.5.5 is directly connected, Loopback0

R5#sh ip bgp
BGP table version is 4, local router ID is 172.16.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 0.0.0.0 172.1.45.4 0 100 i
*> 172.16.1.1/32 172.1.45.4 0 100 100 i
*> 172.16.5.5/32 0.0.0.0 0 32768 i

R7#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is 172.1.67.6 to network 0.0.0.0

B* 0.0.0.0/0 [20/0] via 172.1.67.6, 00:02:52


172.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
C 172.1.67.0/24 is directly connected, FastEthernet1/0
L 172.1.67.7/32 is directly connected, FastEthernet1/0
192.168.7.0/32 is subnetted, 1 subnets
C 192.168.7.7 is directly connected, Loopback0

R7#sh ip bgp
BGP table version is 3, local router ID is 192.168.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

203
Network Next Hop Metric LocPrf Weight Path
*> 0.0.0.0 172.1.67.6 0 100 i
*> 192.168.7.7/32 0.0.0.0 0 32768 i

Not, let us check if the NAT configuration is working fine


8.8.8.8 Destination represents the Internet in our case

R1#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/151/632 ms

R5#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 172.16.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/126/360 ms

R7#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 192.168.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/539/956 ms

R3#sh ip nat translations


Pro Inside global Inside local Outside local Outside global
icmp 212.118.0.2:4 172.16.1.1:4 8.8.8.8:4 8.8.8.8:4
--- 212.118.0.2 172.16.1.1 --- ---
icmp 212.118.0.1:1 172.16.5.5:1 8.8.8.8:1 8.8.8.8:1
--- 212.118.0.1 172.16.5.5 --- ---
icmp 212.118.1.1:0 192.168.7.7:0 8.8.8.8:0 8.8.8.8:0
--- 212.118.1.1 192.168.7.7 --- ---

204
MPLS QoS
Network Diagram

ISIS L2
R3 49.0001

AS 100
R1 R2

Eb
0 0

gp 0 0
20 10

AS 100

-2
gp

10
Eb

0
-

R4 R5
OSPF A0

OSPF A0
R6 R7

Elements

We are going to examine QoS configuration through our MPLS backbone and across
the L3VPN connection implemented to maintain connectivity between site #1(R4,
R6) and site #2 (R5, R7)
ISIS level-2 will be the IGP used inside our MPLS backbone, and BGP will be the PE-
CE routing protocol, OSPF will be the CE-C routing protocol

Configurations

R1
vrf definition MSSK
rd 100:1

address-family ipv4
route-target export 100:1
route-target import 100:1

205
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip router isis 1

interface FastEthernet1/0
ip address 192.1.13.1 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip

interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.14.1 255.255.255.0
speed 100
duplex full

router isis 1
net 49.0001.0000.0000.0001.00
is-type level-2-only

router bgp 100


bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0

address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

address-family ipv4 vrf MSSK


network 192.1.14.0
neighbor 192.1.14.4 remote-as 200
neighbor 192.1.14.4 activate
neighbor 192.1.14.4 as-override

R2
vrf definition MSSK
rd 100:1

206
address-family ipv4
route-target export 100:1
route-target import 100:1
exit-address-family

mpls label protocol ldp


mpls ldp router-id Loopback0 force

interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip router isis 1

interface FastEthernet1/0
ip address 192.1.23.2 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut

interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.25.2 255.255.255.0
speed 100
duplex full
no shut

router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only

router bgp 100


bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0

address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

address-family ipv4 vrf MSSK


network 192.1.25.0
neighbor 192.1.25.5 remote-as 200
neighbor 192.1.25.5 activate

207
neighbor 192.1.25.5 as-override

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip router isis 1

interface FastEthernet1/0
ip address 192.1.13.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut

interface FastEthernet1/1
ip address 192.1.23.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut

router isis 1
net 49.0001.0000.0000.0003.00
is-type level-2-only

router bgp 100


bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0

address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
neighbor 1.1.1.1 route-reflector-client
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
neighbor 2.2.2.2 route-reflector-client

208
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255

interface FastEthernet1/0
ip address 192.1.14.4 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet1/1
ip address 192.1.46.4 255.255.255.0
speed 100
duplex full
no shut

router ospf 1
router-id 4.4.4.4
redistribute bgp 200 subnets
network 192.1.46.4 0.0.0.0 area 0

router bgp 200


bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 192.1.14.1 remote-as 100

address-family ipv4
network 4.4.4.4 mask 255.255.255.255
redistribute ospf 1
neighbor 192.1.14.1 activate
exit-address-family

R5
interface Loopback0
ip address 5.5.5.5 255.255.255.255

interface FastEthernet1/0
ip address 192.1.25.5 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet1/1
ip address 192.1.57.5 255.255.255.0

209
speed 100
duplex full
no shut

router ospf 1
router-id 5.5.5.5
redistribute bgp 200 subnets
network 192.1.57.5 0.0.0.0 area 0

router bgp 200


bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 192.1.25.2 remote-as 100

address-family ipv4
network 5.5.5.5 mask 255.255.255.255
redistribute ospf 1
neighbor 192.1.25.2 activate
exit-address-family

R6
interface Loopback0
ip address 6.6.6.6 255.255.255.255

interface FastEthernet1/0
ip address 192.1.46.6 255.255.255.0
speed 100
duplex full
no shut

router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0

R7
interface Loopback0
ip address 7.7.7.7 255.255.255.255

interface FastEthernet1/0
ip address 192.1.57.7 255.255.255.0
speed 100
duplex full
no shut

210
router ospf 1
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 192.1.57.7 0.0.0.0 area 0

Verifications

R1#show bgp vpnv4 unicast all


BGP table version is 13, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32 192.1.14.4 0 0 200 i
*>i 5.5.5.5/32 2.2.2.2 0 100 0 200 i
*> 6.6.6.6/32 192.1.14.4 2 0 200 ?
*>i 7.7.7.7/32 2.2.2.2 2 100 0 200 ?
*> 192.1.14.0 0.0.0.0 0 32768 i
*>i 192.1.25.0 2.2.2.2 0 100 0i
*> 192.1.46.0 192.1.14.4 0 0 200 ?
*>i 192.1.57.0 2.2.2.2 0 100 0 200 ?

R2#show bgp vpnv4 unicast all


BGP table version is 13, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32 1.1.1.1 0 100 0 200 i
*> 5.5.5.5/32 192.1.25.5 0 0 200 i
*>i 6.6.6.6/32 1.1.1.1 2 100 0 200 ?
*> 7.7.7.7/32 192.1.25.5 2 0 200 ?
*>i 192.1.14.0 1.1.1.1 0 100 0i
*> 192.1.25.0 0.0.0.0 0 32768 i
*>i 192.1.46.0 1.1.1.1 0 100 0 200 ?
*> 192.1.57.0 192.1.25.5 0 0 200 ?

211
R4#show ip bgp
BGP table version is 9, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 4.4.4.4/32 0.0.0.0 0 32768 i
*> 5.5.5.5/32 192.1.14.1 0 100 100 i
*> 6.6.6.6/32 192.1.46.6 2 32768 ?
*> 7.7.7.7/32 192.1.14.1 0 100 100 ?
r> 192.1.14.0 192.1.14.1 0 0 100 i
*> 192.1.25.0 192.1.14.1 0 100 i
*> 192.1.46.0 0.0.0.0 0 32768 ?
*> 192.1.57.0 192.1.14.1 0 100 100 ?

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/65/132 ms

R5#sh ip bgp
BGP table version is 9, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 4.4.4.4/32 192.1.25.2 0 100 100 i
*> 5.5.5.5/32 0.0.0.0 0 32768 i
*> 6.6.6.6/32 192.1.25.2 0 100 100 ?
*> 7.7.7.7/32 192.1.57.7 2 32768 ?
*> 192.1.14.0 192.1.25.2 0 100 i
r> 192.1.25.0 192.1.25.2 0 0 100 i
*> 192.1.46.0 192.1.25.2 0 100 100 ?
*> 192.1.57.0 0.0.0.0 0 32768 ?

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.

212
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/44/88 ms

R6#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


O E2 4.4.4.4 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
5.0.0.0/32 is subnetted, 1 subnets
O E2 5.5.5.5 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
7.0.0.0/32 is subnetted, 1 subnets
O E2 7.7.7.7 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
O E2 192.1.25.0/24 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
O E2 192.1.57.0/24 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0

R6#ping 7.7.7.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/85/140 ms

R7#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets

213
O E2 4.4.4.4 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
5.0.0.0/32 is subnetted, 1 subnets
O E2 5.5.5.5 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
6.0.0.0/32 is subnetted, 1 subnets
O E2 6.6.6.6 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
O E2 192.1.14.0/24 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
O E2 192.1.46.0/24 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0

R7#ping 6.6.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/72/96 ms

Now, as reachability is in place let us start diving in configuring MPLS QoS


We will start from the C routers and configure it for IP Precedence classification
Let us choose precedence values 1, 2, 3 and 6
We will depend on MQC model to for our purposes

R6
class-map PRECEDENCE_6
match ip precedence 6
class-map PRECEDENCE_3
match ip precedence 3
class-map PRECEDENCE_2
match ip precedence 2
class-map PRECEDENCE_1
match ip precedence 1

policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6

interface FastEthernet1/0
service-policy input MATCH

R7
class-map PRECEDENCE_6
match ip precedence 6
class-map PRECEDENCE_3
match ip precedence 3
class-map PRECEDENCE_2

214
match ip precedence 2
class-map PRECEDENCE_1
match ip precedence 1

policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6

interface FastEthernet1/0
service-policy input MATCH

R6#ping 7.7.7.7 repeat 10


Type escape sequence to abort.
Sending 10, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 48/85/156 ms

R6#show policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy input: MATCH

Class-map: PRECEDENCE_1 (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 1

Class-map: PRECEDENCE_2 (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 2

Class-map: PRECEDENCE_3 (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 3

Class-map: PRECEDENCE_6 (match-all)


2 packets, 188 bytes
5 minute offered rate 0000 bps
Match: ip precedence 6

Class-map: class-default (match-any)

215
10 packets, 1140 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any

R7#show policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy input: MATCH

Class-map: PRECEDENCE_1 (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 1

Class-map: PRECEDENCE_2 (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 2

Class-map: PRECEDENCE_3 (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 3

Class-map: PRECEDENCE_6 (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 6

Class-map: class-default (match-any)


10 packets, 1140 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any

As we can see the ICMP packets fall in the class-default, and the PRECEDENCE_6
class counts as it relates to routing updates and keepalives and so on

Now, let us choose three applications: TELNET, TFTP and ICMP


We will configure CE routers to assign these applications precedence values as they
are leaving toward the MPLS backbone

R4
ip access-list extended TELNET
permit tcp any any eq telnet
permit tcp any eq telnet any

216
ip access-list extended TFTP
permit udp any any eq 69

ip access-list extended ICMP


permit icmp any any

class-map ICMP_CLASS
match access-group name ICMP
class-map TFTP_CLASS
match access-group name TFTP
class-map TELNET_CLASS
match access-group name TELNET

policy-map MARK
class TELNET_CLASS
set ip precedence 1
class TFTP_CLASS
set ip precedence 2
class ICMP_CLASS
set ip precedence 3
class class-default
set ip precedence 6

interface FastEthernet1/0
service-policy output MARK

R5
ip access-list extended TELNET
permit tcp any any eq telnet
permit tcp any eq telnet any

ip access-list extended TFTP


permit udp any any eq 69

ip access-list extended ICMP


permit icmp any any

class-map ICMP_CLASS
match access-group name ICMP
class-map TFTP_CLASS
match access-group name TFTP
class-map TELNET_CLASS
match access-group name TELNET

217
policy-map MARK
class TELNET_CLASS
set ip precedence 1
class TFTP_CLASS
set ip precedence 2
class ICMP_CLASS
set ip precedence 3
class class-default
set ip precedence 6

interface FastEthernet1/0
service-policy output MARK

To enable telnet access

R6, R7
line vty 0 4
password cisco
login

enable secret cisco

For TFTP R7 will be the server and R6 will be the client

R7
tftp-server nvram:underlying-config

R4#show policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy output: MARK

Class-map: TELNET_CLASS (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TELNET
QoS Set
precedence 1
Packets marked 0

Class-map: TFTP_CLASS (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TFTP
QoS Set

218
precedence 2
Packets marked 0

Class-map: ICMP_CLASS (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ICMP
QoS Set
precedence 3
Packets marked 0

Class-map: class-default (match-any)


3 packets, 495 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
QoS Set
precedence 6
Packets marked 0

R4#show policy-map interface fastEthernet 1/0 | inc Class|marked


Class-map: TELNET_CLASS (match-all)
Packets marked 0
Class-map: TFTP_CLASS (match-all)
Packets marked 0
Class-map: ICMP_CLASS (match-all)
Packets marked 0
Class-map: class-default (match-any)
Packets marked 0

R6#ping 7.7.7.7 repeat 20


Type escape sequence to abort.
Sending 20, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (20/20), round-trip min/avg/max = 44/71/128 ms

R6#telnet 7.7.7.7
Trying 7.7.7.7 ... Open

User Access Verification

Password:
R7>en
Password:
R7#exit

219
[Connection to 7.7.7.7 closed by foreign host]

R6#copy tftp://7.7.7.7/underlying-config null:


Accessing tftp://7.7.7.7/underlying-config...
Loading underlying-config from 7.7.7.7 (via FastEthernet1/0): !
[OK - 233 bytes]

233 bytes copied in 0.252 secs (925 bytes/sec)

R4#show policy-map interface fastEthernet 1/0 | inc Class|marked


Class-map: TELNET_CLASS (match-all)
Packets marked 34
Class-map: TFTP_CLASS (match-all)
Packets marked 4
Class-map: ICMP_CLASS (match-all)
Packets marked 20
Class-map: class-default (match-any)
Packets marked 8

R5#show policy-map interface fastEthernet 1/0 | inc Class|marked


Class-map: TELNET_CLASS (match-all)
Packets marked 27
Class-map: TFTP_CLASS (match-all)
Packets marked 0
Class-map: ICMP_CLASS (match-all)
Packets marked 20
Class-map: class-default (match-any)
Packets marked 8

As we can see the count appears, but for TFTP traffic its a one way as one of the
routers is acting as a server and the other one is acting as a client

Now, let us implement some queuing and policing


Let us focus on ICMP traffic, we will configure a 3 rate policer as below (as traffic is
leaving toward the MPLS backbone)

Conform action: transmit


Exceed action: set the MPLS EXP bit to 5
Violate action: drop

R1
class-map EXP_CLASS
match mpls experimental topmost 3

policy-map EXP_POLICY

220
class EXP_CLASS
police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-
transmit 5 violate-action drop

interface FastEthernet1/0
service-policy output EXP_POLICY

R1#sh policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy output: EXP_POLICY

Class-map: EXP_CLASS (match-all)


20 packets, 2440 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: mpls experimental topmost 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 20 packets, 2440 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 0 packets, 0 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps

Class-map: class-default (match-any)


56172 packets, 21716570 bytes
5 minute offered rate 2000 bps, drop rate 0000 bps
Match: any

Now, let us configure on the P router (R3) MQC in order to check for the policy we
configured

R3
class-map match-all PRECEDENCE_6
match mpls experimental topmost 6
class-map match-all PRECEDENCE_5
match mpls experimental topmost 5
class-map match-all PRECEDENCE_3
match mpls experimental topmost 3
class-map match-all PRECEDENCE_2
match mpls experimental topmost 2
class-map match-all PRECEDENCE_1
match mpls experimental topmost 1

221
policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6
class PRECEDENCE_5

interface FastEthernet1/0
ip address 192.1.13.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
service-policy input MATCH

Now , we will generate some traffic from R6 toward R7 (we will influence the size of
ICMP packets in order to see the dropped packets)

R6#ping 7.7.7.7 repeat 20 size 1600


Type escape sequence to abort.
Sending 20, 1600-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!.!!!.!!!.!!.!!!.!
Success rate is 75 percent (15/20), round-trip min/avg/max = 76/88/108 ms

R1#sh policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy output: EXP_POLICY

Class-map: EXP_CLASS (match-all)


40 packets, 33280 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: mpls experimental topmost 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 30 packets, 18060 bytes; actions:
transmit
exceeded 5 packets, 7610 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 5 packets, 7610 bytes; actions:
drop
conformed 1000 bps, exceeded 1000 bps, violated 1000 bps

Class-map: class-default (match-any)

222
17 packets, 6964 bytes
5 minute offered rate 2000 bps, drop rate 0000 bps
Match: any

R3#show policy-map interface fastEthernet 1/0 | inc Class|packets


Class-map: PRECEDENCE_1 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_2 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_3 (match-all)
40 packets, 18480 bytes
Class-map: PRECEDENCE_6 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_5 (match-all)
10 packets, 7820 bytes
Class-map: class-default (match-any)
10 packets, 725 bytes

As we can see the PRECEDENCE_5 class is counting

Now, let us move our policy toward the customer side (toward R5), R5 does not
understand EXP bit as the disposition happens at its PE router: R2, so how we will
apply the same policy and queuing mechanism? We will configure what so called
QoS groups

R2
class-map match-all INPUT_CLASS
match mpls experimental topmost 3

policy-map INPUT_POLICY
class INPUT_CLASS
set qos-group 3

interface FastEthernet1/0
service-policy input INPUT_POLICY

class-map match-all OUTPUT_CLASS


match qos-group 3

policy-map OUTPUT_POLICY
class OUTPUT_CLASS
police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-
transmit 5 violate-action drop

interface FastEthernet1/1

223
service-policy output OUTPUT_POLICY

R6#ping 7.7.7.7 repeat 20 size 1600


Type escape sequence to abort.
Sending 20, 1600-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!.!!.!!.!!.!!.!!!.
Success rate is 70 percent (14/20), round-trip min/avg/max = 64/87/128 ms

R1#sh policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy output: EXP_POLICY

Class-map: EXP_CLASS (match-all)


40 packets, 33280 bytes
5 minute offered rate 3000 bps, drop rate 1000 bps
Match: mpls experimental topmost 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 28 packets, 19156 bytes; actions:
transmit
exceeded 9 packets, 9558 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 3 packets, 4566 bytes; actions:
drop
conformed 2000 bps, exceeded 1000 bps, violated 1000 bps

Class-map: class-default (match-any)


25 packets, 10724 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any

R4#sh policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy output: MARK

Class-map: TELNET_CLASS (match-all)


0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TELNET
QoS Set
precedence 1
Packets marked 0

224
Class-map: TFTP_CLASS (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TFTP
QoS Set
precedence 2
Packets marked 0

Class-map: ICMP_CLASS (match-all)


40 packets, 32960 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ICMP
QoS Set
precedence 3
Packets marked 40

Class-map: class-default (match-any)


12 packets, 1380 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
QoS Set
precedence 6
Packets marked 2

R1#sh policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy output: EXP_POLICY

Class-map: EXP_CLASS (match-all)


40 packets, 33280 bytes
5 minute offered rate 3000 bps, drop rate 1000 bps
Match: mpls experimental topmost 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 28 packets, 19156 bytes; actions:
transmit
exceeded 9 packets, 9558 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 3 packets, 4566 bytes; actions:
drop
conformed 2000 bps, exceeded 1000 bps, violated 1000 bps

Class-map: class-default (match-any)


25 packets, 10724 bytes

225
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any

R2#sh policy-map interface fastEthernet 1/0


FastEthernet1/0

Service-policy input: INPUT_POLICY

Class-map: INPUT_CLASS (match-all)


54 packets, 29212 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: mpls experimental topmost 3
QoS Set
qos-group 3
Packets marked 54

Class-map: class-default (match-any)


33 packets, 2430 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any

R2#sh policy-map interface fastEthernet 1/1


FastEthernet1/1

Service-policy output: OUTPUT_POLICY

Class-map: OUTPUT_CLASS (match-all)


54 packets, 28996 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: qos-group 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 44 packets, 15452 bytes; actions:
transmit
exceeded 7 packets, 9074 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 3 packets, 4470 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps

Class-map: class-default (match-any)


16 packets, 1603 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any

226
Now, let us change the exceed action on R2

R2
policy-map OUTPUT_POLICY
class OUTPUT_CLASS
no police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-
transmit 5 violate-action drop
police 64000 conform-action transmit exceed-action set-prec-transmit 5 violate-
action drop

Configure R7 to catch PRECEDENCE_5

R7
class-map PRECEDENCE_5
match ip precedence 5

policy-map MATCH
class PRECEDENCE_5

R6#ping 7.7.7.7 repeat 20 size 1600


Type escape sequence to abort.
Sending 20, 1600-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!.!!!.!!.!!.!!!.!!
Success rate is 75 percent (15/20), round-trip min/avg/max = 60/93/148 ms

R2#sh policy-map interface fastEthernet 1/1


FastEthernet1/1

Service-policy output: OUTPUT_POLICY

Class-map: OUTPUT_CLASS (match-all)


104 packets, 54896 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: qos-group 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 44 packets, 16960 bytes; actions:
transmit
exceeded 6 packets, 8940 bytes; actions:
set-prec-transmit 5
violated 0 packets, 0 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps

Class-map: class-default (match-any)

227
47 packets, 4792 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any

R7#show policy-map interface fastEthernet 1/0 | inc Class|packet


Class-map: PRECEDENCE_1 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_2 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_3 (match-all)
44 packets, 16960 bytes
Class-map: PRECEDENCE_6 (match-all)
3 packets, 282 bytes
Class-map: PRECEDENCE_5 (match-all)
6 packets, 8940 bytes
Class-map: class-default (match-any)
0 packets, 0 bytes

228
MPLS EIGRP Backdoor Link
Network Diagram

S1/0
192.1.12.0/24
Lo0 R1 R2 Lo0
1.1.1.1/32 F1/0 AS 1 F1/0 2.2.2.2/32
192.1.13.0/24

192.1.24.0/24
F1/1 F1/1

F1/0 F1/0

Lo0
Lo0 R3 R4
S2/0 S2/0 5.5.5.5/32
3.3.3.3/32 192.1.34.0/24

Configuratioons

VRF Configuration

R1
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1

interface FastEthernet1/1
ip vrf forwarding MSSK
ip address 192.1.13.1 255.255.255.0

R2
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1

interface FastEthernet1/1
ip vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

IGP Configuration

R1
router ospf 1

229
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0

MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int f1/0
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f1/0
mpls ip

MP-BGP Configuration

R1
router bgp 1
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source Loopback0

address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both

R2
router bgp 1
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 update-source Loopback0

address-family vpnv4

230
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both

CE-PE routing Configuration

R1
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
network 192.1.13.1 0.0.0.0

R3
router eigrp 100
network 3.3.3.3 0.0.0.0
network 192.1.13.3 0.0.0.0
network 192.1.34.3 0.0.0.0

R2
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
network 192.1.24.2 0.0.0.0

R4
router eigrp 100
network 4.4.4.4 0.0.0.0
network 192.1.24.4 0.0.0.0
network 192.1.34.4 0.0.0.0

VPN Configuration

R1
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
redistribute bgp 1 metric 1 1 1 1 1

router bgp 1
address-family ipv4 vrf MSSK
redistribute eigrp 100

R2
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
redistribute bgp 1 metric 1 1 1 1 1

router bgp 1
address-family ipv4 vrf MSSK

231
redistribute eigrp 100

Verifications

R1#sh bgp vpnv4 unicast all


BGP table version is 27, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*> 3.3.3.3/32 192.1.13.3 156160 32768 ?
*>i 4.4.4.4/32 2.2.2.2 156160 100 0?
r>i 192.1.13.0 2.2.2.2 2174976 100 0?
*>i 192.1.24.0 2.2.2.2 0 100 0?
*> 192.1.34.0 192.1.13.3 2172416 32768 ?
*i 2.2.2.2 2172416 100 0?
*>i 192.1.34.3/32 2.2.2.2 2172416 100 0?
*> 192.1.34.4/32 192.1.13.3 2172416 32768 ?

R2#sh bgp vpnv4 unicast all


BGP table version is 25, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 3.3.3.3/32 1.1.1.1 156160 100 0?
*> 4.4.4.4/32 192.1.24.4 156160 32768 ?
*> 192.1.13.0 192.1.24.4 2174976 32768 ?
*> 192.1.24.0 0.0.0.0 0 32768 ?
* i 192.1.34.0 1.1.1.1 2172416 100 0?
*> 192.1.24.4 2172416 32768 ?
*> 192.1.34.3/32 192.1.24.4 2172416 32768 ?
*>i 192.1.34.4/32 1.1.1.1 2172416 100 0?

R3#sh ip route eigrp


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

232
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

4.0.0.0/32 is subnetted, 1 subnets


D 4.4.4.4 [90/158720] via 192.1.13.1, 00:31:08, FastEthernet1/0
D 192.1.24.0/24 [90/30720] via 192.1.13.1, 00:31:08, FastEthernet1/0

R4#sh ip route eigrp


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

3.0.0.0/32 is subnetted, 1 subnets


D 3.3.3.3 [90/158720] via 192.1.24.2, 00:31:13, FastEthernet1/0
D 192.1.13.0/24 [90/2172416] via 192.1.34.3, 00:31:26, Serial2/0

R3#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/40/72 ms

R3#traceroute 4.4.4.4 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.13.1 20 msec 8 msec 4 msec
2 192.1.24.2 [MPLS: Label 18 Exp 0] 16 msec 8 msec 8 msec
3 192.1.24.4 12 msec * 12 msec

R4#ping 3.3.3.3 source lo0

233
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/17/24 ms

R4#traceroute 3.3.3.3 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 3.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.24.2 4 msec 44 msec 8 msec
2 192.1.13.1 [MPLS: Label 23 Exp 0] 20 msec 16 msec 12 msec
3 192.1.13.3 24 msec * 16 msec

A potential loop may arise when using EIGRP as the PE-CE routing protocol and a
backdoor link in place, what solve these potential loops is site of origin feature
We configure it via a route-map and apply it on the PE-CE interface

R1
route-map SOO_MAP permit 10
set extcommunity soo 100:1

int f1/1
ip vrf sitemap SOO_MAP

R2
route-map SOO_MAP permit 10
set extcommunity soo 100:1

int f1/1
ip vrf sitemap SOO_MAP

R1#sh bgp vpnv4 unicast all 3.3.3.3


BGP routing table entry for 100:1:3.3.3.3/32, version 35
Paths: (1 available, best #1, table MSSK)
Advertised to update-groups:
1
Refresh Epoch 1
Local
192.1.13.3 from 0.0.0.0 (1.1.1.1)
Origin incomplete, metric 156160, localpref 100, weight 32768, valid, sourced,
best
Extended Community: SoO:100:1 RT:100:1 Cost:pre-bestpath:128:156160
0x8800:32768:0 0x8801:100:130560 0x8802:65281:25600
0x8803:65281:1500

234
0x8806:0:50529027
mpls labels in/out 21/nolabel
rx pathid: 0, tx pathid: 0x0

R1#sh bgp vpnv4 unicast all 4.4.4.4


BGP routing table entry for 100:1:4.4.4.4/32, version 23
Paths: (1 available, best #1, table MSSK)
Advertised to update-groups:
3
Refresh Epoch 1
Local
192.1.13.3 from 0.0.0.0 (1.1.1.1)
Origin incomplete, metric 2300416, localpref 100, weight 32768, valid,
sourced, best
Extended Community: SoO:100:1 RT:100:1
Cost:pre-bestpath:128:2300416 (default-2145183231) 0x8800:32768:0
0x8801:100:642560 0x8802:65282:1657856 0x8803:65281:1500
0x8806:0:67372036
mpls labels in/out 23/nolabe

235
MPLS BGP Soo
Network Diagram

MPLS Backbone R5 F0/1


OSPF Area 0 F0/0 F0/0
R2
S0/0

P2 203

FRSW

P3 302

IBGP
F0/0 S0/0
Lo0 3.3.3.3/32
Lo0 1.1.1.1/32 R1 R3
F0/1 F1/0 F0/0

F0/0 F0/0 F0/0


R4 R7 R6
RIP
Domain

VRF VRF VRF


RED RED RED

Configurations

VRF Configuration

R1
ip vrf RED
rd 100:1
route-target export 100:1
route-target import 100:1

int f0/1
ip vrf forwarding RED

236
ip address 192.1.14.1 255.255.255.0

int f1/0
ip vrf forwarding RED
ip address 192.1.17.1 255.255.255.0

R3
ip vrf RED
rd 100:1
route-target export 100:1
route-target import 100:1

int f0/0
ip vrf forwarding RED
ip address 192.1.36.3 255.255.255.0

IGP Configuration

R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0

R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0

237
MPLS LDP Configuration

R1
mpls label protocol ldp
mpls ldp router-id lo0 force

int f0/0
mpls ip

R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s0/0
mpls ip

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int s0/0
mpls ip

R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force

int f0/0
mpls ip

int f0/1
mpls ip

MP-BGP Configuration

R1
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both

238
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both

CE-PE routing Configuration

R1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 remote-as 200
neighbor 192.1.14.4 activate
neighbor 192.1.17.7 remote-as 200
neighbor 192.1.17.7 activate

R4
router bgp 200
neighbor 192.1.14.1 remote-as 100
network 4.4.4.4 mask 255.255.255.255

router rip
version 2
no auto-summary
network 192.1.47.4
network 7.7.7.7

R7
router bgp 200
neighbor 192.1.17.1 remote-as 100
network 7.7.7.7 mask 255.255.255.255

router rip
version 2
no auto-summary
network 192.1.47.7
network 7.7.7.7

R3
address-family ipv4 vrf RED
neighbor 192.1.36.6 remote-as 200
neighbor 192.1.36.6 activate

239
R6
router bgp 200
neighbor 192.1.36.3 remote-as 100
network 6.6.6.6 mask 255.255.255.255

Verifications

R1#show ip bgp vpnv4 all summary


BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 5, main routing table version 5
3 network entries using 420 bytes of memory
3 path entries using 204 bytes of memory
4/2 BGP path/bestpath attribute entries using 496 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 1232 total bytes of memory
BGP activity 3/0 prefixes, 3/0 paths, scan interval 15 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


3.3.3.3 4 100 31 32 5 0 0 00:27:13 1
192.1.14.4 4 200 19 20 5 0 0 00:14:04 1
192.1.17.7 4 200 18 20 5 0 0 00:13:39 1

R3#show ip bgp vpnv4 all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 6, main routing table version 6
3 network entries using 420 bytes of memory
3 path entries using 204 bytes of memory
4/2 BGP path/bestpath attribute entries using 496 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 1232 total bytes of memory
BGP activity 3/0 prefixes, 3/0 paths, scan interval 15 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


1.1.1.1 4 100 32 31 6 0 0 00:27:27 2
192.1.36.6 4 200 18 18 6 0 0 00:13:08 1

240
R4#sh ip bgp summary
BGP router identifier 4.4.4.4, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 452 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


192.1.14.1 4 100 20 19 2 0 0 00:14:34 0

R6#sh ip bgp summary


BGP router identifier 6.6.6.6, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 452 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


192.1.36.3 4 100 18 18 2 0 0 00:13:35 0

R7#sh ip bgp summary


BGP router identifier 7.7.7.7, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 452 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


192.1.17.1 4 100 21 19 2 0 0 00:14:30 0

241
As we can see that neither of the CEs can receive the loopback of any other CEs
(which is advertised in BGP) why?
The reason behind that is that the bgp speaker will not accept a route with its own
AS number (which is 200 in our case)
The ways to solve this issue is:

BGP AS-Override
BGP AllowAS-in

We will go with AS-Override; the configuration will be applied on the PE towards the
CE under the address-family ipv4 configuration mode

R1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 as-override
neighbor 192.1.17.7 as-override

R3
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.36.6 as-override

R4#sh ip bgp
BGP table version is 8, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


*> 4.4.4.4/32 0.0.0.0 0 32768 i
*> 6.6.6.6/32 192.1.14.1 0 100 100 i
*> 7.7.7.7/32 192.1.14.1 0 100 100 i

R6#sh ip bgp
BGP table version is 4, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


*> 4.4.4.4/32 192.1.36.3 0 100 100 i
*> 6.6.6.6/32 0.0.0.0 0 32768 i
*> 7.7.7.7/32 192.1.36.3 0 100 100 i

242
R7#sh ip bgp
BGP table version is 6, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path


*> 4.4.4.4/32 192.1.17.1 0 100 100 i
*> 6.6.6.6/32 192.1.17.1 0 100 100 i
*> 7.7.7.7/32 0.0.0.0 0 32768 i

Now , the SOO community is used in MPLS networks to prevent looping between
the PEs , when a PE advertise a route to its neighbor PE that is attached with a soo
community that matches the same rd configured under the ip vrf configuration
mode , it will not advertise it to its CE

R1
route-map SOO permit 10
set extcommunity soo 100:1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 route-map SOO in
neighbor 192.1.17.7 route-map SOO in

R1#sh ip bgp vpnv4 vrf RED 6.6.6.6


BGP routing table entry for 100:1:6.6.6.6/32, version 12
Paths: (1 available, best #1, table RED)
Advertised to update-groups:
2 3
200
3.3.3.3 (metric 67) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:100:1
mpls labels in/out nolabel/22

R1#sh ip bgp vpnv4 vrf RED 4.4.4.4


BGP routing table entry for 100:1:4.4.4.4/32, version 7
Paths: (1 available, best #1, table RED)
Advertised to update-groups:
1 2
200
192.1.14.4 from 192.1.14.4 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, external, best
Extended Community: RT:100:1
mpls labels in/out 22/nolabel

243
Full scale Lab
Network Diagram

Initrial Configurations

R1
hostname R1

interface Loopback0
ip address 192.168.1.1 255.255.255.255
ipv6 address 2001:DB8::1/128

interface FastEthernet1/0
ip address 192.1.12.1 255.255.255.0
speed 100
duplex full
ipv6 address 2001:DB8:12::1/64
no shut

R2
hostname R2

interface Loopback0

244
ip address 2.2.2.2 255.255.255.255

interface FastEthernet1/0
ip address 192.1.12.2 255.255.255.0
speed 100
duplex full
ipv6 address 2001:DB8:12::2/64
no shut

interface FastEthernet1/1
ip address 192.1.23.2 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet2/0
ip address 192.1.25.2 255.255.255.0
speed 100
duplex full
no shut

R3
hostname R3

interface Loopback0
ip address 3.3.3.3 255.255.255.255

interface FastEthernet1/0
no ip address
speed 100
duplex full
no shut

interface FastEthernet1/1
ip address 192.1.23.3 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet2/0
ip address 192.1.34.3 255.255.255.0
speed 100
duplex full
no shut

245
interface FastEthernet2/1
ip address 192.1.35.3 255.255.255.0
speed 100
duplex full
no shut

R4
hostname R4

interface Loopback0
ip address 4.4.4.4 255.255.255.255

interface FastEthernet1/0
ip address 192.1.34.4 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet1/1
ip address 192.1.45.4 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet2/0
ip address 192.1.40.4 255.255.255.0
speed 100
duplex full
no shut

interface Serial3/0
no ip address
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut

R5
hostname R5

interface Loopback0
ip address 5.5.5.5 255.255.255.255

interface FastEthernet1/0
ip address 192.1.56.5 255.255.255.0

246
speed 100
duplex full
no shut

interface FastEthernet1/1
ip address 192.1.25.5 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet2/0
ip address 192.1.45.5 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet2/1
ip address 192.1.35.5 255.255.255.0
speed 100
duplex full
no shut

R6
hostname R6

interface Loopback0
ip address 172.16.6.6 255.255.255.255

interface FastEthernet1/0
ip address 192.1.56.6 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet1/1
ip address 192.1.67.6 255.255.255.0
speed 100
duplex full
no shut

R7
hostname R7

interface Loopback0
ip address 10.7.7.7 255.255.255.255

247
interface FastEthernet1/0
ip address 192.1.67.7 255.255.255.0
speed 100
duplex full
no shut

R8
hostname R8

interface Serial1/0
ip address 192.1.89.8 255.255.255.0
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut

R9
hostname R9

interface FastEthernet1/0
ip address 192.1.89.9 255.255.255.0
speed 100
duplex full
no shut

GW
hostname Gw

interface FastEthernet1/0
ip address 192.1.40.10 255.255.255.0
speed 100
duplex full
no shut

interface FastEthernet1/1
ip address 192.1.100.10 255.255.255.0
speed 100
duplex full
no shut

248
Configure ISIS as the IGP inside AS 100 and make sure all circuits are
level-2 circuits

R2
interface FastEthernet1/1
ip router isis 1

interface FastEthernet2/0
ip router isis 1

router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0

R3
interface FastEthernet1/1
ip router isis 1

interface FastEthernet2/0
ip router isis 1

interface FastEthernet2/1
ip router isis 1

router isis 1
net 49.0001.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0

R4
interface FastEthernet1/0
ip router isis 1

interface FastEthernet1/1
ip router isis 1

router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0

R5
interface FastEthernet1/1
ip router isis 1

249
interface FastEthernet2/0
ip router isis 1

interface FastEthernet2/1
ip router isis 1

router isis 1
net 49.0001.0000.0000.0005.00
is-type level-2-only
passive-interface Loopback0

R2#show isis neighbors

Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L2 Fa1/1 192.1.23.3 UP 8 R3.01
R5 L2 Fa2/0 192.1.25.5 UP 7 R5.01

R2#show clns neighbors


Tag 1:
System Id Interface SNPA State Holdtime Type Protocol
R3 Fa1/1 ca02.270a.001d Up 9 L2 IS-IS
R5 Fa2/0 ca04.270a.001d Up 8 L2 IS-IS

R2#sh ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

3.0.0.0/32 is subnetted, 1 subnets


i L2 3.3.3.3 [115/10] via 192.1.23.3, 00:01:39, FastEthernet1/1
4.0.0.0/32 is subnetted, 1 subnets
i L2 4.4.4.4 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0
[115/20] via 192.1.23.3, 00:01:29, FastEthernet1/1
5.0.0.0/32 is subnetted, 1 subnets
i L2 5.5.5.5 [115/10] via 192.1.25.5, 00:01:29, FastEthernet2/0
i L2 192.1.34.0/24 [115/20] via 192.1.23.3, 00:01:39, FastEthernet1/1

250
i L2 192.1.35.0/24 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0
[115/20] via 192.1.23.3, 00:01:29, FastEthernet1/1
i L2 192.1.45.0/24 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0

R3#show isis neighbors

Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R2 L2 Fa1/1 192.1.23.2 UP 29 R3.01
R4 L2 Fa2/0 192.1.34.4 UP 8 R4.01
R5 L2 Fa2/1 192.1.35.5 UP 8 R5.03

R3#show clns neighbors


Tag 1:
System Id Interface SNPA State Holdtime Type Protocol
R2 Fa1/1 ca01.270a.001d Up 24 L2 IS-IS
R4 Fa2/0 ca03.270a.001c Up 7 L2 IS-IS
R5 Fa2/1 ca04.270a.0039 Up 7 L2 IS-IS

R3#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

2.0.0.0/32 is subnetted, 1 subnets


i L2 2.2.2.2 [115/10] via 192.1.23.2, 00:02:00, FastEthernet1/1
4.0.0.0/32 is subnetted, 1 subnets
i L2 4.4.4.4 [115/10] via 192.1.34.4, 00:01:50, FastEthernet2/0
5.0.0.0/32 is subnetted, 1 subnets
i L2 5.5.5.5 [115/10] via 192.1.35.5, 00:01:40, FastEthernet2/1
i L2 192.1.25.0/24 [115/20] via 192.1.35.5, 00:01:40, FastEthernet2/1
[115/20] via 192.1.23.2, 00:01:40, FastEthernet1/1
i L2 192.1.45.0/24 [115/20] via 192.1.35.5, 00:01:40, FastEthernet2/1
[115/20] via 192.1.34.4, 00:01:40, FastEthernet2/0

R4#show isis neighbors

Tag 1:

251
System Id Type Interface IP Address State Holdtime Circuit Id
R3 L2 Fa1/0 192.1.34.3 UP 22 R4.01
R5 L2 Fa1/1 192.1.45.5 UP 7 R5.02

R4#show clns neighbors


Tag 1:
System Id Interface SNPA State Holdtime Type Protocol
R3 Fa1/0 ca02.270a.0038 Up 28 L2 IS-IS
R5 Fa1/1 ca04.270a.0038 Up 7 L2 IS-IS

R4#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

2.0.0.0/32 is subnetted, 1 subnets


i L2 2.2.2.2 [115/20] via 192.1.45.5, 00:02:02, FastEthernet1/1
[115/20] via 192.1.34.3, 00:02:02, FastEthernet1/0
3.0.0.0/32 is subnetted, 1 subnets
i L2 3.3.3.3 [115/10] via 192.1.34.3, 00:02:12, FastEthernet1/0
5.0.0.0/32 is subnetted, 1 subnets
i L2 5.5.5.5 [115/10] via 192.1.45.5, 00:02:02, FastEthernet1/1
i L2 192.1.23.0/24 [115/20] via 192.1.34.3, 00:02:12, FastEthernet1/0
i L2 192.1.25.0/24 [115/20] via 192.1.45.5, 00:02:02, FastEthernet1/1
i L2 192.1.35.0/24 [115/20] via 192.1.45.5, 00:02:02, FastEthernet1/1
[115/20] via 192.1.34.3, 00:02:02, FastEthernet1/0

R5#show isis neighbors

Tag 1:
System Id Type Interface IP Address State Holdtime Circuit Id
R2 L2 Fa1/1 192.1.25.2 UP 21 R5.01
R3 L2 Fa2/1 192.1.35.3 UP 23 R5.03
R4 L2 Fa2/0 192.1.45.4 UP 24 R5.02

R5#show clns neighbors


Tag 1:
System Id Interface SNPA State Holdtime Type Protocol

252
R2 Fa1/1 ca01.270a.0038 Up 28 L2 IS-IS
R3 Fa2/1 ca02.270a.0039 Up 28 L2 IS-IS
R4 Fa2/0 ca03.270a.001d Up 21 L2 IS-IS

R5#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

2.0.0.0/32 is subnetted, 1 subnets


i L2 2.2.2.2 [115/10] via 192.1.25.2, 00:02:26, FastEthernet1/1
3.0.0.0/32 is subnetted, 1 subnets
i L2 3.3.3.3 [115/10] via 192.1.35.3, 00:02:26, FastEthernet2/1
4.0.0.0/32 is subnetted, 1 subnets
i L2 4.4.4.4 [115/10] via 192.1.45.4, 00:02:26, FastEthernet2/0
i L2 192.1.23.0/24 [115/20] via 192.1.35.3, 00:02:26, FastEthernet2/1
[115/20] via 192.1.25.2, 00:02:26, FastEthernet1/1
i L2 192.1.34.0/24 [115/20] via 192.1.45.4, 00:02:26, FastEthernet2/0
[115/20] via 192.1.35.3, 00:02:26, FastEthernet2/1

Enable MPLS on all transit links in AS 100 (use minimum commands)

R2 R5
router isis 1
mpls ldp autoconfig

R2#show mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.63778 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 15/14; Downstream
Up time: 00:01:55
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 192.1.35.3 3.3.3.3
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 2.2.2.2:0
TCP connection: 5.5.5.5.44091 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 15/14; Downstream

253
Up time: 00:01:53
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.25.5
Addresses bound to peer LDP Ident:
192.1.56.5 192.1.25.5 192.1.45.5 192.1.35.5
5.5.5.5

R2#show mpls interfaces


Interface IP Tunnel BGP Static Operational
FastEthernet1/1 Yes (ldp) No No No Yes
FastEthernet2/0 Yes (ldp) No No No Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 3.3.3.3:0
TCP connection: 2.2.2.2.646 - 3.3.3.3.63778
State: Oper; Msgs sent/rcvd: 14/15; Downstream
Up time: 00:02:11
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.23.2
Addresses bound to peer LDP Ident:
192.1.12.2 192.1.23.2 192.1.25.2 2.2.2.2
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 3.3.3.3:0
TCP connection: 4.4.4.4.40632 - 3.3.3.3.646
State: Oper; Msgs sent/rcvd: 14/14; Downstream
Up time: 00:02:10
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.34.4
Addresses bound to peer LDP Ident:
192.1.34.4 192.1.45.4 4.4.4.4
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 3.3.3.3:0
TCP connection: 5.5.5.5.49471 - 3.3.3.3.646
State: Oper; Msgs sent/rcvd: 14/15; Downstream
Up time: 00:02:09
LDP discovery sources:
FastEthernet2/1, Src IP addr: 192.1.35.5
Addresses bound to peer LDP Ident:
192.1.56.5 192.1.25.5 192.1.45.5 192.1.35.5
5.5.5.5

R3#show mpls interfaces


Interface IP Tunnel BGP Static Operational
FastEthernet1/1 Yes (ldp) No No No Yes
FastEthernet2/0 Yes (ldp) No No No Yes
FastEthernet2/1 Yes (ldp) No No No Yes

254
R4#show mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 4.4.4.4:0
TCP connection: 3.3.3.3.646 - 4.4.4.4.40632
State: Oper; Msgs sent/rcvd: 14/14; Downstream
Up time: 00:02:22
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 192.1.35.3 3.3.3.3
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 4.4.4.4:0
TCP connection: 5.5.5.5.28271 - 4.4.4.4.646
State: Oper; Msgs sent/rcvd: 14/15; Downstream
Up time: 00:02:21
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.45.5
Addresses bound to peer LDP Ident:
192.1.56.5 192.1.25.5 192.1.45.5 192.1.35.5
5.5.5.5

R4#show mpls interfaces


Interface IP Tunnel BGP Static Operational
FastEthernet1/0 Yes (ldp) No No No Yes
FastEthernet1/1 Yes (ldp) No No No Yes

R5#show mpls ldp neighbor


Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 5.5.5.5:0
TCP connection: 2.2.2.2.646 - 5.5.5.5.44091
State: Oper; Msgs sent/rcvd: 15/15; Downstream
Up time: 00:02:33
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.25.2
Addresses bound to peer LDP Ident:
192.1.12.2 192.1.23.2 192.1.25.2 2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 5.5.5.5:0
TCP connection: 3.3.3.3.646 - 5.5.5.5.49471
State: Oper; Msgs sent/rcvd: 16/14; Downstream
Up time: 00:02:33
LDP discovery sources:
FastEthernet2/1, Src IP addr: 192.1.35.3
Addresses bound to peer LDP Ident:
192.1.23.3 192.1.34.3 192.1.35.3 3.3.3.3
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 5.5.5.5:0
TCP connection: 4.4.4.4.646 - 5.5.5.5.28271
State: Oper; Msgs sent/rcvd: 15/15; Downstream
Up time: 00:02:33

255
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.45.4
Addresses bound to peer LDP Ident:
192.1.34.4 192.1.45.4 4.4.4.4

R5#show mpls interfaces


Interface IP Tunnel BGP Static Operational
FastEthernet1/1 Yes (ldp) No No No Yes
FastEthernet2/0 Yes (ldp) No No No Yes
FastEthernet2/1 Yes (ldp) No No No Yes

Configure VRF MSSK on R2, R5 with an RD value of 100:1 and


import/export values of the same, and assign the appropriate interfaces to
it

R2
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
exit-address-family

int f1/0
vrf forwarding MSSK
ip address 192.1.12.2 255.255.255.0
ipv6 address 2001:DB8:12::2/64

R5
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
exit-address-family

int f1/0
vrf forwarding MSSK
ip address 192.1.56.5 255.255.255.0

R2#sh ip vrf
Name Default RD Interfaces
MSSK 100:1 Fa1/0

R5#sh ip vrf

256
Name Default RD Interfaces
MSSK 100:1 Fa1/0

Configure BGP VPNv4 peering with R4 is acting as a route reflector

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended

R3
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended

R4
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source Loopback0

address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
neighbor 2.2.2.2 route-reflector-client
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
neighbor 3.3.3.3 route-reflector-client
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
neighbor 5.5.5.5 route-reflector-client

257
R5
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended

R2#show bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
4.4.4.4 4 100 3 2 1 0 0 00:00:55 0

R3#show bgp vpnv4 unicast all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
4.4.4.4 4 100 3 4 1 0 0 00:01:05 0

R4#show bgp vpnv4 unicast all summary


BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
2.2.2.2 4 100 3 4 1 0 0 00:01:11 0
3.3.3.3 4 100 4 4 1 0 0 00:01:07 0
5.5.5.5 4 100 2 4 1 0 0 00:00:51 0

R5#show bgp vpnv4 unicast all summary


BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
4.4.4.4 4 100 4 2 1 0 0 00:00:52 0

Configure OSPF PID 100 as the PE-CE routing protocol between R6-R7 and
R5 (noting that R5-R6 resides in Area 0 , R6-R7 resides in Area 1 and R7

258
lo0 is part of Area 2), EIGRP AS 1 as the PE-CE routing protocol between
R1 and R2

R1
router eigrp 1
no auto-summary
network 192.1.12.1 0.0.0.0
network 192.168.1.1 0.0.0.0

R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
network 192.1.12.2 0.0.0.0
no auto-summary

R6
router ospf 100
router-id 6.6.6.6
area 1 virtual-link 7.7.7.7
network 172.16.6.6 0.0.0.0 area 0
network 192.1.56.6 0.0.0.0 area 0
network 192.1.67.6 0.0.0.0 area 1

R7
router ospf 100
router-id 7.7.7.7
area 1 virtual-link 6.6.6.6
network 10.7.7.7 0.0.0.0 area 2
network 192.1.67.7 0.0.0.0 area 1

R5
router ospf 100 vrf MSSK
network 192.1.56.5 0.0.0.0 area 0

R1#sh ip eigrp neighbors


EIGRP-IPv4 Neighbors for AS(1)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.1.12.2 Fa1/0 10 00:00:28 8 100 0 3

R2#sh ip eigrp vrf MSSK neighbors


EIGRP-IPv4 Neighbors for AS(1) VRF(MSSK)
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 192.1.12.1 Fa1/0 10 00:00:46 20 120 0 2

259
R5#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


6.6.6.6 1 FULL/BDR 00:00:38 192.1.56.6 FastEthernet1/0

R6#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


192.1.56.5 1 FULL/DR 00:00:38 192.1.56.5 FastEthernet1/0
7.7.7.7 0 FULL/ - 00:00:35 192.1.67.7 OSPF_VL0
7.7.7.7 1 FULL/DR 00:00:38 192.1.67.7 FastEthernet1/1

R7#sh ip ospf neighbor

Neighbor ID Pri State Dead Time Address Interface


6.6.6.6 0 FULL/ - 00:00:26 192.1.67.6 OSPF_VL0
6.6.6.6 1 FULL/BDR 00:00:31 192.1.67.6 FastEthernet1/0

R2#sh ip route vrf MSSK eigrp

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

192.168.1.0/32 is subnetted, 1 subnets


D 192.168.1.1 [90/156160] via 192.1.12.1, 00:02:21, FastEthernet1/0
R2#ping vrf MSSK 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

R5#sh ip route vrf MSSK ospf

Routing Table: MSSK


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

260
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets


O IA 10.7.7.7 [110/3] via 192.1.56.6, 00:01:20, FastEthernet1/0
172.16.0.0/32 is subnetted, 1 subnets
O 172.16.6.6 [110/2] via 192.1.56.6, 00:01:35, FastEthernet1/0
O IA 192.1.67.0/24 [110/2] via 192.1.56.6, 00:01:35, FastEthernet1/0

R5#ping vrf MSSK 172.16.6.6


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms

R5#ping vrf MSSK 10.7.7.7


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 ms

Configure the necessary in order to achieve connectivity from R1 to R6 and


R7

R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
redistribute bgp 100 metric 10000 1000 255 1 1500

router bgp 100


address-family ipv4 vrf MSSK
redistribute eigrp 1

R5
router ospf 100 vrf MSSK
redistribute bgp 100 subnets

router bgp 100

261
address-family ipv4 vrf MSSK
redistribute ospf 100

R2#show bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 10, main routing table version 10
5 network entries using 780 bytes of memory
5 path entries using 400 bytes of memory
5/5 BGP path/bestpath attribute entries using 720 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
3 BGP extended community entries using 330 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2254 total bytes of memory
BGP activity 5/0 prefixes, 5/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
4.4.4.4 4 100 18 15 10 0 0 00:10:39 4

R2#show bgp vpnv4 unicast all


BGP table version is 10, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 10.7.7.7/32 5.5.5.5 3 100 0?
*>i 172.16.6.6/32 5.5.5.5 2 100 0?
*>i 192.1.56.0 5.5.5.5 0 100 0?
*>i 192.1.67.0 5.5.5.5 2 100 0?
*> 192.168.1.1/32 192.1.12.1 156160 32768 ?

R5#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path

262
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 10.7.7.7/32 192.1.56.6 3 32768 ?
*> 172.16.6.6/32 192.1.56.6 2 32768 ?
*> 192.1.56.0 0.0.0.0 0 32768 ?
*> 192.1.67.0 192.1.56.6 2 32768 ?
*>i 192.168.1.1/32 2.2.2.2 156160 100 0?

R1#sh ip route eigrp


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets


D EX 10.7.7.7 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0
172.16.0.0/32 is subnetted, 1 subnets
D EX 172.16.6.6 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0
D EX 192.1.56.0/24 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0
D EX 192.1.67.0/24 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0

R1#ping 10.7.7.7 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/36 ms

R1#ping 172.16.6.6 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.6, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms

R6#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2

263
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

10.0.0.0/32 is subnetted, 1 subnets


O IA 10.7.7.7 [110/2] via 192.1.67.7, 00:04:50, FastEthernet1/1
192.168.1.0/32 is subnetted, 1 subnets
O E2 192.168.1.1 [110/1] via 192.1.56.5, 00:01:13, FastEthernet1/0

R6#ping 10.7.7.7 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 172.16.6.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/8 ms

R6#ping 192.168.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.6.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/12/16 ms

R7#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is not set

172.16.0.0/32 is subnetted, 1 subnets


O 172.16.6.6 [110/2] via 192.1.67.6, 00:05:09, FastEthernet1/0
O 192.1.56.0/24 [110/2] via 192.1.67.6, 00:05:09, FastEthernet1/0
192.168.1.0/32 is subnetted, 1 subnets
O E2 192.168.1.1 [110/1] via 192.1.67.6, 00:01:38, FastEthernet1/0
R7#ping 172.16.6.6 source lo0

264
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.6, timeout is 2 seconds:
Packet sent with a source address of 10.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms

R7#ping 192.168.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms

R1#traceroute 172.16.6.6 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 172.16.6.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.12.2 8 msec 4 msec 4 msec
2 192.1.56.5 [MPLS: Label 22 Exp 0] 8 msec 8 msec 8 msec
3 192.1.56.6 12 msec * 8 msec

R1#traceroute 10.7.7.7 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 10.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.12.2 4 msec 4 msec 0 msec
2 192.1.56.5 [MPLS: Label 21 Exp 0] 8 msec 8 msec 8 msec
3 192.1.56.6 12 msec 12 msec 12 msec
4 192.1.67.7 24 msec * 16 msec

R6#traceroute 192.168.1.1 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.56.5 4 msec 4 msec 8 msec
2 192.1.12.2 [MPLS: Label 22 Exp 0] 8 msec 8 msec 8 msec
3 192.1.12.1 12 msec * 12 msec

R7#traceroute 192.168.1.1 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.67.6 4 msec 0 msec 4 msec
2 192.1.56.5 8 msec 8 msec 8 msec
3 192.1.12.2 [MPLS: Label 22 Exp 0] 16 msec 12 msec 12 msec

265
4 192.1.12.1 20 msec * 16 msec

Enable AS 100 for traffic engineering

R2
mpls traffic-eng tunnels

interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth

router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2

R3
mpls traffic-eng tunnels

interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet2/1
mpls traffic-eng tunnels
ip rsvp bandwidth

router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2

R4
mpls traffic-eng tunnels

interface FastEthernet1/0
mpls traffic-eng tunnels

266
ip rsvp bandwidth

interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth

router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2

R5
mpls traffic-eng tunnels

interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth

interface FastEthernet2/1
mpls traffic-eng tunnels
ip rsvp bandwidth

router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2

R2#sh ip rsvp interface


interface rsvp allocated i/f max flow max sub max VRF
Fa1/1 ena 0 75M 75M 0
Fa2/0 ena 0 75M 75M 0

R3#sh ip rsvp interface


interface rsvp allocated i/f max flow max sub max VRF
Fa1/1 ena 0 75M 75M 0
Fa2/0 ena 0 75M 75M 0
Fa2/1 ena 0 75M 75M 0

R4#sh ip rsvp interface


interface rsvp allocated i/f max flow max sub max VRF
Fa1/0 ena 0 75M 75M 0

267
Fa1/1 ena 0 75M 75M 0

R5#sh ip rsvp interface


interface rsvp allocated i/f max flow max sub max VRF
Fa1/1 ena 0 75M 75M 0
Fa2/0 ena 0 75M 75M 0
Fa2/1 ena 0 75M 75M 0

Configure MPLE-TE in such a way that traffic flow from R5 to R2 follow the
path R5 R4 R3 R2 and the traffic flow from R2 to R5 follow the poath
R2 R3 R4 R5

R2
ip explicit-path name TO_R5 enable
next-address 3.3.3.3
next-address 4.4.4.4
next-address 5.5.5.5

interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 5.5.5.5
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 explicit name TO_R5
tunnel mpls traffic-eng path-option 2 dynamic

R5
ip explicit-path name TO_R2 enable
next-address 4.4.4.4
next-address 3.3.3.3
next-address 2.2.2.2

interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 2.2.2.2
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 explicit name TO_R2
tunnel mpls traffic-eng path-option 2 dynamic

R2#show interfaces tun0 | inc line


Tunnel0 is up, line protocol is up

R5#show interfaces tun0 | inc line


Tunnel0 is up, line protocol is up

268
R2#show mpls traffic-eng tunnels summary
Signalling Summary:
LSP Tunnels Process: running
Passive LSP Listener: running
RSVP Process: running
Forwarding: enabled
Periodic reoptimization: every 3600 seconds, next in 3291 seconds
Periodic FRR Promotion: Not Running
Periodic auto-bw collection: every 300 seconds, next in 291 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1

P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0

R5#show mpls traffic-eng tunnels summary


Signalling Summary:
LSP Tunnels Process: running
Passive LSP Listener: running
RSVP Process: running
Forwarding: enabled
Periodic reoptimization: every 3600 seconds, next in 3211 seconds
Periodic FRR Promotion: Not Running
Periodic auto-bw collection: every 300 seconds, next in 211 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1

P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0

269
R2#show mpls traffic-eng tunnels

P2P TUNNELS/LSPs:

Name: R2_t0 (Tunnel0) Destination: 5.5.5.5


Status:
Admin: up Oper: up Path: valid Signalling: connected
path option 1, type explicit TO_R5 (Basis for Setup, path weight 30)
path option 2, type dynamic

Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled

InLabel : -
OutLabel : FastEthernet1/1, 21
Next Hop : 192.1.23.3
RSVP Signalling Info:
Src 2.2.2.2, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.23.2
Explicit Route: 192.1.23.3 192.1.34.3 192.1.34.4 192.1.45.4
192.1.45.5 5.5.5.5
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
History:
Tunnel:
Time since created: 3 minutes, 10 seconds
Time since path change: 3 minutes, 10 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 3 minutes, 10 seconds

LSP Tunnel R5_t0 is signalled, connection is up


InLabel : FastEthernet1/1, implicit-null
Prev Hop : 192.1.23.3

270
OutLabel : -
RSVP Signalling Info:
Src 5.5.5.5, Dst 2.2.2.2, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 2.2.2.2
Explicit Route: NONE
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits

P2MP TUNNELS:

P2MP SUB-LSPS:

R5#show mpls traffic-eng tunnels

P2P TUNNELS/LSPs:

Name: R5_t0 (Tunnel0) Destination: 2.2.2.2


Status:
Admin: up Oper: up Path: valid Signalling: connected
path option 1, type explicit TO_R2 (Basis for Setup, path weight 30)
path option 2, type dynamic

Config Parameters:
Bandwidth: 0 kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled

InLabel : -
OutLabel : FastEthernet2/0, 23
Next Hop : 192.1.45.4
RSVP Signalling Info:
Src 5.5.5.5, Dst 2.2.2.2, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.45.5
Explicit Route: 192.1.45.4 192.1.34.4 192.1.34.3 192.1.23.3
192.1.23.2 2.2.2.2

271
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
History:
Tunnel:
Time since created: 3 minutes, 25 seconds
Time since path change: 3 minutes, 24 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 3 minutes, 24 seconds

LSP Tunnel R2_t0 is signalled, connection is up


InLabel : FastEthernet2/0, implicit-null
Prev Hop : 192.1.45.4
OutLabel : -
RSVP Signalling Info:
Src 2.2.2.2, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 5.5.5.5
Explicit Route: NONE
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits

P2MP TUNNELS:

P2MP SUB-LSPS:

R1#traceroute 10.7.7.7 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 10.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.12.2 8 msec 4 msec 4 msec
2 192.1.23.3 [MPLS: Labels 21/21 Exp 0] 24 msec 20 msec 20 msec
3 192.1.34.4 [MPLS: Labels 22/21 Exp 0] 20 msec 20 msec 24 msec
4 192.1.56.5 [MPLS: Label 21 Exp 0] 20 msec 20 msec 16 msec
5 192.1.56.6 20 msec 20 msec 20 msec
6 192.1.67.7 24 msec * 24 msec

R7#traceroute 192.168.1.1 source lo0 numeric


Type escape sequence to abort.

272
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.67.6 4 msec 0 msec 4 msec
2 192.1.56.5 8 msec 8 msec 8 msec
3 192.1.45.4 [MPLS: Labels 23/22 Exp 0] 28 msec 24 msec 28 msec
4 192.1.34.3 [MPLS: Labels 22/22 Exp 0] 28 msec 24 msec 24 msec
5 192.1.12.2 [MPLS: Label 22 Exp 0] 36 msec 20 msec 20 msec
6 192.1.12.1 28 msec * 24 msec

Configure eBGP session between R4 and GW; make sure to advertise the
192.1.100.0 in BGP

R4
router bgp 100
neighbor 192.1.40.10 remote-as 200
address-family ipv4
neighbor 192.1.40.10 activate

GW
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.40.4 remote-as 100
address-family ipv4
network 192.1.100.0
neighbor 192.1.40.4 activate

R4#sh ip bgp summary


BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 2, main routing table version 2
1 network entries using 144 bytes of memory
1 path entries using 80 bytes of memory
1/1 BGP path/bestpath attribute entries using 136 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 330 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 714 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
192.1.40.10 4 200 5 4 2 0 0 00:00:12 1

R4#sh ip bgp
BGP table version is 2, local router ID is 4.4.4.4

273
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 192.1.100.0 192.1.40.10 0 0 200 i

Gw#sh ip bgp summary


BGP router identifier 192.1.100.10, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 144 bytes of memory
1 path entries using 80 bytes of memory
1/1 BGP path/bestpath attribute entries using 136 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 360 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down


State/PfxRcd
192.1.40.4 4 100 4 5 2 0 0 00:00:31 0

Gw#sh ip bgp
BGP table version is 2, local router ID is 192.1.100.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 192.1.100.0 0.0.0.0 0 32768 i

Gw#sh ip bgp neighbors 192.1.40.4 advertised-routes


BGP table version is 2, local router ID is 192.1.100.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 192.1.100.0 0.0.0.0 0 32768 i

274
Total number of prefixes 1

The subnet 30.40.50.0/24 has been reserved for customer traffic to reach
the subnet 192.1.100.0/24 via NAT, configure R4 to accomplish this

R4
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4

ip route 30.40.50.0 255.255.255.0 Null0


ip route vrf MSSK 0.0.0.0 0.0.0.0 192.1.40.10 global

ip access-list standard RFC


permit 10.0.0.0 0.255.255.255
permit 172.16.0.0 0.15.255.255
permit 192.168.0.0 0.0.0.255

ip nat pool POOL 30.40.50.0 30.40.50.255 prefix-length 24


ip nat inside source list RFC pool POOL vrf MSSK

router bgp 100


address-family ipv4
network 30.40.50.0 mask 255.255.255.0
address-family ipv4 vrf MSSK
network 0.0.0.0

interface FastEthernet1/0
ip nat inside

interface FastEthernet1/1
ip nat inside

interface FastEthernet2/0
ip nat outside

R2#show bgp vpnv4 unicast all


BGP table version is 24, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete

275
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 0.0.0.0 4.4.4.4 0 100 0i
*>i 10.7.7.7/32 5.5.5.5 3 100 0?
*>i 172.16.6.6/32 5.5.5.5 2 100 0?
*>i 192.1.56.0 5.5.5.5 0 100 0?
*>i 192.1.67.0 5.5.5.5 2 100 0?
*> 192.168.1.1/32 192.1.12.1 156160 32768 ?

R5#show bgp vpnv4 unicast all


BGP table version is 12, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 0.0.0.0 4.4.4.4 0 100 0i
*> 10.7.7.7/32 192.1.56.6 3 32768 ?
*> 172.16.6.6/32 192.1.56.6 2 32768 ?
*> 192.1.56.0 0.0.0.0 0 32768 ?
*> 192.1.67.0 192.1.56.6 2 32768 ?
*>i 192.168.1.1/32 2.2.2.2 156160 100 0?

R1#sh ip route eigrp


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

Gateway of last resort is 192.1.12.2 to network 0.0.0.0

D*EX 0.0.0.0/0 [170/514560] via 192.1.12.2, 00:00:50, FastEthernet1/0


10.0.0.0/32 is subnetted, 1 subnets
D EX 10.7.7.7 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
172.16.0.0/32 is subnetted, 1 subnets
D EX 172.16.6.6 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0

276
D EX 192.1.56.0/24 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
D EX 192.1.67.0/24 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0

R4#sh ip bgp neighbors 192.1.40.10 advertised-routes


BGP table version is 3, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path


*> 30.40.50.0/24 0.0.0.0 0 32768 i

Total number of prefixes 1

Configure L2VPN on R3 and R4 in order to achieve connectivity between R8


and R9

R3
pseudowire-class MSSK
encapsulation mpls
interworking ip

interface FastEthernet1/0
xconnect 4.4.4.4 89 encapsulation mpls pw-class MSSK

R4
pseudowire-class MSSK
encapsulation mpls
interworking ip

interface Serial3/0
xconnect 3.3.3.3 89 encapsulation mpls pw-class MSSK

R3#show mpls l2transport summary


Destination address: 4.4.4.4, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa2/0

R4#show mpls l2transport summary


Destination address: 3.3.3.3, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0

277
R8#ping 192.1.89.9
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.89.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/16 ms

R9#ping 192.1.89.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.89.8, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 12/15/20 ms

278