[go: up one dir, main page]
Scribd
Upload
259 views4 pages

MPLS VPN Setup Guide

This document provides a checklist for configuring MPLS VPNs with the following sections: 1. Configure foundational settings on provider routers like IP addresses, IGP routing, and MPLS. 2. Start MP-BGP on provider edge routers to exchange VPN routing information. 3. Create VRFs on provider edge routers and associate them with customer interfaces to segregate routing tables. 4. Configure routing protocols between provider and customer routers to exchange reachability information, and redistribute routes into BGP. 5. Miscellaneous tasks like hiding provider routers from traceroute and example topologies.

Uploaded by

velramsen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
259 views4 pages

MPLS VPN Setup Guide

This document provides a checklist for configuring MPLS VPNs with the following sections: 1. Configure foundational settings on provider routers like IP addresses, IGP routing, and MPLS. 2. Start MP-BGP on provider edge routers to exchange VPN routing information. 3. Create VRFs on provider edge routers and associate them with customer interfaces to segregate routing tables. 4. Configure routing protocols between provider and customer routers to exchange reachability information, and redistribute routes into BGP. 5. Miscellaneous tasks like hiding provider routers from traceroute and example topologies.

Uploaded by

velramsen
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

MPLS VPN Checklist

By Humphrey Cheung and the Southern California Router Gods Meetup Group (www.routergods.com)
Updated October 9 2010

Section I - Foundation

Provider router IP Addresses

Configure IP addresses and “no shut” on all provider router


interfaces
Verify next-hop reachability ping

Provider IGP (here we assume OSPF)

Configure an interior gateway routing protocol on all router ospf 1


provider routers network 0.0.0.0 0.0.0.0 area 0
Passive interface as needed (all interfaces pointed towards router ospf 1
customers) passive-interface fast 0/0
Verify provider edge to provider edge reachability ping

Provider MPLS

Start MPLS on provider router interfaces Int fast 0/0


DON’T start MPLS on interfaces facing the customer mpls ip
Verify MPLS neighbors and bindings show mpls ldp discovery
show mpls ldp neighbor
show mpls forwarding-table

Provider BGP

Configure basic BGP peering between provider edge router bgp 1


routers no bgp default ipv4-unicast
neighbor xxxxx remote-as 1
For single customer setups, you don’t need “no bgp default” neighbor xxxxx update-source loopback 0
Verify BGP peering show ip bgp summary
(if you used “no bgp default” then nothing will show)

Section II – Start MP-BGP on Provider Edge routers

Start MP-BGP on all necessary provider routers (config)# router bgp 1


(config-router)# address-family vpnv4
(config-router)# neighbor xxxx activate
(config-router)#neighbor xxxx next-hop-self
(config-router)# neighbor xxxx send-community extended
Verify MP-BGP show ip bgp neighbor xxxxx

Section III – VRF Configuration

Create VRFs on provider edge routers (config)# ip vrf CustA


(config-vrf)# rd 1:100
(config-vrf)# route-target export 1:10
(config-vrf)# route-target import 1:20
Start VRF forwarding on provider edge interfaces (config)# int fast 0/0
This associates the VRF with the interface (config-if)# ip vrf forwarding CustA
 Notice the IP is removed, you have to re-type it in (config-if)# ip address 172.16.10.1 255.255.255.0
Verify VRF creation show ip vrf detail
Section IV – Provider to Customer routing configuration

For Static routes, use this table

On PE routers, configure static route pointing to customer ip route vrf CustA 10.10.10.0 255.255.255.0 172.16.10.2
Redistribute static route into MP-BGP Router bgp 1
Address-family ipv4 vrf CustA
Redistribute connected
Redistribute static
Exit-address-family
Verify routes are in the vrf routing table show ip route vrf CustA
show bgp vpnv4 unicast all
show ip bgp vpnv4 rd 1:100
show ip bgp vpnv4 rd 1:100 labels

For RIP routes, use this table

On PE routers, configure vrf-aware RIP Router rip


Address-family ipv4 vrf CustA
For the network statement, you will include the link that Redistribute bgp 1 metric 2
connects to the customer Network x.x.x.x
No auto
Version 2
Exit
Redistribute RIP into BGP Router bgp 1
Address-family ipv4 vrf CustA
Redistribute rip
Exit
Verify routes are in the VRF routing table show ip route vrf CustA
show bgp vpnv4 unicast all
show ip bgp vpnv4 rd 1:100
show ip bgp vpnv4 rd 1:100 labels

For OSPF routes, use this table

On PE routers, configure VRF-aware OSPF Router ospf 2 vrf CustA


Ospf process/router-id must be unique between vrfs Router-id 1.1.1.12
If you only have one VRF, you don’t need router-id Network 172.16.10.0 0.0.0.255 area 0
Redistribute bgp 1 subnets
Redistribute OSPF into BGP Router bgp 1
Address-family ipv4 vrf CustA
Redistribute ospf 2 vrf CustA match internal external 1 external 2
Verify routes are in the VRF routing table show ip route vrf CustA
show ip ospf database | I Process

For BGP routes, use this table

On PE routers, configure eBGP peering router bgp 1


Usually done with private-AS numbers address-family ipv4 vrf CustA
redistribute connected
If customer sites are in same ASN, use as-override neighbor CUSTOMERIP remote-as 65001
neighbor CUSTOMERIP activate
neighbor CUSTOMERIP as-override
Redistribution is automatic into MP-BGP 

Verify BGP peering and routes are in BGP table show ip bgp summary
show ip route
Section V – Customer to Provider router configuration

For Static Routes

Configure IP addresses and “no shut” on all interfaces


Configure static routes towards PE routers ip route 0.0.0.0 0.0.0.0 172.16.10.1
Verify connectivity to other customer router ping
trace

For RIP

Configure IP addresses and “no shut” on all interfaces


Configure RIP as usual router rip
no auto
ver 2
network 0.0.0.0
Verify connectivity and routing protocol show ip protocol
show ip route
ping
trace

For OSPF

Configure IP addresses and “no shut” on all interfaces


Configure OSPF router ospf 1
network 0.0.0.0 0.0.0.0 area 0
Verify connectivity and routing protocol show ip prot
show ip route
show ip ospf neighbor
ping

For BGP

Configure IP addresses and “no shut” on all interfaces


Configure eBGP router bgp 65001
neighbor (PROVIDERIP) remote-as 65001
Use allowas if you didn’t use as-override on PE router neighbor (PROVIDERIP) allowas-in num
Verify connectivity and routing protocol ping the other side
show ip route
show ip bgp summary

Miscellaneous

Hide provider routers from traceroute - no mpls ip propagate-ttl


Topologies

Single customer

Two customers

You might also like