Vous êtes sur la page 1sur 278

MPLS Handbook

About
This handbook aims to give hands-on practice on several MPLS VPN
technologies and implementaions

8/17/2014

Table of Contents
MPLS L3VPN Static CE-PE ................................................................................ 2
MPLS L3VPN RIPv2 CE-PE ............................................................................. 13
MPLS L3VPN OSPF CE-PE .............................................................................. 25
MPLS L3VPN ISIS CE-PE ............................................................................... 35
MPLS L3VPN BGP CE-PE ................................................................................ 46
MPLS Tunneling ........................................................................................... 55
MPLS L3VPN OSPF Sham-link ........................................................................ 67
OSPF Domain-ID .......................................................................................... 78
VRF Lite ...................................................................................................... 92
VRF Export-maps ......................................................................................... 96
MPLS AToM Eth to Eth ................................................................................ 105
MPLS AToM PPP to PPP................................................................................ 112
MPLS Inter-AS Xconnect ............................................................................. 118
MPLS L3VPN Inter-AS Option A .................................................................... 126
MPLS L3VPN Inter-AS Option B .................................................................... 138
Carrier supporting Carrier (CSC) .................................................................. 150
MPLS TE with OSPF .................................................................................... 168
MPLS 6PE .................................................................................................. 182
MPLS 6VPE ................................................................................................ 189
MPLS Internet Access ................................................................................. 195
MPLS QoS ................................................................................................. 205
MPLS EIGRP Backdoor Link.......................................................................... 227
MPLS BGP Soo ........................................................................................... 234

MPLS L3VPN Static CE-PE


Network Diagram

Lo0
1.1.1.1/32

OSPF
Area 0

R1
S1/0

19
2.
1.
13
.0/
24

S1/0

192.1.35.0/24

IBGP

F2/0
Static
F1/0

Lo0
4.4.4.4/32

S1/1
LSP

S1/0

R2
192.1.24.0/24

Lo0
2.2.2.2/32

24
0/
2.
1
.
2.1
19

AS 100

R3
F2/0
Static
F1/0

R5

R4

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
2

Lo0
3.3.3.3/32

Lo0
5.5.5.5/32

address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
3

int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
ip route vrf MSSK 4.4.4.4 255.255.255.255 192.1.24.4
R4
ip route 0.0.0.0 0.0.0.0 192.1.24.2
R3
ip route vrf MSSK 5.5.5.5 255.255.255.255 192.1.35.5
R5
ip route 0.0.0.0 0.0.0.0 192.1.35.3

VPN Configuration
R2
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.24.0 mask 255.255.255.0
redistribute static
R3
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.35.0 mask 255.255.255.0
redistribute static
Verifications
R1#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2
2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3
3.3.3.3
R1#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No
Serial1/1
Yes (ldp)
No

BGP Static Operational


No No
Yes
No No
Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
5

Serial1/0, Src IP addr: 192.1.12.1


Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R2#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R3#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R2#sh ip route vrf MSSK static


Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
S

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [1/0] via 192.1.24.4

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/12/40 ms

R3#sh ip route vrf MSSK static


Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
S

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [1/0] via 192.1.35.5

R3#ping vrf MSSK 5.5.5.5


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/21/68 ms
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
3.3.3.3
4

AS MsgRcvd MsgSent
100

56

58

TblVer InQ OutQ Up/Down


0

0 00:47:35

R2#sh bgp vpnv4 unicast all


BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
7

RPKI validation codes: V valid, I invalid, N Not found


Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
0
32768 ?
*>i 5.5.5.5/32
3.3.3.3
0 100
0?
*> 192.1.24.0
0.0.0.0
0
32768 i
*>i 192.1.35.0
3.3.3.3
0 100
0i
R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes
BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
0
32768 ?
*> 192.1.24.0
0.0.0.0
0
32768 i
Total number of prefixes 2
R3#sh bgp vpnv4 unicast all summary
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
2.2.2.2
4

AS MsgRcvd MsgSent
100

58

56

TblVer InQ OutQ Up/Down


0

0 00:47:48

R3#sh bgp vpnv4 unicast all


BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
8

Origin codes: i - IGP, e - EGP, ? - incomplete


RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32
2.2.2.2
0 100
0?
*> 5.5.5.5/32
192.1.35.5
0
32768 ?
*>i 192.1.24.0
2.2.2.2
0 100
0i
*> 192.1.35.0
0.0.0.0
0
32768 i
R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes
BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 5.5.5.5/32
192.1.35.5
0
32768 ?
*> 192.1.35.0
0.0.0.0
0
32768 i
Total number of prefixes 2
R4#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.1.24.2 to network 0.0.0.0
S*
C
C
L

0.0.0.0/0 [1/0] via 192.1.24.2


4.0.0.0/32 is subnetted, 1 subnets
4.4.4.4 is directly connected, Loopback0
192.1.24.0/24 is variably subnetted, 2 subnets, 2 masks
192.1.24.0/24 is directly connected, FastEthernet1/0
192.1.24.4/32 is directly connected, FastEthernet1/0

R4#ping 5.5.5.5 source lo0


9

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/32 ms
R5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.1.35.3 to network 0.0.0.0
S*
C
C
L

0.0.0.0/0 [1/0] via 192.1.35.3


5.0.0.0/32 is subnetted, 1 subnets
5.5.5.5 is directly connected, Loopback0
192.1.35.0/24 is variably subnetted, 2 subnets, 2 masks
192.1.35.0/24 is directly connected, FastEthernet1/0
192.1.35.5/32 is directly connected, FastEthernet1/0

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/32 ms
R2#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 1.1.1.1/32
0
Se1/0
point2point
17
17
3.3.3.3/32
0
Se1/0
point2point
18
Pop Label 192.1.12.1/32 0
Se1/0
point2point
19
Pop Label 192.1.13.0/24 0
Se1/0
point2point
20
No Label 192.1.24.0/24[V] 0
aggregate/MSSK
21
No Label 4.4.4.4/32[V] 1140
Fa2/0
192.1.24.4
R1#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label
Label
Label
or Tunnel Id
Switched
10

Outgoing Next Hop


interface

16
17
18
19

Pop
Pop
Pop
Pop

Label
Label
Label
Label

2.2.2.2/32
7810
3.3.3.3/32
7789
192.1.12.2/32 0
192.1.13.3/32 0

Se1/0
Se1/1
Se1/0
Se1/1

point2point
point2point
point2point
point2point

R3#show mpls forwarding-table


Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 1.1.1.1/32
0
Se1/0
point2point
17
16
2.2.2.2/32
0
Se1/0
point2point
18
Pop Label 192.1.12.0/24 0
Se1/0
point2point
19
Pop Label 192.1.13.1/32 0
Se1/0
point2point
20
No Label 192.1.35.0/24[V] 0
aggregate/MSSK
21
No Label 5.5.5.5/32[V] 1140
Fa2/0
192.1.35.5
R1#debug mpls packet
Packet debugging is on
R4#ping 5.5.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms
R1#
*Sep 5 14:29:13.699: MPLS les: Se1/0: rx: Len 112
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.703: MPLS les: Se1/1: tx: Len 108
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.715: MPLS les: Se1/1: rx: Len 112
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.715: MPLS les: Se1/0: tx: Len 108
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.731: MPLS les: Se1/0: rx: Len 112
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.735: MPLS les: Se1/1: tx: Len 108
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.747: MPLS les: Se1/1: rx: Len 112
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.747: MPLS les: Se1/0: tx: Len 108
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.755: MPLS les: Se1/0: rx: Len 112
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1

11

Stack {17 0 254} {21 0 254}


Stack {21 0 253} - ipv4 data
Stack {16 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data
Stack {17 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data
Stack {16 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data
Stack {17 0 254} {21 0 254}

*Sep 5 14:29:13.755: MPLS les: Se1/1: tx: Len 108


s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.767: MPLS les: Se1/1: rx: Len 112
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.767: MPLS les: Se1/0: tx: Len 108
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.779: MPLS les: Se1/0: rx: Len 112
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.779: MPLS les: Se1/1: tx: Len 108
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.787: MPLS les: Se1/1: rx: Len 112
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
R1#
*Sep 5 14:29:13.787: MPLS les: Se1/0: tx: Len 108
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.799: MPLS les: Se1/0: rx: Len 112
- ipv4 data s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.803: MPLS les: Se1/1: tx: Len 108
s:4.4.4.4 d:5.5.5.5 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.819: MPLS les: Se1/1: rx: Len 112
- ipv4 data s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
*Sep 5 14:29:13.819: MPLS les: Se1/0: tx: Len 108
s:5.5.5.5 d:4.4.4.4 ttl:254 tos:0 prot:1
R1#

12

Stack {21 0 253} - ipv4 data


Stack {16 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data
Stack {17 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data
Stack {16 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data
Stack {17 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data
Stack {16 0 254} {21 0 254}
Stack {21 0 253} - ipv4 data

MPLS L3VPN RIPv2 CE-PE


Network Diagram
Lo0
1.1.1.1/32

Lo0
4.4.4.4/32

192.1.24.0/24

Lo0
2.2.2.2/32

R2

4
/2
.0
12
.
2.1
19

R1
S1/0

S1/0

S1/1
LSP

19
2.
1.
13
.0/
24

S1/0

IBGP
192.1.35.0/24

OSPF
Area 0

F2/0
RIPv2
F1/0

AS 100

R3
F2/0
RIPv2
F1/0

R5

R4

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
13

Lo0
3.3.3.3/32

Lo0
5.5.5.5/32

route-target import 100:1


int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
14

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.24.2
R4
router rip
no auto-summary
version 2
network 4.4.4.4
network 192.1.24.4

15

R3
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.35.3
R5
router rip
no auto-summary
version 2
network 5.5.5.5
network 192.1.35.5
VPN Configuration
R2
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R3
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
Verifications
R1#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2
2.2.2.2
16

Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0


TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3
3.3.3.3
R1#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No
Serial1/1
Yes (ldp)
No

BGP Static Operational


No No
Yes
No No
Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R2#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R3#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R2#sh ip route vrf MSSK rip


Routing Table: MSSK
17

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP


D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [120/1] via 192.1.24.4, 00:00:15, FastEthernet2/0

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/20/56 ms
R3#sh ip route vrf MSSK rip
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [120/1] via 192.1.35.5, 00:00:21, FastEthernet2/0

R3#ping vrf MSSK 5.5.5.55


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.55, timeout is 2 seconds:
.
Success rate is 0 percent (0/1)
R3#ping vrf MSSK 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
18

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/12 ms
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 12, main routing table version 12
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 6/2 prefixes, 6/2 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
3.3.3.3
4

AS MsgRcvd MsgSent
100

92

93

12

TblVer InQ OutQ Up/Down


0

0 01:18:58

R2#sh bgp vpnv4 unicast all


BGP table version is 12, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
1
32768 ?
*>i 5.5.5.5/32
3.3.3.3
1 100
0?
*> 192.1.24.0
0.0.0.0
0
32768 i
*>i 192.1.35.0
3.3.3.3
0 100
0i
R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes
BGP table version is 12, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
1
32768 ?
19

*> 192.1.24.0

0.0.0.0

32768 i

Total number of prefixes 2


R3#sh bgp vpnv4 unicast all summary
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 12, main routing table version 12
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 6/2 prefixes, 6/2 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
2.2.2.2
4

AS MsgRcvd MsgSent
100

94

92

12

TblVer InQ OutQ Up/Down


0

0 01:19:28

R3#sh bgp vpnv4 unicast all


BGP table version is 12, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32
2.2.2.2
1 100
0?
*> 5.5.5.5/32
192.1.35.5
1
32768 ?
*>i 192.1.24.0
2.2.2.2
0 100
0i
*> 192.1.35.0
0.0.0.0
0
32768 i
R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes
BGP table version is 12, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
20

*> 5.5.5.5/32
*> 192.1.35.0

192.1.35.5
0.0.0.0

32768 ?
32768 i

Total number of prefixes 2


R4#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [120/1] via 192.1.24.2, 00:00:21, FastEthernet1/0
192.1.35.0/24 [120/1] via 192.1.24.2, 00:00:21, FastEthernet1/0

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/31/36 ms
R5#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [120/1] via 192.1.35.3, 00:00:03, FastEthernet1/0
192.1.24.0/24 [120/1] via 192.1.35.3, 00:00:03, FastEthernet1/0

R5#ping 4.4.4.4 source lo0


21

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/24 ms
R2#sh ip route vrf MSSK 4.4.4.4
Routing Table: MSSK
Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 1
Redistributing via bgp 100, rip
Advertised by bgp 100
Last update from 192.1.24.4 on FastEthernet2/0, 00:00:13 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 192.1.24.4, 00:00:13 ago, via FastEthernet2/0
Route metric is 1, traffic share count is 1
R3#sh bgp vpnv4 unicast all 4.4.4.4/32
BGP routing table entry for 100:1:4.4.4.4/32, version 11
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 1, localpref 100, valid, internal, best
Extended Community: RT:100:1
mpls labels in/out nolabel/22
rx pathid: 0, tx pathid: 0x0
R5#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 1
Redistributing via rip
Last update from 192.1.35.3 on FastEthernet1/0, 00:00:21 ago
Routing Descriptor Blocks:
* 192.1.35.3, from 192.1.35.3, 00:00:21 ago, via FastEthernet1/0
Route metric is 1, traffic share count is 1
R2
router rip
address-family ipv4 vrf MSSK
no redistribute bgp 100 metric 1
redistribute bgp 100 metric transparent

22

R3
router rip
address-family ipv4 vrf MSSK
no redistribute bgp 100 metric 1
redistribute bgp 100 metric transparent
R2#sh ip route vrf MSSK 4.4.4.4
Routing Table: MSSK
Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 1
Redistributing via bgp 100, rip
Advertised by bgp 100
Last update from 192.1.24.4 on FastEthernet2/0, 00:00:11 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 192.1.24.4, 00:00:11 ago, via FastEthernet2/0
Route metric is 1, traffic share count is 1
R3#sh bgp vpnv4 unicast all 4.4.4.4/32
BGP routing table entry for 100:1:4.4.4.4/32, version 11
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 1, localpref 100, valid, internal, best
Extended Community: RT:100:1
mpls labels in/out nolabel/22
rx pathid: 0, tx pathid: 0x0
R5#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
Known via "rip", distance 120, metric 2
Redistributing via rip
Last update from 192.1.35.3 on FastEthernet1/0, 00:00:06 ago
Routing Descriptor Blocks:
* 192.1.35.3, from 192.1.35.3, 00:00:06 ago, via FastEthernet1/0
Route metric is 2, traffic share count is 1
R5#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
23

ia - IS-IS inter area, * - candidate default, U - per-user static route


o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [120/2] via 192.1.35.3, 00:00:23, FastEthernet1/0
192.1.24.0/24 [120/1] via 192.1.35.3, 00:00:23, FastEthernet1/0

24

MPLS L3VPN OSPF CE-PE


Network Diagram
Lo0
1.1.1.1/32

Lo0
4.4.4.4/32

192.1.24.0/24

Lo0
2.2.2.2/32

R2

4
/2
.0
12
.
2.1
19

R1
S1/0

S1/0

S1/1
LSP

19
2.
1.
13
.0/
24

S1/0

IBGP
192.1.35.0/24

OSPF
Area 0

F2/0
OSPF
A0
F1/0

AS 100

R3
F2/0
OSPF
A0
F1/0

R5

R4

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
25

Lo0
3.3.3.3/32

Lo0
5.5.5.5/32

route-target export 100:1


route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
26

mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
router ospf 100 vrf MSSK
network 192.1.24.2 0.0.0.0 area 0
R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
R3
router ospf 100 vrf MSSK
network 192.1.35.3 0.0.0.0 area 0
R5
27

router ospf 100


router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0
VPN Configuration
R2
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
R3
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
Verifications
R1#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2
2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3
3.3.3.3
R1#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No
Serial1/1
Yes (ldp)
No

BGP Static Operational


No No
Yes
No No
Yes
28

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R2#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R3#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R2#sh ip route vrf MSSK ospf


Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [110/2] via 192.1.24.4, 00:01:36, FastEthernet2/0
29

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/10/24 ms
R3#sh ip route vrf MSSK ospf
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [110/2] via 192.1.35.5, 00:01:44, FastEthernet2/0

R3#ping vrf MSSK 5.5.5.5


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/11/24 ms
R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 22, main routing table version 22
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
3 BGP extended community entries using 104 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1624 total bytes of memory
BGP activity 10/6 prefixes, 10/6 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
3.3.3.3
4

AS MsgRcvd MsgSent
100

4831

4833

TblVer InQ OutQ Up/Down


22

30

0 3d01h

R2#sh bgp vpnv4 unicast all


BGP table version is 22, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
2
32768 ?
*>i 5.5.5.5/32
3.3.3.3
2 100
0?
*> 192.1.24.0
0.0.0.0
0
32768 i
*>i 192.1.35.0
3.3.3.3
0 100
0i
R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes
BGP table version is 22, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
2
32768 ?
*> 192.1.24.0
0.0.0.0
0
32768 i
Total number of prefixes 2
R3#sh bgp vpnv4 unicast all summary
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 22, main routing table version 22
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
3 BGP extended community entries using 104 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1624 total bytes of memory
BGP activity 10/6 prefixes, 10/6 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd

AS MsgRcvd MsgSent

31

TblVer InQ OutQ Up/Down

2.2.2.2

100

4833

4832

22

0 3d01h

R3#sh bgp vpnv4 unicast all


BGP table version is 22, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32
2.2.2.2
2 100
0?
*> 5.5.5.5/32
192.1.35.5
2
32768 ?
*>i 192.1.24.0
2.2.2.2
0 100
0i
*> 192.1.35.0
0.0.0.0
0
32768 i
R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes
BGP table version is 22, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 5.5.5.5/32
192.1.35.5
2
32768 ?
*> 192.1.35.0
0.0.0.0
0
32768 i
Total number of prefixes 2
R4#sh ip ospf neighbor
Neighbor ID
192.1.24.2

Pri State
1 FULL/BDR

Dead Time Address


Interface
00:00:37 192.1.24.2
FastEthernet1/0

R4#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
32

+ - replicated route, % - next hop override


Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
O IA
5.5.5.5 [110/3] via 192.1.24.2, 00:02:27, FastEthernet1/0
O E2 192.1.35.0/24 [110/1] via 192.1.24.2, 00:02:57, FastEthernet1/0
R4#ping 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/39/44 ms
R5#sh ip ospf neighbor
Neighbor ID
Pri State
Dead Time Address
Interface
192.1.35.3
1 FULL/BDR
00:00:39 192.1.35.3
FastEthernet1/0
R5#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
O IA
4.4.4.4 [110/3] via 192.1.35.3, 00:03:00, FastEthernet1/0
O E2 192.1.24.0/24 [110/1] via 192.1.35.3, 00:03:01, FastEthernet1/0
R5#ping 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/40 ms
R2#sh ip route vrf MSSK 4.4.4.4
Routing Table: MSSK
Routing entry for 4.4.4.4/32
Known via "ospf 100", distance 110, metric 2, type intra area
33

Redistributing via bgp 100


Advertised by bgp 100
Last update from 192.1.24.4 on FastEthernet2/0, 00:09:05 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 4.4.4.4, 00:09:05 ago, via FastEthernet2/0
Route metric is 2, traffic share count is 1
R3#sh bgp vpnv4 unicast all 4.4.4.4/32
BGP routing table entry for 100:1:4.4.4.4/32, version 21
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
Origin incomplete, metric 2, localpref 100, valid, internal, best
Extended Community: RT:100:1 OSPF DOMAIN ID:0x0005:0x000000640200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.24.2:0
mpls labels in/out nolabel/22
rx pathid: 0, tx pathid: 0x0

34

MPLS L3VPN ISIS CE-PE


Network Diagram
Lo0
1.1.1.1/32

Lo0
4.4.4.4/32

192.1.24.0/24

Lo0
2.2.2.2/32

R2

4
/2
.0
2
.1
2.1
19

R1
S1/0

S1/0

S1/1
LSP

19
2.
1.
13
.0/
24

S1/0

IBGP
192.1.35.0/24

OSPF
Area 0

F2/0
ISIS
L2
F1/0

AS 100

R3
F2/0
ISIS
L2
F1/0

R5

R4

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
35

Lo0
3.3.3.3/32

Lo0
5.5.5.5/32

route-target import 100:1


vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip

36

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
router isis 1
vrf MSSK
net 49.0001.0000.0000.0002.00
is-type level-2-only
int f2/0
ip router isis 1
R4
router isis 1
net 49.0001.0000.0000.0004.00
passive-interface lo0
is-type level-2-only
int f1/0
37

ip router isis 1
R3
router isis 1
vrf MSSK
net 49.0001.0000.0000.0003.00
is-type level-2-only
int f2/0
ip router isis 1
R5
router isis 1
net 49.0001.0000.0000.0005.00
passive-interface lo0
is-type level-2-only
int f1/0
ip router isis 1
VPN Configuration
R2
router isis 1
vrf MSSK
redistribute bgp 100 ip level-2
router bgp 100
address-family ipv4 vrf MSSK
redistribute isis 1 ip level-2
R3
router isis 1
vrf MSSK
redistribute bgp 100 ip level-2
router bgp 100
address-family ipv4 vrf MSSK
redistribute isis 1 ip level-2
Verifications
R1#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
38

State: Oper; Msgs sent/rcvd: 66/66; Downstream


Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2
2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3
3.3.3.3
R1#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No
Serial1/1
Yes (ldp)
No

BGP Static Operational


No No
Yes
No No
Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R2#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.13.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R3#show mpls interfaces
39

Interface
Serial1/0

IP
Tunnel
Yes (ldp)
No

BGP Static Operational


No No
Yes

R2#sh ip route vrf MSSK isis


Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
i L2
4.4.4.4 [115/10] via 192.1.24.4, 00:03:25, FastEthernet2/0
R2#ping vrf MSSK 4.4.4.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/11/32 ms
R3#sh ip route vrf MSSK isis
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
i L2
5.5.5.5 [115/10] via 192.1.35.5, 00:02:23, FastEthernet2/0
R3#ping vrf MSSK 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
40

Success rate is 100 percent (5/5), round-trip min/avg/max = 4/14/44 ms


R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 27, main routing table version 27
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 12/8 prefixes, 12/8 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
3.3.3.3
4

AS MsgRcvd MsgSent
100

4941

4943

TblVer InQ OutQ Up/Down


27

0 3d02h

R2#sh bgp vpnv4 unicast all


BGP table version is 27, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
10
32768 ?
*>i 5.5.5.5/32
3.3.3.3
10 100
0?
*> 192.1.24.0
0.0.0.0
0
32768 i
*>i 192.1.35.0
3.3.3.3
0 100
0i
R2#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes
BGP table version is 27, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
10
32768 ?
*> 192.1.24.0
0.0.0.0
0
32768 i
41

Total number of prefixes 2


R3#sh bgp vpnv4 unicast all summary
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 27, main routing table version 27
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 12/8 prefixes, 12/8 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
2.2.2.2
4

AS MsgRcvd MsgSent
100

4943

4941

TblVer InQ OutQ Up/Down


27

0 3d02h

R3#sh bgp vpnv4 unicast all


BGP table version is 27, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32
2.2.2.2
10 100
0?
*> 5.5.5.5/32
192.1.35.5
10
32768 ?
*>i 192.1.24.0
2.2.2.2
0 100
0i
*> 192.1.35.0
0.0.0.0
0
32768 i
R3#sh bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes
BGP table version is 27, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 5.5.5.5/32
192.1.35.5
10
32768 ?
42

*> 192.1.35.0

0.0.0.0

32768 i

Total number of prefixes 2


R4#sh isis neighbors
Tag 1:
System Id
Type Interface IP Address
State Holdtime Circuit Id
R2
L2 Fa1/0
192.1.24.2
UP 28
R4.01
R4#show clns neighbors
Tag 1:
System Id
Interface SNPA
State Holdtime Type Protocol
R2
Fa1/0
ca01.7a82.0038
Up
25
L2 IS-IS
R4#show ip route isis
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
5.0.0.0/32 is subnetted, 1 subnets
i L2
5.5.5.5 [115/10] via 192.1.24.2, 00:43:29, FastEthernet1/0
i L2 192.1.35.0/24 [115/10] via 192.1.24.2, 00:44:36, FastEthernet1/0
R4#ping 5.5.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/33/72 ms
R5#sh isis neighbors
Tag 1:
System Id
Type Interface IP Address
State Holdtime Circuit Id
R3
L2 Fa1/0
192.1.35.3
UP 26
R5.01
R5#show clns neighbors
Tag 1:
43

System Id
Interface SNPA
R3
Fa1/0
ca02.7a92.0038

State Holdtime Type Protocol


Up
24
L2 IS-IS

R5#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
i L2
4.4.4.4 [115/10] via 192.1.35.3, 00:02:48, FastEthernet1/0
i L2 192.1.24.0/24 [115/10] via 192.1.35.3, 00:44:14, FastEthernet1/0
R5#ping 4.4.4.4 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/36/56 ms
R2#sh ip route vrf MSSK 4.4.4.4
Routing Table: MSSK
Routing entry for 4.4.4.4/32
Known via "isis", distance 115, metric 10, type level-2
Redistributing via bgp 100, isis 1
Advertised by bgp 100 level-2
Last update from 192.1.24.4 on FastEthernet2/0, 00:47:28 ago
Routing Descriptor Blocks:
* 192.1.24.4, from 4.4.4.4, 00:47:28 ago, via FastEthernet2/0
Route metric is 10, traffic share count is 1
R3#sh bgp vpnv4 unicast all 4.4.4.4/32
BGP routing table entry for 100:1:4.4.4.4/32, version 27
Paths: (1 available, best #1, table MSSK)
Not advertised to any peer
Refresh Epoch 1
Local
2.2.2.2 (metric 129) from 2.2.2.2 (2.2.2.2)
44

Origin incomplete, metric 10, localpref 100, valid, internal, best


Extended Community: RT:100:1
mpls labels in/out nolabel/21
rx pathid: 0, tx pathid: 0x0

45

MPLS L3VPN BGP CE-PE


Network Diagram
Lo0
1.1.1.1/32

Lo0
4.4.4.4/32

192.1.24.0/24

Lo0
2.2.2.2/32

R2

4
/2
.0
2
1.1
2.
19

R1
S1/0

S1/0

S1/1
LSP

19
2.
1.1
3

AS 100
.0
/2
4

S1/0

IBGP
192.1.35.0/24

OSPF
Area 0

F2/0
BGP
F1/0

R3
F2/0

F1/0

R4

R5

AS 1

AS 1

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
46

Lo0
3.3.3.3/32

Lo0
5.5.5.5/32

route-target export 100:1


route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
47

mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.24.4 remote-as 1
neighbor 192.1.24.4 activate
network 192.1.24.0 mask 255.255.255.0
R4
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.24.2 remote-as 100
address-family ipv4
neighbor 192.1.24.2 activate
network 4.4.4.4 mask 255.255.255.255
48

R3
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.35.5 remote-as 1
neighbor 192.1.35.5 activate
network 192.1.35.0 mask 255.255.255.0
R5
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.35.3 remote-as 100
address-family ipv4
neighbor 192.1.35.3 activate
network 5.5.5.5 mask 255.255.255.255
Verifications
R2#sh ip route vrf MSSK bgp
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
B
B
B

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [20/0] via 192.1.24.4, 00:05:47
5.0.0.0/32 is subnetted, 1 subnets
5.5.5.5 [200/0] via 3.3.3.3, 00:03:32
192.1.35.0/24 [200/0] via 3.3.3.3, 00:00:33

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/24 ms
R2#ping vrf MSSK 5.5.5.5
49

Type escape sequence to abort.


Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/21/32 ms
R3#sh ip route vrf MSSK bgp
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
B
B
B

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [200/0] via 2.2.2.2, 00:06:27
5.0.0.0/32 is subnetted, 1 subnets
5.5.5.5 [20/0] via 192.1.35.5, 00:04:13
192.1.24.0/24 [200/0] via 2.2.2.2, 00:01:47

R3#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/20/28 ms
R3#ping vrf MSSK 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/7/16 ms
R4#sh ip bgp
BGP table version is 4, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

50

Network
*> 4.4.4.4/32
r> 192.1.24.0
*> 192.1.35.0

Next Hop
0.0.0.0
192.1.24.2
192.1.24.2

Metric LocPrf Weight Path


0
32768 i
0
0 100 i
0 100 i

R5#sh ip bgp
BGP table version is 4, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
*> 5.5.5.5/32
*> 192.1.24.0
r> 192.1.35.0

Next Hop
0.0.0.0
192.1.35.3
192.1.35.3

Metric LocPrf Weight Path


0
32768 i
0 100 i
0
0 100 i

As we can see from last two outputs above, neither R4 or R5 learned each other
loopback networks, let us check if they are advertised from the PE side toward each
of them
R2#sh bgp vpnv4 unicast vrf MSSK neighbors 192.1.24.4 advertised-routes
BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 5.5.5.5/32
3.3.3.3
0 100
01i
*> 192.1.24.0
0.0.0.0
0
32768 i
*>i 192.1.35.0
3.3.3.3
0 100
0i
Total number of prefixes 3
R3#sh bgp vpnv4 unicast vrf MSSK neighbors 192.1.35.5 advertised-routes
BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
51

Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32
2.2.2.2
0 100
01i
*>i 192.1.24.0
2.2.2.2
0 100
0i
*> 192.1.35.0
0.0.0.0
0
32768 i
Total number of prefixes 3
As seen, the PE routers learn those routes for both CEs and advertise toward them
as well, so what is the issue?
Let us turn debug on R4 for coming BGP updates and see what the output can tells
us
R4
debug ip bgp updates
clear ip bgp * in
*Sep 13 03:10:27.647: BGP(0): 192.1.24.2 rcv UPDATE about 5.5.5.5/32 -DENIED due to: AS-PATH contains our own AS;
So the issue is clear now, BGP speaker will not accept an update that contains its
own AS number, so what could we do? We can use the as-override feature from the
PE side toward each CE
R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.24.4 as-override
clear ip bgp * out
R3
router bgp 100
address-family ipv4 vrf MSSK
neighbor 192.1.35.5 as-override
clear ip bgp * out
R4#
*Sep 13 03:13:11.819: BGP(0): 192.1.24.2 rcvd UPDATE w/ attr: nexthop
192.1.24.2, origin i, merged path 100, AS_PATH
R4#sh ip bgp
BGP table version is 5, local router ID is 4.4.4.4
52

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,


r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
*> 4.4.4.4/32
*> 5.5.5.5/32
r> 192.1.24.0
*> 192.1.35.0

Next Hop
0.0.0.0
192.1.24.2
192.1.24.2
192.1.24.2

Metric LocPrf Weight Path


0
32768 i
0 100 100 i
0
0 100 i
0 100 i

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/34/68 ms
R4#traceroute 5.5.5.5 source lo0 numer
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.24.2 [AS 100] 16 msec 12 msec 4 msec
2 192.1.12.1 [MPLS: Labels 17/20 Exp 0] 32 msec 16 msec 20 msec
3 192.1.35.3 [AS 100] [MPLS: Label 20 Exp 0] 16 msec 16 msec 20 msec
4 192.1.35.5 [AS 100] 20 msec * 24 msec
R5#sh ip bgp
BGP table version is 5, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
*> 4.4.4.4/32
*> 5.5.5.5/32
*> 192.1.24.0
r> 192.1.35.0

Next Hop
192.1.35.3
0.0.0.0
192.1.35.3
192.1.35.3

Metric LocPrf Weight Path


0 100 100 i
0
32768 i
0 100 i
0
0 100 i

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
53

Packet sent with a source address of 5.5.5.5


!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/25/28 ms
R5#traceroute 4.4.4.4 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.35.3 [AS 100] 16 msec 8 msec 4 msec
2 192.1.13.1 [MPLS: Labels 16/22 Exp 0] 20 msec 24 msec 20 msec
3 192.1.24.2 [AS 100] [MPLS: Label 22 Exp 0] 16 msec 16 msec 16 msec
4 192.1.24.4 [AS 100] 32 msec * 16 msec

54

MPLS Tunneling
Network Diagram

R8

R1
F0/0

F0/0

F0/0

F0/1

R2

R7
F0/1

F0/0
F0/0

R3

R6

F0/1

F0/0

F0/0

F0/1

R4

F0/0

F0/1

R5

MPLS Backbone
ISIS Area 49.0001
Configurations
IGP Configuration
R2
router isis 1
net 49.0000.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0

55

F0/1

interface FastEthernet0/1
ip router isis 1
R3
router isis 1
net 49.0000.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1
R4
router isis 1
net 49.0000.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1
R5
router isis 1
net 49.0000.0000.0000.0005.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1

56

R6
router isis 1
net 49.0000.0000.0000.0006.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
interface FastEthernet0/1
ip router isis 1
R7
router isis 1
net 49.0000.0000.0000.0007.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet0/0
ip router isis 1
MPLS LDP Configuration
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/1
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
57

mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip
interface FastEthernet0/1
mpls ip
R7
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet0/0
mpls ip

58

BGP Configuration
R1
router bgp 1
no bgp default ipv4-unicast
neighbor 192.168.12.2 remote-as 100
address-family ipv4
neighbor 192.168.12.2 activate
network 1.1.1.1 mask 255.255.255.255
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 192.168.12.1 remote-as 1
neighbor 7.7.7.7 remote-as 100
neighbor 7.7.7.7 update-source lo0
address-family ipv4
neighbor 192.168.12.1 activate
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 next-hop-self
R8
router bgp 20
no bgp default ipv4-unicast
neighbor 192.168.78.7 remote-as 100
R8address-family ipv4
neighbor 192.168.78.7 activate
network 8.8.8.8 mask 255.255.255.255
R7
router bgp 100
no bgp default ipv4-unicast
neighbor 192.168.78.8 remote-as 20
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family ipv4
neighbor 192.168.78.8 activate
neighbor 2.2.2.2 activate
59

neighbor 2.2.2.2 next-hop-self


Verification
R1#sh ip bgp summary
BGP router identifier 1.1.1.1, local AS number 1
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 772 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs
Neighbor
V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.12.2 4 100
7
6
3 0 0 00:02:51
1
R1#sh ip bgp
BGP table version is 3, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
*> 1.1.1.1/32
*> 8.8.8.8/32

Next Hop
0.0.0.0
192.168.12.2

Metric LocPrf Weight Path


0
32768 i
0 100 20 i

R1#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
R8#sh ip bgp summary
60

BGP router identifier 8.8.8.8, local AS number 20


BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 772 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs
Neighbor
V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.78.7 4 100
5
5
3 0 0 00:01:51
1
R8#sh ip bgp
BGP table version is 3, local router ID is 8.8.8.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
*> 1.1.1.1/32
*> 8.8.8.8/32

Next Hop
192.168.78.7
0.0.0.0

Metric LocPrf Weight Path


0 100 1 i
0
32768 i

R8#ping 1.1.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/29/32 ms
R2#sh ip bgp summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
61

2 BGP AS-PATH entries using 48 bytes of memory


0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 828 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs
Neighbor
V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
7.7.7.7
4 100
6
6
3 0 0 00:02:42
1
192.168.12.1 4
1
8
9
3 0 0 00:04:02
1
R2#sh ip bgp
BGP table version is 3, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
*> 1.1.1.1/32
*>i8.8.8.8/32

Next Hop
192.168.12.1
7.7.7.7

Metric LocPrf Weight Path


0
01i
0 100
0 20 i

R7#sh ip bgp summary


BGP router identifier 7.7.7.7, local AS number 100
BGP table version is 3, main routing table version 3
2 network entries using 240 bytes of memory
2 path entries using 104 bytes of memory
3/2 BGP path/bestpath attribute entries using 372 bytes of memory
2 BGP AS-PATH entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 828 total bytes of memory
BGP activity 2/0 prefixes, 2/0 paths, scan interval 60 secs
Neighbor
V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2
4 100
6
6
3 0 0 00:02:55
1
192.168.78.8 4 20
6
6
3 0 0 00:02:50
1
R7#sh ip bgp
62

BGP table version is 3, local router ID is 7.7.7.7


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
*>i1.1.1.1/32
*> 8.8.8.8/32

Next Hop
2.2.2.2
192.168.78.8

Metric LocPrf Weight Path


0 100
01i
0
0 20 i

Now, if we wanted to trace the packet as it traverses through the backbone and
check label assignments, we will enable debug mpls packets on the MPLS routers
(R3 through R6) and initiate an ICMP packet from R8 towards R1
R3 R6
debug mpls packets
R2#show mpls forwarding-table
Local Outgoing Prefix
Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id
switched interface
16
Pop tag
3.3.3.3/32
0
Fa0/1
192.168.23.3
17
Pop tag
192.168.34.0/24 0
Fa0/1
192.168.23.3
18
17
4.4.4.4/32
0
Fa0/1
192.168.23.3
19
18
192.168.45.0/24 0
Fa0/1
192.168.23.3
20
19
5.5.5.5/32
0
Fa0/1
192.168.23.3
21
20
192.168.56.0/24 0
Fa0/1
192.168.23.3
22
21
6.6.6.6/32
0
Fa0/1
192.168.23.3
23
23
7.7.7.7/32
0
Fa0/1
192.168.23.3
24
22
192.168.67.0/24 0
Fa0/1
192.168.23.3
R3#show mpls forwarding-table
Local Outgoing Prefix
Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id
switched interface
16
Pop tag
2.2.2.2/32
104567
Fa0/0
192.168.23.2
17
Pop tag
4.4.4.4/32
0
Fa0/1
192.168.34.4
18
Pop tag
192.168.45.0/24 0
Fa0/1
192.168.34.4
19
18
5.5.5.5/32
0
Fa0/1
192.168.34.4
20
20
192.168.56.0/24 0
Fa0/1
192.168.34.4
21
21
6.6.6.6/32
0
Fa0/1
192.168.34.4
22
22
192.168.67.0/24 0
Fa0/1
192.168.34.4
23
23
7.7.7.7/32
65271
Fa0/1
192.168.34.4
63

R4#show mpls forwarding-table


Local Outgoing Prefix
Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id
switched interface
16
Pop tag
3.3.3.3/32
0
Fa0/0
192.168.34.3
17
Pop tag
192.168.23.0/24 0
Fa0/0
192.168.34.3
18
Pop tag
5.5.5.5/32
0
Fa0/1
192.168.45.5
19
16
2.2.2.2/32
111037
Fa0/0
192.168.34.3
20
Pop tag
192.168.56.0/24 0
Fa0/1
192.168.45.5
21
18
6.6.6.6/32
0
Fa0/1
192.168.45.5
22
21
192.168.67.0/24 0
Fa0/1
192.168.45.5
23
23
7.7.7.7/32
65271
Fa0/1
192.168.45.5
R5#show mpls forwarding-table
Local Outgoing Prefix
Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id
switched interface
16
Pop tag
4.4.4.4/32
0
Fa0/0
192.168.45.4
17
Pop tag
192.168.34.0/24 0
Fa0/0
192.168.45.4
18
Pop tag
6.6.6.6/32
0
Fa0/1
192.168.56.6
19
16
3.3.3.3/32
0
Fa0/0
192.168.45.4
20
19
2.2.2.2/32
111037
Fa0/0
192.168.45.4
21
Pop tag
192.168.67.0/24 0
Fa0/1
192.168.56.6
22
17
192.168.23.0/24 0
Fa0/0
192.168.45.4
23
18
7.7.7.7/32
65271
Fa0/1
192.168.56.6
R6#show mpls forwarding-table
Local Outgoing Prefix
Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id
switched interface
16
Pop tag
5.5.5.5/32
0
Fa0/0
192.168.56.5
17
Pop tag
192.168.45.0/24 0
Fa0/0
192.168.56.5
18
Pop tag
7.7.7.7/32
61950
Fa0/1
192.168.67.7
19
16
4.4.4.4/32
0
Fa0/0
192.168.56.5
20
19
3.3.3.3/32
0
Fa0/0
192.168.56.5
21
20
2.2.2.2/32
111174
Fa0/0
192.168.56.5
22
17
192.168.34.0/24 0
Fa0/0
192.168.56.5
23
22
192.168.23.0/24 0
Fa0/0
192.168.56.5
R7#show mpls forwarding-table
Local Outgoing Prefix
Bytes tag Outgoing
64

Next Hop

tag
16
17
18
19
20
21
22
23
24

tag or VC or Tunnel Id
switched interface
Pop tag
6.6.6.6/32
0
Fa0/0
192.168.67.6
Pop tag
192.168.56.0/24 0
Fa0/0
192.168.67.6
16
5.5.5.5/32
0
Fa0/0
192.168.67.6
19
4.4.4.4/32
0
Fa0/0
192.168.67.6
20
3.3.3.3/32
0
Fa0/0
192.168.67.6
21
2.2.2.2/32
0
Fa0/0
192.168.67.6
17
192.168.45.0/24 0
Fa0/0
192.168.67.6
22
192.168.34.0/24 0
Fa0/0
192.168.67.6
23
192.168.23.0/24 0
Fa0/0
192.168.67.6

R6#
*Mar 1 13:38:13.812: MPLS: Fa0/1: recvd: CoS=0, TTL=254, Label(s)=21
*Mar 1 13:38:13.812: MPLS: Fa0/0: xmit: CoS=0, TTL=253, Label(s)=20
R5#
*Mar
*Mar
R4#
*Mar
*Mar

1 13:38:03.440: MPLS: Fa0/1: recvd: CoS=0, TTL=253, Label(s)=20


1 13:38:03.440: MPLS: Fa0/0: xmit: CoS=0, TTL=252, Label(s)=19
1 13:38:01.684: MPLS: Fa0/1: recvd: CoS=0, TTL=252, Label(s)=19
1 13:38:01.684: MPLS: Fa0/0: xmit: CoS=0, TTL=251, Label(s)=16

R3#
*Mar 1 13:38:14.572: MPLS: Fa0/1: recvd: CoS=0, TTL=251, Label(s)=16
*Mar 1 13:38:14.572: MPLS: Fa0/0: xmit: (no label)
Note: we can see the no label keyword which is due to PHP
As can be seen from the debug outputs above that the precedence value is 0 which
is copied from the packet header to the MPLS header (CoS)
R1
access-list
access-list
access-list
access-list
access-list
access-list
access-list

100
100
100
100
100
100
100

permit
permit
permit
permit
permit
permit
permit

ip
ip
ip
ip
ip
ip
ip

any
any
any
any
any
any
any

any
any
any
any
any
any
any

precedence
precedence
precedence
precedence
precedence
precedence
precedence
65

critical
flash
flash-override
immediate
internet
network
priority

access-list 100 permit ip any any precedence routine


int f0/0
ip access-group 100 in
R8#ping 1.1.1.1 source lo0
R1# sh access-lists
Extended IP access
10 permit ip any
20 permit ip any
30 permit ip any
40 permit ip any
50 permit ip any
60 permit ip any
70 permit ip any
80 permit ip any

list 100
any precedence
any precedence
any precedence
any precedence
any precedence
any precedence
any precedence
any precedence

critical
flash
flash-override
immediate
internet
network
priority
routine (5 matches)

66

MPLS L3VPN OSPF Sham-link


Network Diagram
Lo0
1.1.1.1/32

Lo0
4.4.4.4/32

192.1.24.0/24

Lo0
2.2.2.2/32

R2

4
/2
.0
2
.1
2.1
19

R1
S1/0

S1/1
LSP

S1/0

19
2.
1.
13
.0/
24

S1/0

IBGP
192.1.35.0/24

OSPF
Area 0

F2/0
OSPF
A0
F1/0

R4

OSPF A0
192.1.45.0/24

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
67

AS 100

R3

Lo0
3.3.3.3/32

F2/0
OSPF
A0
F1/0

R5

Lo0
5.5.5.5/32

route-target import 100:1


int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
68

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
router ospf 100 vrf MSSK
network 192.1.24.2 0.0.0.0 area 0
R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
R3
router ospf 100 vrf MSSK
network 192.1.35.3 0.0.0.0 area 0

69

R5
router ospf 100
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0
CE-CE Link Configuration
R4
router ospf 100
network 192.1.45.4 0.0.0.0 area 0
R5
router ospf 100
network 192.1.45.5 0.0.0.0 area 0
VPN Configuration
R2
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
R3
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100 vrf MSSK
Verifications
R2#sh ip route vrf MSSK ospf
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
70

Gateway of last resort is not set


O
O
O
O

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [110/2] via 192.1.24.4, 00:00:25, FastEthernet2/0
5.0.0.0/32 is subnetted, 1 subnets
5.5.5.5 [110/3] via 192.1.24.4, 00:00:25, FastEthernet2/0
192.1.35.0/24 [110/3] via 192.1.24.4, 00:00:15, FastEthernet2/0
192.1.45.0/24 [110/2] via 192.1.24.4, 00:00:25, FastEthernet2/0

As can be seen from the output below, R2 should learn R5 loopback via iBGP not via
OSPF as we are configuring MPLS L3VPN
R5 loopback was learned via OSPF and has an AD value of 110 and cost of 3 (which
roughly means it crossed three FastEthernet links)
R3#sh ip route vrf MSSK ospf
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O
O
O
O

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [110/3] via 192.1.35.5, 00:02:43, FastEthernet2/0
5.0.0.0/32 is subnetted, 1 subnets
5.5.5.5 [110/2] via 192.1.35.5, 00:02:43, FastEthernet2/0
192.1.24.0/24 [110/3] via 192.1.35.5, 00:02:43, FastEthernet2/0
192.1.45.0/24 [110/2] via 192.1.35.5, 00:02:43, FastEthernet2/0

R2#show bgp vpnv4 unicast all


BGP table version is 46, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network

Next Hop

Metric LocPrf Weight Path


71

Route Distinguisher: 100:1 (default for vrf MSSK)


* i 4.4.4.4/32
3.3.3.3
3 100
0?
*>
192.1.24.4
2
32768 ?
* i 5.5.5.5/32
3.3.3.3
2 100
0?
*>
192.1.24.4
3
32768 ?
* i 192.1.24.0
3.3.3.3
3 100
0?
*>
0.0.0.0
0
32768 ?
*> 192.1.35.0
192.1.24.4
3
32768 ?
*i
3.3.3.3
0 100
0?
* i 192.1.45.0
3.3.3.3
2 100
0?
*>
192.1.24.4
2
32768 ?
R3#show bgp vpnv4 unicast all
BGP table version is 65, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.35.5
3
32768 ?
*i
2.2.2.2
2 100
0?
*> 5.5.5.5/32
192.1.35.5
2
32768 ?
*i
2.2.2.2
3 100
0?
*> 192.1.24.0
192.1.35.5
3
32768 ?
*i
2.2.2.2
0 100
0?
* i 192.1.35.0
2.2.2.2
3 100
0?
*>
0.0.0.0
0
32768 ?
*> 192.1.45.0
192.1.35.5
2
32768 ?
*i
2.2.2.2
2 100
0?
Let us check from the CEs side
R4#sh ip ospf neighbor
Neighbor ID
5.5.5.5
192.1.24.2

Pri State
1 FULL/BDR
1 FULL/DR

Dead Time Address


00:00:39 192.1.45.5
00:00:35 192.1.24.2

Interface
FastEthernet1/1
FastEthernet1/0

R4#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
72

E1 - OSPF external type 1, E2 - OSPF external type 2


i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O
O

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [110/2] via 192.1.45.5, 00:04:48, FastEthernet1/1
192.1.35.0/24 [110/2] via 192.1.45.5, 00:04:38, FastEthernet1/1

R4#traceroute 5.5.5.5 numeric


Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.45.5 12 msec * 0 msec
R5#sh ip ospf neighbor
Neighbor ID
4.4.4.4
192.1.35.3

Pri State
1 FULL/DR
1 FULL/DR

Dead Time Address


00:00:37 192.1.45.4
00:00:34 192.1.35.3

Interface
FastEthernet1/1
FastEthernet1/0

R5#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O
O

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [110/2] via 192.1.45.4, 00:05:11, FastEthernet1/1
192.1.24.0/24 [110/2] via 192.1.45.4, 00:05:11, FastEthernet1/1

R5#traceroute 4.4.4.4 numeric


Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.45.4 16 msec * 0 msec
73

As we can see, the traffic between the CEs is crossing the backdoor link and not the
primary one, which is supposed to be the MPLS L3VPN connection
So, we should configure what so called OSPF sham link, which is a virtual link
configured between the PEs inside the OSPF that resides between the PE and CE
Sham link is established with source and destination which should be attached to
the specific VRF of concern; as well it should be advertised in iBGP under the VRF
address-family
Not to forget that the cost of the backdoor link reverts to default (which is 1), so we
will implement the OSPF cost on the interfaces involved in the backdoor on both
CEs
R2
interface Loopback1
vrf forwarding MSSK
ip address 22.22.22.22 255.255.255.255
router ospf 100 vrf MSSK
area 0 sham-link 22.22.22.22 33.33.33.33
router bgp 100
address-family ipv4 vrf MSSK
network 22.22.22.22 mask 255.255.255.255
R4
interface FastEthernet1/1
ip ospf cost 100
R3
interface Loopback1
vrf forwarding MSSK
ip address 33.33.33.33 255.255.255.255
router ospf 100 vrf MSSK
area 0 sham-link 33.33.33.33 22.22.22.22
router bgp 100
address-family ipv4 vrf MSSK
network 33.33.33.33 mask 255.255.255.255
R5
interface FastEthernet1/1
ip ospf cost 100
R2#show bgp vpnv4 unicast all
74

BGP table version is 67, local router ID is 2.2.2.2


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
2
32768 ?
r>i 5.5.5.5/32
3.3.3.3
2 100
0?
*> 22.22.22.22/32 0.0.0.0
0
32768 i
*>i 33.33.33.33/32 3.3.3.3
0 100
0i
*> 192.1.24.0
0.0.0.0
0
32768 ?
r>i 192.1.35.0
3.3.3.3
0 100
0?
* i 192.1.45.0
3.3.3.3
101 100
0?
*>
192.1.24.4
101
32768 ?
R2#sh ip ospf neighbor
Neighbor ID
1.1.1.1
192.1.35.3
4.4.4.4

Pri State
0 FULL/ 0 FULL/ 1 FULL/BDR

Dead Time Address


Interface
00:00:31 192.1.12.1
Serial1/0
33.33.33.33
OSPF_SL2
00:00:31 192.1.24.4
FastEthernet2/0

R2#sh ip ospf sham-links


Sham Link OSPF_SL2 to address 33.33.33.33 is up
Area 0 source address 22.22.22.22
Run as demand circuit
DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:02
Adjacency State FULL (Hello suppressed)
Index 2/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R3#show bgp vpnv4 unicast all
BGP table version is 91, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
75

RPKI validation codes: V valid, I invalid, N Not found


Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
r>i 4.4.4.4/32
2.2.2.2
2 100
0?
*> 5.5.5.5/32
192.1.35.5
2
32768 ?
*>i 22.22.22.22/32 2.2.2.2
0 100
0i
*> 33.33.33.33/32 0.0.0.0
0
32768 i
r>i 192.1.24.0
2.2.2.2
0 100
0?
*> 192.1.35.0
0.0.0.0
0
32768 ?
*> 192.1.45.0
192.1.35.5
101
32768 ?
*i
2.2.2.2
101 100
0?
R3#sh ip ospf neighbor
Neighbor ID
1.1.1.1
192.1.24.2
5.5.5.5

Pri State
0 FULL/ 0 FULL/ 1 FULL/BDR

Dead Time Address


Interface
00:00:39 192.1.13.1
Serial1/0
22.22.22.22
OSPF_SL2
00:00:35 192.1.35.5
FastEthernet2/0

R3#sh ip ospf sham-links


Sham Link OSPF_SL2 to address 22.22.22.22 is up
Area 0 source address 33.33.33.33
Run as demand circuit
DoNotAge LSA allowed. Cost of using 1 State POINT_TO_POINT,
Timer intervals configured, Hello 10, Dead 40, Wait 40,
Hello due in 00:00:01
Adjacency State FULL (Hello suppressed)
Index 2/2, retransmission queue length 0, number of retransmission 0
First 0x0(0)/0x0(0) Next 0x0(0)/0x0(0)
Last retransmission scan length is 0, maximum is 0
Last retransmission scan time is 0 msec, maximum is 0 msec
R4#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set

76

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [110/4] via 192.1.24.2, 00:01:07, FastEthernet1/0
22.0.0.0/32 is subnetted, 1 subnets
O E2
22.22.22.22 [110/1] via 192.1.24.2, 00:01:22, FastEthernet1/0
33.0.0.0/32 is subnetted, 1 subnets
O E2
33.33.33.33 [110/1] via 192.1.24.2, 00:01:15, FastEthernet1/0
O
192.1.35.0/24 [110/3] via 192.1.24.2, 00:01:07, FastEthernet1/0
O

R4#traceroute 5.5.5.5 numeric


Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.24.2 4 msec 4 msec 4 msec
2 192.1.12.1 [MPLS: Labels 19/25 Exp 0] 20 msec 16 msec 16 msec
3 192.1.35.3 [MPLS: Label 25 Exp 0] 16 msec 12 msec 12 msec
4 192.1.35.5 20 msec * 16 msec
R5#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
4.4.4.4 [110/4] via 192.1.35.3, 00:01:38, FastEthernet1/0
22.0.0.0/32 is subnetted, 1 subnets
O E2
22.22.22.22 [110/1] via 192.1.35.3, 00:01:38, FastEthernet1/0
33.0.0.0/32 is subnetted, 1 subnets
O E2
33.33.33.33 [110/1] via 192.1.35.3, 00:01:43, FastEthernet1/0
O
192.1.24.0/24 [110/3] via 192.1.35.3, 00:01:38, FastEthernet1/0
O

R5#traceroute 4.4.4.4 numeric


Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.35.3 8 msec 4 msec 4 msec
2 192.1.13.1 [MPLS: Labels 16/27 Exp 0] 16 msec 20 msec 16 msec
3 192.1.24.2 [MPLS: Label 27 Exp 0] 12 msec 12 msec 16 msec
4 192.1.24.4 16 msec * 16
77

OSPF Domain-ID
Network Diagram

MPLS Backbone
OSPF Area 0

R5
F0/0

F0/1
F0/0

R2
S0/0
P2 203

FRSW
P3 302

IBGP

F0/0
Lo0 1.1.1.1/32

S0/0
Lo0 3.3.3.3/32

R3

R1

F0/1

F0/0

F1/0

F0/1

F0/0

F0/0

F0/0

F0/0

R4

R7

R6

R8

VRF
RED

VRF
BLUE

VRF
RED

VRF
BLUE

Configurations
VRF Configuration
R1
ip vrf BLUE
rd 150:10
route-target export 150:10
route-target import 150:10
ip vrf RED
78

rd 300:10
route-target export 300:10
route-target import 300:10
interface FastEthernet0/1
ip vrf forwarding RED
ip address 192.1.14.1 255.255.255.0
interface FastEthernet1/0
ip vrf forwarding BLUE
ip address 192.1.17.1 255.255.255.0
R3
ip vrf BLUE
rd 150:10
route-target export 150:10
route-target import 150:10
ip vrf RED
rd 300:10
route-target export 300:10
route-target import 300:10
interface FastEthernet0/0
ip vrf forwarding RED
ip address 192.1.36.3 255.255.255.0
interface FastEthernet0/1
ip vrf forwarding BLUE
ip address 192.1.38.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0
79

R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f0/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
int f0/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f0/0
80

mpls ip
int f0/1
mpls ip
MP-BGP Configuration
R1
router bgp 10
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 10
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 10
neighbor 1.1.1.1 remote-as 10
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
CE-PE routing Configuration
R1
router ospf 300 vrf RED
router-id 192.1.14.1
network 192.1.14.1 0.0.0.0 area 0
router ospf 150 vrf BLUE
router-id 192.1.17.1
network 192.1.17.1 0.0.0.0 area 0
R4
router ospf 100
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
R3
router ospf 300 vrf RED
router-id 192.1.36.3
network 192.1.36.3 0.0.0.0 area 0
81

router ospf 150 vrf BLUE


router-id 192.1.38.3
network 192.1.38.3 0.0.0.0 area 0
R4
router ospf 300
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.14.4 0.0.0.0 area 0
R6
router ospf 300
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.36.6 0.0.0.0 area 0
R7
router ospf 150
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 192.1.17.7 0.0.0.0 area 0
R8
router ospf 150
router-id 8.8.8.8
network 8.8.8.8 0.0.0.0 area 0
network 192.1.38.8 0.0.0.0 area 0
VPN Configuration
R1
router ospf 300 vrf RED
redistribute bgp 10 subnets
router ospf 150 vrf BLUE
redistribute bgp 10 subnets
router bgp 10
address-family ipv4 vrf RED
redistribute ospf 300 vrf RED
address-family ipv4 vrf BLUE
redistribute ospf 150 vrf BLUE

82

R3
router ospf 300 vrf RED
redistribute bgp 10 subnets
router ospf 150 vrf BLUE
redistribute bgp 10 subnets
router bgp 10
address-family ipv4 vrf RED
redistribute ospf 300 vrf RED
address-family ipv4 vrf BLUE
redistribute ospf 150 vrf BLUE
Verifications
R1#sh ip route vrf RED ospf
Routing Table: RED
O

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [110/2] via 192.1.14.4, 01:58:17, FastEthernet0/1

Routing Table: BLUE


7.0.0.0/32 is subnetted, 1 subnets
O
7.7.7.7 [110/2] via 192.1.17.7, 01:58:24, FastEthernet1/0
R3#sh ip route vrf RED ospf
Routing Table: RED
6.0.0.0/32 is subnetted, 1 subnets
O
6.6.6.6 [110/2] via 192.1.36.6, 01:58:30, FastEthernet0/0
R3#sh ip route vrf BLUE ospf
Routing Table: BLUE
O

8.0.0.0/32 is subnetted, 1 subnets


8.8.8.8 [110/2] via 192.1.38.8, 01:58:34, FastEthernet0/1

R1#sh bgp vpnv4 unicast all neighbors 3.3.3.3 advertised-routes


BGP table version is 85, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
83

Origin codes: i - IGP, e - EGP, ? - incomplete


Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 150:10 (default for vrf BLUE)
*> 7.7.7.7/32
192.1.17.7
2
32768 ?
*> 192.1.17.0
0.0.0.0
0
32768 ?
Route Distinguisher: 300:10 (default for vrf RED)
*> 4.4.4.4/32
192.1.14.4
2
32768 ?
*> 192.1.14.0
0.0.0.0
0
32768 ?
Total number of prefixes 4
R3#show bgp vpnv4 unicast all neighbors 1.1.1.1 advertised-routes
BGP table version is 88, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 150:10 (default for vrf BLUE)
*> 8.8.8.8/32
192.1.38.8
2
32768 ?
*> 192.1.38.0
0.0.0.0
0
32768 ?
Route Distinguisher: 300:10 (default for vrf RED)
*> 6.6.6.6/32
192.1.36.6
2
32768 ?
*> 192.1.36.0
0.0.0.0
0
32768 ?
Total number of prefixes 4
R4#sh ip ospf neighbor
Neighbor ID
192.1.14.1

Pri State
1 FULL/BDR

Dead Time Address


Interface
00:00:37 192.1.14.1
FastEthernet0/0

R4#sh ip route ospf


6.0.0.0/32 is subnetted, 1 subnets
O IA 6.6.6.6 [110/3] via 192.1.14.1, 02:59:21, FastEthernet0/0
O IA 192.1.36.0/24 [110/2] via 192.1.14.1, 02:59:21, FastEthernet0/0
R4#sh ip route 6.6.6.6
Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 3, type inter area
Last update from 192.1.14.1 on FastEthernet0/0, 02:59:31 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 02:59:31 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1
84

R4#ping 6.6.6.6 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms
R4#traceroute 6.6.6.6 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 6.6.6.6
1
2
3
4
5

192.1.14.1
192.1.15.5
192.1.25.2
192.1.36.3
192.1.36.6

4 msec 4 msec 4 msec


[MPLS: Labels 18/24 Exp 0] 16 msec 16 msec 16 msec
[MPLS: Labels 17/24 Exp 0] 16 msec 16 msec 20 msec
[MPLS: Label 24 Exp 0] 12 msec 12 msec 12 msec
16 msec * 12 msec

R6#sh ip ospf neighbor


Neighbor ID
192.1.36.3

Pri State
1 FULL/BDR

Dead Time Address


Interface
00:00:35 192.1.36.3
FastEthernet0/0

R6#sh ip route ospf


O IA 192.1.14.0/24 [110/2] via 192.1.36.3, 02:59:07, FastEthernet0/0
4.0.0.0/32 is subnetted, 1 subnets
O IA 4.4.4.4 [110/3] via 192.1.36.3, 02:59:07, FastEthernet0/0
R6#sh ip route 4.4.4.4
Routing entry for 4.4.4.4/32
Known via "ospf 300", distance 110, metric 3, type inter area
Last update from 192.1.36.3 on FastEthernet0/0, 02:59:12 ago
Routing Descriptor Blocks:
* 192.1.36.3, from 192.1.36.3, 02:59:12 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1
R6#ping 4.4.4.4 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 6.6.6.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms
85

R6#traceroute 4.4.4.4 source lo0 numeric


Type escape sequence to abort.
Tracing the route to 4.4.4.4
1
2
3
4
5

192.1.36.3
192.1.23.2
192.1.25.5
192.1.14.1
192.1.14.4

4 msec 0 msec 8 msec


[MPLS: Labels 19/25 Exp 0] 16 msec 16 msec 16 msec
[MPLS: Labels 20/25 Exp 0] 16 msec 16 msec 16 msec
[MPLS: Label 25 Exp 0] 16 msec 12 msec 12 msec
16 msec * 16 msec

R7#sh ip ospf neighbor


Neighbor ID
192.1.17.1

Pri State
1 FULL/BDR

Dead Time Address


Interface
00:00:37 192.1.17.1
FastEthernet0/0

R7#sh ip route ospf


O IA 192.1.38.0/24 [110/2] via 192.1.17.1, 03:00:33, FastEthernet0/0
8.0.0.0/32 is subnetted, 1 subnets
O IA 8.8.8.8 [110/3] via 192.1.17.1, 03:00:33, FastEthernet0/0
R7#sh ip route 8.8.8.8
Routing entry for 8.8.8.8/32
Known via "ospf 150", distance 110, metric 3, type inter area
Last update from 192.1.17.1 on FastEthernet0/0, 03:00:37 ago
Routing Descriptor Blocks:
* 192.1.17.1, from 192.1.17.1, 03:00:37 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1
R7#ping 8.8.8.8 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms
R7#traceroute 8.8.8.8 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 8.8.8.8
1 192.1.17.1 4 msec 4 msec 4 msec
2 192.1.15.5 [MPLS: Labels 18/22 Exp 0] 16 msec 20 msec 16 msec
86

3 192.1.25.2 [MPLS: Labels 17/22 Exp 0] 16 msec 16 msec 16 msec


4 192.1.38.3 [MPLS: Label 22 Exp 0] 12 msec 16 msec 12 msec
5 192.1.38.8 16 msec * 16 msec
R8#sh ip ospf neighbor
Neighbor ID
192.1.38.3

Pri State
1 FULL/BDR

Dead Time Address


Interface
00:00:39 192.1.38.3
FastEthernet0/0

R8#sh ip route ospf


7.0.0.0/32 is subnetted, 1 subnets
O IA 7.7.7.7 [110/3] via 192.1.38.3, 03:00:57, FastEthernet0/0
O IA 192.1.17.0/24 [110/2] via 192.1.38.3, 03:00:57, FastEthernet0/0
R8#sh ip route 7.7.7.7
Routing entry for 7.7.7.7/32
Known via "ospf 150", distance 110, metric 3, type inter area
Last update from 192.1.38.3 on FastEthernet0/0, 03:01:00 ago
Routing Descriptor Blocks:
* 192.1.38.3, from 192.1.38.3, 03:01:00 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1
R8#ping 7.7.7.7 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms
R8#traceroute 7.7.7.7 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 7.7.7.7
1
2
3
4
5

192.1.38.3
192.1.23.2
192.1.25.5
192.1.17.1
192.1.17.7

4 msec 4 msec 4 msec


[MPLS: Labels 19/22 Exp 0] 20 msec 16 msec 16 msec
[MPLS: Labels 20/22 Exp 0] 16 msec 16 msec 16 msec
[MPLS: Label 22 Exp 0] 16 msec 12 msec 12 msec
16 msec * 12 msec

Let us now check the domain ID value for VRF BLUE


R1#sh ip ospf | inc Domain|ospf
Routing Process "ospf 1" with ID 1.1.1.1
Routing Process "ospf 300" with ID 192.1.14.1
87

Domain ID type 0x0005, value 0.0.1.44


Routing Process "ospf 150" with ID 192.1.17.1
Domain ID type 0x0005, value 0.0.0.150
R3#sh ip ospf | inc Domain|ospf
Routing Process "ospf 1" with ID 3.3.3.3
Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.150
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.1.44
As can be seen from the outputs above , the domain ID values for VRF BLUE is
derived from the OSPF process ID which is 150 , As well R7 is learning R8 loopback
network as inter area route as well as for R4 which is learning R6 loopback network
as inter area route
Let us try to set the value of domain ID for both VRFs, for VRF RED will choose the
value of 0.0.0.60 and for VRF BLUE 0.0.0.50
R1
router ospf 300 vrf RED
domain-id 0.0.0.60
router ospf 150 vrf BLUE
domain-id 0.0.0.50
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R3
router ospf 300 vrf RED
domain-id 0.0.0.60
router ospf 150 vrf BLUE
domain-id 0.0.0.50
R3#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R1#sh ip ospf | inc Domain|ospf
Routing Process "ospf 1" with ID 1.1.1.1
Routing Process "ospf 300" with ID 192.1.14.1
Domain ID type 0x0005, value 0.0.0.60
Routing Process "ospf 150" with ID 192.1.17.1
Domain ID type 0x0005, value 0.0.0.50
R3#sh ip ospf | inc Domain|ospf
88

Routing Process "ospf 1" with ID 3.3.3.3


Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.50
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.0.60
Let us check R4s routing table
R4#sh ip route ospf | inc 6.6.6.6
O IA 6.6.6.6 [110/3] via 192.1.14.1, 00:00:12, FastEthernet0/0
Nothing has affected the route type, let us now try to change the domain ID on
R1for VRF RED to 0.0.0.120 and keep it as it is on R3
R1
router ospf 300 vrf RED
domain-id 0.0.0.120
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
sh ip route ospf | inc 6.6.6.6
O E2 6.6.6.6 [110/2] via 192.1.14.1, 00:00:06, FastEthernet0/0
R4#sh ip route 6.6.6.6
Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 2
Tag Complete, Path Length == 1, AS 10, , type extern 2, forward metric 1
Last update from 192.1.14.1 on FastEthernet0/0, 00:00:15 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 00:00:15 ago, via FastEthernet0/0
Route metric is 2, traffic share count is 1
Route tag 3489660938
As we can see the route type has changed to external 2, let us revert back to the
same domain ID value 0.0.0.60 and change the OSPF process ID on R1 for VRF
RED from 300 to 301
R1
no router ospf 300 vrf RED
router ospf 301 vrf RED
router-id 192.1.14.1
domain-id 0.0.0.60
redistribute bgp 10 subnets
network 192.1.14.1 0.0.0.0 area 0
router bgp 10
89

address-family ipv4 vrf RED


redistribute ospf 301 vrf RED
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
Checking R4s routing table again
R4#sh ip route ospf | inc 6.6.6.6
O IA 6.6.6.6 [110/3] via 192.1.14.1, 00:00:07, FastEthernet0/0
R4#sh ip route 6.6.6.6
Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 3, type inter area
Last update from 192.1.14.1 on FastEthernet0/0, 00:00:16 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 00:00:16 ago, via FastEthernet0/0
Route metric is 3, traffic share count is 1
So changing the process ID will not affect the routing table as long the domain ID
values are configured manually under the OSPF process , now if we removed the
domain ID configuration from both R1 and R3 for VRF RED , the route type should
change to external 2 again , why? Because the domain ID value is derived from the
process ID value, so we have different process ID values: 300 and 301
R1
router ospf 301 vrf RED
no domain-id 0.0.0.60
R1#clear ip ospf process
Reset ALL OSPF processes? [no]: y
R3
router ospf 300 vrf RED
no domain-id 0.0.0.60
R3#clear ip ospf process
Reset ALL OSPF processes? [no]: yes
R1#sh ip ospf | inc Domain|ospf
Routing Process "ospf 1" with ID 1.1.1.1
Routing Process "ospf 301" with ID 192.1.14.1
Domain ID type 0x0005, value 0.0.1.45
Routing Process "ospf 150" with ID 192.1.17.1
Domain ID type 0x0005, value 0.0.0.50
90

R3#sh ip ospf | inc Domain|ospf


Routing Process "ospf 1" with ID 3.3.3.3
Routing Process "ospf 150" with ID 192.1.38.3
Domain ID type 0x0005, value 0.0.0.50
Routing Process "ospf 300" with ID 192.1.36.3
Domain ID type 0x0005, value 0.0.1.44
R4#sh ip route ospf | inc 6.6.6.6
O E2 6.6.6.6 [110/2] via 192.1.14.1, 00:00:01, FastEthernet0/0
R4#sh ip route 6.6.6.6
Routing entry for 6.6.6.6/32
Known via "ospf 300", distance 110, metric 2
Tag Complete, Path Length == 1, AS 10, , type extern 2, forward metric 1
Last update from 192.1.14.1 on FastEthernet0/0, 00:00:02 ago
Routing Descriptor Blocks:
* 192.1.14.1, from 192.1.14.1, 00:00:02 ago, via FastEthernet0/0
Route metric is 2, traffic share count is 1
Route tag 3489660938

91

VRF Lite
Network Diagram

lo0 192.168.1.1/24

PE1
172.16.12.0/24

CE1

4
.0/2
6.11
1
.
2
17

172.
16.

13.0
/24

CE3
lo0 192.168.3.1/24

CE2

lo1 192.168.2.1/24

Configurations
VRF Configuration
PE1
ip vrf CE1
ip vrf CEs
interface FastEthernet0/0
ip vrf forwarding CE1
ip address 172.16.11.1 255.255.255.0
interface FastEthernet0/1
ip vrf forwarding CEs
ip address 172.16.12.1 255.255.255.0
interface FastEthernet1/0
ip vrf forwarding CEs
ip address 172.16.13.1 255.255.255.0
IGP Configuration
PE1
router ospf 1 vrf CE1
network 172.16.11.1 0.0.0.0 area 0

92

router ospf 2 vrf CEs


network 172.16.12.1 0.0.0.0 area 0
network 172.16.13.1 0.0.0.0 area 0
CE1
router ospf 1
network 172.16.11.2 0.0.0.0 area 0
network 192.168.1.1 0.0.0.0 area 0
CE2
router ospf 2
network 172.16.12.2 0.0.0.0 area 0
network 192.168.2.1 0.0.0.0 area 0
CE3
router ospf 2
network 172.16.13.2 0.0.0.0 area 0
network 192.168.3.1 0.0.0.0 area 0
Verifications
PE1#sh ip ospf neighbor
Neighbor ID
192.168.3.1
192.168.2.1
192.168.1.1

Pri State
1 FULL/BDR
1 FULL/DR
1 FULL/DR

Dead Time Address


Interface
00:00:39 172.16.13.2
FastEthernet1/0
00:00:39 172.16.12.2
FastEthernet0/1
00:00:33 172.16.11.2
FastEthernet0/0

PE1#sh ip route vrf CE1 ospf


Routing Table: CE1
O

192.168.1.0/32 is subnetted, 1 subnets


192.168.1.1 [110/2] via 172.16.11.2, 00:03:40, FastEthernet0/0

PE1#sh ip route vrf CEs ospf


Routing Table: CEs
192.168.2.0/32 is subnetted, 1 subnets
O
192.168.2.1 [110/2] via 172.16.12.2, 00:03:26, FastEthernet0/1
192.168.3.0/32 is subnetted, 1 subnets
O
192.168.3.1 [110/2] via 172.16.13.2, 00:03:36, FastEthernet1/0
CE1#sh ip ospf neighbor
93

Neighbor ID
172.16.11.1

Pri State
1 FULL/BDR

Dead Time Address


Interface
00:00:35 172.16.11.1
FastEthernet0/0

CE1#sh ip route ospf


CE1#
CE2#sh ip ospf neighbor
Neighbor ID
172.16.13.1

Pri State
1 FULL/BDR

Dead Time Address


Interface
00:00:35 172.16.12.1
FastEthernet0/0

CE2#sh ip route ospf


172.16.0.0/24 is subnetted, 2 subnets
O
172.16.13.0 [110/2] via 172.16.12.1, 00:03:33, FastEthernet0/0
192.168.3.0/32 is subnetted, 1 subnets
O
192.168.3.1 [110/3] via 172.16.12.1, 00:03:33, FastEthernet0/0
CE3#sh ip ospf neighbor
Neighbor ID
172.16.13.1

Pri State
1 FULL/DR

Dead Time Address


Interface
00:00:38 172.16.13.1
FastEthernet0/0

CE3#sh ip route ospf


172.16.0.0/24 is subnetted, 2 subnets
O
172.16.12.0 [110/2] via 172.16.13.1, 00:03:36, FastEthernet0/0
192.168.2.0/32 is subnetted, 1 subnets
O
192.168.2.1 [110/3] via 172.16.13.1, 00:03:26, FastEthernet0/0
CE2#ping 192.168.3.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.3.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.2.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/14/16 ms
CE2#traceroute 192.168.3.1 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.168.3.1
1 172.16.12.1 4 msec 12 msec 12 msec
2 172.16.13.2 24 msec * 16 msec
94

CE3#ping 192.168.2.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:
Packet sent with a source address of 192.168.3.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/24 ms
CE3#traceroute 192.168.2.1 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.168.2.1
1 172.16.13.1 4 msec 12 msec 12 msec
2 172.16.12.2 24 msec * 12 msec
As can be seen from the outputs above, CE1 has no knowledge about the loopbacks
of CE2 and CE3 as they are separated via VRF from PE1 side

95

VRF Export-maps
Network Diagram
Lo0
1.1.1.1/32

Lo0
4.4.4.4/32

192.1.24.0/24

Lo0
2.2.2.2/32

R2

4
/2
.0
2
.1
2.1
19

R1
S1/0

S1/0

S1/1
LSP

19
2.
1.
13
.0/
24

S1/0

IBGP
192.1.35.0/24

OSPF
Area 0

F2/0
RIPv2
F1/0

AS 100

R3
F2/0
RIPv2
F1/0

R5

R4

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:2
address-family ipv4
export map EXPORT_MAP
route-target import 100:5
ip prefix-list R4LOOP seq 5 permit 4.4.4.4/32
route-map EXPORT_MAP permit 10
match ip address prefix-list R4LOOP
set extcommunity rt 2.2.2.2:4
int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

96

Lo0
3.3.3.3/32

Lo0
5.5.5.5/32

R3
vrf definition MSSK
rd 100:3
address-family ipv4
export map EXPORT_MAP
route-target import 2.2.2.2:4
ip prefix-list R5LOOP seq 5 permit 5.5.5.5/32
route-map EXPORT_MAP permit 10
match ip address prefix-list R5LOOP
set extcommunity rt 100:5
int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force

97

int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
router rip
address-family ipv4 vrf MSSK
98

no auto-summary
version 2
network 192.1.24.2
R4
router rip
no auto-summary
version 2
network 4.4.4.4
network 192.1.24.4
R3
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.35.3
R5
router rip
no auto-summary
version 2
network 5.5.5.5
network 192.1.35.5
VPN Configuration
R2
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
R3
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1

99

Verifications
R1#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 1.1.1.1:0
TCP connection: 2.2.2.2.38298 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:35
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.2
Addresses bound to peer LDP Ident:
192.1.12.2
2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0
TCP connection: 3.3.3.3.34974 - 1.1.1.1.646
State: Oper; Msgs sent/rcvd: 67/65; Downstream
Up time: 00:49:34
LDP discovery sources:
Serial1/1, Src IP addr: 192.1.13.3
Addresses bound to peer LDP Ident:
192.1.13.3
3.3.3.3
R1#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No
Serial1/1
Yes (ldp)
No

BGP Static Operational


No No
Yes
No No
Yes

R2#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 - 2.2.2.2.38298
State: Oper; Msgs sent/rcvd: 66/66; Downstream
Up time: 00:49:39
LDP discovery sources:
Serial1/0, Src IP addr: 192.1.12.1
Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R2#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R3#show mpls ldp neighbor


Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0
TCP connection: 1.1.1.1.646 - 3.3.3.3.34974
State: Oper; Msgs sent/rcvd: 65/67; Downstream
Up time: 00:49:40
LDP discovery sources:
100

Serial1/0, Src IP addr: 192.1.13.1


Addresses bound to peer LDP Ident:
192.1.12.1
192.1.13.1
1.1.1.1
R3#show mpls interfaces
Interface
IP
Tunnel
Serial1/0
Yes (ldp)
No

BGP Static Operational


No No
Yes

R2#sh ip route vrf MSSK rip


Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [120/1] via 192.1.24.4, 00:00:15, FastEthernet2/0

R2#ping vrf MSSK 4.4.4.4


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/20/56 ms
R3#sh ip route vrf MSSK rip
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set

101

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [120/1] via 192.1.35.5, 00:00:21, FastEthernet2/0

R3#ping vrf MSSK 5.5.5.55


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.55, timeout is 2 seconds:
.
Success rate is 0 percent (0/1)
R3#ping vrf MSSK 5.5.5.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/5/12 ms
R3#show bgp vpnv4 unicast all summary
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
3/3 BGP path/bestpath attribute entries using 432 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1424 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
2.2.2.2
4

AS MsgRcvd MsgSent
100

14

14

TblVer InQ OutQ Up/Down


0

0 00:09:30

R3#show bgp vpnv4 unicast all


BGP table version is 5, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:2
*>i 4.4.4.4/32
2.2.2.2
1 100
0?
Route Distinguisher: 100:3 (default for vrf MSSK)
*>i 4.4.4.4/32
2.2.2.2
1 100
0?
*> 5.5.5.5/32
192.1.35.5
1
32768 ?
*> 192.1.35.0
0.0.0.0
0
32768 ?
102

R2#sh bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
3/3 BGP path/bestpath attribute entries using 432 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1424 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
3.3.3.3
4

AS MsgRcvd MsgSent
100

15

15

TblVer InQ OutQ Up/Down


0

0 00:10:15

R2#sh bgp vpnv4 unicast all


BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.24.4
1
32768 ?
*>i 5.5.5.5/32
3.3.3.3
1 100
0?
*> 192.1.24.0
0.0.0.0
0
32768 ?
Route Distinguisher: 100:3
*>i 5.5.5.5/32
3.3.3.3
1 100
0?
R4#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set

103

5.0.0.0/32 is subnetted, 1 subnets


R
5.5.5.5 [120/1] via 192.1.24.2, 00:00:16, FastEthernet1/0
R4#ping 5.5.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/23/28 ms
R5#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [120/1] via 192.1.35.3, 00:00:00, FastEthernet1/0

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms

104

MPLS AToM Eth to Eth


Network Diagram
Lo0
3.3.3.3/32

24
.0/
3
2
1.
2.
19

Lo0
2.2.2.2/32

Lo0
1.1.1.1/32

R2

OSPF Domain
Area 0

R3
LSP
IBGP

19
2.1
.3
4.
0/
24

R4

Lo0
4.4.4.4/32

F1/1

F1/1

F1/0 192.1.15.1/24

F1/0 192.1.15.5/24

R5

R1

Configurations
IGP Configuration
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
network 192.1.34.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.34.4 0.0.0.0 area 0
105

Lo0
5.5.5.5/32

MPLS LDP Configuration


R2
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
CE-CE routing Configuration
R1
router ospf 100
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R5
router ospf 100
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
Pseudowire Configuration
R2
pseudowire-class MSSK
106

encapsulation mpls
int f1/1
xconnect 4.4.4.4 15 pw-class MSSK
R4
pseudowire-class MSSK
encapsulation mpls
int f1/1
xconnect 2.2.2.2 15 pw-class MSSK
Verifications
R2#show mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.54771 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 14/13; Downstream
Up time: 00:05:07
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.23.3
192.1.34.3
3.3.3.3
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 2.2.2.2:0
TCP connection: 4.4.4.4.28399 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 10/9; Downstream
Up time: 00:00:54
LDP discovery sources:
Targeted Hello 2.2.2.2 -> 4.4.4.4, active, passive
Addresses bound to peer LDP Ident:
192.1.34.4
4.4.4.4
R2#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 3.3.3.3/32
0
Fa1/0
192.1.23.3
17
Pop Label 192.1.34.0/24 0
Fa1/0
192.1.23.3
18
17
4.4.4.4/32
0
Fa1/0
192.1.23.3
19
No Label l2ckt(1)
2213
Fa1/1
point2point
R4#show mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 4.4.4.4:0
TCP connection: 3.3.3.3.646 - 4.4.4.4.54817
State: Oper; Msgs sent/rcvd: 14/13; Downstream
Up time: 00:05:09
107

LDP discovery sources:


FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3
192.1.34.3
3.3.3.3
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 4.4.4.4:0
TCP connection: 2.2.2.2.646 - 4.4.4.4.28399
State: Oper; Msgs sent/rcvd: 10/10; Downstream
Up time: 00:01:08
LDP discovery sources:
Targeted Hello 4.4.4.4 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2
2.2.2.2
R4#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
16
2.2.2.2/32
0
Fa1/0
192.1.34.3
17
Pop Label 3.3.3.3/32
0
Fa1/0
192.1.34.3
18
Pop Label 192.1.23.0/24 0
Fa1/0
192.1.34.3
19
No Label l2ckt(1)
2570
Fa1/1
point2point
R2#show mpls l2transport summary
Destination address: 4.4.4.4, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0
R2#show mpls l2transport vc 15
Local intf
Local circuit
Dest address VC ID
Status
------------- -------------------------- --------------- ---------- ---------Fa1/1
Ethernet
4.4.4.4
15
UP
R4#show mpls l2transport summary
Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0
R4#show mpls l2transport vc 15
Local intf
Local circuit
Dest address VC ID
Status
------------- -------------------------- --------------- ---------- ---------Fa1/1
Ethernet
2.2.2.2
15
UP
R1#sh ip ospf neighbor

108

Neighbor ID
5.5.5.5

Pri State
1 FULL/DR

Dead Time Address


00:00:35 192.1.15.5

Interface
FastEthernet1/0

R1#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [110/2] via 192.1.15.5, 00:02:32, FastEthernet1/0

R1#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms
R1#traceroute 5.5.5.5 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.5 20 msec * 20 msec
R5#sh ip ospf neighbor
Neighbor ID
1.1.1.1

Pri State
1 FULL/BDR

Dead Time
00:00:31

Address
192.1.15.1

Interface
FastEthernet1/0

R5#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
109

Gateway of last resort is not set


O

1.0.0.0/32 is subnetted, 1 subnets


1.1.1.1 [110/2] via 192.1.15.1, 00:02:56, FastEthernet1/0

R5#ping 1.1.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/32 ms
R5#traceroute 1.1.1.1 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 1.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.1 28 msec * 12 msec
R3#debug mpls packet
Packet debugging is on
R3#
*Sep 12 16:56:20.079: MPLS turbo: Fa1/1: rx: Len 120 Stack {16 0 255} {19 0
255} CW {f:0 l:0 s:0}
*Sep 12 16:56:20.083: MPLS turbo: Fa1/0: tx: Len 116 Stack {19 0 254} CW {f:0
l:0 s:0}
*Sep 12 16:56:20.339: MPLS turbo: Fa1/1: rx: Len 86 Stack {16 0 255} {19 0
255} CW {f:0 l:0 s:0}
*Sep 12 16:56:20.339: MPLS turbo: Fa1/0: tx: Len 82 Stack {19 0 254} CW {f:0
l:0 s:0}
*Sep 12 16:56:20.507: MPLS turbo: Fa1/0: rx: Len 86 Stack {17 0 255} {19 0
255} CW {f:0 l:0 s:0}
*Sep 12 16:56:20.507: MPLS turbo: Fa1/1: tx: Len 82 Stack {19 0 254} CW {f:0
l:0 s:0}
*Sep 12 16:56:21.079: MPLS turbo: Fa1/0: rx: Len 140 Stack {17 0 255} {19 0
255} CW {f:0 l:0 s:0}
R3#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 2.2.2.2/32
15639
Fa1/0
192.1.23.2
17
Pop Label 4.4.4.4/32
15752
Fa1/1
192.1.34.4
R2#show mpls l2transport vc detail
Local interface: Fa1/1 up, line protocol up, Ethernet up
Destination address: 4.4.4.4, VC ID: 15, VC status: up
110

Output interface: Fa1/0, imposed label stack {17 19}


Preferred path: not configured
Default path: active
Next hop: 192.1.23.3
Create time: 00:05:28, last status change time: 00:05:25
Last label FSM state change time: 00:05:25
Signaling protocol: LDP, peer 4.4.4.4:0 up
Targeted Hello: 2.2.2.2(LDP Id) -> 4.4.4.4, LDP is UP
Status TLV support (local/remote) : enabled/supported
LDP route watch
: enabled
Label/status state machine
: established, LruRru
Last local dataplane status rcvd: No fault
Last BFD dataplane
status rcvd: Not sent
Last BFD peer monitor status rcvd: No fault
Last local AC circuit status rcvd: No fault
Last local AC circuit status sent: No fault
Last local PW i/f circ status rcvd: No fault
Last local LDP TLV
status sent: No fault
Last remote LDP TLV status rcvd: No fault
Last remote LDP ADJ status rcvd: No fault
MPLS VC labels: local 19, remote 19
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
Control Word: On (configured: autosense)
Dataplane:
SSM segment/switch IDs: 4097/4096 (used), PWID: 1
VC statistics:
transit packet totals: receive 102, send 100
transit byte totals: receive 10310, send 12738
transit packet drops: receive 0, seq error 0, send 0
R2#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 3.3.3.3/32
0
Fa1/0
192.1.23.3
17
Pop Label 192.1.34.0/24 0
Fa1/0
192.1.23.3
18
17
4.4.4.4/32
0
Fa1/0
192.1.23.3
19
No Label l2ckt(1)
10618
Fa1/1
point2point

111

MPLS AToM PPP to PPP


Network Diagram
Lo0
3.3.3.3/32

24
.0/
3
2
1.
2.
19

Lo0
2.2.2.2/32

Lo0
1.1.1.1/32

OSPF Domain
Area 0

R3

R2

19
2.1
.3
4.
0/
24

R4

Lo0
4.4.4.4/32

S2/0

S2/0

S1/0 192.1.15.1/24

S1/0 192.1.15.5/24

R5

R1

Configurations
IGP Configuration
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
network 192.1.34.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.34.4 0.0.0.0 area 0
112

Lo0
5.5.5.5/32

MPLS LDP Configuration


R2
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
CE-CE routing Configuration
R1
router ospf 100
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R5
router ospf 100
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
Pseudowire Configuration
R2
pseudowire-class MSSK
113

encapsulation mpls
int s2/0
xconnect 4.4.4.4 15 pw-class MSSK
R4
pseudowire-class MSSK
encapsulation mpls
int s2/0
xconnect 2.2.2.2 15 pw-class MSSK
Verifications
R2#sh mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.47549 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 10/10; Downstream
Up time: 00:02:20
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.23.3
192.1.34.3
3.3.3.3
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 2.2.2.2:0
TCP connection: 4.4.4.4.38194 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 9/9; Downstream
Up time: 00:00:24
LDP discovery sources:
Targeted Hello 2.2.2.2 -> 4.4.4.4, active, passive
Addresses bound to peer LDP Ident:
192.1.34.4
4.4.4.4
R2#sh mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 3.3.3.3/32
0
Fa1/0
192.1.23.3
17
Pop Label 192.1.34.0/24 0
Fa1/0
192.1.23.3
18
17
4.4.4.4/32
0
Fa1/0
192.1.23.3
19
No Label l2ckt(1)
1766
Se2/0
point2point
R4#sh mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 4.4.4.4:0
TCP connection: 3.3.3.3.646 - 4.4.4.4.13730
State: Oper; Msgs sent/rcvd: 10/11; Downstream
Up time: 00:02:35
114

LDP discovery sources:


FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3
192.1.34.3
3.3.3.3
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 4.4.4.4:0
TCP connection: 2.2.2.2.646 - 4.4.4.4.38194
State: Oper; Msgs sent/rcvd: 9/10; Downstream
Up time: 00:00:53
LDP discovery sources:
Targeted Hello 4.4.4.4 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2
2.2.2.2
R4#sh mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 3.3.3.3/32
0
Fa1/0
192.1.34.3
17
16
2.2.2.2/32
0
Fa1/0
192.1.34.3
18
Pop Label 192.1.23.0/24 0
Fa1/0
192.1.34.3
19
No Label l2ckt(1)
2436
Se2/0
point2point
R2#sh mpls l2transport summary
Destination address: 4.4.4.4, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0
R2#sh mpls l2transport vc 15
Local intf
Local circuit
Dest address VC ID
Status
------------- -------------------------- --------------- ---------- ---------Se2/0
PPP
4.4.4.4
15
UP
R4#sh mpls l2transport summary
Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0
R4#sh mpls l2transport vc 15
Local intf
Local circuit
Dest address VC ID
Status
------------- -------------------------- --------------- ---------- ---------Se2/0
PPP
2.2.2.2
15
UP
R1#sh ip ospf neighbor

115

Neighbor ID
5.5.5.5

Pri State
0 FULL/ -

Dead Time Address


00:00:38 192.1.15.5

Interface
Serial1/0

R1#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O

5.0.0.0/32 is subnetted, 1 subnets


5.5.5.5 [110/65] via 192.1.15.5, 00:02:14, Serial1/0

R1#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/24/36 ms
R1#traceroute 5.5.5.5 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 5.5.5.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.5 24 msec * 16 msec
R5#sh ip ospf neighbor
Neighbor ID
1.1.1.1

Pri State
0 FULL/ -

Dead Time Address


00:00:31 192.1.15.1

Interface
Serial1/0

R5#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
116

Gateway of last resort is not set


O

1.0.0.0/32 is subnetted, 1 subnets


1.1.1.1 [110/65] via 192.1.15.1, 00:02:53, Serial1/0

R5#ping 1.1.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/28 ms
R5#traceroute 1.1.1.1 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 1.1.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.15.1 28 msec * 28 msec Fa1/1

117

point2point

MPLS Inter-AS Xconnect


Network Diagram

R2

F1/0

S2/0

P1/0

P1/0

R3

R4

F2/0

F1/0

F2/0

S1/0

R5
S2/0
S1/0

R1
AS100

AS200

Configurations
IGP Configuration
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R4
router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
int lo0
ip router isis 1
int f2/0
118

R6

ip router isis 1
R5
router isis 1
net 49.0001.0000.0000.0005.00
is-type level-2-only
int lo0
ip router isis 1
int f1/0
ip router isis 1
MPLS LDP Configuration
R2
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f2/0
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f2/0
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip

119

Inter-AS BGP Configuration


R3
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.34.4 remote-as 200
address-family ipv4
network 3.3.3.3 mask 255.255.255.255
neighbor 192.1.34.4 activate
R4
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.34.3 remote-as 100
address-family ipv4
network 4.4.4.4 mask 255.255.255.255
neighbor 192.1.34.3 activate
Pseudowire Configuration
R2
pseudowire-class MSSK
encapsulation mpls
int s2/0
xconnect 5.5.5.5 16 pw-class MSSK
R5
pseudowire-class MSSK
encapsulation mpls
int s2/0
xconnect 2.2.2.2 16 pw-class MSSK
Verifications
R3#sh ip bgp
BGP table version is 3, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network

Next Hop

Metric LocPrf Weight Path


120

*> 3.3.3.3/32
*> 4.4.4.4/32

0.0.0.0
192.1.34.4

32768 i
0 200 i

R4#sh ip bgp
BGP table version is 3, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
*> 3.3.3.3/32
*> 4.4.4.4/32

Next Hop
192.1.34.3
0.0.0.0

Metric LocPrf Weight Path


0
0 100 i
0
32768 i

R2#show mpls ldp neighbor


Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.62349 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 12/14; Downstream
Up time: 00:05:52
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.34.3
192.1.23.3
3.3.3.3
R5#sh mpls ldp neighbor
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 5.5.5.5:0
TCP connection: 4.4.4.4.646 - 5.5.5.5.45835
State: Oper; Msgs sent/rcvd: 14/16; Downstream
Up time: 00:07:47
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.45.4
Addresses bound to peer LDP Ident:
192.1.34.4
192.1.45.4
4.4.4.4
R2#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 3.3.3.3/32
0
Fa1/0
192.1.23.3
17
No Label l2ckt()
0
drop
R5#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
Pop Label 4.4.4.4/32
0
Fa1/0
192.1.45.4
121

17

No Label

l2ckt()

drop

R2#show mpls l2transport summary


Destination address: 5.5.5.5, total number of vc: 1
0 unknown, 0 up, 1 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
R5#sh mpls l2transport summary
Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 0 up, 1 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
Now, R2 (the PE in AS 100) does not know about the loopback of R5 (the PE in AS
200) and vice versa which are used to configure the xconnect peering, and in order
for MPLS to operate, LDP has to assign labels which is IGP responsibility, in order
for that to take place we will redistribute the routes in IGP (OSPF and ISIS in AS
100, 200 respectively) , as well we have to advertise R2 and R5 loopbacks in BGP
R3
router bgp 100
address-family ipv4
network 2.2.2.2 mask 255.255.255.255
ip prefix-list MSSK seq 5 permit 4.4.4.4/32
ip prefix-list MSSK seq 10 permit 5.5.5.5/32
route-map MSSK permit 10
match ip address prefix-list MSSK
router ospf 1
redistribute bgp 100 subnets route-map MSSK
R4
router bgp 200
address-family ipv4
network 5.5.5.5 mask 255.255.255.255
ip prefix-list MSSK seq 5 permit 2.2.2.2/32
ip prefix-list MSSK seq 10 permit 3.3.3.3/32
route-map MSSK permit 10
match ip address prefix-list MSSK
router isis 1
redistribute bgp 200 route-map MSSK
R3#sh ip bgp
122

BGP table version is 5, local router ID is 3.3.3.3


Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
*> 2.2.2.2/32
*> 3.3.3.3/32
*> 4.4.4.4/32
*> 5.5.5.5/32

Next Hop
192.1.23.2
0.0.0.0
192.1.34.4
192.1.34.4

Metric LocPrf Weight Path


2
32768 i
0
32768 i
0
0 200 i
20
0 200 i

R4#sh ip bgp
BGP table version is 5, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
*> 2.2.2.2/32
*> 3.3.3.3/32
*> 4.4.4.4/32
*> 5.5.5.5/32

Next Hop
192.1.34.3
192.1.34.3
0.0.0.0
192.1.45.5

Metric LocPrf Weight Path


2
0 100 i
0
0 100 i
0
32768 i
20
32768 i

R2#
*Sep 13 02:04:37.279: %LDP-5-NBRCHG: LDP Neighbor 5.5.5.5:0 (2) is UP
R5#
*Sep 13 02:04:37.803: %LDP-5-NBRCHG: LDP Neighbor 2.2.2.2:0 (2) is UP
R2#sh mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.62349 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 29/31; Downstream
Up time: 00:18:49
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.34.3
192.1.23.3
3.3.3.3
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 2.2.2.2:0
TCP connection: 5.5.5.5.52375 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 12/12; Downstream
123

Up time: 00:02:54
LDP discovery sources:
Targeted Hello 2.2.2.2 -> 5.5.5.5, active, passive
Addresses bound to peer LDP Ident:
192.1.45.5
5.5.5.5
R2#sh mpls l2transport summary
Destination address: 5.5.5.5, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0
R5#sh mpls ldp neighbor
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 5.5.5.5:0
TCP connection: 4.4.4.4.646 - 5.5.5.5.45835
State: Oper; Msgs sent/rcvd: 32/32; Downstream
Up time: 00:20:41
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.45.4
Addresses bound to peer LDP Ident:
192.1.34.4
192.1.45.4
4.4.4.4
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 5.5.5.5:0
TCP connection: 2.2.2.2.646 - 5.5.5.5.52375
State: Oper; Msgs sent/rcvd: 12/13; Downstream
Up time: 00:03:11
LDP discovery sources:
Targeted Hello 5.5.5.5 -> 2.2.2.2, active, passive
Addresses bound to peer LDP Ident:
192.1.23.2
2.2.2.2
R5#sh mpls l2transport summary
Destination address: 2.2.2.2, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0
R2#show mpls forwarding-table | inc 5.5.5.5
19
19
5.5.5.5/32
0
Fa1/0

192.1.23.3

R5#sh mpls forwarding-table | inc 2.2.2.2


18
18
2.2.2.2/32
0
Fa1/0

192.1.45.4

Now in order for the labels to be passed through the ASes, we have to configure the
BGP neighbors to send the labels
R3
router bgp 100
124

address-family ipv4
neighbor 192.1.34.4 send-label
R4
router bgp 200
address-family ipv4
neighbor 192.1.34.3 send-label
R3
*Sep 13 02:13:01.135: %BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding
command has been configured on interface: POS1/0
R4
*Sep 13 02:13:00.983: %BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding
command has been configured on interface: POS1/0
R2#show mpls l2transport vc 16
Local intf
Local circuit
Dest address VC ID
Status
------------- -------------------------- --------------- ---------- ---------Se2/0
PPP
5.5.5.5
16
UP
R5#show mpls l2transport vc 16
Local intf
Local circuit
Dest address VC ID
Status
------------- -------------------------- --------------- ---------- ---------Se2/0
PPP
2.2.2.2
16
UP
R1#ping 192.1.16.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/41/80 ms
R6#ping 192.1.16.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/31/48 ms

125

MPLS L3VPN Inter-AS Option A


Network Diagram

AS100

R1

S1/0

S1/0

F2/0

F2/0

F1/0

F1/0

OSPF
A0

OSPF
A0

R4

R3

F1/1

F1/1

F1/0

F1/0

R5

R6

F1/1

R7

AS200

R2

F1/1
F1/0

F1/0

Configurations
VRF Configuration
R1
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int s1/0
vrf forwarding MSSK
ip address 192.1.12.1 255.255.255.0
126

R8

R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int s1/0
vrf forwarding MSSK
ip address 192.1.12.2 255.255.255.0
R5
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
R6
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0

127

R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.24.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.35.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
network 192.1.46.4 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.35.5 0.0.0.0 area 0
R6
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f2/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force

128

int f2/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
address-family vpnv4
129

neighbor 5.5.5.5 activate


neighbor 5.5.5.5 send-community both
R5
router bgp 100
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R2
router bgp 100
neighbor 6.6.6.6 remote-as 100
neighbor 6.6.6.6 update-source lo0
address-family vpnv4
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both
R6
router bgp 100
neighbor 2.2.2.2 remote-as 100
neighbor 12.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R1
router rip
address-family ipv4 vrf MSSK
network 192.1.12.0
no auto-summary
version 2
R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2
R7
router rip
130

version 2
network 7.0.0.0
network 192.1.57.0
no auto-summary
R2
address-family ipv4 vrf MSSK
network 192.1.12.0
no auto-summary
version 2
R6
router rip
address-family ipv4 vrf MSSK
network 192.1.68.0
no auto-summary
version 2
R8
router rip
version 2
network 8.0.0.0
network 192.1.68.0
no auto-summary
VPN Configuration
R1
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
R2
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
router bgp 200
address-family ipv4 vrf MSSK
redistribute rip

131

R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.57.0
redistribute rip
R6
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
address-family ipv4 vrf MSSK
network 192.1.68.0
redistribute rip
Verifications
R1#sh bgp vpnv4 unicast all summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 9, main routing table version 9
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
5.5.5.5
4

AS MsgRcvd MsgSent
100

31

28

TblVer InQ OutQ Up/Down


0

0 00:21:36

R1#sh bgp vpnv4 unicast all


BGP table version is 9, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

132

Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 7.7.7.7/32
5.5.5.5
1 100
0?
*> 8.8.8.8/32
192.1.12.2
1
32768 ?
*> 192.1.12.0
0.0.0.0
0
32768 ?
*> 192.1.12.2/32 0.0.0.0
0
32768 ?
*>i 192.1.57.0
5.5.5.5
0 100
0i
*> 192.1.68.0
192.1.12.2
1
32768 ?
R2#show bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 200
BGP table version is 9, main routing table version 9
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
6.6.6.6
4

AS MsgRcvd MsgSent
200

30

29

TblVer InQ OutQ Up/Down


0

0 00:20:56

R2#show bgp vpnv4 unicast all


BGP table version is 9, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32
192.1.12.1
1
32768 ?
*>i 8.8.8.8/32
6.6.6.6
1 100
0?
*> 192.1.12.0
0.0.0.0
0
32768 ?
*> 192.1.12.1/32 0.0.0.0
0
32768 ?
*> 192.1.57.0
192.1.12.1
1
32768 ?
*>i 192.1.68.0
6.6.6.6
0 100
0i
R5#show bgp vpnv4 unicast all summary
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 11, main routing table version 11
133

6 network entries using 936 bytes of memory


6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
1.1.1.1
4

AS MsgRcvd MsgSent
100

28

32

11

TblVer InQ OutQ Up/Down


0

0 00:22:00

R5#show bgp vpnv4 unicast all


BGP table version is 11, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32
192.1.57.7
1
32768 ?
*>i 8.8.8.8/32
1.1.1.1
1 100
0?
*>i 192.1.12.0
1.1.1.1
0 100
0?
*>i 192.1.12.2/32 1.1.1.1
0 100
0?
*> 192.1.57.0
0.0.0.0
0
32768 i
*>i 192.1.68.0
1.1.1.1
1 100
0?
R6#sh bgp vpnv4 unicast all summary
BGP router identifier 6.6.6.6, local AS number 200
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2016 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
2.2.2.2
4

AS MsgRcvd MsgSent
200

29

31

11
134

TblVer InQ OutQ Up/Down


0

0 00:21:18

R6#sh bgp vpnv4 unicast all


BGP table version is 11, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 7.7.7.7/32
2.2.2.2
1 100
0?
*> 8.8.8.8/32
192.1.68.8
1
32768 ?
*>i 192.1.12.0
2.2.2.2
0 100
0?
*>i 192.1.12.1/32 2.2.2.2
0 100
0?
*>i 192.1.57.0
2.2.2.2
1 100
0?
*> 192.1.68.0
0.0.0.0
0
32768 i
R7#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R
R
R

8.0.0.0/32 is subnetted, 1 subnets


8.8.8.8 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
192.1.12.0/24 is variably subnetted, 2 subnets, 2 masks
192.1.12.0/24 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
192.1.12.2/32 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
192.1.68.0/24 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0

R7#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 84/103/144 ms
R7#traceroute 8.8.8.8 source lo0 numeric
Type escape sequence to abort.
135

Tracing the route to 8.8.8.8


VRF info: (vrf in name/id, vrf out name/id)
1 192.1.57.5 16 msec 12 msec 16 msec
2 192.1.35.3 [MPLS: Labels 16/22 Exp 0] 72 msec 36 msec 64 msec
3 192.1.12.1 [MPLS: Label 22 Exp 0] 44 msec 20 msec 36 msec
4 192.1.12.2 60 msec 52 msec 44 msec
5 192.1.24.4 [MPLS: Labels 17/20 Exp 0] 96 msec 104 msec 116 msec
6 192.1.68.6 [MPLS: Label 20 Exp 0] 72 msec 100 msec 72 msec
7 192.1.68.8 88 msec * 88 msec
R8#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R
R
R

7.0.0.0/32 is subnetted, 1 subnets


7.7.7.7 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0
192.1.12.0/24 is variably subnetted, 2 subnets, 2 masks
192.1.12.0/24 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0
192.1.12.1/32 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0
192.1.57.0/24 [120/1] via 192.1.68.6, 00:00:25, FastEthernet1/0

R8#ping 7.7.7.7 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/90/108 ms
R8#traceroute 7.7.7.7 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.68.6 4 msec 16 msec 12 msec
2 192.1.46.4 [MPLS: Labels 16/20 Exp 0] 32 msec 44 msec 64 msec
3 192.1.12.2 [MPLS: Label 20 Exp 0] 28 msec 40 msec 48 msec
4 192.1.12.1 76 msec 52 msec 44 msec
5 192.1.13.3 [MPLS: Labels 17/20 Exp 0] 100 msec 76 msec 88 msec
136

6 192.1.57.5 [MPLS: Label 20 Exp 0] 68 msec 72 msec 72 msec


7 192.1.57.7 104 msec * 120 msec
R1#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
17
Pop Label 3.3.3.3/32
0
Fa2/0
192.1.13.3
18
Pop Label 192.1.35.0/24 0
Fa2/0
192.1.13.3
19
17
5.5.5.5/32
0
Fa2/0
192.1.13.3
20
No Label 192.1.12.0/24[V] 0
aggregate/MSSK
21
No Label 192.1.12.2/32[V] 0
Se1/0
point2point
22
No Label 8.8.8.8/32[V] 4548
Se1/0
point2point
23
No Label 192.1.68.0/24[V] 0
Se1/0
point2point
R2#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
17
Pop Label 4.4.4.4/32
0
Fa2/0
192.1.24.4
18
Pop Label 192.1.46.0/24 0
Fa2/0
192.1.24.4
19
17
6.6.6.6/32
0
Fa2/0
192.1.24.4
20
No Label 7.7.7.7/32[V] 3116
Se1/0
point2point
21
No Label 192.1.12.0/24[V] 0
aggregate/MSSK
22
No Label 192.1.12.1/32[V] 0
Se1/0
point2point
23
No Label 192.1.57.0/24[V] 1684
Se1/0
point2point

137

MPLS L3VPN Inter-AS Option B


Network Diagram

AS100

R1

S1/0

S1/0

F2/0

F2/0

F1/0

F1/0

OSPF
A0

OSPF
A0

R4

R3

F1/1

F1/1

F1/0

F1/0

R5

R6

F1/1

R7

AS200

R2

F1/1
F1/0

F1/0

Configurations
VRF Configuration
R5
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
138

R8

R6
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.24.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.35.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.24.4 0.0.0.0 area 0
network 192.1.46.4 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
139

network 5.5.5.5 0.0.0.0 area 0


network 192.1.35.5 0.0.0.0 area 0
R6
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f2/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f2/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
int f1/1
mpls ip

140

R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
neighbor 192.1.12.2 remote-as 200
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community both
neighbor 5.5.5.5 next-hop-self
neighbor 192.1.12.2 activate
neighbor 192.1.12.2 send-community both
R5
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source lo0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
R2
router bgp 200
no bgp default ipv4-unicast
neighbor 6.6.6.6 remote-as 200
neighbor 6.6.6.6 update-source lo0
neighbor 192.1.12.1 remote-as 100
address-family vpnv4
141

neighbor
neighbor
neighbor
neighbor
neighbor

6.6.6.6 activate
6.6.6.6 send-community both
6.6.6.6 next-hop-self
192.1.12.1 activate
192.1.12.1 send-community both

R6
router bgp 200
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2
R7
router rip
version 2
network 7.0.0.0
network 192.1.57.0
no auto-summary
R6
router rip
address-family ipv4 vrf MSSK
network 192.1.68.0
no auto-summary
version 2
R8
router rip
version 2
network 8.0.0.0
network 192.1.68.0
no auto-summary

142

VPN Configuration
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
router bgp 100
address-family ipv4 vrf MSSK
network 192.1.57.0
redistribute rip
R6
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
router bgp 200
address-family ipv4 vrf MSSK
network 192.1.68.0
redistribute rip
Verifications
R1#show bgp vpnv4 unicast all summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
5.5.5.5
4
192.1.12.2
4

AS MsgRcvd MsgSent
100
200

TblVer InQ OutQ Up/Down


5

0 00:03:10
0 0 00:02:59

R1#show bgp vpnv4 unicast all


BGP table version is 5, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
143

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,


x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Route Distinguisher: 100:1
*>i 7.7.7.7/32
5.5.5.5
*> 8.8.8.8/32
192.1.12.2
*>i 192.1.57.0
5.5.5.5
*> 192.1.68.0
192.1.12.2

Metric LocPrf Weight Path


1

100

100

0?
0 200 ?
0i
0 200 i

R2#show bgp vpnv4 unicast all summary


BGP router identifier 2.2.2.2, local AS number 200
BGP table version is 5, main routing table version 5
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
6.6.6.6
4
192.1.12.1
4

AS MsgRcvd MsgSent
200
100

TblVer InQ OutQ Up/Down


5

0 00:03:12
0 00:03:12

R2#show bgp vpnv4 unicast all


BGP table version is 5, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Route Distinguisher: 100:1
*> 7.7.7.7/32
192.1.12.1
*>i 8.8.8.8/32
6.6.6.6
*> 192.1.57.0
192.1.12.1
*>i 192.1.68.0
6.6.6.6

Metric LocPrf Weight Path


1

100

100

144

0 100 ?
0?
0 100 i
0i

R5#show bgp vpnv4 unicast all summary


BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
1.1.1.1
4

AS MsgRcvd MsgSent
100

10

TblVer InQ OutQ Up/Down


0

0 00:03:34

R5#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32
192.1.57.7
1
32768 ?
*>i 8.8.8.8/32
1.1.1.1
0 100
0 200 ?
*> 192.1.57.0
0.0.0.0
0
32768 i
*>i 192.1.68.0
1.1.1.1
0 100
0 200 i
R5#show bgp vpnv4 unicast all summary
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs

145

Neighbor
V
State/PfxRcd
1.1.1.1
4

AS MsgRcvd MsgSent
100

10

TblVer InQ OutQ Up/Down


0

0 00:03:34

R5#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32
192.1.57.7
1
32768 ?
*>i 8.8.8.8/32
1.1.1.1
0 100
0 200 ?
*> 192.1.57.0
0.0.0.0
0
32768 i
*>i 192.1.68.0
1.1.1.1
0 100
0 200 i
R5#show bgp vpnv4 unicast all neighbors 1.1.1.1 advertised-routes
BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 7.7.7.7/32
192.1.57.7
1
32768 ?
*> 192.1.57.0
0.0.0.0
0
32768 i
Total number of prefixes 2
R6#show bgp vpnv4 unicast all summary
BGP router identifier 6.6.6.6, local AS number 200
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1568 total bytes of memory
146

BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs


Neighbor
V
State/PfxRcd
2.2.2.2
4

AS MsgRcvd MsgSent
200

10

TblVer InQ OutQ Up/Down


0

0 00:03:34

R6#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 7.7.7.7/32
2.2.2.2
0 100
0 100 ?
*> 8.8.8.8/32
192.1.68.8
1
32768 ?
*>i 192.1.57.0
2.2.2.2
0 100
0 100 i
*> 192.1.68.0
0.0.0.0
0
32768 i
R6#show bgp vpnv4 unicast all neighbors 2.2.2.2 advertised-routes
BGP table version is 7, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 8.8.8.8/32
192.1.68.8
1
32768 ?
*> 192.1.68.0
0.0.0.0
0
32768 i
Total number of prefixes 2
R7#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
147

Gateway of last resort is not set


R
R

8.0.0.0/32 is subnetted, 1 subnets


8.8.8.8 [120/1] via 192.1.57.5, 00:00:26, FastEthernet1/0
192.1.68.0/24 [120/1] via 192.1.57.5, 00:00:26, FastEthernet1/0

R7#ping 8.8.8.8 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 80/90/104 ms
R7#traceroute 8.8.8.8 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 8.8.8.8
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.57.5 8 msec 8 msec 8 msec
2 192.1.35.3 [MPLS: Labels 16/22 Exp 0] 84 msec 64 msec 96 msec
3 192.1.13.1 [MPLS: Label 22 Exp 0] 64 msec 52 msec 76 msec
4 192.1.12.2 [MPLS: Label 21 Exp 0] 100 msec 52 msec 108 msec
5 192.1.24.4 [MPLS: Labels 17/20 Exp 0] 80 msec 72 msec 120 msec
6 192.1.68.6 [MPLS: Label 20 Exp 0] 68 msec 104 msec 96 msec
7 192.1.68.8 84 msec * 136 msec
R8#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R

7.0.0.0/32 is subnetted, 1 subnets


7.7.7.7 [120/1] via 192.1.68.6, 00:00:19, FastEthernet1/0
192.1.57.0/24 [120/1] via 192.1.68.6, 00:00:19, FastEthernet1/0

R8#ping 7.7.7.7 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
148

Packet sent with a source address of 8.8.8.8


!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 64/83/108 ms
R8#traceroute 7.7.7.7 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.68.6 12 msec 12 msec 8 msec
2 192.1.46.4 [MPLS: Labels 16/20 Exp 0] 108 msec 92 msec 60 msec
3 192.1.24.2 [MPLS: Label 20 Exp 0] 112 msec 84 msec 88 msec
4 192.1.12.1 [MPLS: Label 20 Exp 0] 96 msec 80 msec 92 msec
5 192.1.13.3 [MPLS: Labels 17/20 Exp 0] 68 msec 112 msec 52 msec
6 192.1.57.5 [MPLS: Label 20 Exp 0] 64 msec 60 msec 72 msec
7 192.1.57.7 76 msec * 84 msec

149

Carrier supporting Carrier (CSC)


Network Diagram

R7
F1/0
RIPv2
F1/1

R5

F1/0
OSPF 1
F1/1
R3 F1/0

P1/0

P1/0

R1

R2

F1/0

R4

F2/0
F2/0

F2/0
OSPF 1
F1/0

F1/0

R6
F1/1
EIGRP 68
F1/0

F1/1

AS100

AS200

R9

F1/1
RIPv2
F1/0

R10

R8

Configurations
VRF Configuration
R3
vrf definition ABC
rd 100:1
address-family ipv4
150

route-target export 100:1


route-target import 100:1
route-target import 200:1
interface FastEthernet1/1
vrf forwarding ABC
ip address 192.1.35.3 255.255.255.0
interface FastEthernet2/0
vrf forwarding ABC
ip address 192.1.36.3 255.255.255.0
R4
vrf definition ABC
rd 200:1
address-family ipv4
route-target export 200:1
route-target import 200:1
route-target import 100:1
interface FastEthernet1/1
vrf forwarding ABC
ip address 192.1.49.4 255.255.255.0
IGP Configuration
R1
router isis 1
net 49.0001.0000.0000.0001.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet2/0
ip router isis 1
R2
router isis 1
net 49.0002.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet2/0
ip router isis 1

151

R3
router isis 1
net 49.0001.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet1/0
ip router isis 1
R4
router isis 1
net 49.0002.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
interface FastEthernet1/0
ip router isis 1
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
interface FastEthernet2/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet2/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface FastEthernet1/0
mpls ip
R4
mpls label protocol ldp
mpls ldp router-id Loopback0 force

152

interface FastEthernet1/0
mpls ip
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 192.1.12.2 remote-as 200
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
neighbor 3.3.3.3 route-reflector-client
neighbor 3.3.3.3 next-hop-self
neighbor 192.1.12.2 activate
neighbor 192.1.12.2 send-community both
R2
router bgp 200
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 200
neighbor 4.4.4.4 update-source Loopback0
neighbor 192.1.12.1 remote-as 100
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
neighbor 4.4.4.4 next-hop-self
neighbor 192.1.12.1 activate
neighbor 192.1.12.1 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both

153

R4
router bgp 200
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R3
router ospf 1 vrf ABC
router-id 192.1.1.3
network 192.1.35.3 0.0.0.0 area 0
network 192.1.36.3 0.0.0.0 area 0
R4
router ospf 1 vrf ABC
router-id 192.1.1.4
network 192.1.49.4 0.0.0.0 area 0
R5
router ospf 1
router-id 192.1.1.5
network 192.1.35.5 0.0.0.0 area 0
network 192.1.1.5 0.0.0.0 area 0
R6
router ospf 1
router-id 192.1.1.6
network 192.1.1.6 0.0.0.0 area 0
network 192.1.36.6 0.0.0.0 area 0
R9
router ospf 1
router-id 192.1.1.9
network 192.1.1.9 0.0.0.0 area 0
network 192.1.49.9 0.0.0.0 area 0
VPN Configuration
R2
router eigrp 1
154

address-family ipv4 vrf MSSK autonomous-system 1


redistribute bgp 100 metric 10000 1 255 1 1500
router bgp 100
address-family ipv4 vrf MSSK
redistribute eigrp 1
R3
router ospf 1 vrf ABC
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf ABC
redistribute ospf 1 vrf ABC
network 192.1.35.0 mask 255.255.255.0
network 192.1.36.0 mask 255.255.255.0
R4
router ospf 1 vrf ABC
redistribute bgp 200 subnets
router bgp 200
address-family ipv4 vrf ABC
redistribute ospf 1 vrf ABC
network 192.1.49.0 mask 255.255.255.0
Verifications
R5#sh ip ospf neighbor
Neighbor ID
Pri State
Dead Time Address
Interface
192.1.1.3
1 FULL/BDR
00:00:39 192.1.35.3
FastEthernet1/0
R5#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O
O

192.1.1.0/32 is subnetted, 2 subnets


192.1.1.6 [110/3] via 192.1.35.3, 00:05:02, FastEthernet1/0
192.1.36.0/24 [110/2] via 192.1.35.3, 00:05:02, FastEthernet1/0
155

R5#ping 192.1.1.6 sou


R5#ping 192.1.1.6 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.6, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/52/140 ms
R5#traceroute 192.1.1.6 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.1.1.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.35.3 28 msec 12 msec 12 msec
2 192.1.36.6 48 msec * 28 msec
R6#sh ip ospf neighbor
Neighbor ID
192.1.1.3

Pri State
1 FULL/BDR

Dead Time Address


00:00:31 192.1.36.3

Interface
FastEthernet1/0

R6#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O
O

192.1.1.0/24 is variably subnetted, 3 subnets, 2 masks


192.1.1.5/32 [110/3] via 192.1.36.3, 00:06:02, FastEthernet1/0
192.1.35.0/24 [110/2] via 192.1.36.3, 00:06:02, FastEthernet1/0

R6#ping 192.1.1.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.5, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/36/44 ms
R6#traceroute 192.1.1.5 source lo0 numeric
Type escape sequence to abort.
156

Tracing the route to 192.1.1.5


VRF info: (vrf in name/id, vrf out name/id)
1 192.1.36.3 20 msec 12 msec 20 msec
2 192.1.35.5 44 msec * 36 msec
R9#sh ip ospf neighbor
Neighbor ID
192.1.1.4

Pri State
1 FULL/DR

Dead Time
00:00:39

Address
192.1.49.4

Interface
FastEthernet1/0

R9#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
Why R9 is not learning any routes from AS 100 ?
First , our VRF in AS 100 has to be configured to import the value from AS 200 and
vice versa
R3
vrf definition ABC
address-family ipv4
route-target import 200:1
R4
vrf definition ABC
address-family ipv4
route-target import 100:1
Next, our EBGP speakers will filter route-target by default
R1
router bgp 200
no bgp default route-target filter
R2
router bgp 200
157

no bgp default route-target filter


R9#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O
O
O
O

192.1.1.0/32 is subnetted, 3 subnets


IA
192.1.1.5 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
IA
192.1.1.6 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
IA 192.1.35.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
IA 192.1.36.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0

R9#sh ip route ospf


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
O
O
O
O

192.1.1.0/32 is subnetted, 3 subnets


IA
192.1.1.5 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
IA
192.1.1.6 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
IA 192.1.35.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0
IA 192.1.36.0/24 [110/2] via 192.1.49.4, 00:00:06, FastEthernet1/0

R9#ping 192.1.1.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.5, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.9
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 60/91/120 ms

158

R9#ping 192.1.1.6 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.1.6, timeout is 2 seconds:
Packet sent with a source address of 192.1.1.9
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 72/87/100 ms
R9#traceroute 192.1.1.5 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.1.1.5
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.49.4 12 msec 24 msec 12 msec
2 192.1.24.2 [MPLS: Label 20 Exp 0] 72 msec 72 msec 84 msec
3 192.1.12.1 [MPLS: Label 20 Exp 0] 88 msec 92 msec 92 msec
4 192.1.35.3 [MPLS: Label 16 Exp 0] 56 msec 84 msec 48 msec
5 192.1.35.5 80 msec * 76 msec
R9#traceroute 192.1.1.6 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.1.1.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.49.4 20 msec 16 msec 16 msec
2 192.1.24.2 [MPLS: Label 21 Exp 0] 104 msec 104 msec 88 msec
3 192.1.12.1 [MPLS: Label 21 Exp 0] 92 msec 104 msec 60 msec
4 192.1.36.3 [MPLS: Label 17 Exp 0] 72 msec 44 msec 64 msec
5 192.1.36.6 64 msec * 60 msec
Now , we have achieved connectivity between our first customer sites , let us move
to our customers customer which will be referred to via VRF MSSK
VRF Configuration
R5
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1
route-target import 300:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
R6
vrf definition MSSK
159

rd 300:1
address-family ipv4
route-target export 300:1
route-target import 300:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.68.6 255.255.255.0
R9
vrf definition MSSK
rd 300:1
address-family ipv4
route-target export 300:1
route-target import 300:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.109.9 255.255.255.0
MPLS LDP Configuration
R3
int FastEthernet1/1
mpls ip
int FastEthernet2/0
mpls ip
R4
int FastEthernet 1/1
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id lo0 force
interface FastEthernet1/0
mpls ip
R6
mpls label protocol ldp
mpls ldp router-id lo0 force
interface FastEthernet1/0
mpls ip
160

R9
mpls label protocol ldp
mpls ldp router-id lo0 force
interface FastEthernet1/0
mpls ip
MP-BGP Configuration
R5
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.1.6 remote-as 100
neighbor 192.1.1.6 update-source Loopback0
neighbor 192.1.1.9 remote-as 200
neighbor 192.1.1.9 ebgp-multihop 255
neighbor 192.1.1.9 update-source Loopback0
address-family vpnv4
neighbor 192.1.1.6 activate
neighbor 192.1.1.6 send-community both
neighbor 192.1.1.9 activate
neighbor 192.1.1.9 send-community both
neighbor 192.1.1.9 next-hop-unchanged
R6
router bgp 100
no bgp default ipv4-unicast
neighbor 192.1.1.5 remote-as 100
neighbor 192.1.1.5 update-source Loopback0
address-family vpnv4
neighbor 192.1.1.5 activate
neighbor 192.1.1.5 send-community both
R9
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.1.5 remote-as 100
neighbor 192.1.1.5 ebgp-multihop 255
neighbor 192.1.1.5 update-source Loopback0
address-family vpnv4
neighbor 192.1.1.5 activate
161

neighbor 192.1.1.5 send-community both


neighbor 192.1.1.5 next-hop-unchanged
PE-CE routing Configuration
R5
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.57.0
R7
router rip
no auto-summary
version 2
network 172.1.0.0
network 192.1.57.0
R6
router eigrp 68
address-family ipv4 vrf MSSK autonomous-system 68
no auto-summary
network 192.1.68.0
R8
router eigrp 68
no auto-summary
network 172.1.0.0
network 192.1.68.0
R9
router rip
address-family ipv4 vrf MSSK
no auto-summary
version 2
network 192.1.109.0
R10
router rip
no auto-summary
version 2
network 172.1.0.0
network 192.1.109.0

162

VPN Configuration
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
R6
router eigrp 68
address-family ipv4 vrf MSSK autonomous-system 68
redistribute bgp 100
default-metric 10000 1000 255 1 1500
router bgp 100
address-family ipv4 vrf MSSK
redistribute eigrp 68
R9
router rip
address-family ipv4 vrf MSSK
redistribute bgp 200 metric 1
router bgp 200
address-family ipv4 vrf MSSK
redistribute rip
Verification
R5#sh ip route vrf MSSK rip
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
163

172.1.0.0/32 is subnetted, 3 subnets


172.1.1.7 [120/1] via 192.1.57.7, 00:00:00, FastEthernet1/1

R5#ping vrf MSSK 172.1.1.7


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/21/44 ms
R6#sh ip eigrp vrf MSSK neighbors
EIGRP-IPv4 Neighbors for AS(68) VRF(MSSK)
H Address
Interface
Hold Uptime SRTT RTO Q Seq
(sec)
(ms)
Cnt Num
0 192.1.68.8
Fa1/1
12 00:08:45 1038 5000 0 4
R6#sh ip route vrf MSSK eigrp
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
D

172.1.0.0/32 is subnetted, 3 subnets


172.1.1.8 [90/156160] via 192.1.68.8, 00:08:50, FastEthernet1/1

R6#ping vrf MSSK 172.1.1.8


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.8, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/50/68 ms
R9#sh ip route vrf MSSK rip
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
164

E1 - OSPF external type 1, E2 - OSPF external type 2


i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R

172.1.0.0/32 is subnetted, 3 subnets


172.1.1.10 [120/1] via 192.1.109.10, 00:00:02, FastEthernet1/1

R9#ping vrf MSSK 172.1.1.10


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.1.1.10, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/12/20 ms
R5#sh bgp vpnv4 unicast all summary
BGP router identifier 192.1.1.5, local AS number 100
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 524 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2828 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
192.1.1.6
4
192.1.1.9
4

AS MsgRcvd MsgSent
100
200

11
11

12
12

TblVer InQ OutQ Up/Down

11
11

0
0

0 00:06:37
0 00:06:28

2
2

R5#sh bgp vpnv4 unicast all


BGP table version is 11, local router ID is 192.1.1.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 300:1 (default for vrf MSSK)
165

*>
*>i
*>
*>
*>i
*>

172.1.1.7/32
192.1.57.7
172.1.1.8/32
192.1.1.6
172.1.1.10/32 192.1.1.9
192.1.57.0
0.0.0.0
192.1.68.0
192.1.1.6
192.1.109.0
192.1.1.9

1
32768 ?
156160 100
0?
1
0 200 ?
0
32768 ?
0 100
0?
0
0 200 ?

R6#sh bgp vpnv4 unicast all summary


BGP router identifier 192.1.1.6, local AS number 100
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 524 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2828 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
192.1.1.5
4

AS MsgRcvd MsgSent
100

13

12

TblVer InQ OutQ Up/Down

11

0 00:06:51

R6#sh bgp vpnv4 unicast all


BGP table version is 11, local router ID is 192.1.1.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 300:1 (default for vrf MSSK)
*>i 172.1.1.7/32
192.1.1.5
1 100
0?
*> 172.1.1.8/32
192.1.68.8
156160
32768 ?
*>i 172.1.1.10/32 192.1.1.9
1 100
0 200 ?
*>i 192.1.57.0
192.1.1.5
0 100
0?
*> 192.1.68.0
0.0.0.0
0
32768 ?
*>i 192.1.109.0
192.1.1.9
0 100
0 200 ?
R9#sh bgp vpnv4 unicast all summary
BGP router identifier 192.1.1.9, local AS number 200
BGP table version is 11, main routing table version 11
6 network entries using 936 bytes of memory
166

6 path entries using 480 bytes of memory


6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 144 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2448 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
192.1.1.5
4

AS MsgRcvd MsgSent
100

13

12

TblVer InQ OutQ Up/Down

11

0 00:06:53

R9#sh bgp vpnv4 unicast all


BGP table version is 11, local router ID is 192.1.1.9
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 300:1 (default for vrf MSSK)
*> 172.1.1.7/32
192.1.1.5
1
0 100 ?
*> 172.1.1.8/32
192.1.1.6
0 100 ?
*> 172.1.1.10/32 192.1.109.10
1
32768 ?
*> 192.1.57.0
192.1.1.5
0
0 100 ?
*> 192.1.68.0
192.1.1.6
0 100 ?
*> 192.1.109.0
0.0.0.0
0
32768 ?

167

MPLS TE with OSPF


Network Diagram

R6
RIPv2

R7

F1/0

F1/0

F1/1

F1/1

R4

F2/0
F1/0

R1

R2
F1/0

F1/0

RIPv2

R5

F2/0
F1/0

F1/1

F1/1

F1/0

R3

Configurations
VRF Configuration
R4
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
int f1/1
vrf forwarding MSSK
ip address 192.1.46.4 255.255.255.0
R5
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
168

F1/1

OSPF A0
AS 100

route-target import 100:1


int f1/1
vrf forwarding MSSK
ip address 192.1.57.5 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
network 192.1.14.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R4
router ospf 1
router-id 4.4.4.4
network 4.4.4.4 0.0.0.0 area 0
network 192.1.14.4 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0

169

MP-BGP Configuration
R4
router bgp 100
no bgp default ipv4-unicast
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source lo0
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community both
R5
router bgp 100
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source lo0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
CE-PE routing Configuration
R4
router rip
address-family ipv4 vrf MSSK
network 192.1.46.0
no auto-summary
version 2
R6
router rip
version 2
network 6.0.0.0
network 192.1.46.0
no auto-summary
R5
router rip
address-family ipv4 vrf MSSK
network 192.1.57.0
no auto-summary
version 2
R7
router rip
170

version 2
network 7.0.0.0
network 192.1.57.0
no auto-summary
VPN Configuration
R4
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
network 192.1.46.0
R5
router rip
address-family ipv4 vrf MSSK
redistribute bgp 100 metric 1
router bgp 100
address-family ipv4 vrf MSSK
redistribute rip
network 192.1.57.0
MPLS TE Configuration
R1
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet1/1
ip address 192.1.13.1 255.255.255.0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
171

mpls traffic-eng area 0


R2
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
R3
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
R4
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 5.5.5.5
172

tunnel mpls traffic-eng autoroute announce


tunnel mpls traffic-eng path-option 1 dynamic
R5
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 4.4.4.4
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 dynamic
Verifications
R4#show bgp vpnv4 unicast all summary
BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
5.5.5.5
4

AS MsgRcvd MsgSent
100

77

77

TblVer InQ OutQ Up/Down


0

0 01:05:24

R4#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

173

Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 6.6.6.6/32
192.1.46.6
1
32768 ?
*>i 7.7.7.7/32
5.5.5.5
1 100
0?
*> 192.1.46.0
0.0.0.0
0
32768 i
*>i 192.1.57.0
5.5.5.5
0 100
0i
R5#show bgp vpnv4 unicast all summary
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 624 bytes of memory
4 path entries using 320 bytes of memory
4/4 BGP path/bestpath attribute entries using 576 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1544 total bytes of memory
BGP activity 4/0 prefixes, 4/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
4.4.4.4
4

AS MsgRcvd MsgSent
100

77

77

TblVer InQ OutQ Up/Down


0

0 01:05:37

R5#show bgp vpnv4 unicast all


BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 6.6.6.6/32
4.4.4.4
1 100
0?
*> 7.7.7.7/32
192.1.57.7
1
32768 ?
*>i 192.1.46.0
4.4.4.4
0 100
0i
*> 192.1.57.0
0.0.0.0
0
32768 i
R3#show mpls forwarding-table
Local
Outgoing Prefix
Bytes Label
Label
Label
or Tunnel Id
Switched
R4#sh int tun 0
Tunnel0 is up, line protocol is up
Hardware is Tunnel
174

Outgoing Next Hop


interface

Interface is unnumbered. Using address of Loopback0 (4.4.4.4)


MTU 17936 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 4.4.4.4, destination 5.5.5.5
Tunnel protocol/transport Label Switching
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output 00:00:02, output hang never
Last clearing of "show interface" counters 00:45:54
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts (0 IP multicasts)
0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
119 packets output, 6902 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
R5#show interfaces tunnel 0
Tunnel0 is up, line protocol is up
Hardware is Tunnel
Interface is unnumbered. Using address of Loopback0 (5.5.5.5)
MTU 17936 bytes, BW 100 Kbit/sec, DLY 50000 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation TUNNEL, loopback not set
Keepalive not set
Tunnel source 5.5.5.5, destination 4.4.4.4
Tunnel protocol/transport Label Switching
Tunnel transmit bandwidth 8000 (kbps)
Tunnel receive bandwidth 8000 (kbps)
Last input never, output 00:00:03, output hang never
Last clearing of "show interface" counters 00:45:39
Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
Queueing strategy: fifo
Output queue: 0/0 (size/max)
5 minute input rate 0 bits/sec, 0 packets/sec
5 minute output rate 0 bits/sec, 0 packets/sec
0 packets input, 0 bytes, 0 no buffer
175

Received 0 broadcasts (0 IP multicasts)


0 runts, 0 giants, 0 throttles
0 input errors, 0 CRC, 0 frame, 0 overrun, 0 ignored, 0 abort
118 packets output, 7915 bytes, 0 underruns
0 output errors, 0 collisions, 0 interface resets
0 unknown protocol drops
0 output buffer failures, 0 output buffers swapped out
R4#show mpls traffic-eng tunnels summary
Signalling Summary:
LSP Tunnels Process:
running
Passive LSP Listener:
running
RSVP Process:
running
Forwarding:
enabled
Periodic reoptimization:
every 3600 seconds, next in 2931 seconds
Periodic FRR Promotion:
Not Running
Periodic auto-bw collection: every 300 seconds, next in 231 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
1 failed activations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1
P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0
R4#show mpls traffic-eng tunnels tunnel 0
Name: R4_t0
(Tunnel0) Destination: 5.5.5.5
Status:
Admin: up
Oper: up
Path: valid
Signalling: connected
path option 1, type dynamic (Basis for Setup, path weight 3)
Config Parameters:
Bandwidth: 0
kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: dynamic path option 1 is active
176

BandwidthOverride: disabled LockDown: disabled Verbatim: disabled


InLabel : OutLabel : FastEthernet1/0, 16
Next Hop : 192.1.14.1
RSVP Signalling Info:
Src 4.4.4.4, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.14.4
Explicit Route: 192.1.14.1 192.1.12.1 192.1.12.2 192.1.25.2
192.1.25.5 5.5.5.5
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
Shortest Unconstrained Path Info:
Path Weight: 3 (TE)
Explicit Route: 192.1.14.4 192.1.14.1 192.1.12.1 192.1.12.2
192.1.25.2 192.1.25.5 5.5.5.5
History:
Tunnel:
Time since created: 46 minutes, 31 seconds
Time since path change: 46 minutes, 19 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 46 minutes, 19 seconds
R5#show mpls traffic-eng tunnels summary
Signalling Summary:
LSP Tunnels Process:
running
Passive LSP Listener:
running
RSVP Process:
running
Forwarding:
enabled
Periodic reoptimization:
every 3600 seconds, next in 2927 seconds
Periodic FRR Promotion:
Not Running
Periodic auto-bw collection: every 300 seconds, next in 227 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
1 failed activations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1

177

P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0
R5#show mpls traffic-eng tunnels tunnel 0
Name: R5_t0
(Tunnel0) Destination: 4.4.4.4
Status:
Admin: up
Oper: up
Path: valid
Signalling: connected
path option 1, type dynamic (Basis for Setup, path weight 3)
Config Parameters:
Bandwidth: 0
kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: dynamic path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : OutLabel : FastEthernet1/0, 17
Next Hop : 192.1.25.2
RSVP Signalling Info:
Src 5.5.5.5, Dst 4.4.4.4, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.25.5
Explicit Route: 192.1.25.2 192.1.12.2 192.1.12.1 192.1.14.1
192.1.14.4 4.4.4.4
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
Shortest Unconstrained Path Info:
Path Weight: 3 (TE)
Explicit Route: 192.1.25.5 192.1.25.2 192.1.12.2 192.1.12.1
192.1.14.1 192.1.14.4 4.4.4.4
History:
Tunnel:
Time since created: 46 minutes, 34 seconds
178

Time since path change: 46 minutes, 32 seconds


Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 46 minutes, 32 seconds
R4#show mpls forwarding-table detail
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
No Label 192.1.46.0/24[V] 3512
aggregate/MSSK
MAC/Encaps=0/0, MRU=0, Label Stack{}
VPN route: MSSK
No output feature configured
17
No Label 6.6.6.6/32[V] 4754
Fa1/1
192.1.46.6
MAC/Encaps=14/14, MRU=1504, Label Stack{}
CA0520C7001CCA0320B7001D0800
VPN route: MSSK
No output feature configured
R5#show mpls forwarding-table detail
Local
Outgoing Prefix
Bytes Label Outgoing Next Hop
Label
Label
or Tunnel Id
Switched
interface
16
No Label 192.1.57.0/24[V] 2942
aggregate/MSSK
MAC/Encaps=0/0, MRU=0, Label Stack{}
VPN route: MSSK
No output feature configured
17
No Label 7.7.7.7/32[V] 4764
Fa1/1
192.1.57.7
MAC/Encaps=14/14, MRU=1504, Label Stack{}
CA0620D7001CCA0420C7001D0800
VPN route: MSSK
No output feature configured
R1#sh ip rsvp neighbor
Neighbor
Encapsulation Time since msg rcvd/sent
192.1.12.2
Raw IP
00:00:13 00:00:07
192.1.14.4
Raw IP
00:00:05 00:00:21
* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.
R2#show ip rsvp neighbor
Neighbor
Encapsulation Time since msg rcvd/sent
192.1.12.1
Raw IP
00:00:15 00:00:06
192.1.25.5
Raw IP
00:00:06 00:00:11
* Neighbors inactive for more than one hour are not shown.
179

Use the "inactive" keyword to display them.


R3#sh ip rsvp neighbor
Neighbor
Encapsulation Time since msg rcvd/sent
* Neighbors inactive for more than one hour are not shown.
Use the "inactive" keyword to display them.
R6#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R

7.0.0.0/32 is subnetted, 1 subnets


7.7.7.7 [120/1] via 192.1.46.4, 00:00:05, FastEthernet1/0
192.1.57.0/24 [120/1] via 192.1.46.4, 00:00:05, FastEthernet1/0

R6#ping 7.7.7.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/72/88 ms
R6#traceroute 7.7.7.7 numeric
Type escape sequence to abort.
Tracing the route to 7.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.46.4 16 msec 12 msec 12 msec
2 192.1.14.1 [MPLS: Labels 16/17 Exp 0] 92 msec 88 msec 64 msec
3 192.1.12.2 [MPLS: Labels 16/17 Exp 0] 68 msec 64 msec 60 msec
4 192.1.57.5 [MPLS: Label 17 Exp 0] 68 msec 44 msec 56 msec
5 192.1.57.7 92 msec * 60 msec
R7#sh ip route rip
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
180

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2


ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
R
R

6.0.0.0/32 is subnetted, 1 subnets


6.6.6.6 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0
192.1.46.0/24 [120/1] via 192.1.57.5, 00:00:21, FastEthernet1/0

R7#ping 6.6.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 40/68/88 ms
R7#traceroute 6.6.6.6 numeric
Type escape sequence to abort.
Tracing the route to 6.6.6.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.57.5 8 msec 12 msec 8 msec
2 192.1.25.2 [MPLS: Labels 17/17 Exp 0] 84 msec 52 msec 64 msec
3 192.1.12.1 [MPLS: Labels 17/17 Exp 0] 48 msec 84 msec 56 msec
4 192.1.46.4 [MPLS: Label 17 Exp 0] 48 msec 44 msec 44 msec
5 192.1.46.6 48 msec * 76 msec

181

MPLS 6PE
Network Diagram
Lo0
1.1.1.1/32

S1/0

2001:db8:24::/64
192.1.12.0/24

Lo0
2.2.2.2/32

Lo0
4.4.4.4/32
2001:db8::4/128

R2

R1

S1/1

LSP
IBGP

F2/0

19
2.1
.13

.0/
24
S1/0

Lo0
3.3.3.3/32

R3
F2/0
Static

Static
F1/0

F1/0

R5

R4

Configurations
VRF Configuration
R2
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
int f2/0
ip vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
int f2/0
ip vrf forwarding MSSK
182

192.1.45.0/24
2001:db8:35::/64

2
19

24
.0/ S1/0
2
1
.1.

OSPF Domain
Area 0

Lo0
5.5.5.5/32
2001:db8::5/128

ip address 192.1.35.3 255.255.255.0


IPv6 Addressing Configuration
R2
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:24::2/64
R3
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:35::3/64
R4
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:24::4/64
interface Loopback0
ipv6 address 2001:DB8::4/128
R5
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:35::5/64
interface Loopback0
ipv6 address 2001:DB8::5/128
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
183

network 192.1.13.1 0.0.0.0 area 0


R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
184

neighbor 3.3.3.3 remote-as 100


neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
ipv6 route 2001:DB8::4/128 2001:DB8:24::4
R4
ipv6 route ::/0 2001:DB8:24::2
R3
ipv6 route 2001:DB8::5/128 2001:DB8:35::5
R5
ipv6 route ::/0 2001:DB8:35::3
VPN Configuration
R2
router bgp 100
address-family ipv6
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-label
network 2001:DB8:24::/64
redistribute static
R3
router bgp 100
address-family ipv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-label
network 2001:DB8:35::/64
185

redistribute static
Verifications
R2#show bgp ipv6 unicast summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 672 bytes of memory
4 path entries using 416 bytes of memory
4/4 BGP path/bestpath attribute entries using 544 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1656 total bytes of memory
BGP activity 15/7 prefixes, 15/7 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
3.3.3.3
4

AS MsgRcvd MsgSent
100

62

55

TblVer InQ OutQ Up/Down


0

0 00:36:51

R2#show bgp ipv6 unicast


BGP table version is 7, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
*> 2001:DB8::4/128 2001:DB8:24::4
0
32768 ?
*>i 2001:DB8::5/128 ::FFFF:3.3.3.3
0 100
0?
*> 2001:DB8:24::/64 ::
0
32768 i
*>i 2001:DB8:35::/64 ::FFFF:3.3.3.3
0 100
0i
R3#show bgp ipv6 unicast summary
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 7, main routing table version 7
4 network entries using 672 bytes of memory
4 path entries using 416 bytes of memory
4/4 BGP path/bestpath attribute entries using 544 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1656 total bytes of memory
BGP activity 13/5 prefixes, 13/5 paths, scan interval 60 secs
186

Neighbor
V
State/PfxRcd
2.2.2.2
4

AS MsgRcvd MsgSent
100

55

62

TblVer InQ OutQ Up/Down


0

0 00:37:11

R3#show bgp ipv6 unicast


BGP table version is 7, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
*>i 2001:DB8::4/128 ::FFFF:2.2.2.2
0 100
0?
*> 2001:DB8::5/128 2001:DB8:35::5
0
32768 ?
*>i 2001:DB8:24::/64 ::FFFF:2.2.2.2
0 100
0i
*> 2001:DB8:35::/64 ::
0
32768 i
R4#sh ipv6 route
IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:24::2
LC 2001:DB8::4/128 [0/0]
via Loopback0, receive
C 2001:DB8:24::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:24::4/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive
R4#ping 2001:DB8::5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::5, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/25/44 ms

187

R5#sh ipv6 route


IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:35::3
LC 2001:DB8::5/128 [0/0]
via Loopback0, receive
C 2001:DB8:35::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:35::5/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive
R5#ping 2001:DB8::4 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::4, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/20/28 ms

188

MPLS 6VPE
Network Diagram
Lo0
1.1.1.1/32

S1/0

2001:db8:24::/64
192.1.12.0/24

Lo0
2.2.2.2/32

Lo0
4.4.4.4/32
2001:db8::4/128

R2

R1

S1/1

LSP
IBGP

F2/0

19
2.1
.13

.0/
24
S1/0

R3
F2/0
Static

Static
F1/0

F1/0

R5

R4

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export
route-target import
address-family ipv6
route-target export
route-target import

Lo0
3.3.3.3/32

100:1
100:1
100:1
100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0
R3
vrf definition MSSK
rd 100:1
address-family ipv4
189

192.1.45.0/24
2001:db8:35::/64

2
19

24
.0/ S1/0
2
1
.1.

OSPF Domain
Area 0

Lo0
5.5.5.5/32
2001:db8::5/128

route-target export
route-target import
address-family ipv6
route-target export
route-target import

100:1
100:1
100:1
100:1

int f2/0
vrf forwarding MSSK
ip address 192.1.35.3 255.255.255.0
IPv6 Addressing Configuration
R2
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:24::2/64
R3
ipv6 unicast-routing
ipv6 cef
interface FastEthernet2/0
ipv6 address 2001:DB8:35::3/64
R4
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:24::4/64
interface Loopback0
ipv6 address 2001:DB8::4/128
R5
ipv6 unicast-routing
ipv6 cef
interface FastEthernet1/0
ipv6 address 2001:DB8:35::5/64
interface Loopback0
ipv6 address 2001:DB8::5/128
190

IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.12.1 0.0.0.0 area 0
network 192.1.13.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.13.3 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int s1/0
mpls ip
int s1/1
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s1/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force

191

int s1/0
mpls ip
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv6
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source lo0
address-family vpnv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
CE-PE routing Configuration
R2
ipv6 route vrf MSSK 2001:DB8::4/128 2001:DB8:24::4
R4
ipv6 route ::/0 2001:DB8:24::2
R3
ipv6 route vrf MSSK 2001:DB8::5/128 2001:DB8:35::5
R5
ipv6 route ::/0 2001:DB8:35::3
VPN Configuration
R2
router bgp 100
address-family ipv6 vrf MSSK
redistribute static
redistribute connected

192

R3
router bgp 100
address-family ipv6 vrf MSSK
redistribute static
redistribute connected
Verifications
R4#sh ipv6 route
IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:24::2
LC 2001:DB8::4/128 [0/0]
via Loopback0, receive
C 2001:DB8:24::/64 [0/0]
via FastEthernet1/0, directly connected
L 2001:DB8:24::4/128 [0/0]
via FastEthernet1/0, receive
L FF00::/8 [0/0]
via Null0, receive
R4#ping 2001:DB8::5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::5, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/23/28 ms
R5#sh ipv6 route
IPv6 Routing Table - default - 5 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, R - RIP, H - NHRP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external, ND - ND Default, NDp - ND Prefix, DCE - Destination
NDr - Redirect, O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1
OE2 - OSPF ext 2, ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2, l - LISP
S ::/0 [1/0]
via 2001:DB8:35::3
LC 2001:DB8::5/128 [0/0]
193

C
L
L

via Loopback0, receive


2001:DB8:35::/64 [0/0]
via FastEthernet1/0, directly connected
2001:DB8:35::5/128 [0/0]
via FastEthernet1/0, receive
FF00::/8 [0/0]
via Null0, receive

R5#ping 2001:DB8::4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8::4, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8::5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms

194

MPLS Internet Access


Network Diagram

AS#200

AS#100

R6

R2

R3

R7

R4

AS#200

R1

AS#1

R5

Internet

R8

Configurations
VRF Configuration
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
interface FastEthernet1/0
vrf forwarding MSSK
ip address 172.1.12.2 255.255.255.0
195

AS#300

R4
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
interface FastEthernet1/1
vrf forwarding MSSK
ip address 172.1.45.4 255.255.255.0
R6
vrf definition ABC
rd 200:1
address-family ipv4
route-target export 200:1
route-target import 200:1
interface FastEthernet1/1
vrf forwarding ABC
ip address 172.1.67.6 255.255.255.0
IGP Configuration
R2
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/1
ip router isis 1
R3
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0003.00
196

is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/0
ip router isis 1
interface FastEthernet1/1
ip router isis 1
interface FastEthernet2/0
ip router isis 1
R4
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/0
ip router isis 1
R6
mpls label protocol ldp
mpls ldp router-id lo0 force
router isis 1
net 49.0001.0000.0000.0006.00
is-type level-2-only
passive-interface Loopback0
mpls ldp autoconfig
interface FastEthernet1/0
ip router isis 1
MP-BGP Configuration
R2
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
197

neighbor 3.3.3.3 update-source Loopback0


address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R4
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
neighbor 6.6.6.6 remote-as 100
neighbor 6.6.6.6 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
neighbor 2.2.2.2 route-reflector-client
neighbor 2.2.2.2 next-hop-self
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community both
neighbor 4.4.4.4 route-reflector-client
neighbor 4.4.4.4 next-hop-self
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-community both
neighbor 6.6.6.6 route-reflector-client
neighbor 6.6.6.6 next-hop-self
R6
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
198

CE-PE routing Configuration


R1
router bgp 200
no bgp default ipv4-unicast
neighbor 172.1.12.2 remote-as 100
address-family ipv4
network 172.16.1.1 mask 255.255.255.255
neighbor 172.1.12.2 activate
R2
router bgp 100
address-family ipv4 vrf MSSK
neighbor 172.1.12.1 remote-as 200
neighbor 172.1.12.1 activate
neighbor 172.1.12.1 send-community both
neighbor 172.1.12.1 as-override
R4
router bgp 100
address-family ipv4 vrf MSSK
neighbor 172.1.45.5 remote-as 200
neighbor 172.1.45.5 activate
neighbor 172.1.45.5 send-community both
neighbor 172.1.45.5 as-override
R5
router bgp 200
no bgp default ipv4-unicast
neighbor 172.1.45.4 remote-as 100
address-family ipv4
network 172.16.5.5 mask 255.255.255.255
neighbor 172.1.45.4 activate
R6
router bgp 100
address-family ipv4 vrf ABC
neighbor 172.1.67.7 remote-as 300
neighbor 172.1.67.7 activate
neighbor 172.1.67.7 send-community both
R7
router bgp 300
no bgp default ipv4-unicast
199

neighbor 172.1.67.6 remote-as 100


address-family ipv4
network 192.168.7.7 mask 255.255.255.255
neighbor 172.1.67.6 activate
NAT Configuration
R3
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1
vrf definition ABC
rd 200:1
address-family ipv4
route-target export 200:1
route-target import 200:1
interface FastEthernet1/0
ip nat inside
interface FastEthernet1/1
ip nat inside
interface FastEthernet2/0
ip nat inside
interface FastEthernet2/1
ip nat outside
router bgp 100
neighbor 192.1.38.8 remote-as 1
address-family ipv4
network 212.118.0.0
network 212.118.1.0
neighbor 192.1.38.8 activate
address-family ipv4 vrf ABC
network 0.0.0.0
address-family ipv4 vrf MSSK
network 0.0.0.0
ip nat pool MSSK_POOL 212.118.0.0 212.118.0.255 prefix-length 24
ip nat pool ABC_POOL 212.118.1.0 212.118.1.255 prefix-length 24
200

ip nat inside source list RFC pool ABC_POOL vrf ABC


ip nat inside source list RFC pool MSSK_POOL vrf MSSK
ip access-list standard RFC
permit 10.0.0.0 0.255.255.255
permit 172.16.0.0 0.15.255.255
permit 192.168.0.0 0.0.255.255
ip
ip
ip
ip

route
route
route
route

212.118.0.0 255.255.255.0 Null0


212.118.1.0 255.255.255.0 Null0
vrf MSSK 0.0.0.0 0.0.0.0 192.1.38.8 global
vrf ABC 0.0.0.0 0.0.0.0 192.1.38.8 global

R8
router bgp 1
no bgp default ipv4-unicast
neighbor 192.1.38.3 remote-as 100
address-family ipv4
network 8.8.8.8 mask 255.255.255.255
neighbor 192.1.38.3 activate
Verifications
Let us first check VPN connectivity
R1#ping 172.16.5.5 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.5.5, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 580/646/724 ms
R5#ping 172.16.1.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/205/404 ms
And, according to the configuration above, each CE must have a default route in
their routing table
R1#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
201

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2


E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 172.1.12.2 to network 0.0.0.0
B*
C
L
C
B

0.0.0.0/0 [20/0] via 172.1.12.2, 00:02:32


172.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
172.1.12.0/24 is directly connected, FastEthernet1/0
172.1.12.1/32 is directly connected, FastEthernet1/0
172.16.0.0/32 is subnetted, 2 subnets
172.16.1.1 is directly connected, Loopback0
172.16.5.5 [20/0] via 172.1.12.2, 00:15:03

R1#sh ip bgp
BGP table version is 4, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
*> 0.0.0.0
172.1.12.2
*> 172.16.1.1/32 0.0.0.0
*> 172.16.5.5/32 172.1.12.2

Metric LocPrf Weight Path


0 100 i
0
32768 i
0 100 100 i

R5#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 172.1.45.4 to network 0.0.0.0
B*
C

0.0.0.0/0 [20/0] via 172.1.45.4, 00:02:44


172.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
172.1.45.0/24 is directly connected, FastEthernet1/0
202

L
B
C

172.1.45.5/32 is directly connected, FastEthernet1/0


172.16.0.0/32 is subnetted, 2 subnets
172.16.1.1 [20/0] via 172.1.45.4, 00:15:16
172.16.5.5 is directly connected, Loopback0

R5#sh ip bgp
BGP table version is 4, local router ID is 172.16.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
*> 0.0.0.0
172.1.45.4
*> 172.16.1.1/32 172.1.45.4
*> 172.16.5.5/32 0.0.0.0

Metric LocPrf Weight Path


0 100 i
0 100 100 i
0
32768 i

R7#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 172.1.67.6 to network 0.0.0.0
B*
C
L
C

0.0.0.0/0 [20/0] via 172.1.67.6, 00:02:52


172.1.0.0/16 is variably subnetted, 2 subnets, 2 masks
172.1.67.0/24 is directly connected, FastEthernet1/0
172.1.67.7/32 is directly connected, FastEthernet1/0
192.168.7.0/32 is subnetted, 1 subnets
192.168.7.7 is directly connected, Loopback0

R7#sh ip bgp
BGP table version is 3, local router ID is 192.168.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

203

Network
Next Hop
*> 0.0.0.0
172.1.67.6
*> 192.168.7.7/32 0.0.0.0

Metric LocPrf Weight Path


0 100 i
0
32768 i

Not, let us check if the NAT configuration is working fine


8.8.8.8 Destination represents the Internet in our case
R1#ping 8.8.8.8 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/151/632 ms
R5#ping 8.8.8.8 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 172.16.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 32/126/360 ms
R7#ping 8.8.8.8 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 192.168.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 44/539/956 ms
R3#sh ip nat translations
Pro Inside global
Inside local
Outside local
Outside global
icmp 212.118.0.2:4
172.16.1.1:4
8.8.8.8:4
8.8.8.8:4
--- 212.118.0.2
172.16.1.1
----icmp 212.118.0.1:1
172.16.5.5:1
8.8.8.8:1
8.8.8.8:1
--- 212.118.0.1
172.16.5.5
----icmp 212.118.1.1:0
192.168.7.7:0
8.8.8.8:0
8.8.8.8:0
--- 212.118.1.1
192.168.7.7
-----

204

MPLS QoS
Network Diagram

R4

R5

R6

R7

OSPF A0

OSPF A0

R2

0
10
gp 0 0
-2

AS 100

Eb

R1

AS 100

ISIS L2
49.0001

Eb

gp
20 10
0 0

R3

Elements
We are going to examine QoS configuration through our MPLS backbone and across the
L3VPN connection implemented to maintain connectivity between site #1(R4, R6) and
site #2 (R5, R7)
ISIS level-2 will be the IGP used inside our MPLS backbone, and BGP will be the PE-CE
routing protocol, OSPF will be the CE-C routing protocol

Configurations
R1
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1
route-target import 100:1

205

mpls label protocol ldp


mpls ldp router-id Loopback0 force
interface Loopback0
ip address 1.1.1.1 255.255.255.255
ip router isis 1
interface FastEthernet1/0
ip address 192.1.13.1 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.14.1 255.255.255.0
speed 100
duplex full
router isis 1
net 49.0001.0000.0000.0001.00
is-type level-2-only
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
address-family ipv4 vrf MSSK
network 192.1.14.0
neighbor 192.1.14.4 remote-as 200
neighbor 192.1.14.4 activate
neighbor 192.1.14.4 as-override
R2
vrf definition MSSK
rd 100:1
address-family ipv4
route-target export 100:1

206

route-target import 100:1


exit-address-family
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface Loopback0
ip address 2.2.2.2 255.255.255.255
ip router isis 1
interface FastEthernet1/0
ip address 192.1.23.2 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut
interface FastEthernet1/1
vrf forwarding MSSK
ip address 192.1.25.2 255.255.255.0
speed 100
duplex full
no shut
router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
address-family ipv4 vrf MSSK
network 192.1.25.0
neighbor 192.1.25.5 remote-as 200
neighbor 192.1.25.5 activate
neighbor 192.1.25.5 as-override

207

R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
interface Loopback0
ip address 3.3.3.3 255.255.255.255
ip router isis 1
interface FastEthernet1/0
ip address 192.1.13.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut
interface FastEthernet1/1
ip address 192.1.23.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
no shut
router isis 1
net 49.0001.0000.0000.0003.00
is-type level-2-only
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
neighbor 1.1.1.1 route-reflector-client
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
neighbor 2.2.2.2 route-reflector-client
R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255

208

interface FastEthernet1/0
ip address 192.1.14.4 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.46.4 255.255.255.0
speed 100
duplex full
no shut
router ospf 1
router-id 4.4.4.4
redistribute bgp 200 subnets
network 192.1.46.4 0.0.0.0 area 0
router bgp 200
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 192.1.14.1 remote-as 100
address-family ipv4
network 4.4.4.4 mask 255.255.255.255
redistribute ospf 1
neighbor 192.1.14.1 activate
exit-address-family
R5
interface Loopback0
ip address 5.5.5.5 255.255.255.255
interface FastEthernet1/0
ip address 192.1.25.5 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.57.5 255.255.255.0
speed 100
duplex full
no shut
router ospf 1
router-id 5.5.5.5

209

redistribute bgp 200 subnets


network 192.1.57.5 0.0.0.0 area 0
router bgp 200
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 192.1.25.2 remote-as 100
address-family ipv4
network 5.5.5.5 mask 255.255.255.255
redistribute ospf 1
neighbor 192.1.25.2 activate
exit-address-family
R6
interface Loopback0
ip address 6.6.6.6 255.255.255.255
interface FastEthernet1/0
ip address 192.1.46.6 255.255.255.0
speed 100
duplex full
no shut
router ospf 1
router-id 6.6.6.6
network 6.6.6.6 0.0.0.0 area 0
network 192.1.46.6 0.0.0.0 area 0
R7
interface Loopback0
ip address 7.7.7.7 255.255.255.255
interface FastEthernet1/0
ip address 192.1.57.7 255.255.255.0
speed 100
duplex full
no shut
router ospf 1
router-id 7.7.7.7
network 7.7.7.7 0.0.0.0 area 0
network 192.1.57.7 0.0.0.0 area 0

Verifications
210

R1#show bgp vpnv4 unicast all


BGP table version is 13, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 4.4.4.4/32
192.1.14.4
0
0 200 i
*>i 5.5.5.5/32
2.2.2.2
0 100
0 200 i
*> 6.6.6.6/32
192.1.14.4
2
0 200 ?
*>i 7.7.7.7/32
2.2.2.2
2 100
0 200 ?
*> 192.1.14.0
0.0.0.0
0
32768 i
*>i 192.1.25.0
2.2.2.2
0 100
0i
*> 192.1.46.0
192.1.14.4
0
0 200 ?
*>i 192.1.57.0
2.2.2.2
0 100
0 200 ?
R2#show bgp vpnv4 unicast all
BGP table version is 13, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 4.4.4.4/32
1.1.1.1
0 100
0 200 i
*> 5.5.5.5/32
192.1.25.5
0
0 200 i
*>i 6.6.6.6/32
1.1.1.1
2 100
0 200 ?
*> 7.7.7.7/32
192.1.25.5
2
0 200 ?
*>i 192.1.14.0
1.1.1.1
0 100
0i
*> 192.1.25.0
0.0.0.0
0
32768 i
*>i 192.1.46.0
1.1.1.1
0 100
0 200 ?
*> 192.1.57.0
192.1.25.5
0
0 200 ?
R4#show ip bgp
BGP table version is 9, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

211

Network
*> 4.4.4.4/32
*> 5.5.5.5/32
*> 6.6.6.6/32
*> 7.7.7.7/32
r> 192.1.14.0
*> 192.1.25.0
*> 192.1.46.0
*> 192.1.57.0

Next Hop
0.0.0.0
192.1.14.1
192.1.46.6
192.1.14.1
192.1.14.1
192.1.14.1
0.0.0.0
192.1.14.1

Metric LocPrf Weight Path


0
32768 i
0 100 100 i
2
32768 ?
0 100 100 ?
0
0 100 i
0 100 i
0
32768 ?
0 100 100 ?

R4#ping 5.5.5.5 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 36/65/132 ms
R5#sh ip bgp
BGP table version is 9, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
*> 4.4.4.4/32
*> 5.5.5.5/32
*> 6.6.6.6/32
*> 7.7.7.7/32
*> 192.1.14.0
r> 192.1.25.0
*> 192.1.46.0
*> 192.1.57.0

Next Hop
192.1.25.2
0.0.0.0
192.1.25.2
192.1.57.7
192.1.25.2
192.1.25.2
192.1.25.2
0.0.0.0

Metric LocPrf Weight Path


0 100 100 i
0
32768 i
0 100 100 ?
2
32768 ?
0 100 i
0
0 100 i
0 100 100 ?
0
32768 ?

R5#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 5.5.5.5
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/44/88 ms
R6#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2

212

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2


ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
O E2
4.4.4.4 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
5.0.0.0/32 is subnetted, 1 subnets
O E2
5.5.5.5 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
7.0.0.0/32 is subnetted, 1 subnets
O E2
7.7.7.7 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
O E2 192.1.25.0/24 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
O E2 192.1.57.0/24 [110/1] via 192.1.46.4, 1d02h, FastEthernet1/0
R6#ping 7.7.7.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/85/140 ms
R7#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
4.0.0.0/32 is subnetted, 1 subnets
O E2
4.4.4.4 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
5.0.0.0/32 is subnetted, 1 subnets
O E2
5.5.5.5 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
6.0.0.0/32 is subnetted, 1 subnets
O E2
6.6.6.6 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
O E2 192.1.14.0/24 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
O E2 192.1.46.0/24 [110/1] via 192.1.57.5, 1d02h, FastEthernet1/0
R7#ping 6.6.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 6.6.6.6, timeout is 2 seconds:
Packet sent with a source address of 7.7.7.7

213

!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/72/96 ms
Now, as reachability is in place let us start diving in configuring MPLS QoS
We will start from the C routers and configure it for IP Precedence classification
Let us choose precedence values 1, 2, 3 and 6
We will depend on MQC model to for our purposes
R6
class-map PRECEDENCE_6
match ip precedence 6
class-map PRECEDENCE_3
match ip precedence 3
class-map PRECEDENCE_2
match ip precedence 2
class-map PRECEDENCE_1
match ip precedence 1
policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6
interface FastEthernet1/0
service-policy input MATCH
R7
class-map PRECEDENCE_6
match ip precedence 6
class-map PRECEDENCE_3
match ip precedence 3
class-map PRECEDENCE_2
match ip precedence 2
class-map PRECEDENCE_1
match ip precedence 1
policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6
interface FastEthernet1/0
service-policy input MATCH
R6#ping 7.7.7.7 repeat 10

214

Type escape sequence to abort.


Sending 10, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!!!!!!
Success rate is 100 percent (10/10), round-trip min/avg/max = 48/85/156 ms
R6#show policy-map interface fastEthernet 1/0
FastEthernet1/0
Service-policy input: MATCH
Class-map: PRECEDENCE_1 (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 1
Class-map: PRECEDENCE_2 (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 2
Class-map: PRECEDENCE_3 (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 3
Class-map: PRECEDENCE_6 (match-all)
2 packets, 188 bytes
5 minute offered rate 0000 bps
Match: ip precedence 6
Class-map: class-default (match-any)
10 packets, 1140 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
R7#show policy-map interface fastEthernet 1/0
FastEthernet1/0
Service-policy input: MATCH
Class-map: PRECEDENCE_1 (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 1
Class-map: PRECEDENCE_2 (match-all)
0 packets, 0 bytes

215

5 minute offered rate 0000 bps


Match: ip precedence 2
Class-map: PRECEDENCE_3 (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 3
Class-map: PRECEDENCE_6 (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps
Match: ip precedence 6
Class-map: class-default (match-any)
10 packets, 1140 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
As we can see the ICMP packets fall in the class-default, and the PRECEDENCE_6 class
counts as it relates to routing updates and keepalives and so on
Now, let us choose three applications: TELNET, TFTP and ICMP
We will configure CE routers to assign these applications precedence values as they are
leaving toward the MPLS backbone
R4
ip access-list extended TELNET
permit tcp any any eq telnet
permit tcp any eq telnet any
ip access-list extended TFTP
permit udp any any eq 69
ip access-list extended ICMP
permit icmp any any
class-map ICMP_CLASS
match access-group name ICMP
class-map TFTP_CLASS
match access-group name TFTP
class-map TELNET_CLASS
match access-group name TELNET
policy-map MARK
class TELNET_CLASS
set ip precedence 1
class TFTP_CLASS

216

set ip precedence 2
class ICMP_CLASS
set ip precedence 3
class class-default
set ip precedence 6
interface FastEthernet1/0
service-policy output MARK
R5
ip access-list extended TELNET
permit tcp any any eq telnet
permit tcp any eq telnet any
ip access-list extended TFTP
permit udp any any eq 69
ip access-list extended ICMP
permit icmp any any
class-map ICMP_CLASS
match access-group name ICMP
class-map TFTP_CLASS
match access-group name TFTP
class-map TELNET_CLASS
match access-group name TELNET
policy-map MARK
class TELNET_CLASS
set ip precedence 1
class TFTP_CLASS
set ip precedence 2
class ICMP_CLASS
set ip precedence 3
class class-default
set ip precedence 6
interface FastEthernet1/0
service-policy output MARK
To enable telnet access
R6, R7
line vty 0 4
password cisco
login

217

enable secret cisco


For TFTP R7 will be the server and R6 will be the client
R7
tftp-server nvram:underlying-config
R4#show policy-map interface fastEthernet 1/0
FastEthernet1/0
Service-policy output: MARK
Class-map: TELNET_CLASS (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TELNET
QoS Set
precedence 1
Packets marked 0
Class-map: TFTP_CLASS (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TFTP
QoS Set
precedence 2
Packets marked 0
Class-map: ICMP_CLASS (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ICMP
QoS Set
precedence 3
Packets marked 0
Class-map: class-default (match-any)
3 packets, 495 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
QoS Set
precedence 6
Packets marked 0
R4#show policy-map interface fastEthernet 1/0 | inc Class|marked
Class-map: TELNET_CLASS (match-all)

218

Packets marked 0
Class-map: TFTP_CLASS (match-all)
Packets marked 0
Class-map: ICMP_CLASS (match-all)
Packets marked 0
Class-map: class-default (match-any)
Packets marked 0
R6#ping 7.7.7.7 repeat 20
Type escape sequence to abort.
Sending 20, 100-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (20/20), round-trip min/avg/max = 44/71/128 ms
R6#telnet 7.7.7.7
Trying 7.7.7.7 ... Open
User Access Verification
Password:
R7>en
Password:
R7#exit
[Connection to 7.7.7.7 closed by foreign host]
R6#copy tftp://7.7.7.7/underlying-config null:
Accessing tftp://7.7.7.7/underlying-config...
Loading underlying-config from 7.7.7.7 (via FastEthernet1/0): !
[OK - 233 bytes]
233 bytes copied in 0.252 secs (925 bytes/sec)
R4#show policy-map interface fastEthernet 1/0 | inc Class|marked
Class-map: TELNET_CLASS (match-all)
Packets marked 34
Class-map: TFTP_CLASS (match-all)
Packets marked 4
Class-map: ICMP_CLASS (match-all)
Packets marked 20
Class-map: class-default (match-any)
Packets marked 8
R5#show policy-map interface fastEthernet 1/0 | inc Class|marked
Class-map: TELNET_CLASS (match-all)
Packets marked 27
Class-map: TFTP_CLASS (match-all)

219

Packets marked 0
Class-map: ICMP_CLASS (match-all)
Packets marked 20
Class-map: class-default (match-any)
Packets marked 8
As we can see the count appears, but for TFTP traffic its a one way as one of the
routers is acting as a server and the other one is acting as a client
Now, let us implement some queuing and policing
Let us focus on ICMP traffic, we will configure a 3 rate policer as below (as traffic is
leaving toward the MPLS backbone)
Conform action: transmit
Exceed action: set the MPLS EXP bit to 5
Violate action: drop
R1
class-map EXP_CLASS
match mpls experimental topmost 3
policy-map EXP_POLICY
class EXP_CLASS
police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-transmit 5
violate-action drop
interface FastEthernet1/0
service-policy output EXP_POLICY
R1#sh policy-map interface fastEthernet 1/0
FastEthernet1/0
Service-policy output: EXP_POLICY
Class-map: EXP_CLASS (match-all)
20 packets, 2440 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: mpls experimental topmost 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 20 packets, 2440 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 0 packets, 0 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps

220

Class-map: class-default (match-any)


56172 packets, 21716570 bytes
5 minute offered rate 2000 bps, drop rate 0000 bps
Match: any
Now, let us configure on the P router (R3) MQC in order to check for the policy we
configured
R3
class-map match-all PRECEDENCE_6
match mpls experimental topmost 6
class-map match-all PRECEDENCE_5
match mpls experimental topmost 5
class-map match-all PRECEDENCE_3
match mpls experimental topmost 3
class-map match-all PRECEDENCE_2
match mpls experimental topmost 2
class-map match-all PRECEDENCE_1
match mpls experimental topmost 1
policy-map MATCH
class PRECEDENCE_1
class PRECEDENCE_2
class PRECEDENCE_3
class PRECEDENCE_6
class PRECEDENCE_5
interface FastEthernet1/0
ip address 192.1.13.3 255.255.255.0
ip router isis 1
speed 100
duplex full
mpls ip
service-policy input MATCH
Now , we will generate some traffic from R6 toward R7 (we will influence the size of
ICMP packets in order to see the dropped packets)
R6#ping 7.7.7.7 repeat 20 size 1600
Type escape sequence to abort.
Sending 20, 1600-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!.!!!.!!!.!!.!!!.!
Success rate is 75 percent (15/20), round-trip min/avg/max = 76/88/108 ms
R1#sh policy-map interface fastEthernet 1/0
FastEthernet1/0

221

Service-policy output: EXP_POLICY


Class-map: EXP_CLASS (match-all)
40 packets, 33280 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: mpls experimental topmost 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 30 packets, 18060 bytes; actions:
transmit
exceeded 5 packets, 7610 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 5 packets, 7610 bytes; actions:
drop
conformed 1000 bps, exceeded 1000 bps, violated 1000 bps
Class-map: class-default (match-any)
17 packets, 6964 bytes
5 minute offered rate 2000 bps, drop rate 0000 bps
Match: any
R3#show policy-map interface fastEthernet 1/0 | inc Class|packets
Class-map: PRECEDENCE_1 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_2 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_3 (match-all)
40 packets, 18480 bytes
Class-map: PRECEDENCE_6 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_5 (match-all)
10 packets, 7820 bytes
Class-map: class-default (match-any)
10 packets, 725 bytes
As we can see the PRECEDENCE_5 class is counting
Now, let us move our policy toward the customer side (toward R5), R5 does not
understand EXP bit as the disposition happens at its PE router: R2, so how we will apply
the same policy and queuing mechanism? We will configure what so called QoS groups
R2
class-map match-all INPUT_CLASS
match mpls experimental topmost 3
policy-map INPUT_POLICY

222

class INPUT_CLASS
set qos-group 3
interface FastEthernet1/0
service-policy input INPUT_POLICY
class-map match-all OUTPUT_CLASS
match qos-group 3
policy-map OUTPUT_POLICY
class OUTPUT_CLASS
police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-transmit 5
violate-action drop
interface FastEthernet1/1
service-policy output OUTPUT_POLICY
R6#ping 7.7.7.7 repeat 20 size 1600
Type escape sequence to abort.
Sending 20, 1600-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!.!!.!!.!!.!!.!!!.
Success rate is 70 percent (14/20), round-trip min/avg/max = 64/87/128 ms
R1#sh policy-map interface fastEthernet 1/0
FastEthernet1/0
Service-policy output: EXP_POLICY
Class-map: EXP_CLASS (match-all)
40 packets, 33280 bytes
5 minute offered rate 3000 bps, drop rate 1000 bps
Match: mpls experimental topmost 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 28 packets, 19156 bytes; actions:
transmit
exceeded 9 packets, 9558 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 3 packets, 4566 bytes; actions:
drop
conformed 2000 bps, exceeded 1000 bps, violated 1000 bps
Class-map: class-default (match-any)
25 packets, 10724 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any

223

R4#sh policy-map interface fastEthernet 1/0


FastEthernet1/0
Service-policy output: MARK
Class-map: TELNET_CLASS (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TELNET
QoS Set
precedence 1
Packets marked 0
Class-map: TFTP_CLASS (match-all)
0 packets, 0 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name TFTP
QoS Set
precedence 2
Packets marked 0
Class-map: ICMP_CLASS (match-all)
40 packets, 32960 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: access-group name ICMP
QoS Set
precedence 3
Packets marked 40
Class-map: class-default (match-any)
12 packets, 1380 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
QoS Set
precedence 6
Packets marked 2
R1#sh policy-map interface fastEthernet 1/0
FastEthernet1/0
Service-policy output: EXP_POLICY
Class-map: EXP_CLASS (match-all)
40 packets, 33280 bytes
5 minute offered rate 3000 bps, drop rate 1000 bps
Match: mpls experimental topmost 3
police:

224

cir 64000 bps, bc 2000 bytes, be 2000 bytes


conformed 28 packets, 19156 bytes; actions:
transmit
exceeded 9 packets, 9558 bytes; actions:
set-mpls-exp-topmost-transmit 5
violated 3 packets, 4566 bytes; actions:
drop
conformed 2000 bps, exceeded 1000 bps, violated 1000 bps
Class-map: class-default (match-any)
25 packets, 10724 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: any
R2#sh policy-map interface fastEthernet 1/0
FastEthernet1/0
Service-policy input: INPUT_POLICY
Class-map: INPUT_CLASS (match-all)
54 packets, 29212 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: mpls experimental topmost 3
QoS Set
qos-group 3
Packets marked 54
Class-map: class-default (match-any)
33 packets, 2430 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
R2#sh policy-map interface fastEthernet 1/1
FastEthernet1/1
Service-policy output: OUTPUT_POLICY
Class-map: OUTPUT_CLASS (match-all)
54 packets, 28996 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: qos-group 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 44 packets, 15452 bytes; actions:
transmit
exceeded 7 packets, 9074 bytes; actions:
set-mpls-exp-topmost-transmit 5

225

violated 3 packets, 4470 bytes; actions:


drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: class-default (match-any)
16 packets, 1603 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
Now, let us change the exceed action on R2
R2
policy-map OUTPUT_POLICY
class OUTPUT_CLASS
no police 64000 conform-action transmit exceed-action set-mpls-exp-topmost-transmit
5 violate-action drop
police 64000 conform-action transmit exceed-action set-prec-transmit 5 violate-action
drop
Configure R7 to catch PRECEDENCE_5
R7
class-map PRECEDENCE_5
match ip precedence 5
policy-map MATCH
class PRECEDENCE_5
R6#ping 7.7.7.7 repeat 20 size 1600
Type escape sequence to abort.
Sending 20, 1600-byte ICMP Echos to 7.7.7.7, timeout is 2 seconds:
!!!.!!!.!!.!!.!!!.!!
Success rate is 75 percent (15/20), round-trip min/avg/max = 60/93/148 ms
R2#sh policy-map interface fastEthernet 1/1
FastEthernet1/1
Service-policy output: OUTPUT_POLICY
Class-map: OUTPUT_CLASS (match-all)
104 packets, 54896 bytes
5 minute offered rate 1000 bps, drop rate 0000 bps
Match: qos-group 3
police:
cir 64000 bps, bc 2000 bytes, be 2000 bytes
conformed 44 packets, 16960 bytes; actions:
transmit

226

exceeded 6 packets, 8940 bytes; actions:


set-prec-transmit 5
violated 0 packets, 0 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: class-default (match-any)
47 packets, 4792 bytes
5 minute offered rate 0000 bps, drop rate 0000 bps
Match: any
R7#show policy-map interface fastEthernet 1/0 | inc Class|packet
Class-map: PRECEDENCE_1 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_2 (match-all)
0 packets, 0 bytes
Class-map: PRECEDENCE_3 (match-all)
44 packets, 16960 bytes
Class-map: PRECEDENCE_6 (match-all)
3 packets, 282 bytes
Class-map: PRECEDENCE_5 (match-all)
6 packets, 8940 bytes
Class-map: class-default (match-any)
0 packets, 0 bytes

MPLS EIGRP Backdoor Link


Network Diagram
227

192.1.12.0/24
F1/0

AS 1

S1/0
F1/0

R2

F1/1

F1/1

F1/0

F1/0

Lo0
3.3.3.3/32

R3

S2/0

192.1.34.0/24

Configuratioons
VRF Configuration
R1
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
interface FastEthernet1/1
ip vrf forwarding MSSK
ip address 192.1.13.1 255.255.255.0
R2
ip vrf MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
interface FastEthernet1/1
ip vrf forwarding MSSK
ip address 192.1.24.2 255.255.255.0

IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
228

S2/0

R4

192.1.24.0/24

R1
192.1.13.0/24

Lo0
1.1.1.1/32

Lo0
2.2.2.2/32

Lo0
5.5.5.5/32

network 1.1.1.1 0.0.0.0 area 0


network 192.1.12.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.12.2 0.0.0.0 area 0
MPLS LDP Configuration
R1
mpls label protocol ldp
mpls ldp router-id lo0 force
int f1/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f1/0
mpls ip
MP-BGP Configuration
R1
router bgp 1
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 1
neighbor 2.2.2.2 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community both
R2
router bgp 1
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 1
neighbor 1.1.1.1 update-source Loopback0
address-family vpnv4
neighbor 1.1.1.1 activate
229

neighbor 1.1.1.1 send-community both


CE-PE routing Configuration
R1
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
network 192.1.13.1 0.0.0.0
R3
router eigrp 100
network 3.3.3.3 0.0.0.0
network 192.1.13.3 0.0.0.0
network 192.1.34.3 0.0.0.0
R2
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
network 192.1.24.2 0.0.0.0
R4
router eigrp 100
network 4.4.4.4 0.0.0.0
network 192.1.24.4 0.0.0.0
network 192.1.34.4 0.0.0.0
VPN Configuration
R1
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
redistribute bgp 1 metric 1 1 1 1 1
router bgp 1
address-family ipv4 vrf MSSK
redistribute eigrp 100
R2
router eigrp 100
address-family ipv4 vrf MSSK autonomous-system 100
redistribute bgp 1 metric 1 1 1 1 1
router bgp 1
address-family ipv4 vrf MSSK
redistribute eigrp 100
230

Verifications
R1#sh bgp vpnv4 unicast all
BGP table version is 27, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 3.3.3.3/32
192.1.13.3
156160
32768 ?
*>i 4.4.4.4/32
2.2.2.2
156160 100
0?
r>i 192.1.13.0
2.2.2.2
2174976 100
0?
*>i 192.1.24.0
2.2.2.2
0 100
0?
*> 192.1.34.0
192.1.13.3
2172416
32768 ?
*i
2.2.2.2
2172416 100
0?
*>i 192.1.34.3/32 2.2.2.2
2172416 100
0?
*> 192.1.34.4/32 192.1.13.3
2172416
32768 ?
R2#sh bgp vpnv4 unicast all
BGP table version is 25, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 3.3.3.3/32
1.1.1.1
156160 100
0?
*> 4.4.4.4/32
192.1.24.4
156160
32768 ?
*> 192.1.13.0
192.1.24.4
2174976
32768 ?
*> 192.1.24.0
0.0.0.0
0
32768 ?
* i 192.1.34.0
1.1.1.1
2172416 100
0?
*>
192.1.24.4
2172416
32768 ?
*> 192.1.34.3/32 192.1.24.4
2172416
32768 ?
*>i 192.1.34.4/32 1.1.1.1
2172416 100
0?
R3#sh ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
231

E1 - OSPF external type 1, E2 - OSPF external type 2


i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
D
D

4.0.0.0/32 is subnetted, 1 subnets


4.4.4.4 [90/158720] via 192.1.13.1, 00:31:08, FastEthernet1/0
192.1.24.0/24 [90/30720] via 192.1.13.1, 00:31:08, FastEthernet1/0

R4#sh ip route eigrp


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
D
D

3.0.0.0/32 is subnetted, 1 subnets


3.3.3.3 [90/158720] via 192.1.24.2, 00:31:13, FastEthernet1/0
192.1.13.0/24 [90/2172416] via 192.1.34.3, 00:31:26, Serial2/0

R3#ping 4.4.4.4 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 4.4.4.4, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/40/72 ms
R3#traceroute 4.4.4.4 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 4.4.4.4
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.13.1 20 msec 8 msec 4 msec
2 192.1.24.2 [MPLS: Label 18 Exp 0] 16 msec 8 msec 8 msec
3 192.1.24.4 12 msec * 12 msec
R4#ping 3.3.3.3 source lo0
Type escape sequence to abort.
232

Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:


Packet sent with a source address of 4.4.4.4
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/17/24 ms
R4#traceroute 3.3.3.3 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 3.3.3.3
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.24.2 4 msec 44 msec 8 msec
2 192.1.13.1 [MPLS: Label 23 Exp 0] 20 msec 16 msec 12 msec
3 192.1.13.3 24 msec * 16 msec
A potential loop may arise when using EIGRP as the PE-CE routing protocol and a
backdoor link in place, what solve these potential loops is site of origin feature
We configure it via a route-map and apply it on the PE-CE interface
R1
route-map SOO_MAP permit 10
set extcommunity soo 100:1
int f1/1
ip vrf sitemap SOO_MAP
R2
route-map SOO_MAP permit 10
set extcommunity soo 100:1
int f1/1
ip vrf sitemap SOO_MAP
R1#sh bgp vpnv4 unicast all 3.3.3.3
BGP routing table entry for 100:1:3.3.3.3/32, version 35
Paths: (1 available, best #1, table MSSK)
Advertised to update-groups:
1
Refresh Epoch 1
Local
192.1.13.3 from 0.0.0.0 (1.1.1.1)
Origin incomplete, metric 156160, localpref 100, weight 32768, valid, sourced,
best
Extended Community: SoO:100:1 RT:100:1 Cost:pre-bestpath:128:156160
0x8800:32768:0 0x8801:100:130560 0x8802:65281:25600
0x8803:65281:1500
0x8806:0:50529027
233

mpls labels in/out 21/nolabel


rx pathid: 0, tx pathid: 0x0
R1#sh bgp vpnv4 unicast all 4.4.4.4
BGP routing table entry for 100:1:4.4.4.4/32, version 23
Paths: (1 available, best #1, table MSSK)
Advertised to update-groups:
3
Refresh Epoch 1
Local
192.1.13.3 from 0.0.0.0 (1.1.1.1)
Origin incomplete, metric 2300416, localpref 100, weight 32768, valid,
sourced, best
Extended Community: SoO:100:1 RT:100:1
Cost:pre-bestpath:128:2300416 (default-2145183231) 0x8800:32768:0
0x8801:100:642560 0x8802:65282:1657856 0x8803:65281:1500
0x8806:0:67372036
mpls labels in/out 23/nolabe

MPLS BGP Soo


Network Diagram
234

MPLS Backbone
OSPF Area 0

R5
F0/0

F0/1
F0/0

R2
S0/0
P2 203

FRSW
P3 302

IBGP

F0/0
Lo0 1.1.1.1/32

S0/0
Lo0 3.3.3.3/32

R3

R1
F0/0

F1/0

F0/1
F0/0

F0/0

F0/0

R4

R7

R6

VRF
RED

VRF
RED

RIP
Domain
VRF
RED

Configurations
VRF Configuration
R1
ip vrf RED
rd 100:1
route-target export 100:1
route-target import 100:1
int f0/1
ip vrf forwarding RED
ip address 192.1.14.1 255.255.255.0
int f1/0
235

ip vrf forwarding RED


ip address 192.1.17.1 255.255.255.0
R3
ip vrf RED
rd 100:1
route-target export 100:1
route-target import 100:1
int f0/0
ip vrf forwarding RED
ip address 192.1.36.3 255.255.255.0
IGP Configuration
R1
router ospf 1
router-id 1.1.1.1
network 1.1.1.1 0.0.0.0 area 0
network 192.1.15.1 0.0.0.0 area 0
R2
router ospf 1
router-id 2.2.2.2
network 2.2.2.2 0.0.0.0 area 0
network 192.1.23.2 0.0.0.0 area 0
network 192.1.25.2 0.0.0.0 area 0
R3
router ospf 1
router-id 3.3.3.3
network 3.3.3.3 0.0.0.0 area 0
network 192.1.23.3 0.0.0.0 area 0
R5
router ospf 1
router-id 5.5.5.5
network 5.5.5.5 0.0.0.0 area 0
network 192.1.15.5 0.0.0.0 area 0
network 192.1.25.5 0.0.0.0 area 0
MPLS LDP Configuration
R1
236

mpls label protocol ldp


mpls ldp router-id lo0 force
int f0/0
mpls ip
R2
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
R3
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int s0/0
mpls ip
R5
mpls label protocol ldp
mpls ldp router-id Loopback0 force
int f0/0
mpls ip
int f0/1
mpls ip
MP-BGP Configuration
R1
router bgp 100
no bgp default ipv4-unicast
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source lo0
address-family vpnv4
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community both
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 100
237

neighbor 1.1.1.1 update-source lo0


address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community both
CE-PE routing Configuration
R1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 remote-as 200
neighbor 192.1.14.4 activate
neighbor 192.1.17.7 remote-as 200
neighbor 192.1.17.7 activate
R4
router bgp 200
neighbor 192.1.14.1 remote-as 100
network 4.4.4.4 mask 255.255.255.255
router rip
version 2
no auto-summary
network 192.1.47.4
network 7.7.7.7
R7
router bgp 200
neighbor 192.1.17.1 remote-as 100
network 7.7.7.7 mask 255.255.255.255
router rip
version 2
no auto-summary
network 192.1.47.7
network 7.7.7.7
R3
address-family ipv4 vrf RED
neighbor 192.1.36.6 remote-as 200
neighbor 192.1.36.6 activate
R6
router bgp 200
neighbor 192.1.36.3 remote-as 100
238

network 6.6.6.6 mask 255.255.255.255


Verifications
R1#show ip bgp vpnv4 all summary
BGP router identifier 1.1.1.1, local AS number 100
BGP table version is 5, main routing table version 5
3 network entries using 420 bytes of memory
3 path entries using 204 bytes of memory
4/2 BGP path/bestpath attribute entries using 496 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 1232 total bytes of memory
BGP activity 3/0 prefixes, 3/0 paths, scan interval 15 secs
Neighbor
3.3.3.3
192.1.14.4
192.1.17.7

V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


4 100
31
32
5 0 0 00:27:13
1
4 200
19
20
5 0 0 00:14:04
1
4 200
18
20
5 0 0 00:13:39
1

R3#show ip bgp vpnv4 all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 6, main routing table version 6
3 network entries using 420 bytes of memory
3 path entries using 204 bytes of memory
4/2 BGP path/bestpath attribute entries using 496 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 2 (at peak 2) using 64 bytes of memory
BGP using 1232 total bytes of memory
BGP activity 3/0 prefixes, 3/0 paths, scan interval 15 secs
Neighbor
1.1.1.1
192.1.36.6

V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


4 100
32
31
6 0 0 00:27:27
2
4 200
18
18
6 0 0 00:13:08
1

R4#sh ip bgp summary


BGP router identifier 4.4.4.4, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
239

1 path entries using 52 bytes of memory


2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 452 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs
Neighbor
192.1.14.1

V
4

AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


100
20
19
2 0 0 00:14:34
0

R6#sh ip bgp summary


BGP router identifier 6.6.6.6, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 452 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs
Neighbor
192.1.36.3

V
4

AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


100
18
18
2 0 0 00:13:35
0

R7#sh ip bgp summary


BGP router identifier 7.7.7.7, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 120 bytes of memory
1 path entries using 52 bytes of memory
2/1 BGP path/bestpath attribute entries using 248 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 452 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs
Neighbor
192.1.17.1

V
4

AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd


100
21
19
2 0 0 00:14:30
0

As we can see that neither of the CEs can receive the loopback of any other CEs
(which is advertised in BGP) why?
The reason behind that is that the bgp speaker will not accept a route with its own
AS number (which is 200 in our case)
240

The ways to solve this issue is:

BGP AS-Override
BGP AllowAS-in

We will go with AS-Override; the configuration will be applied on the PE towards the
CE under the address-family ipv4 configuration mode
R1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 as-override
neighbor 192.1.17.7 as-override
R3
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.36.6 as-override
R4#sh ip bgp
BGP table version is 8, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
*> 4.4.4.4/32
*> 6.6.6.6/32
*> 7.7.7.7/32

Next Hop
0.0.0.0
192.1.14.1
192.1.14.1

Metric LocPrf Weight Path


0
32768 i
0 100 100 i
0 100 100 i

R6#sh ip bgp
BGP table version is 4, local router ID is 6.6.6.6
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network
*> 4.4.4.4/32
*> 6.6.6.6/32
*> 7.7.7.7/32

Next Hop
192.1.36.3
0.0.0.0
192.1.36.3

Metric LocPrf Weight Path


0 100 100 i
0
32768 i
0 100 100 i

R7#sh ip bgp
BGP table version is 6, local router ID is 7.7.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
241

Origin codes: i - IGP, e - EGP, ? - incomplete


Network
*> 4.4.4.4/32
*> 6.6.6.6/32
*> 7.7.7.7/32

Next Hop
192.1.17.1
192.1.17.1
0.0.0.0

Metric LocPrf Weight Path


0 100 100 i
0 100 100 i
0
32768 i

Now , the SOO community is used in MPLS networks to prevent looping between
the PEs , when a PE advertise a route to its neighbor PE that is attached with a soo
community that matches the same rd configured under the ip vrf configuration
mode , it will not advertise it to its CE
R1
route-map SOO permit 10
set extcommunity soo 100:1
router bgp 100
address-family ipv4 vrf RED
neighbor 192.1.14.4 route-map SOO in
neighbor 192.1.17.7 route-map SOO in
R1#sh ip bgp vpnv4 vrf RED 6.6.6.6
BGP routing table entry for 100:1:6.6.6.6/32, version 12
Paths: (1 available, best #1, table RED)
Advertised to update-groups:
2 3
200
3.3.3.3 (metric 67) from 3.3.3.3 (3.3.3.3)
Origin IGP, metric 0, localpref 100, valid, internal, best
Extended Community: RT:100:1
mpls labels in/out nolabel/22
R1#sh ip bgp vpnv4 vrf RED 4.4.4.4
BGP routing table entry for 100:1:4.4.4.4/32, version 7
Paths: (1 available, best #1, table RED)
Advertised to update-groups:
1 2
200
192.1.14.4 from 192.1.14.4 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, external, best
Extended Community: RT:100:1
mpls labels in/out 22/nolabel

Full scale Lab


242

Network Diagram

Initrial Configurations
R1
hostname R1
interface Loopback0
ip address 192.168.1.1 255.255.255.255
ipv6 address 2001:DB8::1/128
interface FastEthernet1/0
ip address 192.1.12.1 255.255.255.0
speed 100
duplex full
ipv6 address 2001:DB8:12::1/64
no shut
R2
hostname R2
interface Loopback0
ip address 2.2.2.2 255.255.255.255
243

interface FastEthernet1/0
ip address 192.1.12.2 255.255.255.0
speed 100
duplex full
ipv6 address 2001:DB8:12::2/64
no shut
interface FastEthernet1/1
ip address 192.1.23.2 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.25.2 255.255.255.0
speed 100
duplex full
no shut
R3
hostname R3
interface Loopback0
ip address 3.3.3.3 255.255.255.255
interface FastEthernet1/0
no ip address
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.23.3 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.34.3 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/1
244

ip address 192.1.35.3 255.255.255.0


speed 100
duplex full
no shut
R4
hostname R4
interface Loopback0
ip address 4.4.4.4 255.255.255.255
interface FastEthernet1/0
ip address 192.1.34.4 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.45.4 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.40.4 255.255.255.0
speed 100
duplex full
no shut
interface Serial3/0
no ip address
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut
R5
hostname R5
interface Loopback0
ip address 5.5.5.5 255.255.255.255
interface FastEthernet1/0
ip address 192.1.56.5 255.255.255.0
245

speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.25.5 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/0
ip address 192.1.45.5 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet2/1
ip address 192.1.35.5 255.255.255.0
speed 100
duplex full
no shut
R6
hostname R6
interface Loopback0
ip address 172.16.6.6 255.255.255.255
interface FastEthernet1/0
ip address 192.1.56.6 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.67.6 255.255.255.0
speed 100
duplex full
no shut
R7
hostname R7
interface Loopback0
ip address 10.7.7.7 255.255.255.255
246

interface FastEthernet1/0
ip address 192.1.67.7 255.255.255.0
speed 100
duplex full
no shut
R8
hostname R8
interface Serial1/0
ip address 192.1.89.8 255.255.255.0
encapsulation ppp
serial restart-delay 0
clock rate 128000
no shut
R9
hostname R9
interface FastEthernet1/0
ip address 192.1.89.9 255.255.255.0
speed 100
duplex full
no shut
GW
hostname Gw
interface FastEthernet1/0
ip address 192.1.40.10 255.255.255.0
speed 100
duplex full
no shut
interface FastEthernet1/1
ip address 192.1.100.10 255.255.255.0
speed 100
duplex full
no shut
Configure ISIS as the IGP inside AS 100 and make sure all circuits are
level-2 circuits
R2
247

interface FastEthernet1/1
ip router isis 1
interface FastEthernet2/0
ip router isis 1
router isis 1
net 49.0001.0000.0000.0002.00
is-type level-2-only
passive-interface Loopback0
R3
interface FastEthernet1/1
ip router isis 1
interface FastEthernet2/0
ip router isis 1
interface FastEthernet2/1
ip router isis 1
router isis 1
net 49.0001.0000.0000.0003.00
is-type level-2-only
passive-interface Loopback0
R4
interface FastEthernet1/0
ip router isis 1
interface FastEthernet1/1
ip router isis 1
router isis 1
net 49.0001.0000.0000.0004.00
is-type level-2-only
passive-interface Loopback0
R5
interface FastEthernet1/1
ip router isis 1
interface FastEthernet2/0
ip router isis 1

248

interface FastEthernet2/1
ip router isis 1
router isis 1
net 49.0001.0000.0000.0005.00
is-type level-2-only
passive-interface Loopback0
R2#show isis neighbors
Tag 1:
System Id
Type Interface IP Address
State Holdtime Circuit Id
R3
L2 Fa1/1
192.1.23.3
UP 8
R3.01
R5
L2 Fa2/0
192.1.25.5
UP 7
R5.01
R2#show clns neighbors
Tag 1:
System Id
Interface SNPA
R3
Fa1/1
ca02.270a.001d
R5
Fa2/0
ca04.270a.001d

State Holdtime Type Protocol


Up
9
L2 IS-IS
Up
8
L2 IS-IS

R2#sh ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
i
i
i
i
i
i

3.0.0.0/32 is subnetted, 1 subnets


L2
3.3.3.3 [115/10] via 192.1.23.3, 00:01:39, FastEthernet1/1
4.0.0.0/32 is subnetted, 1 subnets
L2
4.4.4.4 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0
[115/20] via 192.1.23.3, 00:01:29, FastEthernet1/1
5.0.0.0/32 is subnetted, 1 subnets
L2
5.5.5.5 [115/10] via 192.1.25.5, 00:01:29, FastEthernet2/0
L2 192.1.34.0/24 [115/20] via 192.1.23.3, 00:01:39, FastEthernet1/1
L2 192.1.35.0/24 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0
[115/20] via 192.1.23.3, 00:01:29, FastEthernet1/1
L2 192.1.45.0/24 [115/20] via 192.1.25.5, 00:01:29, FastEthernet2/0

249

R3#show isis neighbors


Tag 1:
System Id
Type Interface IP Address
State Holdtime Circuit Id
R2
L2 Fa1/1
192.1.23.2
UP 29
R3.01
R4
L2 Fa2/0
192.1.34.4
UP 8
R4.01
R5
L2 Fa2/1
192.1.35.5
UP 8
R5.03
R3#show clns neighbors
Tag 1:
System Id
Interface SNPA
R2
Fa1/1
ca01.270a.001d
R4
Fa2/0
ca03.270a.001c
R5
Fa2/1
ca04.270a.0039

State
Up
Up
Up

Holdtime Type Protocol


24
L2 IS-IS
7
L2 IS-IS
7
L2 IS-IS

R3#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
2.2.2.2 [115/10] via 192.1.23.2, 00:02:00, FastEthernet1/1
4.0.0.0/32 is subnetted, 1 subnets
L2
4.4.4.4 [115/10] via 192.1.34.4, 00:01:50, FastEthernet2/0
5.0.0.0/32 is subnetted, 1 subnets
L2
5.5.5.5 [115/10] via 192.1.35.5, 00:01:40, FastEthernet2/1
L2 192.1.25.0/24 [115/20] via 192.1.35.5, 00:01:40, FastEthernet2/1
[115/20] via 192.1.23.2, 00:01:40, FastEthernet1/1
L2 192.1.45.0/24 [115/20] via 192.1.35.5, 00:01:40, FastEthernet2/1
[115/20] via 192.1.34.4, 00:01:40, FastEthernet2/0

i L2
i
i
i
i

R4#show isis neighbors


Tag 1:
System Id
Type Interface IP Address
State Holdtime Circuit Id
R3
L2 Fa1/0
192.1.34.3
UP 22
R4.01
R5
L2 Fa1/1
192.1.45.5
UP 7
R5.02

250

R4#show clns neighbors


Tag 1:
System Id
Interface SNPA
R3
Fa1/0
ca02.270a.0038
R5
Fa1/1
ca04.270a.0038

State Holdtime Type Protocol


Up
28
L2 IS-IS
Up
7
L2 IS-IS

R4#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
2.2.2.2 [115/20] via 192.1.45.5, 00:02:02, FastEthernet1/1
[115/20] via 192.1.34.3, 00:02:02, FastEthernet1/0
3.0.0.0/32 is subnetted, 1 subnets
L2
3.3.3.3 [115/10] via 192.1.34.3, 00:02:12, FastEthernet1/0
5.0.0.0/32 is subnetted, 1 subnets
L2
5.5.5.5 [115/10] via 192.1.45.5, 00:02:02, FastEthernet1/1
L2 192.1.23.0/24 [115/20] via 192.1.34.3, 00:02:12, FastEthernet1/0
L2 192.1.25.0/24 [115/20] via 192.1.45.5, 00:02:02, FastEthernet1/1
L2 192.1.35.0/24 [115/20] via 192.1.45.5, 00:02:02, FastEthernet1/1
[115/20] via 192.1.34.3, 00:02:02, FastEthernet1/0

i L2
i
i
i
i
i

R5#show isis neighbors


Tag 1:
System Id
Type Interface IP Address
State Holdtime Circuit Id
R2
L2 Fa1/1
192.1.25.2
UP 21
R5.01
R3
L2 Fa2/1
192.1.35.3
UP 23
R5.03
R4
L2 Fa2/0
192.1.45.4
UP 24
R5.02
R5#show clns neighbors
Tag 1:
System Id
Interface SNPA
R2
Fa1/1
ca01.270a.0038
R3
Fa2/1
ca02.270a.0039
R4
Fa2/0
ca03.270a.001d

State
Up
Up
Up

251

Holdtime Type Protocol


28
L2 IS-IS
28
L2 IS-IS
21
L2 IS-IS

R5#show ip route isis


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
2.2.2.2 [115/10] via 192.1.25.2, 00:02:26, FastEthernet1/1
3.0.0.0/32 is subnetted, 1 subnets
L2
3.3.3.3 [115/10] via 192.1.35.3, 00:02:26, FastEthernet2/1
4.0.0.0/32 is subnetted, 1 subnets
L2
4.4.4.4 [115/10] via 192.1.45.4, 00:02:26, FastEthernet2/0
L2 192.1.23.0/24 [115/20] via 192.1.35.3, 00:02:26, FastEthernet2/1
[115/20] via 192.1.25.2, 00:02:26, FastEthernet1/1
L2 192.1.34.0/24 [115/20] via 192.1.45.4, 00:02:26, FastEthernet2/0
[115/20] via 192.1.35.3, 00:02:26, FastEthernet2/1

i L2
i
i
i
i

Enable MPLS on all transit links in AS 100 (use minimum commands)


R2 R5
router isis 1
mpls ldp autoconfig
R2#show mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.63778 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 15/14; Downstream
Up time: 00:01:55
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.23.3
Addresses bound to peer LDP Ident:
192.1.23.3
192.1.34.3
192.1.35.3
3.3.3.3
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 2.2.2.2:0
TCP connection: 5.5.5.5.44091 - 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 15/14; Downstream
Up time: 00:01:53
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.25.5
Addresses bound to peer LDP Ident:
252

192.1.56.5
5.5.5.5

192.1.25.5

192.1.45.5

192.1.35.5

R2#show mpls interfaces


Interface
IP
Tunnel BGP Static Operational
FastEthernet1/1
Yes (ldp)
No
No No
Yes
FastEthernet2/0
Yes (ldp)
No
No No
Yes
R3#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 3.3.3.3:0
TCP connection: 2.2.2.2.646 - 3.3.3.3.63778
State: Oper; Msgs sent/rcvd: 14/15; Downstream
Up time: 00:02:11
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.23.2
Addresses bound to peer LDP Ident:
192.1.12.2
192.1.23.2
192.1.25.2
2.2.2.2
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 3.3.3.3:0
TCP connection: 4.4.4.4.40632 - 3.3.3.3.646
State: Oper; Msgs sent/rcvd: 14/14; Downstream
Up time: 00:02:10
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.34.4
Addresses bound to peer LDP Ident:
192.1.34.4
192.1.45.4
4.4.4.4
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 3.3.3.3:0
TCP connection: 5.5.5.5.49471 - 3.3.3.3.646
State: Oper; Msgs sent/rcvd: 14/15; Downstream
Up time: 00:02:09
LDP discovery sources:
FastEthernet2/1, Src IP addr: 192.1.35.5
Addresses bound to peer LDP Ident:
192.1.56.5
192.1.25.5
192.1.45.5
192.1.35.5
5.5.5.5
R3#show mpls interfaces
Interface
IP
Tunnel BGP Static Operational
FastEthernet1/1
Yes (ldp)
No
No No
Yes
FastEthernet2/0
Yes (ldp)
No
No No
Yes
FastEthernet2/1
Yes (ldp)
No
No No
Yes
R4#show mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 4.4.4.4:0
TCP connection: 3.3.3.3.646 - 4.4.4.4.40632
State: Oper; Msgs sent/rcvd: 14/14; Downstream
253

Up time: 00:02:22
LDP discovery sources:
FastEthernet1/0, Src IP addr: 192.1.34.3
Addresses bound to peer LDP Ident:
192.1.23.3
192.1.34.3
192.1.35.3
3.3.3.3
Peer LDP Ident: 5.5.5.5:0; Local LDP Ident 4.4.4.4:0
TCP connection: 5.5.5.5.28271 - 4.4.4.4.646
State: Oper; Msgs sent/rcvd: 14/15; Downstream
Up time: 00:02:21
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.45.5
Addresses bound to peer LDP Ident:
192.1.56.5
192.1.25.5
192.1.45.5
192.1.35.5
5.5.5.5
R4#show mpls interfaces
Interface
IP
Tunnel BGP Static Operational
FastEthernet1/0
Yes (ldp)
No
No No
Yes
FastEthernet1/1
Yes (ldp)
No
No No
Yes
R5#show mpls ldp neighbor
Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 5.5.5.5:0
TCP connection: 2.2.2.2.646 - 5.5.5.5.44091
State: Oper; Msgs sent/rcvd: 15/15; Downstream
Up time: 00:02:33
LDP discovery sources:
FastEthernet1/1, Src IP addr: 192.1.25.2
Addresses bound to peer LDP Ident:
192.1.12.2
192.1.23.2
192.1.25.2
2.2.2.2
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 5.5.5.5:0
TCP connection: 3.3.3.3.646 - 5.5.5.5.49471
State: Oper; Msgs sent/rcvd: 16/14; Downstream
Up time: 00:02:33
LDP discovery sources:
FastEthernet2/1, Src IP addr: 192.1.35.3
Addresses bound to peer LDP Ident:
192.1.23.3
192.1.34.3
192.1.35.3
3.3.3.3
Peer LDP Ident: 4.4.4.4:0; Local LDP Ident 5.5.5.5:0
TCP connection: 4.4.4.4.646 - 5.5.5.5.28271
State: Oper; Msgs sent/rcvd: 15/15; Downstream
Up time: 00:02:33
LDP discovery sources:
FastEthernet2/0, Src IP addr: 192.1.45.4
Addresses bound to peer LDP Ident:
192.1.34.4
192.1.45.4
4.4.4.4
254

R5#show mpls interfaces


Interface
IP
Tunnel BGP Static Operational
FastEthernet1/1
Yes (ldp)
No
No No
Yes
FastEthernet2/0
Yes (ldp)
No
No No
Yes
FastEthernet2/1
Yes (ldp)
No
No No
Yes
Configure VRF MSSK on R2, R5 with an RD value of 100:1 and
import/export values of the same, and assign the appropriate interfaces to
it
R2
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
exit-address-family
int f1/0
vrf forwarding MSSK
ip address 192.1.12.2 255.255.255.0
ipv6 address 2001:DB8:12::2/64
R5
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
exit-address-family
int f1/0
vrf forwarding MSSK
ip address 192.1.56.5 255.255.255.0
R2#sh ip vrf
Name
MSSK

Default RD
100:1

Interfaces
Fa1/0

R5#sh ip vrf
Name
MSSK

Default RD
100:1

Interfaces
Fa1/0

Configure BGP VPNv4 peering with R4 is acting as a route reflector


255

R2
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
R3
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
R4
router bgp 100
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 100
neighbor 2.2.2.2 update-source Loopback0
neighbor 3.3.3.3 remote-as 100
neighbor 3.3.3.3 update-source Loopback0
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source Loopback0
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
neighbor 2.2.2.2 route-reflector-client
neighbor 3.3.3.3 activate
neighbor 3.3.3.3 send-community extended
neighbor 3.3.3.3 route-reflector-client
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
neighbor 5.5.5.5 route-reflector-client
R5
router bgp 100
no bgp default ipv4-unicast
neighbor 4.4.4.4 remote-as 100
neighbor 4.4.4.4 update-source Loopback0
256

address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
R2#show bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor
V
State/PfxRcd
4.4.4.4
4

AS MsgRcvd MsgSent
100

TblVer InQ OutQ Up/Down


0

0 00:00:55

R3#show bgp vpnv4 unicast all summary


BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor
V
State/PfxRcd
4.4.4.4
4

AS MsgRcvd MsgSent
100

TblVer InQ OutQ Up/Down


0

0 00:01:05

R4#show bgp vpnv4 unicast all summary


BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor
V
State/PfxRcd
2.2.2.2
4
3.3.3.3
4
5.5.5.5
4

AS MsgRcvd MsgSent
100
100
100

3
4
2

4
4
4

1
1
1

TblVer InQ OutQ Up/Down


0
0
0

0 00:01:11
0 00:01:07
0 00:00:51

0
0
0

R5#show bgp vpnv4 unicast all summary


BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 1, main routing table version 1
Neighbor
V
State/PfxRcd
4.4.4.4
4

AS MsgRcvd MsgSent
100

TblVer InQ OutQ Up/Down


0

0 00:00:52

Configure OSPF PID 100 as the PE-CE routing protocol between R6-R7 and
R5 (noting that R5-R6 resides in Area 0 , R6-R7 resides in Area 1 and R7
lo0 is part of Area 2), EIGRP AS 1 as the PE-CE routing protocol between
R1 and R2
R1
router eigrp 1
257

no auto-summary
network 192.1.12.1 0.0.0.0
network 192.168.1.1 0.0.0.0
R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
network 192.1.12.2 0.0.0.0
no auto-summary
R6
router ospf 100
router-id 6.6.6.6
area 1 virtual-link 7.7.7.7
network 172.16.6.6 0.0.0.0 area 0
network 192.1.56.6 0.0.0.0 area 0
network 192.1.67.6 0.0.0.0 area 1
R7
router ospf 100
router-id 7.7.7.7
area 1 virtual-link 6.6.6.6
network 10.7.7.7 0.0.0.0 area 2
network 192.1.67.7 0.0.0.0 area 1
R5
router ospf 100 vrf MSSK
network 192.1.56.5 0.0.0.0 area 0
R1#sh ip eigrp neighbors
EIGRP-IPv4 Neighbors for AS(1)
H Address
Interface
0

192.1.12.2

Fa1/0

(sec)

Hold Uptime SRTT RTO Q Seq


(ms)
Cnt Num
10 00:00:28 8 100 0 3

R2#sh ip eigrp vrf MSSK neighbors


EIGRP-IPv4 Neighbors for AS(1) VRF(MSSK)
H Address
Interface
Hold Uptime SRTT RTO Q Seq
(sec)
(ms)
Cnt Num
0 192.1.12.1
Fa1/0
10 00:00:46 20 120 0 2
R5#sh ip ospf neighbor
Neighbor ID
6.6.6.6

Pri State
1 FULL/BDR

Dead Time
00:00:38
258

Address
192.1.56.6

Interface
FastEthernet1/0

R6#sh ip ospf neighbor


Neighbor ID
192.1.56.5
7.7.7.7
7.7.7.7

Pri State
1 FULL/DR
0 FULL/ 1 FULL/DR

Dead Time Address


Interface
00:00:38 192.1.56.5
FastEthernet1/0
00:00:35 192.1.67.7
OSPF_VL0
00:00:38 192.1.67.7
FastEthernet1/1

R7#sh ip ospf neighbor


Neighbor ID
6.6.6.6
6.6.6.6

Pri State
0 FULL/ 1 FULL/BDR

Dead Time Address


00:00:26 192.1.67.6
00:00:31 192.1.67.6

Interface
OSPF_VL0
FastEthernet1/0

R2#sh ip route vrf MSSK eigrp


Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
192.168.1.0/32 is subnetted, 1 subnets
D
192.168.1.1 [90/156160] via 192.1.12.1, 00:02:21, FastEthernet1/0
R2#ping vrf MSSK 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
R5#sh ip route vrf MSSK ospf
Routing Table: MSSK
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
259

o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP


+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/32 is subnetted, 1 subnets
O IA
10.7.7.7 [110/3] via 192.1.56.6, 00:01:20, FastEthernet1/0
172.16.0.0/32 is subnetted, 1 subnets
O
172.16.6.6 [110/2] via 192.1.56.6, 00:01:35, FastEthernet1/0
O IA 192.1.67.0/24 [110/2] via 192.1.56.6, 00:01:35, FastEthernet1/0
R5#ping vrf MSSK 172.16.6.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/8 ms
R5#ping vrf MSSK 10.7.7.7
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.7.7.7, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 ms
Configure the necessary in order to achieve connectivity from R1 to R6 and
R7
R2
router eigrp 1
address-family ipv4 vrf MSSK autonomous-system 1
redistribute bgp 100 metric 10000 1000 255 1 1500
router bgp 100
address-family ipv4 vrf MSSK
redistribute eigrp 1
R5
router ospf 100 vrf MSSK
redistribute bgp 100 subnets
router bgp 100
address-family ipv4 vrf MSSK
redistribute ospf 100
R2#show bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
260

BGP table version is 10, main routing table version 10


5 network entries using 780 bytes of memory
5 path entries using 400 bytes of memory
5/5 BGP path/bestpath attribute entries using 720 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
3 BGP extended community entries using 330 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2254 total bytes of memory
BGP activity 5/0 prefixes, 5/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
4.4.4.4
4

AS MsgRcvd MsgSent
100

18

15

10

TblVer InQ OutQ Up/Down


0

0 00:10:39

R2#show bgp vpnv4 unicast all


BGP table version is 10, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 10.7.7.7/32
5.5.5.5
3 100
0?
*>i 172.16.6.6/32 5.5.5.5
2 100
0?
*>i 192.1.56.0
5.5.5.5
0 100
0?
*>i 192.1.67.0
5.5.5.5
2 100
0?
*> 192.168.1.1/32 192.1.12.1
156160
32768 ?
R5#show bgp vpnv4 unicast all
BGP table version is 7, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*> 10.7.7.7/32
192.1.56.6
3
32768 ?
*> 172.16.6.6/32 192.1.56.6
2
32768 ?
*> 192.1.56.0
0.0.0.0
0
32768 ?
*> 192.1.67.0
192.1.56.6
2
32768 ?
261

*>i 192.168.1.1/32

2.2.2.2

156160

100

0?

R1#sh ip route eigrp


Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
10.0.0.0/32 is subnetted, 1 subnets
D EX
10.7.7.7 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0
172.16.0.0/32 is subnetted, 1 subnets
D EX
172.16.6.6 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0
D EX 192.1.56.0/24 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0
D EX 192.1.67.0/24 [170/514560] via 192.1.12.2, 00:00:47, FastEthernet1/0
R1#ping 10.7.7.7 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/21/36 ms
R1#ping 172.16.6.6 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.6, timeout is 2 seconds:
Packet sent with a source address of 192.168.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/13/16 ms
R6#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override

262

Gateway of last resort is not set


10.0.0.0/32 is subnetted, 1 subnets
O IA
10.7.7.7 [110/2] via 192.1.67.7, 00:04:50, FastEthernet1/1
192.168.1.0/32 is subnetted, 1 subnets
O E2
192.168.1.1 [110/1] via 192.1.56.5, 00:01:13, FastEthernet1/0
R6#ping 10.7.7.7 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.7.7.7, timeout is 2 seconds:
Packet sent with a source address of 172.16.6.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/8 ms
R6#ping 192.168.1.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.6.6
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/12/16 ms
R7#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
172.16.0.0/32 is subnetted, 1 subnets
O
172.16.6.6 [110/2] via 192.1.67.6, 00:05:09, FastEthernet1/0
O
192.1.56.0/24 [110/2] via 192.1.67.6, 00:05:09, FastEthernet1/0
192.168.1.0/32 is subnetted, 1 subnets
O E2
192.168.1.1 [110/1] via 192.1.67.6, 00:01:38, FastEthernet1/0
R7#ping 172.16.6.6 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.6.6, timeout is 2 seconds:
Packet sent with a source address of 10.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
263

R7#ping 192.168.1.1 source lo0


Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.7.7.7
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/20 ms
R1#traceroute 172.16.6.6 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 172.16.6.6
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.12.2 8 msec 4 msec 4 msec
2 192.1.56.5 [MPLS: Label 22 Exp 0] 8 msec 8 msec 8 msec
3 192.1.56.6 12 msec * 8 msec
R1#traceroute 10.7.7.7 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 10.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.12.2 4 msec 4 msec 0 msec
2 192.1.56.5 [MPLS: Label 21 Exp 0] 8 msec 8 msec 8 msec
3 192.1.56.6 12 msec 12 msec 12 msec
4 192.1.67.7 24 msec * 16 msec
R6#traceroute 192.168.1.1 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.56.5 4 msec 4 msec 8 msec
2 192.1.12.2 [MPLS: Label 22 Exp 0] 8 msec 8 msec 8 msec
3 192.1.12.1 12 msec * 12 msec
R7#traceroute 192.168.1.1 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.67.6 4 msec 0 msec 4 msec
2 192.1.56.5 8 msec 8 msec 8 msec
3 192.1.12.2 [MPLS: Label 22 Exp 0] 16 msec 12 msec 12 msec
4 192.1.12.1 20 msec * 16 msec
Enable AS 100 for traffic engineering
R2
264

mpls traffic-eng tunnels


interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R3
mpls traffic-eng tunnels
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/1
mpls traffic-eng tunnels
ip rsvp bandwidth
router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R4
mpls traffic-eng tunnels
interface FastEthernet1/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
265

router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R5
mpls traffic-eng tunnels
interface FastEthernet1/1
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/0
mpls traffic-eng tunnels
ip rsvp bandwidth
interface FastEthernet2/1
mpls traffic-eng tunnels
ip rsvp bandwidth
router isis 1
metric-style wide
mpls traffic-eng router-id Loopback0
mpls traffic-eng level-2
R2#sh ip rsvp interface
interface rsvp
allocated i/f max flow max sub max VRF
Fa1/1
ena
0
75M
75M
0
Fa2/0
ena
0
75M
75M
0
R3#sh ip rsvp interface
interface rsvp
allocated i/f max flow
Fa1/1
ena
0
75M
75M
Fa2/0
ena
0
75M
75M
Fa2/1
ena
0
75M
75M

max sub max VRF


0
0
0

R4#sh ip rsvp interface


interface rsvp
allocated i/f max flow max sub max VRF
Fa1/0
ena
0
75M
75M
0
Fa1/1
ena
0
75M
75M
0
R5#sh ip rsvp interface
interface rsvp
allocated i/f max flow max sub max VRF
Fa1/1
ena
0
75M
75M
0
266

Fa2/0
Fa2/1

ena
ena

0
0

75M
75M

75M
75M

0
0

Configure MPLE-TE in such a way that traffic flow from R5 to R2 follow the
path R5 R4 R3 R2 and the traffic flow from R2 to R5 follow the poath
R2 R3 R4 R5
R2
ip explicit-path name TO_R5 enable
next-address 3.3.3.3
next-address 4.4.4.4
next-address 5.5.5.5
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 5.5.5.5
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng path-option 1 explicit name TO_R5
tunnel mpls traffic-eng path-option 2 dynamic
R5
ip explicit-path name TO_R2 enable
next-address 4.4.4.4
next-address 3.3.3.3
next-address 2.2.2.2
interface Tunnel0
ip unnumbered Loopback0
tunnel mode mpls traffic-eng
tunnel destination 2.2.2.2

tunnel mpls traffic-eng autoroute announce


tunnel mpls traffic-eng path-option 1 explicit name TO_R2
tunnel mpls traffic-eng path-option 2 dynamic
R2#show interfaces tun0 | inc line
Tunnel0 is up, line protocol is up
R5#show interfaces tun0 | inc line
Tunnel0 is up, line protocol is up
R2#show mpls traffic-eng tunnels summary
Signalling Summary:
LSP Tunnels Process:
running
Passive LSP Listener:
running
267

RSVP Process:
running
Forwarding:
enabled
Periodic reoptimization:
every 3600 seconds, next in 3291 seconds
Periodic FRR Promotion:
Not Running
Periodic auto-bw collection: every 300 seconds, next in 291 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1
P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0
R5#show mpls traffic-eng tunnels summary
Signalling Summary:
LSP Tunnels Process:
running
Passive LSP Listener:
running
RSVP Process:
running
Forwarding:
enabled
Periodic reoptimization:
every 3600 seconds, next in 3211 seconds
Periodic FRR Promotion:
Not Running
Periodic auto-bw collection: every 300 seconds, next in 211 seconds
P2P:
Head: 1 interfaces, 1 active signalling attempts, 1 established
1 activations, 0 deactivations
0 SSO recovery attempts, 0 SSO recovered
Midpoints: 0, Tails: 1
P2MP:
Head: 0 interfaces, 0 active signalling attempts, 0 established
0 sub-LSP activations, 0 sub-LSP deactivations
0 LSP successful activations, 0 LSP deactivations
0 SSO recovery attempts, LSP recovered: 0 full, 0 partial, 0 fail
Midpoints: 0, Tails: 0
R2#show mpls traffic-eng tunnels
P2P TUNNELS/LSPs:
Name: R2_t0

(Tunnel0) Destination: 5.5.5.5


268

Status:
Admin: up
Oper: up
Path: valid
Signalling: connected
path option 1, type explicit TO_R5 (Basis for Setup, path weight 30)
path option 2, type dynamic
Config Parameters:
Bandwidth: 0
kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : OutLabel : FastEthernet1/1, 21
Next Hop : 192.1.23.3
RSVP Signalling Info:
Src 2.2.2.2, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.23.2
Explicit Route: 192.1.23.3 192.1.34.3 192.1.34.4 192.1.45.4
192.1.45.5 5.5.5.5
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
History:
Tunnel:
Time since created: 3 minutes, 10 seconds
Time since path change: 3 minutes, 10 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 3 minutes, 10 seconds
LSP Tunnel R5_t0 is signalled, connection is up
InLabel : FastEthernet1/1, implicit-null
Prev Hop : 192.1.23.3
OutLabel : RSVP Signalling Info:
Src 5.5.5.5, Dst 2.2.2.2, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 2.2.2.2
269

Explicit Route: NONE


Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
P2MP TUNNELS:
P2MP SUB-LSPS:
R5#show mpls traffic-eng tunnels
P2P TUNNELS/LSPs:
Name: R5_t0
(Tunnel0) Destination: 2.2.2.2
Status:
Admin: up
Oper: up
Path: valid
Signalling: connected
path option 1, type explicit TO_R2 (Basis for Setup, path weight 30)
path option 2, type dynamic
Config Parameters:
Bandwidth: 0
kbps (Global) Priority: 7 7 Affinity: 0x0/0xFFFF
Metric Type: TE (default)
AutoRoute: enabled LockDown: disabled Loadshare: 0 [0] bw-based
auto-bw: disabled
Active Path Option Parameters:
State: explicit path option 1 is active
BandwidthOverride: disabled LockDown: disabled Verbatim: disabled
InLabel : OutLabel : FastEthernet2/0, 23
Next Hop : 192.1.45.4
RSVP Signalling Info:
Src 5.5.5.5, Dst 2.2.2.2, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 192.1.45.5
Explicit Route: 192.1.45.4 192.1.34.4 192.1.34.3 192.1.23.3
192.1.23.2 2.2.2.2
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
270

History:
Tunnel:
Time since created: 3 minutes, 25 seconds
Time since path change: 3 minutes, 24 seconds
Number of LSP IDs (Tun_Instances) used: 1
Current LSP: [ID: 1]
Uptime: 3 minutes, 24 seconds
LSP Tunnel R2_t0 is signalled, connection is up
InLabel : FastEthernet2/0, implicit-null
Prev Hop : 192.1.45.4
OutLabel : RSVP Signalling Info:
Src 2.2.2.2, Dst 5.5.5.5, Tun_Id 0, Tun_Instance 1
RSVP Path Info:
My Address: 5.5.5.5
Explicit Route: NONE
Record Route: NONE
Tspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
RSVP Resv Info:
Record Route: NONE
Fspec: ave rate=0 kbits, burst=1000 bytes, peak rate=0 kbits
P2MP TUNNELS:
P2MP SUB-LSPS:
R1#traceroute 10.7.7.7 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 10.7.7.7
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.12.2 8 msec 4 msec 4 msec
2 192.1.23.3 [MPLS: Labels 21/21 Exp 0] 24 msec 20 msec 20 msec
3 192.1.34.4 [MPLS: Labels 22/21 Exp 0] 20 msec 20 msec 24 msec
4 192.1.56.5 [MPLS: Label 21 Exp 0] 20 msec 20 msec 16 msec
5 192.1.56.6 20 msec 20 msec 20 msec
6 192.1.67.7 24 msec * 24 msec
R7#traceroute 192.168.1.1 source lo0 numeric
Type escape sequence to abort.
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 192.1.67.6 4 msec 0 msec 4 msec
2 192.1.56.5 8 msec 8 msec 8 msec
3 192.1.45.4 [MPLS: Labels 23/22 Exp 0] 28 msec 24 msec 28 msec
271

4 192.1.34.3 [MPLS: Labels 22/22 Exp 0] 28 msec 24 msec 24 msec


5 192.1.12.2 [MPLS: Label 22 Exp 0] 36 msec 20 msec 20 msec
6 192.1.12.1 28 msec * 24 msec
Configure eBGP session between R4 and GW; make sure to advertise the
192.1.100.0 in BGP
R4
router bgp 100
neighbor 192.1.40.10 remote-as 200
address-family ipv4
neighbor 192.1.40.10 activate
GW
router bgp 200
no bgp default ipv4-unicast
neighbor 192.1.40.4 remote-as 100
address-family ipv4
network 192.1.100.0
neighbor 192.1.40.4 activate
R4#sh ip bgp summary
BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 2, main routing table version 2
1 network entries using 144 bytes of memory
1 path entries using 80 bytes of memory
1/1 BGP path/bestpath attribute entries using 136 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
3 BGP extended community entries using 330 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 714 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
192.1.40.10
4

AS MsgRcvd MsgSent
200

TblVer InQ OutQ Up/Down


2

0 00:00:12

R4#sh ip bgp
BGP table version is 2, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
272

Network
Next Hop
*> 192.1.100.0
192.1.40.10

Metric LocPrf Weight Path


0
0 200 i

Gw#sh ip bgp summary


BGP router identifier 192.1.100.10, local AS number 200
BGP table version is 2, main routing table version 2
1 network entries using 144 bytes of memory
1 path entries using 80 bytes of memory
1/1 BGP path/bestpath attribute entries using 136 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 360 total bytes of memory
BGP activity 1/0 prefixes, 1/0 paths, scan interval 60 secs
Neighbor
V
State/PfxRcd
192.1.40.4
4

AS MsgRcvd MsgSent
100

TblVer InQ OutQ Up/Down


2

0 00:00:31

Gw#sh ip bgp
BGP table version is 2, local router ID is 192.1.100.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
*> 192.1.100.0
0.0.0.0

Metric LocPrf Weight Path


0
32768 i

Gw#sh ip bgp neighbors 192.1.40.4 advertised-routes


BGP table version is 2, local router ID is 192.1.100.10
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
*> 192.1.100.0
0.0.0.0

Metric LocPrf Weight Path


0
32768 i

Total number of prefixes 1


The subnet 30.40.50.0/24 has been reserved for customer traffic to reach
the subnet 192.1.100.0/24 via NAT, configure R4 to accomplish this
273

R4
vrf definition MSSK
rd 100:1
route-target export 100:1
route-target import 100:1
address-family ipv4
ip route 30.40.50.0 255.255.255.0 Null0
ip route vrf MSSK 0.0.0.0 0.0.0.0 192.1.40.10 global
ip access-list standard RFC
permit 10.0.0.0 0.255.255.255
permit 172.16.0.0 0.15.255.255
permit 192.168.0.0 0.0.0.255
ip nat pool POOL 30.40.50.0 30.40.50.255 prefix-length 24
ip nat inside source list RFC pool POOL vrf MSSK
router bgp 100
address-family ipv4
network 30.40.50.0 mask 255.255.255.0
address-family ipv4 vrf MSSK
network 0.0.0.0
interface FastEthernet1/0
ip nat inside
interface FastEthernet1/1
ip nat inside
interface FastEthernet2/0
ip nat outside
R2#show bgp vpnv4 unicast all
BGP table version is 24, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 0.0.0.0
4.4.4.4
0 100
0i
274

*>i
*>i
*>i
*>i
*>

10.7.7.7/32
5.5.5.5
172.16.6.6/32 5.5.5.5
192.1.56.0
5.5.5.5
192.1.67.0
5.5.5.5
192.168.1.1/32 192.1.12.1

3 100
2 100
0 100
2 100
156160

0?
0?
0?
0?
32768 ?

R5#show bgp vpnv4 unicast all


BGP table version is 12, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf MSSK)
*>i 0.0.0.0
4.4.4.4
0 100
0i
*> 10.7.7.7/32
192.1.56.6
3
32768 ?
*> 172.16.6.6/32 192.1.56.6
2
32768 ?
*> 192.1.56.0
0.0.0.0
0
32768 ?
*> 192.1.67.0
192.1.56.6
2
32768 ?
*>i 192.168.1.1/32 2.2.2.2
156160 100
0?
R1#sh ip route eigrp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is 192.1.12.2 to network 0.0.0.0
D*EX 0.0.0.0/0 [170/514560] via 192.1.12.2, 00:00:50, FastEthernet1/0
10.0.0.0/32 is subnetted, 1 subnets
D EX
10.7.7.7 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
172.16.0.0/32 is subnetted, 1 subnets
D EX
172.16.6.6 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
D EX 192.1.56.0/24 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
D EX 192.1.67.0/24 [170/514560] via 192.1.12.2, 00:18:10, FastEthernet1/0
R4#sh ip bgp neighbors 192.1.40.10 advertised-routes
BGP table version is 3, local router ID is 4.4.4.4
275

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,


r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network
Next Hop
*> 30.40.50.0/24 0.0.0.0

Metric LocPrf Weight Path


0
32768 i

Total number of prefixes 1


Configure L2VPN on R3 and R4 in order to achieve connectivity between R8
and R9
R3
pseudowire-class MSSK
encapsulation mpls
interworking ip
interface FastEthernet1/0
xconnect 4.4.4.4 89 encapsulation mpls pw-class MSSK
R4
pseudowire-class MSSK
encapsulation mpls
interworking ip
interface Serial3/0
xconnect 3.3.3.3 89 encapsulation mpls pw-class MSSK
R3#show mpls l2transport summary
Destination address: 4.4.4.4, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa2/0
R4#show mpls l2transport summary
Destination address: 3.3.3.3, total number of vc: 1
0 unknown, 1 up, 0 down, 0 admin down, 0 recovering, 0 standby, 0 hotstandby
1 active vc on MPLS interface Fa1/0
R8#ping 192.1.89.9
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.89.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/12/16 ms
276

R9#ping 192.1.89.8
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.89.8, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 12/15/20 ms

277