MPLS Layer 3 VPNs

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-1
 • Connect customers using per-VRF static routes, RIP PE-CE routing
sessions, and EIGRP PE-CE routing sessions

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-2
PE-CE Routing

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-3
 • PE-CE routing protocols are configured for individual VRFs.
• Cisco IOS and IOS XE Software
- Per-VRF routing protocols can be configured in two ways:
• Per-VRF parameters are specified in routing contexts, which are selected
with the address-family command.
• A separate OSPF process is started for each VRF.
• Cisco IOS XR Software
- Per-VRF parameters are specified in the routing contexts.
- A separate OSPF process can also be configured for each VRF, but using
multiple instances of OSPF will use more router resources.

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-4
 Router(config)#
router bgp as-number
Cisco IOS address-family ipv4 vrf vrf-name
and IOS XE ... Non-BGP redistribution ...

RP/0/RSP0/CPU0:Router(config)#
router bgp as-number
Cisco IOS XR vrf vrf-name
address-family ipv4 unicast
... Non-BGP redistribution ...

• Select the per-VRF BGP context with the address-family command.

• Configure CE External Border Gateway Protocol neighbors in VRF contexts,
not in global BGP configuration.
• All non-BGP per-VRF routes have to be redistributed into a per-VRF BGP
context to be propagated by MP-BGP to other PE routers.

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-5
 Router(config)#
ip route vrf vrf-name prefix mask [next-hop-address]
[interface interface-number]
• This command configures per-VRF static routes.
• The route is entered in the VRF table.
• You must specify a next-hop IP address if you are not using a
point-to-point interface.

Sample router configuration:

ip route vrf Customer_ABC 10.0.0.0 255.0.0.0 10.250.0.2

!
router bgp 65173
address-family ipv4 vrf Customer_ABC
redistribute static

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-6
 RP/0/RSP0/CPU0:Router(config)#
router static
vrf vrf-name
address-family ipv4 unicast
prefix mask [next-hop-address] [interface interface-number]

Sample router configuration:

router static
vrf Customer_A
address-family ipv4 unicast
10.0.2.0/24 192.168.0.1
!
router bgp 64500
vrf Customer_A
rd 64500:1
address-family ipv4 unicast
redistribute static

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-7
 MPLS VPN Backbone
AS 64500
CE-A1 CE-A2
Cisco IOS and Cisco IOS
IOS XE XR

CE-B1 CE-B2

PE-X PE-Y

ip route vrf Customer_A 10.0.1.0 255.255.255.0 192.168.0.2

!
router bgp 64500 router static
address-family ipv4 vrf Customer_A vrf Customer_A
redistribute static address-family ipv4 unicast
no auto-summary 10.0.2.0/24 192.168.0.1
!
router bgp 64500
vrf Customer_A
rd 64500:1
address-family ipv4 unicast
redistribute static

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-8
 • A routing context is configured for each VRF running RIP.
• RIP parameters have to be specified in the VRF.
• Some parameters configured in the RIP process are propagated to
routing contexts (for example, RIP version).
• Only RIPv2 is supported.

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-9
 Router(config)#
router rip
Cisco IOS version 2
and IOS XE address-family ipv4 vrf vrf-name
redistribute bgp as-number metric transparent

Router(config)#
router rip
Cisco IOS XR vrf vrf-name
redistribute bgp as-number
default-metric number-value

• BGP routes must be redistributed back into RIP.

• The RIP hop count must be manually set for routes that are redistributed into
RIP.
• When you are using RIP with other protocols, you must set the metric manually.

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-10
 MPLS VPN Backbone
CE-A1 AS 64500 CE-A2
Cisco IOS and Cisco IOS
IOS XE XR

CE-B1 CE-B2

PE-X PE-Y

router rip
router rip
vrf Customer_A
version 2
interface GigabitEthernet0/0/0/0
address-family ipv4 vrf Customer_A
!
redistribute bgp 64500 metric transparent
redistribute bgp 64500
network 10.0.0.0
default-metric 5
no auto-summary
!
!
router bgp 64500
router bgp 64500
vrf Customer_A
address-family ipv4 vrf Customer_A
rd 64500:1
redistribute rip
address-family ipv4 unicast
no auto-summary
redistribute rip

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-11
 • Provides EIGRP with the capability to redistribute routes through a VPN
cloud.
• EIGRP extended community attributes are used to define EIGRP routes
and preserve internal metrics.
• Supports SOO capabilities to filter VPN traffic.

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-12
 Router(config)#
router eigrp autonomous-system-number
Cisco IOS address-family ipv4 vrf vrf-name
and IOS XE autonomous-system as-number
redistribute bgp as-number metric metric-value

Router(config)#
router eigrp autonomous-system-number
vrf vrf-name
Cisco IOS address-family ipv4
XR autonomous-system as-number
redistribute bgp as-number metric metric-value

• Enables the EIGRP AS number of the CE under the address family.

• Configures per-instance AS number.
• Configures router redistribution.
• External routes that are received without the configured metric are not to be
advertised to the CE router.
© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-13
 MPLS VPN Backbone
AS 64500
CE-A1 CE-A2
Cisco IOS and Cisco IOS
IOS XE XR

CE-B1 CE-B2

PE-X PE-Y

router eigrp 1
router eigrp 1 vrf Customer_A
address-family ipv4 vrf Customer_A [...] address-family ipv4
[...] autonomous-system 1 default-metric 10000 100 255 1 1500
network 10.0.0.0 255.255.255.0 autonomous-system 1
redistribute bgp 64500 metric 10000 100 redistribute bgp 64500
255 1 1500 interface GigabitEthernet0/0/0/0
no auto-summary !
! router bgp 64500
router bgp 64500 vrf Customer_A
address-family ipv4 vrf Customer_A rd 64500:1
redistribute eigrp 1 metric 1 address-family ipv4 unicast
redistribute eigrp 1

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-14
 2
10.1.2.0/24

Site B
Site A P-Network EIGRP 101
EIGRP 101 AS 64500

10.1.2.0/24
CE-EIGRP-A3

CE-EIGRP-A1 PE-Site-X PE-Site-Y

1
CE-EIGRP-A2
3
10.1.2.0/24

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-15
 2
10.1.2.0/24

Site B
Site A P-Network EIGRP 101
EIGRP 101 AS 64500

10.1.2.0/24
CE-EIGRP-A3

CE-EIGRP-A1 PE-Site-X PE-Site-Y

1
CE-EIGRP-A2
3
10.1.2.0/24
Cisco IOS and Cisco IOS and
IOS XE IOS XR
route-map SOO_Support permit 10 router eigrp 1
set extcommunity soo 64500:2 vrf Customer_1
! address-family ipv4
interface GigabitEthernet0/0 autonomous-system 2
ip vrf forwarding Customer_A interface GigabitEthernet0/0
ip vrf sitemap SOO_Support site-of-origin 64500:2
!

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-16
 Cisco IOS and IOS XE Cisco IOS XR
• Displays the list of all VRFs configured in the router
show ip vrf show vrf all
• Displays detailed VRF configuration
show ip vrf detail show vrf all detail
RP/0/RSP0/CPU0:PE3# show vrf all detail

VRF Customer_1; RD 1:210; VPN ID not set

Description not set
Interfaces:
GigabitEthernet0/0/0/0
Address family IPV4 Unicast
Import VPN route-target communities:
RT:1:210
Export VPN route-target communities:
RT:1:210
No import route policy
No export route policy
<--- text omitted --->

• Displays interfaces associated with VRFs

show ipv4 vrf all interface
show ip vrf interfaces
brief
© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-17
 Cisco IOS and IOS XE Cisco IOS XR

• Displays the VRF routing table

show ip route vrf vrf-name show route vrf vrf-name

RP/0/RSP0/CPU0:PE1#sh route vrf Customer_1

<--- text omitted --->

O 172.16.1.0/24 [110/2] via 192.168.101.11, 1w6d, GigabitEthernet0/0/0/0

B 172.16.2.0/24 [200/2] via 10.2.1.1 (nexthop in vrf default), 1w6d
C 192.168.101.0/24 is directly connected, 2w0d, GigabitEthernet0/0/0/0
L 192.168.101.10/32 is directly connected, 2w0d, GigabitEthernet0/0/0/0
B 192.168.102.0/24 [200/0] via 10.2.1.1 (nexthop in vrf default), 1w6d

• Displays per-VRF MP-BGP parameters

show ip bgp vpnv4 vrf vrf-name show bgp vpnv4 unicast vrf vrf-name

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-18
 Cisco IOS and IOS XE Cisco IOS XR
• Displays configured BGP neighbors and the protocols negotiated
with these neighbors
show ip bgp neighbors show bgp neighbors

RP/0/RSP0/CPU0:PE1#show bgp neighbors

BGP neighbor is 10.0.1.1
Remote AS 64500, local AS 64500, internal link
Remote router ID 10.0.1.1
BGP state = Established, up for 2w0d
Last read 00:00:48, Last read before reset 00:00:00
Hold time is 180, keepalive interval is 60 seconds
Configured hold time: 180, keepalive: 60, min acceptable hold time: 3

<--- text omitted --->

Precedence: internet
Neighbor capabilities:
Route refresh: advertised and received
4-byte AS: advertised and received
Address family VPNv4 Unicast: advertised and received

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-19
 Cisco IOS and IOS XE Cisco IOS XR
• Displays the whole VPNv4 table
show ip bgp vpnv4 all show bgp vpnv4 unicast
• Displays only BGP parameters associated with the specified VRF
show ip bgp vpnv4 vrf vrf -name show bgp vpnv4 unicast vrf vrf -name

• Displays only BGP parameters associated with the specified RD

show ip bgp vpnv4 rd rd show bgp vpnv4 unicast rd rd

RP/0/RSP0/CPU0:PE1#show bgp vpnv4 unicast rd 1:210

BGP router identifier 10.1.1.1, local AS number 64500
BGP generic scan interval 60 secs
<--- text omitted --->
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:210 (default for vrf Customer_1)
*> 172.16.1.0/24 192.168.101.11 2 32768 ?
*>i172.16.2.0/24 10.2.1.1 2 100 0 ?
*> 192.168.101.0/24 0.0.0.0 0 32768 ?
*>i192.168.102.0/24 10.2.1.1 0 100 0 ?

Processed 4 prefixes, 4 paths

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-20
 Cisco IOS and IOS XE Cisco IOS XR
• Displays per-VRF Cisco Express Forwarding table
show ip cef vrf vrf-name show cef vrf vrf-name
• Displays details of an individual Cisco Express Forwarding entry,
including label stack
show ip cef vrf vrf-name show cef vrf vrf-name ip-
ip-prefix detail prefix detail

• Displays labels allocated by an MPLS VPN for routes in the

specified VRF
show mpls forwarding vrf vrf- show mpls forwarding vrf
name vrf-name
RP/0/RSP0/CPU0:PE1#sh mpls forwarding vrf Customer_1
Tue Jan 3 12:19:19.574 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16017 Unlabelled 172.16.1.0/24[V] Gi0/0/0/0 192.168.101.11 500
16018 Aggregate Customer_1: Per-VRF Aggr[V] \
Customer_1 500

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-21
• Performs PE-CE Telnet through specified VRF
telnet vrf vrf-name ip-address

• Performs ping based on VRF routing table

ping vrf vrf-name ip-address

• Checks MPLS LSP connectivity

ping mpls ipv4 destination-address

• Performs VRF-based traceroute

trace vrf vrf-name ip-address

• Discovers MPLS LSP routes

trace mpls ipv4 destination-address

• These commands are the same in Cisco IOS , IOS XE, and IOS XR
Software.
© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-22
 • All routing protocols that support per-VRF routing can be used for route
exchange between the PE and CE.

© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-23
© 2012 Cisco and/or its affiliates. All rights reserved. SPEDGE v1.0—2-24