GNS3 Lab Files, System and Networking: MPLS VPN with OSPF

Here is the lab from MPLS implementation book how to set up MPLS VPN using OSPF between CE and PE routers.

Download the GNS3 file to practice from here.
Download the completed GNS3 file from here.

In Peer 1, configure OSPF to connect to Atlanta (PE1)

router ospf 1
network 192.168.1.1 0.0.0.0 area 1
network 192.168.3.5 0.0.0.0 area 0
-------------------------------

In Peer 2,

Peer2(config)#router ospf 1
Peer2(config-router)# network 192.168.2.1 0.0.0.0 area 1
Peer2(config-router)# network 192.168.3.10 0.0.0.0 area 0
---------------------------------

Altanta (PE1)

Atlanta(config)#int s0/0
Atlanta(config-if)#mpls ip
Atlanta(config-if)#

-----------------------------

Core router,

Core(config)#int s0/1

Core(config-if)#mpls ip

Core(config-if)#int s0/0

Core(config-if)#mpls ip

------------------------------

Raleigh (PE2) router,

Raleigh(config)#int s1/3

Raleigh(config-if)#mpls ip

---------------------------------

Configure IGP (RIP - v2) in MPLS network as follow.

router rip

version 2

network 204.134.83.0

-------------

MPLS LDP neighbours are up as follows in Core router.

Core(config-router)#

*Mar 1 00:33:43.787: %LDP-5-NBRCHG: LDP Neighbor 204.134.83.1:0 (1) is UP

Core(config-router)#

*Mar 1 00:33:53.147: %LDP-5-NBRCHG: LDP Neighbor 204.134.83.3:0 (2) is UP

Core(config-router)#

-----------------------------

Checking MPLS neighbour in Atlanta as follow;

Atlanta#sh mpls ldp neighbor

Peer LDP Ident: 204.134.83.2:0; Local LDP Ident 204.134.83.1:0

TCP connection: 204.134.83.2.55476 - 204.134.83.1.646

State: Oper; Msgs sent/rcvd: 10/9; Downstream

Up time: 00:01:05

LDP discovery sources:

Serial0/0, Src IP addr: 204.134.83.6

Addresses bound to peer LDP Ident:

204.134.83.9 204.134.83.6 204.134.83.2

----------------------

In Core router,

Core#sh mpls ldp neighbor

Peer LDP Ident: 204.134.83.1:0; Local LDP Ident 204.134.83.2:0

TCP connection: 204.134.83.1.646 - 204.134.83.2.55476

State: Oper; Msgs sent/rcvd: 10/11; Downstream

Up time: 00:01:50

LDP discovery sources:

Serial0/1, Src IP addr: 204.134.83.5

Addresses bound to peer LDP Ident:

204.134.83.5 192.168.3.6 204.134.83.1

Peer LDP Ident: 204.134.83.3:0; Local LDP Ident 204.134.83.2:0

TCP connection: 204.134.83.3.23917 - 204.134.83.2.646

State: Oper; Msgs sent/rcvd: 10/10; Downstream

Up time: 00:01:41

LDP discovery sources:

Serial0/0, Src IP addr: 204.134.83.10

Addresses bound to peer LDP Ident:

192.168.3.9 204.134.83.10 204.134.83.3

--------------------------------------

MPLS forwarding table in Core router is as follow;

Core#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

16 Pop tag 204.134.83.1/32 0 Se0/1 point2point

17 Pop tag 204.134.83.3/32 0 Se0/0 point2point

---------------------------

Configure IBGP between two PE routers (Atlanta and Raleigh) as follows;

Atlanta(config)#router bgp 65000

Atlanta(config-router)# no synchronization

Atlanta(config-router)# bgp log-neighbor-changes

Atlanta(config-router)# neighbor 204.134.83.3 remote-as 65000

Atlanta(config-router)# neighbor 204.134.83.3 update-source Loopback0

Atlanta(config-router)# neighbor 204.134.83.3 next-hop-self

Atlanta(config-router)# no auto-summary

Atlanta(config-router)#

------------------------------------

Raleigh(config)#router bgp 65000

Raleigh(config-router)# no synchronization

Raleigh(config-router)# bgp log-neighbor-changes

Raleigh(config-router)# neighbor 204.134.83.1 remote-as 65000

Raleigh(config-router)# neighbor 204.134.83.1 update-source Loopback0

Raleigh(config-router)# neighbor 204.134.83.1 next-hop-self

Raleigh(config-router)# no auto-summary

------------------

IBGP is up message will see in console as follows;

Raleigh(config-router)#

*Mar 1 00:39:18.179: %BGP-5-ADJCHANGE: neighbor 204.134.83.1 Up

----------------------

Now, it's time to configure VRF routing.

Atlanta(config)#ip vrf peer_vpn

Atlanta(config-vrf)#rd 50:1

Atlanta(config-vrf)#route-target both 50:1

----------------

Raleigh(config)#ip vrf peer_vpn

Raleigh(config-vrf)#rd 50:1

Raleigh(config-vrf)#route-target both 50:1

---------------

Try to associate the interface connected to CE1 (Peer1) with vrf peer_vpn as follow; IP address defined in s0/1 will removed due to VRF and need to configure again.

Atlanta(config)#int s0/1

Atlanta(config-if)#ip vrf forwarding peer_vpn

% Interface Serial0/1 IP address 192.168.3.6 removed due to enabling VRF peer_vpn

Atlanta(config-if)#ip address 192.168.3.6 255.255.255.252

------------------

Raleigh(config)#int s0/1

Raleigh(config-if)#ip vrf forwarding peer_vpn

% Interface Serial0/1 IP address 192.168.3.9 removed due to enabling VRF peer_vpn

Raleigh(config-if)#ip address 192.168.3.9 255.255.255.252

---------------------------

Activate VPNV4 between PE1 and PE2 as follow inside BGP configuration.

Atlanta(config)#router bgp 65000

Atlanta(config-router)# address-family vpnv4

Atlanta(config-router-af)#neighbor 204.134.83.3 activate

*Mar 1 00:50:16.979: %BGP-5-ADJCHANGE: neighbor 204.134.83.3 Down Address family activated

Atlanta(config-router-af)#neighbor 204.134.83.3 send-community both

-----------------------------------------------

Raleigh(config)#router bgp 65000

Raleigh(config-router)# address-family vpnv4

Raleigh(config-router-af)# neighbor 204.134.83.1 activate

Raleigh(config-router-af)# neighbor 204.134.83.1 send-community both

Raleigh(config-router-af)#

*Mar 1 00:51:38.747: %BGP-5-ADJCHANGE: neighbor 204.134.83.1 Down Address family activated

Raleigh(config-router-af)#

*Mar 1 00:51:40.855: %BGP-5-ADJCHANGE: neighbor 204.134.83.1 Up

------------------------------------

Redistribution between MPLS IBGP (Core) and CE router's OSPF back to core as follows;

First, let's do restribution from BGP to CE's OSPF network.

----

Atlanta(config)#router ospf 1 vrf peer_vpn

Atlanta(config-router)#redistribute bgp 65000 subnets

Atlanta(config-router)#network 192.168.3.6 0.0.0.0 area 0

Atlanta(config-router)#

*Mar 1 00:57:26.567: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.10.1 on Serial0/1 from LOADING to FULL, Loading Done

----------------------------------

Raleigh(config)#router ospf 1 vrf peer_vpn

Raleigh(config-router)#redistribute bgp 65000 subnets

Raleigh(config-router)#network 192.168.3.9 0.0.0.0 area 0

Raleigh(config-router)#

*Mar 1 01:00:01.031: %OSPF-5-ADJCHG: Process 1, Nbr 192.168.2.1 on Serial0/1 from LOADING to FULL, Loading Done

-------------------------------------

Finally, redistribute from OSPF to MPLS BGP as follows.

Atlanta(config)#router bgp 65000

Atlanta(config-router)#address-family ipv4 vrf peer_vpn

Atlanta(config-router-af)#redistribute ospf 1 vrf peer_vpn

Atlanta(config-router-af)#no sync

Atlanta(config-router-af)#no synchronization

-------------------------------

Raleigh(config)#router bgp 65000

Raleigh(config-router)#address-family ipv4 vrf peer_vpn

Raleigh(config-router-af)#redistribute ospf 1 vrf peer_vpn

Raleigh(config-router-af)#no synchronization

---------------------------------

Let's check in CE1 router (Peer1) whether it can reach to other end Peer2.

Peer1#sh ip route

192.168.10.0/32 is subnetted, 1 subnets

C 192.168.10.1 is directly connected, Loopback1

C 192.168.1.0/24 is directly connected, Loopback0

192.168.2.0/32 is subnetted, 1 subnets

O IA 192.168.2.1 [110/129] via 192.168.3.6, 00:00:27, Serial0/0

192.168.3.0/30 is subnetted, 2 subnets

O IA 192.168.3.8 [110/65] via 192.168.3.6, 00:00:27, Serial0/0

C 192.168.3.4 is directly connected, Serial0/0

----------------------------

Ping to 192.168.2.1 from Peer1 can reach to MPLS network as follow;

Peer1#ping 192.168.2.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.2.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 16/33/64 ms

Peer1#

--------------------------

Checking vrf routeing table in Atlanta (PE1) as follow;

Atlanta#sh ip route vrf peer_vpn

192.168.1.0/32 is subnetted, 1 subnets

O IA 192.168.1.1 [110/65] via 192.168.3.5, 00:11:37, Serial0/1

192.168.2.0/32 is subnetted, 1 subnets

B 192.168.2.1 [200/65] via 204.134.83.3, 00:03:30

192.168.3.0/30 is subnetted, 2 subnets

B 192.168.3.8 [200/0] via 204.134.83.3, 00:03:30

C 192.168.3.4 is directly connected, Serial0/1

--------------------------------------

But, in core router, it's only appearing IGP route as follow.

Core#sh ip route

204.134.83.0/24 is variably subnetted, 5 subnets, 2 masks

C 204.134.83.8/30 is directly connected, Serial0/0

R 204.134.83.1/32 [120/1] via 204.134.83.5, 00:00:04, Serial0/1

R 204.134.83.3/32 [120/1] via 204.134.83.10, 00:00:03, Serial0/0

C 204.134.83.2/32 is directly connected, Loopback0

C 204.134.83.4/30 is directly connected, Serial0/1

-----------------------------------------

What about in PE2 router (Raleigh),

Raleigh#sh ip route vrf peer_vpn

192.168.1.0/32 is subnetted, 1 subnets

B 192.168.1.1 [200/65] via 204.134.83.1, 00:08:29

192.168.2.0/32 is subnetted, 1 subnets

O IA 192.168.2.1 [110/65] via 192.168.3.10, 00:12:21, Serial0/1

192.168.3.0/30 is subnetted, 2 subnets

C 192.168.3.8 is directly connected, Serial0/1

B 192.168.3.4 [200/0] via 204.134.83.1, 00:08:29

--------------------------------------------------------------------------------

Let's traceroute from CE1 to CE2;

Peer1#traceroute 192.168.2.1

Type escape sequence to abort.

Tracing the route to 192.168.2.1

1 192.168.3.6 4 msec 16 msec 4 msec

2 204.134.83.6 [MPLS: Labels 17/19 Exp 0] 4 msec 36 msec 4 msec

3 192.168.3.9 [MPLS: Label 19 Exp 0] 24 msec 32 msec 4 msec

4 192.168.3.10 20 msec * 48 msec

--------------------------------------------------

Check the ldp in Core network.

Core#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

16 Pop tag 204.134.83.1/32 7587 Se0/1 point2point

17 Pop tag 204.134.83.3/32 5020 Se0/0 point2point

-------------------------------------------------

Raleigh#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

16 16 204.134.83.1/32 0 Se1/3 point2point

17 Pop tag 204.134.83.2/32 0 Se1/3 point2point

18 Pop tag 204.134.83.4/30 0 Se1/3 point2point

19 Untagged 192.168.2.1/32[V] 1144 Se0/1 point2point

20 Aggregate 192.168.3.8/30[V] 0

------------------------------------------------------

Here is the brief, Core route don't know both 192.168.1.x and 2.x network. It only use label and tag in MPLS network.

From Peer2 to Peer1, check as follow.

Peer2#traceroute 192.168.1.1

1 192.168.3.9 4 msec 28 msec 4 msec

2 204.134.83.9 [MPLS: Labels 16/19 Exp 0] 24 msec 24 msec 24 msec

3 192.168.3.6 [MPLS: Label 19 Exp 0] 28 msec 20 msec 4 msec

4 192.168.3.5 24 msec * 40 msec

6 comments:

AnonymousJuly 15, 2013 at 12:05 AM
Hi,
Good to see a simple MPLS VPN lab. I work in service provider and we do use MPLS VPN. This simple lab is good to understand the concept of VPN in MPLS network.

Regards,
Theng
Myo GyiAugust 11, 2013 at 9:53 PM
Thanks, Thengung.
I am trying to understand new technology and concepts using in simple basic steps :)
UnknownMarch 7, 2014 at 7:21 PM
I am trying to receive eigrp neighbor changes in the form of Trap Notification..When I am shutdown particular interface ,I am able to receive interface down traps only..Have any possible reply me.
(Thanks in advance)
UnknownMarch 7, 2014 at 7:23 PM
I need quick response..
UnknownNovember 23, 2016 at 11:17 PM
Thank you. Very very good material! Great job! Best Regards!
opaloakleafMarch 4, 2022 at 1:14 AM
The 22 Best Casinos in the World - Mapyro
Casinos with slots · 창원 출장안마 1088casino · 공주 출장마사지 LeoVegas Casino · 김포 출장샵 Golden 구리 출장마사지 Nugget Casino · Wynn Las Vegas · Golden Nugget Casino · Wynn Palace Casino · Caesars Palace · Red 양주 출장샵

Sunday, January 22, 2012

MPLS VPN with OSPF

6 comments: