Prerequisites: CCNP level skills.
Notice!
Interfaces in the topology changed (my previous setup using 3640 does not support MPLS; here 3275 routers are used). Also, for the purposes of MPLS, R4 is connected using sub-interfaces to R1 and R2.
Topology
Notice!
Use Initial configuration (Task 1) from the lab 89.
Task 1
Ensure 172.16.105.0/24 (R5) can reach 172.16.102.0/24 (R2). Use MPLS to accomplish the goal.
Lab Solution
Notice!
The same problem as in Lab 89. R1 is NOT running BGP and drops the packets between 172.16.102.0/24 and 172.16.105.0/24
Task 1
Ensure 172.16.105.0/24 (R5) can reach 172s.16.102.0/24 (R2). Use MPLS to accomplish the goal.
Personal Note!
Since this mini-lab is a bit more complex than the previous ones, step-by-step procedure is shown below. Just so I can get back to it at a later stage when I begin to forget some details.
R2 BGP Configuration:
!
bgp router-id 172.16.102.2
bgp log-neighbor-changes
network 172.16.102.0 mask 255.255.255.0
neighbor 10.1.24.4 remote-as 134
no auto-summary
bgp log-neighbor-changes
network 172.16.102.0 mask 255.255.255.0
neighbor 10.1.24.4 remote-as 134
no auto-summary
!
R5 BGP Configuration:
!
router bgp 50
no synchronization
bgp router-id 172.16.105.5
bgp log-neighbor-changes
no synchronization
bgp router-id 172.16.105.5
bgp log-neighbor-changes
network 172.16.105.0 mask 255.255.255.0
neighbor 10.1.35.3 remote-as 134
no auto-summary
neighbor 10.1.35.3 remote-as 134
no auto-summary
!
Step 1 - IGP Routing protocol configuration
R1 Configuration:
!
router ospf 1
router-id 172.16.101.1
log-adjacency-changes
network 10.1.13.1 0.0.0.0 area 0
network 10.1.14.1 0.0.0.0 area 0
network 172.16.101.1 0.0.0.0 area 0
router ospf 1
router-id 172.16.101.1
log-adjacency-changes
network 10.1.13.1 0.0.0.0 area 0
network 10.1.14.1 0.0.0.0 area 0
network 172.16.101.1 0.0.0.0 area 0
!
R3 Configuration:
!
router ospf 1
router-id 172.16.103.3
log-adjacency-changes
network 10.1.13.3 0.0.0.0 area 0
network 172.16.103.3 0.0.0.0 area 0
router-id 172.16.103.3
log-adjacency-changes
network 10.1.13.3 0.0.0.0 area 0
network 172.16.103.3 0.0.0.0 area 0
!
R4 Configuration:
!
router ospf 1
router-id 172.16.104.4
log-adjacency-changes
network 10.1.14.4 0.0.0.0 area 0
network 172.16.104.4 0.0.0.0 area 0
router-id 172.16.104.4
log-adjacency-changes
network 10.1.14.4 0.0.0.0 area 0
network 172.16.104.4 0.0.0.0 area 0
!
Notice!
Loopback interfaces have been advertised into OSPF. They will be used by LDP protocol to establish session TCP session (DPort=646). It is recommended to use the same router ID when implementing BGP, OSPF, LDP, so I use manual settings.
Step 2 - LDP configuration
Notice!
IP CEF is enabled on all interfaces (it is a pre-requisite).
Notice!
R3 and R4 loopbacks have been re-configured to have /32 network mask as per LDP requirement. VPN does not work otherwise. BGP sends the following message:
%BGP-4-VPNV4NH_MASK: Nexthop 172.16.103.3 may not be reachable from neigbor 172.16.104.4 - not /32 mask
R1 Configuration:
!
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force
!
interface FastEthernet0/0
ip address 10.1.14.1 255.255.255.0
speed 100
full-duplex
mpls ip
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force
!
interface FastEthernet0/0
ip address 10.1.14.1 255.255.255.0
speed 100
full-duplex
mpls ip
!
Verification:
!
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force
!
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force
!
interface Serial1/1
ip address 10.1.13.3 255.255.255.0
mpls ip
serial restart-delay 0
!
ip address 10.1.13.3 255.255.255.0
mpls ip
serial restart-delay 0
!
R4 Configuration:
!
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force
!
interface FastEthernet0/0.14mpls label protocol ldp
!
mpls ldp router-id Loopback0 force
!
encapsulation dot1Q 14
ip address 10.1.14.4 255.255.255.0
mpls ip
!
Notice!
R4 has two loopbacks. The higher IP address becomes LDP ID. Since I did not advertised loopback1, I need to force R4 to use loopback0 address as its ID.
Verification:
Pic. 3 - R1's LDP Neighbors.
Pic. 4 - R1's LDP Neighbor Discovery.
Pic. 5 - R3's LFIB.
The Loopbacks shown (pic. 6 and pic. 7) become the next-hop attributes for MP-BGP session in my configuration.
Step 3 - Basic BGP Configuration
R3 Configuration:
!
router bgp 134
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
neighbor 172.16.104.4 remote-as 134
neighbor 172.16.104.4 update-source Loopback0
no auto-summary
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
neighbor 172.16.104.4 remote-as 134
neighbor 172.16.104.4 update-source Loopback0
no auto-summary
!
R4 Configuration:
!
router bgp 134
no synchronization
bgp router-id 172.16.104.4
bgp log-neighbor-changes
neighbor 172.16.103.3 remote-as 134
neighbor 172.16.103.3 update-source Loopback0
no auto-summary
no synchronization
bgp router-id 172.16.104.4
bgp log-neighbor-changes
neighbor 172.16.103.3 remote-as 134
neighbor 172.16.103.3 update-source Loopback0
no auto-summary
!
Verification:
Pic. 7 - BGP Neighbors.
Step 4 - MP-IBGP ConfigurationR3 Configuration:
!
router bgp 134
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
neighbor 172.16.104.4 remote-as 134
neighbor 172.16.104.4 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.104.4 activate
neighbor 172.16.104.4 send-community both
neighbor 172.16.104.4 next-hop-self
exit-address-family
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
neighbor 172.16.104.4 remote-as 134
neighbor 172.16.104.4 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.104.4 activate
neighbor 172.16.104.4 send-community both
neighbor 172.16.104.4 next-hop-self
exit-address-family
!
R4 Configuration:
!
router bgp 134
no synchronization
bgp router-id 172.16.104.4
bgp log-neighbor-changes
neighbor 172.16.103.3 remote-as 134
neighbor 172.16.103.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.103.3 activate
neighbor 172.16.103.3 send-community both
neighbor 172.16.103.3 next-hop-self
exit-address-family
no synchronization
bgp router-id 172.16.104.4
bgp log-neighbor-changes
neighbor 172.16.103.3 remote-as 134
neighbor 172.16.103.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.103.3 activate
neighbor 172.16.103.3 send-community both
neighbor 172.16.103.3 next-hop-self
exit-address-family
!
Verification:
Pic. 8 - MP-IBGP Session.
Step 4 - VRF Configuration:R3 Configuration:
!
ip vrf R2_R5
rd 134:25
route-target export 134:25
route-target import 134:25
!
interface FastEthernet0/0
ip vrf forwarding R2_R5
ip address 10.1.35.3 255.255.255.0
speed 100
full-duplex
rd 134:25
route-target export 134:25
route-target import 134:25
!
interface FastEthernet0/0
ip vrf forwarding R2_R5
ip address 10.1.35.3 255.255.255.0
speed 100
full-duplex
!
R4 Configuration:
!
ip vrf R2_R5
rd 134:25
route-target export 134:25
route-target import 134:25
!
interface FastEthernet0/0.24
encapsulation dot1Q 24
ip vrf forwarding R2_R5
ip address 10.1.24.4 255.255.255.0
rd 134:25
route-target export 134:25
route-target import 134:25
!
interface FastEthernet0/0.24
encapsulation dot1Q 24
ip vrf forwarding R2_R5
ip address 10.1.24.4 255.255.255.0
!
Notice!
Once you activate VRF on an interface, the IP address is removed and must be manually re-created.
Pic. 9 - Reachability Check Using VRF.
Step 5 - PE-CE BGP Connection
R3 Configuration:
!
router bgp 134
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
neighbor 172.16.104.4 remote-as 134
neighbor 172.16.104.4 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.104.4 activate
neighbor 172.16.104.4 send-community both
neighbor 172.16.104.4 next-hop-self
exit-address-family
!
address-family ipv4 vrf R2_R5
neighbor 10.1.35.5 remote-as 50
neighbor 10.1.35.5 activate
no synchronization
exit-address-family
no synchronization
bgp router-id 172.16.103.3
bgp log-neighbor-changes
neighbor 172.16.104.4 remote-as 134
neighbor 172.16.104.4 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.104.4 activate
neighbor 172.16.104.4 send-community both
neighbor 172.16.104.4 next-hop-self
exit-address-family
!
address-family ipv4 vrf R2_R5
neighbor 10.1.35.5 remote-as 50
neighbor 10.1.35.5 activate
no synchronization
exit-address-family
!
Verification:
Pic. 10 - BGP Neighbor and VRF Table on R3.
Pic. 11 - VRF Table on R4.
!
router bgp 134
no synchronization
bgp router-id 172.16.104.4
bgp log-neighbor-changes
neighbor 172.16.103.3 remote-as 134
neighbor 172.16.103.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.103.3 activate
neighbor 172.16.103.3 send-community both
neighbor 172.16.103.3 next-hop-self
exit-address-family
!
address-family ipv4 vrf R2_R5
neighbor 10.1.24.2 remote-as 20
neighbor 10.1.24.2 activate
no synchronization
exit-address-family
no synchronization
bgp router-id 172.16.104.4
bgp log-neighbor-changes
neighbor 172.16.103.3 remote-as 134
neighbor 172.16.103.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 172.16.103.3 activate
neighbor 172.16.103.3 send-community both
neighbor 172.16.103.3 next-hop-self
exit-address-family
!
address-family ipv4 vrf R2_R5
neighbor 10.1.24.2 remote-as 20
neighbor 10.1.24.2 activate
no synchronization
exit-address-family
!
Verfication:
The same verification as per R3.
Pic. 12 - Ping Test.
0 comments:
Post a Comment