Download Print this page

HP FlexNetwork HSR6600 Configuration Manual

Comware 7 mpls

Hide thumbs Also See for FlexNetwork HSR6600:

Command reference manual (542 pages)

,

Troubleshooting manual (41 pages)

,

Security configuration manual (559 pages)

Table Of Contents

Table of Contents

Advertisement

Quick Links

Download this manual See also: Troubleshooting Manual

HPE FlexNetwork HSR6600 Routers

Comware 7 MPLS Configuration Guide

Part number: 5200-3476

Software version: HSR6602-CMW710-R7607

Document version: 6W100-20170412

Table of Contents

Advertisement

Table of Contents

Need help?

Need help?

Do you have a question about the FlexNetwork HSR6600 and is the answer not in the manual?

Questions and answers

Summary of Contents for HP FlexNetwork HSR6600

Page 1 HPE FlexNetwork HSR6600 Routers Comware 7 MPLS Configuration Guide Part number: 5200-3476 Software version: HSR6602-CMW710-R7607 Document version: 6W100-20170412...
Page 2 © Copyright 2017 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Page 3 Contents Configuring basic MPLS ···································································· 1 Overview ·································································································································· 1 Basic concepts ··················································································································· 1 MPLS network architecture ···································································································· 2 LSP establishment ··············································································································· 3 MPLS forwarding ················································································································· 4 PHP ································································································································· 5 Protocols and standards ······································································································· 5 MPLS configuration task list ········································································································· 5 Enabling MPLS ·························································································································...
Page 4 Configuring a label acceptance policy ··························································································· 32 Configuring LDP loop detection ··································································································· 33 Configuration restrictions and guidelines ················································································ 34 Configuration procedure ····································································································· 34 Configuring LDP session protection ····························································································· 34 Configuring LDP GR ················································································································· 35 Configuring LDP NSR ··············································································································· 35 Configuring LDP-IGP synchronization ·························································································· 35 Configuring LDP-OSPF synchronization ·················································································...
Page 5 Configuring PCEP session parameters ·················································································· 97 Configuring traffic forwarding ······································································································ 97 Configuring static routing to direct traffic to an MPLS TE tunnel ··················································· 97 Configuring PBR to direct traffic to an MPLS TE tunnel ······························································ 98 Configuring automatic route advertisement to direct traffic to an MPLS TE tunnel ···························· 98 Configuring a bidirectional MPLS TE tunnel ···················································································...
Page 6 Establishing an MPLS TE tunnel with RSVP-TE ····································································· 179 RSVP GR configuration example ························································································ 185 Configuring tunnel policies ····························································· 188 Overview ······························································································································ 188 Configuring a tunnel policy ······································································································· 188 Configuration guidelines ··································································································· 188 Configuration procedure ··································································································· 189 Displaying tunnel information ···································································································· 189 Tunnel policy configuration examples ·························································································...
Page 7 Configuring MPLS L3VPN over a GRE tunnel ········································································ 245 Configuring a hub-spoke network ························································································ 249 Configuring MPLS L3VPN inter-AS option A ·········································································· 255 Configuring MPLS L3VPN inter-AS option B ·········································································· 260 Configuring MPLS L3VPN inter-AS option C ········································································· 265 Configuring MPLS L3VPN carrier's carrier in the same AS ······················································· 272 Configuring MPLS L3VPN carrier's carrier in different ASs ·······················································...
Page 8 Control word ··················································································································· 394 MPLS L2VPN interworking ································································································ 394 PW redundancy ·············································································································· 395 Multi-segment PW ··········································································································· 395 VCCV ··························································································································· 397 Hardware and feature compatibility ···························································································· 397 MPLS L2VPN configuration task list ··························································································· 397 Enabling L2VPN ···················································································································· 398 Configuring an AC ·················································································································· 398 Configuring a Layer 3 interface ···························································································...
Page 9 Static PW configuration example ························································································ 456 LDP PW configuration example ·························································································· 460 BGP PW configuration example ························································································· 462 BGP auto-discovery LDP PW configuration example ······························································· 466 H-VPLS using MPLS access configuration example ································································ 471 H-VPLS UPE dual homing configuration example ··································································· 475 Configuring L2VPN access to L3VPN or IP backbone ··························...
Page 10 Verifying the configuration ································································································· 526 Configuring IPv6 MCE ··································································· 527 IPv6 MPLS L3VPN overview ···································································································· 527 IPv6 MCE overview ················································································································ 527 IPv6 MCE configuration task list ································································································ 527 Configuring VPN instances ······································································································ 528 Creating a VPN instance ··································································································· 528 Associating a VPN instance with an interface ········································································ 528 Configuring route related attributes for a VPN instance ····························································...
Page 11: Configuring Basic Mpls
Configuring basic MPLS Multiprotocol Label Switching (MPLS) provides connection-oriented label switching over connectionless IP backbone networks. It integrates both the flexibility of IP routing and the simplicity of Layer 2 switching. Overview MPLS has the following features: • High speed and efficiency—MPLS uses short- and fixed-length labels to forward packets, avoiding complicated routing table lookups.
Page 12: Mpls Network Architecture
A label switched path (LSP) is the path along which packets of an FEC travel through an MPLS network. An LSP is a unidirectional packet forwarding path. Two neighboring LSRs are called the upstream LSR and downstream LSR along the direction of an LSP. As shown in Figure 2, LSR B is the downstream LSR of LSR A, and LSR A is the upstream LSR of LSR B.
Page 13: Lsp Establishment
Figure 3 MPLS network architecture LSP establishment LSPs include static and dynamic LSPs. • Static LSP—To establish a static LSP, you must configure an LFIB entry on each LSR along the LSP. Establishing static LSPs consumes fewer resources than establishing dynamic LSPs, but static LSPs cannot automatically adapt to network topology changes.
Page 14: Mpls Forwarding
Figure 4 Dynamic LSP establishment MPLS forwarding As shown in Figure 5, a packet is forwarded over the MPLS network as follows: Router B (the ingress LSR) receives a packet with no label. Then, it performs the following operations: a. Identifies the FIB entry that matches the destination address of the packet. b.
Page 15: Protocols And Standards
Figure 5 MPLS forwarding An egress node must perform two forwarding table lookups to forward a packet: • Two LFIB lookups (if the packet has more than one label). • One LFIB lookup and one FIB lookup (if the packet has only one label). The penultimate hop popping (PHP) feature can pop the label at the penultimate node, so the egress node only performs one table lookup.
Page 16: Enabling Mpls
Tasks at a glance (Optional.) Setting MPLS MTU (Optional.) Specifying the label type advertised by egress (Optional.) Configuring TTL propagation (Optional.) Enabling sending MPLS TTL-expired messages (Optional.) Enabling MPLS forwarding statistics (Optional.) Enabling split horizon for MPLS forwarding (Optional.) Enabling SNMP notifications for MPLS Enabling MPLS Before you enable MPLS, perform the following tasks: •...
Page 17: Specifying The Label Type Advertised By Egress
To set an MPLS MTU for an interface: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number Set an MPLS MTU for the By default, no MPLS MTU is set mpls mtu size interface. on an interface. The following applies when an interface handles MPLS packets: •...
Page 18: Configuring Ttl Propagation
Configuration procedure To specify the type of label that the egress node will advertise to the penultimate hop: Step Command Remarks Enter system view. system-view Specify the label type mpls label advertise By default, an egress advertises advertised by the egress to { explicit-null | implicit-null | an implicit null label to the the penultimate hop.
Page 19: Enabling Sending Mpls Ttl-Expired Messages
• As a best practice, set the same TTL processing mode on all LSRs of an LSP. • To enable TTL propagation for a VPN, you must enable it on all PE devices in the VPN. Then, you can get the same traceroute result (hop count) from those PEs. To enable TTL propagation: Step Command...
Page 20: Enabling Mpls Label Forwarding Statistics
Step Command Remarks Enable the device to By default, the device does not maintain FTN entries in the ftn enable maintain FTN entries in the RIB. RIB. Enable FTN forwarding By default, FTN forwarding mpls-forwarding statistics statistics for a destination statistics is disabled for all prefix-list prefix-list-name network.
Page 21: Displaying And Maintaining Mpls
Step Command Remarks Enter system view. system-view Enable SNMP By default, SNMP notifications for snmp-agent trap enable mpls notifications for MPLS. MPLS are enabled. Displaying and maintaining MPLS Execute display commands in any view and reset commands in user view. Task Command Display MPLS interface information.
Page 22: Configuring A Static Lsp
Configuring a static LSP Overview A static label switched path (LSP) is established by manually specifying the incoming label and outgoing label on each node (ingress, transit, or egress node) of the forwarding path. Static LSPs consume fewer resources, but they cannot automatically adapt to network topology changes.
Page 23: Configuration Procedure
• If you want to associate the static LSP with an LDP LSP, make sure the egress node of the static LSP has a route to the destination. Configuration procedure To configure a static LSP: Step Command Remarks Enter system view. system-view static-lsp ingress lsp-name destination ip-address { mask |...
Page 24: Configuration Restrictions And Guidelines
Figure 8 Network diagram Configuration restrictions and guidelines • For an LSP, the outgoing label specified on an LSR must be identical with the incoming label specified on the downstream LSR. • LSPs are unidirectional. You must configure an LSP for each direction of the data forwarding path.
Page 25: Verifying The Configuration
[RouterC] mpls lsr-id 3.3.3.9 [RouterC] interface gigabitethernet 1/1/1 [RouterC-GigabitEthernet1/1/1] mpls enable [RouterC-GigabitEthernet1/1/1] quit Configure a static LSP from Router A to Router C: # Configure the LSP ingress node, Router A. [RouterA] static-lsp ingress AtoC destination 21.1.1.0 24 nexthop 10.1.1.2 out-label # Configure the LSP transit node, Router B.
Page 26 100 bytes from 10.1.1.1: Sequence=4 time=1 ms 100 bytes from 10.1.1.1: Sequence=5 time=1 ms --- Ping statistics for FEC 11.1.1.0/24 --- 5 packets transmitted, 5 packets received, 0.0% packet loss Round-trip min/avg/max = 1/1/5 ms...
Page 27: Configuring Ldp
Configuring LDP Overview The Label Distribution Protocol (LDP) dynamically distributes FEC-label mapping information between LSRs to establish LSPs. Terminology LDP session Two LSRs establish a TCP-based LDP session to exchange FEC-label mappings. LDP peer Two LSRs that use LDP to exchange FEC-label mappings are LSR peers. Label spaces and LDP identifiers Label spaces include the following types: •...
Page 28: Ldp Operation
• Advertisement messages—Create, alter, and remove FEC-label mappings, such as Label Mapping messages used to advertise FEC-label mappings. • Notification messages—Provide advisory information and notify errors, such as Notification messages. LDP uses UDP to transport discovery messages for efficiency, and uses TCP to transport session, advertisement, and notification messages for reliability.
Page 29: Label Distribution And Control
Establishing LSPs LDP classifies FECs according to destination IP addresses in IP routing entries, creates FEC-label mappings, and advertises the mappings to LDP peers through LDP sessions. After an LDP peer receives an FEC-label mapping, it uses the received label and the label locally assigned to that FEC to create an LFIB entry for that FEC.
Page 30 NOTE: To successfully establish an LSP, a pair of upstream and downstream LSRs must use the same label advertisement mode. Label distribution control LDP controls label distribution in one of the following ways: • Independent label distribution—Distributes an FEC-label mapping to an upstream LSR at any time.
Page 31 LDP GR LDP Graceful Restart (GR) preserves label forwarding information when the signaling protocol or control plane fails, so that LSRs can still forward packets according to forwarding entries. As shown in Figure 12, GR defines the following roles: • GR restarter—An LSR that performs GR.
Page 32 When the MPLS Forwarding State Holding timer expires, the GR restarter deletes all stale MPLS forwarding entries. When the LDP Recovery timer expires, the GR helper deletes all stale FEC-label mappings. Figure 13 LDP GR operation GR restarter GR helper Set up an LDP session, and identify that they are LDP GR capable Protocol...
Page 33: Ldp-Igp Synchronization
LDP-IGP synchronization Basic operating mechanism LDP establishes LSPs based on the IGP optimal route. If LDP is not synchronized with IGP, MPLS traffic forwarding might be interrupted. LDP is not synchronized with IGP when one of the following situations occurs: •...
Page 34: Ldp Over Mpls Te
You can use one of the following methods to enable IP FRR: • Configure an IGP to automatically calculate a backup next hop. • Configure an IGP to specify a backup next hop by using a routing policy. As shown in Figure 14, configure IP FRR on LSR A.
Page 35: Protocols
Figure 15 LDP over MPLS TE Protocols • RFC 5036, LDP Specification • draft-ietf-mpls-ldp-ipv6-09.txt LDP configuration task list Tasks at a glance Enable LDP: (Required.) Enabling LDP globally (Required.) Enabling LDP on an interface (Optional.) Configuring Hello parameters (Optional.) Configuring LDP session parameters (Optional.) Configuring LDP backoff (Optional.)
Page 36: Enabling Ldp
Tasks at a glance (Optional.) Resetting LDP sessions (Optional.) Enabling SNMP notifications for LDP Enabling LDP To enable LDP, you must first enable LDP globally. Then, enable LDP on relevant interfaces or configure IGP to automatically enable LDP on those interfaces. Enabling LDP globally Step Command...
Page 37: Configuring Ldp Session Parameters
Setting Link Hello timers Step Command Remarks Enter system view. system-view Enter the view of the interface interface-type interface where you want to interface-number establish an LDP session. mpls ldp timer hello-hold By default, the Link Hello hold Set the Link Hello hold time. timeout time is 15 seconds.
Page 38 Step Command Remarks mpls ldp timer By default, the Keepalive interval Set the Keepalive interval. keepalive-interval interval is 15 seconds. By default, the LDP transport address is the LSR ID of the local device if the interface where you want to establish an LDP session belongs to the public network.
Page 39: Configuring Ldp Backoff
Step Command Remarks mpls ldp timer By default, the Keepalive Set the Keepalive interval. keepalive-interval interval interval is 15 seconds. By default, the LDP IPv6 Configure the LDP transport mpls ldp transport-address transport address is not address. ipv6-address configured. Configuring LDP backoff If LDP session parameters (for example, the label advertisement mode) are incompatible, two LDP peers cannot establish a session, and they will keep negotiating with each other.
Page 40: Configuring Ldp To Redistribute Bgp Unicast Routes
Step Command Remarks Enable LDP MD5 md5-authentication peer-lsr-id { cipher | By default, LDP MD5 authentication. plain } string authentication is disabled. Configuring LDP to redistribute BGP unicast routes By default, LDP automatically redistributes IGP routes, including the BGP routes that have been redistributed into IGP.
Page 41: Configuring The Ldp Label Distribution Control Mode
Step Command Remarks Enter system view. system-view • Enter LDP view: mpls ldp • Enter LDP view or enter Enter LDP-VPN instance view: LDP-VPN instance a. mpls ldp view. b. vpn-instance vpn-instance-name By default, LDP uses only the Configure an IPv4 LSP lsp-trigger { all | prefix-list redistributed IPv4 routes with a generation policy.
Page 42: Configuring A Label Acceptance Policy
Figure 16 Label advertisement control diagram A label advertisement policy on an LSR and a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use label advertisement policies to reduce network load if downstream LSRs support label advertisement control. Before you configure an LDP label advertisement policy, create an IP prefix list.
Page 43: Configuring Ldp Loop Detection
Figure 17 Label acceptance control diagram A label advertisement policy on an LSR and a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use the label advertisement policy to reduce network load. You must create an IP prefix list before you configure a label acceptance policy.
Page 44: Configuration Restrictions And Guidelines
reaches the path vector limit, LDP also determines that a loop has occurred and terminates the LSP establishment. Configuration restrictions and guidelines • To use this feature, you must enable it on all LSRs that the LSP passes through. • To avoid extra LDP overhead, do not use this feature if most of the devices in an MPLS network support the TTL mechanism.
Page 45: Configuring Ldp Gr
Step Command Remarks Enter system view. system-view Enter LDP view. mpls ldp Enable the session session protection [ duration By default, session protection is protection feature. time ] [ peer peer-prefix-list-name ] disabled. Configuring LDP GR Before you configure LDP GR, enable LDP on the GR restarter and GR helpers. To configure LDP GR: Step Command...
Page 46 Step Command Remarks Enter system view. system-view ospf [ process-id | router-id Enter OSPF view. router-id ] * Enable LDP-OSPF By default, LDP-OSPF mpls ldp sync synchronization. synchronization is disabled. Return to system view. quit interface interface-type Enter interface view. interface-number (Optional.) Disable LDP-IGP By default, LDP-IGP...
Page 47: Configuring Ldp Is-Is Synchronization
Configuring LDP IS-IS synchronization LDP-IGP synchronization is not supported for an IS-IS process that belongs to a VPN instance. To configure LDP-ISIS synchronization for an IS-IS process: Step Command Remarks Enter system view. system-view Enter IS-IS view. isis [ process-id ] Enable LDP-ISIS By default, LDP-ISIS mpls ldp sync [ level-1 | level-2 ]...
Page 48: Resetting Ldp Sessions
Resetting LDP sessions Changes to LDP session parameters take effect only on new LDP sessions. To apply the changes to an existing LDP session, you must reset all LDP sessions by executing the reset mpls ldp command. Execute the reset mpls ldp command in user view. Task Command Remarks...
Page 49: Ipv4 Ldp Configuration Examples
Task Command display mpls ldp summary [ all | vpn-instance Display LDP summary information. vpn-instance-name ] IPv4 LDP configuration examples LDP LSP configuration example Network requirements Router A, Router B, and Router C all support MPLS. Configure LDP to establish LSPs between Router A and Router C, so subnets 11.1.1.0/24 and 21.1.1.0/24 can reach each other over MPLS.
Page 50 <RouterB> system-view [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [RouterB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit # Configure Router C. <RouterC> system-view [RouterC] ospf [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [RouterC-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] network 21.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit...
Page 51 [RouterA-ldp] quit [RouterA] interface gigabitethernet 1/1/2 [RouterA-GigabitEthernet1/1/2] mpls enable [RouterA-GigabitEthernet1/1/2] mpls ldp enable [RouterA-GigabitEthernet1/1/2] quit # Configure Router B. [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls ldp [RouterB-ldp] quit [RouterB] interface gigabitethernet 1/1/2 [RouterB-GigabitEthernet1/1/2] mpls enable [RouterB-GigabitEthernet1/1/2] mpls ldp enable [RouterB-GigabitEthernet1/1/2] quit [RouterB] interface gigabitethernet 1/1/3 [RouterB-GigabitEthernet1/1/3] mpls enable [RouterB-GigabitEthernet1/1/3] mpls ldp enable...
Page 52 [RouterC] ip prefix-list routerc index 10 permit 1.1.1.9 32 [RouterC] ip prefix-list routerc index 20 permit 2.2.2.9 32 [RouterC] ip prefix-list routerc index 30 permit 3.3.3.9 32 [RouterC] ip prefix-list routerc index 40 permit 11.1.1.0 24 [RouterC] ip prefix-list routerc index 50 permit 21.1.1.0 24 [RouterC] mpls ldp [RouterC-ldp] lsp-trigger prefix-list routerc [RouterC-ldp] quit...
Page 53: Label Acceptance Control Configuration Example
5 packets transmitted, 5 packets received, 0.0% packet loss Round-trip min/avg/max = 1/1/1 ms Label acceptance control configuration example Network requirements Two links, Router A—Router B—Router C and Router A—Router D—Router C, exist between subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only for routes to subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only on the link Router A—Router B—Router C to forward traffic between subnets 11.1.1.0/24 and 21.1.1.0/24.
Page 54 [RouterA] mpls lsr-id 1.1.1.9 [RouterA] mpls ldp [RouterA-ldp] quit [RouterA] interface gigabitethernet 1/1/2 [RouterA-GigabitEthernet1/1/2] mpls enable [RouterA-GigabitEthernet1/1/2] mpls ldp enable [RouterA-GigabitEthernet1/1/2] quit [RouterA] interface gigabitethernet 1/1/3 [RouterA-GigabitEthernet1/1/3] mpls enable [RouterA-GigabitEthernet1/1/3] mpls ldp enable [RouterA-GigabitEthernet1/1/3] quit # Configure Router B. <RouterB> system-view [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls ldp [RouterB-ldp] quit...
Page 55 [RouterD-GigabitEthernet1/1/3] mpls ldp enable [RouterD-GigabitEthernet1/1/3] quit Configure IPv4 LSP generation policies: # On Router A, create IP prefix list routera, and configure LDP to use only the routes permitted by the prefix list to establish LSPs. [RouterA] ip prefix-list routera index 10 permit 11.1.1.0 24 [RouterA] ip prefix-list routera index 20 permit 21.1.1.0 24 [RouterA] mpls ldp [RouterA-ldp] lsp-trigger prefix-list routera...
Page 56 [RouterC] ip prefix-list prefix-from-d index 10 deny 11.1.1.0 24 # On Router C, configure label acceptance policies to filter FEC-label mappings received from Router B and Router D. [RouterC] mpls ldp [RouterC-ldp] accept-label peer 2.2.2.9 prefix-list prefix-from-b [RouterC-ldp] accept-label peer 4.4.4.9 prefix-list prefix-from-d [RouterC-ldp] quit Verifying the configuration # Display LDP LSP information on the routers, for example, on Router A.
Page 57: Label Advertisement Control Configuration Example
Label advertisement control configuration example Network requirements Two links, Router A—Router B—Router C and Router A—Router D—Router C, exist between subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only for routes to subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only on the link Router A—Router B—Router C to forward traffic between subnets 11.1.1.0/24 and 21.1.1.0/24.
Page 58 [RouterA-ldp] quit [RouterA] interface gigabitethernet 1/1/2 [RouterA-GigabitEthernet1/1/2] mpls enable [RouterA-GigabitEthernet1/1/2] mpls ldp enable [RouterA-GigabitEthernet1/1/2] quit [RouterA] interface gigabitethernet 1/1/3 [RouterA-GigabitEthernet1/1/3] mpls enable [RouterA-GigabitEthernet1/1/3] mpls ldp enable [RouterA-GigabitEthernet1/1/3] quit # Configure Router B. <RouterB> system-view [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls ldp [RouterB-ldp] quit [RouterB] interface gigabitethernet 1/1/2 [RouterB-GigabitEthernet1/1/2] mpls enable...
Page 59 Configure IPv4 LSP generation policies: # On Router A, create IP prefix list routera, and configure LDP to use only the routes permitted by the prefix list to establish LSPs. [RouterA] ip prefix-list routera index 10 permit 11.1.1.0 24 [RouterA] ip prefix-list routera index 20 permit 21.1.1.0 24 [RouterA] mpls ldp [RouterA-ldp] lsp-trigger prefix-list routera [RouterA-ldp] quit...
Page 60 [RouterC] mpls ldp [RouterC-ldp] advertise-label prefix-list prefix-to-b peer peer-b [RouterC-ldp] quit # On Router D, create IP prefix list prefix-to-a to deny subnet 21.1.1.0/24. Router D uses this list to filter FEC-label mappings to be advertised to Router A. [RouterD] ip prefix-list prefix-to-a index 10 deny 21.1.1.0 24 [RouterD] ip prefix-list prefix-to-a index 20 permit 0.0.0.0 0 less-equal 32 # On Router D, create IP prefix list peer-a to permit 1.1.1.9/32.
Page 61 In/Out Label Nexthop OutInterface 11.1.1.0/24 -/1277 20.1.1.1 GE1/1/2 1148/1277 20.1.1.1 GE1/1/2 21.1.1.0/24 1149/- -/1276(L) -/1150(L) [RouterD] display mpls ldp lsp Status Flags: * - stale, L - liberal, B - backup FECs: 2 Ingress: 0 Transit: 0 Egress: 2 In/Out Label Nexthop OutInterface 11.1.1.0/24...
Page 62: Ldp Frr Configuration Example
LDP FRR configuration example Network requirements Router S, Router A, and Router D reside in the same OSPF domain. Configure OSPF FRR so LDP can establish a primary LSP and a backup LSP on the Router S—Router D and the Router S—Router A—Router D links, respectively.
Page 63 [RouterD] bfd echo-source-ip 11.11.11.11 [RouterD] ospf 1 [RouterD-ospf-1] fast-reroute lfa [RouterD-ospf-1] quit (Method 2.) Enable OSPF FRR to specify a backup next hop by using a routing policy: # Configure Router S. <RouterS> system-view [RouterS] bfd echo-source-ip 10.10.10.10 [RouterS] ip prefix-list abc index 10 permit 21.1.1.0 24 [RouterS] route-policy frr permit node 10 [RouterS-route-policy] if-match ip address prefix-list abc [RouterS-route-policy] apply fast-reroute backup-interface gigabitethernet 1/1/1...
Page 64 [RouterD-GigabitEthernet1/1/1] mpls ldp enable [RouterD-GigabitEthernet1/1/1] quit [RouterD] interface gigabitethernet 1/1/2 [RouterD-GigabitEthernet1/1/2] mpls enable [RouterD-GigabitEthernet1/1/2] mpls ldp enable [RouterD-GigabitEthernet1/1/2] quit # Configure Router A. [RouterA] mpls lsr-id 2.2.2.2 [RouterA] mpls ldp [RouterA-mpls-ldp] quit [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] mpls enable [RouterA-GigabitEthernet1/1/1] mpls ldp enable [RouterA-GigabitEthernet1/1/1] quit [RouterA] interface gigabitethernet 1/1/2 [RouterA-GigabitEthernet1/1/2] mpls enable...
Page 65: Ipv6 Ldp Configuration Examples
IPv6 LDP configuration examples IPv6 LDP LSP configuration example Network requirements Router A, Router B, and Router C all support MPLS. Configure LDP to establish IPv6 LSPs between Router A and Router C, so subnets 11::0/64 and 21::0/64 can reach each other over MPLS. Configure LDP to establish LSPs only for destinations 100::1/128, 100::2/128, 100::3/128, 11::0/64, and 21::0/64 on Router A, Router B, and Router C.
Page 66 [RouterA-Serial1/1/0] ospfv3 1 area 0.0.0.0 [RouterA-Serial1/1/0] quit # Configure Router B. <RouterB> system-view [RouterB] ospfv3 [RouterB-ospfv3-1] router-id 2.2.2.9 [RouterB-ospfv3-1] area 0 [RouterB-ospfv3-1-area-0.0.0.0] quit [RouterB-ospfv3-1] quit [RouterB] interface loopback 0 [RouterB-LoopBack0] ospfv3 1 area 0.0.0.0 [RouterB-LoopBack0] quit [RouterB] interface serial 1/1/0 [RouterB-Serial1/1/0] ospfv3 1 area 0.0.0.0 [RouterB-Serial1/1/0] quit [RouterB] interface serial 1/1/1...
Page 67 NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 11::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : GE1/1/1 Cost Destination: 11::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 20::/64 Protocol : O_INTRA NextHop : FE80::20C:29FF:FE9D:EAC0...
Page 68 # Configure Router B. [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls ldp [RouterB-ldp] quit [RouterB] interface serial 1/1/0 [RouterB-Serial1/1/0] mpls enable [RouterB-Serial1/1/0] mpls ldp ipv6 enable [RouterB-Serial1/1/0] mpls ldp transport-address 10::2 [RouterB-Serial1/1/0] quit [RouterB] interface serial 1/1/1 [RouterB-Serial1/1/1] mpls enable [RouterB-Serial1/1/1] mpls ldp ipv6 enable [RouterB-Serial1/1/1] mpls ldp transport-address 20::1 [RouterB-Serial1/1/1] quit # Configure Router C.
Page 69 [RouterC] ipv6 prefix-list routerc index 30 permit 100::3 128 [RouterC] ipv6 prefix-list routerc index 40 permit 11::0 64 [RouterC] ipv6 prefix-list routerc index 50 permit 21::0 64 [RouterC] mpls ldp [RouterC-ldp] ipv6 lsp-trigger prefix-list routerc [RouterC-ldp] quit Verifying the configuration # Display IPv6 LDP LSP information on the routers, for example, on Router A.
Page 70: Ipv6 Label Acceptance Control Configuration Example
56 bytes from 21::1, icmp_seq=4 hlim=63 time=2.000 ms --- Ping6 statistics for 21::1 --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 1.000/2.200/3.000/0.748 ms # Test the connectivity of the IPv6 LDP LSP from Router C to Router A. [RouterC] ping ipv6 -a 21::1 11::1 Ping6(56 data bytes) 21::1 -->...
Page 71 • To establish IPv6 LDP LSPs, configure an IPv6 routing protocol to ensure IP connectivity between the LSRs. This example uses OSPFv3. • To ensure that LDP establishes IPv6 LSPs only for the routes 11::0/64 and 21::0/64, configure IPv6 LSP generation policies on each LSR. •...
Page 72 [RouterC] mpls ldp [RouterC-ldp] quit [RouterC] interface serial 1/1/0 [RouterC-Serial1/1/0] mpls enable [RouterC-Serial1/1/0] mpls ldp ipv6 enable [RouterC-Serial1/1/0] mpls ldp transport-address 20::2 [RouterC-Serial1/1/0] quit [RouterC] interface serial 1/1/1 [RouterC-Serial1/1/1] mpls enable [RouterC-Serial1/1/1] mpls ldp ipv6 enable [RouterC-Serial1/1/1] mpls ldp transport-address 40::2 [RouterC-Serial1/1/1] quit # Configure Router D.
Page 73 [RouterC-ldp] quit # On Router D, create IPv6 prefix list routerd, and configure LDP to use only the routes permitted by the prefix list to establish IPv6 LSPs. [RouterD] ipv6 prefix-list routerd index 10 permit 11::0 64 [RouterD] ipv6 prefix-list routerd index 20 permit 21::0 64 [RouterD] mpls ldp [RouterD-ldp] ipv6 lsp-trigger prefix-list routerd [RouterD-ldp] quit...
Page 74: Ipv6 Label Advertisement Control Configuration Example
The output shows that the next hop of the IPv6 LSP for FEC 21::0/64 is Router B (FE80::20C:29FF:FE9D:EAC0). The IPv6 LSP has been established over the link Router A—Router B—Router C, not over the link Router A—Router D—Router C. # Test the connectivity of the IPv6 LDP LSP from Router A to Router C. [RouterA] ping ipv6 -a 11::1 21::1 Ping6(56 data bytes) 11::1 -->...
Page 75 Figure 24 Network diagram Loop0 2.2.2.9/32 100::2/128 Ser1/1/0 Ser1/1/1 Loop0 Loop0 10::2/64 20::1/64 1.1.1.9/32 3.3.3.9/32 Router B 100::1/128 100::3/128 Ser1/1/0 Ser1/1/0 20::2/64 10::1/64 Ser1/1/1 GE1/1/1 Ser1/1/1 GE1/1/1 Loop0 40::2/64 11::1/64 30::1/64 21::1/64 4.4.4.9/32 Router A Router C 100::4/128 Ser1/1/0 Ser1/1/1 30::2/64 40::1/64 Router D...
Page 76 [RouterA-Serial1/1/1] mpls ldp transport-address 30::1 [RouterA-Serial1/1/1] quit # Configure Router B. <RouterB> system-view [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls ldp [RouterB-ldp] quit [RouterB] interface serial 1/1/0 [RouterB-Serial1/1/0] mpls enable [RouterB-Serial1/1/0] mpls ldp ipv6 enable [RouterB-Serial1/1/0] mpls ldp transport-address 10::2 [RouterB-Serial1/1/0] quit [RouterB] interface serial 1/1/1 [RouterB-Serial1/1/1] mpls enable [RouterB-Serial1/1/1] mpls ldp ipv6 enable...
Page 77 # On Router A, create IPv6 prefix list routera, and configure LDP to use only the routes permitted by the prefix list to establish IPv6 LSPs. [RouterA] ipv6 prefix-list routera index 10 permit 11::0 64 [RouterA] ipv6 prefix-list routera index 20 permit 21::0 64 [RouterA] mpls ldp [RouterA-ldp] ipv6 lsp-trigger prefix-list routera [RouterA-ldp] quit...
Page 78 [RouterC-ldp] ipv6 advertise-label prefix-list prefix-to-b peer peer-b [RouterC-ldp] quit # On Router D, create IPv6 prefix list prefix-to-a to deny subnet 21::0/64. Router D uses this list to filter FEC-label mappings to be advertised to Router A. [RouterD] ipv6 prefix-list prefix-to-a index 10 deny 21::0 64 [RouterD] ipv6 prefix-list prefix-to-a index 20 permit 0::0 0 less-equal 128 # On Router D, create IP prefix list peer-a to permit 1.1.1.9/32.
Page 79 Nexthop : FE80::20C:29FF:FE9D:EA8E In/Out Label: 2418/2417 OutInterface : Ser1/1/0 Nexthop : FE80::20C:29FF:FE9D:EA8E FEC: 21::/64 In/Out Label: -/1099 OutInterface : Ser1/1/1 Nexthop : FE80::20C:29FF:FE05:1C01 In/Out Label: 2416/1099 OutInterface : Ser1/1/1 Nexthop : FE80::20C:29FF:FE05:1C01 [RouterC] display mpls ldp lsp ipv6 Status Flags: * - stale, L - liberal, B - backup FECs: 2 Ingress: 1 Transit: 1...
Page 80 56 bytes from 21::1, icmp_seq=4 hlim=63 time=1.000 ms --- Ping6 statistics for 21::1 --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 1.000/2.600/4.000/1.020 ms # Test the connectivity of the IPv6 LDP LSP from Router C to Router A. [RouterC] ping ipv6 -a 21::1 11::1 Ping6(56 data bytes) 21::1 -->...
Page 81: Configuring Mpls Te
Configuring MPLS TE Overview TE and MPLS TE Network congestion can degrade the network backbone performance. It might occur when network resources are inadequate or when load distribution is unbalanced. Traffic engineering (TE) is intended to avoid the latter situation where partial congestion might occur because of improper resource allocation.
Page 82 A label distribution protocol (such as RSVP-TE) advertises labels to establish CRLSPs and reserves bandwidth resources on each node along the calculated path. Dynamic CRLSPs adapt to network changes and support CRLSP backup and fast reroute, but they require complicated configurations. Advertising TE attributes MPLS TE uses extended link state IGPs, such as OSPF and IS-IS, to advertise TE attributes for links.
Page 83: Crlsp Establishment Using Pce Path Calculation
Explicit path specifies the nodes to pass and the nodes to not pass for a tunnel. Explicit paths include the following types: Strict explicit path—Among the nodes that the path must traverse, a node and its previous hop must be directly connected. Strict explicit path precisely specifies the path that an MPLS TE tunnel must traverse.
Page 84: Traffic Forwarding
As shown in Figure 25, PCE 1 is the ABR that can calculate paths in Area 0 and Area 1. PCE 2 is the ABR that can calculate paths in Area 1 and Area 2. The CRLSP that PCC uses to reach a destination in Area 2 is established as follows: PCC sends a path calculation request to PCE 1 to request the path to the CRLSP destination.
Page 85: Make-Before-Break
Automatic route advertisement You can also configure automatic route advertisement to forward traffic through an MPLS TE tunnel. Automatic route advertisement distributes the MPLS TE tunnel to the IGP (OSPF or IS-IS), so the MPLS TE tunnel can participate in IGP routing calculation. Automatic route advertisement is easy to configure and maintain.
Page 86: Route Pinning
• SE—Shared-explicit, where resources are reserved for senders on the same session and shared among them. SE is mainly used for make-before-break. As shown in Figure 27, a CRLSP with 30 M reserved bandwidth has been set up from Router A to Router D through the path Router A—Router B—Router C—Router D.
Page 87: Crlsp Backup
average output rate sampled during the adjustment time for new CRLSP establishment. If the new CRLSP is set up successfully, MPLS TE switches traffic to the new CRLSP and clears the old CRLSP. You can use a command to limit the maximum and minimum bandwidth. If the tunnel bandwidth calculated by auto bandwidth adjustment is greater than the maximum bandwidth, MPLS TE uses the maximum bandwidth to set up the new CRLSP.
Page 88: Diffserv-Aware Te
Figure 28 FRR link protection • Node protection—The PLR and the MP are connected through a device and the primary CRLSP traverses this device. When the device fails, traffic is switched to the bypass tunnel. As shown in Figure 29, the primary CRLSP is Router A—Router B—Router C—Router D—Router E, and the bypass tunnel is Router B—Router F—Router D.
Page 89 • TE class—Defines a CT and a priority. The setup priority or holding priority of an MPLS TE tunnel for a CT must be the same as the priority of the TE class. The prestandard and IETF modes of DS-TE have the following differences: •...
Page 90: Bidirectional Mpls Te Tunnel
− The total bandwidth occupied by CT 0, CT 1, and CT 2 cannot exceed the maximum reservable bandwidth. Figure 31 MAM bandwidth constraints model CT 0 BC 0 CT 1 BC 1 CT 2 BC 2 CT 0 CT 1 CT 2 Max reservable BW Verifies that the CT and the LSP setup/holding priority match an existing TE class.
Page 91: Protocols And Standards
How CBTS works CBTS processes incoming traffic on the device as follows: Uses a traffic behavior to set a CoS value for the traffic. For more information about traffic behaviors, see QoS configuration in ACL and QoS Configuration Guide. Compares the CoS of the traffic with the CoSs of the MPLS TE tunnels and forwards the traffic to a matching tunnel.
Page 92: Mpls Te Configuration Task List
• ITU-T Recommendation Y.1720, Protection switching for MPLS networks • RFC 4655, A Path Computation Element (PCE)-Based Architecture • RFC 5088, OSPF Protocol Extensions for Path Computation Element Discovery • RFC 5440, Path Computation Element (PCE) Communication Protocol (PCEP) • RFC 5441, A Backward-Recursive PCE-Based Computation (BRPC) Procedure to Compute Shortest Constrained Inter-Domain Traffic Engineering LSP •...
Page 93: Enabling Mpls Te
14. Create a tunnel interface on the ingress node of the MPLS TE tunnel. On the tunnel interface, specify the tunnel destination address (the egress node IP address), and configure MPLS TE tunnel constraints (such as the tunnel bandwidth constraints and affinity). 15.
Page 94: Configuring A Tunnel Interface
• Enable MPLS. For information about enabling MPLS, see "Configuring basic MPLS." To enable MPLS TE: Step Command Remarks Enter system view. system-view By default, MPLS TE is Enter MPLS TE view. mpls te disabled. Return to system view. quit interface interface-type Enter interface view.
Page 95: Configuring An Mpls Te Tunnel To Use A Static Crlsp
Step Command Remarks The default TE classes for IETF ds-te te-class te-class-index mode are shown in Table class-type Configure a TE class. class-type-number priority In prestandard mode, you cannot priority configure TE classes. Table 1 Default TE classes in IETF mode TE Class Priority Configuring an MPLS TE tunnel to use a static...
Page 96: Configuring An Mpls Te Tunnel To Use A Dynamic Crlsp
Configuring an MPLS TE tunnel to use a dynamic CRLSP To configure an MPLS TE tunnel to use a CRLSP dynamically established by RSVP-TE, perform the following tasks: • Configure MPLS TE attributes for the links. • Configure IGP TE extension to advertise link TE attributes, so as to generate a TEDB on each node.
Page 97: Advertising Link Te Attributes By Using Igp Te Extension
Step Command Remarks • Configure the maximum reservable bandwidth of the link (BC 0) and BC 1 in RDM model of the prestandard DS-TE: mpls te max-reservable-bandwidth bandwidth-value [ bc1 Use one command according bc1-bandwidth ] to the DS-TE mode and BC •...
Page 98: Configuring Mpls Te Tunnel Constraints
Configuring IS-IS TE IS-IS TE uses a sub-TLV of the extended IS reachability TLV (type 22) to carry TE attributes. Because the extended IS reachability TLV carries wide metrics, specify a wide metric-compatible metric style for the IS-IS process before enabling IS-IS TE. Available metric styles for IS-IS TE include wide, compatible, or wide-compatible.
Page 99 Step Command Remarks Enter system view. system-view Enter MPLS TE tunnel interface tunnel tunnel-number interface view. [ mode mpls-te ] By default, the affinity is mpls te affinity-attribute Set an affinity for the MPLS 0x00000000, and the mask is attribute-value [ mask TE tunnel.
Page 100: Establishing An Mpls Te Tunnel By Using Rsvp-Te
Step Command Remarks Configure the MPLS TE tunnel interface to use the mpls te path preference value By default, MPLS TE uses the explicit path, and specify a explicit-path path-name calculated path to establish a preference value for the [ no-cspf ] CRLSP.
Page 101 Step Command Remarks By default, a tunnel uses the TE Specify the metric type to metric for path selection. use when no metric type is path-metric-type { igp | te } Execute this command on the explicitly configured for a ingress node of an MPLS TE tunnel.
Page 102: Controlling Mpls Te Tunnel Setup
Step Command Remarks mpls te reoptimization [ frequency By default, tunnel Enable tunnel reoptimization. seconds ] reoptimization is disabled. Return to user view. return (Optional.) Immediately reoptimize all MPLS TE tunnels that are enabled with mpls te reoptimization the tunnel reoptimization feature.
Page 103 Step Command Remarks Enter system view. system-view Enter MPLS TE tunnel interface tunnel tunnel-number [ mode interface view. mpls-te ] • To record routes: By default, both route mpls te record-route Record routes or record recording and label • both routes and labels. To record both routes and labels: recording are disabled.
Page 104 Step Command Remarks By default, the global auto bandwidth adjustment is disabled. The sampling interval configured in Enable automatic MPLS TE view applies to all MPLS bandwidth adjustment auto-bandwidth enable TE tunnels. The output rates of all globally, and configure [ sample-interval interval ] MPLS TE tunnels are recorded the output rate sampling...
Page 105: Configuring An Mpls Te Tunnel To Use A Crlsp Calculated By Pces
Configuring an MPLS TE tunnel to use a CRLSP calculated by PCEs Configuring a PCE Step Command Remarks Enter system view. system-view Enter MPLS TE view. mpls te By default, no PCE address is Configure a PCE IP address. pce address ip-address configured.
Page 106: Establishing A Backup Crlsp By Using The Path Calculated By Pces
Establishing a backup CRLSP by using the path calculated by PCEs Perform this task to enable the specified PCEs to calculate a backup CRLSP for the PCC. When the primary CRLSP fails, traffic is switched to the backup CRLSP to ensure continuous traffic forwarding. To establish a backup CRLSP by using the path calculated by PCEs: Step Command...
Page 107: Configuring Pcep Session Parameters
Step Command Remarks By default, the delegation priority of a PCE is 65535. Set the delegation priority of pce peer ip-address a PCE. delegation-priority priority A smaller value represents a higher priority. Set the redelegation timeout By default, the redelegation pce redelegation-timeout value interval.
Page 108: Configuring Pbr To Direct Traffic To An Mpls Te Tunnel
Step Command Remarks By default, no static routes exist. Configure a static route to See Layer 3—IP Routing The interface specified in this direct traffic to an MPLS TE Command Reference. command must be an MPLS TE tunnel. tunnel interface. Configuring PBR to direct traffic to an MPLS TE tunnel For more information about the commands in this task, see Layer 3—IP Routing Command Reference.
Page 109: Configuring A Bidirectional Mpls Te Tunnel
• If you configure the tunnel destination address as the primary IP address of an interface on the egress node, you must enable MPLS TE, and configure OSPF or IS-IS on that interface. This makes sure the primary IP address of the interface can be advertised to its peer. •...
Page 110: Configuring The Active End Of A Co-Routed Bidirectional Mpls Te Tunnel
Configuring the active end of a co-routed bidirectional MPLS TE tunnel Step Command Remarks Enter system view. system-view Enter MPLS TE tunnel interface tunnel tunnel-number interface view. [ mode mpls-te ] By default, bidirectional tunnel is Configure a co-routed disabled on the tunnel interface, bidirectional MPLS TE tunnel mpls te bidirectional co-routed and tunnels established on the...
Page 111: Configuring Mpls Te Frr
Step Command Remarks Enter system view. system-view Enter MPLS TE tunnel interface tunnel tunnel-number interface view. [ mode mpls-te ] Enable tunnel backup and mpls te backup { hot-standby | By default, tunnel backup is specify the backup mode. ordinary } disabled.
Page 112 mode and the other in node protection mode. Automatically created bypass tunnels can be used to protect any type of CT, but they cannot provide bandwidth protection. A primary tunnel can have both manually configured and automatically created bypass tunnels. The PLR will select one bypass tunnel to protect the primary CRLSP.
Page 113 Primary Bandwidt CRLSP h required requires Bypass tunnel providing Bypass tunnel providing no bandwidth bandwidth protection bandwidth protection primary protection or CRLSP The primary CRLSP can be bound to the bypass tunnel when all the following conditions are met: • The bandwidth that the The primary CRLSP can be bound bypass tunnel can protect is...
Page 114 • Make sure the bandwidth assigned to the bypass tunnel is no less than the total bandwidth needed by all primary CRLSPs to be protected by the bypass tunnel. Otherwise, some primary CRLSPs might not be protected by the bypass tunnel. •...
Page 115: Configuring Node Fault Detection
An automatically created bypass tunnel can protect multiple primary CRLSPs. A bypass tunnel is unused when the bypass tunnel is not bound to any primary CRLSP. When a bypass tunnel is unused for the period of time configured by the timers removal unused command, MPLS TE removes the bypass tunnel.
Page 116: Setting The Optimal Bypass Tunnel Selection Interval
Step Command Remarks On the PLR, enter the view of the interface connected to the protected node. interface interface-type Enter interface view. interface-number On the protected node, enter the view of the interface connected to the PLR. By default, RSVP hello •...
Page 117: Displaying And Maintaining Mpls Te
SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device. To enable SNMP notifications for MPLS TE: Step Command Remarks Enter system view. system-view Enable SNMP By default, SNMP notifications for snmp-agent trap enable te notifications for MPLS TE.
Page 118: Mpls Te Configuration Examples
Task Command display ospf [ process-id ] [ area area-id ] mpls te Display OSPF tunnel interface information. tunnel Reset the automatic bandwidth adjustment reset mpls te auto-bandwidth-adjustment timers feature. Clear PCC and PCE statistics. reset mpls te pce statistics [ ip-address ] MPLS TE configuration examples Establishing an MPLS TE tunnel over a static CRLSP Network requirements...
Page 119 # Configure Router B. <RouterB> system-view [RouterB] isis 1 [RouterB-isis-1] network-entity 00.0005.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface gigabitethernet 1/1/1 [RouterB-GigabitEthernet1/1/1] isis enable 1 [RouterB-GigabitEthernet1/1/1] quit [RouterB] interface gigabitethernet 1/1/2 [RouterB-GigabitEthernet1/1/2] isis enable 1 [RouterB-GigabitEthernet1/1/2] quit [RouterB] interface loopback 0 [RouterB-LoopBack0] isis enable 1 [RouterB-LoopBack0] quit # Configure Router C.
Page 120 [RouterB-GigabitEthernet1/1/2] quit # Configure Router C. [RouterC] mpls lsr-id 3.3.3.3 [RouterC] mpls te [RouterC-te] quit [RouterC] interface gigabitethernet 1/1/1 [RouterC-GigabitEthernet1/1/1] mpls enable [RouterC-GigabitEthernet1/1/1] mpls te enable [RouterC-GigabitEthernet1/1/1] quit Configure MPLS TE attributes of links: # Set the maximum link bandwidth and maximum reservable bandwidth on Router A. [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] mpls te max-link-bandwidth 10000 [RouterA-GigabitEthernet1/1/1] mpls te max-reservable-bandwidth 5000...
Page 121 # Configure Router B as the transit node of the static CRLSP, and specify the incoming label as 20, next hop address as 3.2.1.2, outgoing label as 30, and bandwidth for the tunnel as 2000 kbps. [RouterB] static-cr-lsp transit static-cr-lsp-1 in-label 20 nexthop 3.2.1.2 out-label 30 bandwidth 2000 # Configure Router C as the egress node of the static CRLSP, and specify the incoming label as [RouterC] static-cr-lsp egress static-cr-lsp-1 in-label 30...
Page 122: Establishing An Mpls Te Tunnel With Rsvp-Te
Affinity Attr/Mask : -/- Explicit Path Backup Explicit Path : - Metric Type : TE Record Route Record Label FRR Flag Bandwidth Protection : - Backup Bandwidth Flag: - Backup Bandwidth Type: - Backup Bandwidth Bypass Tunnel Auto Created Route Pinning Retry Limit Retry Interval : 2 sec...
Page 123 The maximum bandwidth of the link that the tunnel traverses is 10000 kbps and the maximum reservable bandwidth of the link is 5000 kbps. Figure 34 Network diagram Table 3 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A...
Page 124 [RouterB-isis-1] network-entity 00.0005.0000.0000.0002.00 [RouterB-isis-1] quit [RouterB] interface gigabitethernet 1/1/1 [RouterB-GigabitEthernet1/1/1] isis enable 1 [RouterB-GigabitEthernet1/1/1] isis circuit-level level-2 [RouterB-GigabitEthernet1/1/1] quit [RouterB] interface pos 1/1/0 [RouterB-POS1/1/0] isis enable 1 [RouterB-POS1/1/0] isis circuit-level level-2 [RouterB-POS1/1/0] quit [RouterB] interface loopback 0 [RouterB-LoopBack0] isis enable 1 [RouterB-LoopBack0] isis circuit-level level-2 [RouterB-LoopBack0] quit # Configure Router C.
Page 125 # Configure Router A. [RouterA] mpls lsr-id 1.1.1.9 [RouterA] mpls te [RouterA-te] quit [RouterA] rsvp [RouterA-rsvp] quit [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] mpls enable [RouterA-GigabitEthernet1/1/1] mpls te enable [RouterA-GigabitEthernet1/1/1] rsvp enable [RouterA-GigabitEthernet1/1/1] quit # Configure Router B. [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls te [RouterB-te] quit [RouterB] rsvp...
Page 126 [RouterD-rsvp] quit [RouterD] interface gigabitethernet 1/1/1 [RouterD-GigabitEthernet1/1/1] mpls enable [RouterD-GigabitEthernet1/1/1] mpls te enable [RouterD-GigabitEthernet1/1/1] rsvp enable [RouterD-GigabitEthernet1/1/1] quit Configure IS-IS TE: # Configure Router A. [RouterA] isis 1 [RouterA-isis-1] cost-style wide [RouterA-isis-1] mpls te enable level-2 [RouterA-isis-1] quit # Configure Router B. [RouterB] isis 1 [RouterB-isis-1] cost-style wide [RouterB-isis-1] mpls te enable level-2...
Page 127 [RouterC] interface pos 1/1/0 [RouterC-POS1/1/0] mpls te max-link-bandwidth 10000 [RouterC-POS1/1/0] mpls te max-reservable-bandwidth 5000 [RouterC-POS1/1/0] quit # Set the maximum link bandwidth and maximum reservable bandwidth on Router D. [RouterD] interface gigabitethernet 1/1/1 [RouterD-GigabitEthernet1/1/1] mpls te max-link-bandwidth 10000 [RouterD-GigabitEthernet1/1/1] mpls te max-reservable-bandwidth 5000 [RouterD-GigabitEthernet1/1/1] quit Configure an MPLS TE tunnel on Router A: # Configure MPLS TE tunnel interface Tunnel 1.
Page 128: Establishing An Inter-As Mpls Te Tunnel With Rsvp-Te
Admin State : Normal Ingress LSR ID : 1.1.1.9 Egress LSR ID : 4.4.4.9 Signaling : RSVP-TE Static CRLSP Name Resv Style : SE Tunnel mode Reverse-LSP name Reverse-LSP LSR ID Reverse-LSP Tunnel ID: - Class Type : CT0 Tunnel Bandwidth : 2000 kbps Reserved Bandwidth : 2000 kbps...
Page 129 Figure 35 Network diagram Table 4 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A Loop0 1.1.1.9/32 Router C Loop0 3.3.3.9/32 GE1/1/1 10.1.1.1/24 GE1/1/1 30.1.1.1/24 GE1/1/2 100.1.1.0/24 POS1/1/0 20.1.1.2/24 Router B Loop0 2.2.2.9/32 Router D Loop0 4.4.4.9/32 GE1/1/1...
Page 130 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit # Configure Router C. <RouterC> system-view [RouterC] ospf [RouterC-ospf-1] import-route direct [RouterC-ospf-1] import-route bgp [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] ospf [RouterD-ospf-1] area 0 [RouterD-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.0] network 4.4.4.9 0.0.0.0...
Page 131 [RouterC-bgp-ipv4] peer 20.1.1.1 enable [RouterC-bgp-ipv4] import-route ospf [RouterC-bgp-ipv4] import-route direct [RouterC-bgp-ipv4] quit [RouterC-bgp] quit # Verify that the routers have learned the AS-external routes. This example uses Router A. [RouterA] display ip routing-table Destinations : 10 Routes : 10 Destination/Mask Proto Pre Cost NextHop...
Page 132 [RouterB-POS1/1/0] quit # Configure Router C. [RouterC] mpls lsr-id 3.3.3.9 [RouterC] mpls te [RouterC-te] quit [RouterC] rsvp [RouterC-rsvp] quit [RouterC] interface gigabitethernet 1/1/1 [RouterC-GigabitEthernet1/1/1] mpls enable [RouterC-GigabitEthernet1/1/1] mpls te enable [RouterC-GigabitEthernet1/1/1] rsvp enable [RouterC-GigabitEthernet1/1/1] quit [RouterC] interface pos 1/1/0 [RouterC-POS1/1/0] mpls enable [RouterC-POS1/1/0] mpls te enable [RouterC-POS1/1/0] rsvp enable [RouterC-POS1/1/0] quit...
Page 133 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit # Configure Router D. [RouterD] ospf [RouterD-ospf-1] opaque-capability enable [RouterD-ospf-1] area 0 [RouterD-ospf-1-area-0.0.0.0] mpls te enable [RouterD-ospf-1-area-0.0.0.0] quit [RouterD-ospf-1] quit Configure an explicit path on Router A. Specify Router B and Router D as loose nodes, and Router C as a strict node.
Page 134 [RouterA-Tunnel1] ip address 7.1.1.1 255.255.255.0 # Specify the tunnel destination address as the LSR ID of Router D. [RouterA-Tunnel1] destination 4.4.4.9 # Configure MPLS TE to use RSVP-TE to establish the tunnel. [RouterA-Tunnel1] mpls te signaling rsvp-te # Assign 2000 kbps bandwidth to the tunnel. [RouterA-Tunnel1] mpls te bandwidth 2000 # Specify the explicit path atod for the tunnel.
Page 135: Establishing An Inter-Area Mpls Te Tunnel Over A Crlsp Calculated By Pces
Affinity Attr/Mask : 0/0 Explicit Path : atod Backup Explicit Path : - Metric Type : TE Record Route : Disabled Record Label : Disabled FRR Flag : Disabled Bandwidth Protection : Disabled Backup Bandwidth Flag: Disabled Backup Bandwidth Type: - Backup Bandwidth Bypass Tunnel : No...
Page 136 Figure 36 Network diagram Configuration procedure Configure IP addresses and masks for interfaces. (Details not shown.) Configure OSPF to advertise interface addresses and configure OSPF TE: # Configure Router A. <RouterA> system-view [RouterA] ospf [RouterA-ospf-1] area 0 [RouterA-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterA-ospf-1-area-0.0.0.0] network 1.1.1.1 0.0.0.0 [RouterA-ospf-1-area-0.0.0.0] mpls te enable [RouterA-ospf-1-area-0.0.0.0] quit...
Page 137 [RouterC-ospf-1] area 1 [RouterC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.1] network 3.3.3.3 0.0.0.0 [RouterC-ospf-1-area-0.0.0.1] mpls te enable [RouterC-ospf-1-area-0.0.0.1] quit [RouterC-ospf-1] quit # Configure Router D. <RouterD> system-view [RouterD] ospf [RouterD-ospf-1] area 2 [RouterD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [RouterD-ospf-1-area-0.0.0.2] network 4.4.4.4 0.0.0.0 [RouterD-ospf-1-area-0.0.0.2] mpls te enable [RouterD-ospf-1-area-0.0.0.2] quit [RouterD-ospf-1] quit Configure an LSR ID, and enable MPLS, MPLS TE, and RSVP-TE:...
Page 138 # Configure Router C. [RouterC] mpls lsr-id 3.3.3.3 [RouterC] mpls te [RouterC-te] quit [RouterC] rsvp [RouterC-rsvp] quit [RouterC] interface gigabitethernet 1/1/1 [RouterC-GigabitEthernet1/1/1] mpls enable [RouterC-GigabitEthernet1/1/1] mpls te enable [RouterC-GigabitEthernet1/1/1] rsvp enable [RouterC-GigabitEthernet1/1/1] quit # Configure Router D. [RouterD] mpls lsr-id 4.4.4.4 [RouterD] mpls te [RouterD-te] quit [RouterD] rsvp...
Page 139 Compute intra-area paths Act as PCE for inter-area TE LSP computation Act as a default PCE for inter-area TE LSP computation Capabilities: Bidirectional path computation Support for request prioritization Support for multiple requests per message Domains: OSPF 1 area 0.0.0.0 OSPF 1 area 0.0.0.2 # Verify that PCEP sessions have been established on each router.
Page 140: Bidirectional Mpls Te Tunnel Configuration Example
Bidirectional MPLS TE tunnel configuration example Network requirements Router A, Router B, Router C, and Router D all run IS-IS and they are all level-2 routers. Use RSVP-TE to establish a bidirectional MPLS TE tunnel between Router A and Router D. Figure 37 Network diagram Table 5 Interface and IP address assignment Device...
Page 141 <RouterB> system-view [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls te [RouterB-te] quit [RouterB] rsvp [RouterB-rsvp] quit [RouterB] interface gigabitethernet 1/1/1 [RouterB-GigabitEthernet1/1/1] mpls enable [RouterB-GigabitEthernet1/1/1] mpls te enable [RouterB-GigabitEthernet1/1/1] rsvp enable [RouterB-GigabitEthernet1/1/1] quit [RouterB] interface pos 1/1/0 [RouterB-POS1/1/0] mpls enable [RouterB-POS1/1/0] mpls te enable [RouterB-POS1/1/0] rsvp enable [RouterB-POS1/1/0] quit # Configure Router C.
Page 142 [RouterA] isis 1 [RouterA-isis-1] cost-style wide [RouterA-isis-1] mpls te enable level-2 [RouterA-isis-1] quit # Configure Router B. [RouterB] isis 1 [RouterB-isis-1] cost-style wide [RouterB-isis-1] mpls te enable level-2 [RouterB-isis-1] quit # Configure Router C. [RouterC] isis 1 [RouterC-isis-1] cost-style wide [RouterC-isis-1] mpls te enable level-2 [RouterC-isis-1] quit # Configure Router D.
Page 143 Tunnel source unknown, destination 4.4.4.9 Tunnel TTL 255 Tunnel protocol/transport CR_LSP Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 0 packets, 0 bytes, 0 drops # Display detailed information about the MPLS TE tunnel on Router A.
Page 144 State : Active Out-Label : 1149 Nexthop : 10.1.1.2 Out-Interface: GE1/1/1 Destination : 4.4.4.9 : 1.1.1.9/1/30478 Protocol : RSVP LSR Type : Egress Service In-Label : 1151 State : Active Nexthop : 127.0.0.1 Out-Interface: - Destination : 10.1.1.2 : 10.1.1.2 Protocol : Local LSR Type...
Page 145 Ingress LSR ID Egress LSR ID Signaling : RSVP-TE Static CRLSP Name Resv Style : FF Tunnel mode : Co-routed, passive Reverse-LSP name Reverse-LSP LSR ID : 1.1.1.9 Reverse-LSP Tunnel ID: 1 Class Type Tunnel Bandwidth Reserved Bandwidth Setup Priority Holding Priority Affinity Attr/Mask : -/-...
Page 146: Crlsp Backup Configuration Example
Destination : 30.1.1.1 : 30.1.1.1 Protocol : Local LSR Type : Ingress Service NHLFE ID : 1024 State : Active Nexthop : 30.1.1.1 Out-Interface: GE1/1/1 CRLSP backup configuration example Network requirements Router A, Router B, Router C, and Router D run IS-IS and IS-IS TE. Use RSVP-TE to establish an MPLS TE tunnel from Router A to Router C to transmit data between the two IP networks.
Page 147 Device Interface IP address Device Interface IP address GE1/1/2 20.1.1.1/24 POS1/1/1 40.1.1.2/24 Configuration procedure Configure IP addresses and masks for interfaces. (Details not shown.) Configure IS-IS to advertise interface addresses, including the loopback interface address, and configure IS-IS TE. (Details not shown.) Configure an LSR ID, and enable MPLS, MPLS TE, and RSVP-TE: # Configure Router A.
Page 148 Line protocol state: UP Description: Tunnel3 Interface Bandwidth: 64kbps Maximum transmission unit: 1496 Internet address: 9.1.1.1/24 (primary) Tunnel source unknown, destination 3.3.3.9 Tunnel TTL 255 Tunnel protocol/transport CR_LSP Output queue - Urgent queuing: Size/Length/Discards 0/100/0 Output queue - Protocol queuing: Size/Length/Discards 0/500/0 Output queue - FIFO queuing: Size/Length/Discards 0/75/0 Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec...
Page 149 Tunnel name: Tunnel3 Destination: 3.3.3.9 Source: 1.1.1.9 Tunnel ID: 3 LSP ID: 30107 LSR type: Ingress Direction: Unidirectional Setup priority: 7 Holding priority: 7 In-Label: - Out-Label: 1150 In-Interface: - Out-Interface: GE1/1/4 Nexthop: 30.1.1.2 Exclude-any: 0 Include-Any: 0 Include-all: 0 Mean rate (CIR): 0 kbps Mean burst size (CBS): 1000.00 bytes Path MTU: 1500...
Page 150: Manual Bypass Tunnel For Frr Configuration Example
Manual bypass tunnel for FRR configuration example Network requirements On the primary CRLSP Router A—Router B—Router C—Router D, use FRR to protect the link Router B—Router C. Use RSVP-TE to establish the primary CRLSP and bypass tunnel based on the constraints of the explicit paths to transmit data between the two IP networks.
Page 151 Configure an LSR ID, and enable MPLS, MPLS TE, and RSVP-TE on each router. Enable BFD for RSVP-TE on Router B and Router C: # Configure Router A. <RouterA> system-view [RouterA] mpls lsr-id 1.1.1.1 [RouterA] mpls te [RouterA-te] quit [RouterA] rsvp [RouterA-rsvp] quit [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] mpls enable...
Page 152 [RouterA] interface tunnel 4 mode mpls-te [RouterA-Tunnel4] ip address 10.1.1.1 255.255.255.0 # Specify the tunnel destination address as the LSR ID of Router D. [RouterA-Tunnel4] destination 4.4.4.4 # Specify the tunnel signaling protocol as RSVP-TE. [RouterA-Tunnel4] mpls te signaling rsvp-te # Specify the explicit path as pri-path.
Page 153 Record Route : Enabled Record Label : Enabled FRR Flag : Enabled Bandwidth Protection : Disabled Backup Bandwidth Flag: Disabled Backup Bandwidth Type: - Backup Bandwidth Bypass Tunnel : No Auto Created : No Route Pinning : Disabled Retry Limit : 10 Retry Interval : 2 sec...
Page 154 [RouterB] display mpls lsp Proto In/Out Label Interface/Out NHLFE 1.1.1.1/4/48960 RSVP 1245/3 GE1/1/2 Backup 1245/3 Tun5 2.2.2.2/5/31857 RSVP GE1/1/2 3.2.1.2 Local POS1/1/0 3.1.1.2 Local GE1/1/2 # Shut down the protected interface GigabitEthernet 1/1/2 on the PLR (Router B). [RouterB] interface gigabitethernet 1/1/2 [RouterB-GigabitEthernet1/1/2] shutdown [RouterB-GigabitEthernet1/1/2] quit # Execute the display interface tunnel 4 command on Router A to display information about the...
Page 155: Auto Frr Configuration Example
NOTE: If you execute the display mpls te tunnel-interface command immediately after an FRR, you can see two CRLSPs in up state. This is because FRR uses the make-before-break mechanism to set up a new LSP, and the old LSP is deleted after the new one has been established for a while. # Verify that the bypass tunnel is in use on Router B.
Page 156 Figure 40 Network diagram Table 8 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A Loop0 1.1.1.1/32 Router E Loop0 5.5.5.5/32 GE1/1/1 2.1.1.1/24 POS1/1/0 3.2.1.2/24 Router B Loop0 2.2.2.2/32 POS1/1/1 3.4.1.1/24 GE1/1/1 2.1.1.2/24 Router C Loop0 3.3.3.3/32 GE1/1/2...
Page 157 [RouterA] rsvp [RouterA-rsvp] quit [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] mpls enable [RouterA-GigabitEthernet1/1/1] mpls te enable [RouterA-GigabitEthernet1/1/1] rsvp enable [RouterA-GigabitEthernet1/1/1] quit # Configure Router B. <RouterB> system-view [RouterB] mpls lsr-id 2.2.2.2 [RouterB] mpls te [RouterB-te] quit [RouterB] rsvp [RouterB-rsvp] quit [RouterB] interface gigabitethernet 1/1/1 [RouterB-GigabitEthernet1/1/1] mpls enable [RouterB-GigabitEthernet1/1/1] mpls te enable [RouterB-GigabitEthernet1/1/1] rsvp enable...
Page 158 # Specify the tunnel destination address as the LSR ID of Router D. [RouterA-Tunnel1] destination 4.4.4.4 # Specify the tunnel signaling protocol as RSVP-TE. [RouterA-Tunnel1] mpls te signaling rsvp-te # Specify the explicit path as pri-path. [RouterA-Tunnel1] mpls te path preference 1 explicit-path pri-path # Enable FRR for the MPLS TE tunnel.
Page 159 Backup Bandwidth Flag: Disabled Backup Bandwidth Type: - Backup Bandwidth Bypass Tunnel : No Auto Created : No Route Pinning : Disabled Retry Limit Retry Interval : 2 sec Reoptimization : Disabled Reoptimization Freq Backup Type : None Backup LSP ID Auto Bandwidth : Disabled Auto Bandwidth Freq...
Page 160 Metric Type : TE Record Route : Enabled Record Label : Disabled FRR Flag : Disabled Bandwidth Protection : Disabled Backup Bandwidth Flag: Disabled Backup Bandwidth Type: - Backup Bandwidth Bypass Tunnel : Yes Auto Created : Yes Route Pinning : Disabled Retry Limit Retry Interval...
Page 161: Ietf Ds-Te Configuration Example
2.2.2.1/1/16802 RSVP -/1151 GE1/1/2 Backup Tun50 2.2.2.2/50/16802 RSVP POS1/1/1 3.2.1.2 Local POS1/1/1 3.3.1.2 Local POS1/1/0 # Display detailed information about MPLS TE tunnel 1 (the tunnel for the primary CRLSP) on Router B. The output shows that Tunnel1 is protected by the bypass tunnel Tunnel50, and the protected node is 3.1.1.1.
Page 162 Figure 41 Network diagram Table 9 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A Loop0 1.1.1.9/32 Router C Loop0 3.3.3.9/32 GE1/1/1 10.1.1.1/24 GE1/1/1 30.1.1.1/24 GE1/1/2 100.1.1.1/24 POS1/1/0 20.1.1.2/24 Router B Loop0 2.2.2.9/32 Router D Loop0 4.4.4.9/32 GE1/1/1...
Page 163 [RouterB] interface gigabitethernet 1/1/1 [RouterB-GigabitEthernet1/1/1] isis enable 1 [RouterB-GigabitEthernet1/1/1] isis circuit-level level-2 [RouterB-GigabitEthernet1/1/1] quit [RouterB] interface pos 1/1/0 [RouterB-POS1/1/0] isis enable 1 [RouterB-POS1/1/0] isis circuit-level level-2 [RouterB-POS1/1/0] quit [RouterB] interface loopback 0 [RouterB-LoopBack0] isis enable 1 [RouterB-LoopBack0] isis circuit-level level-2 [RouterB-LoopBack0] quit # Configure Router C.
Page 164 2.2.2.9/32 IS_L1 10.1.1.2 GE1/1/1 3.3.3.9/32 IS_L1 10.1.1.2 GE1/1/1 4.4.4.9/32 IS_L1 10.1.1.2 GE1/1/1 10.1.1.0/24 Direct 10.1.1.1 GE1/1/1 10.1.1.1/32 Direct 127.0.0.1 InLoop0 20.1.1.0/24 IS_L1 10.1.1.2 GE1/1/1 30.1.1.0/24 IS_L1 10.1.1.2 GE1/1/1 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 Configure an LSR ID, enable MPLS, MPLS TE, and RSVP-TE, and configure the DS-TE mode as IETF : # Configure Router A.
Page 165 [RouterC-GigabitEthernet1/1/1] mpls enable [RouterC-GigabitEthernet1/1/1] mpls te enable [RouterC-GigabitEthernet1/1/1] rsvp enable [RouterC-GigabitEthernet1/1/1] quit [RouterC] interface pos 1/1/0 [RouterC-POS1/1/0] mpls enable [RouterC-POS1/1/0] mpls te enable [RouterC-POS1/1/0] rsvp enable [RouterC-POS1/1/0] quit # Configure Router D. [RouterD] mpls lsr-id 4.4.4.9 [RouterD] mpls te [RouterD-te] ds-te mode ietf [RouterD-te] quit [RouterD] rsvp [RouterD-rsvp] quit...
Page 166 [RouterA-GigabitEthernet1/1/1] mpls te max-reservable-bandwidth rdm 10000 bc1 8000 bc2 5000 bc3 2000 [RouterA-GigabitEthernet1/1/1] quit # Set the maximum bandwidth, maximum reservable bandwidth, and bandwidth constraints on Router B. [RouterB] interface gigabitethernet 1/1/1 [RouterB-GigabitEthernet1/1/1] mpls te max-link-bandwidth 10000 [RouterB-GigabitEthernet1/1/1] mpls te max-reservable-bandwidth rdm 10000 bc1 8000 bc2 5000 bc3 2000 [RouterB-GigabitEthernet1/1/1] quit [RouterB] interface pos 1/1/0...
Page 167 [RouterA] ip route-static 100.1.2.0 24 tunnel 1 preference 1 Verifying the configuration # Verify that the tunnel interface is up on Router A. [RouterA] display interface tunnel Tunnel1 Current state: UP Line protocol state: UP Description: Tunnel1 Interface Bandwidth: 64kbps Maximum transmission unit: 1496 Internet address: 7.1.1.1/24 (primary) Tunnel source unknown, destination 4.4.4.9...
Page 168: Cbts Configuration Example
Auto Bandwidth : Disabled Auto Bandwidth Freq Min Bandwidth Max Bandwidth Collected Bandwidth # Display bandwidth information on interface GigabitEthernet 1/1/1 on Router A. [RouterA] display mpls te link-management bandwidth-allocation interface gigabitethernet 1/1/1 Interface: GigabitEthernet1/1/1 Max Link Bandwidth : 10000 kbps Max Reservable Bandwidth of Prestandard RDM : 0 kbps Max Reservable Bandwidth of IETF RDM : 10000 kbps...
Page 169 Figure 42 Network diagram Table 10 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A Loop0 1.1.1.1/32 Router D Loop0 4.4.4.4/32 GE1/1/1 10.1.1.1/24 GE1/1/1 30.1.1.2/24 GE1/1/2 20.1.1.1/24 GE1/1/2 40.1.1.1/24 GE1/1/3 30.1.1.1/24 Router E Loop0 5.5.5.5/32 GE1/1/4 100.1.1.1/24...
Page 170 Use RSVP-TE to establish three MPLS TE tunnels: Tunnel 1, Tunnel 2, and Tunnel 3. Tunnel 1 uses path Router A—Router B—Router E. Tunnel 2 uses path Router A—Router C—Router E. Tunnel 3 uses path Router A—Router D—Router E. (Details not shown.) Configure a QoS policy on Router A.
Page 171 Setup Priority Holding Priority Affinity Attr/Mask : -/- Explicit Path Backup Explicit Path : - Metric Type : TE Record Route Record Label FRR Flag Bandwidth Protection : - Backup Bandwidth Flag: - Backup Bandwidth Type: - Backup Bandwidth Bypass Tunnel Auto Created Route Pinning Retry Limit...
Page 172: Troubleshooting Mpls Te
Auto Bandwidth Auto Bandwidth Freq Min Bandwidth Max Bandwidth Collected Bandwidth Service-Class [RouterA]display mpls te tunnel-interface Tunnel 3 Tunnel Name : Tunnel 3 Tunnel State : Up (Main CRLSP up) Tunnel Attributes LSP ID : 17418 Tunnel ID Admin State : Normal Ingress LSR ID : 10.1.1.1...
Page 173 Analysis For TE LSAs to be generated, a minimum of one OSPF neighbor must reach FULL state. Solution To resolve the problem: a. Use the display current-configuration command to verify that MPLS TE is configured on involved interfaces. b. Use the debugging ospf mpls-te command to verify that OSPF can receive the TE LINK establishment message.
Page 174: Configuring A Static Crlsp
Configuring a static CRLSP Overview A static Constraint-based Routed Label Switched Path (CRLSP) is established by manually specifying CRLSP setup information on the ingress, transit, and egress nodes of the forwarding path. The CRLSP setup information includes the incoming label, outgoing label, and required bandwidth. If the device does not have enough bandwidth resources required by a CRLSP, the CRLSP cannot be established.
Page 175: Displaying Static Crlsps
Step Command Remarks • Configure the ingress node: Use one command according static-cr-lsp ingress lsp-name to the position of a device on { nexthop ip-address | the network. outgoing-interface interface-type interface-number } out-label By default, no static CRLSPs out-label-value [ bandwidth [ ct0 | exist.
Page 176: Configuration Procedure
Figure 43 Network diagram Configuration procedure Configure IP addresses and masks for interfaces. (Details not shown.) Configure IS-IS to advertise interface addresses, including the loopback interface address: # Configure Router A. <RouterA> system-view [RouterA] isis 1 [RouterA-isis-1] network-entity 00.0005.0000.0000.0001.00 [RouterA-isis-1] quit [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] isis enable 1 [RouterA-GigabitEthernet1/1/1] quit...
Page 177 [RouterC-isis-1] network-entity 00.0005.0000.0000.0003.00 [RouterC-isis-1] quit [RouterC] interface gigabitethernet 1/1/1 [RouterC-GigabitEthernet1/1/1] isis enable 1 [RouterC-GigabitEthernet1/1/1] quit [RouterC] interface loopback 0 [RouterC-LoopBack0] isis enable 1 [RouterC-LoopBack0] quit # Execute the display ip routing-table command on each router to verify that the routers have learned the routes to one another, including the routes to the loopback interfaces.
Page 178: Verifying The Configuration
[RouterB-GigabitEthernet1/1/1] mpls te max-link-bandwidth 10000 [RouterB-GigabitEthernet1/1/1] mpls te max-reservable-bandwidth 5000 [RouterB-GigabitEthernet1/1/1] quit [RouterB] interface gigabitethernet 1/1/2 [RouterB-GigabitEthernet1/1/2] mpls te max-link-bandwidth 10000 [RouterB-GigabitEthernet1/1/2] mpls te max-reservable-bandwidth 5000 [RouterB-GigabitEthernet1/1/2] quit # On Router C, set the maximum bandwidth and the maximum reservable bandwidth. [RouterC] interface gigabitethernet 1/1/1 [RouterC-GigabitEthernet1/1/1] mpls te max-link-bandwidth 10000 [RouterC-GigabitEthernet1/1/1] mpls te max-reservable-bandwidth 5000...
Page 179 Description: Tunnel0 Interface Bandwidth: 64kbps Maximum transmission unit: 1496 Internet address: 6.1.1.1/24 (primary) Tunnel source unknown, destination 3.3.3.3 Tunnel TTL 255 Tunnel protocol/transport CR_LSP Output queue - Urgent queuing: Size/Length/Discards 0/100/0 Output queue - Protocol queuing: Size/Length/Discards 0/500/0 Output queue - FIFO queuing: Size/Length/Discards 0/75/0 Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec...
Page 180 1.1.1.1/1/1 StaticCR -/20 GE1/1/1 2.1.1.2 Local GE1/1/1 [RouterB] display mpls lsp Proto In/Out Label Interface/Out NHLFE StaticCR 20/30 GE1/1/2 3.2.1.2 Local GE1/1/2 [RouterC] display mpls lsp Proto In/Out Label Interface/Out NHLFE StaticCR 30/- [RouterA] display mpls static-cr-lsp Name LSR Type In/Out Label Out Interface State...
Page 181: Configuring Rsvp
Configuring RSVP Overview The Resource Reservation Protocol (RSVP) is a signaling protocol that reserves resources on a network. Extended RSVP supports MPLS label distribution and allows resource reservation information to be transmitted with label bindings. This extended RSVP is called RSVP-TE. RSVP-TE is a label distribution protocol for MPLS TE.
Page 182: Crlsp Setup Procedure
CRLSP setup procedure As shown in Figure 44, a CRLSP is set up by using the following steps: The ingress LSR generates a Path message that carries LABEL_REQUEST, and then forwards the message along the path calculated by CSPF hop-by-hop towards the egress LSR. After receiving the Path message, the egress LSR generates a Resv message carrying the reservation information and the LABEL object.
Page 183: Rsvp Authentication
by sending back a message that includes the Message_ID_ACK object. If the sender does not receive a Message_ID_ACK within the retransmission interval (Rf), it performs the following tasks: • Retransmits the message when Rf expires. • Sets the next transmission interval to (1 + delta) × Rf. The sender repeats this process until it receives the Message_ID_ACK before the retransmission time expires or it has transmitted the message three times.
Page 184: Protocols And Standards
Protocols and standards • RFC 2205, Resource ReSerVation Protocol • RFC 3209, RSVP-TE: Extensions to RSVP for LSP Tunnels • RFC 2961, RSVP Refresh Overhead Reduction Extensions RSVP configuration task list Tasks at a glance (Required.) Enabling RSVP (Optional.) Perform the following tasks on each node of an MPLS TE tunnel according to your network requirements: •...
Page 185: Configuring Rsvp Srefresh And Reliable Rsvp Message Delivery
Configuring RSVP Srefresh and reliable RSVP message delivery After Srefresh is enabled, RSVP maintains the path and reservation states by sending Srefresh messages rather than standard refresh messages. To configure Srefresh and reliable RSVP message delivery: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view.
Page 186: Configuring Rsvp Authentication
Step Command Remarks Set the maximum number of By default, the maximum number consecutive lost or hello lost times is 4. erroneous hellos. Set the interval for sending By default, hello requests are sent hello interval interval hello requests. every 5 seconds. Return to system view.
Page 187: Setting A Dscp Value For Outgoing Rsvp Packets
To configure RSVP authentication in interface view: Step Command Remarks Enter system view. system-view interface interface-type Enter interface view. interface-number By default, RSVP authentication Enable RSVP authentication is disabled. on the interface and rsvp authentication key { cipher Do not enable both RSVP configure the authentication | plain } string authentication and FRR on the...
Page 188: Configuring Rsvp Gr
Step Command Remarks Enter RSVP view. rsvp Set a DSCP value for outgoing dscp dscp-value By default, the DSCP value is 48. RSVP packets. Configuring RSVP GR RSVP GR depends on the RSVP hello extension feature. When configuring RSVP GR, you must enable RSVP hello extension.
Page 189: Rsvp Configuration Examples
Task Command Display information about the security display rsvp authentication [ from ip-address ] [ to associations established with RSVP ip-address ] [ verbose ] neighbors. Display information about CRLSPs display rsvp lsp [ destination ip-address ] [ source established through RSVP. ip-address ] [ tunnel-id tunnel-id ] [ lsp-id lsp-id ] [ verbose ] display rsvp peer [ interface interface-type Display information about RSVP neighbors.
Page 190 Figure 45 Network diagram IP network IP network GE1/1/2 GE1/1/2 Router A Router D GE1/1/1 GE1/1/1 Loop0 Loop0 Loop0 Loop0 GE1/1/1 GE1/1/1 GE1/1/0 GE1/1/0 Router B Router C Table 11 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A...
Page 191 [RouterB-isis-1] quit [RouterB] interface gigabitethernet 1/1/1 [RouterB-GigabitEthernet1/1/1] isis enable 1 [RouterB-GigabitEthernet1/1/1] isis circuit-level level-2 [RouterB-GigabitEthernet1/1/1] quit [RouterB] interface gigabitethernet 1/1/0 [RouterB-GigabitEthernet1/1/0] isis enable 1 [RouterB-GigabitEthernet1/1/0] isis circuit-level level-2 [RouterB-GigabitEthernet1/1/0] quit [RouterB] interface loopback 0 [RouterB-LoopBack0] isis enable 1 [RouterB-LoopBack0] isis circuit-level level-2 [RouterB-LoopBack0] quit # Configure Router C.
Page 192 [RouterA] mpls lsr-id 1.1.1.9 [RouterA] mpls te [RouterA-te] quit [RouterA] rsvp [RouterA-rsvp] quit [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] mpls enable [RouterA-GigabitEthernet1/1/1] mpls te enable [RouterA-GigabitEthernet1/1/1] rsvp enable [RouterA-GigabitEthernet1/1/1] quit # Configure Router B. [RouterB] mpls lsr-id 2.2.2.9 [RouterB] mpls te [RouterB-te] quit [RouterB] rsvp [RouterB-rsvp] quit...
Page 193 [RouterD] interface gigabitethernet 1/1/1 [RouterD-GigabitEthernet1/1/1] mpls enable [RouterD-GigabitEthernet1/1/1] mpls te enable [RouterD-GigabitEthernet1/1/1] rsvp enable [RouterD-GigabitEthernet1/1/1] quit Configure IS-IS TE: # Configure Router A. [RouterA] isis 1 [RouterA-isis-1] cost-style wide [RouterA-isis-1] mpls te enable level-2 [RouterA-isis-1] quit # Configure Router B. [RouterB] isis 1 [RouterB-isis-1] cost-style wide [RouterB-isis-1] mpls te enable level-2...
Page 194 [RouterC-GigabitEthernet1/1/0] mpls te max-link-bandwidth 10000 [RouterC-GigabitEthernet1/1/0] mpls te max-reservable-bandwidth 5000 [RouterC-GigabitEthernet1/1/0] quit # Set the maximum link bandwidth and maximum reservable bandwidth on Router D. [RouterD] interface gigabitethernet 1/1/1 [RouterD-GigabitEthernet1/1/1] mpls te max-link-bandwidth 10000 [RouterD-GigabitEthernet1/1/1] mpls te max-reservable-bandwidth 5000 [RouterD-GigabitEthernet1/1/1] quit Configure an MPLS TE tunnel on Router A: # Configure MPLS TE tunnel interface Tunnel 1.
Page 195: Rsvp Gr Configuration Example
Tunnel Attributes LSP ID : 23331 Tunnel ID Admin State : Normal Ingress LSR ID : 1.1.1.9 Egress LSR ID : 4.4.4.9 Signaling : RSVP-TE Static CRLSP Name Resv Style : SE Tunnel mode Reverse-LSP name Reverse-LSP LSR ID Reverse-LSP Tunnel ID: - Class Type : CT0 Tunnel Bandwidth...
Page 196 Configure an LSR ID, enable MPLS, MPLS TE, RSVP, and RSVP hello extension: # Configure Router A. <RouterA> system-view [RouterA] mpls lsr-id 1.1.1.9 [RouterA] mpls te [RouterA-te] quit [RouterA] rsvp [RouterA-rsvp] quit [RouterA] interface gigabitethernet 1/1/1 [RouterA-GigabitEthernet1/1/1] mpls enable [RouterA-GigabitEthernet1/1/1] mpls te enable [RouterA-GigabitEthernet1/1/1] rsvp enable [RouterA-GigabitEthernet1/1/1] rsvp hello enable [RouterA-GigabitEthernet1/1/1] quit...
Page 197 Configure RSVP GR: # Configure Router A. [RouterA] rsvp [RouterA-rsvp] graceful-restart enable # Configure Router B. [RouterB] rsvp [RouterB-rsvp] graceful-restart enable # Configure Router C. [RouterC] rsvp [RouterC-rsvp] graceful-restart enable Verifying the configuration After a tunnel is established from Router A to Router C, display detailed RSVP neighbor information on Router A.
Page 198: Configuring Tunnel Policies
Configuring tunnel policies Overview Tunnel policies enable a PE to forward traffic for each MPLS VPN over a preferred tunnel or over multiple tunnels. The tunnels supported by MPLS VPN include MPLS LSPs, MPLS TE tunnels, and GRE tunnels. For more information about MPLS TE, see "Configuring MPLS TE." For more information about GRE, see Layer 3—IP Services Configuration Guide.
Page 199: Configuration Procedure
The second method distributes traffic of a single VPN to multiple tunnels. The transmission delays on different tunnels can vary by a large amount. Therefore, the destination device or the upper layer application might take a great time to sequence the packets. As a best practice, do not use the second method.
Page 200: Tunnel Policy Configuration Examples
Tunnel policy configuration examples Preferred tunnel configuration example Network requirements PE 1 has multiple tunnels to reach PE 2: one MPLS TE tunnel on interface Tunnel 1, one GRE tunnel on interface Tunnel 2, and one LDP LSP tunnel. Two MPLS VPN instances, vpna and vpnb, exist on PE 1. Configure PE 1 to use the MPLS TE tunnel to forward traffic for both VPNs.
Page 201: Tunnel Selection Order Configuration Example
[PE1-tunnel-policy-preferredgre2] quit Configure MPLS VPN instances and apply tunnel policies to the VPN instances: # Create MPLS VPN instance vpna, and apply tunnel policy preferredte1 to it. [PE1] ip vpn-instance vpna [PE1-vpn-instance-vpna] route-distinguisher 100:1 [PE1-vpn-instance-vpna] vpn-target 100:1 [PE1-vpn-instance-vpna] tnl-policy preferredte1 [PE1-vpn-instance-vpna] quit # Create MPLS VPN instance vpnb, and apply tunnel policy preferredgre2 to it.
Page 202 Table 12 Tunnel policies used for VPN instances VPN instance Tunnel policy vpna, vpnb Use MPLS TE tunnel Tunnel1 as the preferred tunnel. vpnc, vpnd Use MPLS TE tunnel Tunnel3 as the preferred tunnel. vpne, vpnf Use GRE tunnel Tunnel2 as the preferred tunnel. vpng Uses one tunnel selected in LDP LSP-GRE-MPLS TE order.
Page 203 [PE1-vpn-instance-vpnd] route-distinguisher 100:4 [PE1-vpn-instance-vpnd] vpn-target 100:4 [PE1-vpn-instance-vpnd] tnl-policy preferredte3 [PE1-vpn-instance-vpnd] quit # Create MPLS VPN instances vpne and vpnf, and apply tunnel policy preferredgre2 to them. [PE1] ip vpn-instance vpne [PE1-vpn-instance-vpne] route-distinguisher 100:5 [PE1-vpn-instance-vpne] vpn-target 100:5 [PE1-vpn-instance-vpne] tnl-policy preferredgre2 [PE1-vpn-instance-vpne] quit [PE1] ip vpn-instance vpnf [PE1-vpn-instance-vpnf] route-distinguisher 100:6 [PE1-vpn-instance-vpnf] vpn-target 100:6...
Page 204: Configuring Mpls L3Vpn
Configuring MPLS L3VPN Overview MPLS L3VPN is a L3VPN technology used to interconnect geographically dispersed VPN sites. MPLS L3VPN uses BGP to advertise VPN routes and uses MPLS to forward VPN packets over a service provider backbone. MPLS L3VPN provides flexible networking modes, excellent scalability, and convenient support for MPLS QoS and MPLS TE.
Page 205 • The classification of a site depends on the topology relationship of the devices, rather than the geographical positions. However, the devices at a site are, in most cases, adjacent to each other geographically. • The devices at a site can belong to multiple VPNs, which means that a site can belong to multiple VPNs.
Page 206: Mpls L3Vpn Route Advertisement
• When the Type field is 2, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1. To guarantee global uniqueness for a VPN-IPv4 address, do not set the Administrator subfield to any private AS number or private IP address.
Page 207: Mpls L3Vpn Packet Forwarding
d. Advertises those routes to the connected CE over a static route, RIP route, OSPF route, IS-IS route, EBGP route, or IBGP route. MPLS L3VPN packet forwarding In a basic MPLS L3VPN (within a single AS), a PE adds the following information into VPN packets: •...
Page 208: Mpls L3Vpn Networking Schemes
MPLS L3VPN networking schemes In MPLS L3VPNs, route target attributes are used to control the advertisement and reception of VPN routes between sites. They work independently and can be configured with multiple values to support flexible VPN access control and implement multiple types of VPN networking schemes. Basic VPN networking scheme In the simplest case, all users in a VPN form a closed user group.
Page 209 • The import target attribute of a spoke PE is different from the export target attribute of any other spoke PE. Any two spoke PEs do not directly advertise VPN-IPv4 routes to each other. Therefore, they cannot directly access each other. Figure 52 Network diagram for hub and spoke network A route in Site 1 is advertised to Site 2 by using the following process: Spoke-CE 1 advertises a route in Site 1 to Spoke-PE 1.
Page 210: Inter-As Vpn
Figure 53 Network diagram for extranet networking scheme VPN 1 Site 1 VPN 1: Import:100:1 Export:100:1 PE 1 VPN 1 PE 3 Site 3 PE 2 VPN 1: Import:100:1,200:1 Export:100:1,200:1 VPN 2: Import:200:1 Site 2 Export:200:1 VPN 2 As shown in Figure 53, route targets configured on PEs produce the following results: •...
Page 211 Figure 54 Network diagram for inter-AS option A As shown in Figure 54, in VPN 1, routes are advertised from CE 1 to CE 3 by using the following process: PE 1 advertises the VPN routes learned from CE 1 to ASBR 1 through MP-IBGP. ASBR 1 performs the following operations: a.
Page 212 Figure 55 Network diagram for inter-AS option B VPN 1 VPN 1 CE 1 CE 3 ASBR 2 ASBR 1 PE 1 PE 3 (PE) (PE) MP-EBGP MPLS backbone MPLS backbone AS 100 AS 200 PE 2 PE 4 VPN LSP 1 VPN LSP 3 VPN LSP2 CE 4...
Page 213 In this solution, PEs exchange VPN-IPv4 routes over a multihop MP-EBGP session. Each PE must have a route to the peer PE and a label for the route so that the inter-AS public tunnel between the PEs can be set up. Inter-AS option C sets up a public tunnel by using the following methods: •...
Page 214: Carrier's Carrier
Assume that the outgoing label for the public tunnel on PE 3 is Lv. After route advertisement and public tunnel setup, a packet is forwarded from CE 3 to CE 1 by using the following process: PE 3 performs the following routing table lookups for the packet: a.
Page 215 For packets between customer networks to travel through the Level 1 carrier, the PE of the Level 1 carrier and the CE of the Level 2 carrier must assign labels to the backbone networks of the Level 2 carrier. The CE of the Level 2 carrier is a PE within the Level 2 carrier network. Follow these guidelines to assign labels: •...
Page 216: Nested Vpn
Figure 59 Scenario where the Level 2 carrier is an MPLS L3VPN service provider NOTE: As a best practice, establish equal cost LSPs between the Level 1 carrier and the Level 2 carrier if equal cost routes exist between them. Nested VPN The nested VPN technology exchanges VPNv4 routes between PEs and CEs of the ISP MPLS L3VPN and allows a customer to manage its own internal VPNs.
Page 217: Multirole Host
Figure 60 Network diagram for nested VPN VPN A Provider MPLS Provider PE Provider PE CE 8 CE 7 VPN backbone VPN A-2 VPN A-1 CE 2 CE 1 Customer MPLS Customer MPLS VPN network Customer PE Customer PE CE 3 CE 4 CE 5 CE 6...
Page 218: Hovpn
Figure 61 Network diagram As shown in Figure 61, the multirole host in site 1 needs to access both VPN 1 and VPN 2. Other hosts in site 1 only need to access VPN 1. To configure the multirole host feature, configure PE 1 as follows: •...
Page 219 Figure 62 Basic architecture of HoVPN As shown in Figure 62, UPEs and SPEs play the following different roles: • A UPE is directly connected to CEs. It provides user access. It maintains the routes of directly connected VPN sites. It does not maintain the routes of the remote sites in the VPN, or it only maintains their summary routes.
Page 220: Ospf Vpn Extension
Figure 63 Recursion of HoPEs Figure 63 shows a three-level HoPE. The PE in the middle is called the middle-level PE (MPE). MP-BGP runs between SPE and MPE, and between MPE and UPE. MP-BGP advertises the following routes: • All the VPN routes of UPEs to the SPEs. •...
Page 221 Figure 64 Network diagram for BGP/OSPF interaction As shown in Figure 64, CE 11, CE 21, and CE 22 belong to the same VPN and the same OSPF domain. Before domain ID configuration, VPN 1 routes are advertised from CE 11 to CE 21 and CE 22 by using the following process: PE 1 redistributes OSPF routes from CE 11 into BGP, and advertises the VPN routes to PE 2 through BGP.
Page 222: Bgp As Number Substitution And Soo Attribute
As shown in Figure 65, Site 1 is connected to two PEs. When a PE advertises VPN routes learned from MP-BGP to Site 1 through OSPF, the routes might be received by the other PE. This results in a routing loop. OSPF VPN extension uses the following tags to avoid routing loops: •...
Page 223: Mpls L3Vpn Frr
The BGP AS number substitution feature allows geographically different CEs to use the same AS number. If the AS_PATH of a route contains the AS number of a CE, the PE replaces the AS number with its own AS number before advertising the route to that CE. After you enable the BGP AS number substitution feature, the PE performs BGP AS number substitution for all routes and re-advertises them to connected CEs in the peer group.
Page 224 Figure 68 Network diagram Configure BFD for LSPs or MPLS TE tunnels on PE 1 to detect the connectivity of the public tunnel from PE 1 to PE 2. When the tunnel PE 1—PE 2 operates correctly, traffic from CE 1 to CE 2 goes through the path CE 1—PE 1—PE 2—CE 2.
Page 225: Protocols And Standards
for VPN 1 connected to CE 2), PE 1 uses the VPNv4 route as the primary link, and the IPv4 route as the backup link. Figure 70 Network diagram PE 1 MPLS VPN 1 VPN 1 backbone CE 1 CE 2 Primary link Backup link PE 2...
Page 226: Configuring Basic Mpls L3Vpn
Tasks at a glance (Optional.) Enabling SNMP notifications for MPLS L3VPN Configuring basic MPLS L3VPN Tasks at a glance Configuring VPN instances: (Required.) Creating a VPN instance (Required.) Associating a VPN instance with an interface (Optional.) Configuring route related attributes for a VPN instance (Required.) Configuring routing between a PE and a CE (Required.)
Page 227 Step Command Remarks (Optional.) Configure a VPN By default, no VPN ID is vpn-id vpn-id ID for the VPN instance. configured for a VPN instance. (Optional.) Configure an snmp context-name By default, no SNMP context is SNMP context for the VPN context-name configured.
Page 228: Configuring Routing Between A Pe And A Ce
Step Command Remarks By default, the maximum number of active routes for a VPN instance is 1000100. Set the maximum routing-table limit number Setting the maximum number of number of active routes. { warn-threshold | simply-alert } active routes for a VPN instance can prevent the PE from learning too many routes.
Page 229 Configuring RIP between a PE and a CE A RIP process belongs to the public network or a single VPN instance. If you create a RIP process without binding it to a VPN instance, the process belongs to the public network. To configure RIP between a PE and a CE: Step Command...
Page 230 Step Command Remarks The defaults are as follows: • 0x0005 for Domain ID. ext-community-type Configure the type codes of • 0x0107 for Router ID. { domain-id type-code1 | OSPF extended community • router-id type-code2 | route-type 0x0306 for Route Type. attributes.
Page 231 Step Command Remarks Create the BGP-VPN IPv4 By default, the BGP-VPN IPv4 unicast family and enter its address-family ipv4 [ unicast ] unicast family is not created. view. Enable IPv4 unicast route By default, BGP does not exchange with the peer { group-name | ip-address exchange IPv4 unicast routes specified peer or peer...
Page 232 Configuring IBGP between a PE and a CE Use IBGP between PE and CE only in a basic MPLS L3VPN network. In networks such as Hub&Spoke, Extranet, inter-AS VPN, carrier's carrier, nested VPN, and HoVPN, you cannot use IBGP between PE and CE. Configure the PE: Step Command...
Page 233: Configuring Routing Between Pes
Configuring routing between PEs Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] peer { group-name | ip-address Configure the remote PE as [ mask-length ] } as-number By default, no BGP peers exist. a BGP peer.
Page 234 Step Command Remarks Filter routes received from or peer { group-name | ipv4-address advertised to a peer or peer [ mask-length ] } as-path-acl By default, no AS filtering list is group based on an AS_PATH aspath-filter-number { import | applied to a peer or peer group.
Page 235: Configuring Inter-As Vpn
Step Command Remarks By default, route target filtering is enabled for received VPNv4 routes. Only VPNv4 routes whose 21. Enable route target filtering policy vpn-target export route target attribute of received VPNv4 routes. matches local import route target attribute are added to the routing table.
Page 236: Configuring Inter-As Option C
Enable MPLS capability on the interface connected to the ASBR in another AS. There is no need to configure a label distribution protocol, for example, LDP. An ASBR always sets itself as the next hop of VPNv4 routes advertised to an MP-IBGP peer regardless of the peer next-hop-local command.
Page 237 Execute the peer ebgp-max-hop command to enable the local router to establish an EBGP session to an indirectly-connected peer, because the PEs are not directly connected. Specify the ASBR in the same AS as an IBGP peer, and enable BGP to exchange labeled IPv4 unicast routes with the ASBR.
Page 238 Step Command Remarks By default, the device uses its address as the next hop of routes 11. (Optional.) Configure the PE advertised to peers. peer { group-name | ipv4-address to not change the next hop of [ mask-length ] } Configure this command on the routes advertised to the next-hop-invariable...
Page 239: Configuring Nested Vpn
Step Command Remarks bgp as-number [ instance 13. Enter BGP instance view. instance-name ] peer { group-name | ipv4-address 14. Configure the PE in the same [ mask-length ] } as-number By default, no BGP peers exist. AS as an IBGP peer. as-number 15.
Page 240: Configuring Multirole Host
• The address spaces of sub-VPNs of a VPN cannot overlap. • Do not assign nested VPN peers addresses that public network peers use. • Nested VPN does not support multihop EBGP. A provider PE and a provider CE must use the addresses of the directly connected interfaces to establish a neighbor relationship.
Page 241: Configuring A Static Route
Step Command Remarks By default, no match criterion is configured. All packets match the Configure match criteria for See Layer 3—IP Routing criteria for the node. the node. Configuration Guide. This step matches packets from the multirole host. By default, no VPN instance is specified.
Page 242: Configuring An Ospf Sham Link
Associating an interface with a VPN instance is not required on the SPE because no interface on the SPE is directly connected to the customer network. As a best practice, do not configure the peer default-route-advertise vpn-instance and peer upe route-policy commands at the same time.
Page 243: Configuring A Loopback Interface
• Configure OSPF in the LAN where customer CEs reside. Configuring a loopback interface Step Command Remarks Enter system view. system-view Create a loopback interface interface loopback By default, no loopback interfaces and enter loopback interface interface-number exist. view. Associate the loopback ip binding vpn-instance By default, the interface is interface with a VPN...
Page 244: Specifying The Vpn Label Processing Mode On The Egress Pe
Step Command Remarks sham-link source-ip-address destination-ip-address [ cost cost-value | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id Configure a sham link. By default, no sham links exist. { cipher | plain } string | simple { cipher | plain } string } | retransmit retrans-interval | trans-delay delay | ttl-security...
Page 245: Configuring Mpls L3Vpn Frr
Step Command Remarks Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { ipv4-address Enable the BGP AS number By default, BGP AS number [ mask-length ] | group-name } substitution feature. substitution is disabled. substitute-as Enter BGP-VPN IPv4 unicast address-family ipv4 [ unicast ] address family view.
Page 246 Step Command Remarks • Configure BFD to test the connectivity of the LSP for the specified FEC: mpls bfd dest-addr By default, BFD is not configured to mask-length [ nexthop test the connectivity of the LSP or nexthop-address MPLS TE tunnel. [ discriminator local local-id remote remote-id ] ] [ template This step is required for VPNv4...
Page 247: Configuring The Lpu Load Sharing Mode
Step Command Remarks By default, MPLS L3VPN FRR is disabled. Method 1 might result in routing • (Method 1) Enable MPLS loops. Use it with caution. L3VPN FRR for the address By default, no routing policy is family: used. 12. Enable MPLS L3VPN •...
Page 248: Enabling Snmp Notifications For Mpls L3Vpn
Step Command Remarks Enter system view. system-view Enter VPN instance view. ip vpn-instance vpn-instance-name Enter IPv4 VPN view. address-family ipv4 route-replicate from { public | vpn-instance vpn-instance-name } protocol bgp as-number Enable the VPN instance By default, a VPN instance [ route-policy route-policy-name ] to replicate routes from cannot replicate routes from the...
Page 249: Mpls L3Vpn Configuration Examples
Task Command Display the routing table for a VPN display ip routing-table vpn-instance vpn-instance-name instance. [ statistics | verbose ] Display information about a specified display ip vpn-instance [ instance-name vpn-instance-name ] or all VPN instances. Display the FIB of a VPN instance. display fib vpn-instance vpn-instance-name Display FIB entries that match the display fib vpn-instance vpn-instance-name ip-address [ mask |...
Page 250 PEs use OSPF to communicate with each other and use MP-IBGP to exchange VPN routing information. Figure 71 Network diagram Table 13 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 GE1/1/1 10.1.1.1/24 Loop0 2.2.2.9/32 PE 1 Loop0...
Page 251 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Configure the P device. <P> system-view [P] interface loopback 0 [P-LoopBack0] ip address 2.2.2.9 32 [P-LoopBack0] quit [P] interface pos 1/1/0 [P-Pos1/1/0] ip address 172.1.1.2 24 [P-Pos1/1/0] quit [P] interface pos 1/1/1 [P-Pos1/1/1] ip address 172.2.1.1 24 [P-Pos1/1/1] quit [P] ospf [P-ospf-1] area 0...
Page 252 [P] mpls lsr-id 2.2.2.9 [P] mpls ldp [P-ldp] quit [P] interface pos 1/1/0 [P-Pos1/1/0] mpls enable [P-Pos1/1/0] mpls ldp enable [P-Pos1/1/0] quit [P] interface pos 1/1/1 [P-Pos1/1/1] mpls enable [P-Pos1/1/1] mpls ldp enable [P-Pos1/1/1] quit # Configure PE 2. [PE2] mpls lsr-id 3.3.3.9 [PE2] mpls ldp [PE2-ldp] quit [PE2] interface pos 1/1/0...
Page 253 [PE2-vpn-instance-vpn2] quit [PE2] interface gigabitethernet 1/1/1 [PE2-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE2-GigabitEthernet1/1/1] ip address 10.3.1.2 24 [PE2-GigabitEthernet1/1/1] quit [PE2] interface gigabitethernet 1/1/2 [PE2-GigabitEthernet1/1/2] ip binding vpn-instance vpn2 [PE2-GigabitEthernet1/1/2] ip address 10.4.1.2 24 [PE2-GigabitEthernet1/1/2] quit # Configure IP addresses for the CEs according to Figure 71.
Page 254 [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] ip vpn-instance vpn2 [PE1-bgp-default-vpn2] peer 10.2.1.1 as-number 65420 [PE1-bgp-default-vpn2] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn2] peer 10.2.1.1 enable [PE1-bgp-default-ipv4-vpn2] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Configure PE 2 in the same way that PE 1 is configured. (Details not shown.) # Execute the display bgp peer ipv4 vpn-instance command on the PEs to verify that a BGP peer relationship in Established state has been established between a PE and a CE.
Page 255: Configuring Mpls L3Vpn Over A Gre Tunnel
127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 The output shows that PE 1 has a route to the remote CE. Output on PE 2 is similar. # Verify that CEs of the same VPN can ping each other, whereas those of different VPNs cannot. For example, CE 1 can ping CE 3 (10.3.1.1), but it cannot ping CE 4 (10.4.1.1).
Page 256 This example uses OSPF. (Details not shown.) # Execute the display ospf peer command to verify that OSPF adjacencies in Full state have been established between PE 1, P, and PE 2. Execute the display ip routing-table command to verify that the PEs have learned the loopback route of each other. (Details not shown.) Configure basic MPLS on the PEs: # Configure PE 1.
Page 257 [CE2-GigabitEthernet1/1/1] quit # Execute the display ip vpn-instance command on the PEs to display the configuration of the VPN instance, for example, on PE 1. [PE1] display ip vpn-instance Total VPN-Instances configured : 1 VPN-Instance Name Create time vpn1 100:1 2012/02/13 15:59:50 # Use the ping command on the PEs to verify that the PEs can ping their attached CEs, for example, on PE 1.
Page 258: Configure A Gre Tunnel
[PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0 [PE1-bgp-default] address-family vpnv4 [PE1-bgp-default-vpnv4] peer 2.2.2.9 enable [PE1-bgp-default-vpnv4] quit [PE1-bgp-default] quit # Configure PE 2 in the same way that PE 1 is configured. (Details not shown.) # Execute the display bgp peer vpnv4 command on the PEs to verify that a BGP peer relationship in Established state has been established between the PEs.
Page 259: Configuring A Hub-Spoke Network
Configuring a hub-spoke network Network requirements The Spoke-CEs cannot communicate directly. They can communicate only through Hub-CE. Configure EBGP between the Spoke-CEs and Spoke-PEs and between Hub-CE and Hub-PE to exchange VPN routing information. Configure OSPF between the Spoke-PEs and Hub-PE to implement communication between the PEs, and configure MP-IBGP between them to exchange VPN routing information.
Page 260 [Spoke-PE1] interface pos 1/1/0 [Spoke-PE1-Pos1/1/0] ip address 172.1.1.1 24 [Spoke-PE1-Pos1/1/0] quit [Spoke-PE1] ospf [Spoke-PE1-ospf-1] area 0 [Spoke-PE1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255 [Spoke-PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [Spoke-PE1-ospf-1-area-0.0.0.0] quit [Spoke-PE1-ospf-1] quit # Configure Spoke-PE 2. <Spoke-PE2> system-view [Spoke-PE2] interface loopback 0 [Spoke-PE2-LoopBack0] ip address 3.3.3.9 32 [Spoke-PE2-LoopBack0] quit [Spoke-PE2] interface pos 1/1/0 [Spoke-PE2-Pos1/1/0] ip address 172.2.1.1 24...
Page 261 [Spoke-PE1] mpls ldp [Spoke-PE1-ldp] quit [Spoke-PE1] interface pos 1/1/0 [Spoke-PE1-Pos1/1/0] mpls enable [Spoke-PE1-Pos1/1/0] mpls ldp enable [Spoke-PE1-Pos1/1/0] quit # Configure Spoke-PE 2. [Spoke-PE2] mpls lsr-id 3.3.3.9 [Spoke-PE2] mpls ldp [Spoke-PE2-ldp] quit [Spoke-PE2] interface pos 1/1/0 [Spoke-PE2-Pos1/1/0] mpls enable [Spoke-PE2-Pos1/1/0] mpls ldp enable [Spoke-PE2-Pos1/1/0] quit # Configure Hub-PE.
Page 262 [Spoke-PE2-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [Spoke-PE2-GigabitEthernet1/1/1] ip address 10.2.1.2 24 [Spoke-PE2-GigabitEthernet1/1/1] quit # Configure Hub-PE. [Hub-PE] ip vpn-instance vpn1-in [Hub-PE-vpn-instance-vpn1-in] route-distinguisher 100:3 [Hub-PE-vpn-instance-vpn1-in] vpn-target 222:2 import-extcommunity [Hub-PE-vpn-instance-vpn1-in] quit [Hub-PE] ip vpn-instance vpn1-out [Hub-PE-vpn-instance-vpn1-out] route-distinguisher 100:4 [Hub-PE-vpn-instance-vpn1-out] vpn-target 111:1 export-extcommunity [Hub-PE-vpn-instance-vpn1-out] quit [Hub-PE] interface gigabitethernet 1/1/1 [Hub-PE-GigabitEthernet1/1/1] ip binding vpn-instance vpn1-in [Hub-PE-GigabitEthernet1/1/1] ip address 10.3.1.2 24...
Page 263 [Spoke-CE1-bgp-default-ipv4] peer 10.1.1.2 enable [Spoke-CE1-bgp-default-ipv4] import-route direct [Spoke-CE1-bgp-default-ipv4] quit [Spoke-CE1-bgp-default] quit # Configure Spoke-CE 2. <Spoke-CE2> system-view [Spoke-CE2] bgp 65420 [Spoke-CE2-bgp-default] peer 10.2.1.2 as-number 100 [Spoke-CE2-bgp-default] address-family ipv4 [Spoke-CE2-bgp-default-ipv4] peer 10.2.1.2 enable [Spoke-CE2-bgp-default-ipv4] import-route direct [Spoke-CE2-bgp-default-ipv4] quit [Spoke-CE2-bgp-default] quit # Configure Hub-CE. <Hub-CE>...
Page 264 [Hub-PE-bgp-default-ipv4-vpn1-in] quit [Hub-PE-bgp-default-vpn1-in] quit [Hub-PE-bgp-default] ip vpn-instance vpn1-out [Hub-PE-bgp-default-vpn1-out] peer 10.4.1.1 as-number 65430 [Hub-PE-bgp-default-vpn1-out] address-family ipv4 [Hub-PE-bgp-default-ipv4-vpn1-out] peer 10.4.1.1 enable [Hub-PE-bgp-default-ipv4-vpn1-out] peer 10.4.1.1 allow-as-loop 2 [Hub-PE-bgp-default-ipv4-vpn1-out] quit [Hub-PE-bgp-default-vpn1-out] quit [Hub-PE-bgp-default] quit # Execute the display bgp peer ipv4 vpn-instance command on the PEs to verify that a BGP peer relationship in Established state has been established between a PE and a CE.
Page 265: Configuring Mpls L3Vpn Inter-As Option A
Destinations : 15 Routes : 15 Destination/Mask Proto Pre Cost NextHop Interface 0.0.0.0/32 Direct 127.0.0.1 InLoop0 10.1.1.0/24 Direct 10.1.1.2 GE1/1/1 10.1.1.0/32 Direct 10.1.1.2 GE1/1/1 10.1.1.2/32 Direct 127.0.0.1 InLoop0 10.1.1.255/32 Direct 10.1.1.2 GE1/1/1 10.2.1.0/24 255 0 2.2.2.9 POS1/1/0 10.3.1.0/24 255 0 2.2.2.9 POS1/1/0 10.4.1.0/24...
Page 266 Figure 74 Network diagram Table 16 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 GE1/1/1 10.1.1.1/24 CE 2 GE1/1/1 10.2.1.1/24 PE 1 Loop0 1.1.1.9/32 PE 2 Loop0 4.4.4.9/32 GE1/1/1 10.1.1.2/24 GE1/1/1 10.2.1.2/24 POS1/1/0 172.1.1.2/24 POS1/1/0 162.1.1.2/24...
Page 267 [PE1-Pos1/1/0] quit # Configure basic MPLS on ASBR-PE 1, and enable MPLS LDP on the interface connected to PE 1. <ASBR-PE1> system-view [ASBR-PE1] mpls lsr-id 2.2.2.9 [ASBR-PE1] mpls ldp [ASBR-PE1-ldp] quit [ASBR-PE1] interface pos 1/1/0 [ASBR-PE1-Pos1/1/0] mpls enable [ASBR-PE1-Pos1/1/0] mpls ldp enable [ASBR-PE1-Pos1/1/0] quit # Configure basic MPLS on ASBR-PE 2, and enable MPLS LDP on the interface connected to PE 2.
Page 268 [PE1-GigabitEthernet1/1/1] ip address 10.1.1.2 24 [PE1-GigabitEthernet1/1/1] quit # Configure CE 2. <CE2> system-view [CE2] interface gigabitethernet 1/1/1 [CE2-GigabitEthernet1/1/1] ip address 10.2.1.1 24 [CE2-GigabitEthernet1/1/1] quit # Configure PE 2. [PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] route-distinguisher 200:2 [PE2-vpn-instance-vpn1] vpn-target 200:1 both [PE2-vpn-instance-vpn1] quit [PE2] interface gigabitethernet 1/1/1 [PE2-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE2-GigabitEthernet1/1/1] ip address 10.2.1.2 24...
Page 269 # Configure PE 1. [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] peer 10.1.1.1 as-number 65001 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] peer 10.1.1.1 enable [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Configure CE 2. [CE2] bgp 65002 [CE2-bgp-default] peer 10.2.1.2 as-number 200 [CE2-bgp-default] address-family ipv4 unicast [CE2-bgp-default-ipv4] peer 10.2.1.2 enable [CE2-bgp-default-ipv4] import-route direct...
Page 270: Configuring Mpls L3Vpn Inter-As Option B
[ASBR-PE1-bgp-default-vpnv4] peer 1.1.1.9 enable [ASBR-PE1-bgp-default-vpnv4] peer 1.1.1.9 next-hop-local [ASBR-PE1-bgp-default-vpnv4] quit [ASBR-PE1-bgp-default] quit # Configure ASBR-PE 2. [ASBR-PE2] bgp 200 [ASBR-PE2-bgp-default] ip vpn-instance vpn1 [ASBR-PE2-bgp-default-vpn1] peer 192.1.1.1 as-number 100 [ASBR-PE2-bgp-default-vpn1] address-family ipv4 unicast [ASBR-PE2-bgp-default-ipv4-vpn1] peer 192.1.1.1 enable [ASBR-PE2-bgp-default-ipv4-vpn1] quit [ASBR-PE2-bgp-default-vpn1] quit [ASBR-PE2-bgp-default] peer 4.4.4.9 as-number 200 [ASBR-PE2-bgp-default] peer 4.4.4.9 connect-interface loopback 0 [ASBR-PE2-bgp-default] address-family vpnv4...
Page 271 Figure 75 Network diagram MPLS backbone Loop0 Loop0 MPLS backbone AS 100 AS 600 Ser1/1/1 Ser1/1/1 Ser1/1/0 Ser1/1/0 ASBR-PE 1 ASBR-PE 2 Loop0 Loop0 Ser1/1/0 Ser1/1/0 PE 2 PE 1 GE1/1/1 GE1/1/1 Site 2 Site 1 CE 1 CE 2 AS 65001 AS 65002 Table 17 Interface and IP address assignment...
Page 272 # Configure interface Loopback 0, and enable IS-IS on it. [PE1] interface loopback 0 [PE1-LoopBack0] ip address 2.2.2.9 32 [PE1-LoopBack0] isis enable 1 [PE1-LoopBack0] quit # Create VPN instance vpn1, and configure the RD and route target attributes. [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 11:11 [PE1-vpn-instance-vpn1] vpn-target 1:1 2:2 3:3 import-extcommunity [PE1-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity...
Page 273 # Configure interface Serial 1/1/1, and enable MPLS. [ASBR-PE1] interface serial 1/1/1 [ASBR-PE1-Serial1/1/1] ip address 11.0.0.2 255.0.0.0 [ASBR-PE1-Serial1/1/1] mpls enable [ASBR-PE1-Serial1/1/1] quit # Configure interface Loopback 0, and enable IS-IS on it. [ASBR-PE1] interface loopback 0 [ASBR-PE1-LoopBack0] ip address 3.3.3.9 32 [ASBR-PE1-LoopBack0] isis enable 1 [ASBR-PE1-LoopBack0] quit # Enable BGP on ASBR-PE 1.
Page 274 [ASBR-PE2-LoopBack0] ip address 4.4.4.9 32 [ASBR-PE2-LoopBack0] isis enable 1 [ASBR-PE2-LoopBack0] quit # Enable BGP on ASBR-PE 2. [ASBR-PE2] bgp 600 [ASBR-PE2-bgp-default] peer 11.0.0.2 as-number 100 [ASBR-PE2-bgp-default] peer 11.0.0.2 connect-interface serial 1/1/1 [ASBR-PE2-bgp-default] peer 5.5.5.9 as-number 600 [ASBR-PE2-bgp-default] peer 5.5.5.9 connect-interface loopback 0 # Disable route target based filtering of received VPNv4 routes.
Page 275: Configuring Mpls L3Vpn Inter-As Option C
[PE2-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE2-GigabitEthernet1/1/1] ip address 20.0.0.1 8 [PE2-GigabitEthernet1/1/1] quit # Enable BGP on PE 2. [PE2] bgp 600 # Configure IBGP peer 4.4.4.9 as a VPNv4 peer. [PE2-bgp-default] peer 4.4.4.9 as-number 600 [PE2-bgp-default] peer 4.4.4.9 connect-interface loopback 0 [PE2-bgp-default] address-family vpnv4 [PE2-bgp-default-vpnv4] peer 4.4.4.9 enable [PE2-bgp-default-vpnv4] quit...
Page 276 Figure 76 Network diagram Table 18 Interface and IP address assignment Device Interface IP address Device Interface IP address PE 1 Loop0 2.2.2.9/32 PE 2 Loop0 5.5.5.9/32 GE1/1/1 30.0.0.1/24 GE1/1/1 20.0.0.1/24 S1/1/0 1.1.1.2/8 S1/1/0 9.1.1.2/8 ASBR-PE 1 Loop0 3.3.3.9/32 ASBR-PE 2 Loop0 4.4.4.9/32 S1/1/0...
Page 277 [PE1] isis 1 [PE1-isis-1] network-entity 10.111.111.111.111.00 [PE1-isis-1] quit # Configure LSR ID, and enable MPLS and LDP. [PE1] mpls lsr-id 2.2.2.9 [PE1] mpls ldp [PE1-ldp] quit # Configure interface Serial 1/1/0, and enable IS-IS, MPLS, and LDP on the interface. [PE1] interface serial 1/1/0 [PE1-Serial1/1/0] ip address 1.1.1.2 255.0.0.0 [PE1-Serial1/1/0] isis enable 1...
Page 278 [PE1-bgp-default-vpnv4] quit # Establish an EBGP peer relationship with CE 1, and add the learned BGP routes to the routing table of VPN instance vpn1. [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] peer 30.0.0.2 as-number 65001 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] peer 30.0.0.2 enable [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit...
Page 279 [ASBR-PE1-bgp-default] peer 2.2.2.9 as-number 100 [ASBR-PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0 [ASBR-PE1-bgp-default] address-family ipv4 unicast [ASBR-PE1-bgp-default-ipv4] peer 2.2.2.9 enable [ASBR-PE1-bgp-default-ipv4] peer 2.2.2.9 route-policy policy2 export # Enable the capability to advertise labeled routes to IBGP peer 2.2.2.9 and to receive labeled routes from the peer.
Page 280 # Create routing policies. [ASBR-PE2] route-policy policy1 permit node 1 [ASBR-PE2-route-policy-policy1-1] apply mpls-label [ASBR-PE2-route-policy-policy1-1] quit [ASBR-PE2] route-policy policy2 permit node 1 [ASBR-PE2-route-policy-policy2-1] if-match mpls-label [ASBR-PE2-route-policy-policy2-1] apply mpls-label [ASBR-PE2-route-policy-policy2-1] quit # Enable BGP on ASBR-PE 2, and enable the capability to advertise labeled routes to IBGP peer 5.5.5.9 and to receive labeled routes from the peer.
Page 281 # Configure the interface Loopback 0, and enable IS-IS on it. [PE2] interface loopback 0 [PE2-LoopBack0] ip address 5.5.5.9 32 [PE2-LoopBack0] isis enable 1 [PE2-LoopBack0] quit # Create VPN instance vpn1, and configure the RD and route target attributes. [PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] route-distinguisher 11:11 [PE2-vpn-instance-vpn1] vpn-target 1:1 2:2 3:3 import-extcommunity [PE2-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity...
Page 282: Configuring Mpls L3Vpn Carrier's Carrier In The Same As
[CE2-GigabitEthernet1/1/1] ip address 20.0.0.2 24 [CE2-GigabitEthernet1/1/1] quit # Establish an EBGP peer relationship with PE 2, and redistribute VPN routes. [CE2] bgp 65002 [CE2-bgp-default] peer 20.0.0.1 as-number 600 [CE2-bgp-default] address-family ipv4 unicast [CE2-bgp-default-ipv4] peer 20.0.0.1 enable [CE2-bgp-default-ipv4] import-route direct [CE2-bgp-default-ipv4] quit [CE2-bgp-default] quit Verifying the configuration # Execute the display ip routing table command on CE 1 and CE 2 to verify that CE 1 and CE 2...
Page 283 Figure 77 Network diagram Table 19 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 3 GE1/1/1 100.1.1.1/24 CE 4 GE1/1/1 120.1.1.1/24 PE 3 Loop0 1.1.1.9/32 PE 4 Loop0 6.6.6.9/32 GE1/1/1 100.1.1.2/24 GE1/1/1 120.1.1.2/24 POS1/1/1 10.1.1.1/24 POS1/1/1 20.1.1.2/24...
Page 284 [PE1] interface loopback 0 [PE1-LoopBack0] isis enable 1 [PE1-LoopBack0] quit [PE1] interface pos 1/1/1 [PE1-Pos1/1/1] ip address 30.1.1.1 24 [PE1-Pos1/1/1] isis enable 1 [PE1-Pos1/1/1] mpls enable [PE1-Pos1/1/1] mpls ldp enable [PE1-Pos1/1/1] mpls ldp transport-address interface [PE1-Pos1/1/1] quit [PE1] bgp 100 [PE1-bgp-default] peer 4.4.4.9 as-number 100 [PE1-bgp-default] peer 4.4.4.9 connect-interface loopback 0 [PE1-bgp-default] address-family vpnv4...
Page 285 # Configure CE 1. <CE1> system-view [CE1] interface loopback 0 [CE1-LoopBack0] ip address 2.2.2.9 32 [CE1-LoopBack0] quit [CE1] mpls lsr-id 2.2.2.9 [CE1] mpls ldp [CE1-ldp] quit [CE1] isis 2 [CE1-isis-2] network-entity 10.0000.0000.0000.0002.00 [CE1-isis-2] quit [CE1] interface loopback 0 [CE1-LoopBack0] isis enable 2 [CE1-LoopBack0] quit [CE1] interface pos 1/1/0 [CE1-Pos1/1/0] ip address 10.1.1.2 24...
Page 286 [PE1-Pos1/1/0] quit [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] import isis 2 [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Configure CE 1. [CE1] interface pos 1/1/1 [CE1-Pos1/1/1] ip address 11.1.1.1 24 [CE1-Pos1/1/1] isis enable 2 [CE1-Pos1/1/1] mpls enable [CE1-Pos1/1/1] mpls ldp enable [CE1-Pos1/1/1] mpls ldp transport-address interface...
Page 287 [PE3-bgp-default] quit # Configure PE 4 and CE 4 in the same way that PE 3 and CE 3 are configured. (Details not shown.) Configure an MP-IBGP peer relationship between the PEs of the customer carrier to exchange the VPN routes of the end customers: # Configure PE 3.
Page 288 5.5.5.9/32 255 10 4.4.4.9 POS1/1/1 6.6.6.9/32 255 20 4.4.4.9 POS1/1/1 10.1.1.0/24 IS_L1 11.1.1.1 POS1/1/0 11.1.1.0/24 Direct 11.1.1.2 POS1/1/0 11.1.1.0/32 Direct 11.1.1.2 POS1/1/0 11.1.1.2/32 Direct 127.0.0.1 InLoop0 11.1.1.255/32 Direct 11.1.1.2 POS1/1/0 20.1.1.0/24 255 20 4.4.4.9 POS1/1/1 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0...
Page 289: Configuring Mpls L3Vpn Carrier's Carrier In Different Ass
Destinations : 18 Routes : 18 Destination/Mask Proto Pre Cost NextHop Interface 0.0.0.0/32 Direct 127.0.0.1 InLoop0 1.1.1.9/32 Direct 127.0.0.1 InLoop0 2.2.2.9/32 IS_L1 10.1.1.2 POS1/1/1 5.5.5.9/32 IS_L2 10.1.1.2 POS1/1/1 6.6.6.9/32 IS_L2 10.1.1.2 POS1/1/1 10.1.1.0/24 Direct 10.1.1.1 POS1/1/1 10.1.1.0/32 Direct 10.1.1.1 POS1/1/1 10.1.1.1/32 Direct 127.0.0.1...
Page 290 • PE 1 and PE 2 are the provider carrier's PE routers. They provide VPN services for the customer carrier. • CE 1 and CE 2 are the customer carrier's routers. They are connected to the provider carrier's backbone as CE routers. •...
Page 291 Configuration procedure Configure MPLS L3VPN on the provider carrier backbone. Enable IS-IS as the IGP, enable LDP between PE 1 and PE 2, and establish an MP-IBGP peer relationship between the PEs: # Configure PE 1. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 3.3.3.9 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 3.3.3.9...
Page 292 [PE3-ldp] quit [PE3] isis 2 [PE3-isis-2] network-entity 10.0000.0000.0000.0001.00 [PE3-isis-2] quit [PE3] interface loopback 0 [PE3-LoopBack0] isis enable 2 [PE3-LoopBack0] quit [PE3] interface pos 1/1/1 [PE3-Pos1/1/1] ip address 10.1.1.1 24 [PE3-Pos1/1/1] isis enable 2 [PE3-Pos1/1/1] mpls enable [PE3-Pos1/1/1] mpls ldp enable [PE3-Pos1/1/1] mpls ldp transport-address interface [PE3-Pos1/1/1] quit # Configure CE 1.
Page 293 [PE1] interface pos 1/1/0 [PE1-Pos1/1/0] ip binding vpn-instance vpn1 [PE1-Pos1/1/0] ip address 11.1.1.2 24 [PE1-Pos1/1/0] mpls enable [PE1-Pos1/1/0] quit [PE1] bgp 200 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] peer 11.1.1.1 as-number 100 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] peer 11.1.1.1 enable [PE1-bgp-default-ipv4-vpn1] peer 11.1.1.1 label-route-capability [PE1-bgp-default-ipv4-vpn1] peer 11.1.1.1 route-policy csc export [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit...
Page 294 [CE3-bgp-default-ipv4] peer 100.1.1.2 enable [CE3-bgp-default-ipv4] import-route direct [CE3-bgp-default-ipv4] quit [CE3-bgp-default] quit # Configure PE 3. [PE3] ip vpn-instance vpn1 [PE3-vpn-instance-vpn1] route-distinguisher 100:1 [PE3-vpn-instance-vpn1] vpn-target 1:1 [PE3-vpn-instance-vpn1] quit [PE3] interface gigabitethernet 1/1/1 [PE3-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE3-GigabitEthernet1/1/1] ip address 100.1.1.2 24 [PE3-GigabitEthernet1/1/1] quit [PE3] bgp 100 [PE3-bgp-default] ip vpn-instance vpn1...
Page 295 30.1.1.0/24 Direct 30.1.1.1 POS1/1/1 30.1.1.0/32 Direct 30.1.1.1 POS1/1/1 30.1.1.1/32 Direct 127.0.0.1 InLoop0 30.1.1.255/32 Direct 30.1.1.1 POS1/1/1 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0...
Page 296 11.1.1.0/24 Direct 11.1.1.1 POS1/1/1 11.1.1.0/32 Direct 11.1.1.1 POS1/1/1 11.1.1.1/32 Direct 127.0.0.1 InLoop0 11.1.1.255/32 Direct 11.1.1.1 POS1/1/1 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0...
Page 297: Configuring Nested Vpn
127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 120.1.1.0/24 255 0 6.6.6.9 POS1/1/1 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0 Verify that PE 3 and PE 4 can ping each other. (Details not shown.) Verify that CE 3 and CE 4 can ping each other. (Details not shown.) Configuring nested VPN Network requirements The service provider provides nested VPN services for users, as shown in...
Page 298 Table 21 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 Loop0 2.2.2.9/32 CE 2 Loop0 5.5.5.9/32 POS1/1/0 10.1.1.2/24 POS1/1/0 21.1.1.2/24 POS1/1/1 11.1.1.1/24 POS1/1/1 20.1.1.1/24 CE 3 GE1/1/1 100.1.1.1/24 CE 4 GE1/1/1 120.1.1.1/24 CE 5 GE1/1/1 110.1.1.1/24 CE 6...
Page 299 [PE1-bgp-default-vpnv4] quit [PE1-bgp-default] quit # Configure PE 2 in the same way that PE 1 is configured. (Details not shown.) # On PE 1 or PE 2, execute the following commands: Execute the display mpls ldp peer command to verify that an LDP session in Operational state has been established between PE 1 and PE 2.
Page 300 [CE1-Pos1/1/0] isis enable 2 [CE1-Pos1/1/0] mpls enable [CE1-Pos1/1/0] mpls ldp enable [CE1-Pos1/1/0] quit An LDP session and IS-IS neighbor relationship can be established between PE 3 and CE 1. # Configure PE 4 and CE 2 in the same way that PE 3 and CE 1 are configured. (Details not shown.) Connect CE 1 and CE 2 to service provider PEs: # Configure PE 1.
Page 301 [CE3-bgp-default-ipv4] peer 100.1.1.2 enable [CE3-bgp-default-ipv4] import-route direct [CE3-bgp-default-ipv4] quit [CE3-bgp-default] quit # Configure CE 5. <CE5> system-view [CE5] interface gigabitethernet 1/1/1 [CE5-GigabitEthernet1/1/1] ip address 110.1.1.1 24 [CE5-GigabitEthernet1/1/1] quit [CE5] bgp 65411 [CE5-bgp-default] peer 110.1.1.2 as-number 200 [CE5-bgp-default] address-family ipv4 unicast [CE5-bgp-default-ipv4] peer 110.1.1.2 enable [CE5-bgp-default-ipv4] import-route direct [CE5-bgp-default-ipv4] quit...
Page 302 # Configure PE 4, CE 4 and CE 6 in the same way that PE 3, CE 3, and CE 5 are configured. (Details not shown.) Establish MP-EBGP peer relationship between service provider PEs and their CEs to exchange user VPNv4 routes: # On PE 1, enable nested VPN, and enable VPNv4 route exchange with CE 1.
Page 303 # Configure PE 4 and CE 2 in the same way that PE 3 and CE 1 are configured. (Details not shown.) Verifying the configuration Display the public routing table and VPN routing table on the provider PEs, for example, on PE # Verify that the public routing table contains only routes on the service provider network.
Page 304 # Verify that the VPNv4 routing table on the customer VPN contains internal sub-VPN routes. [CE1] display bgp routing-table vpnv4 BGP local router ID is 2.2.2.9 Status codes: * - valid, > - best, d - dampened, h - history, s - suppressed, S - stale, i - internal, e - external Origin: i - IGP, e - EGP, ? - incomplete Total number of routes from all PEs: 4...
Page 305 100.1.1.0/32 Direct 100.1.1.2 GE1/1/1 100.1.1.2/32 Direct 127.0.0.1 InLoop0 100.1.1.255/32 Direct 100.1.1.2 GE1/1/1 120.1.1.0/24 255 0 2.2.2.9 POS1/1/1 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1...
Page 306: Configuring Multirole Host
224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0 Verify that CE 3 and CE 4 can ping each other. (Details not shown.) Verify that CE 5 and CE 6 can ping each other. (Details not shown.) Verify that CE 3 and CE 6 cannot ping each other.
Page 307: Configuring Hovpn
[PE1-vpn-instance-vpn1] vpn-target 100:1 both [PE1-vpn-instance-vpn1] quit [PE1] ip vpn-instance vpn2 [PE1-vpn-instance-vpn2] route-distinguisher 100:2 [PE1-vpn-instance-vpn2] vpn-target 100:2 both [PE1-vpn-instance-vpn2] quit # Associate VPN instance vpn1 with Serial 1/1/1 (the interface connected to CE 1). [PE1] interface serial 1/1/1 [PE1-Serial1/1/1] ip binding vpn-instance vpn1 [PE1-Serial1/1/1] ip address 1.1.1.1 255.255.255.0 [PE1-Serial1/1/1] quit # Configure a static route for VPN 2 to reach Host A and redistribute the route to BGP.
Page 308 • SPEs advertise routes permitted by routing policies to UPEs, permitting CE 1 and CE 3 in VPN 1 to communicate with each other and forbidding CE 2 and CE 4 in VPN 2 from communicating with each other. Figure 81 Network diagram Loop0 Loop0 GE1/1/2...
Page 309 [UPE1-GigabitEthernet1/1/3] quit # Configure the IGP protocol (OSPF, in this example). [UPE1] ospf [UPE1-ospf-1] area 0 [UPE1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255 [UPE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [UPE1-ospf-1-area-0.0.0.0] quit [UPE1-ospf-1] quit # Configure VPN instances vpn1 and vpn2, allowing CE 1 and CE 2 to access UPE 1. [UPE1] ip vpn-instance vpn1 [UPE1-vpn-instance-vpn1] route-distinguisher 100:1 [UPE1-vpn-instance-vpn1] vpn-target 100:1 both...
Page 310 <CE1> system-view [CE1] interface gigabitethernet 1/1/1 [CE1-GigabitEthernet1/1/1] ip address 10.2.1.1 255.255.255.0 [CE1-GigabitEthernet1/1/1] quit [CE1] bgp 65410 [CE1-bgp-default] peer 10.2.1.2 as-number 100 [CE1-bgp-default] address-family ipv4 unicast [CE1-bgp-default-ipv4] peer 10.2.1.2 enable [CE1-bgp-default-ipv4] import-route direct [CE1-bgp-default-ipv4] quit [CE1-bgp-default] quit Configure CE 2. <CE2> system-view [CE2] interface gigabitethernet 1/1/1 [CE2-GigabitEthernet1/1/1] ip address 10.4.1.1 255.255.255.0 [CE2-GigabitEthernet1/1/1] quit...
Page 311 [UPE2-vpn-instance-vpn1] quit [UPE2] ip vpn-instance vpn2 [UPE2-vpn-instance-vpn2] route-distinguisher 400:2 [UPE2-vpn-instance-vpn2] vpn-target 100:2 both [UPE2-vpn-instance-vpn2] quit [UPE2] interface gigabitethernet 1/1/2 [UPE2-GigabitEthernet1/1/2] ip binding vpn-instance vpn1 [UPE2-GigabitEthernet1/1/2] ip address 10.1.1.2 24 [UPE2-GigabitEthernet1/1/2] quit [UPE2] interface gigabitethernet 1/1/3 [UPE2-GigabitEthernet1/1/3] ip binding vpn-instance vpn2 [UPE2-GigabitEthernet1/1/3] ip address 10.3.1.2 24 [UPE2-GigabitEthernet1/1/3] quit # Establish an MP-IBGP peer relationship with SPE 2.
Page 312 <CE4> system-view [CE4] interface gigabitethernet 1/1/1 [CE4-GigabitEthernet1/1/1] ip address 10.3.1.1 255.255.255.0 [CE4-GigabitEthernet1/1/1] quit [CE4] bgp 65440 [CE4-bgp-default] peer 10.3.1.2 as-number 100 [CE4-bgp-default] address-family ipv4 unicast [CE4-bgp-default-ipv4] peer 10.3.1.2 enable [CE4-bgp-default-ipv4] import-route direct [CE4-bgp-default-ipv4] quit [CE4-bgp-default] quit Configure SPE 1: # Configure basic MPLS and MPLS LDP to establish LDP LSPs. <SPE1>...
Page 313 [SPE1] bgp 100 [SPE1-bgp-default] peer 1.1.1.9 as-number 100 [SPE1-bgp-default] peer 1.1.1.9 connect-interface loopback 0 [SPE1-bgp-default] peer 3.3.3.9 as-number 100 [SPE1-bgp-default] peer 3.3.3.9 connect-interface loopback 0 [SPE1-bgp-default] address-family vpnv4 [SPE1-bgp-default-vpnv4] peer 3.3.3.9 enable [SPE1-bgp-default-vpnv4] peer 1.1.1.9 enable [SPE1-bgp-default-vpnv4] peer 1.1.1.9 upe [SPE1-bgp-default-vpnv4] peer 1.1.1.9 next-hop-local [SPE1-bgp-default-vpnv4] quit # Create BGP-VPN instances for VPN instances vpn1 and vpn2, so the VPNv4 routes learned...
Page 314 [SPE2-ospf-1] area 0 [SPE2-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [SPE2-ospf-1-area-0.0.0.0] network 172.2.1.0 0.0.0.255 [SPE2-ospf-1-area-0.0.0.0] network 180.1.1.0 0.0.0.255 [SPE2-ospf-1-area-0.0.0.0] quit [SPE2-ospf-1] quit # Configure VPN instances vpn1 and vpn2. [SPE2] ip vpn-instance vpn1 [SPE2-vpn-instance-vpn1] route-distinguisher 600:1 [SPE2-vpn-instance-vpn1] vpn-target 100:1 both [SPE2-vpn-instance-vpn1] quit [SPE2] ip vpn-instance vpn2 [SPE2-vpn-instance-vpn2] route-distinguisher 800:1 [SPE2-vpn-instance-vpn2] vpn-target 100:2 both [SPE2-vpn-instance-vpn2] quit...
Page 315: Configuring An Ospf Sham Link
Configuring an OSPF sham link Network requirements As shown in Figure 82, CE 1 and CE 2 belong to VPN 1. Configure an OSPF sham link between PE 1 and PE 2 so traffic between the CEs is forwarded through the MPLS backbone instead of the backdoor link.
Page 316 [PE1-LoopBack0] ip address 1.1.1.9 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls ldp [PE1-ldp] quit [PE1] interface serial 1/1/1 [PE1-Serial1/1/1] ip address 10.1.1.1 24 [PE1-Serial1/1/1] mpls enable [PE1-Serial1/1/1] mpls ldp enable [PE1-Serial1/1/1] quit # Configure PE 1 to take PE 2 as an MP-IBGP peer. [PE1] bgp 100 [PE1-bgp-default] peer 2.2.2.9 as-number 100 [PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0...
Page 317 [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit Configure PEs to allow CE access: # Configure PE 1. [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 100:1 [PE1-vpn-instance-vpn1] vpn-target 1:1 [PE1-vpn-instance-vpn1] quit [PE1] interface gigabitethernet 1/1/1 [PE1-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE1-GigabitEthernet1/1/1] ip address 100.1.1.2 24 [PE1-GigabitEthernet1/1/1] quit...
Page 318 [PE2-bgp-default-ipv4-vpn1] import-route direct [PE2-bgp-default-ipv4-vpn1] quit [PE2-bgp-default-vpn1] quit [PE2-bgp-default] quit # Execute the display ip routing-table vpn-instance command on the PEs. Verify that the path to the peer CE is along the OSPF route across the customer networks, instead of the BGP route across the backbone.
Page 319: Configuring Bgp As Number Substitution
Sham link: 3.3.3.3 --> 5.5.5.5 Neighbor ID: 120.1.1.2 State: Full Area: 0.0.0.1 Cost: 1 State: P-2-P Type: Sham Timers: Hello 10, Dead 40, Retransmit 5, Transmit Delay 1 Request list: 0 Retransmit list: 0 Configuring BGP AS number substitution Network requirements As shown in Figure 83, CE 1 and CE 2 belong to VPN 1 and are connected to PE 1 and PE 2,...
Page 320 Configure OSPF on the MPLS backbone to allow the PEs and P device to learn the routes of the loopback interfaces from each other. Configure basic MPLS and MPLS LDP on the MPLS backbone to establish LDP LSPs. Establish MP-IBGP peer relationship between the PEs to advertise VPN IPv4 routes. Configure the VPN instance of VPN 1 on PE 2 to allow CE 2 to access the network.
Page 321 100.1.1.0/24 1.1.1.9 GE1/1/2 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 200.1.1.0/24 10.2.1.1 GE1/1/1 224.0.0.0/4 Direct 0 0.0.0.0 NULL0 224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 # Enable BGP update packet debugging on PE 2.
Page 322 Verifying the configuration # The output shows that among the routes advertised by PE 2 to CE 2, the AS_PATH of 100.1.1.0/24 has changed from 100 600 to 100 100. *Jun 13 16:15:59:456 2012 PE2 BGP/7/DEBUG: -MDC=1; BGP.vpn1: Send UPDATE to peer 10.2.1.1 for following destinations: Origin : Incomplete AS Path...
Page 323: Configuring Bgp As Number Substitution And Soo Attribute
# After you also configure BGP AS substitution on PE 1, verify that the GigabitEthernet interfaces of CE 1 and CE 2 can ping each other. (Details not shown.) Configuring BGP AS number substitution and SoO attribute Network requirements CE 1, CE 2, and CE 3 belong to VPN 1, and are connected to PE1, PE 2, and PE 3, respectively. CE 1 and CE 2 reside in the same site.
Page 324 Configure OSPF on the MPLS backbone to allow the PEs and P device to learn the routes of the loopback interfaces from each other. Configure basic MPLS and MPLS LDP on the MPLS backbone to establish LDP LSPs. Establish MP-IBGP peer relationship between the PEs to advertise VPN IPv4 routes. Configure the VPN instance of VPN 1 on PE 1 to allow CE 1 to access the network.
Page 325: Configuring Mpls L3Vpn Frr Through Vpnv4 Route Backup For A Vpnv4 Route
Verifying the configuration # PE 2 does not advertise routes received from CE 1 to CE 2 because the same SoO attribute has been configured for the CEs. Display the routing table of CE 2. The output shows that the route 100.1.1.1/32 has been removed.
Page 326 Figure 85 Network diagram Loop0 PE 2 GE1/1/1 GE1/1/2 VPN 1 PE 1 GE1/1/1 VPN 1 MPLS GE1/1/2 GE1/1/1 Loop0 Loop0 backbone GE1/1/3 GE1/1/1 CE 2 CE 1 GE1/1/2 Loop0 GE1/1/1 GE1/1/2 Primary link PE 3 Backup link Loop0 Table 26 Interface and IP address assignment Device Interface IP address...
Page 327: Configuring Mpls L3Vpn Frr Through Vpnv4 Route Backup For An Ipv4 Route
[PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] fast-reroute route-policy frr [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit # Specify the preferred value as 100 for routes received from PE 2. This value is greater than the preferred value (0) for routes from PE 3, so PE 1 prefers the routes from PE 2. [PE1-bgp-default] address-family vpnv4 [PE1-bgp-default-vpnv4] peer 2.2.2.2 preferred-value 100 [PE1-bgp-default-vpnv4] quit...
Page 328 Configure MPLS L3VPN FRR on PE 2 to achieve the following purposes: • When the link PE 2—CE 2 operates correctly, traffic from CE 1 to CE 2 goes through the path CE 1—PE 1—PE 2—CE 2. • When BFD detects that the link between PE 2 and CE 2 fails, traffic from CE 1 to CE 2 goes through the path CE 1—PE 1—PE 2—PE 3—CE 2.
Page 329: Configuring Mpls L3Vpn Frr Through Ipv4 Route Backup For A Vpnv4 Route
[PE2-route-policy] if-match ip address prefix-list abc [PE2-route-policy] apply fast-reroute backup-nexthop 3.3.3.3 [PE2-route-policy] quit # Use echo-mode BFD to detect the primary route connectivity. [PE2] bgp 100 [PE2-bgp-default] primary-path-detect bfd echo # Configure FRR for VPN instance vpn1 to use routing policy frr. [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] address-family ipv4 unicast [PE2-bgp-default-ipv4-vpn1] fast-reroute route-policy frr...
Page 330 Configure OSPF to ensure connectivity between PEs, and configure MP-IBGP to exchange VPNv4 routing information between PEs. Configure MPLS L3VPN FRR on PE 1 to achieve the following purposes: • When the link PE 1—PE 2 operates correctly, traffic from CE 1 to CE 2 goes through the path CE 1—PE 1—PE 2—CE 2.
Page 331 [PE1-route-policy] apply fast-reroute backup-nexthop 10.1.1.1 [PE1-route-policy] quit # Configure FRR for VPN instance vpn1 to use routing policy frr. [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] fast-reroute route-policy frr [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit # Specify the preferred value as 200 for BGP VPNv4 routes received from PE 2. This value is greater than the preferred value (0) for IPv4 unicast routes from CE 2, so PE 1 prefers the routes from PE 2.
Page 332: Configuring Ipv6 Mpls L3Vpn
Configuring IPv6 MPLS L3VPN Overview IPv6 MPLS L3VPN uses BGP to advertise IPv6 VPN routes and uses MPLS to forward IPv6 VPN packets on the service provider backbone. Figure 88 shows a typical IPv6 MPLS L3VPN model. The service provider backbone in the IPv6 MPLS L3VPN model is an IPv4 network.
Page 333: Ipv6 Mpls L3Vpn Routing Information Advertisement
Based on the inbound interface and destination address of the packet, PE 1 finds a matching entry from the routing table of the VPN instance, labels the packet with both a private network label (inner label) and a public network label (outer label), and forwards the packet out. The MPLS backbone transmits the packet to PE 2 by outer label.
Page 334: Protocols And Standards
Protocols and standards • RFC 4659, BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN • RFC 6565, OSPFv3 as a Provider Edge to Customer Edge (PE-CE) Routing Protocol IPv6 MPLS L3VPN configuration task list Tasks at a glance (Required.) Configuring basic IPv6 MPLS L3VPN (Optional.)
Page 335 Creating a VPN instance A VPN instance is a collection of the VPN membership and routing rules of its associated site. A VPN instance might correspond to more than one VPN. To create and configure a VPN instance: Step Command Remarks Enter system view.
Page 336 Configuring route related attributes for a VPN instance Step Command Remarks Enter system view. system-view • Enter VPN instance view: Configurations made in VPN ip vpn-instance instance view apply to both IPv4 vpn-instance-name VPN and IPv6 VPN. Enter VPN instance view or •...
Page 337: Configuring Routing Between A Pe And A Ce
Configuring routing between a PE and a CE You can configure IPv6 static routing, RIPng, OSPFv3, IPv6 IS-IS, EBGP, or IBGP between a PE and a CE. Configuring IPv6 static routing between a PE and a CE Step Command Remarks Enter system view.
Page 338 Step Command Remarks Perform this configuration on the The maximum number of OSPFv3 Create an OSPFv3 process ospfv3 [ process-id ] processes for a VPN instance is for a VPN instance and enter vpn-instance vpn-instance-name OSPFv3 view. Deleting a VPN instance also deletes all related OSPFv3 processes.
Page 339 Step Command Remarks By default, if BGP runs within an MPLS backbone, and the BGP AS number is not greater than 65535, the first two octets of the external route tag are 0xD000. The last two (Optional.) Configure an octets are the local BGP AS external route tag for route-tag tag-value number.
Page 340 Step Command Remarks Enter system view. system-view Create an IPv6 IS-IS process Perform this configuration on the isis [ process-id ] vpn-instance for a VPN instance and enter PE. On the CE, create a common vpn-instance-name IS-IS view. IPv6 IS-IS process. Configure a network entity network-entity net By default, no NET is configured.
Page 341 Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] peer { group-name | Configure the PE as an ipv6-address [ prefix-length ] } By default, no BGP peers exist. EBGP peer. as-number as-number Create the BGP IPv6 By default, the BGP IPv6 unicast address family and...
Page 342: Configuring Routing Between Pes
Step Command Remarks peer { group-name | Configure the PE as an ipv6-address [ prefix-length ] } By default, no BGP peers exist. IBGP peer. as-number as-number Create the BGP IPv6 By default, the BGP IPv6 unicast family and enter its address-family ipv6 [ unicast ] unicast family is not created.
Page 343 Step Command Remarks Enter BGP VPNv6 address address-family vpnv6 family view. filter-policy { ipv6-acl-number | Configure filtering of By default, BGP does not filter prefix-list ipv6-prefix-name } advertised routes. advertised routes. export [ protocol process-id ] filter-policy { ipv6-acl-number | Configure filtering of By default, BGP does not filter prefix-list ipv6-prefix-name }...
Page 344: Configuring Inter-As Ipv6 Vpn
Step Command Remarks peer { group-name | ipv4-address [ mask-length ] } route-limit 15. Set the maximum number of By default, the number of routes prefix-number [ { alert-only | routes BGP can receive from that BGP can receive from a peer discard | reconnect a peer or peer group.
Page 345: Configuring Inter-As Ipv6 Vpn Option B
For more configuration information, see "Configuring basic IPv6 MPLS L3VPN." In the inter-AS IPv6 VPN option A solution, for the same IPv6 VPN, the route targets configured on the PEs must match those configured on the ASBRs in the same AS. This makes sure VPN routes sent by the PEs (or ASBRs) can be received by the ASBRs (or PEs).
Page 346: Configuring Inter-As Ipv6 Vpn Option C
Step Command Remarks 11. Enter BGP VPNv6 address address-family vpnv6 family view. 12. Enable BGP to exchange By default, BGP cannot exchange VPNv6 routes with the PE in peer { group-name | ipv4-address VPNv6 routing information with a the same AS and the ASBR [ mask-length ] } enable peer.
Page 347: Configuring Multirole Host
Step Command Remarks By default, the device uses its address as the next hop of routes advertised to peers. 11. (Optional.) Configure the PE peer { group-name | ipv4-address to not change the next hop of [ mask-length ] } Configure this command on the routes advertised to the peer.
Page 348: Configuring An Ipv6 Static Route
Step Command Remarks By default, no VPN instance is specified. You must specify multiple VPN instances for the node. The first one is the VPN instance to which the Specify the VPN multirole host belongs, and others apply access-vpn vpn-instance instances for forwarding are the VPN instances to be vpn-instance-name&<1-n>...
Page 349: Redistributing The Loopback Interface Address
Step Command Remarks Associate the loopback By default, the interface is ip binding vpn-instance interface with a VPN associated with no VPN vpn-instance-name instance. instance. By default, no IPv6 address is Configure an IPv6 address For configuration details, see Layer configured for the loopback for the loopback interface.
Page 350: Displaying And Maintaining Ipv6 Mpls L3Vpn
For more information about the BGP AS number substitution feature and the SoO attribute, see "BGP AS number substitution and SoO attribute." To configure BGP AS number substitution and SoO attribute: Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view.
Page 351: Ipv6 Mpls L3Vpn Configuration Examples
Task Command display bgp [ instance instance-name ] peer vpnv6 Display BGP VPNv6 peer information. [ ipv4-address mask-length | { ipv4-address | group-name group-name } log-info | [ ipv4-address ] verbose ] display bgp [ instance instance-name ] routing-table vpnv6 [ [ route-distinguisher route-distinguisher ] [ ipv6-address prefix-length [ advertise-info ] | as-path-acl as-path-acl-number | Display BGP VPNv6 routes.
Page 352 Figure 90 Network diagram Table 29 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 GE1/1/1 2001:1::1/96 Loop0 2.2.2.9/32 PE 1 Loop0 1.1.1.9/32 POS1/1/0 172.1.1.2/24 GE1/1/1 2001:1::2/96 POS1/1/1 172.2.1.1/24 GE1/1/2 2001:2::2/96 PE 2 Loop0 3.3.3.9/32 POS1/1/0 172.1.1.1/24...
Page 353 [PE1-ospf-1] quit # Configure the P router. <P> system-view [P] interface loopback 0 [P-LoopBack0] ip address 2.2.2.9 32 [P-LoopBack0] quit [P] interface pos 1/1/0 [P-Pos1/1/0] ip address 172.1.1.2 24 [P-Pos1/1/0] quit [P] interface pos 1/1/1 [P-Pos1/1/1] ip address 172.2.1.1 24 [P-Pos1/1/1] quit [P] ospf [P-ospf-1] area 0...
Page 354 [P] mpls ldp [P-ldp] quit [P] interface pos 1/1/0 [P-Pos1/1/0] mpls enable [P-Pos1/1/0] mpls ldp enable [P-Pos1/1/0] quit [P] interface pos 1/1/1 [P-Pos1/1/1] mpls enable [P-Pos1/1/1] mpls ldp enable [P-Pos1/1/1] quit # Configure PE 2. [PE2] mpls lsr-id 3.3.3.9 [PE2] mpls ldp [PE2-ldp] quit [PE2] interface pos 1/1/0 [PE2-Pos1/1/0] mpls enable...
Page 355 [PE2] interface gigabitethernet 1/1/1 [PE2-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE2-GigabitEthernet1/1/1] ipv6 address 2001:3::2 96 [PE2-GigabitEthernet1/1/1] quit [PE2] interface gigabitethernet 1/1/2 [PE2-GigabitEthernet1/1/2] ip binding vpn-instance vpn2 [PE2-GigabitEthernet1/1/2] ipv6 address 2001:4::2 96 [PE2-GigabitEthernet1/1/2] quit # Configure IP addresses for the CEs according to Figure 90.
Page 356 [PE1-bgp-default-ipv6-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] ip vpn-instance vpn2 [PE1-bgp-default-vpn2] peer 2001:2::1 as-number 65420 [PE1-bgp-default-vpn2] address-family ipv6 unicast [PE1-bgp-default-ipv6-vpn2] peer 2001:2::1 enable [PE1-bgp-default-ipv6-vpn2] quit [PE1-bgp-default-vpn2] quit [PE1-bgp-default] quit # Configure PE 2 in the same way that PE 1 is configured. (Details not shown.) # Execute the display bgp peer ipv6 vpn-instance command on the PEs to verify that a BGP peer relationship in Established state has been established between a PE and a CE.
Page 357 Interface : InLoop0 Cost Destination: 2001:3::/96 Protocol : BGP4+ NextHop : ::FFFF:3.3.3.9 Preference: 255 Interface : POS1/1/0 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0...
Page 358: Configuring An Ipv6 Mpls L3Vpn Over A Gre Tunnel
Configuring an IPv6 MPLS L3VPN over a GRE tunnel Network requirements CE 1 and CE 2 belong to VPN 1. The PEs support MPLS, while the P router does not support MPLS and provides only IP features. On the backbone, use a GRE tunnel to encapsulate and forward packets for IPv6 MPLS L3VPN. Configure tunnel policies on the PEs, and specify the tunnel type for VPN traffic as GRE.
Page 359 [PE1] mpls lsr-id 1.1.1.9 # Configure PE 2. <PE2> system-view [PE2] mpls lsr-id 2.2.2.9 Configure VPN instances on the PEs to allow CE access, and apply tunnel policies to the VPN instances to use a GRE tunnel for VPN packet forwarding: # Configure PE 1.
Page 360 # Use the ping command on the PEs to verify that the PEs can ping their attached CEs, for example, on PE 1. [PE1] ping ipv6 -vpn-instance vpn1 2001:1::1 Ping6(56 bytes) 2001:1::2 --> 2001:1::1, press CTRL_C to break 56 bytes from 2001:1::1, icmp_seq=0 hlim=64 time=0.000 ms 56 bytes from 2001:1::1, icmp_seq=1 hlim=64 time=1.000 ms 56 bytes from 2001:1::1, icmp_seq=2 hlim=64 time=0.000 ms 56 bytes from 2001:1::1, icmp_seq=3 hlim=64 time=1.000 ms...
Page 361: Configuring Ipv6 Mpls L3Vpn Inter-As Option A
Configure a GRE tunnel: # Configure PE 1. [PE1] interface tunnel 0 mode gre [PE1-Tunnel0] source loopback 0 [PE1-Tunnel0] destination 2.2.2.9 [PE1-Tunnel0] ip address 20.1.1.1 24 [PE1-Tunnel0] mpls enable [PE1-Tunnel0] quit # Configure PE 2. [PE2] interface tunnel 0 mode gre [PE2-Tunnel0] source loopback 0 [PE2-Tunnel0] destination 1.1.1.9 [PE2-Tunnel0] ip address 20.1.1.2 24...
Page 362 Table 31 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 GE1/1/1 2001:1::1/96 CE 2 GE1/1/1 2001:2::1/96 PE 1 Loop0 1.1.1.9/32 PE 2 Loop0 4.4.4.9/32 GE1/1/1 2001:1::2/96 GE1/1/1 2001:2::2/96 POS1/1/0 172.1.1.2/24 POS1/1/0 162.1.1.2/24 ASBR-PE1 Loop0 2.2.2.9/32 ASBR-PE2...
Page 363 [ASBR-PE2] interface pos 1/1/0 [ASBR-PE2-Pos1/1/0] mpls enable [ASBR-PE2-Pos1/1/0] mpls ldp enable [ASBR-PE2-Pos1/1/0] quit # Configure basic MPLS on PE 2, and enable MPLS LDP for both PE 2 and the interface connected to ASBR-PE 2. <PE2> system-view [PE2] mpls lsr-id 4.4.4.9 [PE2] mpls ldp [PE2-ldp] quit [PE2] interface pos 1/1/0...
Page 364 # On ASBR-PE 1, create a VPN instance, and bind the VPN instance to the interface connected to ASBR-PE 2. ASBR-PE 1 considers ASBR-PE 2 to be its attached CE. [ASBR-PE1] ip vpn-instance vpn1 [ASBR-PE1-vpn-vpn1] route-distinguisher 100:1 [ASBR-PE1-vpn-vpn1] vpn-target 100:1 both [ASBR-PE1-vpn-vpn1] quit [ASBR-PE1] interface pos 1/1/1 [ASBR-PE1-Pos1/1/1] ip binding vpn-instance vpn1...
Page 365 [CE2-bgp-default] quit # Configure PE 2. [PE2] bgp 200 [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] peer 2001:2::1 as-number 65002 [PE2-bgp-default-vpn1] address-family ipv6 unicast [PE2-bgp-default-ipv6-vpn1] peer 2001:2::1 enable [PE2-bgp-default-ipv6-vpn1] quit [PE2-bgp-default-vpn1] quit [PE2-bgp-default] quit Establish an IBGP peer relationship between each PE and the ASBR-PE in the same AS and an EBGP peer relationship between the ASBR-PEs: # Configure PE 1.
Page 366: Configuring Ipv6 Mpls L3Vpn Inter-As Option B
# Configure PE 2. [PE2] bgp 200 [PE2-bgp-default] peer 3.3.3.9 as-number 200 [PE2-bgp-default] peer 3.3.3.9 connect-interface loopback 0 [PE2-bgp-default] address-family vpnv6 [PE2-bgp-default-vpnv6] peer 3.3.3.9 enable [PE2-bgp-default-vpnv6] quit [PE2-bgp-default] quit Verifying the configuration # Verify that the CEs can learn the route to each other and can ping each other. (Details not shown.) Configuring IPv6 MPLS L3VPN inter-AS option B Network requirements Site 1 and Site 2 belong to the same VPN.
Page 367 Device Interface IP address Device Interface IP address ASBR-PE 1 Loop0 3.3.3.9/32 ASBR-PE 2 Loop0 4.4.4.9/32 Ser1/1/0 1.1.1.1/8 Ser1/1/0 9.1.1.1/8 Ser1/1/1 11.0.0.2/8 Ser1/1/1 11.0.0.1/8 Configuration procedure Configure PE 1: # Configure IS-IS on PE 1. <PE1> system-view [PE1] isis 1 [PE1-isis-1] network-entity 10.111.111.111.111.00 [PE1-isis-1] quit # Configure LSR ID, and enable MPLS and LDP.
Page 368 [PE1-bgp-default-vpnv6] quit # Redistribute direct routes to the VPN routing table of vpn1. [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] address-family ipv6 unicast [PE1-bgp-default-ipv6-vpn1] import-route direct [PE1-bgp-default-ipv6-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit Configure ASBR-PE 1: # Enable IS-IS on ASBR-PE 1. <ASBR-PE1> system-view [ASBR-PE1] isis 1 [ASBR-PE1-isis-1] network-entity 10.222.222.222.222.00 [ASBR-PE1-isis-1] quit...
Page 369 [ASBR-PE1-bgp-default-vpnv6] quit Configure ASBR-PE 2: # Enable IS-IS on ASBR-PE 2. <ASBR-PE2> system-view [ASBR-PE2] isis 1 [ASBR-PE2-isis-1] network-entity 10.222.222.222.222.00 [ASBR-PE2-isis-1] quit # Configure LSR ID, and enable MPLS and LDP. [ASBR-PE2] mpls lsr-id 4.4.4.9 [ASBR-PE2] mpls ldp [ASBR-PE2-ldp] quit # Configure interface Serial 1/1/0, and enable IS-IS, MPLS, and LDP on the interface. [ASBR-PE2] interface serial 1/1/0 [ASBR-PE2-Serial1/1/0] ip address 9.1.1.1 255.0.0.0 [ASBR-PE2-Serial1/1/0] isis enable 1...
Page 370 [PE2-isis-1] quit # Configure the LSR ID, and enable MPLS and LDP. [PE2] mpls lsr-id 5.5.5.9 [PE2] mpls ldp [PE2-ldp] quit # Configure interface Serial 1/1/0, and enable IS-IS, MPLS, and LDP on the interface. [PE2] interface serial 1/1/0 [PE2-Serial1/1/0] ip address 9.1.1.2 255.0.0.0 [PE2-Serial1/1/0] isis enable 1 [PE2-Serial1/1/0] mpls enable [PE2-Serial1/1/0] mpls ldp enable...
Page 371: Configuring Ipv6 Mpls L3Vpn Inter-As Option C
56 bytes from 20::1: icmp_seq=0 hlim=64 time=1.208 ms 56 bytes from 20::1: icmp_seq=1 hlim=64 time=0.867 ms 56 bytes from 20::1: icmp_seq=2 hlim=64 time=0.551 ms 56 bytes from 20::1: icmp_seq=3 hlim=64 time=0.566 ms 56 bytes from 20::1: icmp_seq=4 hlim=64 time=0.570 ms --- Ping6 statistics for 20::1 in VPN instance vpn1--- 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.551/0.752/1.208/0.257 ms...
Page 372 Device Interface IP address Device Interface IP address CE 1 GE1/1/1 2001::2/64 CE 1 GE1/1/1 2002::2/64 Configuration procedure Configure CE 1: # Configure an IPv6 address for GigabitEthernet 1/1/1. <CE1> system-view [CE1] interface gigabitethernet 1/1/1 [CE1-GigabitEthernet1/1/1] ipv6 address 2001::2 64 [CE1-GigabitEthernet1/1/1] quit # Establish an EBGP peer relationship with PE 1, and redistribute VPN routes.
Page 373 # Associate interface GigabitEthernet 1/1/1 with VPN instance vpn1, and specify the IPv6 address for the interface. [PE1] interface gigabitethernet 1/1/1 [PE1-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE1-GigabitEthernet1/1/1] ipv6 address 2001::1 64 [PE1-GigabitEthernet1/1/1] quit # Start BGP on PE 1. [PE1] bgp 100 # Enable the capability to advertise labeled routes to and receive labeled routes from IBGP peer 3.3.3.9.
Page 374 [ASBR-PE1-Serial1/1/0] mpls ldp enable [ASBR-PE1-Serial1/1/0] quit # Configure interface Serial 1/1/1, and enable MPLS on it. [ASBR-PE1] interface serial 1/1/1 [ASBR-PE1-Serial1/1/1] ip address 11.0.0.2 255.0.0.0 [ASBR-PE1-Serial1/1/1] mpls enable [ASBR-PE1-Serial1/1/1] quit # Configure interface Loopback 0, and start IS-IS on it. [ASBR-PE1] interface loopback 0 [ASBR-PE1-LoopBack0] ip address 3.3.3.9 32 [ASBR-PE1-LoopBack0] isis enable 1...
Page 375 [ASBR-PE2-isis-1] network-entity 10.333.333.333.333.00 [ASBR-PE2-isis-1] quit # Configure an LSR ID, and enable MPLS and LDP. [ASBR-PE2] mpls lsr-id 4.4.4.9 [ASBR-PE2] mpls ldp [ASBR-PE2-ldp] quit # Configure interface Serial 1/1/0, and enable IS-IS, MPLS, and LDP on the interface. [ASBR-PE2] interface serial 1/1/0 [ASBR-PE2-Serial1/1/0] ip address 9.1.1.1 255.0.0.0 [ASBR-PE2-Serial1/1/0] isis enable 1 [ASBR-PE2-Serial1/1/0] mpls enable...
Page 376 [ASBR-PE2-bgp-default-ipv4] peer 11.0.0.2 route-policy policy1 export # Enable the capability to advertise labeled routes to and receive labeled routes from EBGP peer 11.0.0.2. [ASBR-PE2-bgp-default-ipv4] peer 11.0.0.2 label-route-capability [ASBR-PE2-bgp-default-ipv4] quit [ASBR-PE2-bgp-default] quit Configure PE 2: # Start IS-IS on PE 2. <PE2>...
Page 377: Configuring Ipv6 Mpls L3Vpn Carrier's Carrier In The Same As
[PE2-bgp-default-ipv4] peer 4.4.4.9 label-route-capability [PE2-bgp-default-ipv4] quit # Configure the maximum hop count from PE 2 to EBGP peer 2.2.2.9 as 10. [PE2-bgp-default] peer 2.2.2.9 as-number 100 [PE2-bgp-default] peer 2.2.2.9 connect-interface loopback 0 [PE2-bgp-default] peer 2.2.2.9 ebgp-max-hop 10 # Configure peer 2.2.2.9 as a VPNv6 peer. [PE2-bgp-default] address-family vpnv6 [PE2-bgp-default-af-vpnv6] peer 2.2.2.9 enable [PE2-bgp-default-af-vpnv6] quit...
Page 378 • PE 3 and PE 4 are the customer carrier's PE routers. They provide IPv6 MPLS L3VPN services to end customers. • CE 3 and CE 4 are customers of the customer carrier. • The customer carrier and the provider carrier reside in the same AS. The key to the carrier's carrier deployment is to configure exchange of two kinds of routes: •...
Page 379 <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 3.3.3.9 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 3.3.3.9 [PE1] mpls ldp [PE1-ldp] quit [PE1] isis 1 [PE1-isis-1] network-entity 10.0000.0000.0000.0004.00 [PE1-isis-1] quit [PE1] interface loopback 0 [PE1-LoopBack0] isis enable 1 [PE1-LoopBack0] quit [PE1] interface pos 1/1/1 [PE1-POS1/1/1] ip address 30.1.1.1 24 [PE1-POS1/1/1] isis enable 1...
Page 380 [PE3] interface loopback 0 [PE3-LoopBack0] isis enable 2 [PE3-LoopBack0] quit [PE3] interface pos 1/1/1 [PE3-Pos1/1/1] ip address 10.1.1.1 24 [PE3-Pos1/1/1] isis enable 2 [PE3-Pos1/1/1] mpls enable [PE3-Pos1/1/1] mpls ldp enable [PE3-Pos1/1/1] mpls ldp transport-address interface [PE3-Pos1/1/1] quit # Configure CE 1. <CE1>...
Page 381 [PE1-isis-2-ipv4] quit [PE1-isis-2] quit [PE1] interface pos 1/1/0 [PE1-Pos1/1/0] ip binding vpn-instance vpn1 [PE1-Pos1/1/0] ip address 11.1.1.2 24 [PE1-Pos1/1/0] isis enable 2 [PE1-Pos1/1/0] mpls enable [PE1-Pos1/1/0] mpls ldp enable [PE1-Pos1/1/0] mpls ldp transport-address interface [PE1-Pos1/1/0] quit [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] import isis 2 [PE1-bgp-default-ipv4-vpn1] quit...
Page 382 [PE3-GigabitEthernet1/1/1] ipv6 address 2001:1::2 96 [PE3-GigabitEthernet1/1/1] quit [PE3] bgp 100 [PE3-bgp-default] ip vpn-instance vpn1 [PE3-bgp-default-vpn1] peer 2001:1::1 as-number 65410 [PE3-bgp-default-vpn1] address-family ipv6 unicast [PE3-bgp-default-ipv6-vpn1] peer 2001:1::1 enable [PE3-bgp-default-ipv6-vpn1] quit [PE3-bgp-default-vpn1] quit [PE3-bgp-default] quit # Configure PE 4 and CE 4 in the same way that PE 3 and CE 3 are configured. (Details not shown.) Configure an MP-IBGP peer relationship between the PEs of the customer carrier to exchange the VPN routes of the end customers:...
Page 383 [PE1] display ip routing-table vpn-instance vpn1 Destinations : 18 Routes : 18 Destination/Mask Proto Pre Cost NextHop Interface 0.0.0.0/32 Direct 127.0.0.1 InLoop0 1.1.1.9/32 IS_L1 11.1.1.1 POS1/1/0 2.2.2.9/32 IS_L1 11.1.1.1 POS1/1/0 5.5.5.9/32 255 10 4.4.4.9 POS1/1/1 6.6.6.9/32 255 20 4.4.4.9 POS1/1/1 10.1.1.0/24 IS_L1 11.1.1.1...
Page 384 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0 Display the public network routing table and VPN routing table on the customer carrier PEs, for example, on PE 3: # Verify that the public network routing table contains the internal routes of the customer carrier network.
Page 385: Configuring Multirole Host
NextHop : ::FFFF:6.6.6.9 Preference: 255 Interface : POS1/1/1 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : InLoop0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Verify that PE 3 and PE 4 can ping each other. (Details not shown.) Verify that CE 3 and CE 4 can ping each other.
Page 386 Configure PE 1: # Create VPN instances vpn1 and vpn2 for VPN 1 and VPN 2, respectively, and configure different RDs and route targets for the VPN instances. <PE1> system-view [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 100:1 [PE1-vpn-instance-vpn1] vpn-target 100:1 both [PE1-vpn-instance-vpn1] quit [PE1] ip vpn-instance vpn2 [PE1-vpn-instance-vpn2] route-distinguisher 100:2...
Page 387: Configuring An Ospfv3 Sham Link
Configuring an OSPFv3 sham link Network requirements As shown in Figure 97, CE 1 and CE 2 belong to VPN 1. Configure an OSPFv3 sham link between PE 1 and PE 2 so traffic between the CEs is forwarded through the MPLS backbone instead of the backdoor link.
Page 388 [PE1-LoopBack0] ip address 1.1.1.9 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls ldp [PE1-ldp] quit [PE1] interface serial 1/1/1 [PE1-Serial1/1/1] ip address 10.1.1.1 24 [PE1-Serial1/1/1] mpls enable [PE1-Serial1/1/1] mpls ldp enable [PE1-Serial1/1/1] quit # Configure PE 1 to take PE 2 as an MP-IBGP peer. [PE1] bgp 100 [PE1-bgp-default] peer 2.2.2.9 as-number 100 [PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0...
Page 389 [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit Configure PEs to allow CE access: # Configure PE 1. [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 100:1 [PE1-vpn-instance-vpn1] vpn-target 1:1 [PE1-vpn-instance-vpn1] quit [PE1] interface gigabitethernet 1/1/1 [PE1-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [PE1-GigabitEthernet1/1/1] ipv6 address 100::2 64 [PE1-GigabitEthernet1/1/1] ospfv3 100 area 1...
Page 390 [PE2-bgp-default-vpn1] quit [PE2-bgp-default] quit # Execute the display ipv6 routing-table vpn-instance command on the PEs. Verify that the path to the peer CE is along the OSPFv3 route across the customer networks, instead of the IPv6 BGP route across the backbone. (Details not shown.) Configure a sham link: # Configure PE 1.
Page 391: Configuring Bgp As Number Substitution
Sham-link (Area: 0.0.0.1) Source : 3::3 Destination : 5::5 Interface ID: 2147483649 Neighbor ID : 120.1.1.1, Neighbor state: Full Cost: 1 State: P-2-P Type: Sham Instance ID: 0 Timers: Hello 10, Dead 40, Retransmit 5, Transmit delay 1 Request list: 0 Retransmit list: 0 Configuring BGP AS number substitution Network requirements...
Page 392 Configure OSPF on the MPLS backbone to allow the PEs and P device to learn the routes of the loopback interfaces from each other. Configure basic MPLS and MPLS LDP on the MPLS backbone to establish LDP LSPs. Establish an MP-IBGP peer relationship between the PEs to advertise VPN IPv6 routes. Configure the VPN instance of VPN 1 on PE 1 to allow CE 1 to access the network.
Page 393 Interface : InLoop0 Cost Destination: 10:2::/96 Protocol : Direct NextHop : :: Preference: 0 Interface : GE1/1/1 Cost Destination: 10:2::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 100::/96 Protocol : BGP4+ NextHop : ::FFFF:10.1.1.1 Preference: 255 Interface : GE1/1/2...
Page 394 <PE1> system-view [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] peer 10:1::2 substitute-as [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Configure BGP AS number substitution on PE 2. <PE2> system-view [PE2] bgp 100 [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] peer 10:2::2 substitute-as [PE2-bgp-default-vpn1] quit [PE2-bgp-default] quit Verifying the configuration # The output shows that among the routes advertised by PE 2 to CE 2, the AS_PATH of 100::/96 has...
Page 395: Configuring Bgp As Number Substitution And Soo Attribute
NextHop : :: Preference: 0 Interface : GE1/1/1 Cost Destination: 10:2::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 100::/96 Protocol : BGP4+ NextHop : 10:2::1 Preference: 255 Interface : GE1/1/1 Cost Destination: 200::/96 Protocol : Static NextHop : ::...
Page 396 Figure 99 Network diagram CE 1 Loop0 GE1/1/1 MPLS backbone GE1/1/1 AS 100 Loop0 Loop0 Loop0 GE1/1/3 GE1/1/1 PE 1 GE1/1/2 VPN 1 GE1/1/2 AS 600 GE1/1/3 GE1/1/1 PE 2 GE1/1/3 GE1/1/2 PE 3 Loop0 CE 3 GE1/1/2 GE1/1/1 Loop0 GE1/1/1 CE 2 VPN 1...
Page 397 Configure BGP AS number substitution: # Configure BGP AS number substitution on PE 1, PE 2, and PE 3. For more information about the configuration, see "Configuring BGP AS number substitution." # Display routing information on CE 2. The output shows that CE 2 has learned the route 100::/96 from CE 1.
Page 398 Destination: 10:2::/96 Protocol : Direct NextHop : :: Preference: 0 Interface : GE1/1/1 Cost Destination: 10:2::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 200::/96 Protocol : Static NextHop : :: Preference: 60 Interface : NULL0 Cost...
Page 399: Configuring Mpls L2Vpn
Configuring MPLS L2VPN MPLS L2VPN provides point-to-point and point-to-multipoint connections. This chapter describes only the MPLS L2VPN technologies that provide point-to-point connections. For information about the MPLS L2VPN technologies that provide point-to-multipoint connections, see "Configuring VPLS." Overview MPLS L2VPN is an implementation of Pseudo Wire Emulation Edge-to-Edge (PWE3). It offers Layer 2 VPN services over an MPLS or IP backbone.
Page 400: Mpls L2Vpn Network Models
For example, a VPN has 10 sites, and a PE assigns the first label block LB1/0/10 to the VPN. When another 15 sites are added, the PE keeps the first label block and assigns the second label block LB2/10/15 to extend the network. LB1 and LB2 are the initial label values that are randomly selected by the PE.
Page 401: Remote Connection Establishment
Remote connection establishment To set up a remote MPLS L2VPN connection: Set up a public tunnel to carry one or more PWs between PEs: The public tunnel can be an LSP, MPLS TE, or GRE tunnel. If multiple public tunnels exist between two PEs, you can configure a tunnel policy to control tunnel selection.
Page 402: Local Connection Establishment
Bind the AC to the PW: Bind the Layer 3 physical interface or Layer 3 subinterface to the PW, so the PE forwards packets between the AC and the PW. Local connection establishment To set up a local MPLS L2VPN connection between two CEs: Set up ACs: Configure the link layer protocol to set up an AC between the PE and each CE.
Page 403 P-tag, the PE adds a null label (the label value is 0) into the packet, and then encapsulates the packet. − If the peer PE requires the ingress to rewrite the P-tag, the PE changes the P-tag to the expected VLAN tag (the tag value might be 0), and then adds a PW label and an outer tag into the packet.
Page 404: Control Word
Control word The control word field is between the MPLS label stack and the Layer 2 data. It carries control information for the Layer 2 frame, for example, the sequence number. The control word feature has the following functions: • Avoids fragment disorder.
Page 405: Pw Redundancy
establish Layer 2 connections with the PEs. For example, CE 2 and PE 2 must perform PPP negotiation to establish a PPP connection. PW redundancy PW redundancy provides redundant links between PEs so that the customer networks can communicate when the path over one PW fails. As shown in Figure 104, PE 1 establishes two PWs (one primary and one backup).
Page 406 Figure 105 Multi-segment PW MPLS or IP backbone PE 3 PE 2 PW 2 PE 1 PE 4 CE 1 CE 2 Multi-segment PWs include intra-domain multi-segment PWs and inter-domain multi-segment PWs. Intra-domain multi-segment PW An intra-domain multi-segment PW has concatenated PWs within an AS. You can create an intra-domain multi-segment PW between two PEs that have no public tunnel to each other.
Page 407: Vccv
• Concatenate PW 2 and PW 3 on ASBR 2. Figure 107 Inter-domain multi-segment PW VCCV Virtual Circuit Connectivity Verification (VCCV) is an OAM feature for L2VPN. It verifies the connectivity of PWs on the data plane. VCCV includes the following modes: •...
Page 408: Enabling L2Vpn
Tasks at a glance Remarks (Required.) Enabling L2VPN For multi-segment PWs, (Required.) Configuring an AC skip this task. (Required.) Configuring a cross-connect Configuring a Choose a PW configuration • (Optional.) Configuring a PW class method depending on the • (Required.) Choose either of the following tasks to configure a PW: MPLS L2VPN Configuring a static PW implementation.
Page 409: Configuring A Cross-Connect
Ethernet subinterface, both the default PW data encapsulation type and default access mode are VLAN. The PW data encapsulation type and AC access mode determine how the VLAN tag is processed by a PE. Therefore, the PW data encapsulation types and AC access modes on the local PE and the peer PE must match.
Page 410: Configuring A Pw
Step Command Remarks (Optional.) Enable the By default, the cross-connect undo shutdown cross-connect group. group is enabled. Create a cross-connect and By default, no cross-connects connection connection-name enter cross-connect view. exist. The default MTU is 1500 bytes. The two PEs on an LDP PW must Set an MTU for the PW.
Page 411: Configuring An Ldp Pw
Configuring an LDP PW Before you configure an LDP PW, enable global and interface MPLS LDP on the PE. For information about MPLS LDP configuration, see "Configuring LDP." To configure an LDP PW: Step Command Remarks Enter system view. system-view Enter cross-connect group xconnect-group group-name view.
Page 412 Step Command Remarks (Optional.) Permit the local AS By default, the local AS number to appear in routes peer { group-name | ip-address number is not allowed in from the specified peer or peer [ mask-length ] } allow-as-loop routes from a peer or peer group and specify the [ number ] group.
Page 413: Configuring A Remote Ccc Connection
Step Command Remarks vpn-target vpn-target&<1-8> By default, no route targets are Configure route targets for [ both | export-extcommunity | configured for the cross-connect the cross-connect group. import-extcommunity ] group. (Optional.) Specify a PW By default, no PW class is class for the auto-discovery pw-class class-name specified.
Page 414: Binding An Ac To A Cross-Connect
Step Command Remarks By default, no remote CCC connections exist. Use the out-interface keyword to specify the outgoing interface ccc in-label in-label-value out-label only on a point-to-point link. On out-label-value { nexthop nexthop | Create a remote CCC other types of interfaces such as out-interface interface-type connection.
Page 415: Configuring Pw Redundancy
Step Command Remarks Enter auto-discovery auto-discovery bgp cross-connect group view. site site-id [ range range-value ] Enter site view. [ default-offset default-offset-value ] Enter auto-discovery connection remote-site-id cross-connect view. remote-site-id ac interface interface-type By default, no Layer 3 interface Bind the Layer 3 interface to interface-number [ track is bound to the BGP the BGP cross-connect.
Page 416: Configuring Ldp Pw Redundancy
Configuring LDP PW redundancy Step Command Remarks Enter system view. system-view Enter cross-connect group xconnect-group group-name view. Enter cross-connect view. connection connection-name (Optional.) Specify the By default, the switchover mode is switchover mode and set the revertive { wtr wtr-time | never } revertive and the switchover wait wait time for the switchover.
Page 417: Enabling Snmp Notifications For L2Vpn Pw
use the reset arp command to clear the ARP entries on the CE before the CE can learn new ARP entries. • When a CE is connected to a PE through a PPP link: If the PE's interface connected to the CE has an IP address, the IPCP negotiation is performed. If the interface does not have an IP address, perform one of the following operations: Use the ppp ipcp ignore local-ip command to configure the PE to support IPCP negotiation without an IP address.
Page 418: Mpls L2Vpn Configuration Examples
Task Command display l2vpn pw [ xconnect-group group-name ] [ protocol { bgp Display L2VPN PW information. | ldp | static } ] [ verbose ] Display PW class information. display l2vpn pw-class [ class-name ] Display cross-connect group display l2vpn xconnect-group [ name group-name ] [ verbose ] information.
Page 419: Configuring Ip Interworking Over Local Mpls L2Vpn Connections
[CE1] interface gigabitethernet 1/1/1 [CE1-GigabitEthernet1/1/1] ip address 100.1.1.1 24 [CE1-GigabitEthernet1/1/1] quit Configure CE 2. <CE2> system-view [CE2] interface gigabitethernet 1/1/1 [CE2-GigabitEthernet1/1/1] ip address 100.1.1.2 24 [CE2-GigabitEthernet1/1/1] quit Configure PE: # Enable L2VPN. <PE> system-view [PE] l2vpn enable # Create a cross-connect group named vpn1, create a cross-connect named vpn1 in the group, and bind GigabitEthernet 1/1/1 and GigabitEthernet 1/1/2 to the cross-connect.
Page 420 Figure 109 Network diagram Configuration procedure Configure CE 1. <CE1> system-view [CE1] interface gigabitethernet 1/1/1 [CE1-GigabitEthernet1/1/1] ip address 10.1.1.1 24 [CE1-GigabitEthernet1/1/1] quit Configure CE 2. <CE2> system-view [CE2] interface serial 1/1/0 [CE2-Serial1/1/0] link-protocol ppp [CE2-Serial1/1/0] ip address 10.1.1.2 24 [CE2-Serial1/1/0] quit Configure PE: # Enable L2VPN.
Page 421: Configuring A Static Pw
[PE-xcg-vpn1] quit Verifying the configuration # Verify that two AC forwarding entries exist on the PE. [PE] display l2vpn forwarding ac Total number of cross-connections: 1 Total number of ACs: 2 Xconnect-group Name Link ID GE1/1/1 vpn1 Ser1/1/0 vpn1 # Verify that CE 1 and CE 2 can ping each other. (Details not shown.) Configuring a static PW Network requirements Create a static PW between PE 1 and PE 2 over the backbone to allow communication between CE...
Page 422 [CE1-GigabitEthernet1/1/1] quit Configure PE 1: # Configure an LSR ID. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 192.2.2.2 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 192.2.2.2 # Enable L2VPN. [PE1] l2vpn enable # Enable global LDP. [PE1] mpls ldp [PE1-ldp] quit # Configure GigabitEthernet 1/1/2 (the interface connected to the P device), and enable LDP on the interface.
Page 423 # Configure GigabitEthernet 1/1/1 (the interface connected to PE 1), and enable LDP on the interface. [P] interface gigabitethernet 1/1/1 [P-GigabitEthernet1/1/1] ip address 10.1.1.2 24 [P-GigabitEthernet1/1/1] mpls enable [P-GigabitEthernet1/1/1] mpls ldp enable [P-GigabitEthernet1/1/1] quit # Configure GigabitEthernet 1/1/2 (the interface connected to PE 2), and enable LDP on the interface.
Page 424: Configuring An Ldp Pw
# Create a cross-connect group named vpna, create a cross-connect named svc in the group, and bind GigabitEthernet 1/1/1 to the cross-connect. [PE2] xconnect-group vpna [PE2-xcg-vpna] connection svc [PE2-xcg-vpna-svc] ac interface gigabitethernet 1/1/1 # Create a static PW for the cross-connect to bind the AC to the PW. [PE2-xcg-vpna-svc] peer 192.2.2.2 pw-id 3 in-label 200 out-label 100 [PE2-xcg-vpna-svc-192.2.2.2-3] quit [PE2-xcg-vpna-svc] quit...
Page 425 Figure 111 Network diagram Table 40 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 GE1/1/1 100.1.1.1/24 Loop0 192.4.4.4/32 PE 1 Loop0 192.2.2.2/32 GE1/1/1 10.1.1.2/24 GE1/1/1 GE1/1/2 10.2.2.2/24 GE1/1/2 10.1.1.1/24 PE 2 Loop0 192.3.3.3/32 CE 2 GE1/1/1 100.1.1.2/24...
Page 426 [PE1-GigabitEthernet1/1/2] mpls ldp enable [PE1-GigabitEthernet1/1/2] quit # Configure OSPF for LDP to create LSPs. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Create a cross-connect group named vpna, create a cross-connect named ldp in the group, and bind GigabitEthernet 1/1/1 to the cross-connect.
Page 427 [P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit Configure PE 2: # Configure an LSR ID. <PE2> system-view [PE2] interface loopback 0 [PE2-LoopBack0] ip address 192.3.3.3 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 192.3.3.3 # Enable L2VPN. [PE2] l2vpn enable # Enable global LDP. [PE2] mpls ldp [PE2-ldp] quit # Configure GigabitEthernet 1/1/2 (the interface connected to the P device), and enable LDP on...
Page 428: Configuring Ip Interworking Over An Ldp Pw
Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 1 1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: vpna Peer PW ID/Rmt Site...
Page 429 Device Interface IP address Device Interface IP address GE1/1/1 10.2.2.1/24 Configuration procedure Configure CE 1. <CE1> system-view [CE1] interface gigabitethernet 1/1/1 [CE1-GigabitEthernet1/1/1] ip address 100.1.1.1 24 [CE1-GigabitEthernet1/1/1] quit Configure PE 1: # Configure an LSR ID. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 192.2.2.2 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 192.2.2.2...
Page 430 [PE1-xcg-vpna-ldp] peer 192.3.3.3 pw-id 3 [PE1-xcg-vpna-ldp-192.3.3.3-3] quit [PE1-xcg-vpna-ldp] quit [PE1-xcg-vpna] quit Configure the P device: # Configure an LSR ID. <P> system-view [P] interface loopback 0 [P-LoopBack0] ip address 192.4.4.4 32 [P-LoopBack0] quit [P] mpls lsr-id 192.4.4.4 # Enable global LDP. [P] mpls ldp [P-ldp] quit # Configure GigabitEthernet 1/1/1 (the interface connected to PE 1), and enable LDP on the...
Page 431 # Configure GigabitEthernet 1/1/1 (the interface connected to the P device), and enable LDP on the interface. [PE2] interface gigabitethernet 1/1/1 [PE2-GigabitEthernet1/1/1] ip address 10.2.2.1 24 [PE2-GigabitEthernet1/1/1] mpls enable [PE2-GigabitEthernet1/1/1] mpls ldp enable [PE2-GigabitEthernet1/1/1] quit # Configure OSPF for LDP to create LSPs. [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0...
Page 432: Configuring A Bgp Pw
[PE2] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 1 1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: vpna Peer PW ID/Rmt Site...
Page 433 <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 192.2.2.2 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 192.2.2.2 # Enable L2VPN. [PE1] l2vpn enable # Enable global LDP. [PE1] mpls ldp [PE1-ldp] quit # Configure GigabitEthernet 1/1/2 (the interface connected to the P device), and enable LDP on the interface.
Page 434 [P-LoopBack0] ip address 192.4.4.4 32 [P-LoopBack0] quit [P] mpls lsr-id 192.4.4.4 # Enable global LDP. [P] mpls ldp [P-ldp] quit # Configure GigabitEthernet 1/1/1 (the interface connected to PE 1), and enable LDP on the interface. [P] interface gigabitethernet 1/1/1 [P-GigabitEthernet1/1/1] ip address 10.1.1.2 24 [P-GigabitEthernet1/1/1] mpls enable [P-GigabitEthernet1/1/1] mpls ldp enable...
Page 435 [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 10.2.2.0 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit # Create an IBGP connection to PE 1, and enable BGP to advertise L2VPN information to PE 1. [PE2] bgp 100 [PE2-bgp-default] peer 192.2.2.2 as-number 100 [PE2-bgp-default] peer 192.2.2.2 connect-interface loopback 0 [PE2-bgp-default] address-family l2vpn [PE2-bgp-default-l2vpn] peer 192.2.2.2 enable...
Page 436: Configuring A Remote Ccc Connection
Xconnect-group Name: vpnb Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State 192.2.2.2 1025/1036 # Verify that CE 1 and CE 2 can ping each other. (Details not shown.) Configuring a remote CCC connection Network requirements Create a remote CCC connection between PE 1 and PE 2 to allow communication between CE 1 and CE 2.
Page 437 # Enable L2VPN. [PE1] l2vpn enable # Configure GigabitEthernet 1/1/2 (the interface connected to the P device), and enable MPLS on the interface. [PE1] interface gigabitethernet 1/1/2 [PE1-GigabitEthernet1/1/2] ip address 10.1.1.1 24 [PE1-GigabitEthernet1/1/2] mpls enable [PE1-GigabitEthernet1/1/2] quit # Configure OSPF. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255...
Page 438: Configure Ospf
[P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit Configure PE 2: # Configure an LSR ID. <PE2> system-view [PE2] interface loopback 0 [PE2-LoopBack0] ip address 192.3.3.3 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 192.3.3.3 # Enable L2VPN.
Page 439: Configuring An Intra-Domain Multi-Segment Pw
Total number of PWs: 1 1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: ccc Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State 10.1.1.2 101/201 Static # Verify that a remote CCC connection has been established on PE 2. [PE2] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 1...
Page 440 Configuration procedure Configure CE 1. <CE1> system-view [CE1] interface gigabitethernet 1/1/1 [CE1-GigabitEthernet1/1/1] ip address 100.1.1.1 24 [CE1-GigabitEthernet1/1/1] quit Configure PE 1: # Configure an LSR ID. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 192.2.2.2 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 192.2.2.2 # Enable L2VPN.
Page 441 # Configure MPLS TE to establish an MPLS TE tunnel between PE 1 and P, and between P and PE 2. For more information, see "Configuring MPLS TE." # Create a cross-connect group named vpn1, create a cross-connect named ldpsvc in the group, and create an LDP PW and a static PW for the cross-connect to form a multi-segment [P] xconnect-group vpn1 [P-xcg-vpn1] connection ldpsvc...
Page 442: Configuring An Inter-Domain Multi-Segment Pw
192.2.2.2 1000 1279/1150 192.3.3.3 1000 100/200 Static M # Verify that a PW has been created on PE 1. [PE1] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 1 1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: vpn1...
Page 443 Figure 116 Network diagram Table 45 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 GE1/1/1 100.1.1.1/24 ASBR 1 Loop0 192.2.2.2/32 PE 1 Loop0 192.1.1.1/32 GE1/1/2 23.1.1.2/24 GE1/1/2 23.1.1.1/24 GE1/1/1 26.2.2.2/24 PE 2 Loop0 192.4.4.4/32 ASBR 2 Loop0...
Page 444 [PE1-GigabitEthernet1/1/2] mpls ldp enable [PE1-GigabitEthernet1/1/2] quit # Configure OSPF for LDP to create LSPs. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 23.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Create a cross-connect group named vpn1, create a cross-connect named ldp in the group, and bind GigabitEthernet 1/1/1 to the cross-connect.
Page 445 [ASBR1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0 [ASBR1-ospf-1-area-0.0.0.0] quit [ASBR1-ospf-1] quit # Configure BGP to advertise labeled routes on ASBR 1. [ASBR1] bgp 100 [ASBR1-bgp-default] peer 26.2.2.3 as-number 200 [ASBR1-bgp-default] address-family ipv4 unicast [ASBR1-bgp-default-ipv4] import-route direct [ASBR1-bgp-default-ipv4] peer 26.2.2.3 enable [ASBR1-bgp-default-ipv4] peer 26.2.2.3 route-policy policy1 export [ASBR1-bgp-default-ipv4] peer 26.2.2.3 label-route-capability [ASBR1-bgp-default-ipv4] quit [ASBR1-bgp-default] quit...
Page 446 [ASBR2-GigabitEthernet1/1/1] ip address 26.2.2.3 24 [ASBR2-GigabitEthernet1/1/1] mpls enable [ASBR2-GigabitEthernet1/1/1] quit # Configure OSPF for LDP to create LSPs. [ASBR2] ospf [ASBR2-ospf-1] area 0 [ASBR2-ospf-1-area-0.0.0.0] network 22.2.2.3 0.0.0.255 [ASBR2-ospf-1-area-0.0.0.0] network 192.3.3.3 0.0.0.0 [ASBR2-ospf-1-area-0.0.0.0] quit [ASBR2-ospf-1] quit # Configure BGP to advertise labeled routes on ASBR 2. [ASBR2] bgp 200 [ASBR2-bgp-default] peer 26.2.2.2 as-number 100 [ASBR2-bgp-default] address-family ipv4 unicast...
Page 447 [PE2-GigabitEthernet1/1/2] ip address 22.2.2.1 24 [PE2-GigabitEthernet1/1/2] mpls enable [PE2-GigabitEthernet1/1/2] mpls ldp enable [PE2-GigabitEthernet1/1/2] quit # Configure OSPF for LDP to create LSPs. [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] network 22.2.2.1 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit # Create a cross-connect group named vpn1, create a cross-connect named ldp in the group, and bind GigabitEthernet 1/1/1 to the cross-connect.
Page 448 [ASBR2] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 2 2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: vpn1 Peer PW ID/Rmt Site...
Page 449: Configuring Vpls
Configuring VPLS Overview Virtual Private LAN Service (VPLS) delivers a point-to-multipoint L2VPN service over an MPLS or IP backbone. The provider backbone emulates a switch to connect all geographically dispersed sites of each customer network. The backbone is transparent to the customer sites. The sites can communicate with each other as if they were on the same LAN.
Page 450: Vpls Implementation
to create a single Layer 2 VPN, which is referred to as a VPLS instance. Sites in different VPLS instances cannot communicate with each other at Layer 2. • VSI—A virtual switch instance provides Layer 2 switching services for a VPLS instance on a PE. A VSI acts as a virtual switch that has all the functions of a conventional Ethernet switch, including source MAC address learning, MAC address aging, and flooding.
Page 451 Figure 118 Source MAC address learning on a PE The MAC address table uses an aging timer for each dynamic MAC address entry. If no packet is received from a MAC address before the aging timer expires, VPLS deletes the MAC address. When an AC or a PW goes down, the PE deletes MAC addresses on the AC or PW.
Page 452: H-Vpls
PW full mesh and split horizon A Layer 2 network requires a loop prevention protocol such as STP to avoid loops. However, a loop prevention protocol on PEs brings management and maintenance difficulties. Therefore, VPLS uses the following methods to prevent loops: •...
Page 453 Figure 120 H-VPLS using Ethernet access As shown in Figure 120, the edge domain is an Ethernet network. The UPE and NPE 1 establish a point-to-point Ethernet QinQ connection in between. After the UPE receives a packet from a CE, it adds an outer VLAN tag into the packet and forwards the packet to NPE 1.
Page 454: Hub-Spoke Networking
• A primary and backup U-PW switchover is triggered by a command. Hub-spoke networking The hub-spoke network model has one hub site and multiple spoke sites. The spoke sites cannot directly communicate with each other. Traffic between spoke sites must travel through the hub site, so the hub site can implement centralized traffic management.
Page 455: Enabling L2Vpn
• Configure VPLS on PEs. For example, configure a VSI, establish a PW, and associate an AC and a VSI. This chapter describes only VPLS configurations on a PE. For information about other configurations, see relevant configuration guides. To configure VPLS on a PE, perform the following tasks: Tasks at a glance Remarks (Required.)
Page 456: Configuring A Layer 3 Interface
NOTE: When VLANs are globally unique, packets with the same VLAN ID are forwarded by the same VSI regardless of the receiving interfaces. If VLANs are unique on a per interface basis, packets with the same VLAN ID from different interfaces can be forwarded by different VSIs. Configuring a Layer 3 interface To create a Layer 2 link between a PE and a CE, configure the Layer 3 interface that connects the PE to the CE.
Page 457: Configuring A Static Pw
Step Command Remarks (Optional.) Specify the PW By default, the PW data pw-type { ethernet | vlan } data encapsulation type. encapsulation type is VLAN. Configuring a static PW Step Command Remarks Enter system view. system-view Enter VSI view. vsi vsi-name [ hub-spoke ] Specify static signaling By default, no PW signaling protocol is for PWs, and enter VSI...
Page 458: Configuring A Bgp Pw
Step Command Remarks By default, no LDP PWs exist. If both the default PW ID in the default-pw-id command and a PW ID in the peer command are configured, the PW ID in the peer command is used. If only the default PW ID is configured, the default PW ID is used.
Page 459 Step Command Remarks (Optional.) Permit the local AS number to appear in By default, the local AS peer { group-name | ip-address routes from the specified number is not allowed in [ mask-length ] } allow-as-loop peer or peer group and routes from a peer or peer [ number ] specify the appearance...
Page 460: Configuring A Bgp Auto-Discovery Ldp Pw
Step Command Remarks (Optional.) Specify a PW By default, no PW class is class for the auto-discovery pw-class class-name specified. VSI. (Optional.) Specify a tunnel By default, no tunnel policy is policy for the auto-discovery tunnel-policy tunnel-policy-name specified. VSI. Use BGP to create a PW to an automatically discovered By default, no signaling protocol is remote PE and enter...
Page 461 Step Command Remarks (Optional.) Configure the router as an RR and specify a peer { group-name | ip-address By default, no RR or client is peer or peer group as its [ mask-length ] } reflect-client configured. client. 10. (Optional.) Enable L2VPN By default, L2VPN information information reflection reflect between-clients...
Page 462: Binding A Layer 3 Interface To A Vsi
Step Command Remarks Use LDP to create a PW to an automatically discovered By default, no signaling protocol is remote PE and enter signaling-protocol ldp specified. auto-discovery VSI LDP signaling view. Configure a VPLS ID for the By default, no VPLS ID is vpls-id vpls-id VSI.
Page 463: Configuring Static Pw Redundancy
• Perform a manual PW switchover. Configuring static PW redundancy Step Command Remarks Enter system view. system-view Enter VSI view. vsi vsi-name [ hub-spoke ] Specify static signaling for By default, no PW signaling PWs, and enter VSI static pwsignaling static protocol is specified for the VSI.
Page 464: Configuring Mac Address Learning
Step Command Remarks peer ip-address [ pw-id pw-id ] [ hub | no-split-horizon | Configure an LDP PW and pw-class class-name | By default, no LDP PWs exist. enter VSI LDP PW view. tunnel-policy tunnel-policy-name ] By default, no backup LDP PW exists.
Page 465: Displaying And Maintaining Vpls
Displaying and maintaining VPLS Execute display commands in any view and reset commands in user view. Task Command display l2vpn ldp [ peer ip-address [ pw-id pw-id | vpls-id Display LDP PW label information. vpls-id ] | vsi vsi-name ] [ verbose ] Display L2VPN forwarding information (in display l2vpn forwarding { ac | pw } [ vsi vsi-name ] [ slot standalone mode).
Page 466: Vpls Configuration Examples
VPLS configuration examples Static PW configuration example Network requirements CEs are connected to the PEs through Layer 3 Ethernet interfaces (GigabitEthernet 1/1/1). Configure a VSI on each PE, and establish static PWs between the PEs to interconnect the CEs. Figure 123 Network diagram Configuration procedure This task includes the following configurations: •...
Page 467 [PE1-GigabitEthernet1/1/2] quit # Configure GigabitEthernet 1/1/3 (the interface connected to PE 3), and enable LDP on the interface. [PE1] interface gigabitethernet 1/1/3 [PE1-GigabitEthernet1/1/3] ip address 30.1.1.1 24 [PE1-GigabitEthernet1/1/3] mpls enable [PE1-GigabitEthernet1/1/3] mpls ldp enable [PE1-GigabitEthernet1/1/3] quit # Configure OSPF for LDP to create LSPs. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255...
Page 468 # Configure GigabitEthernet 1/1/3 (the interface connected to PE 3), and enable LDP on the interface. [PE2] interface gigabitethernet 1/1/3 [PE2-GigabitEthernet1/1/3] ip address 40.1.1.2 24 [PE2-GigabitEthernet1/1/3] mpls enable [PE2-GigabitEthernet1/1/3] mpls ldp enable [PE2-GigabitEthernet1/1/3] quit # Configure OSPF for LDP to create LSPs. [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255...
Page 469 # Configure GigabitEthernet 1/1/3 (the interface connected to PE 2), and enable LDP on the interface. [PE3] interface gigabitethernet 1/1/3 [PE3-GigabitEthernet1/1/3] ip address 40.1.1.3 24 [PE3-GigabitEthernet1/1/3] mpls enable [PE3-GigabitEthernet1/1/3] mpls ldp enable [PE3-GigabitEthernet1/1/3] quit # Configure OSPF for LDP to create LSPs. [PE3] ospf [PE3-ospf-1] area 0 [PE3-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255...
Page 470: Ldp Pw Configuration Example
VCCV CC VCCV BFD Tunnel Group ID : 0x260000002 Tunnel NHLFE IDs : 1028 LDP PW configuration example Network requirements CEs are connected to the PEs through Layer 3 Ethernet interfaces (GigabitEthernet 1/1/1). Configure a VSI on each PE, and establish LDP PWs between the PEs to interconnect the CEs. Figure 124 Network diagram Configuration procedure Configure an IGP and public tunnels on each PE.
Page 471 [PE1-vsi-aaa-ldp] quit [PE1-vsi-aaa] quit # Bind Layer 3 Ethernet interface GigabitEthernet 1/1/1 to VSI aaa. [PE1] interface gigabitethernet 1/1/1 [PE1-GigabitEthernet1/1/1] xconnect vsi aaa [PE1-GigabitEthernet1/1/1] quit Configure PE 2: # Configure basic MPLS. <PE2> system-view [PE2] interface loopback 0 [PE2-LoopBack0] ip address 2.2.2.9 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 2.2.2.9 [PE2] mpls ldp...
Page 472: Bgp Pw Configuration Example
[PE3-vsi-aaa-ldp] peer 2.2.2.9 pw-id 500 [PE3-vsi-aaa-ldp-2.2.2.9-500] quit [PE3-vsi-aaa-ldp] quit [PE3-vsi-aaa] quit # Bind Layer 3 Ethernet interface GigabitEthernet 1/1/1 to VSI aaa. [PE3] interface gigabitethernet 1/1/1 [PE3-GigabitEthernet1/1/1] xconnect vsi aaa [PE2-GigabitEthernet1/1/1] quit Verifying the configuration # Verify that two LDP PWs in up state have been established on PE 1. [PE1] display l2vpn pw verbose VSI Name: aaa Peer: 2.2.2.9...
Page 473 Figure 125 Network diagram Configuration procedure Configure an IGP and public tunnels on each PE. (Details not shown.) Configure PE 1: # Configure basic MPLS. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 1.1.1.9 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls ldp [PE1-ldp] quit # Establish IBGP connections to PE 2 and PE 3, and use BGP to advertise VPLS label block...
Page 474 [PE1-vsi-aaa-auto-bgp] quit [PE1-vsi-aaa-auto] quit [PE1-vsi-aaa] quit # Bind Layer 3 Ethernet interface GigabitEthernet 1/1/1 to VSI aaa. [PE1] interface gigabitethernet 1/1/1 [PE1-GigabitEthernet1/1/1] xconnect vsi aaa [PE1-GigabitEthernet1/1/1] quit Configure PE 2: # Configure basic MPLS. <PE2> system-view [PE2] interface loopback 0 [PE2-LoopBack0] ip address 2.2.2.9 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 2.2.2.9...
Page 475 [PE3-LoopBack0] ip address 3.3.3.9 32 [PE3-LoopBack0] quit [PE3] mpls lsr-id 3.3.3.9 [PE3] mpls ldp [PE3-ldp] quit # Establish IBGP connections to PE 1 and PE 2, and use BGP to advertise VPLS label block information. [PE3] bgp 100 [PE3-bgp-default] peer 1.1.1.9 as-number 100 [PE3-bgp-default] peer 1.1.1.9 connect-interface loopback 0 [PE3-bgp-default] peer 2.2.2.9 as-number 100 [PE3-bgp-default] peer 2.2.2.9 connect-interface loopback 0...
Page 476: Bgp Auto-Discovery Ldp Pw Configuration Example
Signaling Protocol : BGP Link ID : 10 PW State : Up In Label : 1296 Out Label: 1025 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x800000060000000 Tunnel NHLFE IDs : 1026 # Display VPLS label block information received from PE 2 and PE 3 on PE 1. [PE1] display l2vpn bgp verbose VSI Name: aaa Remote Site ID...
Page 477 Figure 126 Network diagram Configuration procedure Configure an IGP and public tunnels on each PE. (Details not shown.) Configure PE 1: # Configure basic MPLS. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 1.1.1.9 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls ldp [PE1-ldp] quit # Establish IBGP connections to PE 1 and PE 2, and use BGP to advertise VPLS PE...
Page 478 [PE1-vsi-aaa-auto-ldp] vpls-id 100:100 [PE1-vsi-aaa-auto-ldp] quit [PE1-vsi-aaa-auto] quit [PE1-vsi-aaa] quit # Bind Layer 3 Ethernet interface GigabitEthernet 1/1/1 to VSI aaa. [PE1] interface gigabitethernet 1/1/1 [PE1-GigabitEthernet1/1/1] xconnect vsi aaa [PE1-GigabitEthernet1/1/1] quit Configure PE 2: # Configure basic MPLS. <PE2> system-view [PE2] interface loopback 0 [PE2-LoopBack0] ip address 2.2.2.9 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 2.2.2.9...
Page 479 <PE3> system-view [PE3] interface loopback 0 [PE3-LoopBack0] ip address 3.3.3.9 32 [PE3-LoopBack0] quit [PE3] mpls lsr-id 3.3.3.9 [PE3] mpls ldp [PE3-ldp] quit # Establish IBGP connections to PE 1 and PE 2, and use BGP to advertise VPLS PE information. [PE3] bgp 100 [PE3-bgp-default] peer 1.1.1.9 as-number 100 [PE3-bgp-default] peer 1.1.1.9 connect-interface loopback 0...
Page 480 Tunnel Group ID : 0x800000060000000 Tunnel NHLFE IDs : 1029 Peer: 3.3.3.9 VPLS ID: 100:100 Signaling Protocol : LDP Link ID PW State : Up In Label : 1554 Out Label: 1416 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x800000160000001...
Page 481: H-Vpls Using Mpls Access Configuration Example
H-VPLS using MPLS access configuration example Network requirements Configure an H-VPLS network using MPLS access to avoid full-mesh PW configuration. The H-VPLS uses LDP as the PW signaling protocol. Figure 127 Network diagram Configuration procedure Configure an IGP and public tunnels on each PE. (Details not shown.) Configure UPE: # Configure basic MPLS.
Page 482 # Configure basic MPLS. <NPE1> system-view [NPE1] interface loopback 0 [NPE1-LoopBack0] ip address 2.2.2.9 32 [NPE1-LoopBack0] quit [NPE1] mpls lsr-id 2.2.2.9 [NPE1] mpls ldp [NPE1–ldp] quit # Enable L2VPN. [NPE1] l2vpn enable # Configure VSI aaa that uses LDP as the PW signaling protocol, establish a U-PW to the UPE, and establish N-PWs to NPE 2 and NPE 3.
Page 483 # Configure basic MPLS. <NPE3> system-view [NPE3] interface loopback 0 [NPE3-LoopBack0] ip address 4.4.4.9 32 [NPE3-LoopBack0] quit [NPE3] mpls lsr-id 4.4.4.9 [NPE3] mpls ldp [NPE3–ldp] quit # Enable L2VPN. [NPE3] l2vpn enable # Configure VSI aaa that uses LDP as the PW signaling protocol, and establish N-PWs to NPE 1 and NPE 2.
Page 484 Tunnel Group ID : 0x460000000 Tunnel NHLFE IDs : 1030 Peer: 3.3.3.9 PW ID: 500 Signaling Protocol : LDP Link ID PW State : Up In Label : 1276 Out Label: 1275 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x560000001...
Page 485: H-Vpls Upe Dual Homing Configuration Example
Link ID PW State : Up In Label : 1279 Out Label: 1278 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x660000000 Tunnel NHLFE IDs : 1031 Peer: 3.3.3.9 PW ID: 500 Signaling Protocol : LDP Link ID PW State : Up...
Page 486 Configure UPE: # Configure basic MPLS. <UPE> system-view [UPE] interface loopback 0 [UPE-LoopBack0] ip address 1.1.1.1 32 [UPE-LoopBack0] quit [UPE] mpls lsr-id 1.1.1.1 [UPE] mpls ldp [UPE-ldp] quit # Enable L2VPN. [UPE] l2vpn enable # Configure VSI aaa that uses LDP as the PW signaling protocol, and establish the primary PW to NPE 1 and the backup PW to NPE 2.
Page 487 [NPE1-vsi-aaa-ldp] peer 4.4.4.4 pw-id 500 [NPE1-vsi-aaa-ldp-4.4.4.4-500] quit [NPE1-vsi-aaa-ldp] quit [NPE1-vsi-aaa] quit Configure NPE 2: # Configure basic MPLS. <NPE2> system-view [NPE2] interface loopback 0 [NPE2-LoopBack0] ip address 3.3.3.3 32 [NPE2-LoopBack0] quit [NPE2] mpls lsr-id 3.3.3.3 [NPE2] mpls ldp [NPE2–ldp] quit # Enable L2VPN.
Page 488 # Bind Layer 3 Ethernet interface GigabitEthernet 1/1/1 to VSI aaa. [NPE3] interface gigabitethernet 1/1/1 [NPE3-GigabitEthernet1/1/1] xconnect vsi aaa [NPE3-GigabitEthernet1/1/1] quit Verifying the configuration # Verify that PWs in up state have been established on each PE. [UPE] display l2vpn pw verbose VSI Name: aaa Peer: 2.2.2.2 PW ID: 500...
Page 489 VCCV BFD Tunnel Group ID : 0x160000005 Tunnel NHLFE IDs : 1027 Peer: 4.4.4.4 PW ID: 500 Signaling Protocol : LDP Link ID : 10 PW State : Up In Label : 1278 Out Label: 1279 : 1500 PW Attributes : Main VCCV CC VCCV BFD...
Page 490 Signaling Protocol : LDP Link ID PW State : Up In Label : 1279 Out Label: 1278 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x60000000 Tunnel NHLFE IDs : 1026 Peer: 3.3.3.3 PW ID: 500 Signaling Protocol : LDP Link ID...
Page 491: Configuring L2Vpn Access To L3Vpn Or Ip Backbone
Configuring L2VPN access to L3VPN or IP backbone Both MPLS L2VPN and VPLS support the L2VPN access to L3VPN or IP backbone feature. MPLS L2VPN provides point-to-point connections, and VPLS provides point-to-multipoint connections. Unless otherwise specified, the term "MPLS L2VPN" in this document refers to both MPLS L2VPN and VPLS.
Page 492: Improved L2Vpn Access To L3Vpn Or Ip Backbone
Figure 129 Network diagram In the conventional networking mode, two devices are required to connect the MPLS L2VPN and the MPLS L3VPN or IP backbone (PE 2 and PE 3 in this example). One (PE 2) is required for terminating the MPLS L2VPN, and the other (PE 3) is required for accessing the MPLS L3VPN or IP backbone.
Page 493: Configuring Conventional L2Vpn Access To L3Vpn Or Ip Backbone
Figure 130 Network diagram Packet processing in PE-agg Input interface Output interface VE-L2VPN VE-L3VPN MPLS L2VPN MPLS L3VPN/ access network IP backbone PE 1 PE 4 PE-agg VPN 1 VPN 1 Site 1 Site 2 CE 1 CE 2 The PE-agg connects the MPLS L2VPN and the backbone through the L2VE interface and the L3VE interface.
Page 494: Configuring An L2Ve Interface
• Configure MPLS L3VPN or IP routes. For more information about MPLS L3VPN configuration, see "Configuring MPLS L3VPN." Configuring an L2VE interface Step Command Remarks Enter system view. system-view By default, no L2VE interfaces exist. Create an L2VE interface ve-l2vpn interface and enter its You can create a maximum of 8192 interface-number...
Page 495: Displaying And Maintaining L2Vpn Access To L3Vpn Or Ip Backbone
Displaying and maintaining L2VPN access to L3VPN or IP backbone Execute display commands in any view and reset commands in user view. Task Command Display information about L2VE display interface [ ve-l2vpn interface-number | ve-l3vpn interface-number ] [ brief [ description | down ] ] interfaces or L3VE interfaces.
Page 496 Figure 131 Network diagram Table 46 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 Ser1/1/0 100.1.1.1/24 PE-agg Loop0 3.3.3.9/32 PE 1 Loop0 1.1.1.9/32 POS1/1/0 10.2.2.2/24 POS1/1/0 10.2.1.1/24 POS1/1/1 10.3.3.1/24 Loop0 2.2.2.9/32 VE-L3VPN1 100.1.1.2/24 POS1/1/0 10.2.1.2/24 PE 2...
Page 497 # Configure the P device. <P> system-view [P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [P-ospf-1-area-0.0.0.0] network 10.2.2.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 10.2.1.0 0.0.0.255 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit # Configure PE-agg. [PEagg] ospf [PEagg-ospf-1] area 0 [PEagg-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [PEagg-ospf-1-area-0.0.0.0] network 10.2.2.0 0.0.0.255 [PEagg-ospf-1-area-0.0.0.0] quit [PEagg-ospf-1] quit...
Page 498 c. Enable L2VPN on PE 1 and PE-agg: # Configure PE 1. [PE1] l2vpn enable # Configure PE-agg. [PEagg] l2vpn enable d. Configure the AC interfaces of PE 1 and PE-agg, create PWs that support interworking, and bind the interface to the PWs: # On Serial 1/1/0 of PE 1, configure PPP to support IPCP negotiation without IP address.
Page 499 [PEagg-LoopBack0] quit # Configure PE 2. [PE2] isis 1 [PE2-isis-1] network-entity 10.0000.0000.0002.00 [PE2-isis-1] quit [PE2] interface pos 1/1/0 [PE2-Pos1/1/0] isis enable 1 [PE2-Pos1/1/0] quit [PE2] interface loopback 0 [PE2-LoopBack0] isis enable 1 [PE2-LoopBack0] quit b. Configure basic MPLS and MPLS LDP on PE-agg and PE 2: # Configure PE-agg.
Page 500 <CE1> system-view [CE1] bgp 65010 [CE1-bgp] peer 100.1.1.2 as-number 100 [CE1-bgp] address-family ipv4 [CE1-bgp-ipv4] peer 100.1.1.2 enable [CE1-bgp-ipv4] import-route direct [CE1-bgp-ipv4] quit [CE1-bgp] quit # Configure PE-agg and specify CE 1 as the peer. [PEagg] bgp 100 [PEagg-bgp] ip vpn-instance VPN1 [PEagg-bgp-VPN1] peer 100.1.1.1 as-number 65010 [PEagg-bgp-VPN1] address-family ipv4 [PEagg-bgp-ipv4-VPN1] peer 100.1.1.1 enable...
Page 501: Access To Ip Backbone Through An Ldp Vpls
[PE2-bgp] peer 3.3.3.9 connect-interface loopback 0 [PE2-bgp] address-family vpnv4 [PE2-bgp-vpnv4] peer 3.3.3.9 enable [PE2-bgp-vpnv4] quit [PE2-bgp] quit The default MTU value varies by interface type. To avoid packet fragmentation, set the MTU value for each POS interface on each device to 1500 bytes. The following shows the MTU configuration on PE 1.
Page 502 Table 47 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 GE1/1/1 100.1.1.1/24 PE-agg Loop0 3.3.3.9/32 PE 1 Loop0 1.1.1.9/32 POS1/1/0 10.2.2.2/24 POS1/1/0 10.2.1.1/24 POS1/1/1 10.3.3.1/24 Loop0 2.2.2.9/32 VE-L3VPN1 100.1.1.2/24 POS1/1/0 10.2.1.2/24 PE 2 POS1/1/0 10.3.3.2/24 POS1/1/1...
Page 503 [PEagg-ospf-1-area-0.0.0.0] quit [PEagg-ospf-1] quit b. Configure basic MPLS and MPLS LDP on PE 1, P, and PE-agg: # Configure PE 1. [PE1] mpls lsr-id 1.1.1.9 [PE1] mpls ldp [PE1-ldp] lsp-trigger all [PE1-ldp] quit [PE1] interface pos 1/1/0 [PE1-Pos1/1/0] mpls enable [PE1-Pos1/1/0] mpls ldp enable [PE1-Pos1/1/0] quit # Configure the P device.
Page 504 [PE1-vsi-vpna] quit # On PE-agg, create VSI vpna, and specify the PW signaling protocol for the VSI as LDP. [PEagg] vsi vpna [PEagg-vsi-vpna] pwsignaling ldp # On PE-agg, create an LDP PW: specify the peer PE address as 1.1.1.9, and set the PW ID to 500.
Page 505 The default MTU value varies by interface type. To avoid packet fragmentation, set the MTU value for each POS interface on each device to 1500 bytes. The following shows the MTU configuration on PE 1. [PE1] int pos 1/1/0 [PE1-Pos1/1/0] mtu 1500 [PE1-Pos1/1/0] shutdown [PE1-Pos1/1/0] undo shutdown Verifying the configuration...
Page 506: Configuring Mpls Oam
Configuring MPLS OAM Overview MPLS Operation, Administration, and Maintenance (OAM) provides fault management tools for the following purposes: • MPLS data plane connectivity verification. • Data plane and control plane consistency verification. • Fault locating. These fault management tools include the following types: •...
Page 507: Periodic Mpls Tracert
• Static mode—You manually specify the local and remote discriminators through command lines to establish the BFD session. • Dynamic mode—The system automatically runs MPLS ping to negotiate the discriminators to establish the BFD session. In static mode, the egress node returns a BFD control packet to the ingress node through the reverse tunnel.
Page 508: Configuring Mpls Tracert For Lsps
Task Command ping mpls [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m wait-time | -r reply-mode | -rtos tos-value | -s Use MPLS ping to verify MPLS LSP packet-size | -t time-out | -v ] * ipv4 ipv4-address connectivity for an IPv4 prefix.
Page 509: Configuring Periodic Mpls Tracert For Lsps
To configure BFD for LSPs: Step Command Remarks Enter system view. system-view By default, BFD for MPLS is Enable BFD for MPLS. mpls bfd enable disabled. By default, the device sends BFD packets carrying the Router Alert option to detect an LSP. Execute this command on the (Optional.) Remove the local device if the peer device...
Page 510: Configuring Mpls Tracert For Mpls Te Tunnels
Configuring MPLS tracert for MPLS TE tunnels Perform the following task in any view: Task Command tracert mpls [ -a source-ip | -exp exp-value | -h ttl-value | -r Use MPLS tracert to trace an MPLS reply-mode | -rtos tos-value | -t time-out | -v | fec-check ] * te TE tunnel.
Page 511: Configuring Mpls Oam For A Pw
Step Command Remarks Configure BFD to verify mpls bfd [ discriminator local By default, BFD is not configured MPLS TE tunnel local-id remote remote-id ] to verify MPLS TE tunnel connectivity. [ template template-name ] connectivity. Configuring MPLS OAM for a PW Virtual Circuit Connectivity Verification (VCCV) is an L2VPN PW OAM feature to verify PW connectivity in data plane.
Page 512 Create the PW, and use the PW class created in the previous step for the PW. If both PEs of the PW have configured BFD and use the same BFD packet encapsulation type, the PEs use the specified encapsulation type to verify PW connectivity. Otherwise, the PEs do not use BFD to verify PW connectivity.
Page 513 Step Command Remarks By default, no local and remote discriminators are configured. 12. (Optional.) Set the local and Make sure the local discriminator remote discriminators for bfd discriminator local local-id and remote discriminator the BFD session used to remote remote-id configured on the local PE are the verify the connectivity of the same as the remote discriminator...
Page 514 Step Command Remarks By default, no local and remote discriminators are set. 12. (Optional.) Set the local and Make sure the local discriminator remote discriminators for bfd discriminator local local-id and remote discriminator the BFD session used to remote remote-id configured on the local PE are the verify the connectivity of the same as the remote discriminator...
Page 515: Displaying Mpls Oam
Step Command Remarks By default, no local and remote discriminators are set. 12. (Optional.) Set the local and Make sure the local discriminator remote discriminators for bfd discriminator local local-id and remote discriminator the BFD session used to remote remote-id configured on the local PE are the verify the connectivity of the same as the remote discriminator...
Page 516 <RouterB> system-view [RouterB] ospf [RouterB-ospf-1] area 0 [RouterB-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [RouterB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [RouterB-ospf-1-area-0.0.0.0] quit [RouterB-ospf-1] quit # Configure Router C. <RouterC> system-view [RouterC] ospf [RouterC-ospf-1] area 0 [RouterC-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [RouterC-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [RouterC-ospf-1-area-0.0.0.0] quit [RouterC-ospf-1] quit Enable MPLS and LDP:...
Page 517: Verifying The Configuration
[RouterA] mpls bfd 3.3.3.9 32 # Configure Router C. [RouterC] mpls bfd enable [RouterC] mpls bfd 1.1.1.9 32 Verifying the configuration # Display BFD information for LSPs on Router A and Router C, for example, on Router A. [RouterA] display mpls bfd Total number of sessions: 2, 2 up, 0 down, 0 init FEC Type: LSP FEC Info:...
Page 518: Configuring Mce
Configuring MCE This chapter describes MCE configuration. MPLS L3VPN overview MPLS L3VPN is a L3VPN technology used to interconnect geographically dispersed VPN sites. MPLS L3VPN uses BGP to advertise VPN routes and uses MPLS to forward VPN packets over a service provider backbone.
Page 519 • The classification of a site depends on the topology relationship of the devices, rather than the geographical positions. However, the devices at a site are, in most cases, adjacent to each other geographically. • The devices at a site can belong to multiple VPNs, which means that a site can belong to multiple VPNs.
Page 520: Mce Overview
• When the Type field is 2, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1. To guarantee global uniqueness for a VPN-IPv4 address, do not set the Administrator subfield to any private AS number or private IP address.
Page 521: Mce Configuration Task List
Figure 136 Network diagram for the MCE feature You can configure static routes, RIP, OSPF, IS-IS, EBGP, or IBGP between an MCE and a VPN site and between an MCE and a PE. NOTE: To implement dynamic IP assignment for DHCP clients in private networks, you can configure DHCP server or DHCP relay agent on the MCE.
Page 522: Creating A Vpn Instance
Creating a VPN instance A VPN instance is a collection of the VPN membership and routing rules of its associated site. A VPN instance might correspond to more than one VPN. To create and configure a VPN instance: Step Command Remarks Enter system view.
Page 523: Configuring Routing On An Mce
Step Command Remarks • Enter VPN instance view: Configurations made in VPN ip vpn-instance instance view apply to both IPv4 vpn-instance-name VPN and IPv6 VPN. Enter VPN instance • Enter IPv4 VPN view: IPv4 VPN prefers the view or IPv4 VPN view a.
Page 524: Configuring Routing Between An Mce And A Vpn Site
Before you configure routing on an MCE, configure VPN instances, and bind the VPN instances to the interfaces connected to the VPN sites and the PE. Configuring routing between an MCE and a VPN site You can configure static routing, RIP, OSPF, IS-IS, EBGP or IBGP between an MCE and a VPN site. Configuring static routing between an MCE and a VPN site An MCE can reach a VPN site through a static route.
Page 525 Binding OSPF processes to VPN instances can isolate routes of different VPNs. For more information about OSPF, see Layer 3—IP Routing Configuration Guide. To configure OSPF between an MCE and a VPN site: Step Command Remarks Enter system view. system-view Perform this configuration on the MCE.
Page 526 Step Command Remarks By default, IS-IS does not import-route protocol redistribute routes from any other [ process-id | all-processes | routing protocol. Redistribute remote site allow-ibgp ] [ allow-direct | cost If you do not specify the route routes advertised by the PE cost-value | cost-type { external | level in the command, the into IS-IS.
Page 527 Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. By default, BGP is not enabled. instance-name ] peer { group-name | Configure the MCE as an By default, no BGP peers or ipv4-address [ mask-length ] } EBGP peer.
Page 528: Configuring Routing Between An Mce And A Pe
Step Command Remarks import-route protocol Redistribute remote site [ process-id | all-processes ] By default, no routes are routes advertised by the [ allow-direct | med med-value redistributed into BGP. PE into BGP. | route-policy route-policy-name ] * Configure a VPN site: Step Command Remarks...
Page 529 Step Command Remarks (Optional.) Set the ip route-static default-preference The default default preference for default-preference preference is 60. static routes. Configuring RIP between an MCE and a PE Step Command Remarks Enter system view. system-view Create a RIP process for rip [ process-id ] vpn-instance a VPN instance and enter vpn-instance-name...
Page 530 Step Command Remarks Create an IS-IS process for a VPN isis [ process-id ] vpn-instance instance and enter vpn-instance-name IS-IS view. Configure a network network-entity net By default, no NET is configured. entity title. Create the IS-IS IPv4 By default, the IS-IS IPv4 unicast unicast address family address-family ipv4 [ unicast ] address family is not created.
Page 531: Displaying And Maintaining Mce
Step Command Remarks Enter BGP-VPN instance ip vpn-instance vpn-instance-name view. peer { group-name | ipv4-address Configure the PE as an IBGP By default, no BGP peers or [ mask-length ] } as-number peer. peer groups exist. as-number Enter BGP-VPN IPv4 unicast address-family ipv4 [ unicast ] address family view.
Page 532: Configuration Procedure
Figure 137 Network diagram VPN 2 Site 1 PE 2 PE 1 GE1/1/3.1 20.1.1.1/24 GE1/1/1.1 20.1.1.2/24 GE1/1/1.2 PE 3 30.1.1.2/24 GE1/1/2 GE1/1/3.2 VPN 1 10.214.10.2/24 30.1.1.1/24 192.168.0.0/24 GE1/1/1 GE1/1/1 VPN 1 10.214.10.3/24 192.168.0.1/24 GE1/1/2 VR 1 Site 2 10.214.20.3/24 GE1/1/2 10.214.20.2/24 VR 2 GE1/1/1...
Page 533 [MCE-GigabitEthernet1/1/1] ip address 10.214.10.3 24 [MCE-GigabitEthernet1/1/1] quit # Bind interface GigabitEthernet 1/1/2 to VPN instance vpn2, and configure an IP address for the interface. [MCE] interface gigabitethernet 1/1/2 [MCE-GigabitEthernet1/1/2] ip binding vpn-instance vpn2 [MCE-GigabitEthernet1/1/2] ip address 10.214.20.3 24 [MCE-GigabitEthernet1/1/2] quit # On PE 1, configure VPN instances vpn1 and vpn2, and specify an RD and route targets for each VPN instance.
Page 534 Destination/Mask Proto Pre Cost NextHop Interface 0.0.0.0/32 Direct 127.0.0.1 InLoop0 10.214.10.0/24 Direct 10.214.10.3 GE1/1/1 10.214.10.0/32 Direct 10.214.10.3 GE1/1/1 10.214.10.3/32 Direct 127.0.0.1 InLoop0 10.214.10.255/32 Direct 10.214.10.3 GE1/1/1 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 192.168.0.0/24...
Page 535 # Configure the subinterface to terminate VLAN 20. [MCE-GigabitEthernet1/1/3.2] vlan-type dot1q vid 20 # Configure an IP address for the subinterface. [MCE-GigabitEthernet1/1/3.2] ip address 30.1.1.1 24 [MCE-GigabitEthernet1/1/3.2] quit # On PE 1, bind subinterface GigabitEthernet 1/1/1.1 to the VPN instance vpn1. [PE1] interface gigabitethernet 1/1/1.1 [PE1-GigabitEthernet1/1/1.1] ip binding vpn-instance vpn1 # Configure the subinterface to terminate VLAN 10.
Page 536: Verifying The Configuration
Verifying the configuration # Verify that PE 1 has learned the static route of VPN 1 through OSPF. [PE1] display ip routing-table vpn-instance vpn1 Destinations : 13 Routes : 13 Destination/Mask Proto Pre Cost NextHop Interface 0.0.0.0/32 Direct 127.0.0.1 InLoop0 20.1.1.0/24 Direct 20.1.1.2...
Page 537: Configuring Ipv6 Mce
Configuring IPv6 MCE This chapter describes IPv6 MCE configuration. IPv6 MPLS L3VPN overview IPv6 MPLS L3VPN uses BGP to advertise IPv6 VPN routes and uses MPLS to forward IPv6 VPN packets on the service provider backbone. Figure 138 shows a typical IPv6 MPLS L3VPN model. The service provider backbone in the IPv6 MPLS L3VPN model is an IPv4 network.
Page 538: Configuring Vpn Instances
Tasks at a glance Configuring routing on an MCE: (Required.) Configuring routing between an MCE and a VPN site (Required.) Configuring routing between an MCE and a PE Configuring VPN instances By configuring VPN instances on a PE, you isolate not only VPN routes from public network routes, but also routes between VPNs.
Page 539: Configuring Route Related Attributes For A Vpn Instance
Step Command Remarks By default, an interface is not associated with a VPN instance and belongs to the public network. The ip binding vpn-instance Associate a VPN instance ip binding vpn-instance command clears the IP address of with the interface. vpn-instance-name the interface.
Page 540: Configuring Routing On An Mce
Step Command Remarks By default, only one tunnel is selected (no load balancing) in this order: LSP tunnel, GRE tunnel, and CR-LSP tunnel. Apply a tunnel policy to the tnl-policy tunnel-policy-name The specified tunnel policy must VPN instance. have been created. For information about tunnel policies, see "Configuring tunnel policies."...
Page 541 Step Command Remarks (Optional.) Configure The default ipv6 route-static default-preference the default preference preference for IPv6 default-preference for IPv6 static routes. static routes is 60. Configuring RIPng between an MCE and a VPN site A RIPng process belongs to the public network or a single IPv6 VPN instance. If you create a RIPng process without binding it to an IPv6 VPN instance, the process belongs to the public network.
Page 542 Step Command Remarks import-route protocol [ process-id | all-processes | Redistribute remote site allow-ibgp ] [ allow-direct | cost By default, no routes are routes advertised by the PE. cost-value | nssa-only | redistributed into OSPFv3. route-policy route-policy-name | tag tag | type type ] * Return to system view.
Page 543 Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | Specify an IPv6 BGP peer ipv6-address [ prefix-length ] } By default, no BGP peers exist. in an AS.
Page 544 Step Command Remarks Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | By default, no BGP peers or Configure an IBGP peer. ipv6-address [ prefix-length ] } peer groups exist. as-number as-number Enter BGP-VPN IPv6 unicast address family address-family ipv6 [ unicast ] view.
Page 545: Configuring Routing Between An Mce And A Pe
Configuring routing between an MCE and a PE MCE-PE routing configuration includes the following tasks: • Binding the MCE-PE interfaces to IPv6 VPN instances. • Performing routing configurations. • Redistributing IPv6 VPN routes into the routing protocol running between the MCE and the PE. Perform the following configuration tasks on the MCE.
Page 546 Step Command Remarks By default, routing loop detection is enabled. On an MCE network, you must Disable routing loop disable routing loop detection for vpn-instance-capability simple detection. a VPN OSPFv3 process. Otherwise, the MCE does not receive OSPFv3 routes from the import-route protocol [ process-id | all-processes | allow-ibgp ] [ allow-direct | cost...
Page 547: Displaying And Maintaining Ipv6 Mce
Step Command Remarks Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | ipv6-address Configure the PE as an [ prefix-length ] } as-number By default, no BGP peers exist. EBGP peer. as-number Enter BGP-VPN IPv6 unicast address-family ipv6 [ unicast ] address family view.
Page 548: Ipv6 Mce Configuration Example
IPv6 MCE configuration example Network requirements As shown in Figure 139, VPN 2 runs RIPng. Configure the MCE device to separate routes from different VPNs and advertise the VPN routes to PE 1 through OSPFv3. Figure 139 Network diagram VPN 2 Site 1 PE 2 PE 1...
Page 549 [MCE-vpn-instance-vpn2] quit # Bind interface GigabitEthernet 1/1/1 to VPN instance vpn1, and configure an IPv6 address for the interface. [MCE] interface gigabitethernet 1/1/1 [MCE-GigabitEthernet1/1/1] ip binding vpn-instance vpn1 [MCE-GigabitEthernet1/1/1] ipv6 address 2001:1::1 64 [MCE-GigabitEthernet1/1/1] quit # Bind interface GigabitEthernet 1/1/2 to VPN instance vpn2, and configure an IPv6 address for the interface.
Page 550 [VR2] interface gigabitethernet 1/1/1 [VR2-GigabitEthernet1/1/1] ripng 20 enable [VR2-GigabitEthernet1/1/1] quit [VR2] interface gigabitethernet 1/1/2 [VR2-GigabitEthernet1/1/2] ripng 20 enable [VR2-GigabitEthernet1/1/2] quit # On the MCE, display the routing tables of the VPN instances vpn1 and vpn2. [MCE] display ipv6 routing-table vpn-instance vpn1 Destinations : 6 Routes : 6 Destination: ::1/128 Protocol...
Page 551 Interface : InLoop0 Cost Destination: 2012::/64 Protocol : RIPng NextHop : FE80::20C:29FF:FE40:701 Preference: 100 Interface : GE1/1/2 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0...
Page 552: Verifying The Configuration
# Configure an IPv6 address for the subinterface. [PE1-GigabitEthernet1/1/1.2] ipv6 address 2002:2::4 64 [PE1-GigabitEthernet1/1/1.2] quit # Configure the IP address of the interface Loopback 0 as 101.101.10.1 for the MCE and as 100.100.10.1 for PE 1. Specify the loopback interface address as the router ID for the MCE and PE 1.
Page 553 Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost # Verify that PE 1 has learned the private route of VPN 2 through OSPFv3. [PE1] display ipv6 routing-table vpn-instance vpn2 Destinations : 6 Routes : 6 Destination: ::1/128...
Page 554: Configuring Static Sr Over Mpls
Configuring static SR over MPLS Overview About SR and SRLSP Segment Routing (SR) is a source routing technology. The source node selects a path for the packets, and then encodes the path as a list of segments in the packets. Each segment is identified by the segment identifier (SID).
Page 555: Protocols And Standards
Figure 140 How a static SRLSP forwards a packet (adjacency method) Protocols and standards • draft-ietf-spring-segment-routing-mpls-00 • draft-ietf-spring-segment-routing-02 Static SR over MPLS configuration task list To configure static SR over MPLS, perform the following tasks: Enable MPLS TE on all nodes and enable MPLS on all interfaces that will participate in MPLS TE forwarding.
Page 556: Configuring An Adjacency Path
• Determine the incoming label of each transit node's adjacency to a neighbor. On a device, a static SRLSP, a static LSP, and a static CRLSP cannot use the same incoming label. • Enable MPLS on interfaces that will participate in MPLS forwarding. For information about enabling MPLS, see "Configuring basic MPLS."...
Page 557: Displaying And Maintaining Static Srlsp
Step Command Remarks Set the MPLS TE tunnel By default, MPLS TE uses establishment mode to mpls te signaling static RSVP-TE to establish a tunnel. static. Bind a static SRLSP to the By default, an MPLS TE tunnel mpls te static-sr-lsp lsp-name MPLS TE tunnel interface.
Page 558: Configuration Procedure
Figure 141 Network diagram Table 50 Interface and IP address assignment Device Interface IP address Device Interface IP address Router A Loop0 1.1.1.9/32 Router B Loop0 2.2.2.9/32 GE1/1/1 10.1.1.1/24 GE1/1/1 10.1.1.2/24 GE1/1/2 100.1.1.1/24 GE1/1/2 20.1.1.1/24 Router C Loop0 3.3.3.9/32 GE1/1/3 40.1.1.1/24 GE1/1/1 30.1.1.1/24...
Page 559 Execute the display ip routing-table command on each router to verify that the routers have learned the routes to one another, including the routes to the loopback interfaces. (Details not shown.) Configure LSR IDs, and enable MPLS and MPLS TE: # Configure Router A <RouterA>...
Page 560 # Configure Router E. <RouterE> system-view [RouterE] mpls lsr-id 5.5.5.9 [RouterE] mpls te [RouterE-te] quit [RouterE] interface gigabitethernet 1/1/2 [RouterE-GigabitEthernet1/1/2] mpls enable [RouterE-GigabitEthernet1/1/2] quit # Configure Router F. <RouterF> system-view [RouterF] mpls lsr-id 6.6.6.9 [RouterF] mpls te [RouterF-te] quit [RouterF] interface gigabitethernet 1/1/2 [RouterF-GigabitEthernet1/1/2] mpls enable [RouterF-GigabitEthernet1/1/2] quit Configure adjacency path labels on each node:...
Page 561: Verifying The Configuration
[RouterA-Tunnel0] mpls te signaling static [RouterA-Tunnel0] quit # On Router E, establish static MPLS TE tunnel 0 to Router F and specify the tunnel destination address as the LSR ID of Router F. [RouterE] interface tunnel 0 mode mpls-te [RouterE-Tunnel0] ip address 7.1.1.1 255.255.255.0 [RouterE-Tunnel0] destination 6.6.6.9 [RouterE-Tunnel0] mpls te signaling static [RouterE-Tunnel0] quit...
Page 562 Record Route Record Label FRR Flag Backup Bandwidth Flag: - Backup Bandwidth Type: - Backup Bandwidth Route Pinning Retry Limit Retry Interval : 2 sec Reoptimization Reoptimization Freq Backup Type Backup LSP ID Auto Bandwidth Auto Bandwidth Freq Min Bandwidth Max Bandwidth Collected Bandwidth # Display the MPLS TE tunnel information on Router E.
Page 563 StaticCR 20/- GE1/1/2 [RouterC] display mpls lsp Proto In/Out Label Interface/Out NHLFE StaticCR 30/- GE1/1/1 StaticCR 40/- GE1/1/3...
Page 564: Document Conventions And Icons
Document conventions and icons Conventions This section describes the conventions used in the documentation. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional.
Page 565: Network Topology Icons
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Page 566: Support And Other Resources
Hewlett Packard Enterprise Support Center More Information on Access to Support Materials page: www.hpe.com/support/AccessToSupportMaterials IMPORTANT: Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements.
Page 567: Websites
Websites Website Link Networking websites Hewlett Packard Enterprise Information Library for www.hpe.com/networking/resourcefinder Networking Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking Hewlett Packard Enterprise Networking Warranty www.hpe.com/networking/warranty General websites Hewlett Packard Enterprise Information Library www.hpe.com/info/enterprise/docs Hewlett Packard Enterprise Support Center...
Page 568 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.
Page 569: Index
Index VPLS BGP PE information advertisement, affinity MPLS TE tunnel constraints, VPLS VSI+AC binding, aging accepting VPLS MAC address aging, LDP label acceptance policy, algorithm accessing MPLS TE CSPF path calculation, H-VPLS access mode, applying H-VPLS Ethernet access mode, IPv6 MPLS L3VPN PBR, address MPLS L3VPN PBR, VPLS MAC address aging,...
Page 570 MPLS L3VPN inter-AS option A MCE VPN instance route related attributes, configuration, MPLS L3VPN BGP export target MPLS L3VPN inter-AS option B, attribute, 196, 510 MPLS L3VPN inter-AS option B MPLS L3VPN BGP import target configuration, attribute, 196, 510 MPLS L3VPN inter-AS option C, MPLS L3VPN VPN instance route related attributes, MPLS L3VPN inter-AS option C...
Page 571 L2VPN improved access IPv6 MPLS L3VPN configuration, 483, 485 configuration, 322, 324, 341, 341 L2VPN IP backbone access (LDP VPLS), IPv6 MPLS L3VPN inter-AS option A configuration, MPLS L3VPN access (LDP MPLS L2VPN), IPv6 MPLS L3VPN inter-AS option B, VPLS BGP PW configuration, IPv6 MPLS L3VPN inter-AS option C configuration, VPLS configuration,...
Page 572 MPLS L3VPN loopback address MPLS TE backup CRLSP establishment (PCE redistribution, path calculation), MPLS L3VPN MP-BGP, MPLS TE CRLSP establishment (PCE path calculation), 73, 95 MPLS L3VPN multirole host configuration, MPLS TE CSPF path calculation, MPLS L3VPN nested VPN MPLS TE tunnel CRLSP configuration (PCE configuration, 229, 287 calculation),...
Page 573 MPLS L3VPN OSPF area PE-CE IPv6 MPLS L3VPN BGP AS number configuration, substitution+SoO attribute, 339, 385 MPLS L3VPN OSPF sham link, IPv6 MPLS L3VPN BGP VPNv6 route control, MPLS L3VPN OSPF sham link creation, IPv6 MPLS L3VPN carrier's carrier (same MPLS L3VPN PE-CE EBGP, AS), MPLS L3VPN PE-CE IBGP,...
Page 574 LDP, 17, 25 MPLS L2VPN attachment circuit (AC) Layer 3 interface (PPP encapsulation), LDP backoff, MPLS L2VPN attachment circuit (AC) Layer 3 LDP BGP unicast route redistribution, interface (VLAN encapsulation), LDP FRR, MPLS L2VPN BGP label block information LDP GR, advertisement, LDP hello parameter, MPLS L2VPN BGP PW,...
Page 575 MPLS L3VPN inter-AS VPN, MPLS TE CRLSP flooding thresholds, MPLS L3VPN inter-AS VPN option A, MPLS TE CRLSP path selection metric type, MPLS L3VPN inter-AS VPN option B, MPLS TE CRLSP route pinning, MPLS L3VPN inter-AS VPN option C, MPLS TE CRLSP tunnel reoptimization, MPLS L3VPN inter-AS VPN option C MPLS TE DS-TE, ASBR,...
Page 576 RSVP reliable message delivery, control plane RSVP Srefresh, MPLS, static CRLSP, 164, 165 controlling static LSP, 12, 13 LDP label distribution control mode, static SR over MPLS, MPLS L2VPN control word, static SRLSP, 546, 547 MPLS TE CRLSP path selection, static SRLSP adjacency path, MPLS TE tunnel setup, tunnel policy,...
Page 577 MPLS TE tunnel automatic bandwidth IPv4 LDP configuration, adjustment, IPv4 LDP FRR configuration, MPLS TE tunnel configuration (dynamic IPv4 LDP label acceptance control, CRLSP), IPv4 LDP label advertisement control, MPLS TE tunnel configuration (static IPv4 LDP LSP configuration, CRLSP), IPv6 LDP configuration, MPLS TE tunnel CRLSP configuration (PCE IPv6 LDP label acceptance control, calculation),...
Page 578 IPv6 MPLS L3VPN VPN instance+interface MPLS L3VPN PE-CE RIP, association, MPLS L3VPN PE-CE routing, IPv6 MPLS L3VPN/GRE tunnel MPLS L3VPN PE-CE static routing, configuration, MPLS L3VPN PE-PE routing, MCE configuration, 508, 511, 521 MPLS L3VPN/GRE tunnel configuration, MPLS L2VPN BGP PW configuration, MPLS TE auto FRR configuration, MPLS L2VPN IP interworking MPLS TE bidirectional tunnel,...
Page 579 RSVP, MPLS L3VPN inter-AS VPN option C, 200, 202 static CRLSP, MPLS L3VPN PE-CE EBGP, static LSP, egress static SRLSP, MPLS egress LSR, tunnel information, MPLS egress node label type advertisement, VPLS, MPLS L3VPN egress PE VPN label processing mode, distributing enabling IPv6 MPLS L3VPN loopback interface...
Page 580 MPLS TE inter-area tunnel (CRLSP+PCE exclusive tunnel configuration, calculation), IPv6 MPLS L3VPN packet forwarding, MPLS TE inter-AS tunnel (RSVP-TE), IPv6 MPLS L3VPN PBR application, MPLS TE tunnel (RSVP-TE), IPv6 MPLS L3VPN PBR configuration, MPLS TE tunnel (static CRLSP), LDP GR, MPLS TE tunnel with RSVP-TE, LDP NSR, RSVP TE tunnel,...
Page 581 MPLS L3VPN FRR IPv4 route backup (VPNv4 MPLS L2VPN attachment circuit (AC) Layer 3 route), interface (HDLC encapsulation), MPLS L3VPN FRR VPNv4 route backup (IPv4 MPLS L2VPN PPP/HDLC over MPLS, route), hello MPLS L3VPN FRR VPNv4 route backup LDP session protection, (VPNv4 route), RSVP GR, MPLS TE,...
Page 582 IBGP MPLS TE inter-AS tunnel establishment (RSVP-TE), IPv6 MCE-PE IBGP, inter-AS VPN IPv6 MCE-VPN site IBGP, IPv6 MPLS L3VPN configuration, IPv6 MPLS L3VPN PE-CE IBGP, IPv6 MPLS L3VPN option A, MCE-PE IBGP configuration, IPv6 MPLS L3VPN option A configuration, MCE-VPN site IBGP, IPv6 MPLS L3VPN option B, 335, 356 MPLS L3VPN PE-CE IBGP,...
Page 583 IPv6 LDP configuration, MPLS L3VPN inter-AS VPN option C, 200, 202 IPv6 LDP label acceptance control, MPLS L3VPN loopback address redistribution, IPv6 LDP label advertisement control, MPLS L3VPN VPN-IPv4 address, 195, 509 IPv6 LDP LSP configuration, MPLS OAM BFD for LSP, L2VPN access configuration (IP backbone, L3VPN), MPLS OAM configuration,...
Page 584 inter-AS IPv6 VPN option A, IS-IS inter-AS IPv6 VPN option B, LDP IS-IS synchronization, inter-AS IPv6 VPN option C, MCE-PE IS-IS, inter-AS IPv6 VPN option C ASBR, MCE-VPN site IS-IS, inter-AS IPv6 VPN option C PE, MPLS L3VPN PE-CE IS-IS configuration, inter-AS IPv6 VPN option C routing policy, MPLS TE attribute advertisement, inter-AS option A configuration,...
Page 585 MPLS egress node label type FRR configuration, advertisement, MPLS FEC label format, GR configuration, MPLS forwarding process, GR helper, MPLS forwarding statistics enable, GR restarter, MPLS L3VPN Layer 1 label packet hello parameters, forwarding, IGP synchronization, 23, 35 MPLS L3VPN Layer 2 label packet IPv4 configuration, forwarding, IPv4 FRR configuration,...
Page 586 VPLS LDP PW configuration, 447, 460 MPLS L2VPN network connection, VPLS LDP PW configuration (BGP loop auto-discovery), LDP loop detection max hop count, VPLS LDP PW configuration (BGP LDP loop detection path vector, auto-discovery)(on router), MPLS L3VPN routing loop avoidance, VPLS LDP PW creation (BGP MPLS TE loop detection, auto-discovery),...
Page 587 MPLS TE CRLSP backup, MPLS, MPLS TE FRR manual bypass tunnel, MPLS L2VPN, MPLS TE IETF DS-TE configuration, MPLS L3VPN, MPLS TE inter-area tunnel establishment MPLS TE, (CRLSP+PCE calculation), RSVP, MPLS TE inter-AS tunnel establishment VPLS, (RSVP-TE), make-before-break (MPLS TE), MPLS TE tunnel establishment (RSVP-TE), MPLS TE DS-TE bandwidth constraint model,...
Page 588 routing configuration, basics configuration, 1, 5 VPN instance configuration, control plane, VPN instance creation, display, VPN instance route related attributes, egress node label type advertisement, VPN instance+interface association, enable, exclusive tunnel configuration, LDP authentication, FEC, RSVP authentication, FEC label format, message forwarding plane, LDP advertisement,...
Page 589 LDP label acceptance policy, tunnel policy configuration, 188, 188, 190 LDP label advertisement policy, tunnel selection order configuration, LDP label distribution control mode, MPLS L2VPN LDP loop detection, attachment circuit (AC) configuration, LDP LSP generation policy, attachment circuit (AC) Layer 3 interface, LDP MD5 authentication, basic concepts, LDP message types,...
Page 590 VPLS BGP PW configuration, inter-AS VPN option C PE, VPLS configuration, 439, 444, 456 IPv6. See IPv6 MPLS L3VPN VPLS LDP PW configuration, IPv6 MCE configuration, 527, 527, 538 VPLS LDP PW configuration (BGP loopback address redistribution, auto-discovery)(on router), loopback interface configuration, VPLS MAC address learning, LPU load sharing mode, VPLS static PW configuration,...
Page 591 PE-CE static routing, IPv6 MPLS L3VPN OSPFv3 sham link configuration, PE-PE routing, IPv6 MPLS L3VPN/GRE tunnel protocols and standards, configuration, route advertisement, MCE configuration, route replication configuration, MPLS L3VPN basic configuration, routing loop avoidance, MPLS L3VPN BGP AS number substitution site, 194, 508 configuration,...
Page 592 FRR CRLSP node protection, MPLS L3VPN OSPF sham link configuration, FRR manual bypass tunnel, MPLS L3VPN/GRE tunnel configuration, FRR node fault detection, MPLS OAM BFD for MPLS TE tunnel, FRR optimal bypass tunnel selection MPLS OAM for MPLS TE tunnel, interval, MPLS OAM ping for MPLS TE tunnel, IETF DS-TE configuration,...
Page 593 tunnel setup, IPv6 MCE VPN instance+interface association, tunnel traffic direction (automatic route advertisement), IPv6 MCE-PE EBGP, tunnel traffic direction (PBR), IPv6 MCE-PE IBGP, tunnel traffic direction (static routing), IPv6 MCE-PE IPv6 IS-IS, MPLS-TP IPv6 MCE-PE IPv6 static routing, MPLS TE bidirectional tunnel, IPv6 MCE-PE OSPFv3, IPv6 MCE-PE RIPng, MPLS MTU set,...
Page 594 IPv6 MPLS L3VPN PBR configuration, LDP session protection, IPv6 MPLS L3VPN PE-CE EBGP, LDP session reset, IPv6 MPLS L3VPN PE-CE IBGP, LDP SNMP notification, IPv6 MPLS L3VPN PE-CE IPv6 IS-IS, LDP terminology, IPv6 MPLS L3VPN PE-CE OSPFv3, LDP-IGP synchronization, 23, 35 IPv6 MPLS L3VPN PE-CE RIPng, LDP-OSPF synchronization, IPv6 MPLS L3VPN PE-CE routing,...
Page 595 MPLS L2VPN LDP PW configuration, MPLS L3VPN FRR configuration (IPv4 route/VPNv4 route backup), MPLS L2VPN LDP PW IP interworking, MPLS L3VPN FRR configuration (VPNv4 MPLS L2VPN LDP PW redundancy, route/IPv4 route backup), MPLS L2VPN local connection, MPLS L3VPN FRR configuration (VPNv4 MPLS L2VPN local connection route/route backup), establishment,...
Page 596 MPLS L3VPN PE-CE OSPF, MPLS TE FRR manual bypass tunnel, MPLS L3VPN PE-CE RIP, MPLS TE FRR node fault detection, MPLS L3VPN PE-CE routing, MPLS TE FRR optimal bypass tunnel selection interval, MPLS L3VPN PE-CE static routing, MPLS TE IETF DS-TE configuration, MPLS L3VPN PE-PE routing, MPLS TE inter-AS tunnel establishment MPLS L3VPN route advertisement,...
Page 597 VPLS LDP PW configuration (BGP nonstop routing (NSR) auto-discovery), LDP NSR, VPLS LDP PW configuration (BGP LDP NSR configuration, auto-discovery)(on router), notifying VPLS MAC address learning, L2VPN PW SNMP notification, VPLS PW class configuration, LDP notification message, VPLS PW configuration, LDP SNMP notification, VPLS static PW configuration, 447, 456...
Page 598 MPLS L3VPN sham link configuration, static SR over MPLS configuration, 544, 545 MPLS TE attribute advertisement, parameter MPLS TE link attribute advertisement (OSPF LDP keepalive, TE), LDP link hello, OSPF TE LDP session, MPLS TE PCE discovery, LDP targeted hello, OSPFv3 MPLS TE PCEP session, IPv6 MCE-PE OSPFv3,...
Page 599 MPLS L2VPN attachment circuit (AC) Layer 3 interface, IPv6 MCE routing configuration, MPLS L2VPN provider edge device (PE), IPv6 MCE-PE EBGP, MPLS L3VPN architecture, 194, 508 IPv6 MCE-PE IBGP, MPLS L3VPN egress PE VPN label processing IPv6 MCE-PE IPv6 IS-IS, mode, IPv6 MCE-PE IPv6 static routing, MPLS L3VPN HoVPN configuration,...
Page 600 IPv6 MPLS L3VPN PBR application, configuring IPv4 LDP label acceptance control, IPv6 MPLS L3VPN PBR configuration, configuring IPv4 LDP label advertisement control, LDP label acceptance policy, configuring IPv4 LDP LSP, LDP label advertisement policy, configuring IPv6 LDP label acceptance control, LDP LSP generation policy, configuring IPv6 LDP label advertisement MPLS L3VPN PBR application,...
Page 601 configuring IPv6 MPLS L3VPN inter-AS option configuring LDP GR, configuring LDP hello parameter, configuring IPv6 MPLS L3VPN inter-AS option configuring LDP IPv4 session parameter (Extended Discovery), configuring IPv6 MPLS L3VPN IPv6 configuring LDP IPv6 session parameter MCE-VPN site routing, (Extended Discovery), configuring IPv6 MPLS L3VPN loopback configuring LDP IS-IS synchronization, interface,...
Page 602 configuring MPLS L2VPN attachment circuit configuring MPLS L3VPN FRR (IPv4 (AC) Layer 3 interface (VLAN route/VPNv4 route backup), encapsulation), configuring MPLS L3VPN FRR (VPNv4 configuring MPLS L2VPN BGP label block route/IPv4 route backup), information advertisement, configuring MPLS L3VPN FRR (VPNv4 configuring MPLS L2VPN BGP PW, 401, 422 route/route backup),...
Page 603 configuring MPLS OAM BFD for VPLS LDP configuring MPLS TE PCE, configuring MPLS TE PCEP session configuring MPLS OAM BFD for VPLS static parameters, configuring MPLS TE RSVP-TE RSVP resource configuring MPLS OAM for LSP tunnel, reservation style, configuring MPLS OAM for MPLS TE configuring MPLS TE stateful PCE on PCC, tunnel, configuring MPLS TE traffic forwarding,...
Page 604 configuring tunnel selection order, displaying static CRLSP, configuring VPLS, displaying static LSP, configuring VPLS AC, displaying static SRLSP, configuring VPLS BGP label block information displaying tunnel information, advertisement, displaying VPLS, configuring VPLS BGP PE information enabling L2VPN PW SNMP notification, advertisement, enabling LDP globally, configuring VPLS BGP PW,...
Page 605 redistributing IPv6 MPLS L3VPN loopback MPLS L2VPN BGP PW, interface address, MPLS L2VPN BGP PW configuration, redistributing MPLS L3VPN loopback MPLS L2VPN BGP PW remote CCC address, connection, resetting LDP session, MPLS L2VPN control word, setting LDP Link Hello timer, MPLS L2VPN data encapsulation type, setting LDP Targeted Hello timer (for peer), MPLS L2VPN inter-domain multi-segment...
Page 606 ResvConf message (RSVP-TE), MPLS TE CRLSP RSVP-TE setup, ResvErr message (RSVP-TE), MPLS TE DS-TE, ResvTear message (RSVP-TE), MCE-PE RIP, MCE-VPN site RIP, MPLS TE DS-TE bandwidth constraint MPLS L3VPN PE-CE RIP configuration, model, RIPng RECORD_ROUTE object (RSVP-TE), IPv6 MCE-PE RIPng, redistributing IPv6 MCE-VPN site RIPng, IPv6 MCE-PE routing,...
Page 607 IPv6 MCE VPN instance+interface IPv6 MPLS L3VPN PE-CE IBGP, association, IPv6 MPLS L3VPN PE-CE IPv6 IS-IS, IPv6 MCE-PE, IPv6 MPLS L3VPN PE-CE OSPFv3, IPv6 MCE-PE EBGP, IPv6 MPLS L3VPN PE-CE RIPng, IPv6 MCE-PE IBGP, IPv6 MPLS L3VPN PE-CE routing, IPv6 MCE-PE IPv6 IS-IS, IPv6 MPLS L3VPN PE-CE static routing, IPv6 MCE-PE IPv6 static routing, IPv6 MPLS L3VPN PE-PE routing,...
Page 608 MPLS L3VPN FRR configuration, MPLS TE route pinning, MPLS L3VPN FRR configuration (IPv4 MPLS TE traffic forwarding, 74, 97 route/VPNv4 route backup), MPLS TE tunnel establishment (RSVP-TE), MPLS L3VPN FRR configuration (VPNv4 MPLS TE tunnel establishment (static route/IPv4 route backup), CRLSP), MPLS L3VPN FRR configuration (VPNv4 MPLS TE tunnel traffic direction (automatic route...
Page 609 MPLS TE FRR node fault detection, MPLS TE PCEP session parameters, MPLS TE FRR optimal bypass tunnel RSVP-TE SESSION_ATTRIBUTE object, selection interval, setting MPLS TE IETF DS-TE configuration, LDP Link Hello timer, MPLS TE inter-AS tunnel establishment LDP session reset, (RSVP-TE), LDP Targeted Hello timer (for peer), MPLS TE link attribute,...
Page 610 static SRLSP configuration, MPLS forwarding statistics, SR over MPLS, MPLS forwarding statistics enable (FTN), Srefresh MPLS forwarding statistics enable (label), RSVP Srefresh configuration, strict explicit path SRLSP MPLS TE configuration, static SR MPLS TE tunneling, substituting static SRLSP display, IPv6 MPLS L3VPN BGP AS number substitution configuration, static IPv6 MPLS L3VPN BGP AS number...
Page 611 topology information display, MPLS network architecture, tunneling static LSP configuration, 12, 13 exclusive tunnel configuration, VPLS hub-spoke networking, IPv6 MPLS L3VPN/GRE tunnel configuration, traceroute. See tracert MPLS L2VPN public tunnel, tracert MPLS L3VPN/GRE tunnel configuration, MPLS OAM configuration, MPLS OAM BFD for LSP, MPLS OAM tracert, MPLS OAM BFD for MPLS TE tunnel, MPLS OAM tracert (periodic),...
Page 612 static SR SRLSP MPLS TE tunneling, MPLS L2VPN mode, static SRLSP for MPLS TE tunnel MPLS L2VPN PW LDP PW IP interworking, interface, VPLS VLAN interface, tunnel policy configuration, 188, 188, 190 VPLS tunnel selection order configuration, AC configuration, VPLS architecture, architecture, type BGP label block information advertisement,...
Page 613 MPLS L2VPN multi-segment PW VPLS MAC address withdrawal, configuration (intra-domain), MPLS L2VPN static PW configuration, MPLS L3VPN access (LDP MPLS L2VPN), MPLS OAM BFD for VPLS LDP PW, MPLS OAM BFD for VPLS static PW, multicast traffic flooding, multicast traffic forwarding, PW class configuration, PW configuration, PW creation,...