Deploying MPLS-VPN. Session RST Copyright 2003, Cisco Systems, Inc. All rights reserved. Printed in USA. 8181_05_2003_c2 RST-2061
|
|
- Milo Perkins
- 6 years ago
- Views:
Transcription
1 Deploying MPLS-VPN Session 2 Copyright Printed in USA.
2 Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 3 Prerequisites Must understand basic IP routing, especially BGP Must understand MLPLS basics (push, pop, swap, label stacking) 4 Copyright Printed in USA.
3 Recommended Reading MPLS and VPN Architectures by Jim Guichard and Ivan Pepelnjak ISBN: Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 6 Copyright Printed in USA.
4 Background Why Have MPLS-VPNs? Tag switching came about from Ipsilon s IP switching Cisco s tag switching begat MPLS One of the fundaments of tag switching was label stacking Label stacking allows the network to transport data across it without needing routing information in the core Like a frame relay network doesn t need IP routing MPLS-VPN = label stacking + BGP extensions 7 Overlay vs. Peer Networks Overlay network: customer s IP network is overlaid on top of the provider s network Provider s IP transport (FR, ATM, etc.) creates private IP network for customer Most technologies that carry IP are p2p Large p2p networks are hard to maintain N^2 provisioning vs. inefficient routing Even with hub and spoke, need lots of stuff at the hub 8 Copyright Printed in USA.
5 Overlay Network Provider sells a circuit service Customers purchases circuits to connect sites, runs IP N sites, (N*(N-1))/2 circuits for full mesh expensive The big scalability issue here is routing peers N sites, each site has N-1 peers Hub and spoke is popular, suffers from the same N-1 number of routing peers Hub and spoke with static routes is simpler, still buying N-1 circuits from hub to spokes Spokes distant from hubs could mean lots of long-haul circuits Provider (FR, ATM, etc.) 9 Peer Network Provider and customer exchange IP routing information directly Customer only has one routing peer per site Need to separate customer s IP network from provider s network Customer A and Customer B need to not talk to each other Customer A and Customer B may have the same address space ( /8, /16, etc.) VPN is provisioned and run by the provider MPLS-VPN does this without p2p connections 10 Copyright Printed in USA.
6 Peer Network Provider sells an MPLS-VPN service Customers purchases circuits to connect sites, runs IP N sites, N circuits into provider Access circuits can be any media at any point (FE, POS, ATM, T1, dial, etc.) Full mesh connectivity without full mesh of L2 circuits Hub and spoke is also easy to build Spokes distant from hubs connect to their local provider s POP, lower access charge because of provider s size The Internet is a large peer network Provider (MPLS-VPN) 11 Terminology, 1/2 RR Route Reflector A router (usually not involved in packet forwarding) that distributes BGP routes within a provider s network PE Provider Edge router The interface between the customer and the MPLS-VPN network; only PEs (and maybe RRs) know anything about MPLS-VPN routes P Provider router A router in the core of the MPLS-VPN network, speaks LDP/RSVP but not VPNv4 CE Customer Edge router The customer router which connects to the PE; does not know anything about labels, only IP (most of the time) LDP Label Distribution Protocol Distributes labels with a provider s network that mirror the IGP, one way to get from one PE to another LSP Label Switched Path The chain of labels that are swapped at each hop to get from one PE to another 12 Copyright Printed in USA.
7 Terminology, 2/2 VPN Virtual Private Network A network deployed on top of another network, where the two netw orks are separate and never communicate VRF Virtual Routing and Forwarding instance VPNv4 RD RT Mechanism in IOS used to build per-interface RIB and FIB Address family used in BGP to carry MPLS-VPN routes Route Distinguisher, used to uniquely identify the same network/mask from different VRFs (i.e., /8 from VPN A and /8 from VPN B) Route Target, used to control import and export policies, to build arbitrary VPN topologies for customers 13 Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 14 Copyright Printed in USA.
8 Theory Virtual Routing and Forwarding instances Carrying VPN routes in BGP Packet forwarding 15 VRFs A VRF is associated to one or more interfaces on a router VRF is essentially a per-interface routing table and the necessary forwarding stuff (CEF) Not virtual routers, just virtual routing and forwarding VRFs are IP only (no Appletalk-VRF, although in theory it s certainly possible) 16 Copyright Printed in USA.
9 VRFs Within a VRF, provider speaks a routing protocol with their customer Most protocols are supported Static routes RIP BGP EIGRP OSPF No IS-IS support yet (haven t seen the demand) No IGRP or EGP support either (same idea) Routes flow between VRF IGP/BGP and provider BGP (see VPNv4) 17 Virtual Routing and Forwarding Instances Define a VRF for interface 0 Define a different VRF for interface 1 Packets will never go between int. 0 and 1 unless allowed by VRF policy Will explain this policy in the next section No MPLS yet /24 VPN-A VPN-A CE VPN-B CE /24 VRF for VPN-A 0 1 VRF for VPN-B 18 Copyright Printed in USA.
10 Carrying VPN Routes in BGP VRFs by themselves aren t all that useful Need some way to get the VRF routing information off the PE and to other PEs This is done with BGP 19 Additions to BGP to Carry MPLS-VPN Info RD: Route Distinguisher VPNv4 address family RT: Route Target Label all defined in RFC2547 and bis draft 20 Copyright Printed in USA.
11 Route Distinguisher To differentiate /8 in VPN-A from /8 in VPN-B 64-bit quantity Configured as ASN:YY or IPADDR:YY Almost everybody uses ASN Purely to make a route unique Unique route is now RD:IPAddr (96 bits) plus a mask on the IPAddr portion So customers don t see each others routes So route reflectors make a bestpath decision on something other than 32-bit network + 32-bit mask 21 VPNv4 In BGP for IP, 32-bit address + mask makes a unique announcement In BGP for MPLS-VPN, (64-bit RD + 32-bit address) + 32-bit mask makes a unique announcement Since the route encoding is different, need a different address family in BGP VPNv4 = VPN routes for IPv4 As opposed to IPv4 or IPv6 or multicast-rpf, etc VPNv4 announcement carries a label with the route If you want to reach this unique address, get me packets with this label on them 22 Copyright Printed in USA.
12 Route Target To control policy about who sees what routes 64-bit quantity (2 bytes type, 6 bytes value) Carried as an extended community Typically written as ASN:YY Each VRF imports and exports one or more RTs Exported RTs are carried in VPNv4 BGP Imported RTs are local to the box A PE that imports an RT installs that route in its routing table 23 Putting It All Together Control Plane VPN B/Site 1 CE A2 12.1/16 VPN C/Site /16 CE 1 B1 RIPv2 Static RIPv2 CE B2 16.2/16 CE 2 B1 IGP/EBGP Net=16.1/16 CE A1 RIPv2 Step 1 OSPF 16.1/16 VPN A/Site 1 PE 1 Step 2 P 1 VPN-IPv4 P Net=RD:16.1/16 3 NH=PE1 Route Target Label=42 BGP Step 3 CEB3 12.2/16 PE 2 BGP P 2 Step 4 PE 3 VPN C/Site 1 VPN B/Site 2 IGP/EBGP CE Net=16.1/16 A3 OSPF Step /16 VPN A/Site 2 24 Copyright Printed in USA.
13 MPLS-VPN Packet Forwarding Between PE and CE, regular IP packets (for now) Within the provider network label stack Outer label: get this packet to the egress PE Inner label: get this packet to the egress CE 25 Where Do Labels Come From? Within a single network, can use LDP or RSVP to distribute IGP labels LDP follows the IGP path RSVP (for TE) deviates from IGP shortest path, see Deploying MPLS-TE, RST-2062 Which IGP label distribution method you use is independent of any VPN label distribution 26 Copyright Printed in USA.
14 Putting It All Together Forwarding Plane IP Dest= Step 4 CE A1 16.1/16 VPN A/Site 1 VPN-IPv4 Net=RD:16.1/16 NH=PE1 Label=42 PE 1 Label 42 Dest=CEa1 P 1 Step 3 IP Dest= P 3 BGP PE 2 Step 2 Label N Dest=PE1 Label 42 Dest=CEa1 P 2 IP Dest= IP Dest= PE 3 Step 1 CE A3 16.2/16 VPN A/Site 2 27 Import/Export Policies Full mesh: All sites import X:Y and export X:Y Hub and spoke: Hub exports X:H and imports X:S Spokes export X:S and import X:H 28 Copyright Printed in USA.
15 Full Mesh All Clients Get All 16.Z/16 Routes Because All Sites Import and Export X:Y CE A2 16.5/16 VPN A/Site 2 CE B2 16.4/16 PE 2 VPN A/Site 2 PE 1 Net=X:Y:16.Z/16 CE A3 CE A1 P 3 PE /16 CEB3 VPN A/Site /16 VPN A/Site /16 VPN A/Site 1 29 Hub and Spoke 1) Hub Exports: Net=X:H:0/0 CE A2 16.5/16 VPN A/Site 2 2) Spokes Export: Net=X:S:16.X/16 CE B2 16.4/16 3) Hub Imports All X:S Routes PE 1 PE 2 VPN A/Site 2 4) Spokes Import All X:H Routes Net=X:H:0/0 CE A3 CE A1 PE /16 CEB3 VPN A/Site /16 VPN A/Site /16 VPN A/Site 1 30 Copyright Printed in USA.
16 Hub and Spoke 1) Hub Exports: Net=X:H:0/0 CE A2 16.5/16 VPN A/Site 2 2) Spokes Export: Net=X:S:16.X/16 CE B2 16.4/16 3) Hub Imports All X:S Routes PE 1 Net=X:S:16.5/16 Net=X:S:16.4/16 PE 2 VPN A/Site 2 4) Spokes Import All X:H Routes Net=X:S:16.2/16 Net=X:S:16.3/16 CE A3 CE A1 PE /16 CEB3 VPN A/Site /16 VPN A/Site /16 VPN A/Site 1 31 Hub and Spoke 1) Hub Exports: Net=X:H:0/0 CE A2 16.5/16 VPN A/Site 2 2) Spokes Export: Net=X:S:16.X/16 CE B2 16.4/16 3) Hub Imports All X:S Routes PE 1 PE 2 VPN A/Site 2 4) Spokes Import All X:H Routes CE A3 CE A1 All 16.Z/16 Routes PE /16 CEB3 VPN A/Site /16 VPN A/Site /16 VPN A/Site 1 32 Copyright Printed in USA.
17 Hub and Spoke 1) Hub Exports: Net=X:H:0/0 CE A2 16.5/16 VPN A/Site 2 2) Spokes Export: Net=X:S:16.X/16 0/0 0/0 CE B2 16.4/16 3) Hub Imports All X:S Routes PE 1 PE 2 VPN A/Site 2 4) Spokes Import All X:H Routes 0/0 CE A3 CE A1 PE /16 CEB3 0/0 VPN A/Site /16 VPN A/Site /16 VPN A/Site 1 33 Things to Note Core does not run VPNv4 BGP! Same principle can be used to run a BGP-free core for an IP network CE does not know it s in an MPLS-VPN Outer label is from LDP/RSVP Getting packet to egress PE is orthogonal to MPLS-VPN Inner label is from BGP Inner label is there so the egress PE can have the same network in multiple VRFs 34 Copyright Printed in USA.
18 Things to Note Need /32s for all PEs if using LDP Outer label says get me to this prefix If the prefix has a mask shorter than /32, can t guarantee we won t hit summarization at some point in the network What does the summarization point do with the packet? PE1: /32? Label 42 Dest=PE1 VRF Label Dest=CEa1 PE2: /32 P /24, L:42 PE3 35 Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 36 Copyright Printed in USA.
19 Prerequisites Global Config on PE ip cef {distributed} mpls ip (on by default) CE1 PE1 37 Build a VRF Global Config on PE ip vrf foo rd 100:1 route-target import 247:1 route-target export 247:1 CE1 PE1 38 Copyright Printed in USA.
20 Attach a VRF to a Customer Interface interface Serial0 ip vrf forwarding foo ip address CE PE1 39 Run an IGP within a VRF RIP router rip address-family ipv4 vrf foo version 2 no auto-summary network exit-address-family CE PE1 40 Copyright Printed in USA.
21 Run an IGP within a VRF EIGRP router eigrp 1 address-family ipv4 vrf foo network autonomous-system 1 exit-address-family CE PE1 41 Run an IGP within a VRF OSPF router ospf 1 vrf foo network area 0 CE PE1 42 Copyright Printed in USA.
22 Run BGP within a VRF router bgp 3402 address-family ipv4 vrf foo neighbor remote-as 1000 neighbor activate exit-address-family CE1 AS PE1 AS Enable VPNv4 BGP in the Backbone router bgp 3402 neighbor remote-as 3402 neighbor update-source loopback 0 address-family vpnv4 neighbor activate neighbor send-community both PE1 ibgp VPNv4 PE Copyright Printed in USA.
23 Get Routes from Customer Routing to VPNv4 If CE routing is not BGP, need to redistribute into BGP NOTE: this means you *need* an IPv4 VRF BGP context to get routes into the PE backbone, even if you don t have any BGP neighbors in the VRF IGP metric is usually carried as MED, unless changed EIGRP is an exception, carries the 5-part metric as BGP extended communities router bgp 3402 neighbor remote-as 3402 neighbor update-source loopback 0 address-family ipv4 vrf test redistribute {rip connected static eigrp ospf} Routes from CE1 CE1 PE1 ibgp VPNv4 PE Get Routes from VPNv4 to Customer Routing If CE routing is not BGP, need to redistribute from VPNv4 to CE routing Redistributing BGP into IGP makes some people nervous; don t worry about it, it s hard to screw up Please note that hard!= impossible :) Metric is important when going from MED to RIP or EIGRP Can also use default-metric or route-map router rip address-family ipv4 vrf foo version 2 redistribute bgp 3402 metric 1 no auto-summary network exit-address-family Routes from PE2 CE1 PE ibgp VPNv4 PE2 46 Copyright Printed in USA.
24 Diagnostics on the PE Many commands have a vrf keyword Ping, traceroute, telnet, etc Pretty much every diagnostic command that makes sense ping vrf test trace vrf test telnet /vrf test 47 Diagnostics on the PE show ip route vrf test show ip cef vrf test etc See the session on Troubleshooting MPLS-VPN - (RST-3061) for more information 48 Copyright Printed in USA.
25 Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 49 Route Reflectors Biggest scaling hurdle with MPLS-VPN is BGP Luckily, we have lots of experience scaling BGP Can use confederations or route reflectors Confederations falling out of favor RRs make more sense when not every router needs all routes (i.e., PEs) Scaling is a little different Currently ~120k Internet routes Some customers are asking for 500k-1M VPNv4 routes Largest in reality is closer to 200k-250k, but be prepared 50 Copyright Printed in USA.
26 Route Reflectors Full ibgp mesh is a lot of neighbors to maintain on every router N^2 provisioning when a PE is added, and VPN networks are growing constantly Route Reflector takes routes from neighbors, gives them to other neighbors Can build a dedicated RR that isn t used for forwarding, but which can hold lots of routes 1GB Memory, ~1,000,000 routes Route Reflector 51 Route Reflectors Basic Configuration Client neighbor remote-as 3402 neighbor update-source loopback0 PE ibgp VPNv4 RR Reflector router bgp 3402 [no bgp default route-target import] neighbor remote-as 3402 neighbor update-source loopback0 address-family vpnv4 neighbor route-reflector-client On by Default If Configured with RR-clients 52 Copyright Printed in USA.
27 Route Reflectors Peer Groups Use peer groups for a tremendous convergence improvement On the RR neighbor foo peer-group neighbor peer-group foo then apply a common output policy to neighbor foo See the deploying BGP session for more details and knobs (RST-3003) 53 Route Reflectors Other Tweaks Peer-groups are such a powerful enhancement that the RR can be overwhelmed by ACKs from lots of clients Increase input hold-queue to hold these ACKs Router(config-if)# hold-queue <x> in Default is 75, consider 500, 1,000, etc (max is 4,096) Memory consumed is (Qsize * ifmtu), so 1500byte depth = 1.5Mbyte per interface If you can t spare the 1.5Mb/interface, you probably shouldn t be a Route Reflector 54 Copyright Printed in USA.
28 Route Reflectors Other Tweaks TCP MSS (max segment size) is 536 by default All backbone links now are MTU 1500 or higher (most ~4k) ip tcp path-mtu-discovery to increase tcp MSS to fix in MTU Benefit: get BGP routes to peers faster, less protocol overhead 55 Route Reflectors Other Tweaks See Complex Deployment and Analysis of BGP (RST-3003) for more details Don t underestimate the power of performance tuning 56 Copyright Printed in USA.
29 Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 57 BGP + Label RFC3107 defines a way to exchange a label with an IPv4 (not VPNv4) BGP route This is useful to exchange label reachability for IPv4 prefixes between ASes Also used in Carrier s Carrier and Inter-AS Under IPv4 (or IPv4 VRF) address-family: neighbor send-label 58 Copyright Printed in USA.
30 Carrier s Carrier: The Problem MPLS-VPN works well for carrying customer IGPs Platforms, network scale to N*O(IGP) routes What if the CE wants the PE to carry all their BGP routes? Or if CE wants to run their own VPN service? 59 Carrier s Carrier: The Problem (Internet) PE 1 P 1 BGP PE 2 P 2 IP Dest=Internet CE A3 CE A1 P 3 PE 3 Step 1 ISP A/Site 2 ibgp IPv4 ISP A/Site 1 Internet 60 Copyright Printed in USA.
31 Carrier s Carrier: The Problem (VPN) PE 1 P 1 BGP PE 2 P 2 Label (ibgp VPnv4) Dest=VRF A IP Dest= CE A3 CE A1 P 3 PE 3 Step 1 ISP A/Site 2 ibgp VPNv4 ISP A/Site 1 VRF A /24 61 Carrier s Carrier: The Solution MPLS between PE and CE Either IGP+LDP or BGP+Label CEs exchange labels for their IGP routes with the PEs CEs ibgp peer with each other PEs are back to O(IGP) information 62 Copyright Printed in USA.
32 Carrier s Carrier: The Solution (Internet) IP Dest=Internet Step 4 CE A1 VPN A/Site 1 PE 1 P 1 Step 3 Label (VPNv4) Dest=CEa1 IP Dest=Internet P 3 Internet BGP PE 2 Step 2 Label (LDP/TE) Dest=PE1 P 2 Label (VPNv4/IBGP) Dest=CEa1 IP Dest=Internet Label (LDP/BGP+Label) Dest=CEa1 IP Dest=Internet PE 3 Step 1 CE A3 VPN A/Site 2 63 Carrier s Carrier: The Solution (VPN) Label (VPNv4) Dest=VPN1 IP Dest=VPN1-Cust Step 4 CE A1 VPN A/Site 1 PE 1 P 1 Step 3 Label (VPnv4) Dest=CEa1 Label (VPNv4) Dest=VPN1 IP Dest=VPN1-Cust P 3 BGP PE 2 Step 2 Label (LDP/TE) Dest=PE1 Label (VPnv4) Dest=CEa1 P 2 Label (VPNv4) Dest=VPN1 VPN1-Cust IP Dest=VPN1-Cust Label (LDP/BGP) Dest=CEa1 Label (ibgp VPNv4) Dest=VPN1 IP Dest=VPN1-Cust PE 3 Step 1 CE A3 VPN A/Site 2 64 Copyright Printed in USA.
33 Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 65 Inter-AS MPLS VPN VPN sites may be geographically dispersed Requiring connectivity to separate MPLS VPN service providers Transit between VPN sites may pass through multiple providers MPLS backbones This implies exchange of VPN routing information between providers Provider backbones may or may not provide VPN service directly Referred to as inter-as VPN 66 Copyright Printed in USA.
34 VPN Client Connectivity VPN-v4 Update: RD:1:27: /24, NH=PE-1 RT=1:231, Label=(28) PE-1 BGP, OSPF, RIPv /24,NH=CE-1 CE-1 VPN-A /24 Edge Router1 Edge Router2 AS #1 AS #2 How to Distribute Routes between SPs? VPN-A VRF Import Routes with Route-target 1:231 CE2 PE2 VPN-A-2 VPN Sites Attached to Different MPLS VPN Service Providers 67 VPNv4 Distribution Options PE-ASBR-1 MP-eBGP for VPNv4 PE-ASBR-2 PE-1 Multihop MP-eBGP between RRs AS #1 AS #2 PE-2 CE-1 CE-2 VPN-A-1 VPN-A-2 Other Options Available, These Two Are the Most Sensible 68 Copyright Printed in USA.
35 EBGP VPNv4 Gateway PE-ASBRs exchange routes directly using BGP External MP-BGP for VPNv4 prefix exchange; no LDP or IGP MP-BGP session with next-hop set to advertising PE-ASBR Next-hop and labels are rewritten when advertised across the inter-provider MP-BGP session PE-ASBR stores all VPN routes that need to be exchanged But only within the BGP table No VRFs; labels are populated into the LFIB of the PE-ASBR 69 EBGP VPNv4 Receiving gateway PE-ASBRs may allocate new label if desired Controlled by configuration of next-hop-self (default is off) Receiving PE-ASBR will automatically create a /32 host route for its PE-ASBR neighbor Which must be advertised into receiving IGP if nexthop-self is not in operation to maintain the LSP PE-ASBRs need to hold all inter-as VPN routes 70 Copyright Printed in USA.
36 EBGP VPNv4 PE-ASBR-1 EBGP for VPNv4 PE-ASBR-2 PE-1 Label Exchange between Gateway AS #1 PE-ASBR Routers AS #2 Using EBGP PE-2 CE-1 CE-2 CE-3 CE-4 VPN-A-1 VPN-B-1 VPN-B-2 VPN-A-2 MP-BGP VPNv4 Prefix Exchange between Gateway PE-ASBRs 71 EBGP VPNv4 VPN-v4 Update: RD:1:27: /24, NH=PE-1 RT=1:222, Label=(L1) PE-1 PE-ASBR-1 VPN-v4 Update: RD:1:27: /24, AS #1 NH=PE-ASBR-1 AS #2 RT=1:222, Label=(L2) PE-ASBR-2 VPN-v4 Update: RD:1:27: /24, NH=PE-ASBR-2 RT=1:222, Label=(L3) PE-2 BGP, OSPF, RIPv /24,NH=CE-2 CE-2 CE-3 BGP, OSPF, RIPv /24,NH=PE-2 VPN-B /24 VPN-B-2 72 Copyright Printed in USA.
37 EBGP VPNv4 LDP PE-1 Label L PE-ASBR-1 PE-ASBR-2 L L1 PE-1 L LDP PE-ASBR-2 Label L PE CE-2 CE VPN-B-1 VPN-B /24 73 Multihop EBGP VPNv4 between RRs MPLS VPN providers exchange VPNv4 prefixes via their route reflectors Requires multihop MP-eBGP (VPNv4 routes) Next-hop-self must be disabled on route reflector Preserves next-hop and label as allocated by the originating PE router Providers exchange IPv4 routes with labels between directly connected ASBRs using ebgp Only PE loopback addresses exchanged as these are BGP next-hop addresses 74 Copyright Printed in USA.
38 Multihop EBGP VPNv4 between RRs RR-1 Multihop EBGP for VPNv4 with Nexthop-unchanged RR-2 PE-1 CE-1 AS #1 AS #2 CE-2 ASBR-1 ASBR-2 ebgp IPv4 + Labels ASBRs Exchange BGP Next-hop Addresses with Labels CE-3 PE-2 CE-4 VPN-A-1 VPN-B-1 VPN-B-2 VPN-A-2 Multihop MP-eBGP VPNv4 Prefix Exchange between Route Reflectors 75 Multihop EBGP VPNv4 between RRs VPN-v4 Update: RD:1:27: /24, NH=PE-1 RT=1:222, Label=(L1) PE-1 BGP, OSPF, RIPv /24,NH=CE-2 CE-2 RR-1 VPN-v4 Update: RD:1:27: /24, NH=PE-1 RT=1:222, Label=(L1) ASBR-1 Network=PE-1 NH=ASBR-1 Label=(L2) RR-2 ASBR-2 Network=PE-1 NH=ASBR-2 Label=(L3) CE-3 VPN-v4 Update: RD:1:27: /24, NH=PE-1 RT=1:222, Label=(L1) PE-2 BGP, OSPF, RIPv /24,NH=PE-2 VPN-B /24 VPN-B-2 76 Copyright Printed in USA.
39 Multihop EBGP VPNv4 between RRs RR-1 RR-2 L PE-1 LDP PE-1 Label L ASBR-1 ASBR-2 L2 L L3 L LDP PE-ASBR-2 Label L3 L PE CE-2 CE VPN-B /24 VPN-B-2 77 One Way of Configuring Inter-AS Best practices: Next-hop-self on ASBRs BGP+Label between ASBRs in RR peering case VPNv4 next-hops are not redistributed into IGP, but passed around in BGP+Label 78 Copyright Printed in USA.
40 EBGP VPNv4 PE-ASBR-1 EBGP VPNv4 PE-ASBR-2 IBGP VPNv4 PE-1 AS #1 AS #2 IBGP VPNv4 PE-2 CE-1 CE-4 VPN-A-1 VPN-A-2 MP-BGP VPNv4 Prefix Exchange between Gateway PE-ASBRs 79 EBGP VPNv4 PE-ASBR-1 EBGP VPNv4 PE-ASBR-2 IBGP VPNv4 PE-1 CE-1 VPN-A-1 AS #1 AS #2 router bgp 1 no bgp default route-target filter address-family vpnv4 neighbor <PE-1> next-hop-self neighbor <PE-ASBR2> IBGP VPNv4 PE-2 CE-4 VPN-A-2 MP-BGP VPNv4 Prefix Exchange between Gateway PE-ASBRs 80 Copyright Printed in USA.
41 EBGP VPNv4 PE-ASBR-1 EBGP VPNv4 PE-ASBR-2 IBGP VPNv4 PE-1 CE-1 VPN-A-1 AS #1 AS #2 router bgp 2 no bgp default route-target filter address-family vpnv4 neighbor <PE-2> next-hop-self neighbor <PE-ASBR1> IBGP VPNv4 PE-2 CE-4 VPN-A-2 MP-BGP VPNv4 Prefix Exchange between Gateway PE-ASBRs 81 EBGP VPNv4 PE-ASBR-1 EBGP VPNv4 PE-ASBR-2 IBGP VPNv4 PE-1 AS #1 AS #2 IBGP VPNv4 PE-2 CE-1 VPN-A-1 Good: Easy, Simple to Do Bad: ASBRs Hold All Inter-AS Routes CE-4 VPN-A-2 82 Copyright Printed in USA.
42 BGP+Label Within and Between ASes RR-1 Multihop EBGP for VPNv4 with Nexthop-unchanged RR-2 PE-1 ASBR-1 ASBR-2 AS #1 AS #2 BGP IPv4 + Labels PE-2 CE-1 VPN-A-1 router bgp <1 2> address-family ipv4 neighbor <ASBR> send-label CE-4 VPN-A-2 BGP+Label within and between ASes to Build LSP from PE-2 to PE-2; Also Need to Leak Host Route for PE-1 to AS #2 (and Vice Versa) 83 Multihop EBGP VPNv4 between RRs RR-1 RR-2 PE-1 ASBR-1 ASBR-2 AS #1 AS #2 PE-2 CE-1 VPN-A-1 router bgp 1 neighbor <RR-2> remote-as 2 address-family vpnv4 neighbor <RR-2> activate neighbor <RR-2> next-hop-unchanged CE-4 VPN-A-2 Multihop BGP VPNv4 Prefix Exchange between Route Reflectors 84 Copyright Printed in USA.
43 Multihop EBGP VPNv4 between RRs RR-1 Multihop EBGP for VPNv4 with Nexthop-unchanged RR-2 PE-1 ASBR-1 ASBR-2 AS #1 AS #2 BGP IPv4 + Labels PE-2 CE-1 VPN-A-1 Good: Scales Much Better, ASBRs Can Concentrate on Packet Forwarding Bad: More Complex CE-4 VPN-A-2 85 Agenda Prerequisites Background Theory Practice Route Reflectors Carrier s Carrier Inter-AS Import/Export Maps 86 Copyright Printed in USA.
44 Import/Export Maps So far, the only config we ve seen forces a few things: All routes exported from a VRF have the same RTs All routes matching the route-target import value are imported into a VRF, regardless of the network/mask of the route itself Route-target import and export maps provide more granular control in this area 87 Import/Export Maps: The Problem 16.1/16 Needs to Go to Site A2 16.2/16 Needs to Go to Site A3 How Do I Do This? CE-2 VPN-A-2 PE-1 CE-1 VPN-A / /16 AS42 PE-2 PE-3 CE-3 VPN-A-3 88 Copyright Printed in USA.
45 Import/Export Maps: Theory Export 16.1/16 with RT 100:2 Export 16.1/16 with RT 100:3 VPN-A-2 CE-2 PE-1 CE-1 VPN-A / /16 AS42 PE-2 PE-3 CE-3 VPN-A-3 89 Import/Export Maps: Practice Define the Prefixes to Match ip prefix-list to-a2 seq 5 permit /16 ip prefix-list to-a3 seq 5 permit /16 PE-1 CE-1 Build a Route-map to Set Export Policy Apply Export-map to a VRF route-map VPN-A permit 10 match ip address prefix-list to-a2 set extcommunity rt 100:2 route-map VPN-A permit 20 match ip address prefix-list to-a3 set extcommunity rt 100:3 ip vrf lab rd 100:1 export map VPN-A VPN-A / /16 90 Copyright Printed in USA.
46 Import/Export Maps Same thing for import, except import map foo 91 Conclusion MPLS-VPN simplifies networking for customers Offloads work onto the SP Straightforward to configure basic MPLS-VPN CSC and Inter-AS get a little more complex, are more powerful services MPLS-VPN scales as BGP Complex customer topologies can be replicated using Route Target import/export maps 92 Copyright Printed in USA.
47 Recommended Reading MPLS and VPN Architectures, CCIP Edition ISBN: MPLS and VPN Architectures, Vol II ISBN: Advanced MPLS Design and Implementation ISBN: X Available on-site at the Cisco Company Store 93 Please Complete Your Evaluation Form Session 94 Copyright Printed in USA.
48 95 Copyright Printed in USA.
MPLS VPN Carrier Supporting Carrier Using LDP and an IGP
MPLS VPN Carrier Supporting Carrier Using LDP and an IGP Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) Carrier Supporting Carrier (CSC) enables one MPLS VPN-based service provider
More informationMPLS VPN--Inter-AS Option AB
The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) service provider
More informationMPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution
MPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution This feature lets you configure your carrier supporting carrier network to enable Border Gateway Protocol (BGP) to transport routes and Multiprotocol
More informationMPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution
MPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution This feature enables you to configure your carrier supporting carrier network to enable Border Gateway Protocol (BGP) to transport routes
More informationMPLS VPN Carrier Supporting Carrier Using LDP and an IGP
MPLS VPN Carrier Supporting Carrier Using LDP and an IGP Last Updated: December 14, 2011 Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) Carrier Supporting Carrier (CSC) enables one
More informationMPLS VPN Inter-AS Option AB
First Published: December 17, 2007 Last Updated: September 21, 2011 The feature combines the best functionality of an Inter-AS Option (10) A and Inter-AS Option (10) B network to allow a Multiprotocol
More informationMPLS VPN C H A P T E R S U P P L E M E N T. BGP Advertising IPv4 Prefixes with a Label
7 C H A P T E R S U P P L E M E N T This online supplement of Chapter 7 focuses on two important developments. The first one is Inter-Autonomous. Inter-Autonomous is a concept whereby two service provider
More informationMPLS VPN Multipath Support for Inter-AS VPNs
The feature supports Virtual Private Network (VPN)v4 multipath for Autonomous System Boundary Routers (ASBRs) in the interautonomous system (Inter-AS) Multiprotocol Label Switching (MPLS) VPN environment.
More informationImplementing MPLS Layer 3 VPNs
A Multiprotocol Label Switching (MPLS) Layer 3 Virtual Private Network (VPN) consists of a set of sites that are interconnected by means of an MPLS provider core network. At each customer site, one or
More informationMPLS VPN Inter-AS with ASBRs Exchanging VPN-IPv4 Addresses
MPLS VPN Inter-AS with ASBRs Exchanging VPN-IPv4 Addresses The Multiprotocol Label Switching (MPLS) VPN Inter-AS with Autonomous System Boundary Routers (ASBRs) Exchanging VPN-IPv4 Addresses feature allows
More informationSecurizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN
Platformă de e-learning și curriculă e-content pentru învățământul superior tehnic Securizarea Calculatoarelor și a Rețelelor 32. Tehnologia MPLS VPN MPLS VPN 5-ian-2010 What this lecture is about: IP
More informationMPLS VPN. 5 ian 2010
MPLS VPN 5 ian 2010 What this lecture is about: IP CEF MPLS architecture What is MPLS? MPLS labels Packet forwarding in MPLS MPLS VPNs 3 IP CEF & MPLS Overview How does a router forward packets? Process
More informationMPLS L3VPN. The MPLS L3VPN model consists of three kinds of devices: PE CE Site 2. Figure 1 Network diagram for MPLS L3VPN model
is a kind of PE-based L3VPN technology for service provider VPN solutions. It uses BGP to advertise VPN routes and uses to forward VPN packets on service provider backbones. provides flexible networking
More informationConfiguring MPLS L3VPN
Contents Configuring MPLS L3VPN 1 MPLS L3VPN overview 1 MPLS L3VPN concepts 2 MPLS L3VPN packet forwarding 4 MPLS L3VPN networking schemes 5 MPLS L3VPN routing information advertisement 8 Inter-AS VPN
More informationConfiguring MPLS L3VPN
Contents Configuring MPLS L3VPN 1 MPLS L3VPN overview 1 Introduction to MPLS L3VPN 1 MPLS L3VPN concepts 2 MPLS L3VPN packet forwarding 5 MPLS L3VPN networking schemes 5 MPLS L3VPN routing information
More informationMPLS VPN Route Target Rewrite
The feature allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates Typically, Autonomous System Border Routers (ASBRs) perform the replacement of route targets
More informationInterAS Option B. Information About InterAS. InterAS and ASBR
This chapter explains the different InterAS option B configuration options. The available options are InterAS option B, InterAS option B (with RFC 3107), and InterAS option B lite. The InterAS option B
More informationMPLS VPN Carrier Supporting Carrier
MPLS VPN Carrier Supporting Carrier Feature History Release 12.0(14)ST 12.0(16)ST 12.2(8)T 12.0(21)ST 12.0(22)S 12.0(23)S Modification This feature was introduced in Cisco IOS Release 12.0(14)ST. Support
More informationMultiprotocol Label Switching Virtual Private Network
Anas Al-Selwi Multiprotocol Label Switching Virtual Private Network Helsinki Metropolia University of Applied Sciences Bachelor of Engineering Information Technology Thesis 08 May 2013 Abstract Author(s)
More informationConfiguring Multicast VPN Inter-AS Support
Configuring Multicast VPN Inter-AS Support Last Updated: December 23, 2011 The Multicast VPN Inter-AS Support feature enables Multicast Distribution Trees (MDTs) used for Multicast VPNs (MVPNs) to span
More informationDeploy MPLS L3 VPN. APNIC Technical Workshop October 23 to 25, Selangor, Malaysia Hosted by:
Deploy MPLS L3 VPN APNIC Technical Workshop October 23 to 25, 2017. Selangor, Malaysia Hosted by: Issue Date: [201609] Revision: [01] Acknowledgement Cisco Systems Course Outline MPLS L3 VPN Models L3
More informationMPLS VPN Inter-AS IPv4 BGP Label Distribution
MPLS VPN Inter-AS IPv4 BGP Label Distribution This feature enables you to set up a Virtual Private Network (VPN) service provider network so that the autonomous system boundary routers (ASBRs) exchange
More informationMPLS: Layer 3 VPNs: Inter-AS and CSC Configuration Guide, Cisco IOS Release 15SY
MPLS: Layer 3 VPNs: Inter-AS and CSC Configuration Guide, Cisco IOS Release 15SY First Published: October 15, 2012 Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706
More informationMPLS design. Massimiliano Sbaraglia
MPLS design Massimiliano Sbaraglia - MPLS layer 2 VPN diagram flowchart - MPLS layer 2 VPN pseudowire VPWS diagram - MPLS layer 2 VPN VPLS diagram - MPLS layer 2 EVPN diagram - MPLS layer 3 VPN diagram
More informationCCIE R&S Techtorial MPLS
CCIE R&S Techtorial MPLS Ing. Tomáš Kelemen Partner Systems Engineer CCIE #24395 Ing. Peter Mesjar Systems Engineer CCIE #17428 2011 Cisco Systems, Inc. All rights reserved. 1 Agenda Introduction to MPLS
More informationVRF, MPLS and MP-BGP Fundamentals
VRF, MPLS and MP-BGP Fundamentals Jason Gooley, CCIEx2 (RS, SP) #38759 Twitter: @ccie38759 LinkedIn: http://www.linkedin.com/in/jgooley Agenda Introduction to Virtualization VRF-Lite MPLS & BGP Free Core
More informationMPLS VPN Architecture Scaling
MPLS VPN Architecture Scaling Section 2 2001, Cisco Systems, Inc. All rights reserved. 1 Agenda MPLS VPN Single Backbone Architecture MPLS VPN Scalability Elements Sizing Provider Edge () Routers Memory
More informationCisco Training - HD Telepresence MPLS: Implementing Cisco MPLS V3.0. Upcoming Dates. Course Description. Course Outline
Cisco Training - HD Telepresence MPLS: Implementing Cisco MPLS V3.0 From the technology basics to advanced VPN configuration. $3,995.00 5 Days Upcoming Dates Dec 10 - Dec 14 Mar 25 - Mar 29 Course Description
More informationConfiguring MPLS, MPLS VPN, MPLS OAM, and EoMPLS
CHAPTER 43 Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS This chapter describes how to configure multiprotocol label switching (MPLS) and Ethernet over MPLS (EoMPLS) on the Cisco ME 3800X and ME 3600X
More informationDeploying MPLS L3VPN. Apricot Cisco and/or its affiliates. All rights reserved. Cisco Public
Deploying MPLS L3VPN 1 Abstract This session describes the implementation of IP Virtual Private Networks (IP VPNs) using MPLS. It is the most common Layer 3 VPN technology, as standardized by IETF RFC2547/4364,
More informationBGP Protocol & Configuration. Scalable Infrastructure Workshop AfNOG2008
BGP Protocol & Configuration Scalable Infrastructure Workshop AfNOG2008 Border Gateway Protocol (BGP4) Case Study 1, Exercise 1: Single upstream Part 6: BGP Protocol Basics Part 7: BGP Protocol - more
More informationConnecting to a Service Provider Using External BGP
Connecting to a Service Provider Using External BGP First Published: May 2, 2005 Last Updated: August 21, 2007 This module describes configuration tasks that will enable your Border Gateway Protocol (BGP)
More informationBGP Best External. Finding Feature Information
The feature provides the network with a backup external route to avoid loss of connectivity of the primary external route. The feature advertises the most preferred route among those received from external
More informationMultiprotocol BGP 1 MPLS VPN. Agenda. Multiprotocol BGP 2
Multiprotocol BGP 1 MPLS VPN Peer to Peer VPN s BGP-4 (RFC 1771) is capable of carrying routing information only for IPv4 The only three pieces of information carried by BGP-4 that are IPv4 specific are
More informationExam : Title : BGP + MPLS Exam (BGP + MPLS)
Exam : 642-691 Title : BGP + MPLS Exam (BGP + MPLS) Ver : 09-19-2008 QUESTION 1: Every time a flap occurs on a route, the route receives A. 750 per-flap penalty points which are user configurable B. 1500
More informationL3VPN Configuration. L3VPN Overview. Introduction to L3VPN
Table of Contents L3VPN Configuration 1 L3VPN Overview 1 Introduction to L3VPN 1 L3VPN Concepts 2 L3VPN Networking Schemes 3 OSPF VPN Extension 6 L3VPN Configuration Task List 8 Configuring VPN Instances
More informationMulti-VRF Support. Finding Feature Information. Prerequisites for Multi-VRF Support
The feature allows you to configure and maintain more than one instance of a routing and forwarding table within the same customer edge (CE) device. Finding Feature Information, page 1 Prerequisites for,
More informationIBGP internals. BGP Advanced Topics. Agenda. BGP Continuity 1. L49 - BGP Advanced Topics. L49 - BGP Advanced Topics
IBGP internals BGP Advanced Topics main IBGP aspects inside an AS continuity all packets entering the AS that were not blocked by some policies should reach the proper exit BGP router all transit routers
More informationDeploying MPLS-based IP VPNs
Deploying MPLS-based IP VPNs Rajiv Asati, Distinguished Engineer, Cisco Rajiv_cisco BRKMPL-2102 Abstract This session describes the implementation of IP Virtual Private Networks (IP VPNs) using MPLS. It
More informationIPv6 Switching: Provider Edge Router over MPLS
Multiprotocol Label Switching (MPLS) is deployed by many service providers in their IPv4 networks. Service providers want to introduce IPv6 services to their customers, but changes to their existing IPv4
More informationПрименение MPLS в сетях связи. (Часть 2)
Применение MPLS в сетях связи. (Часть 2) Дополнительные главы Компьютерных сетей и телекоммуникаций. Васин В.В. CCIE, ECE, CCSI MPLS VPN Technology Introducing VPNs Traditional Router-Based Networks Traditional
More informationWhat You Will Learn By the end of this appendix, you should know and be able to explain the following:
What You Will Learn By the end of this appendix, you should know and be able to explain the following: What static MPLS labels are and how they can be used The difference between static MPLS bindings and
More informationBGP Cost Community. Prerequisites for the BGP Cost Community Feature
The feature introduces the cost extended community attribute. The cost community is a non-transitive extended community attribute that is passed to internal BGP (ibgp) and confederation peers but not to
More informationIntroduction. Keith Barker, CCIE #6783. YouTube - Keith6783.
Understanding, Implementing and troubleshooting BGP 01 Introduction http:// Instructor Introduction Keith Barker, CCIE #6783 CCIE Routing and Switching 2001 CCIE Security 2003 kbarker@ine.com YouTube -
More informationMPLS Layer 3 VPNs Configuration Guide, Cisco IOS Release 12.4T
MPLS Layer 3 VPNs Configuration Guide, Cisco IOS Release 12.4T Americas Headquarters Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134-1706 USA http://www.cisco.com Tel: 408 526-4000 800 553-NETS
More informationPASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year
PASS4TEST IT Certification Guaranteed, The Easy Way \ http://www.pass4test.com We offer free update service for one year Exam : 642-691 Title : CCIP BGP + MPLS Exam (BGP + MPLS) Vendors : Cisco Version
More informationAToM (Any Transport over MPLS)
I N D E X A AAL5 over MPLS operation, 459 460 configuration, 462 463 flowchart configuration, 461 PE router, 461 provider router, 461 verification, 463 465 AAL5 to VLAN Interworking, 515 517 AC (Attachment
More informationDeploying MPLS-based IP VPNs
Deploying MPLS-based IP VPNs Rajiv Asati Distinguished Engineer 2 Abstract This session describes the implementation of IP Virtual Private Networks (IP VPNs) using MPLS. It is the most common Layer 3 VPN
More informationConfiguring MPLS and EoMPLS
37 CHAPTER This chapter describes how to configure multiprotocol label switching (MPLS) and Ethernet over MPLS (EoMPLS) on the Catalyst 3750 Metro switch. MPLS is a packet-switching technology that integrates
More informationBGP MPLS VPNs. Introduction
This chapter describes services that are supported for Border Gateway Protocol (BGP) Multi-Protocol Label Switching (MPLS) Virtual Private Networks (VPNs). MPLS is a licensed Cisco feature that requires
More informationImplementing MPLS Layer 3 VPNs
Implementing MPLS Layer 3 VPNs A Multiprotocol Label Switching (MPLS) Layer 3 Virtual Private Netwk (VPN) consists of a set of sites that are interconnected by means of an MPLS provider ce netwk. At each
More informationIOS Implementation of the ibgp PE CE Feature
IOS Implementation of the ibgp PE CE Feature Document ID: 117567 Contributed by Luc De Ghein, Cisco TAC Engineer. Apr 04, 2014 Contents Introduction Background Information Implement ibgp PE CE BGP Customer
More information26 CHAPTER Virtual Private Networks (VPNs) provide a secure way for customers to share bandwidth over an ISP backbone network. A VPN is a collection of sites sharing a common routing table. A customer
More informationWORKSHOP MPLS.
WORKSHOP MPLS fbolanos@cisco.com 2001, Cisco Systems, Inc. All rights reserved. 1 MPLS Concepts Label Structure Label assignment and distribution ATM LSRs Loop prevention RD, RT and VRF instances Service
More informationHP FlexFabric 7900 Switch Series
HP FlexFabric 7900 Switch Series MCE Configuration Guide Part number: 5998-6188 Software version: Release 2117 and Release 2118 Document version: 6W100-20140805 Legal and notice information Copyright 2014
More informationConfiguring BGP: RT Constrained Route Distribution
Configuring BGP: RT Constrained Route Distribution BGP: RT Constrained Route Distribution is a feature that can be used by service providers in Multiprotocol Label Switching (MPLS) Layer 3 VPNs to reduce
More informationBGP Diverse Path Using a Diverse-Path Route Reflector
BGP Diverse Path Using a Diverse-Path Route Reflector The feature allows Border Gateway Protocol (BGP) to distribute an alternative path other than the best path between BGP speakers when route reflectors
More informationIPv6 Switching: Provider Edge Router over MPLS
Multiprotocol Label Switching (MPLS) is deployed by many service providers in their IPv4 networks. Service providers want to introduce IPv6 services to their customers, but changes to their existing IPv4
More informationContents. Introduction. Prerequisites. Configure. Requirements. Components Used
Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Configurations CE1 CE2 PE1 PE2 Verify Case 1: Accepting and exchanging customer routes over MP-BGP Case 2: Leaking
More informationMPLS VPN Half-Duplex VRF
The feature provides scalable hub-and-spoke connectivity for subscribers of an Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) service. This feature addresses the limitations of hub-and-spoke
More informationHP A5820X & A5800 Switch Series MPLS. Configuration Guide. Abstract
HP A5820X & A5800 Switch Series MPLS Configuration Guide Abstract This document describes the software features for the HP 5820X & 5800 Series products and guides you through the software configuration
More informationHP FlexFabric 5930 Switch Series
HP FlexFabric 5930 Switch Series MCE Configuration Guide Part number: 5998-4625 Software version: Release 2406 & Release 2407P01 Document version: 6W101-20140404 Legal and notice information Copyright
More informationBGP Support for the L2VPN Address Family
BGP support for the Layer 2 Virtual Private Network (L2VPN) address family introduces a BGP-based autodiscovery mechanism to distribute L2VPN endpoint provisioning information. BGP uses a separate L2VPN
More informationBGP Next Hop Unchanged
BGP Next Hop Unchanged Last Updated: September 8, 2011 In an external BGP (ebgp) session, by default, the router changes the next hop attribute of a BGP route (to its own address) when the router sends
More informationWAN Edge MPLSoL2 Service
4 CHAPTER While Layer 3 VPN services are becoming increasing popular as a primary connection for the WAN, there are a much larger percentage of customers still using Layer 2 services such Frame-Relay (FR).
More informationThe CCIE Candidate s Introduction to MPLS L3VPN Networks
The CCIE Candidate s Introduction to MPLS L3VPN Networks Keith Barker, Scott Morris Tour Guide Keith Barker, CCIEx2 #6783, CCDP, CISSP CCIE Route/Switch and Security Twitter: @KeithBarkerCCIE YouTube:
More informationTELCO GROUP NETWORK. Rafał Jan Szarecki 23/10/2011
TELCO GROUP NETWORK Rafał Jan Szarecki 23/10/2011 GOALS G-NET Regional (MEA) TELCO has 12 national s OpCo. Build international network infrastructure, to allow all OpCo offer VPNs with sites in multiple
More informationBGP mvpn BGP safi IPv4
The BGP mvpn BGP safi 129 IPv4 feature provides the capability to support multicast routing in the service provider s core IPv4 network This feature is needed to support BGP-based MVPNs BGP MVPN provides
More informationMulti-Protocol Label Switching (MPLS) Support
This chapter describes the system's support for BGP/MPLS VPN and explains how it is d. The product administration guides provide examples and procedures for configuration of basic services on specific
More informationVRF, MPLS and MP-BGP Fundamentals
, MPLS and MP-BGP Fundamentals Jason Gooley, CCIEx2 (RS, SP) #38759 Twitter: @Jason_Gooley LinkedIn: http://www.linkedin.com/in/jgooley Agenda Introduction to Virtualization -Lite MPLS & BGP Free Core
More informationInter-AS MPLS Solutions. BRKMPL-2105 Sangita Pandya, TME, Cisco Systems, Inc.
Inter-AS MPLS Solutions BRKMPL-2105 Sangita Pandya, TME, Cisco Systems, Inc. SPANDYA@cisco.com The Prerequisites Must understand basic IP routing Familiar with MPLS architectures Familiar with MPLS applications
More informationLARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF
LARGE SCALE IP ROUTING LECTURE BY SEBASTIAN GRAF MODULE 07 - MPLS BASED LAYER 2 SERVICES 1 by Xantaro MPLS BASED LAYER 2 VPNS USING MPLS FOR POINT-TO-POINT LAYER 2 SERVICES 2 by Xantaro Why are Layer-2
More informationMPLS VPN Explicit Null Label Support with BGP. BGP IPv4 Label Session
MPLS VPN Explicit Null Label Support with BGP IPv4 Label Session The MPLS VPN Explicit Null Label Support with BGP IPv4 Label Session feature provides a method to advertise explicit null in a Border Gateway
More informationBGP Event-Based VPN Import
The feature introduces a modification to the existing Border Gateway Protocol (BGP) path import process. The enhanced BGP path import is driven by events; when a BGP path changes, all of its imported copies
More informationUniNets MPLS LAB MANUAL MPLS. UNiNets Multiprotocol label Switching MPLS LAB MANUAL. UniNets MPLS LAB MANUAL
MPLS UNiNets Multiprotocol label Switching MPLS LAB MANUAL CCNP TOPOLOGY Lab: OSPF Routing VPN Topology: Task1: Perform the basic Configuration to provide the reachability as per diagram. SW1 Configuration
More informationProtecting an EBGP peer when memory usage reaches level 2 threshold 66 Configuring a large-scale BGP network 67 Configuring BGP community 67
Contents Configuring BGP 1 Overview 1 BGP speaker and BGP peer 1 BGP message types 1 BGP path attributes 2 BGP route selection 6 BGP route advertisement rules 6 BGP load balancing 6 Settlements for problems
More informationIntroduction to External Connectivity
Before you begin Ensure you know about Programmable Fabric. Conceptual information is covered in the Introduction to Cisco Programmable Fabric and Introducing Cisco Programmable Fabric (VXLAN/EVPN) chapters.
More informationThis document is not restricted to specific software and hardware versions.
Contents Introduction Prerequisites Requirements Components Used Background Information Configure Network Diagram Configuration DN Bit Verify Troubleshoot Related Cisco Support Community Discussions Introduction
More informationOperation Manual MCE H3C S3610&S5510 Series Ethernet Switches. Table of Contents
Table of Contents Table of Contents Chapter 1 MCE Overview... 1-1 1.1 MCE Overview... 1-1 1.1.1 Introduction to BGP/MPLS VPN... 1-1 1.1.2 BGP/MPLS VPN Concepts... 1-2 1.1.3 Introduction to MCE... 1-5 1.1.4
More informationBGP Commands: M through N
match additional-paths advertise-set, on page 3 match as-path, on page 6 match community, on page 8 match extcommunity, on page 10 match local-preference, on page 12 match policy-list, on page 14 match
More informationConcepts and Operation of MPLS VPNs. Francisco Bolanos
Concepts and Operation of MPLS VPNs Francisco Bolanos fbolanos@cisco.com 2001, Cisco Systems, Inc. All rights reserved. 1 Agenda MPLS Concepts Label Structure Label assignment and distribution RD, RT and
More informationComputer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS
Computer Network Architectures and Multimedia Guy Leduc Chapter 2 MPLS networks Chapter based on Section 5.5 of Computer Networking: A Top Down Approach, 6 th edition. Jim Kurose, Keith Ross Addison-Wesley,
More informationHPE FlexFabric 5940 Switch Series
HPE FlexFabric 5940 Switch Series MCE Configuration Guide Part number: 5200-1024b Software version: Release 25xx Document version: 6W102-20170830 Copyright 2017 Hewlett Packard Enterprise Development LP
More informationHP 5920 & 5900 Switch Series
HP 5920 & 5900 Switch Series MCE Configuration Guide Part number: 5998-2896 Software version: Release2207 Document version: 6W100-20121130 Legal and notice information Copyright 2012 Hewlett-Packard Development
More informationRavi Chandra cisco Systems Cisco Systems Confidential
BGP4 1 Ravi Chandra cisco Systems 0799_04F7_c2 Cisco Systems Confidential 2 Border Gateway Protocol (BGP) Introduction to BGP BGP Peer Relationship BGP Attributes Applying Policy with BGP Putting it all
More informationEgress Protection (draft-shen-mpls-egress-protection-framework) Presented by Krzysztof G. Szarkowicz NANOG71 October 4, 2017
Egress Protection (draft-shen-mpls-egress-protection-framework) Presented by Krzysztof G. Szarkowicz NANOG71 October 4, 2017 Current status draft-shen-mpls-egress-protection-framework-05 Co-authored by
More informationibgp Multipath Load Sharing
This feature module describes the feature. This feature enables the BGP speaking router to select multiple ibgp paths as the best paths to a destination. The best paths or multipaths are then installed
More informationBGP Commands on Cisco ASR 9000 Series Router
This module describes the commands used to configure and monitor Border Gateway Protocol (BGP) on Cisco ASR 9000 Series Aggregation Services Routers using Cisco IOS XR software. The commands in this module
More informationConfiguring Scalable Hub-and-Spoke MPLS VPNs
Configuring Scalable Hub-and-Spoke MPLS VPNs Last Updated: December 15, 2011 This module explains how to ensure that virtual private network (VPN) clients that connect to the same provider edge (PE) router
More informationOSPF Sham-Link Support for MPLS VPN
Feature History Release Modification 12.2(8)T This feature was introduced. This module describes how to configure and use a sham-link to connect Virtual Private Network (VPN) client sites that run the
More informationConnecting to a Service Provider Using External BGP
Connecting to a Service Provider Using External BGP This module describes configuration tasks that will enable your Border Gateway Protocol (BGP) network to access peer devices in external networks such
More informationTable of Contents Chapter 1 MPLS L3VPN Configuration
Table of Contents Table of Contents... 1-1 1.1 MPLS L3VPN Overview... 1-1 1.1.1 MPLS L3VPN Model... 1-2 1.1.2 MPLS L3VPN Implementation... 1-5 1.1.3 Nested MPLS L3VPN Implementation... 1-7 1.1.4 Hierarchical
More informationH3C S10500 Switch Series
H3C S10500 Switch Series MPLS Configuration Guide Hangzhou H3C Technologies Co., Ltd. http://www.h3c.com Software version: Release 1126 and Later Document version: 20111130-C-1.01 Copyright 2011, Hangzhou
More informationMPLS VPN over mgre. Finding Feature Information. Last Updated: November 1, 2012
MPLS VPN over mgre Last Updated: November 1, 2012 The MPLS VPN over mgre feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity
More informationConfiguring Internal BGP Features
This module describes how to configure internal Border Gateway Protocol (BGP) features. Internal BGP (ibgp) refers to running BGP on networking devices within one autonomous system. BGP is an interdomain
More informationLab 1: Static MPLS LSP-RTX4-RTX1 LSP-RTX1-RTX4 LSP-RTX3-RTX2 LSP-RTX2-RTX3
Lab 1: Static MPLS First lab gives a basic understanding of MPLS label swapping No signaling manually assign labels like static routing Understand configuration, forwarding tables, and debugging of MPLS
More informationibgp Multipath Load Sharing
ibgp Multipath Load haring Feature History Release 12.2(2)T 12.2(14) Modification This feature was introduced. This feature was integrated into. This feature module describes the ibgp Multipath Load haring
More informationMPLS for R&S CCIE Candidates
MPLS for R&S CCIE Candidates Johnny Bass CCIE #6458 2 About the Presenter Johnny Bass Networking industry since the late 1980s CCIE R&S #6458 CCSI 97168 Cisco 360 R&S Master Instructor Course director
More informationImplementing MPLS VPNs over IP Tunnels
The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Network (L3VPN) services, over an IP core network, using L2TPv3 multipoint tunneling instead of MPLS. This allows L2TPv3 tunnels
More informationConfiguring BGP community 43 Configuring a BGP route reflector 44 Configuring a BGP confederation 44 Configuring BGP GR 45 Enabling Guard route
Contents Configuring BGP 1 Overview 1 BGP speaker and BGP peer 1 BGP message types 1 BGP path attributes 2 BGP route selection 6 BGP route advertisement rules 6 BGP load balancing 6 Settlements for problems
More information