3 Virtual Routing and Forwarding Table A VRF is the routing and forwarding instance for a set of sites with identical connectivity requirements. Data structures associated with a VRF are as follows: IP routing table CEF table Set of rules and routing protocol parameters (routing protocol contexts) List of interfaces that use the VRF Other information associated with a VRF is as follows: Route Distinguisher Set of import and export Route Targets
4 Need for Routing Protocol Contexts There are two backbones with overlapping addresses. RIP is running in both VPNs. RIP in VPN A has to be different from RIP in VPN B. Cisco IOS software supports only one RIP process per router.
5 VPN-Aware Routing Protocols Routing context = routing protocol run in one VRF: Supported by VPN-aware routing protocols: External BGP (EBGP), EIGRP, OSPF, RIP version 2 (RIPv2), static routes Implemented as several instances of a single routing process (EBGP, RIPv2) or as several routing processes (OSPF) Independent per-instance router variables for each instance
6 VRF Table Contains routes that should be available to a particular set of sites Analogous to standard Cisco IOS software routing table; supports same set of mechanisms VPN interfaces (physical interface, subinterfaces, logical interfaces) assigned to VRFs: Many interfaces per VRF Each interface assignable to only one VRF
7 BGP Route Propagation Outbound Two VPNs are attached to the same PE router. Each VPN is represented by a VRF.
8 BGP Route Propagation Outbound (Cont.) BGP-speaking CE routers announce their prefixes to the PE router via BGP.
9 BGP Route Propagation Outbound (Cont.) BGP-speaking CE routers announce their prefixes to the PE router via BGP. Instance of BGP process associated with the VRF to which the PE-CE interface belongs collects the routes and inserts them into VRF routing table.
10 BGP Route Propagation Outbound (Cont.) Route distinguisher is prepended during route export to the BGP routes from VRF instance of BGP process to convert them into VPNv4 prefixes. Route targets are attached to these prefixes.
11 BGP Route Propagation Outbound (Cont.) Route distinguisher is prepended during route export to the BGP routes from VRF instance of BGP process to convert them into VPNv4 prefixes. Route targets are attached to these prefixes. VPNv4 prefixes are propagated to other PE routers.
12 Non-BGP Route propagation - Outbound RIP-speaking CE routers announce their prefixes to the PE router via RIP.
13 Non-BGP Route propagation Outbound RIP-speaking CE routers announce their prefixes to the PE router via RIP. Instance of RIP process associated with the VRF to which the PE-CE interface belongs collects the routes and inserts them into VRF routing table.
14 Non-BGP Route propagation Outbound RIP routes entered in the VRF routing table are redistributed into BGP for further propagation into the MPLS VPN backbone.
15 Non-BGP Route propagation Outbound RIP routes entered in the VRF routing table are redistributed into BGP for further propagation into the MPLS VPN backbone. Redistribution between RIP and BGP has to be configured for proper MPLS VPN operation.
16 Route Propagation Inbound VPNv4 prefixes are received from other PE routers.
17 Route Propagation Inbound (Cont.) VPNv4 prefixes are received from other PE routers. The VPNv4 prefixes are inserted into proper VRF routing tables based on their route targets and import route targets configured in VRFs. Route distinguisher is removed during this process.
18 Route Propagation Inbound (Cont.) Routes are received from backbone MP-BGP and imported into a VRF.
19 Route Propagation Inbound (Cont.) Routes are received from backbone MP-BGP and imported into a VRF. IPv4 routes are forwarded to EBGP CE neighbors attached to that VRF.
20 Route Propagation Inbound (Cont.)
21 Route Propagation Inbound (Cont.) MP-IBGP routes imported into a VRF are redistributed into the instance of RIP configured for that VRF.
22 Route Propagation Inbound (Cont.) MP-IBGP routes imported into a VRF are redistributed into the instance of RIP configured for that VRF. Redistribution between BGP and RIP has to be configured for endto-end RIP routing between CE routers.
23 Route Propagation Inbound (Cont.) Routes redistributed from BGP into a VRF instance of RIP are sent to RIP-speaking CE routers.
24 Creating VRF Tables and Assigning RDs Router(config)# ip vrf name Creates a new VRF or enters configuration of an existing VRF. VRF names are case-sensitive. VRF is not operational unless you configure RD. VRF names have only local significance. Router(config-vrf)# rd route-distinguisher Assigns a route distinguisher to a VRF. You can use ASN:nn or A.B.C.D:nn format for RD. Each VRF in a PE router has to have a unique RD.
25 Specifying Export and Import RTs Router(config-vrf)# route-target export RT Specifies an RT to be attached to every route exported from this VRF to MP-BGP Allows specification of many export RTs all to be attached to every exported route Router(config-vrf)# route-target import RT Specifies an RT to be used as an import filter only routes matching the RT are imported into the VRF Allows specification of many import RTs any route where at least one RT attached to the route matches any import RT is imported into the VRF Due to implementation issues, at least one export route target must also be an import route target of the same VRF in Cisco IOS Release 12.0 T.
26 Specifying Export and Import RTs (Cont.) Router(config-vrf)# route-target both RT In cases where the export RT matches the import RT, use this form of route-target command. Sample router configuration for simple customer VPN: ip vrf Customer_ABC rd 12703:15 route-target export 12703:15 route-target import 12703:15
27 Assigning an Interface to VRF Table Router(config-if)# ip vrf forwarding vrf-name Associates an interface with the specified VRF. Existing IP address removed from the interface when interface is put into VRF IP address must be reconfigured. CEF switching must be enabled on the interface. Sample router configuration: ip cef! interface serial 0/0 ip vrf forwarding Customer_ABC ip address
28 MPLS VPN Network Example The network supports two VPN customers. Customer A runs RIP and BGP with the service provider; customer B uses only RIP. Both customers use network
29 MPLS VPN Network Example (Cont.)
30 Configuring BGP Address Families The BGP process in an MPLS VPN-enabled router performs three separate tasks: Global BGP routes (Internet routing) are exchanged as in traditional BGP setup. VPNv4 prefixes are exchanged through MP-BGP. VPN routes are exchanged with CE routers through per-vrf EBGP sessions. Address families (routing protocol contexts) are used to configure these three tasks in the same BGP process.
31 Configuring BGP Address Families (Cont.) Router(config)# router bgp as-number Selects global BGP routing process Router(config-router)# address-family vpnv4 Selects configuration of VPNv4 prefix exchanges under MP-BGP sessions Router(config-router)# address-family ipv4 vrf vrf-name Selects configuration of per-vrf PE-CE EBGP parameters
32 BGP Neighbors MP-BGP neighbors are configured under the BGP routing process: These neighbors need to be activated for each global address family that they support. Per-address-family parameters can be configured for these neighbors. VRF-specific EBGP neighbors are configured under corresponding address families.
33 Configuring MP-BGP MPLS VPN MP-BGP configuration steps: Configure MP-BGP neighbor under BGP routing process. Configure BGP address family VPNv4. Activate configured BGP neighbor for VPNv4 route exchange. Specify additional parameters for VPNv4 route exchange (filters, next hops, and so on).
34 Configuring MP-IBGP Router(config)# router bgp as-number neighbor ip-address remote-as as-number neighbor ip-address update-source loopback-type interface number All MP-BGP neighbors have to be configured under global BGP routing configuration. MP-IBGP sessions have to run between loopback interfaces. Router(config-router)# address-family vpnv4 Starts configuration of MP-BGP routing for VPNv4 route exchange. Parameters that apply only to MP-BGP exchange of VPNv4 routes between already configured IBGP neighbors are configured under this address family.
35 Configuring MP-IBGP (Cont.) Router(config-router-af)# neighbor ip-address activate The BGP neighbor defined under BGP router configuration has to be activated for VPNv4 route exchange. Router(config-router-af)# neighbor ip-address next-hop-self The next-hop-self keyword can be configured on the MP-IBGP session for MPLS VPN configuration if EBGP is being run with a CE neighbor.
36 MP-BGP BGP Community Propagation Router(config-router-af)# neighbor ip-address send-community [extended both] This command configures propagation of standard and extended BGP communities attached to VPNv4 prefixes. Default value: only extended communities are sent. Usage guidelines: Extended BGP communities attached to VPNv4 prefixes have to be exchanged between MP-BGP neighbors for proper MPLS VPN operation. To propagate standard BGP communities between MP- BGP neighbors, use the both option.
37 MP-BGP BGP Community Propagation (Cont.)
38 Disabling IPv4 Route Exchange Router(config-router)# no bgp default ipv4 unicast Exchange of IPv4 routes between BGP neighbors is enabled by default every configured neighbor will also receive IPv4 routes. This command disables default exchange of IPv4 routes neighbors that need to receive IPv4 routes have to be activated for IPv4 route exchange. Use this command when the same router carries Internet and VPNv4 routes and you do not want to propagate Internet routes to some PE neighbors.
39 Disabling IPv4 Route Exchange (Cont.) Neighbor receives only Internet routes. Neighbor receives only VPNv4 routes. Neighbor receives Internet and VPNv4 routes. router bgp no bgp default ipv4 unicast neighbor remote-as neighbor remote-as neighbor remote-as 12703! Activate IPv4 route exchange neighbor activate neighbor activate! Activate VPNv4 route exchange address-family vpnv4 neighbor activate neighbor activate
40 Monitoring VRFs Router# show ip vrf Displays the list of all VRFs configured in the router Router# show ip vrf detail Displays detailed VRF configuration Router# show ip vrf interfaces Displays interfaces associated with VRFs
41 Monitoring VRF Routing Router# show ip protocols vrf name Displays the routing protocols configured in a VRF Router# show ip route vrf name Displays the VRF routing table Router# show ip bgp vpnv4 vrf name Displays per-vrf BGP parameters (PE-CE neighbors )
42 Monitoring MP-BGP Sessions Router# show ip bgp neighbors Displays global BGP neighbors and the protocols negotiated with these neighbors
43 Monitoring an MP-BGP VPNv4 Table Router# show ip bgp vpnv4 all Displays whole VPNv4 table. Router# show ip bgp vpnv4 vrf vrf -name Displays only BGP parameters (routes or neighbors) associated with specified VRF. Router# show ip bgp vpnv4 rd value Displays only BGP parameters (routes or neighbors) associated with specified RD.
44 Monitoring Per-VRF CEF and LFIB Structures Router# show ip cef vrf vrf-name Displays per-vrf CEF table Router# show ip cef vrf vrf-name ip-prefix detail Displays details of an individual CEF entry, including label stack Router# show mpls forwarding vrf vrf-name Displays labels allocated by an MPLS VPN for routes in the specified VRF
45 Other MPLS VPN Monitoring Commands Router# telnet host /vrf vrf-name Performs PE-CE Telnet through specified VRF Router# ping vrf vrf-name Performs ping based on VRF routing table Router# trace vrf vrf-name Performs VRF-based traceroute
MPLS Implementing Cisco MPLS Volume 2 Version 2.1 Student Guide Text Part Number: ILSG Production Services: 11.18.04 Copyright 2004, Cisco Systems, Inc. All rights reserved. Cisco Systems has more than
Implementing Cisco MPLS Course MPLS v2.3; 5 Days, Instructor-led Course Description This design document is for the refresh of the Implementing Cisco MPLS (MPLS) v2.3 instructor-led training (ILT) course,
IMPLEMENTING CISCO MPLS V2.3 (MPLS) COURSE OVERVIEW: The course will enable learners to gather information from the technology basics to advanced VPN configuration. The focus of the course is on VPN technology
Introduction Inter-AS L3VPN 1 Extending VPN services over Inter-AS networks VPN Sites attached to different MPLS VPN Service Providers How do you distribute and share VPN routes between ASs Back- to- Back
Where MPLS part I explains the basics of labeling packets, it s not giving any advantage over normal routing, apart from faster table lookups. But extensions to MPLS allow for more. In this article I ll
CHAPTER 23 This chapter describes how to configure a hub-and-spoke topology for Multiprotocol Layer Switching (MPLS) Layer 3 virtual private networks (VPNs) on Cisco NX-OS devices. This chapter includes
IMPLEMENTING CISCO MPLS V3.0 (MPLS) COURSE OVERVIEW: Multiprotocol Label Switching integrates the performance and traffic-management capabilities of data link Layer 2 with the scalability and flexibility
The feature allows the replacement of route targets on incoming and outgoing Border Gateway Protocol (BGP) updates Typically, Autonomous System Border Routers (ASBRs) perform the replacement of route targets
MPLS Inter-AS VPNs Configuration on Cisco Devices (C) Herbert Haas 2005/03/11 1 #1: Back-to-Back VRF ip vrf blue rd 1:1 route-target both 1:1 address-family ipv4 vrf blue neighbor 126.96.36.199 activate ip vrf
Using OSPF in an MPLS VPN Environment Overview This module introduces the interaction between multi-protocol Border Gateway Protocol (MP-BGP) running between Provider Edge routers (s) and Open Shortest
CHAPTER 3 TheCisco 10000 series router supports the IP virtual private network (VPN) feature for Multiprotocol Label Switching (MPLS). MPLS-based VPNs allow service providers to deploy a scalable and cost-effective
The Border Gateway Protocol (BGP) Link Bandwidth feature is used to advertise the bandwidth of an autonomous system exit link as an extended community. This feature is configured for links between directly
The BGP (Border Gateway Protocol) Link Bandwidth feature is used to advertise the bandwidth of an autonomous system exit link as an extended community. This feature is configured for links between directly
BGP Link Bandwidth The Border Gateway Protocol (BGP) Link Bandwidth feature is used to advertise the bandwidth of an autonomous system exit link as an extended community. This feature is configured for
Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint
The feature overcomes the requirement that a carrier support multiprotocol label switching (MPLS) by allowing you to provide MPLS connectivity between networks that are connected by IP-only networks. This
MPLS Cisco MPLS MPLS Introduction The most up-to-date version of this test is at: http://networksims.com/i01.html Cisco Router Challenge 227 Outline This challenge involves basic frame-mode MPLS configuration.
Module 1-1 Introducing Basic MPLS Concepts 2004 Cisco Systems, Inc. All rights reserved. 1-1 Drawbacks of Traditional IP Routing Routing protocols are used to distribute Layer 3 routing information. Forwarding
BGP Support for IP Prefix Import from Global Table into a VRF Table The BGP Support for IP Prefix Import from Global Table into a VRF Table feature introduces the capability to import IPv4 unicast prefixes
Inter-Autonomous Systems for MPLS VPNs This feature module explains how to provide MPLS VPN services that can span several autonomous systems (ASs) and VPN service providers. History of the Inter-Autonomous
Autumn 2010 firstname.lastname@example.org MULTIPROTOCOL LABEL SWITCHING (MPLS) AND MPLS VPNS How Routers Forward Packets Process switching Hardly ever used today Router lookinginside the packet, at the ipaddress,
s@lm@n Cisco Exam 642-889 Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ] Cisco 642-889 : Practice Test Question No : 1 Refer to the exhibit.
Lab 4.2 Challenge Lab: Implementing MPLS VPNs Learning Objectives Configure Open Shortest Path First (OSPF) and Enhanced Interior Gateway Routing Protocol (EIGRP) on a router Enable MPLS on a router Verify
Question: 1 Every time a flap occurs on a route, the route receives A. 750 per-flap penalty points which are user configurable B. 1500 per-flap penalty points which are user configurable C. 200 per-flap
Implementing MPLS VPNs over IP Tunnels The MPLS VPNs over IP Tunnels feature lets you deploy Layer 3 Virtual Private Netwk (L3VPN) services, over an IP ce netwk, using L2TPv3 multipoint tunneling instead
MPLS VPN l.cittadini, m.cola, g.di battista motivations customer s problem a customer (e.g., private company, public administration, etc.) has several geographically distributed sites and would like to
Telfor Journal, Vol. 2, No. 1, 2010. 13 Analyzing Capabilities of Commercial and Open-Source Routers to Implement Atomic BGP Aleksandar Cvjetić and Aleksandra Smiljanić Abstract The paper analyzes implementations
Cisco 642-889 Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 4.1 QUESTION NO: 1 Cisco 642-889 Exam Which type of VPN requires a full mesh of virtual circuits to provide
S-38.3192 ITGuru Exercise (3: Building the MPLS BGP VPN) Spring 2006 Original version: Johanna Nieminen and Timo Viipuri (2005) Modified: Timo-Pekka Heikkinen, Juha Järvinen and Yavor Ivanov (2006) Task
Deploying MPLS-based IP VPNs Rajiv Asati Distinguished Engineer BRKMPL-2102 Abstract This session describes the implementation of IP Virtual Private Networks (IP VPNs) using MPLS. It is the most common
Copyright Information, Inc. All rights reserved. The following publication, CCIE R&S Lab Workbook Volume I Version 5.0, was developed by Internetwork Expert, Inc. All rights reserved. No part of this publication
Multiprotocol Label Switching Layer 3 Virtual Private Networks with Open ShortestPath First protocol PRASAD ATHUKURI Sreekavitha engineering info technology,kammam Abstract This paper aims at implementing
Kingston University London Thesis Title Implementation and performance evaluation of WAN services over MPLS Layer-3 VPN Dissertation submitted for the Degree of Master of Science in Networking and Data
CHAPTER 3 MAN Topology The MAN topology described in Figure 3-1 shows a network that serves three different organizations in a single corporation. Figure 3-1 Typical Self-Managed MPLS MAN Deployment PE7-7600
The leading edge in networking information White Paper Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM March 30, 2001 Abstract: The purpose of this white paper is to present discussion
1 2 3 4 -Lower yellow line is graduate student enrollment -Red line is undergradate enrollment -Green line is total enrollment -2008 numbers are projected to be near 20,000 (on-campus) not including distance
International Journal of Engineering Research and Development e-issn: 2278-067X, p-issn: 2278-800X, www.ijerd.com Volume 7, Issue 8 (June 2013), PP. 26-32 Approach to build MPLS VPN using QoS capabilities
MPLS VPN Security An Overview Monique Morrow Michael Behringer May 2 2007 Future-Net Conference New York Futurenet - MPLS Security 1 Why Is MPLS VPN Security Important? Customer buys Internet Service :
Building VPNs With IPSec and MPLS Nam-Kee Tan CCIE #4307 S& -.jr."..- i McGraw-Hill New York Chicago San Francisco Lisbon London Madrid Mexico City Milan New Delhi San Juan Seoul Singapore Sydney Toronto
Fundamentals Multiprotocol Label Switching MPLS III Design of Telecommunication Infrastructures 2008-2009 Rafael Sebastian Departament de tecnologies de la Informació i les Comunicaciones Universitat Pompeu
BGP Diverse Path Using a Diverse-Path Route Reflector The feature allows Border Gateway Protocol (BGP) to distribute an alternative path other than the best path between BGP speakers when route reflectors
CHAPTER 12 Using the Border Gateway Protocol for Interdomain Routing The Border Gateway Protocol (BGP), defined in RFC 1771, provides loop-free interdomain routing between autonomous systems. (An autonomous
MPLS/VPN Overview 2009 Cisco Systems, Inc. All rights reserved. 1 Legal Notice THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS DOCUMENT ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL STATEMENTS,
Multicast Support for MPLS VPNs Configuration Example Document ID: 29220 Contents Introduction Prerequisites Requirements Components Used Conventions Background Information Configure Network Diagram Configurations
In this chapter, you learn about the following: How MPLS provides security (VPN separation, robustness against attacks, core hiding, and spoofing protection) How the different Inter-AS and Carrier s Carrier
IPv6 over IPv4/MPLS Networks: The 6PE approach Athanassios Liakopoulos Network Operation & Support Manager (email@example.com) Greek Research & Technology Network (GRNET) III Global IPv6 Summit Moscow, 25
Methods of interconnecting MPLS Networks NANOG31, May 2005 San Francisco Cable & Wireless Internet Engineering Udo Steinegger What this talk is about General This presentation covers technologies on how
1 Prefix-Lists - Route Filtering and Route-Maps - Prefix-lists are used to match routes as opposed to traffic. Two things are matched: The prefix (the network itself) The prefix-length (the length of the
MPLS Multi-Vendor Provisioning Presented by Brian O Sullivan Director, Product Management Dorado Software October 21, 2003 1 Agenda Why Interoperability? Types of VPNs Industry Standards Interoperability
MPLS Virtual Private Networks Luca Cittadini Giuseppe Di Battista Maurizio Patrignani Summary This chapter is devoted to Virtual Private Networks (VPNs) designed with Multi Protocol Label Switching (MPLS)
Expert Reference Series of White Papers Cisco Service Provider Next Generation Networks 1-800-COURSES www.globalknowledge.com Cisco Service Provider Next Generation Networks Johnny Bass - Senior Global
White Paper RFC 2547bis: BGP/MPLS VPN Fundamentals Chuck Semeria Marketing Engineer Juniper Networks, Inc. 1194 North Mathilda Avenue Sunnyvale, CA 94089 USA 408 745 2001 or 888 JUNIPER www.juniper.net
S-38.3192 ITGuru Excercise 3: BGP/MPLS VPN Spring 2007 Timo-Pekka Heikkinen, Juha Järvinen and Piia Töyrylä Task Description Overview The exercise 3 is about BGP/MPLS VPNs. The MPLS/LDP network from the
Design of Virtual Private Networks with MPLS Luca Cittadini Giuseppe Di Battista Maurizio Patrignani Summary This chapter is devoted to Virtual Private Networks(VPNs) designed with Multi Protocol Label
Bachelor's thesis (TUAS) Information Technology Information Technology 2015 Sanjib Gurung IMPLEMENTATION OF MPLS VPN BACHELOR S THESIS ABSTRACT TURKU UNIVERSITY OF APPLIED SCIENCES Information Technology
CHAPTER 3 Provisioning Dial Access to MPLS VPN Integration This chapter describes how to provision each of the methods of dial access to MPLS (Multiprotocol Label Switching) VPN (virtual private network)
Integration Solutions Guide for Managed Broadband Access Using MPLS VPNs for Cable Multiservice Operators This document describes a secure, scalable, managed broadband access system utilizing multiprotocol
: Implementing a Border Gateway Protocol Solution for ISP Connectivity CCNP ROUTE: Implementing IP Routing ROUTE v6 1 Objectives Describe basic BGP terminology and operation, including EBGP and IBGP. Configure
Expert Reference Series of White Papers An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire 1-800-COURSES www.globalknowledge.com An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire Al Friebe,
1 Session Number BGP Feature Update 12.0S July 2003 Mike Pennington firstname.lastname@example.org Cisco Systems - Denver, CO 2 Overview Overview Definition of Terms BGP Convergence optimization Issues w/ Static peer-groups
Module 12 Multihoming to the Same ISP Objective: To investigate various methods for multihoming onto the same upstream s backbone Prerequisites: Module 11 and Multihoming Presentation The following will
White Paper Connectivity Options Introduction access is perhaps one of the most popular services that Service Providers offer their customers. Customers have flexibility to purchase MPLS VPN services connectivity
WHITE PAPER UNDERSTANDING JUNOS OS NEXT-GENERATION MULTICAST VPNS Copyright 2010, Juniper Networks, Inc. 1 Table of Contents Executive Summary.............................................................................................
Enterprise Network Simulation Using MPLS- BGP Tina Satra 1 and Smita Jangale 2 1 Department of Computer Engineering, SAKEC, Chembur, Mumbai-88, India email@example.com 2 Department of Information Technolgy,
MPLS/BGP Network Simulation Techniques for Business Enterprise Networks Nagaselvam M Computer Science and Engineering, Nehru Institute of Technology, Coimbatore, Abstract Business Enterprises used VSAT