Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**

Transcription

1 Course: Duration: Price: $ 3, Learning Credits: 37 Certification: Implementing Cisco Service Provider Next-Generation Edge Network Services Implementing Cisco Service Provider Next-Generation Edge Network Services**Part of the CCNP Service Provider track** 5 Day Hands-On Lab & Lecture Course CCNP Service Provider Description: The Implementing Cisco Service Provider Next-Generation Edge Network Services (SPEDGE) v1.2 course is designed to help students prepare for the Cisco CCNP SP certification. The SPEDGE course is a component of the CCNP SP curriculum. The SPEDGE course is designed to provide service provider professionals with information on the use of service provider VPN solutions. The goal is to train professionals to enable service provider point of presence to provide Layer 2 and Layer 3 VPNs. The SPEDGE training reinforces the instruction by providing students with hands-on labs to ensure that they thoroughly understand how to implement VPNs within their networks. The course also includes classroom activities with remote labs that are useful to gain practical skills on deploying Cisco IOS or IOS XE and Cisco IOS XR features to operate and support service provider network. Note: Students registering for this course will be receiving their course kit in a digital format. To be able to view your digital kit you will need to bring a laptop PC and/or a compatible tablet PC, the recommended system requirements and instructions to access the course kit content can be found at the following link: Digital Course Kit Requirements and Instructions Please be aware that this digital version is designed for online use, not for printing. You can print up to 10 pages only in each guide within a course. Please note that every time you click the Print button in the book, this counts as one page printed, whether or not you click OK in the Print dialog. If you have any questions or issues with meeting the requirements listed above, please contact us at rlt@skyline-ats.com and provide the class name to which you are attending and we will be more than happy to help. SPEDGE v1.2 Page 1/12

2 Objective: Implementing Cisco Service Provider Next-Generation Edge Network Services After completing this course the student should be able to: Describe the VPN technologies that are used in the service provider environment and the MPLS VPN peer-to-peer architecture Describe the implementation steps that are needed to provide MPLS Layer 3 VPN service in the service provider network Describe how the MPLS Layer 3 VPN model can be used to implement managed services and Internet access Describe MPLS solutions for IPv6 and interdomain communication. Describe Layer 2 VPNs and Ethernet services Prerequisites: Intermediate to advanced knowledge of Cisco IOS, IOS XE, and IOS XR Software configuration Skills and knowledge equivalent to those learned in the following: Building Cisco Service Provider Next-Generation Networks, Part 1 (SPNGN1) v1.2 course Building Cisco Service Provider Next-Generation Networks, Part 2 (SPNGN2) v1.2 course Deploying Cisco Service Provider Network Routing (SPROUTE) v1.2 course Deploying Cisco Service Provider Advanced Network Routing (SPADVROUTE) v1.2 Implementing Cisco Service Provider Next-Generation Core Network Services (SPCORE) 1.2 course SPEDGE v1.2 Page 2/12

3 Who Should Attend: Implementing Cisco Service Provider Next-Generation Edge Network Services The primary audience for this course is as follows: This course is intended primarily for network administrators, network engineers, network managers, and systems engineers who would like to implement MPLS VPN service in their network. The secondary audience for this course is as follows: This course is intended for network designers and project managers. The course is also recommended to all individuals preparing for CCNP SP certification. SPEDGE v1.2 Page 3/12

4 Outline: Module 1: VPN Technologies Lesson 1: Introducing VPNs VPN Advantages VPN Terminology VPN in the Cisco IP NGN Infrastructure Layer VPN Types Overlay Layer 3 VPNs Overlay Layer 3 VPN: GRE Overlay Layer 3 VPN: DMVPN Overlay Layer 3 VPN: L2TPv3 Overlay Layer 3 VPN: IPsec VPN Overlay Layer 3 VPN: SSL VPN Peer-to-Peer VPNs Peer-to-Peer VPN: ACLs (Shared Router) Peer-to-Peer VPN: Split Routing (Dedicated Router) Peer-to-Peer VPN: GET VPN MPLS VPNs Summary Lesson 2: Introducing MPLS VPNs MPLS VPN Components MPLS VPN Architecture PE Router Architecture VRF Table Overview Route Propagation via Backbone Route Distinguishers Route Targets VPN Label RD, RT, and VPN Label in Layer 3 MPLS VPN MPLS VPN Routing Requirements MPLS VPN Routing Model PE Routing Tables End-to-End Routing Packet Forwarding Without a VPN Label Packet Forwarding with a VPN Label Penultimate Hop Popping VPN Label Propagation VPN Label Requirements Broken LSP Path SPEDGE v1.2 Page 4/12

5 Summary Lesson 3: Module Summary Module 2: MPLS Layer 3 VPNs Lesson 1: Implementing MPLS Layer 3 VPN Backbones Layer 3 MPLS VPNs PE Router Routing Contexts VPN-Aware Routing Protocols VRF Table Route Propagation in EBGP and MP-IBGP Route Propagation in IGP and MP-IBGP VRF Configuration Overview (Cisco IOS/XE/XR) Configuring RD Configuring Export and Import RTs VPN Identifier VRF Configuration in Cisco IOS/XE/XR Cisco IOS/XE VRF Common Policies Conditional Route Target Export and Import Migration from Old to New Style VRF CLI Multi-VRF Customer Edge VRF-Lite: VRF and Interface Configuration VRF-Lite: PE-CE Connections Using BGP MP-BGP Configurations MP-BGP Configuration Tasks BGP Address Families BGP Neighbors MP-BGP Community Propagation MP-BGP Configuration in Cisco IOS/XE/XR Disabling IPv4 Route Exchange VPN Label Allocation in Cisco IOS/XE VPN Label Allocation in Cisco IOS XR Lesson 2: Deploying Basic Routing in MPLS VPNs PE-CE Routing Configuring BGP VRF Routing Context Configuring Static PE-CE Routing Configuring PE-CE RIPv2 Routing Configuring PE-CE EIGRP Routing Reinjecting Routes into Core by Multihomed Sites Implementing EIGRP SOO for Loop Prevention Route Filtering Monitoring Layer 3 MPLS VPNs Lesson 3: Deploying OSPF and BGP in MPLS VPNs SPEDGE v1.2 Page 5/12

6 OSPF as PE-CE Routing Protocol OSPF-BGP Redistribution Issue Caveats of OSPF in MPLS VPN Routing OSPF Superbackbone OSPF Superbackbone Route Propagation OSPF Superbackbone Implementation OSPFv3 as PE-CE Routing Protocol PE-CE OSPF Configuration Procedure Configuring PE-CE OSPFv2 in Cisco IOS XR Configuring PE-CE OSPFv2 in Cisco IOS/XE OSPFv2 PE-CE Routing Example OSPFv3 PE-CE Routing Example Risk of Routing Loops with BGP and OSPF OSPF Down Bit Packet Forwarding Without the OSPF Down Bit Packet Forwarding with the OSPF Down Bit OSPF Sham Link Overview Configuring OSPF Sham Link BGP as the PE-CE Routing Protocol Limiting the Number of Routes in a VRF Reusing the Same AS Number for VPN Sites Solution: AS-Override Example of the Solution: AS-Override BGP Exchange with Multihomed Sites Solution: allowas-in and Site of Origin BGP Filtering Example (Cisco IOS XR) Example of BGP Filtering (Cisco IOS/XE) Troubleshooting MPLS VPNs Module 3: Special Connectivity in MPLS Layer 3 VPNs Lesson 1: Implementing Special Connectivity in MPLS VPNs Cisco IP NGN Infrastructure Layer Overlapping VPNs Overlapping VPNs Use Cases Routing in Overlapping VPNs Packet Flow in Overlapping VPNs Overlapping VPNs Configuration Procedure VRF Configuration in Overlapping VPNs BGP Configuration in Overlapping VPNs Central Services VPNs Routing in Central Services VPNs Packet Flow in Central Services VPNs SPEDGE v1.2 Page 6/12

7 Central Services VPN Configuration Procedure Central Services VPN Configuration Example Selective Import and Export (Cisco IOS XR) Selective Import (Cisco IOS XR) Selective Export (Cisco IOS XR) Managed CE Router Service Managed CE Router Service Requirements Managed CE Router Service Configuration Summary Lesson 2: Implementing Internet Access in MPLS VPNs Internet Connectivity Scenarios Classical Internet Access from VPN Multisite Internet Access Wholesale Internet Access Service Provider Shared Backbone Internet Access Design Models Internet Access via Global Routing: Classic Topology Internet Access via Global Routing: Separate Interfaces Internet Access via Global Routing: Static Routes Internet Access via Global Routing with BGP Global Internet Access with VRF-Aware Tunnels (Cisco IOS XR) Global Internet Access with VRF-Aware Tunnels (Cisco IOS/XE) Mutisite Internet Access via Global Routing Evaluation of Internet Access via Global Routing Internet Access Through Separate VPN Features of Internet Access via Separate VPN Internet Gateway Internet Gateway Configuration VPN Central Site Configuration Separate VPN Internet Access with VRF-Aware Tunnels (Cisco IOS XR) Separate VPN Internet Access with VRF-Aware Tunnels (Cisco IOS/XE) Redundant Internet Access via Separate VPN Multisite Internet Access via Separate VPN Wholesale Internet Access via Separate VPN Evaluation of Internet Access via Separate VPN Summary Module 4: MPLS IPv6 and Interdomain Solutions Lesson 1: Deploying IPv6 in an MPLS Environment IPv4/IPv6 Interoperability Solutions IPv6 in MPLS Environments Static IPv6-in-IPv4 Tunnels on CE Routers SPEDGE v1.2 Page 7/12

8 Using Layer 2 MPLS VPNs to Support IPv6 6PE Architecture 6PE Control Plane 6PE Data Plane Configuring 6PE Verifying 6PE 6VPE Architecture 6VPE Topology 6VPE Forwarding 6VPE Configuration Procedure Configuring 6VPE Verifying 6VPE on PE Verifying 6VPE on CE Lesson 2: Introducing MPLS Interdomain Solutions MPLS Interdomain Solutions Inter-AS Designs Inter-AS: Back-to-Back VRF Back-to-Back VRF Characteristics Inter-AS: Single-Hop MP-EBGP Single-Hop MP-EBGP Characteristics Inter-AS: Multihop MP-EBGP Multihop MP-EBGP Characteristics CSC Overview Benefits of CSC CSC Operation CSC Design Options CSC Using IGP and LDP Data Flow in CSC (IGP/LDP) CSC (IGP/LDP) Configuration Overview Configure CSC (LDP): MP-IBGP on CSC-PE Configure CSC (IGP/LDP): MPLS LDP in PE VRF Configure CSC (IGP/LDP): MP-IBGP on PE Verify LDP Session in PE VRF Verify VPN Label for CSC-PE Loopback: PE Verify Label for CSC-PE Loopback: CSC-CE Verify End Customer VPN Label: CSC-PE CSC Using MP-EBGP CSC Data Flow (MP-EBGP) Configure CSC (MP-EBGP): CSC-CE Configure CSC (MP-EBGP): PE Verify CSC (MP-EBGP): MP-EBGP Capabilities Verify CSC (MP-EBGP): Egress PE Verify CSC (MP-EBGP): Ingress PE SPEDGE v1.2 Page 8/12

9 Verify CSC (MP-EBGP): CSC-CE Verify CSC (MP-EBGP): CSC-PE Verify CSC (MP-EBGP): Customer Traffic Summary Lesson 3: Module Summary Module 5: Layer 2 VPNs Lesson 1: Introducing Layer 2 VPNs Layer 2 VPNs Layer 2 VPN Benefits Layer 2 VPN Models Layer 2 VPN Architecture Layer 2 VPN Control Plane Layer 2 VPN Data Plane: L2TPv3 Layer 2 VPN Data Plane: MPLS Layer 2 VPN Service Types AToM Example: EoMPLS AToM Interworking AToM Interworking Modes MEF Service Types Lesson 2: Implementing AToM AToM Operation AToM VC Creation Process AToM Forwarding AToM Signaling Virtual Circuit Connectivity Verification AToM MTU Considerations AToM Control Word Inter-AS AToM EoMPLS Packet Format EoMPLS Redundancy One-Way EoMPLS Redundancy Two-Way EoMPLS Redundancy Cisco EVC Infrastructure Overview AToM Configuration Procedure EoMPLS Interconnecting VLAN 11 EoMPLS Interconnecting Untagged Frames EoMPLS Rewriting VLAN Tags EoMPLS Basic Verification EoMPLS Detailed Verification In Cisco IOS XR EoMPLS Detailed Verification In Cisco IOS and IOS XE Monitoring Attachment Circuits SPEDGE v1.2 Page 9/12

10 Lesson 3: Implementing VPLS Virtual Private LAN Service VPLS Characteristics VPLS Traffic Forwarding VPLS Topology: PE View Virtual Forwarding Instance Routed VPLS VPLS Configuration Procedure VPLS Interconnecting VLAN 111 VPLS With VLAN Rewrite Configuring Routed VPLS Verifying VPLS in Cisco IOS XR Monitoring Bridge Domain in Cisco IOS XE Monitoring VFI in Cisco IOS XE Monitoring Attachment Circuits Lesson 4: Enhancing Layer 2 VPN Scalability VPLS Architectures VPLS vs. H-VPLS H-VPLS Edge: 802.1ad and QinQ H-VPLS Edge: MPLS IEEE Carrier Ethernet Standards VPLS and H-VPLS Evaluation VPLS Neighbor Discovery and Signaling H-VPLS and Autodiscovery Configuration H-VPLS with QinQ: Switches H-VPLS with QinQ: S-VLAN Rewrite H-VPLS QinQ: S-VLAN and C-VLAN Rewrite H-VPLS with 802.1ad: Switches H-VPLS with 802.1ad: S-VLAN Rewrite H-VPLS 802.1ad: S-VLAN and C-VLAN Rewrite H-VPLS with BGP Autodiscovery Verify H-VPLS Bridge Domain Verify Attachment Circuits in H-VPLS Verify Autodiscovery: BGP Capabilities Verify Autodiscovery: Layer 2 VPN VPLS Database Verify Autodiscovery: Layer 2 VPN VPLS Attributes Lab Outline Hardware Lab 1: Implement MPLS Layer 3 VPN Backbones Familiarize Yourself with the Lab Network SPEDGE v1.2 Page 10/12

11 Enable LDP and Configure VRFs on the PEs Upgrade Cisco IOS XE VRF to New Style Configure MP-BGP to Establish Routing Between the PE Routers Hardware Lab 2: Connect MPLS VPN Sites via Static, RIP, and EIGRP Configure Static Routes between the PE and CE Routers Configure RIP as the PE-CE Routing Protocol Configure Nondefault VPN Label Allocation Modes Configure EIGRP as the PE-CE Routing Protocol Filter CE Routes before Insertion to VRF Hardware Lab 3: Connect MPLS VPN Sites via BGP and OSPF Configure EBGP as the PE-CE Routing Protocol Manipulate BGP Exchange Configure OSPFv2 as the PE-CE Routing Protocol Hardware Lab 4: Overlapping and Common Services VPNs Enable Overlapping Layer 3 VPNs Enable Common Services Layer 3 VPNs Hardware Lab 5: Internet Connectivity in MPLS VPNs Provide Internet BGP Connectivity over Subinterface Connected to the Global Routing Table Establish Central Site Connectivity for Internet Access Establish Central Site Connectivity for Internet Access through a Separate MPLS VPN Hardware Lab 6: Implement 6VPE Configure IPv6 Addresses on PE-to-CE Interfaces Configure OSPFv3 Routing on PE-CE Links Enable MP-BGP for VPNv6 and VRF IPv6 Exchange and Configure Redistribution Hardware Lab 7: Implement CSC SPEDGE v1.2 Page 11/12

12 Powered by TCPDF ( Implementing Cisco Service Provider Next-Generation Edge Network Services Configure End-Customer Sites Enable LDP on PE-CE Links and Reset Nondefault VPN Label Allocation Methods on PEs Establish MP-BGP between Customer Carrier Routers Replace IGP and LDP Label Exchange by BGP Hardware Lab 8: Implement EoMPLS Configure VPWS To Interconnect VLAN 11 Configure VPWS for Untagged Frames Configure VPWS to Interconnect VLAN 12 with VLAN 21 Hardware Lab 9: Implement VPLS Configure VPLS to Interconnect VLAN 111 Configure VPLS to Interconnect VLAN 112 with VLAN 121 Configure BVI Hardware Lab 10: Enhance Layer 2 VPN Scalability Implement H-VPLS with QinQ to Transparently Bridge Customer VLAN Implement QinQ H-VPLS with Provider and Customer VLAN Rewrite Migrate QinQ to 801.1ad for the VPLS that Bridges VLAN 111 Implement 801.1ad for the VPLS that Bridges VLANs 112 and 121 (Optional) Deploy BGP Autodiscovery of VPLS Neighbors SPEDGE v1.2 Page 12/12