MPLS Configration 事例

Similar documents

MPLS. Cisco MPLS. Cisco Router Challenge 227. MPLS Introduction. The most up-to-date version of this test is at:

MPLS VPN Implementation

MPLS-based Layer 3 VPNs

MPLS/VPN Overview Cisco Systems, Inc. All rights reserved. 1

MPLS VPN. Agenda. MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) L86 - MPLS VPN

Configuring a Basic MPLS VPN

BGP Link Bandwidth. Finding Feature Information. Contents

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

Presentation_ID. 2001, Cisco Systems, Inc. All rights reserved.

Inter-Autonomous Systems for MPLS VPNs

Routing Issues in deploying MPLS VPNs. Mukhtiar Shaikh Moiz Moizuddin

MPLS Inter-AS VPNs. Configuration on Cisco Devices

Task 20.1: Configure ASBR1 Serial 0/2 to prevent DoS attacks to ASBR1 from SP1.

IPv6 over MPLS VPN. Contents. Prerequisites. Document ID: Requirements

Configuring MPLS Hub-and-Spoke Layer 3 VPNs

Notice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.

Provisioning Dial Access to MPLS VPN Integration

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

This feature was introduced. This feature was integrated in Cisco IOS Release 12.2(11)T.

Deploying MPLS-based IP VPNs Rajiv Asati Distinguished Engineer BRKMPL-2102

Exam Name: BGP + MPLS Exam Exam Type Cisco Case Studies: 3 Exam Code: Total Questions: 401

MPLS VPN Route Target Rewrite

レッドハット製品プライスリスト Red Hat Enterprise Linux2013 新製品 (ベースサブスクリプション) 更新 :2015 年 4 22

Introduction Inter-AS L3VPN

Lab 4.2 Challenge Lab: Implementing MPLS VPNs

Testing Juniper Networks M40 Router MPLS Interoperability with Cisco Systems 7513 and Routers

レッドハット製品プライスリスト Red Hat Enterprise Linux 製品 (RHEL for HPC) 更新 :2015 年 4 22

Understanding Route Aggregation in BGP

Cisco Exam Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ]

N2X Core Routing - BGP-4 MPLS VPN scenario with integrated traffic Application Note

Edge-1#show ip route Routing entry for /24. Known via "bgp 65001", distance 200, metric 0. Tag 65300, type internal

How To Import Ipv4 From Global To Global On Cisco Vrf.Net (Vf) On A Vf-Net (Virtual Private Network) On Ipv2 (Vfs) On An Ipv3 (Vv

APNIC elearning: BGP Attributes

Frame Mode MPLS Implementation

Implementing Cisco MPLS

Using the Border Gateway Protocol for Interdomain Routing

Application Note. Failover through BGP route health injection

Table of Contents. Cisco Configuring a Basic MPLS VPN

DEPLOYING MPLS-VPN. Rajiv Asati

IPv4/IPv6 Transition Mechanisms. Luka Koršič, Matjaž Straus Istenič

l.cittadini, m.cola, g.di battista

For internal circulation of BSNLonly

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software

MPLS VPN - Route Target Rewrite

Implementing Cisco MPLS

Document and entity information

Gateway of last resort is to network

BGP Multipath Load Sharing for Both ebgp and ibgp in an MPLS-VPN

Approach to build MPLS VPN using QoS capabilities

Transitioning to BGP. ISP Workshops. Last updated 24 April 2013

APNIC elearning: BGP Basics. Contact: erou03_v1.0

BGP-4 Case Studies. Nenad Krajnovic.

IMPLEMENTING CISCO MPLS V3.0 (MPLS)

BGP4 Case Studies/Tutorial

MPLS Multi-Vendor Provisioning. Presented by Brian O Sullivan Director, Product Management Dorado Software October 21, 2003

BGP Attributes and Path Selection

Multiprotocol Label Switching Load Balancing

AMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0

IMPLEMENTING CISCO MPLS V2.3 (MPLS)

Configuring Remote Access to MPLS VPN

Panasonic AC-DC Power Supply Design Support Service

OBJECTIVES This paper examines how NetFlow is implemented on logical interfaces. Logical interfaces can be divided into two groups:

Deploying and Configuring MPLS Virtual Private Networks In IP Tunnel Environments

Discover the power of reading for university learners of Japanese in New Zealand. Mitsue Tabata-Sandom Victoria University of Wellington

S ITGuru Exercise (3: Building the MPLS BGP VPN) Spring 2006

Cost Accounting 1. B r e a k e v e n A n a l y s i s. S t r a t e g y I m p l e m e n t a t i o n B a l a n c e d S c o r e c a r d s

Routing Protocol - BGP

レッドハット製品プライスリスト標準価格. Red Hat Enterprise Linux 製品 (RHEL Server)

BGP: Frequently Asked Questions

Direct Marketing Production Printing & Value-Added Services: A strategy for growth

- Border Gateway Protocol -

Fundamentals Multiprotocol Label Switching MPLS III

この外国弁護士による法律事務の取扱いに関する特別措置法施行規則の翻訳は平

UPDATE = [Withdrawn prefixes (Optional)] + [Path Attributes] + [NLRIs].

Expert Reference Series of White Papers. Cisco Service Provider Next Generation Networks

basic BGP in Huawei CLI

Implementing MPLS VPNs over IP Tunnels

BGP Terminology, Concepts, and Operation. Chapter , Cisco Systems, Inc. All rights reserved. Cisco Public

さくらインターネット研究所上級研究員日本 Vyattaユーザー会運営委員松本直人

SEC , Cisco Systems, Inc. All rights reserved.

BGP Best Path Selection Algorithm

Lab 10: Confi guring Basic Border Gateway Protocol

Configuring BGP. Cisco s BGP Implementation

Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**

How To Understand Bg

MPLS Implementation MPLS VPN

BGP Advanced Features and Enhancements

Electricity Business Act ( Act No. 170 of July 11, 1964)

Module 12 Multihoming to the Same ISP

Tackling the Challenges of MPLS VPN Testing. Todd Law Product Manager Advanced Networks Division

Fireware How To Dynamic Routing

Introducing Basic MPLS Concepts

EDB-Report. 最新 Web 脆弱性トレンドレポート( ) ~ Exploit-DB( 公開されている内容に基づいた脆弱性トレンド情報です

Expert Reference Series of White Papers. Cisco Service Provider Next Generation Networks

Advanced BGP Policy. Advanced Topics

Chapter 6: Implementing a Border Gateway Protocol Solution for ISP Connectivity

Transcription:

MPLS Configration 事例 JANOG6 MPLSパネルグローバルワン株式会社 06/16/2000 JANOG6 MPLS Pannel 1

MPLS Configration なにが必要?(Ciscoしかわかりません) IOSは12.0(7) T 以上がいい PEは3600, 4500, 7200, and 7500 PはCisco LS1010, 7200, 7500, Catalyst 8540, BPX 8650, Cisco GSR12000 っていうのが一般的なのかな? 06/16/2000 JANOG6 MPLS Pannel 2

MPLS Configration 事例 CE-S CE-3 vpn2 PE-3 PE-1 P AS:65535 PE-2 vpn1 CE-1 CE-1,2,3 : RD=65535:1001 CE-S : RD=65535:1002 CE-2 06/16/2000 JANOG6 MPLS Pannel 3 CE-SはCE-1とのみ通信可能参考 :Cisco 社資料

MPLS Configration 事例 (CE) CE router 編特別な設定は必要なし (I/F routingのみ) CE-PEでのRoutingは Staticが基本かなほかのDynamic Routing Protocolはプロバイダーと相談 06/16/2000 JANOG6 MPLS Pannel 4

MPLS Configration 事例 (CE) Sample CE-1 configuration: interface Ethernet 0 ip address 10.1.1.1 255.255.255.0 interface Serial 0 ip address 10.1.2.2 255.255.255.252 router bgp 1 no synchronization redistribute connected neighbor PE-1 remote-as 65535 neighbor PE-1 version 4 neighbor 202.216.40.1 peer-group PE-1 default-metric 100 no auto-summary CE-PE BGP or ip route 0.0.0.0 0.0.0.0 serial0 CE-PE static 06/16/2000 JANOG6 MPLS Pannel 5

MPLS Configration 事例 (PE) PE router 編 LDP(TDP)の設定 vrf(vpn Routing/Forwarding table)の設定 MP-iBGPの設定 address-family(ipv4&vpnv4)の設定 06/16/2000 JANOG6 MPLS Pannel 6

MPLS Configration 事例 (PE) TDP Router/Interface cisco(config)#tag-switching ip cisco(config-if)#tag-switching ip と書くだけ 06/16/2000 JANOG6 MPLS Pannel 7

MPLS Configration 事例 (PE) PE router 編 LDP(TDP)の設定 vrf(vpn Routing/Forwarding table)の設定 MP-iBGPの設定 address-family(ipv4&vpnv4)の設定 06/16/2000 JANOG6 MPLS Pannel 8

MPLS Configration 事例 (PE) VPN RD route-target PE-1の場合 ip vrf vpn1 rd 65535:1001 route-target both 65535:10001 route-target export 65535:1002 route-target import 65535:1002 ip vrf vpn2 rd 65535:1002 route-target both 65535:10002 PE-2の場合 ip vrf vpn1 rd 65535:1001 route-target both 65535:10001 vpn1という名前のvrfを定義する <ASN>:<32 bit number> PE-1のvrf=vpn1はこれらのRD の経路をinport/exportする 06/16/2000 JANOG6 MPLS Pannel 9

MPLS Configration 事例 (PE) I/F vrf PE-1の場合 interface Serial5/1/2 description Connect to CE-1 ip vrf forwarding vpn1 ip address 10.1.2.1 255.255.255.252 interface Serial5/1/3 description Connect to CE-S ip vrf forwarding vpn2 ip address 192.168.1.1 255.255.255.252 PE-2の場合 interface Serial8/1/1 description Connect to CE-2 ip vrf forwarding vpn1 ip address 10.1.3.1 255.255.255.252 06/16/2000 JANOG6 MPLS Pannel 10

MPLS Configration 事例 (PE) PE router 編 LDP(TDP)の設定 vrf(vpn Routing/Forwarding table)の設定 MP-iBGP ibgpの設定 address-family(ipv4&vpnv4)の設定 06/16/2000 JANOG6 MPLS Pannel 11

MPLS Configration 事例 (PE) router bgp 65535 no synchronization no bgp default ipv4 neighbor JANOG-MPLS peer-group neighbor JANOG-MPLS remote-as 65535 neighbor JANOG-MPLS update-source Loopback0 neighbor JANOG-MPLS send-community extended neighbor PE-2 peer-group JANOG-MPLS neighbor PE-3 peer-group JANOG-MPLS default-metric 100 no auto-summary 06/16/2000 JANOG6 MPLS Pannel 12

MPLS Configration 事例 (PE) PE router 編 LDP(TDP)の設定 vrf(vpn Routing/Forwarding table)の設定 MP-iBGPの設定 address-family(ipv4 family(ipv4&vpnv4) vpnv4)の設定 06/16/2000 JANOG6 MPLS Pannel 13

MPLS Configration 事例 (PE) address-family ipv4 vrf vpn1 neighbor CE-1 remote-as 1 neighbor CE-1 activate no auto-summary no synchronization exit-address-family address-family ipv4 vrf vpn1 redistribute static metric 100 no auto-summary no synchronization PE-CEでStaticを使用する場合 exit-address-family address-family vpnv4 neighbor JANOG-MPLS activate neighbor JANOG-MPLS send-community extended neighbor CE-2 peer-group JANOG-MPLS neighbor CE-3 peer-group JANOG-MPLS default-metric 100 PE-CEでBGPを使用する場合 no auto-summary 06/16/2000 JANOG6 MPLS Pannel 14 exit-address-family

MPLS Configration 事例 (PE) cisco#sh run Building configuration... Current configuration: version 12.1 service timestamps debug uptime service timestamps log datetime localtime show-timezone service password-encryption hostname zebra test boot system flash slot0:c7200-p-mz.120-6.s.bin boot system flash slot0:c7200-p-mz.121-1a.t1.bin logging console warnings logging monitor informational ip subnet-zero ip rcmd rsh-enable ip cef no ip finger no ip domain-lookup tag-switching ip ip vrf zebra rd 65501:111 route-target export 65501:111 route-target import 65501:111 clns routing interface Loopback0 ip address 10.1.1.1 255.0.0.0 interface Fddi2/0 ip address 192.168.18.1 255.255.255.0 secondary ip accounting mac-address input ip accounting mac-address output rate-limit output access-group rate-limit 100 30000000 200000 200000 conform-action transmit exceed-action drop rate-limit output access-group rate-limit 101 2000000 8000 8000 conform-action transmit exceed-action drop ip route-cache policy ip route-cache flow no ip mroute-cache ip policy route-map class no keepalive random-detect router bgp 65501 bgp redistribute-internal neighbor 202.1.1.1 remote-as 65501 neighbor 202.1.1.1 update-source FastEthernet3/0 neighbor 202.1.1.1 send-community extended neighbor 202.2.1.1 remote-as 65501 neighbor 202.2.1.1 update-source FastEthernet3/0 neighbor 202.2.1.1 send-community extended address-family ipv4 vrf zebra neighbor 202.1.1.1 remote-as 65501 neighbor 202.1.1.1 update-source FastEthernet3/0 neighbor 202.1.1.1 activate neighbor 202.1.1.1 send-community extended exit-address-family address-family vpnv4 neighbor 202.1.1.1 activate neighbor 202.1.1.1 send-community both exit-address-family 06/16/2000 JANOG6 MPLS Pannel 15

MPLS Configration 事例 ( 新機能 ) 新機能編 ASN Override Site of Origin 06/16/2000 JANOG6 MPLS Pannel 16

MPLS Configration 事例 (ASN Override) PE-1 CE-1 192.168.0.5/32 ASN: 100 PE-2 CE-2 192.168.0.3/32 ip vrf odd rd 100:1 route-target export 100:3 route-target import 100:3 interface Serial1 ip vrf forwarding odd ip address 192.168.73.7 255.255.255.0 router bgp 100 no synchronization no bgp default ipv4-unicast neighbor 192.168.0.6 remote-as 100 neighbor 192.168.0.6 update-source Loop0 neighbor 192.168.0.6 activate neighbor 192.168.0.6 next-hop-self no auto-summary address-family ipv4 vrf odd neighbor 192.168.73.3 remote-as 250 neighbor 192.168.73.3 activate neighbor 192.168.73.3 as-override no auto-summary no synchronization exit-address-family address-family vpnv4 neighbor 192.168.0.6 activate neighbor 192.168.0.6 send-community extended no auto-summary exit-address-family ASN: 250 ASN: 250 06/16/2000 JANOG6 MPLS Pannel 17 参考 :Cisco 社資料

MPLS Configration 事例 (ASN Override) 7200-1#sh ip bgp vpn all Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 100:1 (default for vrf odd) *>i192.168.0.3/32 192.168.0.7 0 0 250 i *> 192.168.0.5/32 192.168.65.5 0 0 250 i VPN-IPv4 update: RD:192.168.0.5/32 AS_PATH: 250 PE-2 performs following actions: 1- Replace last ASN with its own ASN 2- Update AS_PATH with its own ASN 3- Forward the update to CE-2 PE-1 ASN: 100 PE-2 ebgp4 update: 192.168.0.5/32 AS_PATH:100 100 ebgp4 update: 192.168.0.5/32 AS_PATH: 250 CE-1 192.168.0.5/32 3640-5#sh ip b Network Next Hop Metric LocPrf Weight Path *> 192.168.0.5/32 192.168.73.7 0 100 100 i *> 192.168.0.3/32 0.0.0.0 0 i CE-2 192.168.0.3/32 ASN: 250 ASN: 250 06/16/2000 JANOG6 MPLS Pannel 18 参考 :Cisco 社資料

MPLS Configration 事例 ( 新機能 ) 新機能編 ASN Override Site of Origin 06/16/2000 JANOG6 MPLS Pannel 19

MPLS Configration 事例 (Site of Origin) Site-1 192.168.0.5/32 CE 7200-1#sh ip route vrf odd C 192.168.65.0/24 is directly connected, Serial2 B 192.168.0.5 [20/0] via 192.168.65.5, 00:08:44, Serial2 7200-1# 7200-1#sh ip bgp vpn all Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 100:1 (default for vrf odd) *> 192.168.0.5/32 192.168.65.5 0 0 250 i 7200-1#sh ip bgp vpn all 192.168.0.5 BGP routing table entry for 100:1:192.168.0.5/32, version 17 Paths: (1 available, best #1) Advertised to non peer-group peers: 192.168.0.7 250 192.168.65.5 from 192.168.65.5 (192.168.0.5) Origin IGP, metric 0, localpref 100, valid, external, best Extended Community: SoO:100:65 RT:100:3 7200-1# PE ip vrf odd rd 100:1 route-target export 100:3 route-target import 100:3 interface Serial1 ip vrf forwarding odd ip address 192.168.65.6 255.255.255.0 router bgp 100 no synchronization no bgp default ipv4-unicast neighbor 192.168.0.7 remote-as 100 neighbor 192.168.0.7 update-source Loop0 neighbor 192.168.0.7 activate neighbor 192.168.0.7 next-hop-self no auto-summary address-family ipv4 vrf odd neighbor 192.168.65.5 remote-as 250 neighbor 192.168.65.5 activate neighbor 192.168.65.5 route-map setsoo in no auto-summary no synchronization exit-address-family address-family vpnv4 neighbor 192.168.0.7 activate neighbor 192.168.0.7 send-community extended no auto-summary exit-address-family 06/16/2000 JANOG6 MPLS Pannel route-map setsoo permit 10 20 参考 :Cisco 社資料 set extcommunity soo 100:65

MPLS Configration 事例 (Site of Origin) VPN-IPv4 update: RD:192.168.0.5/32, Next-hop=PE-1 SOO=100:65, RT=100:3, Label=(intCE1) PE-1 PE-2 intce1 ebgp4 update: 192.168.0.5/32 ebgp4 update: 192.168.0.5/32 PE-2 will not propagate the route since the update SOO is equal to the one configured for the site CE-1 192.168.0.5/32 Site-1 SOO=100:65 CE-2 06/16/2000 JANOG6 MPLS Pannel 21 参考 :Cisco 社資料

Zebra MPLS-VPN support ** MPLS-VPN PE-RR support is added. New address family vpnv4 unicast is introduced. address-family vpnv4 unicast neighobr PEER activate network A.B.C.D rd RD tag TAG exit-address-family 06/16/2000 JANOG6 MPLS Pannel 22

Zebra MPLS-VPN support To make it route-reflector, please configure it under normal router bgp ASN. router bgp 7675 no bgp default ipv4-unicast bgp router-id 10.0.0.100 bgp cluster-id 10.0.0.100 neighbor 10.0.0.1 remote-as 65535 neighbor 10.0.0.1 route-reflector-client neighbor 10.0.0.2 remote-as 65535 neighbor 10.0.0.2 route-reflector-client neighbor 10.0.0.3 remote-as 65535 neighbor 10.0.0.3 route-reflector-client address-family vpnv4 unicast neighbor 10.0.0.1 activate neighbor 10.0.0.2 activate neighbor 10.0.0.3 activate exit-address-family 06/16/2000 JANOG6 MPLS Pannel 23