Department of Communications and Networking. S-38.2131/3133 Networking Technology, Laboratory course A/B



Similar documents
S ITGuru Exercise (3: Building the MPLS BGP VPN) Spring 2006

MPLS-based Layer 3 VPNs

Introducing Basic MPLS Concepts

MPLS VPN over mgre. Finding Feature Information. Prerequisites for MPLS VPN over mgre

DD2491 p MPLS/BGP VPNs. Olof Hagsand KTH CSC

For internal circulation of BSNLonly

Kingston University London

Fundamentals Multiprotocol Label Switching MPLS III

Computer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS

Implementing Cisco MPLS

Notice the router names, as these are often used in MPLS terminology. The Customer Edge router a router that directly connects to a customer network.

MPLS Layer 2 VPNs Functional and Performance Testing Sample Test Plans

Exercise 4 MPLS router configuration

IMPLEMENTING CISCO MPLS V2.3 (MPLS)

MikroTik RouterOS Introduction to MPLS. Prague MUM Czech Republic 2009

MPLS VPN Services. PW, VPLS and BGP MPLS/IP VPNs

Implementing MPLS VPNs over IP Tunnels

SBSCET, Firozpur (Punjab), India

MP PLS VPN MPLS VPN. Prepared by Eng. Hussein M. Harb

Junos MPLS and VPNs (JMV)

Implementing MPLS VPNs over IP Tunnels on Cisco IOS XR Software

Implementing Cisco Service Provider Next-Generation Edge Network Services **Part of the CCNP Service Provider track**

AMPLS - Advanced Implementing and Troubleshooting MPLS VPN Networks v4.0

DD2491 p BGP-MPLS VPNs. Olof Hagsand KTH/CSC

VPLS Technology White Paper HUAWEI TECHNOLOGIES CO., LTD. Issue 01. Date

Frame Mode MPLS Implementation

MPLS-based Virtual Private Network (MPLS VPN) The VPN usually belongs to one company and has several sites interconnected across the common service

Introduction Inter-AS L3VPN

MPLS Basics. For details about MPLS architecture, refer to RFC 3031 Multiprotocol Label Switching Architecture.

Table of Contents. Cisco Configuring a Basic MPLS VPN

Internetworking II: VPNs, MPLS, and Traffic Engineering

IP/MPLS-Based VPNs Layer-3 vs. Layer-2

Network Virtualization with the Cisco Catalyst 6500/6800 Supervisor Engine 2T

ICTTEN6172A Design and configure an IP- MPLS network with virtual private network tunnelling

How Routers Forward Packets

Introduction to MPLS-based VPNs

How To Make A Network Secure

Configuring a Basic MPLS VPN

Building VPNs. Nam-Kee Tan. With IPSec and MPLS. McGraw-Hill CCIE #4307 S&

Lab 4.2 Challenge Lab: Implementing MPLS VPNs

MPLS Layer 3 and Layer 2 VPNs over an IP only Core. Rahul Aggarwal Juniper Networks. rahul@juniper.net

MPLS Implementation MPLS VPN

IMPLEMENTING CISCO MPLS V3.0 (MPLS)

IPv6 over IPv4/MPLS Networks: The 6PE approach

MPLS L2VPN (VLL) Technology White Paper

MPLS for ISPs PPPoE over VPLS. MPLS, VPLS, PPPoE

Implementing MPLS VPN in Provider's IP Backbone Luyuan Fang AT&T

Provisioning Cable Services

WAN Topologies MPLS. 2006, Cisco Systems, Inc. All rights reserved. Presentation_ID.scr Cisco Systems, Inc. All rights reserved.

UNDERSTANDING JUNOS OS NEXT-GENERATION MULTICAST VPNS

Tackling the Challenges of MPLS VPN Testing. Todd Law Product Manager Advanced Networks Division

BGP: Border Gateway Protocol

BFD. (Bidirectional Forwarding Detection) Does it work and is it worth it? Tom Scholl, AT&T Labs NANOG 45

Leveraging Advanced Load Sharing for Scaling Capacity to 100 Gbps and Beyond

INTRODUCTION TO L2VPNS

RFC 2547bis: BGP/MPLS VPN Fundamentals

Virtual Private Networks. Juha Heinänen Song Networks

Cisco Exam Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ]

MPLS VPN Security BRKSEC-2145

Testing Edge Services: VPLS over MPLS

Computer Networks I Laboratory Exercise 1

Multiprotocol Label Switching Load Balancing

Implementing VPN over MPLS

AT&T Managed IP Network Service (MIPNS) MPLS Private Network Transport Technical Configuration Guide Version 1.0

MPLS VPN Implementation

100Gigabit and Beyond: Increasing Capacity in IP/MPLS Networks Today Rahul Vir Product Line Manager Foundry Networks

White Paper. Cisco MPLS based VPNs: Equivalent to the security of Frame Relay and ATM. March 30, 2001

- Multiprotocol Label Switching -

RA-MPLS VPN Services. Kapil Kumar Network Planning & Engineering Data. Kapil.Kumar@relianceinfo.com

Guideline for setting up a functional VPN

MPLS over IP-Tunnels. Mark Townsley Distinguished Engineer. 21 February 2005

Expert Reference Series of White Papers. An Overview of MPLS VPNs: Overlay; Layer 3; and PseudoWire

Design of Virtual Private Networks with MPLS

MPLS Virtual Private Networks

PRASAD ATHUKURI Sreekavitha engineering info technology,kammam

IxNetwork TM MPLS-TP Emulation

How to setup PPTP VPN connection with DI-804HV or DI-808HV using Windows PPTP client

MPLS Applications. Karel Pouzar CCIE#20198, CCSI#31414

SEC , Cisco Systems, Inc. All rights reserved.

Configuring Network Address Translation (NAT)

Bandwidth Management in MPLS Networks

For paid computer support call

Cisco Certified Network Associate Exam. Operation of IP Data Networks. LAN Switching Technologies. IP addressing (IPv4 / IPv6)

How To Understand The Benefits Of An Mpls Network

MPLS Concepts. Overview. Objectives

Virtual Private LAN Service (VPLS) Conformance and Performance Testing Sample Test Plans

Virtual Private LAN Service on Cisco Catalyst 6500/6800 Supervisor Engine 2T

MPLS VPN Route Target Rewrite

Cisco - Configure the 1721 Router for VLANs Using a Switch Module (WIC-4ESW)

Management Software. Web Browser User s Guide AT-S106. For the AT-GS950/48 Gigabit Ethernet Smart Switch. Version Rev.

Virtual Leased Lines - Martini

MPLS VPN. Agenda. MP-BGP VPN Overview MPLS VPN Architecture MPLS VPN Basic VPNs MPLS VPN Complex VPNs MPLS VPN Configuration (Cisco) L86 - MPLS VPN

Configuring MPLS Hub-and-Spoke Layer 3 VPNs

Cisco Exam CCIE Service Provider Written Exam Version: 7.0 [ Total Questions: 107 ]

Agilent N2X Layer 2 MPLS VPN Emulation Software

Cisco Implementing Cisco Service Provider Next-Generation Egde Network Services. Version: 4.1

MPLS-TP. Future Ready. Today. Introduction. Connection Oriented Transport

Designing and Developing Scalable IP Networks

Step-by-Step Guide for Setting Up IPv6 in a Test Lab

Transcription:

Department of Communications and Networking S-38.2131/3133 Networking Technology, Laboratory course A/B Work Number 38: MPLS-VPN Basics Student Edition Preliminary Exercises and Laboratory Assignments Timo-Pekka Heikkinen, 13.3.2008 Riku-Antti Oinonen & Laura Tilli, 5.8.2012

MPLS-VPN Laboratory work 1 Preliminary Report The preliminary and final reports play a big part in this laboratory work because working in the laboratory should be pretty straight forward. Creating a VPN with Tellabs NMS is easy and shouldn t take too much time. P1 Explain briefly the main principles of MPLS technology. P2 Please explain these MPLS related concepts briefly but thoroughly: LSP LSR, LER Label switching CE, PE, P and their roles in an MPLS-network Label stacking P3 Explain step by step the creation of an LSP between two PEs. Draw a picture where you show these steps. P4 Explain how a Layer 3 MPLS VPN (full mesh) is created. Draw a simple picture of an MPLS network and show what is required for the VPN to work (routing protocols, VRFs, VPN addresses, MPLS enabled interfaces etc.). The VPN should have three sites labeled Espoo, Kotka and Lahti. Also define VRFs for all PE-routers. P5 For a normal sized packet to go through the MPLS VPN the MTUs (IP packet max. size, Ethernet MTU, MPLS max. packet size) of different interfaces along the VPN path have to be changed. In order to use traffic engineered tunnels, GRE tunnels etc. the MTU sizes (in core interfaces) have to be further increased. What size should be enough for the MTU considering the use of VPNs and TE-tunnels?

2 Laboratory Assignment In this laboratory work the students familiarize themselves with MPLS and create a point-to multipoint Layer 3 VPN and point-to-point Layer 2 VPN. This lab work also demonstrates the use of OSPF as the routing protocol between CE and PE devices. LDP is used as the signaling protocol between PE and P routers and LDP sessions will be tunneled over RSVP-signaled LSPs. The VPNs are created using Tellabs Network Management System (NMS) and its VPN Provisioning Tool. The idea is to build MPLS VPNs between three customer sites (Espoo, Kotka and Lahti) and to test the VPN connectivity with ping and traceroute. Also, Wireshark will be used to capture traffic from the core and the students will examine the captures and write a short analysis of their findings. 3 Environment A brief introduction to the devices and software used in this laboratory work is given. 3.1 Network topology The laboratory network has a core part and access parts. The MPLS core network consists of two Tellabs 8620 switches. MPLS access parts of the network consist of Tellabs three 8660 switches. Customer devices are 8620 switches. A more detailed network topology map is attached as Appendix A. 3.2 Tellabs Network Manager System The Tellabs Network Manager System consists of three different servers: Database and Management Server, Communication Server and Routemaster. In addition to the servers a workstation is needed to run the actual management software. NMS used is release SR4.0-SP2. Control LAN 10.255.4.0/24 8660 Communication Server Workstation 8620 Management LAN 10.255.0.0/24 Routemaster Database / Management Server Figure 1. Tellabs NMS configuration

3.3 Tellabs 8260 Access Switch The smaller Tellabs switches are used as P and CE devices in the laboratory network (5 devices in total in this lab work). All of the switches have 8 10/100 Mbps Ethernet interfaces and some have either 1000Base-X (Gigabit Ethernet) or STM-1 POS interfaces. Figure 2. Tellabs 8260 Access Switch with a 10/100 Mbps Ethernet module (left) and a 1000Base-X module (right). 3.4 Tellabs 8660 Edge Switch These devices function as PE-routers in the laboratory network (3 devices in total). They all have 10/100 Mbps Ethernet, STM-1 POS and 1000Base-X interfaces. Figure 3. Tellabs 8660 Edge Switch.

3.5 Exercises in laboratory Start the NMS on Workstation1 by double clicking the Toolbox-icon on the desktop. Start the Network Editor and log in to the system with the following account: Username: superuser Password: tellabs8000 3.6 Configure P1, P2, PE1, PE2 and PE3 with NMS You start at the point where all network elements and interfaces needed for this lab have been added to the Network Editor. Also, Loopback interfaces and interfaces between P and PE devices are configured with a correct IP addressing. All configuration is done under Node Manager. Select Node Manager tool by clicking the Node Manager from the toolbox and click the NE that you want to configure. 3.7 Configure OSPF Create a new OSPF process by right clicking the OSPF Process in the tree view. Enter router ID (use the loopback address as an ID) and press Create button. Click OSPF Areas button and add area 0.0.0.0. Add all networks to be advertised (use the created area): all connected networks and loopback interfaces of the NE (do not add the VPN or management addresses!). Remember to press Update button before exiting. 3.8 Activate MPLS All interfaces that are part of the MPLS core network should have MPLS activated: right click an interface in the tree view and select MPLS Interface (you can select multiple interfaces at once). Enable LDP and RSVP by ticking the appropriate boxes and then set the MTU a suitable size. Click Update and Exit. 3.9 Activate MP-iBGP sessions Before configuring BGP make sure that all planned peer-nes are up and running. Right click the root (8660) of the tree view and select BGP-4 Router from the pop-up menu. Enter the ASN of the core network as the AS Number and click Enable BGP. Set BGP router ID (you can use Copy from router ID button). Under the Neighbors tab, choose Neighbor is Tellabs 8600 Node, select the endpoints for the session (visible only after BGP has been enabled in both NEs) and click Create. Edit the local and neighbor ends under the Neighborhood tab and set the NE s loopback address as the BGP Update Source. Click Update and Exit and then edit the other endpoint. Finally activate VPNv4 Unicast Address Family and Exit. Check that the connection state is Active/Established on the Neighbors tab. 3.10 Create and connect links Select IP/MPLS Link tool by right clicking the fifth box from the toolbox and create all the links required between NEs. Give a descriptive name for the link (later you need to be able to identify what two devices it connects). Set links LSP signaling parameters: tick LDP and RSVP from LSP Signaling. Bind links to the interfaces by right clicking on the interface in the tree view and then selecting Node Editor -> Trunk Binding from the pop-up menu. Remember to bind both ends of the link!

3.11 Configure the CE devices Espoo, Kotka and Lahti Open CE device with the Node Manager tool, right click an interface in the tree view and select IP Interface. Set Interface mode to Up and give the interface an IP-address. Use private IP addresses and configure every link under different subnet. Create a new OSPF process and add area 0.0.0.0. Add link network towards PE device and loopback interface to be advertised. 3.12 Configure the VPN endpoint interface Creation of the VPN endpoint interface is similar to the creation of a normal interface. The only exceptions are that the endpoint interface should be left to shutdown mode and that the Interface Use is set to SUAP. Now create Ethernet trunks between CE and PE devices by using Ethernet 100M tool from the toolbox and bind links to correct interfaces. Endpoint interfaces must also be bound to a customer site: in node manager right click on the endpoint interface and select Node Editor Site Binding, select the appropriate site, click Update and Exit. 3.13 Create the VPN with VPN Provisioning Tool Launch the VPN Provisioning tool from the Toolbox. Select File - New VPN - IP VPN and fill in the required information: name, customer, topology, capacities, and auto generate RSVP-TE tunnels in access networks. Press OK. Add endpoint interfaces to the VPN: select the interface from the Customers tab, right click it and select Add to VPN. Edit each endpoints properties under the VPN Configuration tab. Add link network towards CE device into OSPF under OSPF tab. Under OSPF Process tab, add OSPF Process to inject routes from BGP into the customers OSPF domain by choosing Metric Type 2 External and pressing Add. After all wanted endpoints have been added and configured select Edit Create VPN Configuration. Wait until the configuration has been created successfully and then connect the VPN with Edit Connect VPN. The VPN should now be up and running. You can test it by selecting Tools Test VPN Run VPN Test or, preferably, by manually sending a ping through the VPN. 3.14 Wireshark capturing If you haven t used Wireshark before, ask the assistant for help before starting this part of the laboratory work. Start the packet capturing interface fe-0/0/12 on switch Oppilas_3 and cut all MPLS links (this does not include the management interface or the VPN endpoint interface) from PE3 router. A link can be failed by setting the link s interface to shutdown state (physical interface). Wait until all the BGP sessions have died (this can take a little while) and then put the interfaces back to no shutdown state. You can stop capturing once BGP and LDP KEEP_ALIVE -messages start showing up in Wireshark. 3.15 Create point-to-point L2VPN The objective of this section is to establish a point-to-point Layer 2 VPN between Espoo and Lahti. Disconnect IP VPN and remove it s configuration. Use Delete Wizard to remove IP VPN completely. In a Layer 2 VPN environment, PE routers have no interaction with the CE routing protocols. Delete IP address configuration from endpoint interfaces and change Connectivity Type of the physical interface from Routing to Tunneling. Change IP-addresses of CE routers so they are under same IP subnet. Use the VPN Provisioning tool and select File - New VPN - Ethernet Pseudowire Mesh. Add

endpoint interfaces to the VPN. Right click on of the endpoints under Ethernet PW and create static Pseudowire between NEs in Espoo and Lahti. Right click Pseudowire to create PW configuration and to connect it. Verify that CE router is now receiving router LSAs (Type 1) from the remote CE router and that you can send a ping through Pseudowire. Perform a traceroute between CEs. How many hops are needed to reach the remote CE router? 3.16 Wireshark capturing L2VPN Start the packet capturing between NEs PE3 and P1 and cut the link between PE3 and P2 to make sure it is not used. A link can be failed by setting the link s interface to shutdown state. Send a ping from Chili with a source address of 1.1.1.1 to Oregano (3.3.3.3) and save the capture. 4 Final Report In the final report you have to answer the following questions as well as analyze the Wireshark captures you took from the network. Do NOT attach the Wireshark capture to the final report! F1 Analyze the creation of an LSP, ibgp sessions and how the VPN-addresses are spread in the network (study the addresses in BGP messages and compare them with the addresses in OSPF messages). What kinds of messages are used in setting up an LSP? F2 Analyze the structure of the ICMP Echo message traveling through MPLS L2VPN. What is the function and size of each header? F3 Why was it necessary to shut down all interfaces from the PE router in the L3VPN Wireshark capturing part? F4 What is route distinguisher? What problem does it solve? F5 How labels do get propagated between PE routers?

Appendix A MPLS VPN Labwork, Full topology

Appendix B MPLS VPN Labwork, Address table Device Interface Address/mask Connects to P1 F1/0/0 192.168.0.1/24 P2 P1 F1/0/1 192.168.1.1/24 PE1 P1 F1/0/2 192.168.4.1/24 PE2 P1 F1/0/3 192.168.6.1/24 PE3 P1 Lo0 172.30.0.7/32 - P2 F1/0/0 192.168.0.2/24 P1 P2 F1/0/1 192.168.2.1/24 PE2 P2 F1/0/2 192.168.5.1/24 PE1 P2 F1/0/3 192.168.7.1/24 PE3 P2 Lo0 172.30.0.8/32 PE1 F13/1/0 192.168.1.2/24 P1 PE1 F13/1/1 192.168.5.2/24 P2 PE1 F13/1/2 - CE Espoo PE1 Lo0 172.30.0.9/32 - PE2 F12/1/0 192.168.2.2/24 P2 PE2 F12/1/1 192.168.4.2/24 P1 PE2 F12/1/2 - CE Kotka PE2 Lo0 172.30.0.11/32 - PE3 F12/1/0 192.168.6.2/24 P1 PE3 F12/1/1 192.168.7.2/24 P2 PE3 F12/1/2 - CE Lahti PE3 Lo0 172.30.0.13/32 - CE Espoo Lo0 1.1.1.1/32 PE1 CE Kotka Lo0 2.2.2.2/32 PE2 CE Lahti Lo0 3.3.3.3/32 PE3

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information