Ask the Expert: Understanding MPLS L3VPN: concepts, terminology, - Page 2

ciscomoderator · ‎07-15-2013

With Vivek Ruhil

Welcome to the Cisco Support Community Ask the Expert conversation. This is an opportunity to learn and ask questions about MPLS L3VPN: concepts, terminology, control and data plane call flow with Cisco expert Vivek Ruhil.

MPLS Layer 3 VPNs use a peer-to-peer model that uses Border Gateway Protocol (BGP) to distribute VPN-related information. This highly scalable, peer-to-peer model allows enterprise subscribers to outsource routing information to service providers, resulting in significant cost savings and a reduction in operational complexity for enterprises. Service providers can then offer value-added services like Quality of Service (QoS) and Traffic Engineering, allowing network convergence that encompasses voice, video, and data.

Vivek Ruhil is a network consulting engineer who is currently serving as the Cisco consultant for Bharti. He has previously worked as a network consultant for planning, design, and implementation of service provider networks and has experience with projects ranging from VPNs (L3, L2, 6vPE) to multicast services. He has been associated with the networking industry for almost 10 years. He holds a bachelor of technology degree as well as CCDP and CCIP certifications.

Remember to use the rating system to let Vivek know if you have received an adequate response.

Vivek might not be able to answer each question due to the volume expected during this event. Remember that you can continue the conversation on the Service Provider sub-community discussion forum MPLS shortly after the event.

This event lasts through July 26, 2013. Visit this forum often to view responses to your questions and the questions of other community members.

Vivek Ruhil · ‎07-19-2013

Hi Ayush

LSP is Label Switched Path, you don't configure it. It is basically a path used by packets having similar characteristics mainly destination prefix source or the QOS value.

The below link provides a fairly good description

http://en.wikipedia.org/wiki/Label-switched_path

Adnan Khan · ‎07-23-2013

What does below command means I dont understand why EIGRP AS 1 is define under global EIGRP AS 65535 process example is :

router eigrp 65535

vrf B

address-family ipv4

autonomous-system 1

interface fa 0/1

Vivek Ruhil · ‎07-23-2013

Hi Adnan

EIGRP deployment as a PE-CE protocol is based on the address-family architecture, meaning, you define an address-family per vrf within one EIGRP process much like you do in BGP.

And, EIGRP uses AS number to identify the process. Now, if I was a PE router and I implement EIGRP with one AS then I will not be able to peer with multiple customers. Hence, I use this command "autonomous-system" under the address-family configuration mode to ensure that I match the EIGRP AS number as desired by the Customer.

So, in the above example, EIGRP 65535 is the AS number used by the Service Provider. But the end customer is using AS number as 1 and hence we set the autonomous-system to 1 so that the CE can see that this is the same process and the peering will be done.

Thanks

ghellai ferhat · ‎07-23-2013

Hi Vivek

I triyed to make mpls running under interfaces associated to vrf but it seems that it doesn't work, is there any limitation on this.

conf t

int f0/0

ip vrf forwarding test

mpls ip

ip add 1.1.1.1 255.255.255.0

no sh

ldp adjacency is successfully built and routes are exchanged but without labels !!

is there any other command I have to enter when service provider interfaces are in vrf?

Thanks

Vivek Ruhil · ‎07-23-2013

Hi

I have always seen this type of a setup in CSC environment where one side is in VRF and the other is not and that works perfectly fine.

What you have here is a slightly different setup and I don't think this is a recommended way to achieve what you want to do, i.e. IPv6 over MPLS.

I was going through the other post that you have in the MPLS Forum, and there are three possibilities:

1. Have a GRE Tunnel between the two CE routers so that you can transport IPv6 over this transparently? Ofcourse, this is not scalable but if you want only two such sites to be connected than this is the way.

2. I would recommend that if you want IPv6 over MPLS the best is to implement 6PE.

To achieve 6PE, you have to establish three things:

a. Establish an IPv6 address-family session with the CE router.

b. Establish an MP-iBGP session between the PE routers with the "send-label" option to ensure that label for IPv6 prefixes are advertised to the other end.

c. Rest your MPLS network should be running and then you should be able to have this working.

3. In case, the requirement is to have multiple such customers then I would suggest to have the approach of 6vPE.

Adnan Khan · ‎07-24-2013

ok I understand AS1 of EIGRP define under address family ipv4 I got this point but still why we have to define globally EIGRP 65535 etc. if Service provider core is using OSPF and IS-IS so why EIGRP globally. why we can't just define EIGRP under VRF and address family ipv4?

Vivek Ruhil · ‎07-24-2013

Hi Adnan

EIGRP is enabled in the global level to let the router know that EIGRP process is to be initiated in the router, however, like you mentioned about EIGRP in global level, if you look closely there is no neighborship or for that matter even any configuration in the global level under EIGRP since we are running it only for CE and hence under the VRF.

Also, to answer the last question you have to first enable the feature and then only you can associate it with a VRF.

Thanks

Adnan Khan · ‎07-24-2013

Thanks Vivek understand that:), appriciated.

kgilbert1975 · ‎07-25-2013

Hi Mr. Ruhil am desperately in need of your help in configuring a cisco 3620 series router for VPN

remote access with ios

flash:c3620-jk9s-mz.122-29.bin please help my boss is on me for this

kgilbert1975 · ‎07-25-2013

can anyone send me the vpn configuration for this ios below

flash:c3620-jk9s-mz.122-29.bin. Cant setup a group profile or tunneling info

Vivek Ruhil · ‎07-25-2013

Hi Keddian

Could you please elaborate on your requirement ? Its not very clear on what you are trying to achieve.

Regards

huangedmc · ‎07-25-2013

hi,

If we have two L3 switches connected back to back, both running MPLS, and acting as P & PE at the same time, how can I see what labels are used to forward the prefixes?

When I do a "show mpls forwarding blah", all the prefixes are listed w/ "no label" as outgoing label.

Since the two P/PE nodes are connected back to back, would they still impose inner and outer labels when packets are forwarded, or only one label?

How do I see what that label is?

thx

Vivek Ruhil · ‎07-26-2013

Hi

With this command you should be able to see the next hop label in normal scenario.

Yes even in this setup you would see label, and the value will be "pop label" on both the routers.

Can you print output of

show ip route

show mpls ldp nei

show mpls ldp bindings

pkhoudiakov · ‎07-26-2013

Hi, Vivek,

I have problem with working of VRF with DLEP Protocoll and should ask: can you help me in this case, (while DLEP is rather not the Theme of this discussion)?

Regards

fanaz2001 · ‎07-26-2013

hi vivek

ip sla monitor 12

type echo protocol ipIcmpEcho 2.2.2.2 source-ipaddr 1.1.10.1

ip sla monitor schedule 12 life forever start-time now

track 12 rtr 12 reachability

track 12 rtr 12 state

what's the different between reachability and state?

Ask the Expert: Understanding MPLS L3VPN: concepts, terminology, control and data plane call flow