Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

MPLS VPN Problem

Hello,

I want to implement MPLS VPN into my network. Now I am facing following problem:

1. In my network I have One Core router and five PE router.

2. Customer are connected from all PE router.

3. But clients are connected from L3 switch that means one connection from PE router to L3 switch and client are connected from L3 switch

PE router....................>L3 Switch............................> client

4. If I want to enable MPLS, then which interface or where i enable MPLS. In PE router or L3 switch where client is connected but i do not provide this service to all client.

Please provide solution....

Regards,

Shuvo

Everyone's tags (3)
3 ACCEPTED SOLUTIONS

Accepted Solutions
Cisco Employee

MPLS VPN Problem

Hi Shuvo,

Assuming the client is actually a  client router and the L3 switch is running ip protocols you can have:

PE----MPLS-----L3SWITCH----IPV4-----CERouter

So in this case the L3 switch becomes effectevily a CPE.

Also it depends which kind of switch you have. Not all switches can have MPLS enabled, you need to research on that.

However if you have customers not using MPLS you would need to use full mesh with all your PE routers and transport that data over gre or via traditional VPN services. Otherwise all will be via MPLS l3 VPN using vrf's.

Regards

Bronze

MPLS VPN Problem

Hi Shuvo

There are two options:-

1. Enable MPLS on L3 Switch by using MPLS IP command and create the vrf on the switch. When the CPE will connect to the switch, it must be part of some VLAN e.g.10 and corresponding to that vlan a SVI 10 need to be created and that will part of vrf.

PE--------MPLS----------Layer3Switch-(interfacevlan10-vrf)---Fa0/1(Vlan10)-------------fa0/1(CPE)

2. Another option is to use vrf lite at the switch and extend the traffic upto the PE and there after it will be part of MPLS cloud.

Hope this will help you to connect the CPE devices.

So you can either enable MPLS on layer 3 switch or can move by opting the second option.

3. There is one more option available that you can use the layer 3 swithc for the extension of vlans and create the subinterface of customers at PE router directly and add them in vrf.

regards

Shivlu Jain

Re: MPLS VPN Problem

Hi,

If i understood correctly you want to allow few client(CE1) to use MPLS service and others (CE2) will not use this service.

But even if you allow these clients (CE2) to allow these services to use then it is for your benefit because if you allow all to use these services then your core router need not to learn about all the prefixes that clients are using and other benefit is your clients can use overlapping address space  with all routers MPLS enabled. This is for your knowledge and don't take it as solution for your setup.

If you agree with above setup prepare one trunk between PE<>Switch / For each customer create one vlan on switch / For vlan created on switch configure sub-interface on PE router for that customer and enable vrf on this (so that other clients can use overlapping address space) / enable MPLS

(mpls ip command) on all interface connecting to core router. / Run mp-bgp between all PE (require full-mesh if there is no RR in your network).

Hope you understand this setup

      

Regards # Mahesh

5 REPLIES
Cisco Employee

MPLS VPN Problem

Hi Shuvo,

Assuming the client is actually a  client router and the L3 switch is running ip protocols you can have:

PE----MPLS-----L3SWITCH----IPV4-----CERouter

So in this case the L3 switch becomes effectevily a CPE.

Also it depends which kind of switch you have. Not all switches can have MPLS enabled, you need to research on that.

However if you have customers not using MPLS you would need to use full mesh with all your PE routers and transport that data over gre or via traditional VPN services. Otherwise all will be via MPLS l3 VPN using vrf's.

Regards

Bronze

MPLS VPN Problem

Hi Shuvo

There are two options:-

1. Enable MPLS on L3 Switch by using MPLS IP command and create the vrf on the switch. When the CPE will connect to the switch, it must be part of some VLAN e.g.10 and corresponding to that vlan a SVI 10 need to be created and that will part of vrf.

PE--------MPLS----------Layer3Switch-(interfacevlan10-vrf)---Fa0/1(Vlan10)-------------fa0/1(CPE)

2. Another option is to use vrf lite at the switch and extend the traffic upto the PE and there after it will be part of MPLS cloud.

Hope this will help you to connect the CPE devices.

So you can either enable MPLS on layer 3 switch or can move by opting the second option.

3. There is one more option available that you can use the layer 3 swithc for the extension of vlans and create the subinterface of customers at PE router directly and add them in vrf.

regards

Shivlu Jain

Re: MPLS VPN Problem

Hi,

If i understood correctly you want to allow few client(CE1) to use MPLS service and others (CE2) will not use this service.

But even if you allow these clients (CE2) to allow these services to use then it is for your benefit because if you allow all to use these services then your core router need not to learn about all the prefixes that clients are using and other benefit is your clients can use overlapping address space  with all routers MPLS enabled. This is for your knowledge and don't take it as solution for your setup.

If you agree with above setup prepare one trunk between PE<>Switch / For each customer create one vlan on switch / For vlan created on switch configure sub-interface on PE router for that customer and enable vrf on this (so that other clients can use overlapping address space) / enable MPLS

(mpls ip command) on all interface connecting to core router. / Run mp-bgp between all PE (require full-mesh if there is no RR in your network).

Hope you understand this setup

      

Regards # Mahesh

Community Member

Re: MPLS VPN Problem

Thanks all for providing me the idea. Now it is clear for me.

Thanks everyone.

Regards,

Shuvo

Bronze

Re: MPLS VPN Problem

Hi Shuvo

Please rate the answers if you find it good, so that it could be used by other members for quick reference.

regards

Shivlu Jain

820
Views
0
Helpful
5
Replies
CreatePlease to create content