Re: VPN Label

mehrdad · ‎01-23-2006

Hi,

Could you please explain me how does a VPN label specify in MPLS VPNv4 by egress PE router and progagate to ingress PE router through MP-BGP? is there any documentation which is explained in detail?

I just know egress PE router sends a label to ingress PE router through MP-BGP and that label put on the stack label by ingress PE router but i don't know the procedure of producing this label and any mapping between RT and that label.

I would be appreciate if you advice me.

Thanks.

Mehrdad

mheusinger · ‎01-23-2006

Hello,

there is no mapping between the RT and the label. An RT can be the same for many routes in a VPN, but each route will have a specific VPN label.

Whenever there is an IP routing table entry (exception BGP in global IP routing) a LSR will take an unused label and assign it to it. There is no difference whether this is an entry in global routing or in a VRF - except for BGP entries in the global IP routing table.

The label is sent for all VRF learned customer routes through MBGP updates. The label is attached as an extended community. So each PE will learn the VPN label together with the BGP update, in fact as part of it.

Hope this helps! Please rate all posts.

Regards, Martin

Harold Ritter · ‎01-23-2006

Martin,

You probably meant that the label is carried in the MP_REACH_NLRI extended attribute (afi 1, safi 128) and not as an extended community.

Hope this helps,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

mheusinger · ‎01-23-2006

Hello Harold,

sorry, thank you for your correction. This is of course true.

Regards, Martin

mehrdad · ‎01-23-2006

Thank you for your reply.

I have another question , could you please explain me in detail what happened when the packet is reached to the egress PE router when it has just had VPN label (when PHP done at previous router)

I want to know how the VPN label is removeed at egress PE router and it maps to proper destination? I know it has a FIB lookup but i want to know, what happened before this lookup step.

Thank you for your help

pkhatri · ‎01-23-2006

When the packet reaches the egress PE router, it will do a FIB lookup on that label, which will tell it to pop this packet and also what VRF to associate with. Since the egress OE was the one that provided this label in the first place, it knows exactly how to deal with packets carrying this label.

Hope that helps...

Paresh

pkhatri · ‎01-23-2006

Here's an example:

PERouter#sh mpls forwarding-table vrf VRFName 172.16.0.0 255.255.0.0 detail

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

284 Untagged 172.16.0.0/16[V] 9093088680 AT2/0.20048 point2point

MAC/Encaps=0/0, MRU=1504, Tag Stack{}

VPN route: VRFName

No output feature configured

Per-packet load-sharing

PERouter#

The above is an entry on the egress PE router. In this case, the inner label will be 284. This router will see an inner label (in fact, this will be the outer label with PHP in operation) and will do this FIB lookup which will tell it a few things:

1. The label needs to be popped since the outgoing packet is supposed to untagged.

2. The packet needs to be sent out through interface atm2/0.20048

Hope that helps.

Pls remember to rate posts.

Regards,

Paresh.