background image

 

174 

Figure 52

 

Network diagram for nested VPN 

 

 

Propagation of routing information 

In a nested VPN network, routing information is propagated by using the following process: 

1.

 

After receiving VPN routes from customer CEs, a customer PE advertises VPN-IPv4 routes to the 
provider CE through MP-BGP. 

2.

 

The provider CE advertises the VPN-IPv4 routes to the provider PE through MP-BGP. 

3.

 

After receiving a VPN-IPv4 route, the provider PE keeps the customer's internal VPN information, 
and appends the customer's MPLS VPN attributes on the service provider network. It replaces the 

RD of the VPN-IPv4 route with the RD of the customer's MPLS VPN on the service provider network. 
It also adds the export route-target (ERT) attribute of the customer's MPLS VPN on the service 

provider network to the extended community attribute list of the route. The internal VPN 

information for the customer is maintained on the provider PE. 

4.

 

The provider PE advertises VPN-IPv4 routes carrying the comprehensive VPN information to the 
other PEs of the service provider. 

5.

 

After another provider PE receives the VPN-IPv4 routes, it matches the VPN-IPv4 routes to the 
import targets of its local VPNs. Each local VPN accepts routes of its own and advertises them to 
provider CEs. If a provider CE (such as CE 7 and CE 8 in 

Figure 52

) is connected to a provider PE 

through an IPv4 connection, the PE advertises IPv4 routes to the CE. If it is a VPN-IPv4 connection 

(a customer MPLS VPN network), the PE advertises VPN-IPv4 routes to the CE. 

6.

 

After receiving VPN-IPv4 routes from the provider CE, a customer PE matches those routes to local 
import targets. Each customer VPN accepts only its own routes and advertises them to connected 

customer CEs (such as CE 3, CE 4, CE 5, and CE 6 in 

Figure 52

). 

HoVPN 

Hierarchy of VPN (HoVPN), also called Hierarchy of PE (HoPE), prevents PEs from being bottlenecks and 
is applicable to large-scale VPN deployment. 

Provider PE

CE 3

CE 4

Provider MPLS 
VPN backbone

P

VPN A-1

VPN A-1

VPN A-2

CE 7

Provider PE

VPN A-2

CE 8

Customer MPLS 

VPN

Customer PE

CE 5

CE 6

VPN A-1

VPN A-2

Customer MPLS 

VPN network

Customer PE

CE 1

CE 2

VPN A

Summary of Contents for 6127XLG Blade Series

Page 1: ...HP 6127XLG Blade Switch Series MPLS Configuration Guide Part number 797711 001 Software version Release 2418P03 Document version 6W100 20150806 ...

Page 2: ...MATERIAL INCLUDING BUT NOT LIMITED TO THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE Hewlett Packard shall not be liable for errors contained herein or for incidental or consequential damages in connection with the furnishing performance or use of this material The only warranties for HP products and services are set forth in the express warranty statements accompan...

Page 3: ...ites 12 Configuration procedure 12 Displaying static LSPs 13 Static LSP configuration example 13 Network requirements 13 Configuration restrictions and guidelines 14 Configuration procedure 14 Verifying the configuration 15 Configuring LDP 16 Overview 16 Terminology 16 LDP messages 16 LDP operation 17 Label distribution and control 18 LDP GR 20 LDP NSR 21 LDP IGP synchronization 22 LDP FRR 23 Prot...

Page 4: ...efore break 56 Route pinning 57 Tunnel reoptimization 57 Automatic bandwidth adjustment 57 CRLSP backup 58 FRR 58 DiffServ aware TE 59 Bidirectional MPLS TE tunnel 61 Protocols and standards 62 MPLS TE configuration task list 62 Enabling MPLS TE 63 Configuring a tunnel interface 64 Configuring DS TE 64 Configuring an MPLS TE tunnel to use a static CRLSP 65 Configuring an MPLS TE tunnel to use a dy...

Page 5: ...nts 133 Configuration procedure 134 Verifying the configuration 136 Configuring RSVP 139 Overview 139 RSVP messages 139 CRLSP setup procedure 140 RSVP refresh mechanism 140 RSVP authentication 141 RSVP GR 141 Protocols and standards 142 RSVP configuration task list 142 Enabling RSVP 142 Configuring RSVP refresh 143 Configuring RSVP Srefresh and reliable RSVP message delivery 143 Configuring RSVP h...

Page 6: ...ested VPN 197 Configuring HoVPN 198 Configuring an OSPF sham link 199 Configuring a loopback interface 199 Redistributing the loopback interface route 200 Creating a sham link 200 Specifying the VPN label processing mode on the egress PE 201 Configuring BGP AS number substitution 201 Configuring MPLS L3VPN FRR 201 Enabling logging for BGP route flapping 204 Enabling SNMP notifications for MPLS L3V...

Page 7: ... L3VPN 291 IPv6 MPLS L3VPN configuration examples 292 Configuring IPv6 MPLS L3VPNs 292 Configuring IPv6 MPLS L3VPN inter AS option A 299 Configuring IPv6 MPLS L3VPN inter AS option C 304 Configuring IPv6 MPLS L3VPN carrier s carrier 310 Configuring an OSPFv3 sham link 317 Configuring MPLS L2VPN 323 Overview 323 Basic concepts of MPLS L2VPN 323 MPLS L2VPN network models 324 PW redundancy 325 Multi ...

Page 8: ...packet statistics for an Ethernet service instance 387 Displaying and maintaining VPLS 387 VPLS configuration examples 388 Static PW configuration example 388 LDP PW configuration example 393 BGP PW configuration example 395 BGP auto discovery LDP PW configuration example 400 H VPLS using access configuration example 404 H VPLS UPE dual homing configuration example 409 Configuring MPLS OAM 415 Ove...

Page 9: ...s 448 Configuring the MCE that uses OSPF to advertise VPN routes to the PE 448 Configuring the MCE that uses EBGP to advertise VPN routes to the PE 454 Configuring IPv6 MCE 458 Overview 458 IPv6 MCE configuration task list 458 Configuring VPN instances 458 Creating a VPN instance 458 Associating a VPN instance with an interface 459 Configuring route related attributes for a VPN instance 459 Config...

Page 10: ...etween the link layer and the network layer It can work over various link layer protocols for example PPP ATM frame relay and Ethernet to provide connection oriented services for various network layer protocols for example IPv4 IPv6 and IPX Good scalability The connection oriented switching and multilayer label stack features enable MPLS to deliver various extended services such as VPN traffic eng...

Page 11: ... are called the upstream LSR and downstream LSR along the direction of an LSP In Figure 2 LSR B is the downstream LSR of LSR A and LSR A is the upstream LSR of LSR B Figure 2 Label switched path LFIB The Label Forwarding Information Base LFIB on an MPLS network functions like the Forwarding Information Base FIB on an IP network When an LSR receives a labeled packet it searches the LFIB to obtain i...

Page 12: ...le topologies Dynamic LSP Established by a label distribution protocol also called an MPLS signaling protocol A label distribution protocol classifies FECs distributes FEC label mappings and establishes and maintains LSPs Label distribution protocols include protocols designed specifically for label distribution such as the Label Distribution Protocol LDP and protocols extended to support label di...

Page 13: ...ng a Identifies the FIB entry that matches the destination address of the packet b Adds the outgoing label 40 in this example to the packet c Forwards the labeled packet out of the interface VLAN interface 20 to the next hop LSR Router C 2 When receiving the labeled packet Router C processes the packet as follows a Identifies the LFIB entry that has an incoming label of 40 b Uses the outgoing labe...

Page 14: ...icit null label of 3 This label never appears in the label stack of packets If an incoming packet matches an LFIB entry comprising the implicit null label the penultimate node pops the top label of the packet and forwards the packet to the egress LSR The egress LSR directly forwards the packet Sometimes the egress node must use the TC field in the label to perform QoS To keep the TC information yo...

Page 15: ...s of a loopback interface as an LSR ID 3 Enter the view of the interface that needs to perform MPLS forwarding interface interface type interface number N A 4 Enable MPLS for the interface mpls enable By default MPLS is disabled on an interface Configuring MPLS MTU MPLS inserts the label stack between the link layer header and network layer header of each packet To make sure the size of MPLS label...

Page 16: ...lished by a label distribution protocol the label advertised by the egress determines how the penultimate hop processes a labeled packet If the egress advertises an implicit null label the penultimate hop directly pops the top label of a matching packet If the egress advertises an explicit null label the penultimate hop swaps the top label value of a matching packet with the explicit null label If...

Page 17: ...ate hop Configuring TTL propagation When TTL propagation is enabled the ingress node copies the TTL value of an IP packet to the TTL field of the label Each LSR on the LSP decreases the label TTL value by 1 The LSR that pops the label copies the remaining label TTL value back to the IP TTL of the packet so the IP TTL value can reflect how many hops the packet has traversed in the MPLS network The ...

Page 18: ...n the labels of an MPLS packet After TTL propagation is enabled or disabled execute the reset mpls ldp command to make the configuration take effect For more information about the reset mpls ldp command see MPLS Command Reference Enabling sending of MPLS TTL expired messages This feature enables an LSR to generate an ICMP TTL expired message upon receiving an MPLS packet with a TTL of 1 If the MPL...

Page 19: ...stics reading and specify the reading interval mpls statistics interval interval By default MPLS label statistics reading is disabled Enabling SNMP notifications for MPLS This feature enables MPLS to generate SNMP notifications The generated SNMP notifications are sent to the SNMP module For more information about SNMP notifications see Network Management and Monitoring Configuration Guide To enab...

Page 20: ... nib nib id Display usage information about NIDs display mpls nid nid value1 to nid value2 Display LSP statistics display mpls lsp statistics Display MPLS summary information display mpls summary Display ILM entries display mpls forwarding ilm label slot slot number Display NHLFE entries display mpls forwarding nhlfe nid slot slot number Clear MPLS forwarding statistics for the specified LSPs rese...

Page 21: ...abel and forwards the packet to the next hop or out of the outgoing interface Therefore on each transit node you must specify the incoming label the outgoing label and the next hop or the outgoing interface If the penultimate hop popping function is not configured an egress node pops the incoming label of a packet and performs label forwarding according to the inner label or IP forwarding Therefor...

Page 22: ... address 4 Configure the egress node of the static LSP static lsp egress lsp name in label in label You do not need to configure this command if the outgoing label configured on the penultimate hop of the static LSP is 0 or 3 Displaying static LSPs Execute display commands in any view Task Command Display static LSP information display mpls static lsp lsp name lsp name Static LSP configuration exa...

Page 23: ...static 21 1 1 0 24 10 1 1 2 On Switch C configure a static route to network 11 1 1 0 24 SwitchC system view SwitchC ip route static 11 1 1 0 255 255 255 0 20 1 1 1 3 Configure basic MPLS on the switches Configure Switch A SwitchA mpls lsr id 1 1 1 9 SwitchA interface vlan interface 2 SwitchA Vlan interface2 mpls enable SwitchA Vlan interface2 quit Configure Switch B SwitchB mpls lsr id 2 2 2 9 Swi...

Page 24: ...tch A to Switch C SwitchA ping mpls a 11 1 1 1 ipv4 21 1 1 0 24 MPLS Ping FEC 21 1 1 0 24 100 data bytes 100 bytes from 20 1 1 2 Sequence 1 time 4 ms 100 bytes from 20 1 1 2 Sequence 2 time 1 ms 100 bytes from 20 1 1 2 Sequence 3 time 1 ms 100 bytes from 20 1 1 2 Sequence 4 time 1 ms 100 bytes from 20 1 1 2 Sequence 5 time 1 ms FEC 21 1 1 0 24 ping statistics 5 packets transmitted 5 packets receiv...

Page 25: ...ytes to identity the LSR The label space number takes two bytes to identify a label space within the LSR A label space number of 0 indicates that the label space is a per platform label space A label space number other than 0 indicates a per interface label space FECs and FEC label mappings MPLS groups packets with the same characteristics such as the same destination or service class into a class...

Page 26: ...essages at the hello interval to maintain a hello adjacency If LDP receives no Hello message from a hello adjacency before the hello hold timer expires it removes the hello adjacency Establishing and maintaining LDP sessions LDP establishes a session with a peer in the following steps 1 Establishes a TCP connection with the neighbor 2 Negotiates session parameters such as LDP version label distrib...

Page 27: ... FEC label mappings to the upstream LSR without waiting for label requests The device supports only the DU mode Downstream on Demand DoD mode Sends a label request for an FEC to the downstream LSR After receiving the label request the downstream LSR distributes the FEC label mapping for that FEC to the upstream LSR NOTE A pair of upstream and downstream LSRs must use the same label advertisement m...

Page 28: ...es a label request for an FEC from its upstream LSR Ingress it continues to send a label request for the FEC to its downstream LSR Egress After the transit LSR receives a label mapping for the FEC from the egress LSR it distributes a label mapping for the FEC to the ingress Label retention mode The label retention mode specifies whether an LSR maintains a label mapping for an FEC learned from a ne...

Page 29: ...LDP GR works in the following steps 1 LSRs establish an LDP session The L flag of the Fault Tolerance TLV in their Initialization messages is set to 1 to indicate that they support LDP GR 2 When LDP restarts the GR restarter starts the MPLS Forwarding State Holding timer and marks the MPLS forwarding entries as stale When the GR helper detects that the LDP session with the GR restarter goes down i...

Page 30: ... stale MPLS forwarding entries 7 When the LDP Recovery timer expires the GR helper deletes all stale FEC label mappings LDP NSR LDP nonstop routing NSR backs up protocol states and data including LDP session and LSP information from the active process to the standby process When the LDP active process fails the standby process becomes active and takes over processing seamlessly The LDP peers are n...

Page 31: ...ocal device has distributed the label mappings to at least one peer Notification delay for LDP convergence completion By default LDP immediately sends a notification to IGP that LDP convergence has completed However immediate notifications might cause MPLS traffic forwarding interruptions in one of the following scenarios LDP peers use the Ordered label distribution control mode The device has not...

Page 32: ... LSP according to the primary route and the backup route calculated by IGP When the primary LSP operates correctly it forwards the MPLS packets When the primary LSP fails LDP directs packets to the backup LSP When packets are forwarded through the backup LSP IGP calculates the optimal path based on the new network topology When IGP route convergence occurs LDP establishes a new LSP according to th...

Page 33: ...al Resetting LDP sessions Optional Enabling SNMP notifications for LDP Enabling LDP To enable LDP you must first enable LDP globally Then enable LDP on relevant interfaces or configure IGP to automatically enable LDP on those interfaces Enabling LDP globally Step Command Remarks 1 Enter system view system view N A 2 Enable LDP for the local node or for a VPN Enable LDP for the local node and enter...

Page 34: ...Configure the Link Hello hold time mpls ldp timer hello hold timeout By default the Link Hello hold time is 15 seconds 4 Configure the Link Hello interval mpls ldp timer hello interval interval By default the Link Hello interval is five seconds Configuring Targeted Hello timers for an LDP peer Step Command Remarks 1 Enter system view system view N A 2 Enter LDP view mpls ldp N A 3 Specify an LDP p...

Page 35: ...face view interface interface type interface number N A 3 Configure the Keepalive hold time mpls ldp timer keepalive hold timeout By default the Keepalive hold time is 45 seconds 4 Configure the Keepalive interval mpls ldp timer keepalive interval interval By default the Keepalive interval is 15 seconds 5 Configure the LDP transport address mpls ldp transport address ip address interface By defaul...

Page 36: ...y using an initial delay timer and a maximum delay timer After LDP fails to establish a session with a peer LSR for the first time LDP does not start an attempt until the initial delay timer expires If the session setup fails again LDP waits for two times the initial delay before the next attempt and so forth until the maximum delay time is reached After that the maximum delay time will always tak...

Page 37: ...ration see Layer 3 IP Routing Configuration Guide Use only host routes with a 32 bit mask to establish LSPs By default LDP uses only host routes with a 32 bit mask to establish LSPs The other two methods can result in more LSPs than the default policy To change the policy be sure that the system resources and bandwidth resources are sufficient To configure an LSP generation policy Step Command Rem...

Page 38: ...ised to peers As shown in Figure 15 LSR A advertises label mappings for FECs permitted by IP prefix list B to LSR B and advertises label mappings for FECs permitted by IP prefix list C to LSR C Figure 15 Label advertisement control diagram A label advertisement policy on an LSR and a label acceptance policy on its upstream LSR can achieve the same purpose HP recommends that you use label advertise...

Page 39: ...om LSR C Figure 16 Label acceptance control diagram A label advertisement policy on an LSR and a label acceptance policy on its upstream LSR can achieve the same purpose HP recommends using the label advertisement policy to reduce network load You must create an IP prefix list before you configure a label acceptance policy For information about IP prefix list configuration see Layer 3 IP Routing C...

Page 40: ... instance view a mpls ldp b vpn instance vpn instance name N A 3 Enable loop detection loop detect By default loop detection is disabled After loop detection is enabled the device uses both the maximum hop count and the path vector methods to detect loops 4 Specify the maximum hop count maxhops hop number By default the maximum hop count is 32 5 Specify the path vector limit pv limit pv number By ...

Page 41: ...session protection is disabled Configuring LDP GR Before you configure LDP GR enable LDP on the GR restarter and GR helpers To configure LDP GR Step Command Remarks 1 Enter system view system view N A 2 Enter LDP view mpls ldp N A 3 Enable LDP GR graceful restart By default LDP GR is disabled 4 Configure the Reconnect timer for LDP GR graceful restart timer reconnect reconnect time By default the ...

Page 42: ...s ldp igp sync disable By default LDP IGP synchronization is not disabled on an interface 7 Return to system view quit N A 8 Enter LDP view mpls ldp N A 9 Optional Set the delay for LDP to notify IGP of the LDP convergence igp sync delay time By default LDP immediately notifies IGP of the LDP convergence completion 10 Optional Set the maximum delay for LDP to notify IGP of the LDP IGP synchronizat...

Page 43: ... ISIS synchronization for an IS IS process Step Command Remarks 1 Enter system view system view N A 2 Enter IS IS view isis process id N A 3 Enable LDP ISIS synchronization mpls ldp sync level 1 level 2 By default LDP ISIS synchronization is disabled 4 Return to system view quit N A 5 Enter interface view interface interface type interface number N A 6 Optional Disable LDP IGP synchronization on t...

Page 44: ...ns for LDP upon LDP session changes as defined in RFC 3815 The generated SNMP notifications are sent to the SNMP module To enable SNMP notifications for LDP Step Command Remarks 1 Enter system view system view N A 2 Enable SNMP notifications for LDP snmp agent trap enable ldp By default SNMP notifications for LDP are enabled For more information about SNMP notifications see Network Management and ...

Page 45: ...ts 1 1 1 1 0 24 and 21 1 1 0 24 can reach each other over MPLS Configure LDP to establish LSPs only for destinations 1 1 1 9 32 2 2 2 9 32 3 3 3 9 32 1 1 1 1 0 24 and 21 1 1 0 24 on Switch A Switch B and Switch C Figure 17 Network diagram Requirements analysis To ensure that the LSRs establish LSPs automatically enable LDP on each LSR To establish LDP LSPs configure a routing protocol to ensure IP...

Page 46: ...rea 0 0 0 0 network 20 1 1 0 0 0 0 255 SwitchC ospf 1 area 0 0 0 0 network 21 1 1 0 0 0 0 255 SwitchC ospf 1 area 0 0 0 0 quit SwitchC ospf 1 quit Display routing tables on the switches for example on Switch A to verify that the switches have learned the routes to each other SwitchA display ip routing table Destinations 21 Routes 21 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Dire...

Page 47: ...able SwitchB Vlan interface2 quit SwitchB interface vlan interface 3 SwitchB Vlan interface3 mpls enable SwitchB Vlan interface3 mpls ldp enable SwitchB Vlan interface3 quit Configure Switch C SwitchC mpls lsr id 3 3 3 9 SwitchC mpls ldp SwitchC ldp quit SwitchC interface vlan interface 3 SwitchC Vlan interface3 mpls enable SwitchC Vlan interface3 mpls ldp enable SwitchC Vlan interface3 quit 4 Con...

Page 48: ...tchc index 40 permit 11 1 1 0 24 SwitchC ip prefix list switchc index 50 permit 21 1 1 0 24 SwitchC mpls ldp SwitchC ldp lsp trigger prefix list switchc SwitchC ldp quit Verifying the configuration Display LDP LSP information on switches for example on Switch A SwitchA display mpls ldp lsp Status Flags stale L liberal B backup Statistics FECs 5 Ingress LSPs 3 Transit LSPs 3 Egress LSPs 2 FEC In Ou...

Page 49: ...ets transmitted 5 packets received 0 0 packet loss round trip min avg max 1 1 1 ms Label acceptance control configuration example Network requirements Two links Switch A Switch B Switch C and Switch A Switch D Switch C exist between subnets 1 1 1 1 0 24 and 21 1 1 0 24 Configure LDP to establish LSPs only for routes to subnets 1 1 1 1 0 24 and 21 1 1 0 24 Configure LDP to establish LSPs only on th...

Page 50: ...ty between them Details not shown 3 Enable MPLS and LDP Configure Switch A SwitchA system view SwitchA mpls lsr id 1 1 1 9 SwitchA mpls ldp SwitchA ldp quit SwitchA interface vlan interface 2 SwitchA Vlan interface2 mpls enable SwitchA Vlan interface2 mpls ldp enable SwitchA Vlan interface2 quit SwitchA interface vlan interface 6 SwitchA Vlan interface6 mpls enable SwitchA Vlan interface6 mpls ldp...

Page 51: ... permit 21 1 1 0 24 SwitchA mpls ldp SwitchA ldp lsp trigger prefix list switcha SwitchA ldp quit On Switch B create IP prefix list switchb and configure LDP to use only the routes permitted by the prefix list to establish LSPs SwitchB ip prefix list switchb index 10 permit 11 1 1 0 24 SwitchB ip prefix list switchb index 20 permit 21 1 1 0 24 SwitchB mpls ldp SwitchB ldp lsp trigger prefix list s...

Page 52: ...from d that denies subnet 11 1 1 0 24 Switch A uses this list to filter FEC label mappings received from Switch D SwitchC ip prefix list prefix from d index 10 deny 11 1 1 0 24 On Switch C configure label acceptance policies to filter FEC label mappings received from Switch B and Switch D SwitchC mpls ldp SwitchC ldp accept label peer 2 2 2 9 prefix list prefix from b SwitchC ldp accept label peer...

Page 53: ... 100 bytes from 10 1 1 1 Sequence 3 time 1 ms 100 bytes from 10 1 1 1 Sequence 4 time 1 ms 100 bytes from 10 1 1 1 Sequence 5 time 1 ms FEC 11 1 1 0 24 ping statistics 5 packets transmitted 5 packets received 0 0 packet loss round trip min avg max 1 1 1 ms Label advertisement control configuration example Network requirements Two links Switch A Switch B Switch C and Switch A Switch D Switch C exis...

Page 54: ... addresses and masks for interfaces including the loopback interfaces as shown in Figure 19 Details not shown 2 Configure OSPF on each switch to ensure IP connectivity between them Details not shown 3 Enable MPLS and LDP Configure Switch A SwitchA system view SwitchA mpls lsr id 1 1 1 9 SwitchA mpls ldp SwitchA ldp quit SwitchA interface vlan interface 2 SwitchA Vlan interface2 mpls enable SwitchA...

Page 55: ...ch A create IP prefix list switcha and configure LDP to use only the routes permitted by the prefix list to establish LSPs SwitchA ip prefix list switcha index 10 permit 11 1 1 0 24 SwitchA ip prefix list switcha index 20 permit 21 1 1 0 24 SwitchA mpls ldp SwitchA ldp lsp trigger prefix list switcha SwitchA ldp quit On Switch B create IP prefix list switchb and configure LDP to use only the route...

Page 56: ...prefix to b index 10 permit 21 1 1 0 24 On Switch C create an IP prefix list peer b that permits 2 2 2 9 32 Switch C uses this list to filter peers SwitchC ip prefix list peer b index 10 permit 2 2 2 9 32 On Switch C configure a label advertisement policy to advertise only the label mapping for FEC 21 1 1 0 24 to Switch B SwitchC mpls ldp SwitchC ldp advertise label prefix list prefix to b peer pe...

Page 57: ...151 L 1277 L 21 1 1 0 24 1276 10 1 1 2 Vlan int2 1276 1276 10 1 1 2 Vlan int2 SwitchB display mpls ldp lsp Status Flags stale L liberal B backup Statistics FECs 2 Ingress LSPs 2 Transit LSPs 2 Egress LSPs 0 FEC In Out Label Nexthop OutInterface 11 1 1 0 24 1277 10 1 1 1 Vlan int2 1277 1277 10 1 1 1 Vlan int2 21 1 1 0 24 1149 20 1 1 2 Vlan int3 1276 1149 20 1 1 2 Vlan int3 SwitchC display mpls ldp ...

Page 58: ...trip min avg max 1 2 8 ms Test the connectivity of the LDP LSP from Switch C to Switch A SwitchC ping mpls a 21 1 1 1 ipv4 11 1 1 0 24 MPLS Ping FEC 11 1 1 0 24 100 data bytes 100 bytes from 10 1 1 1 Sequence 1 time 1 ms 100 bytes from 10 1 1 1 Sequence 2 time 1 ms 100 bytes from 10 1 1 1 Sequence 3 time 1 ms 100 bytes from 10 1 1 1 Sequence 4 time 1 ms 100 bytes from 10 1 1 1 Sequence 5 time 1 ms...

Page 59: ...the loopback interfaces as shown in Figure 20 Details not shown 2 Configure OSPF on each switch to ensure IP connectivity between them Details not shown 3 Configure OSPF FRR by using one of the following methods Method 1 Enable OSPF FRR to calculate a backup next hop by using the LFA algorithm Configure Switch S SwitchS system view SwitchS bfd echo source ip 10 10 10 10 SwitchS ospf 1 SwitchS ospf...

Page 60: ...policy quit SwitchD ospf 1 SwitchD ospf 1 fast reroute route policy frr SwitchD ospf 1 quit 4 Enable MPLS and LDP Configure Switch S SwitchS mpls lsr id 1 1 1 1 SwitchS mpls ldp SwitchS mpls ldp quit SwitchS interface vlan interface 12 SwitchS Vlan interface12 mpls enable SwitchS Vlan interface12 mpls ldp enable SwitchS Vlan interface12 quit SwitchS interface vlan interface 13 SwitchS Vlan interfa...

Page 61: ...gure Switch S SwitchS mpls ldp SwitchS ldp lsp trigger all SwitchS ldp quit Configure Switch D SwitchD mpls ldp SwitchD ldp lsp trigger all SwitchD ldp quit Configure Switch A SwitchA mpls ldp SwitchA ldp lsp trigger all SwitchA ldp quit Verifying the configuration Verify that primary and backup LSPs have been established on Switch S SwitchS display mpls ldp lsp 21 1 1 0 24 Status Flags stale L li...

Page 62: ...cepts CRLSP Constraint based Routed Label Switched Path To establish a CRLSP you must configure routing and specify constrains such as the bandwidth and explicit paths MPLS TE tunnel A virtual point to point connection from the ingress node to the egress node Typically an MPLS TE tunnel consists of one CRLSP To deploy CRLSP backup or transmit traffic over multiple paths you need to establish multi...

Page 63: ...configured on the ingress node of an MPLS TE tunnel Bandwidth Bandwidth constraints specify the class of service and the required bandwidth for the traffic to be forwarded along the MPLS TE tunnel A link complies with the bandwidth constraints when the reservable bandwidth for the class type is greater than or equal to the bandwidth required by the class type Affinity Affinity determines which lin...

Page 64: ...eserves resources on each node along a path Extended RSVP can support MPLS label distribution and allow resource reservation information to be transmitted with label bindings This extended RSVP is called RSVP TE For more information about RSVP see Configuring RSVP Traffic forwarding After an MPLS TE tunnel is established traffic is not forwarded on the tunnel automatically You must direct the traf...

Page 65: ...djustment traffic forwarding is interrupted if the existing CRLSP is removed before a new CRLSP is established The make before break mechanism makes sure that the existing CRLSP is removed after the new CRLSP is established and the traffic is switched to the new CRLSP However this wastes bandwidth resources if some links on the old and new CRLSPs are the same It is because you need to reserve band...

Page 66: ...ges Tunnel reoptimization Tunnel reoptimization allows you to manually or dynamically trigger the ingress node to recalculate a path If the ingress node recalculates a better path it creates a new CRLSP switches traffic from the old CRLSP to the new and then deletes the old CRLSP MPLS TE uses the tunnel reoptimization function to implement dynamic CRLSP optimization For example when MPLS TE sets u...

Page 67: ... link and node failures FRR can implement 50 millisecond CRLSP failover After FRR is enabled for an MPLS TE tunnel once a link or node fails on the primary CRLSP FRR reroutes the traffic to a bypass tunnel and the ingress node attempts to set up a new CRLSP After the new CRLSP is set up traffic is forwarded on the new CRLSP CRLSP backup provides end to end path protection for a CRLSP without time ...

Page 68: ...ation DiffServ aware TE DS TE combines DiffServ and TE to optimize network resources allocation on a per service class basis DS TE defines different bandwidth constraints for class types It maps each traffic class type to the CRLSP that is constraint compliant for the class type The device supports these DS TE modes Prestandard mode HP proprietary DS TE IETF mode Complies with RFC 4124 RFC 4125 an...

Page 69: ...e to specify a CT for the traffic to be forwarded by the tunnel When configuring a static MPLS TE tunnel you can use the bandwidth keyword to specify a CT for the traffic to be forwarded along the tunnel 2 Checks whether bandwidth is enough for the CT You can use the mpls te max reservable bandwidth command on an interface to configure the bandwidth constraints of the interface The device determin...

Page 70: ...on tools and signaling protocols such as OAM and PSC A bidirectional MPLS TE tunnel includes a pair of CRLSPs in opposite directions It can be established in the following modes Co routed mode Uses the extended RSVP TE protocol to establish a bidirectional MPLS TE tunnel RSVP TE uses a Path message to advertise the labels assigned by the upstream LSR to the downstream LSR and a Resv message to adv...

Page 71: ...gure static routing or automatic route advertisement to direct traffic to the MPLS TE tunnel To configure an MPLS TE tunnel to use a CRLSP dynamically established by RSVP TE complete the following tasks 1 Enable MPLS TE and RSVP on each node and interface that the MPLS TE tunnel traverses For information about enabling RSVP see Configuring RSVP 2 Create a tunnel interface on the ingress node of th...

Page 72: ...ablished by RSVP TE support this configuration Optional Configuring MPLS TE FRR Only MPLS TE tunnels established by RSVP TE support this configuration Enabling MPLS TE Enable MPLS TE on each node and interface that the MPLS TE tunnel traverses Before you enable MPLS TE complete the following tasks Configure static routing or IGP to make sure all LSRs can reach each other Enable MPLS For informatio...

Page 73: ...mask By default a tunnel interface does not have an IP address 4 Specify the tunnel destination address destination ip address By default no tunnel destination address is specified Configuring DS TE DS TE is configurable on any node that an MPLS TE tunnel traverses To configure DS TE Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS TE view mpls te N A 3 Optional Configure the ...

Page 74: ...mpls te Execute this command on the ingress node 4 Specify the MPLS TE tunnel establishment mode as static mpls te signaling static By default MPLS TE uses RSVP TE to establish a tunnel 5 Apply the static CRLSP to the tunnel interface mpls te static cr lsp lsp name By default a tunnel does not reference any static CRLSP Configuring an MPLS TE tunnel to use a dynamic CRLSP To configure an MPLS TE t...

Page 75: ... link bandwidth for MPLS TE traffic mpls te max link bandwidth bandwidth value By default the maximum link bandwidth for MPLS TE traffic is 0 4 Configure the maximum reservable bandwidth Configure the maximum reservable bandwidth of the link BC 0 and BC 1 in RDM model of the prestandard DS TE mpls te max reservable bandwidth bandwidth value bc1 bc1 bandwidth Configure the maximum reservable bandwi...

Page 76: ... N A 2 Enter OSPF view ospf process id N A 3 Enable opaque LSA advertisement and reception opaque capability enable By default opaque LSA advertisement and reception are enabled For more information about this command see Layer 3 IP Routing Command Reference 4 Enter area view area area id N A 5 Enable MPLS TE for the OSPF area mpls te enable By default an OSPF area does not support MPLS TE Configu...

Page 77: ...nts for an MPLS TE tunnel Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS TE tunnel interface view interface tunnel tunnel number mode mpls te N A 3 Configure bandwidth required for the tunnel and specify a CT for the tunnel s traffic mpls te bandwidth ct0 ct1 ct2 ct3 bandwidth By default no bandwidth is assigned and the class type is CT 0 Configuring the affinity attribute f...

Page 78: ...e path Make sure the tunnel s ingress node and the ABR or ASBR can reach each other To configure an explicit path for a MPLS TE tunnel Step Command Remarks 1 Enter system view system view N A 2 Create an explicit path and enter its view explicit path path name By default no explicit path exists on the device 3 Enable the explicit path undo disable By default an explicit path is enabled 4 Add or mo...

Page 79: ...TE provides measures that affect the CSPF calculation You can use these measures to tune the path selection for CRLSP Configuring the metric type for path selection Each MPLS TE link has two metrics IGP metric and TE metric By planning the two metrics you can select different tunnels for different classes of traffic For example use the IGP metric to represent a link delay a smaller IGP metric valu...

Page 80: ... TE tunnel reoptimization and automatic bandwidth adjustment are not available Perform this task on the ingress node of an MPLS TE tunnel To configure route pinning Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS TE tunnel interface view interface tunnel tunnel number mode mpls te N A 3 Enable route pinning mpls te route pinning By default route pinning is disabled Configurin...

Page 81: ...ble bandwidth decrease to the maximum reservable bandwidth reaches the threshold IGP floods the TE information You can also configure the flooding interval at which bandwidth changes that cannot trigger immediate flooding are flooded This task can be performed on all nodes that the MPLS TE tunnel traverses To configure TE flooding thresholds and the flooding interval Step Command Remarks 1 Enter s...

Page 82: ... a loop has occurred according to the recorded route information To enable loop detection Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS TE tunnel interface view interface tunnel tunnel number mode mpls te N A 3 Enable loop detection mpls te loop detection By default loop detection is disabled Configuring tunnel setup retry If the ingress node fails to establish an MPLS TE t...

Page 83: ...max bw max bandwidth min bw min bandwidth To enable output rate sampling mpls te auto bandwidth collect bw frequency seconds Use either command By default automatic bandwidth adjustment and output rate sampling are disabled for an MPLS TE tunnel 6 Return to user view return N A 7 Optional Reset the automatic bandwidth adjustment reset mpls te auto bandwidth adjustment timers After this command is ...

Page 84: ...g automatic route advertisement perform the following tasks Enable OSPF or IS IS on the tunnel interface to advertise the tunnel interface address to OSPF or IS IS Enable MPLS TE for an OSPF area or an IS IS process by executing the mpls te enable command in OSPF area view or IS IS view Follow these restrictions and guidelines when you configure automatic route advertisement The destination addres...

Page 85: ...bidirectional MPLS TE tunnel complete the following tasks Disable the PHP function on both ends of the tunnel To set up a bidirectional MPLS TE tunnel in co routed mode you must specify the signaling protocol as RSVP TE and use the mpls te resv style command to configure the resources reservation style as FF for the tunnel To set up a bidirectional MPLS TE tunnel in associated mode and use RSVP TE...

Page 86: ...d tunnels established on the tunnel interface are unidirectional MPLS TE tunnels To configure an associated bidirectional MPLS TE tunnel Step Command Remarks 1 Enter system view system view N A 2 Enter MPLS TE tunnel interface view interface tunnel tunnel number mode mpls te N A 3 Configure an associated bidirectional MPLS TE tunnel mpls te bidirectional associated reverse lsp lsp name lsp name ls...

Page 87: ...w N A 2 Enter tunnel interface view of the primary CRLSP interface tunnel tunnel number mode mpls te N A 3 Enable FRR mpls te fast reroute bandwidth By default FRR is disabled If you specify the bandwidth keyword the primary CRLSP must have bandwidth protection Configuring a bypass tunnel on the PLR Overview To configure FRR you must configure bypass tunnels for primary CRLSPs on the PLR To config...

Page 88: ...s The primary CRLSP cannot be bound to the bypass tunnel The primary CRLSP can be bound to the bypass tunnel if CT 0 or no CT is specified for the bypass tunnel After binding the RRO message does not carry the bandwidth protection flag The bypass tunnel does not provide bandwidth protection for the primary CRLSP and performs best effort forwarding for traffic of the primary CRLSP No None zero Yes ...

Page 89: ...d guidelines Use bypass tunnels to protect only critical interfaces or links when bandwidth is insufficient Bypass tunnels are pre established and require extra bandwidth Make sure the bandwidth assigned to the bypass tunnel is no less than the total bandwidth needed by all primary CRLSPs to be protected by the bypass tunnel Otherwise some primary CRLSPs might not be protected by the bypass tunnel...

Page 90: ...ecify a bypass tunnel for the protected interface the current interface mpls te fast reroute bypass tunnel tunnel tunnel number By default no bypass tunnel is specified for an interface Automatically setting up bypass tunnels With auto FRR if the PLR is the penultimate node of a primary CRLSP the PLR does not create a node protection bypass tunnel for the primary CRLSP To configure auto FRR on the...

Page 91: ... does not need to use the RSVP hello mechanism or BFD to detect the node faults caused by the link faults between the PLR and the protected node You do not need to perform this task for FRR link protection To configure node fault detection Step Command Remarks 1 Enter system view system view N A 2 Enter interface view of the connecting interface between the PLR and the protected node interface int...

Page 92: ...ormation in an IS IS TEDB display isis mpls te network level 1 level 2 local lsp id lsp id process id Display IS IS tunnel interface information display isis mpls te tunnel level 1 level 2 process id Display DS TE information display mpls te ds te Display bandwidth information on MPLS TE enabled interfaces display mpls te link management bandwidth allocation interface interface type interface numb...

Page 93: ...nfigure IS IS to advertise interface addresses including the loopback interface address Configure Switch A SwitchA system view SwitchA isis 1 SwitchA isis 1 network entity 00 0005 0000 0000 0001 00 SwitchA isis 1 quit SwitchA interface vlan interface 1 SwitchA Vlan interface1 isis enable 1 SwitchA Vlan interface1 quit SwitchA interface loopback 0 SwitchA LoopBack0 isis enable 1 SwitchA LoopBack0 q...

Page 94: ...o verify that the switches have learned the routes to one another including the routes to the loopback interfaces Details not shown 3 Configure an LSR ID and enable MPLS and MPLS TE Configure Switch A SwitchA mpls lsr id 1 1 1 1 SwitchA mpls te SwitchA te quit SwitchA interface vlan interface 1 SwitchA Vlan interface1 mpls enable SwitchA Vlan interface1 mpls te enable SwitchA Vlan interface1 quit ...

Page 95: ...bandwidth 10000 SwitchC Vlan interface2 mpls te max reservable bandwidth 5000 SwitchC Vlan interface2 quit 5 Configure an MPLS TE tunnel on Switch A Configure MPLS TE tunnel interface Tunnel 0 SwitchA interface tunnel 0 mode mpls te SwitchA Tunnel0 ip address 6 1 1 1 255 255 255 0 Specify the tunnel destination address as the LSR ID of Switch C SwitchA Tunnel0 destination 3 3 3 3 Configure MPLS TE...

Page 96: ...euing Size Length Discards 0 100 0 Output queue Protocol queuing Size Length Discards 0 500 0 Output queue FIFO queuing Size Length Discards 0 75 0 Last clearing of counters Never Last 300 seconds input rate 0 bytes sec 0 bits sec 0 packets sec Last 300 seconds output rate 0 bytes sec 0 bits sec 0 packets sec Input 0 packets 0 bytes 0 drops Output 0 packets 0 bytes 0 drops Execute the display mpls...

Page 97: ...l Interface Out NHLFE StaticCR 30 SwitchA display mpls static cr lsp Name LSR Type In Out Label Out Interface State static cr lsp 1 Ingress Null 20 Vlan1 Up SwitchB display mpls static cr lsp Name LSR Type In Out Label Out Interface State static cr lsp 1 Transit 20 30 Vlan2 Up SwitchC display mpls static cr lsp Name LSR Type In Out Label Out Interface State static cr lsp1 Egress 30 Null Up Execute...

Page 98: ...s including the loopback interface address Configure Switch A SwitchA system view SwitchA isis 1 SwitchA isis 1 network entity 00 0005 0000 0000 0001 00 SwitchA isis 1 quit SwitchA interface vlan interface 1 SwitchA Vlan interface1 isis enable 1 SwitchA Vlan interface1 isis circuit level level 2 SwitchA Vlan interface1 quit SwitchA interface loopback 0 SwitchA LoopBack0 isis enable 1 SwitchA LoopB...

Page 99: ...vel level 2 SwitchC Vlan interface2 quit SwitchC interface loopback 0 SwitchC LoopBack0 isis enable 1 SwitchC LoopBack0 isis circuit level level 2 SwitchC LoopBack0 quit Configure Switch D SwitchD system view SwitchD isis 1 SwitchD isis 1 network entity 00 0005 0000 0000 0004 00 SwitchD isis 1 quit SwitchD interface vlan interface 3 SwitchD Vlan interface3 isis enable 1 SwitchD Vlan interface3 isi...

Page 100: ...Vlan interface2 mpls te enable SwitchB Vlan interface2 rsvp enable SwitchB Vlan interface2 quit Configure Switch C SwitchC mpls lsr id 3 3 3 9 SwitchC mpls te SwitchC te quit SwitchC rsvp SwitchC rsvp quit SwitchC interface vlan interface 3 SwitchC Vlan interface3 mpls enable SwitchC Vlan interface3 mpls te enable SwitchC Vlan interface3 rsvp enable SwitchC Vlan interface3 quit SwitchC interface v...

Page 101: ...ink bandwidth 10000 SwitchA Vlan interface1 mpls te max reservable bandwidth 5000 SwitchA Vlan interface1 quit Configure the maximum link bandwidth and maximum reservable bandwidth on Switch B SwitchB interface vlan interface 1 SwitchB Vlan interface1 mpls te max link bandwidth 10000 SwitchB Vlan interface1 mpls te max reservable bandwidth 5000 SwitchB Vlan interface1 quit SwitchB interface vlan i...

Page 102: ...0 24 to MPLS TE tunnel 1 SwitchA ip route static 30 1 1 2 24 tunnel 1 preference 1 Verifying the configuration Execute the display interface tunnel command on Switch A The output shows that the tunnel interface is up SwitchA display interface tunnel Tunnel1 current state UP Line protocol current state UP Description Tunnel1 Interface The Maximum Transmit Unit is 64000 Internet Address is 7 1 1 1 2...

Page 103: ...Backup LSP ID Auto Bandwidth Disabled Auto Bandwidth Freq Min Bandwidth Max Bandwidth Collected Bandwidth Execute the display ip routing table command on Switch A The output shows a static route entry with interface Tunnel 1 as the output interface Details not shown Establishing an inter AS MPLS TE tunnel with RSVP TE Network requirements Switch A and Switch B are in AS 100 Switch C and Switch D a...

Page 104: ...onfigure OSPF to advertise routes within the ASs and redistribute the direct and BGP routes into OSPF on Switch B and Switch C Configure Switch A SwitchA system view SwitchA ospf SwitchA ospf 1 area 0 SwitchA ospf 1 area 0 0 0 0 network 10 1 1 0 0 0 0 255 SwitchA ospf 1 area 0 0 0 0 network 1 1 1 9 0 0 0 0 SwitchA ospf 1 area 0 0 0 0 quit SwitchA ospf 1 quit Configure Switch B SwitchB system view ...

Page 105: ... routes to the loopback interfaces Take Switch A as an example SwitchA display ip routing table Destinations 6 Routes 6 Destination Mask Proto Pre Cost NextHop Interface 1 1 1 9 32 Direct 0 0 127 0 0 1 InLoop0 2 2 2 9 32 OSPF 10 1 10 1 1 2 Vlan1 10 1 1 0 24 Direct 0 0 10 1 1 1 Vlan1 10 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 ...

Page 106: ...24 O_ASE 150 1 10 1 1 2 Vlan1 30 1 1 0 24 O_ASE 150 1 10 1 1 2 Vlan1 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 4 Configure an LSR ID and enable MPLS MPLS TE and RSVP TE Configure Switch A SwitchA mpls lsr id 1 1 1 9 SwitchA mpls te SwitchA te quit SwitchA rsvp SwitchA rsvp quit SwitchA interface vlan interface 1 SwitchA Vlan interface1 mpls enable SwitchA V...

Page 107: ...tchC Vlan interface3 quit Configure Switch D SwitchD mpls lsr id 4 4 4 9 SwitchD mpls te SwitchD te quit SwitchD rsvp SwitchD rsvp quit SwitchD interface vlan interface 3 SwitchD Vlan interface3 mpls enable SwitchD Vlan interface3 mpls te enable SwitchD Vlan interface3 rsvp enable SwitchD Vlan interface3 quit 5 Configure OSPF TE Configure Switch A SwitchA ospf SwitchA ospf 1 opaque capability enab...

Page 108: ...idth 5000 SwitchA Vlan interface1 quit Configure the maximum link bandwidth and maximum reservable bandwidth on Switch B SwitchB interface vlan interface 1 SwitchB Vlan interface1 mpls te max link bandwidth 10000 SwitchB Vlan interface1 mpls te max reservable bandwidth 5000 SwitchB Vlan interface1 quit SwitchB interface vlan interface 2 SwitchB Vlan interface2 mpls te max link bandwidth 10000 Swit...

Page 109: ...he display interface tunnel command on Switch A The output shows that the tunnel interface is up SwitchA display interface tunnel 1 Tunnel1 current state UP Line protocol current state UP Description Tunnel1 Interface The Maximum Transmit Unit is 64000 Internet Address is 7 1 1 1 24 Primary Tunnel source unknown destination 4 4 4 9 Tunnel bandwidth 64 kbps Tunnel TTL 255 Tunnel protocol transport ...

Page 110: ...uto Bandwidth Disabled Auto Bandwidth Freq Min Bandwidth Max Bandwidth Collected Bandwidth Execute the display ip routing table command on Switch A The output shows a static route entry with interface Tunnel1 as the output interface SwitchA display ip routing table Destinations 14 Routes 14 Destination Mask Proto Pre Cost NextHop Interface 1 1 1 9 32 Direct 0 0 127 0 0 1 InLoop0 2 2 2 9 32 OSPF 10...

Page 111: ...an int3 30 1 1 1 24 Vlan int2 20 1 1 1 24 Vlan int2 20 1 1 2 24 Configuration procedure 1 Configure IP addresses and masks for interfaces Details not shown 2 Configure IS IS to advertise interface addresses including the loopback interface address For more information see Establishing an MPLS TE tunnel with RSVP TE 3 Configure an LSR ID and enable MPLS MPLS TE and RSVP TE on each switch Configure ...

Page 112: ...itchC system view SwitchC mpls lsr id 3 3 3 9 SwitchC mpls te SwitchC te quit SwitchC rsvp SwitchC rsvp quit SwitchC interface vlan interface 3 SwitchC Vlan interface3 mpls enable SwitchC Vlan interface3 mpls te enable SwitchC Vlan interface3 rsvp enable SwitchC Vlan interface3 quit SwitchC interface vlan interface 2 SwitchC Vlan interface2 mpls enable SwitchC Vlan interface2 mpls te enable Switch...

Page 113: ...rface tunnel 1 mode mpls te SwitchA Tunnel1 ip address 7 1 1 1 255 255 255 0 SwitchA Tunnel1 destination 4 4 4 9 SwitchA Tunnel1 mpls te signaling rsvp te SwitchA Tunnel1 mpls te resv style ff SwitchA Tunnel1 mpls te bidirectional co routed active SwitchA Tunnel1 quit Configure Switch D as the passive end of the co routed bidirectional tunnel SwitchD interface tunnel 4 mode mpls te SwitchD Tunnel4...

Page 114: ...ress LSR ID 1 1 1 9 Egress LSR ID 4 4 4 9 Signaling RSVP TE Static CRLSP Name Resv Style FF Tunnel mode Co routed active Reverse LSP name Reverse LSP LSR ID Reverse LSP Tunnel ID Class Type CT0 Tunnel Bandwidth 0 kbps Reserved Bandwidth 0 kbps Setup Priority 7 Holding Priority 7 Affinity Attr Mask 0 0 Explicit Path Backup Explicit Path Metric Type TE Record Route Disabled Record Label Disabled FRR...

Page 115: ...xecute the display interface tunnel command on Switch D The output shows that the tunnel interface is up SwitchD display interface tunnel Tunnel4 current state UP Line protocol current state UP Description Tunnel8 Interface The Maximum Transmit Unit is 64000 Internet Address is 8 1 1 1 24 Primary Tunnel source unknown destination 1 1 1 9 Tunnel bandwidth 64 kbps Tunnel TTL 255 Tunnel protocol tran...

Page 116: ...dwidth Setup Priority Holding Priority Affinity Attr Mask Explicit Path Backup Explicit Path Metric Type Record Route Record Label FRR Flag Bandwidth Protection Backup Bandwidth Flag Backup Bandwidth Type Backup Bandwidth Bypass Tunnel Auto Created No Route Pinning Retry Limit Retry Interval Reoptimization Reoptimization Freq Backup Type Backup LSP ID Auto Bandwidth Auto Bandwidth Freq Min Bandwid...

Page 117: ...nfiguration example Network requirements Switch A Switch B Switch C and Switch D run IS IS Use RSVP TE to establish an MPLS TE tunnel from Switch A to Switch C Enable CRLSP hot backup for the tunnel to simultaneously establish a primary CRLSP and a backup CRLSP When the primary CRLSP fails traffic is switched to the backup CRLSP Figure 31 Network diagram Switch A Loop0 Vlan int1 Switch B Switch C ...

Page 118: ... quit SwitchA rsvp SwitchA rsvp quit SwitchA interface vlan interface 1 SwitchA Vlan interface1 mpls enable SwitchA Vlan interface1 mpls te enable SwitchA Vlan interface1 rsvp enable SwitchA Vlan interface1 quit SwitchA interface vlan interface 4 SwitchA Vlan interface4 mpls enable SwitchA Vlan interface4 mpls te enable SwitchA Vlan interface4 rsvp enable SwitchA Vlan interface4 quit Configure Swi...

Page 119: ...14416 bits sec 0 packets sec 0 packets input 0 bytes 0 drops 351 packets output 3105652 bytes 0 drops Execute the display mpls lsp command on Switch A The output shows that two CRLSPs exist on the switch one with the output interface VLAN interface 1 and the other with the output interface VLAN interface 4 SwitchA display mpls lsp FEC Proto In Out Label Interface Out NHLFE 1 1 1 9 3 30106 RSVP 113...

Page 120: ...3 3 3 9 32 Flag 0x20 No FRR Node ID Fast Reroute protection None Tracert the tunnel destination 3 3 3 9 The output shows that the used CRLSP is the one that traverses Switch B SwitchA tracert a 1 1 1 9 3 3 3 9 traceroute to 3 3 3 9 3 3 3 9 from 1 1 1 9 30 hops at most 40 bytes each pac ket press CTRL_C to break 1 10 1 1 2 10 1 1 2 1 000 ms 1 000 ms 1 000 ms 2 Shut down interface VLAN interface 2 o...

Page 121: ...he link between Switch B and Switch C fails BFD can detect the failure quickly and notify RSVP TE of the failure so RSVP TE can switch traffic to the bypass tunnel Figure 32 Network diagram Table 7 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Loop0 1 1 1 1 32 Switch E Loop0 5 5 5 5 32 Vlan int1 2 1 1 1 24 Vlan int4 3 2 1 2 24 Switch B Loop0 2...

Page 122: ...it SwitchB interface vlan interface 2 SwitchB Vlan interface2 mpls enable SwitchB Vlan interface2 mpls te enable SwitchB Vlan interface2 rsvp enable SwitchB Vlan interface2 rsvp bfd enable SwitchB Vlan interface2 quit SwitchB interface vlan interface 4 SwitchB Vlan interface4 mpls enable SwitchB Vlan interface4 mpls te enable SwitchB Vlan interface4 rsvp enable SwitchB Vlan interface4 quit Configu...

Page 123: ...imum Transmit Unit is 64000 Internet Address is 9 1 1 1 24 Primary Tunnel source unknown destination 3 3 3 9 Tunnel bandwidth 64 kbps Tunnel TTL 255 Tunnel protocol transport CR_LSP Last clearing of counters Never Last 300 seconds input rate 0 bytes sec 0 bits sec 0 packets sec Last 300 seconds output rate 1911 bytes sec 15288 bits sec 0 packets sec 0 packets input 0 bytes 0 drops 1526 packets out...

Page 124: ...ace Tunnel 5 for the bypass tunnel SwitchB interface tunnel 5 mode mpls te SwitchB Tunnel5 ip address 11 1 1 1 255 255 255 0 Specify the tunnel destination address as LSR ID of Switch C SwitchB Tunnel5 destination 3 3 3 3 Specify the tunnel signaling protocol as RSVP TE SwitchB Tunnel5 mpls te signaling rsvp te Specify the explicit path to be used as by path SwitchB Tunnel5 mpls te path preference...

Page 125: ...e2 shutdown SwitchB Vlan interface2 quit Execute the display interface tunnel 4 command on Switch A to display information about the primary CRLSP The output shows that the tunnel interface is still up Details not shown Execute the display mpls te tunnel interface command on Switch A to display detailed information about the tunnel interface SwitchA display mpls te tunnel interface Tunnel Name Tun...

Page 126: ...hB te fast reroute timer 5 SwitchB te quit On the PLR bring up the protected interface VLAN interface 2 SwitchB interface vlan interface 2 SwitchB Vlan interface2 undo shutdown On Switch A execute the display interface tunnel 4 command to display information about the primary CRLSP The output shows that the tunnel interface is in up state Details not shown Wait for about 5 seconds execute the disp...

Page 127: ...n int2 3 1 1 2 24 Vlan int6 3 3 1 1 24 Vlan int5 3 4 1 2 24 Switch D Loop0 4 4 4 4 32 Switch F Loop0 6 6 6 6 32 Vlan int3 4 1 1 2 24 Vlan int6 3 3 1 2 24 Vlan int7 4 2 1 2 24 Vlan int7 4 2 1 1 24 Configuration procedure 1 Configure IP addresses and masks for interfaces Details not shown 2 Configure IS IS to advertise interface addresses including the loopback interface address Details not shown 3 ...

Page 128: ...chB Vlan interface2 quit SwitchB interface vlan interface 4 SwitchB Vlan interface4 mpls enable SwitchB Vlan interface4 mpls te enable SwitchB Vlan interface4 rsvp enable SwitchB Vlan interface4 quit SwitchB interface vlan interface 6 SwitchB Vlan interface6 mpls enable SwitchB Vlan interface6 mpls te enable SwitchB Vlan interface6 rsvp enable SwitchB Vlan interface6 quit Configure Switch C in the...

Page 129: ...dress is 10 1 1 1 24 Primary Tunnel source unknown destination 4 4 4 4 Tunnel bandwidth 64 kbps Tunnel TTL 255 Tunnel protocol transport CR_LSP Last clearing of counters Never Last 300 seconds input rate 0 bytes sec 0 bits sec 0 packets sec Last 300 seconds output rate 1911 bytes sec 15288 bits sec 0 packets sec 0 packets input 0 bytes 0 drops 1526 packets output 22356852 bytes 0 drops Execute the...

Page 130: ...terface tunnel brief on Switch B The output shows that two tunnels have been created automatically SwitchB display interface tunnel brief Brief information on interface s under route mode Link ADM administratively down Stby standby Protocol s spoofing Interface Link Protocol Main IP Description Tun50 UP UP Tun51 UP UP Execute the display mpls te tunnel interface command on Switch B to display info...

Page 131: ...isplay mpls te tunnel interface tunnel 51 Tunnel Name Tunnel 51 Tunnel State Up Main CRLSP up Shared resource CRLSP down Tunnel Attributes LSP ID 16802 Tunnel ID 51 Admin State Normal Ingress LSR ID 2 2 2 2 Egress LSR ID 3 3 3 3 Signaling RSVP TE Static CRLSP Name Resv Style SE Tunnel mode Reverse LSP name Reverse LSP LSR ID Reverse LSP Tunnel ID Class Type CT0 Tunnel Bandwidth 0 kbps Reserved Ban...

Page 132: ...e protected node is 3 1 1 1 SwitchA display rsvp lsp tunnel id 1 verbose Tunnel name Tunnel1 Destination 4 4 4 4 Source 1 1 1 1 Tunnel ID 1 LSP ID 16802 LSR type Ingress Direction Unidirectional Setup priority 7 Holding priority 7 In Label Out Label 1150 In Interface Out Interface Vlan1 Nexthop 2 1 1 2 Exclude any 0 Include Any 0 Include all 0 Average bitrate 0 kbps Maximum burst 1000 00 bytes Pat...

Page 133: ...ce Interface IP address Switch A Loop0 1 1 1 9 32 Switch D Loop0 4 4 4 9 32 Vlan int1 10 1 1 1 24 Vlan int3 30 1 1 2 24 Switch B Loop0 2 2 2 9 32 Switch C Loop0 3 3 3 9 32 Vlan int1 10 1 1 2 24 Vlan int3 30 1 1 1 24 Vlan int2 20 1 1 1 24 Vlan int2 20 1 1 2 24 Configuration procedure 1 Configure IP addresses and masks for interfaces Details not shown 2 Configure IS IS to advertise interface address...

Page 134: ...tchC isis 1 network entity 00 0005 0000 0000 0003 00 SwitchC isis 1 quit SwitchC interface vlan interface 3 SwitchC Vlan interface3 isis enable 1 SwitchC Vlan interface3 isis circuit level level 2 SwitchC Vlan interface3 quit SwitchC interface vlan interface 2 SwitchC Vlan interface2 isis enable 1 SwitchC Vlan interface2 isis circuit level level 2 SwitchC Vlan interface2 quit SwitchC interface loo...

Page 135: ...0 127 0 0 1 InLoop0 3 Configure an LSR ID enable MPLS MPLS TE and RSVP TE and configure the DS TE mode as IETF Configure Switch A SwitchA mpls lsr id 1 1 1 9 SwitchA mpls te SwitchA te ds te mode ietf SwitchA te quit SwitchA rsvp SwitchA rsvp quit SwitchA interface vlan interface 1 SwitchA Vlan interface1 mpls enable SwitchA Vlan interface1 mpls te enable SwitchA Vlan interface1 rsvp enable Switch...

Page 136: ...itchD mpls lsr id 4 4 4 9 SwitchD mpls te SwitchD te ds te mode ietf SwitchD te quit SwitchD rsvp SwitchD rsvp quit SwitchD interface vlan interface 3 SwitchD Vlan interface3 mpls enable SwitchD Vlan interface3 mpls te enable SwitchD Vlan interface3 rsvp enable SwitchD Vlan interface3 quit 4 Configure IS IS TE Configure Switch A SwitchA isis 1 SwitchA isis 1 cost style wide SwitchA isis 1 mpls te ...

Page 137: ...SwitchB Vlan interface2 quit Configure the maximum bandwidth maximum reservable bandwidth and bandwidth constraints on Switch C SwitchC interface vlan interface 3 SwitchC Vlan interface3 mpls te max link bandwidth 10000 SwitchC Vlan interface3 mpls te max reservable bandwidth rdm 10000 bc1 8000 bc2 5000 bc3 2000 SwitchC Vlan interface3 quit SwitchC interface vlan interface 2 SwitchC Vlan interface...

Page 138: ...Address is 7 1 1 1 24 Primary Tunnel source unknown destination 4 4 4 9 Tunnel bandwidth 64 kbps Tunnel TTL 255 Tunnel protocol transport CR_LSP Last clearing of counters Never Last 300 seconds input rate 0 bytes sec 0 bits sec 0 packets sec Last 300 seconds output rate 0 bytes sec 0 bits sec 0 packets sec 0 packets input 0 bytes 0 drop 0 packets output 0 bytes 0 drop Execute the display mpls te t...

Page 139: ...isplay bandwidth information on interface VLAN interface 1 SwitchA display mpls te link management bandwidth allocation interface vlan interface 1 Interface Vlan interface1 Max Link Bandwidth 10000 kbps Max Reservable Bandwidth of Prestandard RDM 0 kbps Max Reservable Bandwidth of IETF RDM 10000 kbps Max Reservable Bandwidth of IETF MAM 0 kbps Allocated Bandwidth Item Count 1 Allocated Bandwidth 0...

Page 140: ...S TE attributes Analysis For TE LSAs to be generated at least one OSPF neighbor must reach FULL state Solution 1 To resolve the problem a Use the display current configuration command to verify that MPLS TE is configured on involved interfaces b Use the debugging ospf mpls te command to verify that OSPF can receive the TE LINK establishment message c Use the display ospf peer command to verify tha...

Page 141: ...ket to the next hop or out of the outgoing interface You must specify the incoming label the outgoing label the next hop or the outgoing interface and the required bandwidth on each transit node If it is not configured with the penultimate hop popping function an egress node pops the incoming label of a packet It performs label forwarding according to the inner label or IP forwarding You are only ...

Page 142: ...ress lsp name in label in label value Use one command according to the position of a device on the network By default no static CRLSP exists Do not configure the next hop address as a local public IP address when configuring the static CRLSP on the ingress node or a transit node You do not need to execute the static cr lsp egress command on the egress node if the outgoing label configured on the p...

Page 143: ...0 SwitchA LoopBack0 isis enable 1 SwitchA LoopBack0 quit Configure Switch B SwitchB system view SwitchB isis 1 SwitchB isis 1 network entity 00 0005 0000 0000 0002 00 SwitchB isis 1 quit SwitchB interface vlan interface 1 SwitchB Vlan interface1 isis enable 1 SwitchB Vlan interface1 quit SwitchB interface vlan interface 2 SwitchB Vlan interface2 isis enable 1 SwitchB Vlan interface2 quit SwitchB i...

Page 144: ...e1 mpls te enable SwitchA Vlan interface1 quit Configure Switch B SwitchB mpls lsr id 2 2 2 2 SwitchB mpls te SwitchB te quit SwitchB interface vlan interface 1 SwitchB Vlan interface1 mpls enable SwitchB Vlan interface1 mpls te enable SwitchB Vlan interface1 quit SwitchB interface vlan interface 2 SwitchB Vlan interface2 mpls enable SwitchB Vlan interface2 mpls te enable SwitchB Vlan interface2 q...

Page 145: ...lsp egress static cr lsp 1 in label 30 6 Configure a static route on Switch A to direct traffic destined for subnet 3 2 1 0 24 to MPLS TE tunnel 0 SwitchA ip route static 3 2 1 2 24 tunnel 0 preference 1 Verifying the configuration Execute the display interface tunnel command on Switch A The output shows that the tunnel interface is up SwitchA display interface tunnel Tunnel0 Current state UP Line...

Page 146: ...x Bandwidth Collected Bandwidth Execute the display mpls lsp command or the display mpls static cr lsp command on each switch to display the static CRLSP information SwitchA display mpls lsp FEC Proto In Out Label Interface Out NHLFE 1 1 1 1 0 1 StaticCR 20 Vlan1 2 1 1 2 Local Vlan1 SwitchB display mpls lsp FEC Proto In Out Label Interface Out NHLFE StaticCR 20 30 Vlan2 3 2 1 2 Local Vlan2 SwitchC...

Page 147: ...ect 0 0 127 0 0 1 InLoop0 1 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 2 1 1 0 24 Direct 0 0 2 1 1 1 Vlan1 2 1 1 0 32 Direct 0 0 2 1 1 1 Vlan1 2 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 2 1 1 255 32 Direct 0 0 2 1 1 1 Vlan1 2 2 2 2 32 IS_L1 15 10 2 1 1 2 Vlan1 3 2 1 0 24 Static 1 0 0 0 0 0 Tun0 3 3 3 3 32 IS_L1 15 20 2 1 1 2 Vlan1 6 1 1 0 24 Direct 0 0 6 1 1 1 Tun0 6 1 1 0 32 Direct 0 0 6 1 1 1 Tun0 6 1 1...

Page 148: ... node along the path PathErr messages Sent upstream by the receiver or a transit node to report Path message processing errors to the sender They do not affect the state of the nodes along the path ResvErr messages Sent downstream by the sender or a transit node to notify the downstream nodes that an error has occurred during Resv message processing or that a reservation error has occurred because...

Page 149: ...e path states and reservation states A path state is saved in a path state block PSB and a reservation state is saved in a reservation state block RSB A PSB is created by a Path message and saves the LABEL_REQUEST object A RSB is created by a Resv message and saves the LABEL object The path states and reservation states are refreshed periodically by Path and Resv messages A state is removed if no ...

Page 150: ...es the MD5 algorithm and the authentication key to calculate a message digest for an RSVP message and inserts the message digest to the RSVP message When the receiver receives the message it performs the same calculation and compares the result with the message digest If they match the receiver accepts the message Otherwise it drops the message By carrying a sequence number in a message RSVP authe...

Page 151: ...arding entries relevant to the neighbor are removed When the recovery timer expires soft state information and forwarding entries that are not restored are removed Protocols and standards RFC 2205 Resource ReSerVation Protocol RFC 3209 RSVP TE Extensions to RSVP for LSP Tunnels RFC 2961 RSVP Refresh Overhead Reduction Extensions RSVP configuration task list Tasks at a glance Required Enabling RSVP...

Page 152: ...s enabled RSVP maintains the path and reservation states by sending Srefresh messages rather than standard refresh messages To configure Srefresh and reliable RSVP message delivery Step Command Remarks 1 Enter system view system view N A 2 Enter interface view interface interface type interface number N A 3 Enable Srefresh and reliable RSVP message delivery rsvp reduction srefresh reliability By d...

Page 153: ...he device determines the neighbor is in fault If GR is configured the device serves as a GR helper to help the neighbor to restart If FRR is configured the device performs an FRR For more information about FRR see Configuring MPLS TE To configure RSVP hello extension Step Command Remarks 1 Enter system view system view N A 2 Enter RSVP view rsvp N A 3 Configure the maximum number of consecutive lo...

Page 154: ...nfigure the idle timeout for the RSVP security associations with the RSVP neighbor authentication lifetime life time By default the idle timeout is 1800 seconds 30 minutes 7 Specify the maximum number of out of sequence RSVP authentication messages that can be received from the RSVP neighbor authentication window size number By default only one RSVP authenticated message can be received out of seq...

Page 155: ...y associations authentication lifetime life time By default the idle timeout is 1800 seconds 30 minutes 6 Specify the global RSVP authentication window size the maximum number of RSVP authenticated messages that can be received out of sequence authentication window size number By default only one RSVP authenticated message can be received out of sequence Specifying a DSCP value for outgoing RSVP p...

Page 156: ...ce type interface number You must enable RSVP on the interface 3 Enable BFD for the RSVP neighbor on the interface rsvp bfd enable By default RSVP BFD is disabled Displaying and maintaining RSVP Execute display commands in any view and reset commands in user view Task Command Display RSVP information display rsvp interface interface type interface number Display information about the security asso...

Page 157: ...rom ip address to ip address Clear RSVP statistics reset rsvp statistics interface interface type interface number RSVP configuration examples Establishing an MPLS TE tunnel with RSVP TE Network requirements Switch A Switch B Switch C and Switch D run IS IS Use RSVP TE to create an MPLS TE tunnel from Switch A to Switch D Figure 37 Network diagram Table 10 Interface and IP address assignment Devic...

Page 158: ...SwitchB interface vlan interface 1 SwitchB Vlan interface1 isis enable 1 SwitchB Vlan interface1 quit SwitchB interface vlan interface 2 SwitchB Vlan interface2 isis enable 1 SwitchB Vlan interface2 quit SwitchB interface loopback 0 SwitchB LoopBack0 isis enable 1 SwitchB LoopBack0 quit Configure Switch C SwitchC system view SwitchC isis 1 SwitchC isis 1 network entity 00 0005 0000 0000 0003 00 Sw...

Page 159: ...SwitchA Vlan interface1 mpls te enable SwitchA Vlan interface1 rsvp enable SwitchA Vlan interface1 quit Configure Switch B SwitchB mpls lsr id 2 2 2 9 SwitchB mpls te SwitchB te quit SwitchB rsvp SwitchB rsvp quit SwitchB interface vlan interface 1 SwitchB Vlan interface1 mpls enable SwitchB Vlan interface1 mpls te enable SwitchB Vlan interface1 rsvp enable SwitchB Vlan interface1 quit SwitchB int...

Page 160: ...h D SwitchA Tunnel1 destination 4 4 4 9 Configure MPLS TE to use RSVP TE to establish the tunnel SwitchA Tunnel1 mpls te signaling rsvp te SwitchA Tunnel1 quit 5 Configure a static route on Switch A to direct the traffic destined for subnet 30 1 1 0 24 to the MPLS TE tunnel 1 for forwarding SwitchA ip route static 30 1 1 2 24 tunnel 1 preference 1 Verifying the configuration Execute the display in...

Page 161: ...ity 7 Affinity Attr Mask 0 0 Explicit Path Backup Explicit Path Metric Type TE Record Route Disabled Record Label Disabled FRR Flag Disabled Backup Bandwidth Flag Disabled Backup Bandwidth Type Backup Bandwidth Route Pinning Disabled Retry Limit 10 Retry Interval 2 sec Reoptimization Disabled Reoptimization Freq Backup Type None Backup LSP ID Auto Bandwidth Disabled Auto Bandwidth Freq Min Bandwid...

Page 162: ...interface1 mpls te enable SwitchA Vlan interface1 rsvp enable SwitchA Vlan interface1 rsvp hello enable SwitchA Vlan interface1 quit Configure Switch B SwitchB system view SwitchB mpls lsr id 2 2 2 9 SwitchB mpls te SwitchB te quit SwitchB rsvp SwitchB rsvp quit SwitchB mpls interface vlan interface 1 SwitchB Vlan interface1 mpls enable SwitchB Vlan interface1 mpls te enable SwitchB Vlan interface...

Page 163: ...p SwitchA rsvp graceful restart enable Configure Switch B SwitchB rsvp SwitchB rsvp graceful restart enable Configure Switch C SwitchC rsvp SwitchC rsvp graceful restart enable Verifying the configuration After a tunnel is established from Switch A and Switch C execute the following command on Switch A SwitchA display rsvp peer verbose Peer 10 1 1 2 Interface Vlan1 Hello state Up Hello type Active...

Page 164: ...nd tunnel is used and so forth No load balancing will be performed on these tunnels This method explicitly specifies an MPLS TE tunnel for an MPLS VPN facilitating traffic planning HP recommends that you use this method To select multiple tunnels for load sharing create a tunnel policy and specify the tunnel selection order and the number of tunnels by using the select seq load balance number comm...

Page 165: ...tunnels The transmission delays on different tunnels can greatly vary Therefore the destination device or the upper layer application might take a great time to sequence the packets HP recommends not using the second method Configuration procedure To configure a tunnel policy Step Command Remarks 1 Enter system view system view N A 2 Create a tunnel policy and enter tunnel policy view tunnel polic...

Page 166: ...edte1 PE1 tunnel policy preferredte1 preferred path tunnel 1 PE1 tunnel policy preferredte1 quit 2 Configure MPLS VPN instances and apply the tunnel policy to the VPN instances Create MPLS VPN instance vpna and apply tunnel policy preferredte1 to it PE1 ip vpn instance vpna PE1 vpn instance vpna route distinguisher 100 1 PE1 vpn instance vpna vpn target 100 1 PE1 vpn instance vpna tnl policy prefe...

Page 167: ...ne tunnel in LDP LSP MPLS TE order for this VPN Configuration procedure Create tunnel policy seq lsp te PE1 system view PE1 tunnel policy seq lsp te Specify the tunnel selection order and set the number of tunnels for load balancing to 1 no load balancing PE1 tunnel policy seq lsp te select seq lsp cr lsp load balance number 1 PE1 tunnel policy seq lsp te quit Create MPLS VPN instance vpna and app...

Page 168: ...policy select lsp select seq lsp cr lsp load balance number 1 PE1 tunnel policy select lsp quit 2 Configure MPLS VPN instances and apply tunnel policies to the VPN instances Create MPLS VPN instances vpna and vpnb and apply tunnel policy preferredte1 to them PE1 ip vpn instance vpna PE1 vpn instance vpna route distinguisher 100 1 PE1 vpn instance vpna vpn target 100 1 PE1 vpn instance vpna tnl pol...

Page 169: ...S VPN instance vpne and apply tunnel policy select lsp to it PE1 ip vpn instance vpne PE1 vpn instance vpne route distinguisher 100 5 PE1 vpn instance vpne vpn target 100 5 PE1 vpn instance vpne tnl policy select lsp ...

Page 170: ...MPLS L3VPN architecture has the following types of devices Customer edge device A CE device resides on a customer network and has one or more interfaces directly connected to a service provider network It does not support VPN or MPLS Provider edge device A PE device resides at the edge of a service provider network and connects to one or more CEs All MPLS VPN services are processed on PEs Provider...

Page 171: ...ding Information Base LFIB An IP routing table Interfaces bound to the VPN instance VPN instance administration information including route distinguishers RDs route targets RTs and route filtering policies To associate a site with a VPN instance bind the VPN instance to the PE s interface connected to the site A site can be associated with only one VPN instance and different sites can associate wi...

Page 172: ... routes learned from directly connected sites before advertising them to other PEs Import target attribute A PE checks the export target attribute of VPN IPv4 routes received from other PEs If the export target attribute matches the import target attribute of a VPN instance the PE adds the routes to the routing table of the VPN instance Route target attributes define which sites can receive VPN IP...

Page 173: ...fies the public tunnel from the local PE to the remote PE The public tunnel can be an LSP or an MPLS TE tunnel Based on the outer tag a VPN packet can be forwarded along the public tunnel to the remote PE For an LSP or MPLS TE tunnel the outer tag is an MPLS label Inner label Identifies the remote VPN site The remote PE uses the inner label to forward packets to the target VPN site MP BGP advertis...

Page 174: ...ng scheme In the simplest case all users in a VPN form a closed user group They can forward traffic to each other but cannot communicate with any user outside the VPN For the basic VPN networking scheme you must assign a route target to each VPN for identifying the export target attribute and import target attribute of the VPN Moreover this route target cannot be used by any other VPNs Figure 43 N...

Page 175: ...h other through the hub site The import target attribute of a spoke PE is different from the export target attribute of any other spoke PE Therefore any two spoke PEs cannot directly advertise VPN IPv4 routes to each other or directly access each other Figure 44 Network diagram for hub and spoke network A route in Site 1 is advertised to Site 2 by using the following process 1 Spoke CE 1 advertise...

Page 176: ...can communicate with each other and Site 2 of VPN 2 and Site 3 of VPN 1 can communicate with each other PE 3 advertises neither the VPN IPv4 routes received from PE 1 to PE 2 nor the VPN IPv4 routes received from PE 2 to PE 1 routes learned from an IBGP neighbor are not advertised to any other IBGP neighbor Therefore Site 1 of VPN 1 and Site 2 of VPN 2 cannot communicate with each other Inter AS V...

Page 177: ...ort target attribute matches the export target attribute of the routes b Advertises the routes as IPv4 unicast routes to its CE ASBR 2 through EBGP 3 ASBR 2 adds the IPv4 unicast routes to the routing table of the VPN instance bound to the receiving subinterface and advertises the routes to PE 3 through MP IBGP 4 PE 3 advertises the received routes to CE 3 Packets forwarded within an AS are VPN pa...

Page 178: ...ates the received packet with two labels and forwards the encapsulated packet to ASBR 2 The two labels are the inner label for the VPN L3 and the outer tag for the public tunnel from PE 3 to ASBR 2 2 ASBR 2 removes the outer tag replaces L3 with L2 and forwards the packet to ASBR 1 Packets between ASBR 1 and ASBR 2 carry only one inner label 3 ASBR 1 replaces L2 with L1 adds the outer tag of the p...

Page 179: ...following process 1 PE 1 advertises the VPN routes learned from CE 1 as VPN IPv4 routes to PE 3 through multihop MP EBGP Assume that the inner label assigned by PE 1 for the routes is Lx 2 PE 3 advertises the received routes to CE 3 Setting up an inter AS public tunnel is difficult in this solution A public tunnel for example the one from PE 3 to PE 1 is set up by using the following process 1 Wit...

Page 180: ...s the route to ASBR 2 with outgoing label Lv and encapsulates the packet with label Lv as the outmost label 2 AS 200 transmits the packet to ASBR 2 by the outmost label 3 ASBR 2 removes the outmost label replaces L3 with L2 and forwards the packet to ASBR 1 4 ASBR 1 replaces L2 with L1 and forwards the packet 5 AS 100 transmits the packet to PE 1 by the outer label 6 PE 1 removes the outer label a...

Page 181: ...abels If the PE and the CE are in a same AS you must configure IGP and LDP between them If they are in different ASs you must configure MP EBGP to assign labels to IPv4 unicast routes exchanged between them You must enable MPLS on the CE of the Level 2 carrier regardless of whether the PE and CE are in the same AS A Level 2 carrier can be an ordinary ISP or an MPLS L3VPN service provider As shown ...

Page 182: ...e is a customer VPN named VPN A The customer VPN contains two sub VPNs VPN A 1 and VPN A 2 The service provider PEs consider the customer s network as a common VPN user and do not join any sub VPNs The service provider CE devices CE 1 and CE 2 exchange VPNv4 routes including sub VPN routing information with the service provider PEs which implements the propagation of the sub VPN routing informatio...

Page 183: ...carrying the comprehensive VPN information to the other PEs of the service provider 5 After another provider PE receives the VPN IPv4 routes it matches the VPN IPv4 routes to the import targets of its local VPNs Each local VPN accepts routes of its own and advertises them to provider CEs If a provider CE such as CE 7 and CE 8 in Figure 52 is connected to a provider PE through an IPv4 connection th...

Page 184: ...PEs and is in the internal network It manages and advertises VPN routes It maintains all the routes of the VPNs connected through UPEs including the routes of both the local and remote sites An SPE advertises routes along with labels to UPEs including the default routes of VPN instances or summary routes and the routes permitted by the routing policy By using routing policies you can control which...

Page 185: ...tiple OSPF instances to create independent routing tables for VPN instances Each OSPF process is bound to a VPN instance Routes learned by an OSPF process are added into the routing table of the bound VPN instance OSPF area configuration between a PE and a CE The OSPF area between a PE and a CE can be either a non backbone area or a backbone area In the OSPF VPN extension application the MPLS VPN ...

Page 186: ...As Type 7 After a domain ID is configured VPN 1 routes are advertised from CE 1 1 to CE 21 and CE 22 by using the following process 3 PE 1 redistributes OSPF routes into BGP adds the domain ID to the redistributed BGP VPNv4 routes as a BGP extended community attribute and advertises the routes to PE 2 4 PE 2 compares the domain ID in the received routes with the locally configured domain ID If the...

Page 187: ... The route is an inter area route if the two PEs have the same domain ID configured for the OSPF process of VPN 1 External route The route is an external route if the two PEs have no or different domain IDs configured for the OSPF process of VPN 1 A route directly connected through CEs Intra area route which is called a backdoor link The inter area route priority is lower than the intra area route...

Page 188: ...tutes its own AS number 100 for the AS number 800 In this way CE 2 can correctly receive the routing information from CE 1 However the AS number substitution feature also introduces a routing loop in Site 2 because route updates originated from CE 3 can be advertised back to Site 2 through PE 2 and CE 2 To remove the routing loop you can configure a routing policy on PE 2 to add the SoO attribute ...

Page 189: ... fails the traffic goes through the path CE 1 PE 1 PE 3 CE 2 In this scenario PE 1 is responsible for primary link detection and traffic switchover For more information about BFD for LSPs or MPLS TE tunnels see Configuring MPLS OAM VPNv4 route backup for an IPv4 route Figure 60 Network diagram As shown in Figure 60 configure FRR on the egress node PE 2 and specify the backup next hop for VPN 1 as ...

Page 190: ...primary link and the IPv4 route as the backup link Configure BFD for LSPs or MPLS TE tunnels on PE 2 to detect the connectivity of the public tunnel from PE 2 to PE 3 When the tunnel operates correctly traffic from CE 1 to CE 2 goes through the path CE 1 PE 1 PE 2 PE 3 CE 2 When the tunnel fails the traffic goes through the path CE 1 PE 1 PE 2 CE 2 In this scenario PE 2 is responsible for primary ...

Page 191: ...PEs Optional Configuring BGP VPNv4 route control Configuration prerequisites Before you configure basic MPLS L3VPN perform the following tasks Configure an IGP for the MPLS backbone on the PEs and Ps to achieve IP connectivity Configure basic MPLS for the MPLS backbone Configure MPLS LDP for the MPLS backbone so that LDP LSPs can be established Configuring VPN instances VPN instances isolate VPN r...

Page 192: ...2 Enter interface view interface interface type interface number N A 3 Associate a VPN instance with the interface ip binding vpn instance vpn instance name By default no VPN instance is associated with an interface The ip binding vpn instance command deletes the IP address of the current interface You must re configure an IP address for the interface after configuring the command Configuring rout...

Page 193: ...ion Guide 6 Apply an export routing policy export route policy route policy By default routes to be advertised are not filtered The specified routing policy must have been created For information about routing policies see Layer 3 IP Routing Configuration Guide 7 Apply a tunnel policy to the VPN instance tnl policy tunnel policy name By default only one tunnel is selected no load balancing in this...

Page 194: ... a RIP process for a VPN instance and enter RIP view rip process id vpn instance vpn instance name Perform this configuration on the PE On the CE create a common RIP process 3 Enable RIP on the interface attached to the specified network network network address By default RIP is disabled on an interface Configuring OSPF between a PE and a CE An OSPF process that is bound to a VPN instance does not...

Page 195: ...ea id By default no OSPF area is created 6 Enable OSPF on the interface attached to the specified network in the area network ip address wildcard mask By default an interface neither belongs to any area nor runs OSPF Configuring IS IS between a PE and a CE An IS IS process belongs to the public network or a single VPN instance If you create an IS IS process without binding it to a VPN instance the...

Page 196: ...BGP does not exchange IPv4 unicast routes with any peer 7 Redistribute the routes of the local CE import route protocol process id all processes med med value route policy route policy name A PE must redistribute the routes of the local CE into its VPN routing table so it can advertise them to the peer PE 8 Optional Allow the local AS number to appear in the AS_PATH attribute of a received route a...

Page 197: ... and a CE Use IBGP between PE and CE only in a basic MPLS L3VPN network In networks such as Hub Spoke Extranet inter AS VPN carrier s carrier nested VPN and HoVPN you cannot use IBGP between PE and CE 1 Configure the PE Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPN instance view ip vpn instance vpn instance name Configuration commands i...

Page 198: ...uster ID If multiple RRs exist in a cluster use this command to configure the same cluster ID for all RRs in the cluster to avoid routing loops 2 Configure the CE Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Configure the PE as an IBGP peer peer group name ip address mask length as number as number By default no BGP peer is created 4 Create the BGP ...

Page 199: ...P VPNv4 route control Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPNv4 address family view address family vpnv4 N A 4 Configure filtering of advertised routes filter policy acl number prefix list prefix list name export protocol process id By default BGP does not filter advertised routes 5 Configure filtering of received routes filter po...

Page 200: ...and clients 14 Set a preferred value for routes received from a peer or peer group peer group name ip address mask length preferred value value By default the preferred value is 0 15 Apply a prefix list to filter routes received from or advertised to a peer or peer group peer group name ip address mask length prefix list prefix list name export import By default no prefix list based filtering is c...

Page 201: ...can be received by the ASBRs or PEs Route targets configured on the PEs in different ASs do not have such requirements For more information see Configuring basic MPLS L3VPN Configuring inter AS option B To configure inter AS option B configure PEs and ASBRs PE configuration Configure basic MPLS L3VPN and specify the ASBR in the same AS as an MP IBGP peer The route targets for the VPN instances on ...

Page 202: ...ers 11 Enter BGP VPNv4 address family view address family vpnv4 N A 12 Enable BGP to exchange VPNv4 routes with the PE in the same AS and the ASBR in different ASs peer group name ip address mask length enable By default BGP cannot exchange VPNv4 routing information with a peer 13 Disable route target based filtering of VPNv4 routes undo policy vpn target By default the PE filters received VPNv4 r...

Page 203: ...oup name ip address mask length as number as number By default no BGP peer is created 4 Configure the PE of another AS as an EBGP peer peer group name ip address mask length as number as number By default no BGP peer is created 5 Create the BGP IPv4 unicast address family and enter its view address family ipv4 unicast By default the BGP IPv4 unicast address family is not created 6 Enable BGP to ex...

Page 204: ...on C Step Command Remarks 1 Enter system view system view N A 2 Optional Create a routing policy and enter routing policy view route policy route policy name deny permit node node number By default no routing policy is created 3 Optional Match IPv4 routes carrying labels if match mpls label By default no MPLS label match criterion is configured 4 Optional Set labels for IPv4 routes apply mpls labe...

Page 205: ...dvertised to an IBGP peer or peer group 20 Optional Apply a routing policy to routes incoming from or outgoing to a peer or peer group peer group name ip address mask length route policy route policy name export import By default no routing policy is applied Configuring a routing policy on an ASBR PE A routing policy on an ASBR PE does the following Assigns MPLS labels to routes received from the ...

Page 206: ...In this case the customer PE also acts as the provider CE Therefore you must configure provider CE settings on it Configurations on the customer CE customer PE and provider CE are similar to basic MPLS L3VPN configurations This task describes the configurations on the provider PE When you configure nested VPN follow these guidelines The address spaces of sub VPNs of a VPN cannot overlap Do not ass...

Page 207: ...ting an interface with a VPN instance is not required on the SPE because no interface on the SPE is directly connected to the customer network HP recommends not configuring the peer default route advertise vpn instance and peer upe route policy commands at the same time To configure SPE for HoVPN Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Specify ...

Page 208: ...a backdoor link exists between the two sites of a VPN you can create a sham link between PEs to forward VPN traffic through the sham link on the backbone rather than the backdoor link A sham link is considered an OSPF intra area route The source and destination addresses of the sham link must be loopback interface addresses with 32 bit masks The loopback interfaces must be bound to VPN instances a...

Page 209: ...id vpn instance vpn instance name HP recommends that you specify a router ID 3 Configure the external route tag for imported VPN routes route tag tag value If BGP runs within an MPLS backbone and the BGP AS number is not greater than 65535 the first two octets of the external route tag are 0xD000 and the last two octets are the local BGP AS number If the AS number is greater than 65535 the externa...

Page 210: ...er configure the BGP AS number substitution feature to avoid route loss If the AS_PATH attribute of a route contains the AS number of the specified CE the PE replaces the AS number with its own AS number before advertising the route to that CE To configure BGP AS number substitution Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPN instance...

Page 211: ... route backup for a VPNv4 route For more information about this command see MPLS Command Reference 3 Configure the source IP address for BFD echo packets bfd echo source ip ip address The bfd echo source ip command is required when echo mode BFD is used to detect primary route connectivity in VPNv4 route backup for an IPv4 route For more information about this command see High Availability Command...

Page 212: ...path detect bfd echo By default ARP is used to detect the connectivity to the next hop Use this command if necessary in VPNv4 route backup for an IPv4 route For more information about this command see Layer 3 IP Routing Command Reference 10 Enter BGP VPN instance view ip vpn instance vpn instance name N A 11 Enter BGP VPN IPv4 unicast address family view address family ipv4 unicast N A 12 Enable M...

Page 213: ...r count log count limit route policy route policy name By default logging for BGP route flapping is disabled Enabling SNMP notifications for MPLS L3VPN This feature enables MPLS L3VPN to generate SNMP notifications The generated SNMP notifications are sent to the SNMP module For more information about SNMP notifications see Network Management and Monitoring Configuration Guide To enable SNMP notif...

Page 214: ...information display bgp group vpnv4 vpn instance vpn instance name group name group name Display BGP VPNv4 peer information display bgp peer vpnv4 vpn instance vpn instance name ip address mask length ip address group name group name log info ip address verbose standby slot slot number Display BGP VPNv4 routes display bgp routing table vpnv4 route distinguisher route distinguisher network address ...

Page 215: ...2 VPN 1 uses route target attribute 1 1 1 1 VPN 2 uses route target attribute 222 2 Users of different VPNs cannot access each other EBGP is used to exchange VPN routing information between CE and PE PEs use OSPF to communicate with each other and use MP IBGP to exchange VPN routing information Figure 62 Network diagram Table 12 Interface and IP address assignment Device Interface IP address Devic...

Page 216: ...PE1 ospf 1 area 0 0 0 0 network 1 1 1 9 0 0 0 0 PE1 ospf 1 area 0 0 0 0 quit PE1 ospf 1 quit Configure the P device P system view P interface loopback 0 P LoopBack0 ip address 2 2 2 9 32 P LoopBack0 quit P interface vlan interface 13 P Vlan interface13 ip address 172 1 1 2 24 P Vlan interface13 quit P interface vlan interface 12 P Vlan interface12 ip address 172 2 1 1 24 P Vlan interface12 quit P ...

Page 217: ...1 Vlan interface13 quit Configure the P device P mpls lsr id 2 2 2 9 P mpls ldp P ldp quit P interface vlan interface 13 P Vlan interface13 mpls enable P Vlan interface13 mpls ldp enable P Vlan interface13 quit P interface vlan interface 12 P Vlan interface12 mpls enable P Vlan interface12 mpls ldp enable P Vlan interface12 quit Configure PE 2 PE2 mpls lsr id 3 3 3 9 PE2 mpls ldp PE2 ldp quit PE2 ...

Page 218: ...2 Vlan interface11 ip address 10 3 1 2 24 PE2 Vlan interface11 quit PE2 interface vlan interface 13 PE2 Vlan interface13 ip binding vpn instance vpn2 PE2 Vlan interface13 ip address 10 4 1 2 24 PE2 Vlan interface13 quit Configure IP addresses for the CEs according to Figure 62 Details not shown Execute the display ip vpn instance command on the PEs to display the configuration of the VPN instance ...

Page 219: ...1 1 enable PE1 bgp ipv4 vpn1 import route direct PE1 bgp ipv4 vpn1 quit PE1 bgp vpn1 quit PE1 bgp ip vpn instance vpn2 PE1 bgp vpn2 peer 10 2 1 1 as number 65420 PE1 bgp vpn2 address family ipv4 unicast PE1 bgp ipv4 vpn1 peer 10 2 1 1 enable PE1 bgp ipv4 vpn2 import route direct PE1 bgp ipv4 vpn2 quit PE1 bgp vpn1 quit PE1 bgp quit Configure PE 2 in the same way that PE 1 is configured Details not...

Page 220: ...13 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 The output shows that PE 1 has a route to the remote CE Output on PE 2 is similar Verify that CEs of ...

Page 221: ...0 3 1 2 24 Vlan int3 10 2 1 2 24 Vlan int7 10 4 1 2 24 Vlan int5 172 2 1 1 24 Configuration procedure 1 Configure an IGP on the MPLS backbone to ensure IP connectivity within the backbone Configure Spoke PE 1 Spoke PE1 system view Spoke PE1 interface loopback 0 Spoke PE1 LoopBack0 ip address 1 1 1 9 32 Spoke PE1 LoopBack0 quit Spoke PE1 interface vlan interface 4 Spoke PE1 Vlan interface4 ip addre...

Page 222: ... interface5 ip address 172 2 1 2 24 Hub PE Vlan interface5 quit Hub PE ospf Hub PE ospf 1 area 0 Hub PE ospf 1 area 0 0 0 0 network 172 1 1 0 0 0 0 255 Hub PE ospf 1 area 0 0 0 0 network 172 2 1 0 0 0 0 255 Hub PE ospf 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 Hub PE ospf 1 area 0 0 0 0 quit Hub PE ospf 1 quit Execute the display ospf peer command on the devices to verify that OSPF adjacencies in Ful...

Page 223: ...ils not shown 3 Configure VPN instances on the Spoke PEs and Hub PE Configure Spoke PE 1 Spoke PE1 ip vpn instance vpn1 Spoke PE1 vpn instance vpn1 route distinguisher 100 1 Spoke PE1 vpn instance vpn1 vpn target 111 1 import extcommunity Spoke PE1 vpn instance vpn1 vpn target 222 2 export extcommunity Spoke PE1 vpn instance vpn1 quit Spoke PE1 interface vlan interface 2 Spoke PE1 Vlan interface2 ...

Page 224: ...nstance Name RD Create time vpn1 100 1 2009 04 08 10 55 07 Use the ping command on the PEs to verify that the PEs can ping their attached CEs for example on Spoke PE 1 Spoke PE1 ping vpn instance vpn1 10 1 1 1 Ping 10 1 1 1 10 1 1 1 56 data bytes press CTRL_C to break 56 bytes from 10 1 1 1 icmp_seq 0 ttl 128 time 1 913 ms 56 bytes from 10 1 1 1 icmp_seq 1 ttl 128 time 2 381 ms 56 bytes from 10 1 ...

Page 225: ...Spoke PE1 bgp vpn1 address family ipv4 Spoke PE1 bgp ipv4 vpn1 peer 10 1 1 1 enable Spoke PE1 bgp ipv4 vpn1 import route direct Spoke PE1 bgp ipv4 vpn1 quit Spoke PE1 bgp vpn1 quit Spoke PE1 bgp quit Configure Spoke PE 2 Spoke PE2 bgp 100 Spoke PE2 bgp ip vpn instance vpn1 Spoke PE2 bgp vpn1 peer 10 2 1 1 as number 65420 Spoke PE2 bgp vpn1 address family ipv4 Spoke PE2 bgp ipv4 vpn1 peer 10 2 1 1 ...

Page 226: ...ke PE2 bgp peer 2 2 2 9 as number 100 Spoke PE2 bgp peer 2 2 2 9 connect interface loopback 0 Spoke PE2 bgp address family vpnv4 Spoke PE2 bgp vpnv4 peer 2 2 2 9 enable Spoke PE2 bgp vpnv4 quit Spoke PE2 bgp quit Configure Hub PE Hub PE bgp 100 Hub PE bgp peer 1 1 1 9 as number 100 Hub PE bgp peer 1 1 1 9 connect interface loopback 0 Hub PE bgp peer 3 3 3 9 as number 100 Hub PE bgp peer 3 3 3 9 co...

Page 227: ...o Spoke CE 2 passes six hops 255 250 1 and is forwarded through Hub CE This example uses Spoke CE 1 to verify their connectivity Spoke CE1 ping 10 2 1 1 Ping 10 2 1 1 10 2 1 1 56 data bytes press CTRL_C to break 56 bytes from 10 2 1 1 icmp_seq 0 ttl 250 time 1 000 ms 56 bytes from 10 2 1 1 icmp_seq 1 ttl 250 time 2 000 ms 56 bytes from 10 2 1 1 icmp_seq 2 ttl 250 time 0 000 ms 56 bytes from 10 2 1...

Page 228: ... verify that each ASBR PE has established an OSPF adjacency in Full state with the PE in the same AS and that PEs and ASBR PEs in the same AS have learned the routes to the loopback interfaces of each other Verify that each ASBR PE and the PE in the same AS can ping each other Details not shown 2 Configure basic MPLS and MPLS LDP on the MPLS backbone to establish LDP LSPs Configure basic MPLS on P...

Page 229: ... 4 9 PE2 mpls ldp PE2 ldp quit PE2 interface vlan interface 11 PE2 Vlan interface11 mpls enable PE2 Vlan interface11 mpls ldp enable PE2 Vlan interface11 quit Execute the display mpls ldp peer command on the devices to verify that the session status is Operational and that each PE and the ASBR PE in the same AS have established a neighbor relationship Details not shown 3 Configure VPN instances on...

Page 230: ...n instance vpn1 ASBR PE1 Vlan interface12 ip address 192 1 1 1 24 ASBR PE1 Vlan interface12 quit On ASBR PE 2 create a VPN instance and bind the instance to the interface connected to ASBR PE 1 ASBR PE 2 considers ASBR PE 1 to be its CE ASBR PE2 ip vpn instance vpn1 ASBR PE2 vpn vpn vpn1 route distinguisher 200 1 ASBR PE2 vpn vpn vpn1 vpn target 200 1 both ASBR PE2 vpn vpn vpn1 quit ASBR PE2 inter...

Page 231: ...pn1 quit PE2 bgp vpn1 quit PE2 bgp quit 5 Establish an MP IBGP peer relationship between each PE and the ASBR PE in the same AS and an EBGP peer relationship between the ASBR PEs Configure PE 1 PE1 bgp 100 PE1 bgp peer 2 2 2 9 as number 100 PE1 bgp peer 2 2 2 9 connect interface loopback 0 PE1 bgp address family vpnv4 PE1 bgp vpnv4 peer 2 2 2 9 enable PE1 bgp vpnv4 peer 2 2 2 9 next hop local PE1 ...

Page 232: ...E2 bgp 200 PE2 bgp peer 3 3 3 9 as number 200 PE2 bgp peer 3 3 3 9 connect interface loopback 0 PE2 bgp address family vpnv4 PE2 bgp vpnv4 peer 3 3 3 9 enable PE2 bgp vpnv4 peer 3 3 3 9 next hop local PE2 bgp vpnv4 quit PE2 bgp quit Verifying the configuration Verify that the CEs can learn the interface routes from each other and ping each other Details not shown Configuring MPLS L3VPN inter AS op...

Page 233: ...em view PE1 isis 1 PE1 isis 1 network entity 10 111 111 111 111 00 PE1 isis 1 quit Configure the LSR ID and enable MPLS and LDP PE1 mpls lsr id 2 2 2 9 PE1 mpls ldp PE1 ldp quit Configure interface VLAN interface 11 and enable IS IS MPLS and LDP on the interface PE1 interface vlan interface 11 PE1 Vlan interface11 ip address 1 1 1 2 255 0 0 0 PE1 Vlan interface11 isis enable 1 PE1 Vlan interface11...

Page 234: ...1 bgp 100 Configure IBGP peer 3 3 3 9 as a VPNv4 peer PE1 bgp peer 3 3 3 9 as number 100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp address family vpnv4 PE1 bgp vpnv4 peer 3 3 3 9 enable PE1 bgp vpnv4 quit Redistribute direct routes to the VPN routing table of vpn1 PE1 bgp ip vpn instance vpn1 PE1 bgp vpn1 address family ipv4 unicast PE1 bgp ipv4 vpn1 import route direct PE1 bgp ipv...

Page 235: ...PNv4 routes ASBR PE1 bgp address family vpnv4 ASBR PE1 bgp vpnv4 undo policy vpn target Configure both IBGP peer 2 2 2 0 and EBGP peer 11 0 0 1 as VPNv4 peers ASBR PE1 bgp vpnv4 peer 11 0 0 1 enable ASBR PE1 bgp vpnv4 peer 2 2 2 9 enable ASBR PE1 bgp vpnv4 quit 3 Configure ASBR PE 2 Enable IS IS on ASBR PE 2 ASBR PE2 system view ASBR PE2 isis 1 ASBR PE2 isis 1 network entity 10 222 222 222 222 00 ...

Page 236: ... 11 0 0 2 enable ASBR PE2 bgp vpnv4 peer 5 5 5 9 enable ASBR PE2 bgp vpnv4 quit ASBR PE2 bgp quit 4 Configure PE 2 Enable IS IS on PE 2 PE2 system view PE2 isis 1 PE2 isis 1 network entity 10 111 111 111 111 00 PE2 isis 1 quit Configure the LSR ID and enable MPLS and LDP PE2 mpls lsr id 5 5 5 9 PE2 mpls ldp PE2 ldp quit Configure interface VLAN interface 11 and enable IS IS MPLS and LDP on the int...

Page 237: ...E 2 can ping each other PE1 ping a 30 0 0 1 vpn instance vpn1 20 0 0 1 Ping 20 0 0 1 20 0 0 1 from 30 0 0 1 56 data bytes press CTRL_C to break 56 bytes from 20 0 0 1 icmp_seq 0 ttl 255 time 1 208 ms 56 bytes from 20 0 0 1 icmp_seq 1 ttl 255 time 0 867 ms 56 bytes from 20 0 0 1 icmp_seq 2 ttl 255 time 0 551 ms 56 bytes from 20 0 0 1 icmp_seq 3 ttl 255 time 0 566 ms 56 bytes from 20 0 0 1 icmp_seq ...

Page 238: ... Configuration procedure 1 Configure CE 1 Configure an IP address for VLAN interface 12 CE1 system view CE1 interface vlan interface 12 CE1 Vlan interface12 ip address 30 0 0 2 24 CE1 Vlan interface12 quit Configure 30 0 0 1 as an EBGP peer and redistribute direct routes CE1 bgp 65001 CE1 bgp peer 30 0 0 1 as number 100 CE1 bgp address family ipv4 unicast CE1 bgp ipv4 peer 30 0 0 1 enable CE1 bgp ...

Page 239: ...pn1 route distinguisher 11 11 PE1 vpn instance vpn1 vpn target 1 1 2 2 3 3 import extcommunity PE1 vpn instance vpn1 vpn target 3 3 export extcommunity PE1 vpn instance vpn1 quit Associate interface VLAN interface 12 with VPN instance vpn1 and specify an IP address for the interface PE1 interface vlan interface 12 PE1 Vlan interface12 ip binding vpn instance vpn1 PE1 Vlan interface12 ip address 30...

Page 240: ...BR PE1 interface vlan interface 11 ASBR PE1 Vlan interface11 ip address 1 1 1 1 255 0 0 0 ASBR PE1 Vlan interface11 isis enable 1 ASBR PE1 Vlan interface11 mpls enable ASBR PE1 Vlan interface11 mpls ldp enable ASBR PE1 Vlan interface11 quit Configure interface VLAN interface 12 and enable MPLS on it ASBR PE1 interface vlan interface 12 ASBR PE1 Vlan interface12 ip address 11 0 0 2 255 0 0 0 ASBR P...

Page 241: ... bgp ipv4 peer 11 0 0 1 route policy policy1 export Enable the capability to advertise labeled routes to EBGP peer 11 0 0 1 and to receive labeled routes from the peer ASBR PE1 bgp ipv4 peer 11 0 0 1 label route capability ASBR PE1 bgp ipv4 quit ASBR PE1 bgp quit 4 Configure ASBR PE 2 Enable IS IS on ASBR PE 2 ASBR PE2 system view ASBR PE2 isis 1 ASBR PE2 isis 1 network entity 10 222 222 222 222 0...

Page 242: ...y ipv4 unicast ASBR PE2 bgp ipv4 peer 5 5 5 9 enable ASBR PE2 bgp ipv4 peer 5 5 5 9 label route capability Apply the routing policy policy2 to routes advertised to IBGP peer 5 5 5 9 ASBR PE2 bgp ipv4 peer 5 5 5 9 route policy policy2 export Redistribute routes from IS IS process 1 into BGP ASBR PE2 bgp ipv4 import route isis 1 ASBR PE2 bgp ipv4 quit Apply the routing policy policy1 to routes adver...

Page 243: ...interface vlan interface 12 PE2 Vlan interface12 ip binding vpn instance vpn1 PE2 Vlan interface12 ip address 20 0 0 1 24 PE2 Vlan interface12 quit Enable BGP on PE 2 PE2 bgp 600 Enable the capability to advertise labeled routes to IBGP peer 4 4 4 9 and to receive labeled routes from the peer PE2 bgp peer 4 4 4 9 as number 600 PE2 bgp peer 4 4 4 9 connect interface loopback 0 PE2 bgp address famil...

Page 244: ...L3VPN carrier s carrier Network requirements Configure carrier s carrier for the scenario shown in Figure 67 In this scenario PE 1 and PE 2 are the provider carrier s PE switches They provide VPN services for the customer carrier CE 1 and CE 2 are the customer carrier s switches They are connected to the provider carrier s backbone as CE switches PE 3 and PE 4 are the customer carrier s PE switche...

Page 245: ...10 1 1 2 24 Vlan int11 21 1 1 2 24 Vlan int11 11 1 1 1 24 Vlan int12 20 1 1 1 24 PE 1 Loop0 3 3 3 9 32 PE 2 Loop0 4 4 4 9 32 Vlan int11 11 1 1 2 24 Vlan int12 30 1 1 2 24 Vlan int12 30 1 1 1 24 Vlan int11 21 1 1 1 24 Configuration procedure 1 Configure MPLS L3VPN on the provider carrier backbone Enable IS IS as the IGP enable LDP between PE 1 and PE 2 and establish an MP IBGP peer relationship bet...

Page 246: ...P session in Operational state has been established between PE 1 and PE 2 Details not shown Execute the display bgp peer vpnv4 command to verify that a BGP peer relationship in Established state has been established between PE 1 and PE 2 Details not shown Execute the display isis peer command to verify that the IS IS neighbor relationship has been established between PE 1 and PE 2 Details not show...

Page 247: ...E 3 and CE 1 can establish an LDP session and IS IS neighbor relationship between them Configure PE 4 and CE 2 in the same way that PE 3 and CE 1 are configured Details not shown 3 Perform configurations to allow CEs of the customer carrier to access PEs of the provider carrier and redistribute IS IS routes to BGP and BGP routes to IS IS on the PEs Configure PE 1 PE1 ip vpn instance vpn1 PE1 vpn i...

Page 248: ...ay that PE 1 and CE 1 are configured Details not shown 4 Perform configuration to connect the CEs of the end customers to the PEs of the customer carrier Configure CE 3 CE3 system view CE3 interface vlan interface 11 CE3 Vlan interface11 ip address 100 1 1 1 24 CE3 Vlan interface11 quit CE3 bgp 65410 CE3 bgp peer 100 1 1 2 as number 100 CE3 bgp address family ipv4 unicast CE3 bgp ipv4 peer 100 1 1...

Page 249: ... routing table contains only routes of the provider carrier network PE1 display ip routing table Destinations 14 Routes 14 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 3 3 3 9 32 Direct 0 0 127 0 0 1 InLoop0 4 4 4 9 32 ISIS 15 10 30 1 1 2 Vlan12 30 1 1 0 24 Direct 0 0 30 1 1 1 Vlan12 30 1 1 0 32 Direct 0 0 30 1 1 1 Vlan12 30 1 1 1 32 Direct 0 0 127 0 0 ...

Page 250: ...ntains the internal routes of the customer carrier network but it does not contain the VPN routes that the customer carrier maintains CE1 display ip routing table Destinations 21 Routes 21 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 1 1 1 9 32 ISIS 15 10 10 1 1 1 Vlan12 2 2 2 9 32 Direct 0 0 127 0 0 1 InLoop0 5 5 5 9 32 ISIS 15 74 11 1 1 2 Vlan11 6 6 6...

Page 251: ...0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 Verify that the VPN routing table contains the route to the remote VPN customer PE3 display ip routing table vpn instance vpn1 Destinations 13 Routes 13 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 ...

Page 252: ...ider PEs When receiving a VPNv4 route from a CE CE 1 or CE 2 in this example a service provider PE a Replaces the RD of the VPNv4 route with the RD of the MPLS VPN on the service provider network where the CE resides b Adds the export target attribute of the MPLS VPN on the service provider network to the extended community attribute list c Forwards the VPNv4 route To implement exchange of sub VPN...

Page 253: ... PE 1 and PE 2 Configure PE 1 PE1 system view PE1 interface loopback 0 PE1 LoopBack0 ip address 3 3 3 9 32 PE1 LoopBack0 quit PE1 mpls lsr id 3 3 3 9 PE1 mpls ldp PE1 ldp quit PE1 isis 1 PE1 isis 1 network entity 10 0000 0000 0000 0004 00 PE1 isis 1 quit PE1 interface loopback 0 PE1 LoopBack0 isis enable 1 PE1 LoopBack0 quit PE1 interface vlan interface 2 PE1 Vlan interface2 ip address 30 1 1 1 24...

Page 254: ...3 mpls lsr id 1 1 1 9 PE3 mpls ldp PE3 ldp quit PE3 isis 2 PE3 isis 2 network entity 10 0000 0000 0000 0001 00 PE3 isis 2 quit PE3 interface loopback 0 PE3 LoopBack0 isis enable 2 PE3 LoopBack0 quit PE3 interface vlan interface 2 PE3 Vlan interface2 ip address 10 1 1 1 24 PE3 Vlan interface2 isis enable 2 PE3 Vlan interface2 mpls enable PE3 Vlan interface2 mpls ldp enable PE3 Vlan interface2 quit ...

Page 255: ... number 200 PE1 bgp vpn1 address family ipv4 PE1 bgp ipv4 vpn1 peer 11 1 1 1 enable PE1 bgp ipv4 vpn1 quit PE1 bgp vpn1 quit PE1 bgp quit Configure CE 1 CE1 interface vlan interface 1 CE1 Vlan interface1 ip address 11 1 1 1 24 CE1 Vlan interface1 mpls enable CE1 Vlan interface1 quit CE1 bgp 200 CE1 bgp peer 11 1 1 2 as number 100 CE1 bgp vpn1 address family ipv4 CE1 bgp ipv4 vpn1 peer 11 1 1 2 ena...

Page 256: ...face1 quit PE3 ip vpn instance SUB_VPN2 PE3 vpn instance SUB_VPN2 route distinguisher 101 1 PE3 vpn instance SUB_VPN2 vpn target 2 2 PE3 vpn instance SUB_VPN2 quit PE3 interface vlan interface 3 PE3 Vlan interface3 ip binding vpn instance SUB_VPN2 PE3 Vlan interface3 ip address 110 1 1 2 24 PE3 Vlan interface3 quit PE3 bgp 200 PE3 bgp ip vpn instance SUB_VPN1 PE3 bgp SUB_VPN1 peer 100 1 1 1 as num...

Page 257: ...1 bgp vpnv4 peer 11 1 1 2 allow as loop 2 Disable route target based filtering of received VPNv4 routes CE1 bgp vpnv4 undo policy vpn target CE1 bgp vpnv4 quit CE1 bgp quit Configure PE 2 and CE 2 in the same way that PE 1 and CE 1 are configured Details not shown 6 Establish MP IBGP peer relationships between sub VPN PEs and CEs of the customer VPN to exchange VPNv4 routes of sub VPNs Configure P...

Page 258: ... InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 Verify that the VPN routing table contains sub VPN routes PE1 display ip routing table vpn instance vpn1 Destinations 16 Routes 16 Destination Mask Proto Pre Cost NextHop Interfa...

Page 259: ...gn 100 1 1 0 24 1 1 1 9 0 100 0 200 65410 Route Distinguisher 101 1 Total number of routes 1 Network NextHop MED LocPrf PrefVal Path Ogn 110 1 1 0 24 1 1 1 9 0 100 0 200 65411 Route Distinguisher 200 1 Total number of routes 1 Network NextHop MED LocPrf PrefVal Path Ogn 120 1 1 0 24 11 1 1 2 0 100 200 65420 Route Distinguisher 201 1 Total number of routes 1 Network NextHop MED LocPrf PrefVal Path ...

Page 260: ...ct 0 0 100 1 1 1 Vlan1 100 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 100 1 1 255 32 Direct 0 0 100 1 1 1 Vlan1 120 1 1 0 24 BGP 255 0 100 1 1 2 Vlan1 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 25...

Page 261: ...ers to access the VPNs Performance requirements for the UPEs are lower than those for the SPEs SPEs advertise routes permitted by the routing policies to UPEs permitting CE 1 and CE 3 in VPN 1 to communicate with each other and forbidding CE 2 and CE 4 in VPN 2 from communicating with each other Figure 69 Network diagram Table 19 Interface and IP address assignment Device Interface IP address Devi...

Page 262: ...72 1 1 0 0 0 0 255 UPE1 ospf 1 area 0 0 0 0 network 1 1 1 9 0 0 0 0 UPE1 ospf 1 area 0 0 0 0 quit UPE1 ospf 1 quit Configure VPN instances vpn1 and vpn2 allowing CE 1 and CE 2 to access UPE 1 UPE1 ip vpn instance vpn1 UPE1 vpn instance vpn1 route distinguisher 100 1 UPE1 vpn instance vpn1 vpn target 100 1 both UPE1 vpn instance vpn1 quit UPE1 ip vpn instance vpn2 UPE1 vpn instance vpn2 route disti...

Page 263: ... bgp ipv4 vpn2 peer 10 4 1 1 enable UPE1 bgp ipv4 vpn2 import route direct UPE1 bgp ipv4 vpn2 quit UPE1 bgp vpn2 quit UPE1 bgp quit 2 Configure CE 1 CE1 system view CE1 interface vlan interface 12 CE1 Vlan interface12 ip address 10 2 1 1 255 255 255 0 CE1 Vlan interface12 quit CE1 bgp 65410 CE1 bgp peer 10 2 1 2 as number 100 CE1 bgp address family ipv4 unicast CE1 bgp ipv4 peer 10 2 1 2 enable CE...

Page 264: ...oth UPE2 vpn instance vpn1 quit UPE2 ip vpn instance vpn2 UPE2 vpn instance vpn2 route distinguisher 400 2 UPE2 vpn instance vpn2 vpn target 100 2 both UPE2 vpn instance vpn2 quit UPE2 interface vlan interface 12 UPE2 Vlan interface12 ip binding vpn instance vpn1 UPE2 Vlan interface12 ip address 10 1 1 2 24 UPE2 Vlan interface12 quit UPE2 interface vlan interface 13 UPE2 Vlan interface13 ip bindin...

Page 265: ...r 10 1 1 2 as number 100 CE3 bgp address family ipv4 unicast CE3 bgp ipv4 peer 10 1 1 2 enable CE3 bgp ipv4 import route direct CE3 bgp ipv4 quit CE3 bgp quit 6 Configure CE 4 CE4 system view CE4 interface vlan interface 13 CE4 Vlan interface13 ip address 10 3 1 1 255 255 255 0 CE4 Vlan interface13 quit CE4 bgp 65440 CE4 bgp peer 10 3 1 2 as number 100 CE4 bgp address family ipv4 unicast CE4 bgp i...

Page 266: ...ute distinguisher 700 1 SPE1 vpn instance vpn2 vpn target 100 2 both SPE1 vpn instance vpn2 quit Establish MP IBGP peer relationships with SPE 2 and UPE 1 and specify UPE 1 as a UPE SPE1 bgp 100 SPE1 bgp peer 1 1 1 9 as number 100 SPE1 bgp peer 1 1 1 9 connect interface loopback 0 SPE1 bgp peer 3 3 3 9 as number 100 SPE1 bgp peer 3 3 3 9 connect interface loopback 0 SPE1 bgp address family vpnv4 S...

Page 267: ...an interface11 mpls enable SPE2 Vlan interface11 mpls ldp enable SPE2 Vlan interface11 quit Configure the IGP protocol OSPF in this example SPE2 ospf SPE2 ospf 1 area 0 SPE2 ospf 1 area 0 0 0 0 network 3 3 3 9 0 0 0 0 SPE2 ospf 1 area 0 0 0 0 network 172 2 1 0 0 0 0 255 SPE2 ospf 1 area 0 0 0 0 network 180 1 1 0 0 0 0 255 SPE2 ospf 1 area 0 0 0 0 quit SPE2 ospf 1 quit Configure VPN instances vpn1 ...

Page 268: ... by a routing policy the routes of CE 1 SPE2 ip prefix list hope index 10 permit 10 2 1 1 24 SPE2 route policy hope permit node 0 SPE2 route policy hope 0 if match ip address prefix list hope SPE2 route policy hope 0 quit SPE2 bgp 100 SPE2 bgp address family vpnv4 SPE2 bgp vpnv4 peer 4 4 4 9 upe route policy hope export Verifying the configuration Verify that CE 1 and CE3 can learn each other s in...

Page 269: ...Switch A and CE 2 to advertise addresses of the interfaces as shown in Figure 70 Execute the display ip routing table command to verify that CE 1 and CE 2 have learned the route to each other Details not shown 2 Configure MPLS L3VPN on the backbone Configure basic MPLS and MPLS LDP on PE 1 to establish LDP LSPs PE1 system view PE1 interface loopback 0 PE1 LoopBack0 ip address 1 1 1 9 32 PE1 LoopBa...

Page 270: ...E2 interface loopback 0 PE2 LoopBack0 ip address 2 2 2 9 32 PE2 LoopBack0 quit PE2 mpls lsr id 2 2 2 9 PE2 mpls ldp PE2 ldp quit PE2 interface vlan interface 12 PE2 Vlan interface12 ip address 10 1 1 2 24 PE2 Vlan interface12 mpls enable PE2 Vlan interface12 mpls ldp enable PE2 Vlan interface12 quit Configure PE 2 to take PE 1 as an MP IBGP peer PE2 bgp 100 PE2 bgp peer 1 1 1 9 as number 100 PE2 b...

Page 271: ...E2 ip vpn instance vpn1 PE2 vpn instance vpn1 route distinguisher 100 2 PE2 vpn instance vpn1 vpn target 1 1 PE2 vpn instance vpn1 quit PE2 interface vlan interface 11 PE2 Vlan interface11 ip binding vpn instance vpn1 PE2 Vlan interface11 ip address 120 1 1 2 24 PE2 Vlan interface11 quit PE2 ospf 100 vpn instance vpn1 PE2 ospf 100 domain id 10 PE2 ospf 100 area 1 PE2 ospf 100 area 0 0 0 1 network ...

Page 272: ...sults Details not shown The path to the peer CE is now along the BGP route across the backbone A route to the sham link destination address is present Execute the display ip routing table command on the CEs to verify that the next hop of the OSPF route to the peer CE is the VLAN interface 1 1 connected to the PE The VPN traffic to the peer is forwarded over the backbone Details not shown Verify th...

Page 273: ...Loop0 2 2 2 9 32 Vlan int12 100 1 1 1 24 Vlan int11 30 1 1 1 24 PE 1 Loop0 1 1 1 9 32 Vlan int12 20 1 1 2 24 Vlan int11 10 1 1 2 24 PE 2 Loop0 3 3 3 9 32 Vlan int12 20 1 1 1 24 Vlan int11 30 1 1 2 24 CE 2 Vlan int12 10 2 1 1 24 Vlan int12 10 2 1 2 24 Vlan int13 200 1 1 1 24 Configuration procedure 1 Configuring basic MPLS L3VPN Configure OSPF on the MPLS backbone to allow the PEs and P device to l...

Page 274: ...oop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 200 1 1 0 24 Direct 0 0 200 1 1 1 Vlan13 200 1 1 0 32 Direct 0 0 200 1 1 1 Vlan13 200 1 1 1 32 Direct 0 0 127 0 0 1 InLoop0 200 1 1 255 24 Direct 0 0 200 1 1 1 Vlan13 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 Execute the dis...

Page 275: ... routing table ipv4 peer received routes command on CE 2 to verify that CE 2 has not received the route to 100 1 1 0 24 CE2 display bgp routing table ipv4 peer 10 2 1 2 received routes Total number of routes 2 BGP local router ID is 200 1 1 1 Status codes valid best d dampened h history s suppressed S stale i internal e external Origin i IGP e EGP incomplete Network NextHop MED LocPrf PrefVal Path...

Page 276: ...Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 10 1 1 0 24 BGP 255 0 10 2 1 2 Vlan12 10 2 1 0 24 Direct 0 0 10 2 1 1 Vlan12 10 2 1 0 32 Direct 0 0 10 2 1 1 Vlan12 10 2 1 1 32 Direct 0 0 127 0 0 1 InLoop0 10 2 1 255 32 Direct 0 0 10 2 1 1 Vlan12 100 1 1 0 24 BGP 255 0 10 2 1 2 Vlan12 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 12...

Page 277: ...Network diagram Table 22 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 Loop0 5 5 5 5 32 PE 1 Loop0 1 1 1 1 32 Vlan int10 10 2 1 1 24 Vlan int10 10 2 1 2 24 PE 2 Loop0 2 2 2 2 32 Vlan int11 172 1 1 1 24 Vlan int11 172 1 1 2 24 Vlan int12 172 2 1 1 24 Vlan int13 10 1 1 2 24 CE 2 Loop0 4 4 4 4 32 PE 3 Loop0 3 3 3 3 32 Vlan int13 10 1 1 1 24 Vlan int1...

Page 278: ... unicast PE1 bgp ipv4 vpn1 fast reroute route policy frr PE1 bgp ipv4 vpn1 quit PE1 bgp vpn1 quit Specify the preferred value as 100 for BGP VPNv4 routes received from PE 2 This value is greater than the preferred value 0 for routes from PE 3 so PE 1 prefers the routes from PE 2 PE1 bgp address family vpnv4 PE1 bgp vpnv4 peer 2 2 2 2 preferred value 100 PE1 bgp vpnv4 quit PE1 bgp quit 3 Enable MPL...

Page 279: ... CE 2 operates correctly traffic from CE 1 to CE 2 goes through the path CE 1 PE 1 PE 2 CE 2 When BFD detects that the link between PE 2 and CE 2 fails traffic from CE 1 to CE 2 goes through the path CE 1 PE 1 PE 2 PE 3 CE 2 Figure 73 Network diagram Table 23 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 Loop0 5 5 5 5 32 PE 2 Loop0 2 2 2 2 32 Vlan...

Page 280: ...E2 route policy if match ip address prefix list abc PE2 route policy apply fast reroute backup nexthop 3 3 3 3 PE2 route policy quit Use echo mode BFD to detect the primary route connectivity PE2 bgp 100 PE2 bgp primary path detect bfd echo Configure FRR for VPN instance vpn1 to reference routing policy frr PE2 bgp ip vpn instance vpn1 PE2 bgp vpn1 address family ipv4 unicast PE2 bgp ipv4 vpn1 fas...

Page 281: ...and PEs to exchange VPN routes Configure OSPF to ensure connectivity between PEs and configure MP IBGP to exchange VPNv4 routing information between PEs Configure MPLS L3VPN FRR on PE 2 to achieve the following purposes When the link PE 2 PE 3 operates correctly traffic from CE 1 to CE 2 goes through the path CE 1 PE 1 PE 2 PE 3 CE 2 When BFD detects that the link between PE 2 and PE 3 fails traff...

Page 282: ...e BFD to test the connectivity of the LSP to 3 3 3 3 32 PE2 system view PE2 mpls bfd enable PE2 mpls bfd 3 3 3 3 32 Create routing policy frr and specify the backup next hop as 10 1 1 1 for the route to 4 4 4 4 32 PE2 ip prefix list abc index 10 permit 4 4 4 4 32 PE2 route policy frr permit node 10 PE2 route policy if match ip address prefix list abc PE2 route policy apply fast reroute backup next...

Page 283: ...bose Summary Count 1 Destination 4 4 4 4 32 Protocol BGP Process ID 0 SubProtID 0x1 Age 00h00m04s Cost 0 Preference 255 IpPre N A QosLocalID N A Tag 0 State Active Adv OrigTblID 0x0 OrigVrf default vrf TableID 0x102 OrigAs 300 NibID 0x15000004 LastAs 300 AttrID 0x1 Neighbor 3 3 3 3 Flags 0x110060 OrigNextHop 3 3 3 3 Label 1275 RealNextHop 172 3 1 3 BkLabel NULL BkNextHop 10 1 1 1 Tunnel ID 0x409 I...

Page 284: ... and between CE and PE Therefore PEs must support both IPv4 and IPv6 The PE CE interfaces of a PE run IPv6 and the PE P interface of a PE runs IPv4 Figure 75 Network diagram for the IPv6 MPLS L3VPN model IPv6 MPLS L3VPN packet forwarding Figure 76 IPv6 MPLS L3VPN packet forwarding diagram VPN 1 CE IPv6 Site 1 VPN 2 CE CE CE IPv6 Site 3 VPN 2 PE VPN 1 IPv6 Site 2 IPv6 Site 4 PE PE P P P P IPv4 netw...

Page 285: ...dvertises standard IPv6 routing information to the ingress PE over an IPv6 static route RIPng route OSPFv3 route IPv6 IS IS route IBGP route or EBGP route 2 From the ingress PE to the egress PE After receiving the standard IPv6 routes from the CE the ingress PE performs the following operations a Adds RDs and route targets to create VPN IPv6 routes b Saves the routes to the routing table of the VP...

Page 286: ...IPv6 MPLS L3VPN Optional Configuring inter AS IPv6 VPN Optional Configuring an OSPFv3 sham link Optional Enabling logging for BGP routing flapping Configuring basic IPv6 MPLS L3VPN The key task in IPv6 MPLS L3VPN configuration is to manage the advertisement of IPv6 VPN routes on the MPLS backbone including management of PE CE route exchange and PE PE route exchange To configure basic IPv6 MPLS L3V...

Page 287: ...instance and enter VPN instance view ip vpn instance vpn instance name By default no VPN instance is created 3 Configure an RD for the VPN instance route distinguisher route distinguisher By default no RD is specified 4 Optional Configure a description for the VPN instance description text By default no description is configured for a VPN instance The description should contain the VPN instance s ...

Page 288: ...oth IPv4 VPN and IPv6 VPN IPv6 VPN prefers the configurations in IPv6 VPN view over the configurations in VPN instance view 3 Configure route targets vpn target vpn target 1 8 both export extcommunity import extcommunity By default no route targets are configured 4 Set the maximum number of active routes allowed routing table limit number warn threshold simply alert By default the number of active...

Page 289: ...uting between a PE and a CE Step Command Remarks 1 Enter system view system view N A 2 Configure an IPv6 static route for a VPN instance ipv6 route static vpn instance s vpn instance name ipv6 address prefix length interface type interface number next hop address nexthop address public vpn instance d vpn instance name nexthop address permanent preference preference value tag tag value description ...

Page 290: ...yer 3 IP Routing Configuration Guide To configure OSPFv3 between a PE and a CE Step Command Remarks 1 Enter system view system view N A 2 Create an OSPFv3 process for a VPN instance and enter OSPFv3 view ospfv3 process id vpn instance vpn instance name Perform this configuration on the PE On the CE create a common OSPF process Deleting a VPN instance also deletes all related OSPFv3 processes 3 Set...

Page 291: ...ional Disable setting the DN bit in OSPFv3 LSAs disable dn bit set By default when a PE redistributes BGP routes into OSPFv3 and creates OSPFv3 LSAs it sets the DN bit for the LSAs Before using this command make sure it does not cause any routing loops Perform this configuration on the PE 8 Optional Ignore the DN bit in OSPFv3 LSAs disable dn bit check By default the PE checks the DN bit in OSPFv3...

Page 292: ... vpn instance vpn instance name Perform this configuration on the PE On the CE create a common IPv6 IS IS process 3 Configure a network entity title for the IS IS process network entity net By default no NET is configured 4 Enable IPv6 for the IS IS process ipv6 enable By default IPv6 is disabled 5 Return to system view quit N A 6 Enter interface view interface interface type interface number N A ...

Page 293: ...onal Configure filtering of received routes filter policy acl6 number prefix list ipv6 prefix name import By default the PE does not filter received routes 2 Configure the CE Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Configure the PE as an EBGP peer peer group name ipv6 address prefix length as number as number By default no BGP peer is configure...

Page 294: ... RR or RR client is configured and the PE does not advertise routes learned from the IBGP peer CE to other IBGP peers including VPNv6 IBGP peers The PE advertises routes learned from the CE to other IBGP peers only when you configure the IBGP peer CE as a client of the RR Configuring an RR does not change the next hop of a route To change the next hop of a route configure an inbound policy on the ...

Page 295: ...ify the source interface for route update packets sent to the specified peer peer group name ip address mask length connect interface interface type interface number By default BGP uses the outbound interface of the best route destined to the BGP peer as the source interface 5 Create the BGP VPNv6 address family and enter its view address family vpnv6 By default the BGP VPNv6 address family is not...

Page 296: ...er to carry only public AS numbers peer group name ip address mask length public as only By default a BGP update carries both public and private AS numbers 11 Apply a routing policy to routes advertised to or received from the peer or peer group peer group name ip address mask length route policy route policy name export import By default no routing policy is applied for a peer 12 Enable route tar...

Page 297: ...g sections describe inter AS IPv6 VPN option A and option C Select one according to your network scenario Configuring inter AS IPv6 VPN option A Inter AS IPv6 VPN option A applies to scenarios where the number of VPNs and that of VPN routes on the PEs are relatively small To configure inter AS IPv6 option A Configure basic IPv6 MPLS L3VPN on each AS Configure VPN instances on both PEs and ASBR PEs...

Page 298: ...outes with the ASBR PE in the same AS peer group name ip address mask length label route capability By default the PE does not advertise labeled routes to any IPv4 peer peer group 8 Return to BGP view quit N A 9 Enter BGP VPNv6 address family view address family vpnv6 N A 10 Enable the PE to exchange BGP VPNv6 routing information with the EBGP peer peer ip address mask length enable By default the...

Page 299: ...he loopback interface See Layer 3 IP Services Configuration Guide By default no IPv6 address is configured for the loopback interface Redistributing the loopback interface address Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPN instance view ip vpn instance vpn instance name N A 4 Enter BGP VPN IPv6 unicast address family view address fam...

Page 300: ...ress family view address family vpnv6 N A 4 Enable logging for BGP route flapping log route flap monitor time monitor count log count limit route policy route policy name By default logging for BGP route flapping is disabled Displaying and maintaining IPv6 MPLS L3VPN You can soft reset or reset BGP sessions to apply new BGP configurations A soft reset operation updates BGP routing information with...

Page 301: ... network address prefix length advertise info as path acl as path acl number community list basic community list number comm list name whole match adv community list number peer ip address advertised routes received routes network address prefix length statistics statistics standby slot slot number Display incoming labels for all BGP VPNv6 routes display bgp routing table vpnv6 inlabel Display out...

Page 302: ...2 96 Vlan int13 172 1 1 2 24 Vlan int13 172 1 1 1 24 PE 2 Loop0 3 3 3 9 32 Vlan int12 2001 2 2 96 Vlan int12 172 2 1 2 24 CE 2 Vlan int12 2001 2 1 96 Vlan int11 2001 3 2 96 CE 3 Vlan int11 2001 3 1 96 Vlan int13 2001 4 2 96 CE 4 Vlan int13 2001 4 1 96 Configuration procedure 1 Configure OSPF on the MPLS backbone to ensure IP connectivity among the PEs and the P switch Configure PE 1 PE1 system vie...

Page 303: ...iew PE2 interface loopback 0 PE2 LoopBack0 ip address 3 3 3 9 32 PE2 LoopBack0 quit PE2 interface vlan interface 12 PE2 Vlan interface12 ip address 172 2 1 2 24 PE2 Vlan interface12 quit PE2 ospf PE2 ospf 1 area 0 PE2 ospf 1 area 0 0 0 0 network 172 2 1 0 0 0 0 255 PE2 ospf 1 area 0 0 0 0 network 3 3 3 9 0 0 0 0 PE2 ospf 1 area 0 0 0 0 quit PE2 ospf 1 quit Execute the display ospf peer command to ...

Page 304: ...ay mpls ldp lsp command to verify that the LSPs have been established by LDP Details not shown 3 Configure VPN instances on the PEs Configure PE 1 PE1 ip vpn instance vpn1 PE1 vpn instance vpn1 route distinguisher 100 1 PE1 vpn instance vpn1 vpn target 111 1 PE1 vpn instance vpn1 quit PE1 ip vpn instance vpn2 PE1 vpn instance vpn2 route distinguisher 100 2 PE1 vpn instance vpn2 vpn target 222 2 PE...

Page 305: ...he PEs to verify that the PEs can ping their attached CEs for example on PE 1 PE1 ping ipv6 vpn instance vpn1 2001 1 1 Ping6 56 bytes 2001 1 2 2001 1 1 press CTRL_C to break 56 bytes from 2001 1 1 icmp_seq 0 hlim 64 time 9 000 ms 56 bytes from 2001 1 1 icmp_seq 1 hlim 64 time 1 000 ms 56 bytes from 2001 1 1 icmp_seq 2 hlim 64 time 0 000 ms 56 bytes from 2001 1 1 icmp_seq 3 hlim 64 time 0 000 ms 56...

Page 306: ...Details not shown 5 Configure an MP IBGP peer relationship between the PEs Configure PE 1 PE1 bgp 100 PE1 bgp peer 3 3 3 9 as number 100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp address family vpnv6 PE1 bgp af vpnv6 peer 3 3 3 9 enable PE1 bgp af vpnv6 quit PE1 bgp quit Configure PE 2 PE2 bgp 100 PE2 bgp peer 1 1 1 9 as number 100 PE2 bgp peer 1 1 1 9 connect interface loopback 0 ...

Page 307: ...6 routing table vpn instance vpn2 Destinations 6 Routes 6 Destination 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 2001 2 96 Protocol Direct NextHop Preference 0 Interface Vlan12 Cost 0 Destination 2001 2 2 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 2001 4 96 Protocol BGP4 NextHop FFFF 3 3 3 9 Preference 255 Interface Vlan13...

Page 308: ... assignment Device Interface IP address Device Interface IP address CE 1 Vlan int12 2001 1 1 96 CE 2 Vlan int12 2001 2 1 96 PE 1 Loop0 1 1 1 9 32 PE 2 Loop0 4 4 4 9 32 Vlan int12 2001 1 2 96 Vlan int12 2001 2 2 96 Vlan int11 172 1 1 2 24 Vlan int11 162 1 1 2 24 ASBR PE 1 Loop0 2 2 2 9 32 ASBR PE 2 Loop0 3 3 3 9 32 Vlan int11 172 1 1 1 24 Vlan int11 162 1 1 1 24 Vlan int12 2002 1 1 96 Vlan int12 20...

Page 309: ...1 Vlan interface11 mpls enable ASBR PE1 Vlan interface11 mpls ldp enable ASBR PE1 Vlan interface11 quit Configure basic MPLS on ASBR PE 2 and enable MPLS LDP for the interface connected to PE 2 ASBR PE2 system view ASBR PE2 mpls lsr id 3 3 3 9 ASBR PE2 mpls ldp ASBR PE2 ldp quit ASBR PE2 interface vlan interface 11 ASBR PE2 Vlan interface11 mpls enable ASBR PE2 Vlan interface11 mpls ldp enable ASB...

Page 310: ...pn1 PE2 Vlan interface12 ipv6 address 2001 2 2 96 PE2 Vlan interface12 quit On ASBR PE 1 create a VPN instance and bind the VPN instance to the interface connected to ASBR PE 2 ASBR PE 1 considers ASBR PE 2 to be its attached CE ASBR PE1 ip vpn instance vpn1 ASBR PE1 vpn instance vpn1 route distinguisher 100 1 ASBR PE1 vpn instance vpn1 vpn target 100 1 both ASBR PE1 vpn instance vpn1 quit ASBR PE...

Page 311: ...1 bgp vpn1 address family ipv6 unicast PE1 bgp ipv6 vpn1 peer 2001 1 1 enable PE1 bgp ipv6 vpn1 quit PE1 bgp vpn1 quit PE1 bgp quit Configure CE 2 CE2 bgp 65002 CE2 bgp peer 2001 2 2 as number 200 CE2 bgp address family ipv6 CE2 bgp ipv6 peer 2001 2 2 enable CE2 bgp ipv6 import route direct CE2 bgp ipv6 quit CE2 bgp quit Configure PE 2 PE2 bgp 200 PE2 bgp ip vpn instance vpn1 PE2 bgp vpn1 peer 200...

Page 312: ...bgp 200 ASBR PE2 bgp ip vpn instance vpn1 ASBR PE2 bgp vpn1 peer 2002 1 1 as number 100 ASBR PE2 bgp vpn1 address family ipv6 unicast ASBR PE2 bgp ipv6 vpn1 peer 2002 1 1 enable ASBR PE2 bgp ipv6 vpn1 quit ASBR PE2 bgp vpn1 quit ASBR PE2 bgp peer 4 4 4 9 as number 200 ASBR PE2 bgp peer 4 4 4 9 connect interface loopback 0 ASBR PE2 bgp address family vpnv6 ASBR PE2 bgp vpnv6 peer 4 4 4 9 enable ASB...

Page 313: ...able 27 Interface and IP address assignment Device Interface IP address Device Interface IP address PE 1 Loop0 2 2 2 9 32 PE 2 Loop0 5 5 5 9 32 Vlan int11 1 1 1 2 8 Vlan int11 9 1 1 2 8 Vlan int12 2001 1 64 Vlan int12 2002 1 64 ASBR PE 1 Loop0 3 3 3 9 32 ASBR PE 2 Loop0 4 4 4 9 32 Vlan int11 1 1 1 1 8 Vlan int11 9 1 1 1 8 Vlan int12 11 0 0 2 8 Vlan int12 11 0 0 1 8 CE 1 Vlan int12 2001 2 64 CE 2 V...

Page 314: ...1 1 1 2 255 0 0 0 PE1 Vlan interface11 isis enable 1 PE1 Vlan interface11 mpls enable PE1 Vlan interface11 mpls ldp enable PE1 Vlan interface11 quit Configure interface Loopback 0 and start IS IS on it PE1 interface loopback 0 PE1 LoopBack0 ip address 2 2 2 9 32 PE1 LoopBack0 isis enable 1 PE1 LoopBack0 quit Create VPN instance vpn1 and configure the RD and route target attributes for it PE1 ip vp...

Page 315: ... peer 2001 2 as number 65001 PE1 bgp vpn1 address family ipv6 unicast PE1 bgp ipv6 vpn1 peer 2001 2 enable PE1 bgp ipv6 vpn1 quit PE1 bgp vpn1 quit PE1 bgp quit 3 Configure ASBR PE 1 Start IS IS on ASBR PE 1 ASBR PE1 system view ASBR PE1 isis 1 ASBR PE1 isis 1 network entity 10 222 222 222 222 00 ASBR PE1 isis 1 quit Configure an LSR ID and enable MPLS and LDP ASBR PE1 mpls lsr id 3 3 3 9 ASBR PE1...

Page 316: ...ipv4 peer 2 2 2 9 route policy policy2 export Enable the capability to advertise labeled routes to and receive labeled routes from IBGP peer 2 2 2 9 ASBR PE1 bgp ipv4 peer 2 2 2 9 label route capability Redistribute routes from IS IS process 1 ASBR PE1 bgp ipv4 import route isis 1 ASBR PE1 bgp ipv4 quit Apply routing policy policy1 to routes advertised to EBGP peer 11 0 0 1 ASBR PE1 bgp peer 11 0 ...

Page 317: ...policy2 1 if match mpls label ASBR PE2 route policy policy2 1 apply mpls label ASBR PE2 route policy policy2 1 quit Start BGP on ASBR PE 2 and enable the capability to advertise labeled routes to and receive labeled routes from IBGP peer 5 5 5 9 ASBR PE2 bgp 600 ASBR PE2 bgp peer 5 5 5 9 as number 600 ASBR PE2 bgp peer 5 5 5 9 connect interface loopback 0 ASBR PE2 bgp address family ipv4 unicast A...

Page 318: ...RD and route target attributes for it PE2 ip vpn instance vpn1 PE2 vpn instance vpn1 route distinguisher 11 11 PE2 vpn instance vpn1 vpn target 3 3 import extcommunity PE2 vpn instance vpn1 vpn target 3 3 export extcommunity PE2 vpn instance vpn1 quit Associate interface VLAN interface 12 with VPN instance vpn1 and specify an IPv6 address for the interface PE2 interface vlan interface 12 PE2 Vlan ...

Page 319: ... direct routes CE2 bgp 65002 CE2 bgp peer 2002 1 as number 600 CE2 bgp address family ipv6 unicast CE2 bgp ipv6 peer 2002 1 enable CE2 bgp ipv6 import route direct CE2 bgp ipv6 quit CE2 bgp quit Verifying the configuration Execute the display ipv6 routing table command on CE 1 and CE 2 to verify that CE 1 and CE 2 can ping each other Details not shown Configuring IPv6 MPLS L3VPN carrier s carrier ...

Page 320: ... 3 9 PE1 mpls ldp PE1 ldp quit PE1 isis 1 PE1 isis 1 network entity 10 0000 0000 0000 0004 00 PE1 isis 1 quit PE1 interface loopback 0 PE1 LoopBack0 isis enable 1 PE1 LoopBack0 quit PE1 interface vlan interface 12 PE1 Vlan interface12 ip address 30 1 1 1 24 PE1 Vlan interface12 isis enable 1 PE1 Vlan interface12 mpls enable PE1 Vlan interface12 mpls ldp enable PE1 Vlan interface12 mpls ldp transpo...

Page 321: ...nfigure the customer carrier network Start IS IS as the IGP and enable LDP between PE 3 and CE 1 and between PE 4 and CE 2 Configure PE 3 PE3 system view PE3 interface loopback 0 PE3 LoopBack0 ip address 1 1 1 9 32 PE3 LoopBack0 quit PE3 mpls lsr id 1 1 1 9 PE3 mpls ldp PE3 ldp quit PE3 isis 2 PE3 isis 2 network entity 10 0000 0000 0000 0001 00 PE3 isis 2 quit PE3 interface loopback 0 PE3 LoopBack...

Page 322: ...rget 1 1 PE1 vpn instance vpn1 quit PE1 mpls ldp PE1 ldp vpn instance vpn1 PE1 ldp vpn instance vpn1 quit PE1 ldp quit PE1 isis 2 vpn instance vpn1 PE1 isis 2 network entity 10 0000 0000 0000 0003 00 PE1 isis 2 import route bgp allow ibgp PE1 isis 2 quit PE1 interface vlan interface11 PE1 Vlan interface11 ip binding vpn instance vpn1 PE1 Vlan interface11 ip address 11 1 1 2 24 PE1 Vlan interface11...

Page 323: ...tance vpn1 route distinguisher 100 1 PE3 vpn instance vpn1 vpn target 1 1 PE3 vpn instance vpn1 quit PE3 interface Vlan interface11 PE3 Vlan interface11 ip binding vpn instance vpn1 PE3 Vlan interface11 ipv6 address 2001 1 2 96 PE3 Vlan interface11 quit PE3 bgp 100 PE3 bgp ip vpn instance vpn1 PE3 bgp vpn1 peer 2001 1 1 as number 65410 PE3 bgp vpn1 address family ipv6 unicast PE3 bgp ipv6 vpn1 pee...

Page 324: ... 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 Verify that the VPN routing table contains the internal routes of the customer carrier network PE1 display ip routing table vpn instance vpn1 Destinations 18 Routes 18 Destination Mask Proto Pre...

Page 325: ...0 1 InLoop0 11 1 1 255 32 Direct 0 0 11 1 1 1 Vlan11 20 1 1 0 24 ISIS 15 74 11 1 1 2 Vlan11 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 3 Display th...

Page 326: ...2001 1 96 Protocol Direct NextHop Preference 0 Interface Vlan11 Cost 0 Destination 2001 1 2 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 2001 2 96 Protocol BGP4 NextHop FFFF 6 6 6 9 Preference 255 Interface Vlan12 Cost 0 Destination FE80 10 Protocol Direct NextHop Preference 0 Interface InLoop0 Cost 0 Destination FF00 8 Protocol Direct NextHop Preference 0 Interf...

Page 327: ...nterfaces as shown in Figure 81 Set the cost value to 2 for both the link between CE 1 and Switch A and the link between CE 2 and Switch A Execute the display ipv6 routing table command to verify that CE 1 and CE 2 have each learned the OSPFv3 route to VLAN interface 11 of the other Details not shown 2 Configure IPv6 MPLS L3VPN on the backbone Configure basic MPLS and MPLS LDP on PE 1 to establish...

Page 328: ...LS and MPLS LDP on PE 2 to establish LDP LSPs PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 2 2 2 9 32 PE2 LoopBack0 quit PE2 mpls lsr id 2 2 2 9 PE2 mpls ldp PE2 ldp quit PE2 interface vlan interface 12 PE2 Vlan interface12 ip address 10 1 1 2 24 PE2 Vlan interface12 mpls enable PE2 Vlan interface12 mpls ldp enable PE2 Vlan interface12 quit Configure PE 2 to take PE 1 as an MP...

Page 329: ...uit Configure PE 2 PE2 ip vpn instance vpn1 PE2 vpn instance vpn1 route distinguisher 100 2 PE2 vpn instance vpn1 vpn target 1 1 PE2 vpn instance vpn1 quit PE2 interface vlan interface 11 PE2 Vlan interface11 ip binding vpn instance vpn1 PE2 Vlan interface11 ipv6 address 120 2 64 PE2 Vlan interface11 ospfv3 100 area 1 PE2 Vlan interface11 quit PE2 ospfv3 100 PE2 ospfv3 100 router id 120 1 1 1 PE2 ...

Page 330: ...ce command on the PEs to verify the following results details not shown The path to the peer CE is now along the IPv6 BGP route across the backbone A route to the sham link destination address exists Execute the display ipv6 routing table command on the CEs to verify that the next hop of the OSPFv3 route to the peer CE is the VLAN interface connected to the PE The VPN traffic to the peer is forwar...

Page 331: ...322 Interface ID 2147483649 Neighbor ID 120 1 1 1 Neighbor state Full Cost 1 State P 2 P Type Sham Instance ID 0 Timers Hello 10 Dead 40 Retransmit 5 Transmit delay 1 Request list 0 Retransmit list 0 ...

Page 332: ...ite directions Public tunnel A public tunnel is a connection that carries one or more PWs across the MPLS or IP backbone It can be an LSP tunnel or an MPLS TE tunnel Cross connect A cross connect concatenates two physical or virtual circuits such as ACs and PWs It switches packets between the two physical or virtual circuits Cross connects include AC to AC cross connect AC to PW cross connect and ...

Page 333: ...te message If the route target value matches an import target the PE accepts the L2VPN information in the update message Route target attributes determine from which PEs a PE can receive L2VPN information MPLS L2VPN network models As shown in Figure 82 this model connects two CEs through a PW on an MPLS or IP backbone Figure 82 MPLS L2VPN network model To set up an MPLS L2VPN connection 1 Set up a...

Page 334: ...s at one time To establish a CCC PW manually specify the incoming and outgoing labels for the CCC PW on the PEs and create two static LSPs in opposite directions on P devices between PEs CCC employs only one level of label to transfer packets The static LSPs on the P devices transfer data only for the CCC PW They cannot be used by other connections or MPLS L3VPN 3 Set up an AC between a PE and a C...

Page 335: ...ent PW includes multiple concatenated static or LDP PWs Creating two PWs for a cross connect on a PE can concatenate the two PWs Upon receiving a packet from one PW the PE removes the tunnel ID and PW label of the packet adds the PW label of the other PW and forwards the packet over the public tunnel Only static and LDP PWs can form a multi segment PW As shown in Figure 84 to create a multi segmen...

Page 336: ... between PE 1 and PE 2 PW 1 and a PW between PE 2 and PE 4 PW 2 2 Concatenate the two PWs on PE 2 Intra domain multi segment PWs can fully use existing public tunnels to reduce end to end public tunnels Figure 85 Intra domain multi segment PW Inter domain multi segment PW An inter domain multi segment PW has concatenated PWs in different ASs and is a method for inter AS option B networking As show...

Page 337: ... LDP or MPLS TE to set up public tunnels across the backbone Configure MPLS L2VPN on the PEs including setting up PWs and binding ACs to PWs This chapter only describes MPLS L2VPN configurations on the PEs MPLS L2VPN configurations vary with the following scenarios MPLS L2VPN connection To create an MPLS L2VPN connection configure an AC configure a PW in cross connect view or auto discovery cross ...

Page 338: ...re an LSR ID for the PE with the mpls lsr id command Enable MPLS with the mpls enable command on the backbone interface of the PE To enable L2VPN Step Command Remarks 1 Enter system view system view N A 2 Enable L2VPN l2vpn enable By default L2VPN is disabled Configuring an AC CAUTION On a PE if the interface connected to a PW and the interface connected to an AC reside on different IRF member dev...

Page 339: ...h criteria are configured for the Ethernet service instance To match packets with VLAN IDs on an interface you must first create the VLANs and then assign the interface to the VLANs Configuring a cross connect Step Command Remarks 1 Enter system view system view N A 2 Create a cross connect group and enter cross connect group view xconnect group group name By default no cross connect group is crea...

Page 340: ...c PW Step Command Remarks 1 Enter system view system view N A 2 Enter cross connect group view xconnect group group name N A 3 Enter cross connect view connection connection name N A 4 Configure a static PW and enter cross connect PW view peer ip address pw id pw id in label label value out label label value pw class class name tunnel policy tunnel policy name By default no static PW is configured...

Page 341: ...reate the BGP L2VPN address family and enter BGP L2VPN address family view address family l2vpn By default the BGP L2VPN address family is not created 5 Enable BGP to exchange BGP L2VPN information with the specified peer or peer group peer group name ip address mask length enable By default BGP cannot exchange BGP L2VPN information with any peer or peer group 6 Enable BGP to exchange label block ...

Page 342: ...ss mask length all external group group name internal l2vpn N A For more information about the peer as number peer enable peer allow as loop peer reflect client reflect between clients reflector cluster id refresh bgp and reset bgp commands see Layer 3 IP Routing Command Reference Creating a BGP PW Step Command Remarks 1 Enter system view system view N A 2 Enter cross connect group view xconnect g...

Page 343: ...c lsp transit command see MPLS Command References Follow these guidelines when you configure a remote CCC connection The outgoing label specified on a device must be the same as the incoming label specified on the next hop device CCC connection settings such as the encapsulation type and control word feature must be consistent on the two PEs Otherwise the PEs might fail to forward packets over the...

Page 344: ...he cross connect ac interface interface type interface number service instance instance id access mode ethernet vlan By default no Ethernet service instance is bound to the cross connect To bind an Ethernet service instance to a BGP cross connect Step Command Remarks 1 Enter system view system view N A 2 Enter cross connect group view xconnect group group name N A 3 Enter cross connect group auto ...

Page 345: ...nd enter backup cross connect PW view backup peer ip address pw id pw id in label label value out label label value pw class class name tunnel policy tunnel policy name By default no backup PW is configured 7 Return to user view return N A 8 Manually perform a PW switchover l2vpn switchover peer ip address pw id pw id N A Configuring LDP PW redundancy Step Command Remarks 1 Enter system view syste...

Page 346: ...ires the software to periodically check whether the hardware has learned new MAC addresses and then uploads the learned MAC addresses to the controller Software learning The software learns MAC addresses issues the learned MAC addresses to the hardware and uploads the MAC addresses to the controller Software learning has a faster learning speed than hardware learning because software learning does...

Page 347: ...terface number service instance instance id verbose Display cross connect group information display l2vpn xconnect group name group name verbose Display L2VPN label block information display l2vpn bgp peer ip address local xconnect group group name verbose Display BGP L2VPN peer group information display bgp group l2vpn group name group name Display L2VPN label block information discovered by BGP ...

Page 348: ...4 32 Vlan int20 10 1 1 1 24 Vlan int30 10 2 2 2 24 PE 2 Loop0 192 3 3 3 32 Vlan int20 10 1 1 2 24 Vlan int30 10 2 2 1 24 Configuration procedure Before you perform the following configurations configure VLANs and add ports to VLANs 1 Configure CE 1 CE1 system view CE1 interface fortygige 1 1 1 CE1 FortyGigE1 1 1 port link type trunk CE1 FortyGigE1 1 1 port trunk permit vlan 10 CE1 FortyGigE1 1 1 q...

Page 349: ...ernet 1 0 1 to match packets that have an outer VLAN ID of 10 PE1 interface ten gigabitethernet 1 0 1 PE1 Ten GigabitEthernet1 0 1 service instance 10 PE1 Ten GigabitEthernet1 0 1 srv10 encapsulation s vid 10 PE1 Ten GigabitEthernet1 0 1 srv10 quit PE1 Ten GigabitEthernet1 0 1 quit Create a cross connect group named vpna create a cross connect named svc in the group and bind Ethernet service insta...

Page 350: ... 0 P ospf 1 area 0 0 0 0 network 10 1 1 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 10 2 2 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 192 4 4 4 0 0 0 0 P ospf 1 area 0 0 0 0 quit P ospf 1 quit 4 Configure PE 2 Configure an LSR ID PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 192 3 3 3 32 PE2 LoopBack0 quit PE2 mpls lsr id 192 3 3 3 Enable L2VPN PE2 l2vpn enable Enable global LDP P...

Page 351: ...nstance 10 Create a static PW for the cross connect to bind the AC to the PW PE2 xcg vpna svc peer 192 2 2 2 pw id 3 in label 200 out label 100 PE2 xcg vpna svc 192 2 2 2 3 quit PE2 xcg vpna svc quit PE2 xcg vpna quit 5 Configure CE 2 CE2 system view CE2 interface fortygige 1 1 1 CE2 FortyGigE1 1 1 port link type trunk CE2 FortyGigE1 1 1 port trunk permit vlan 10 CE2 FortyGigE1 1 1 quit Verifying ...

Page 352: ...0 192 2 2 2 32 P Loop0 192 4 4 4 32 Vlan int20 10 1 1 1 24 Vlan int20 10 1 1 2 24 PE 2 Loop0 192 3 3 3 32 Vlan int30 10 2 2 2 24 Vlan int30 10 2 2 1 24 Configuration procedure Before you perform the following configurations configure VLANs and add ports to VLANs 1 Configure CE 1 CE1 system view CE1 interface fortygige 1 1 1 CE1 FortyGigE1 1 1 port link type trunk CE1 FortyGigE1 1 1 port trunk perm...

Page 353: ...Ten GigabitEthernet 1 0 1 to match packets that have an outer VLAN ID of 10 PE1 interface ten gigabitethernet 1 0 1 PE1 Ten GigabitEthernet1 0 1 service instance 10 PE1 Ten GigabitEthernet1 0 1 srv10 encapsulation s vid 10 PE1 Ten GigabitEthernet1 0 1 srv10 quit PE1 Ten GigabitEthernet1 0 1 quit Create a cross connect group named vpna create a cross connect named ldp in the group and bind Ethernet...

Page 354: ... 0 P ospf 1 area 0 0 0 0 network 10 1 1 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 10 2 2 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 192 4 4 4 0 0 0 0 P ospf 1 area 0 0 0 0 quit P ospf 1 quit 4 Configure PE 2 Configure an LSR ID PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 192 3 3 3 32 PE2 LoopBack0 quit PE2 mpls lsr id 192 3 3 3 Enable L2VPN PE2 l2vpn enable Enable global LDP P...

Page 355: ...t 1 0 1 service instance 10 Create an LDP PW for the cross connect to bind the AC to the PW PE2 xcg vpna ldp peer 192 2 2 2 pw id 3 PE2 xcg vpna ldp 192 2 2 2 3 quit PE2 xcg vpna ldp quit PE2 xcg vpna quit 5 Configure CE 2 CE2 system view CE2 interface fortygige 1 1 1 CE2 FortyGigE1 1 1 port link type trunk CE2 FortyGigE1 1 1 port trunk permit vlan 10 CE2 FortyGigE1 1 1 quit Verifying the configur...

Page 356: ... 2 32 P Loop0 192 4 4 4 32 Vlan int20 10 1 1 1 24 Vlan int20 10 1 1 2 24 PE 2 Loop0 192 3 3 3 32 Vlan int30 10 2 2 2 24 Vlan int30 10 2 2 1 24 Configuration procedure Before you perform the following configurations configure VLANs and add ports to VLANs 1 Configure CE 1 CE1 system view CE1 interface fortygige 1 1 1 CE1 FortyGigE1 1 1 port link type trunk CE1 FortyGigE1 1 1 port trunk permit vlan 1...

Page 357: ...1 bgp l2vpn quit PE1 bgp quit Create VLAN 10 and assign Ten GigabitEthernet 1 0 1 to the VLAN PE1 vlan 10 PE1 vlan10 port ten gigabitethernet 1 0 1 PE1 vlan10 quit Create Ethernet service instance 10 on Ten GigabitEthernet 1 0 1 to match packets that have an outer VLAN ID of 10 PE1 interface ten gigabitethernet 1 0 1 PE1 Ten GigabitEthernet1 0 1 service instance 10 PE1 Ten GigabitEthernet1 0 1 srv...

Page 358: ...ted to PE 2 and enable LDP on the interface P interface vlan interface 30 P Vlan interface30 ip address 10 2 2 2 24 P Vlan interface30 mpls enable P Vlan interface30 mpls ldp enable P Vlan interface30 quit Enable OSPF for LSP establishment P ospf P ospf 1 area 0 P ospf 1 area 0 0 0 0 network 10 1 1 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 10 2 2 2 0 0 0 255 P ospf 1 area 0 0 0 0 network 192 4 4 4...

Page 359: ... to match packets that have an outer VLAN ID of 20 PE2 interface ten gigabitethernet 1 0 1 PE2 Ten GigabitEthernet1 0 1 service instance 10 PE2 Ten GigabitEthernet1 0 1 srv10 encapsulation s vid 10 PE2 Ten GigabitEthernet1 0 1 srv10 quit PE2 Ten GigabitEthernet1 0 1 quit Create a cross connect group named vpnb create a local site named site 2 create a BGP PW from site 2 to the remote site site 1 a...

Page 360: ... B backup H hub link S spoke link N no split horizon Total number of PWs 1 1 up 0 blocked 0 down 0 defect Xconnect group Name vpnb Peer PW ID Rmt Site In Out Label Proto Flag Link ID State 192 2 2 2 1 65625 65636 BGP M 1 Up Verify that CE 1 and CE 2 can ping each other Details not shown Configuring a remote CCC connection Network requirements Create a remote CCC connection between PE 1 and PE 2 so...

Page 361: ...ble PE1 Vlan interface20 quit Create VLAN 10 and assign Ten GigabitEthernet 1 0 1 to the VLAN PE1 vlan 10 PE1 vlan10 port ten gigabitethernet 1 0 1 PE1 vlan10 quit Create Ethernet service instance 10 on Ten GigabitEthernet 1 0 1 to match packets that have an outer VLAN ID of 10 PE1 interface ten gigabitethernet 1 0 1 PE1 Ten GigabitEthernet1 0 1 service instance 10 PE1 Ten GigabitEthernet1 0 1 srv...

Page 362: ... a static LSP to forward packets from PE 2 to PE 1 P static lsp transit pe2 pe1 in label 102 nexthop 10 1 1 1 out label 101 4 Configure PE 2 Configure an LSR ID PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 192 3 3 3 32 PE2 LoopBack0 quit PE2 mpls lsr id 192 3 3 3 Enable L2VPN PE2 l2vpn enable Configure VLAN interface 30 the interface connected to P and enable MPLS on the inter...

Page 363: ...ction identified by PW ID Rmt Site and Proto Static has been established PE1 display l2vpn pw Flags M main B backup H hub link S spoke link N no split horizon Total number of PWs 1 1 up 0 blocked 0 down 0 defect Xconnect group Name ccc Peer PW ID Rmt Site In Out Label Proto Flag Link ID State 10 1 1 2 101 201 Static M 0 Up Display L2VPN PW information on PE 2 The output shows that a remote CCC con...

Page 364: ...4 Vlan int10 CE 2 Vlan int10 100 1 1 2 24 Vlan int13 13 1 1 3 24 Configuration procedure Before you perform the following configurations configure VLANs and add ports to VLANs 1 Configure CE 1 CE1 system view CE1 interface vlan interface 10 CE1 Vlan interface10 ip address 100 1 1 1 24 CE1 Vlan interface10 quit 2 Configure PE 1 Configure an LSR ID PE1 system view PE1 interface loopback 0 PE1 LoopBa...

Page 365: ... 1 0 1 to match packets that have an outer VLAN ID of 10 PE1 interface ten gigabitethernet 1 0 1 PE1 Ten GigabitEthernet1 0 1 port link type trunk PE1 Ten GigabitEthernet1 0 1 port trunk permit vlan 10 PE1 Ten GigabitEthernet1 0 1 service instance 10 PE1 Ten GigabitEthernet1 0 1 srv10 encapsulation s vid 10 PE1 Ten GigabitEthernet1 0 1 srv10 quit PE1 Ten GigabitEthernet1 0 1 quit Create a cross co...

Page 366: ...hat have an outer VLAN ID of 10 PE2 interface ten gigabitethernet 1 0 1 PE2 Ten GigabitEthernet1 0 1 port link type trunk PE2 Ten GigabitEthernet1 0 1 port trunk permit vlan 10 PE2 Ten GigabitEthernet1 0 1 service instance 10 PE2 Ten GigabitEthernet1 0 1 srv10 encapsulation s vid 10 PE2 Ten GigabitEthernet1 0 1 srv10 quit PE2 Ten GigabitEthernet1 0 1 quit Create a cross connect group named vpna cr...

Page 367: ... type trunk PE3 Ten GigabitEthernet1 0 1 port trunk permit vlan 10 PE3 Ten GigabitEthernet1 0 1 service instance 10 PE3 Ten GigabitEthernet1 0 1 srv10 encapsulation s vid 10 PE3 Ten GigabitEthernet1 0 1 srv10 quit PE3 Ten GigabitEthernet1 0 1 quit Create a cross connect group named vpna create a cross connect named ldp in the group and bind Ethernet service instance 10 on Ten GigabitEthernet 1 0 1...

Page 368: ...60000002 Tunnel NHLFE IDs 135 Peer 3 3 3 3 PW ID 30 Signaling Protocol LDP Link ID 1 PW State Blocked In Label 65650 Out Label 65779 MTU 1500 PW Attributes Backup VCCV CC VCCV BFD Tunnel Group ID 0x1800000360000003 Tunnel NHLFE IDs 137 Display L2VPN PW information on PE 2 The output shows that an LDP PW has been established PE2 display l2vpn pw Flags M main B backup H hub link S spoke link N no sp...

Page 369: ...E 1 and CE 2 can ping each other Details not shown Configuring an intra domain multi segment PW Network requirements As shown in Figure 92 there is no public tunnel between PE 1 and PE 2 There is an MPLS TE tunnel between PE 1 and P and an MPLS TE tunnel between P and PE 2 Configure a multi segment PW between PE 1 and PE 2 so CE 1 and CE 2 can communicate over the backbone The multi segment PW inc...

Page 370: ...d assign Ten GigabitEthernet 1 0 1 to the VLAN PE1 vlan 10 PE1 vlan10 port ten gigabitethernet 1 0 1 PE1 vlan10 quit Create Ethernet service instance 1000 on Ten GigabitEthernet 1 0 1 to match packets that have an outer VLAN ID of 10 PE1 interface ten gigabitethernet 1 0 1 PE1 Ten GigabitEthernet1 0 1 service instance 1000 PE1 Ten GigabitEthernet1 0 1 srv1000 encapsulation s vid 10 PE1 Ten Gigabit...

Page 371: ... 3 pw id 1000 in label 100 out label 200 P xcg vpn1 ldpsvc 192 3 3 3 1000 quit P xcg vpn1 ldpsvc quit P xcg vpn1 quit 4 Configure PE 2 Configure an LSR ID PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 192 3 3 3 32 PE2 LoopBack0 quit PE2 mpls lsr id 192 3 3 3 Enable L2VPN PE2 l2vpn enable Configure MPLS TE to establish an MPLS TE tunnel between P and PE 2 For more information se...

Page 372: ...igE1 1 1 quit Verifying the configuration Display L2VPN PW information on P The output shows that two PWs have been created to form a multi segment PW P display l2vpn pw Flags M main B backup H hub link S spoke link N no split horizon Total number of PWs 2 2 up 0 blocked 0 down 0 defect Xconnect group Name vpn1 Peer PW ID In Out Label Proto Flag Link ID State 192 2 2 2 1000 65779 65650 LDP M 0 Up ...

Page 373: ... the PWs Configure an LDP PW between ASBR 1 and ASBR 2 Advertise labeled IPv4 routes between ASBR 1 and ASBR 2 through BGP so as to set up the public tunnel to carry the LDP PW Concatenate the two public tunnels on ASBR 1 Concatenate the two public tunnels on ASBR 2 Figure 93 Network diagram Table 35 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 V...

Page 374: ...nterface 23 PE1 Vlan interface23 ip address 23 1 1 1 24 PE1 Vlan interface23 mpls enable PE1 Vlan interface23 mpls ldp enable PE1 Vlan interface23 quit Configure OSPF for LDP to create LSPs PE1 ospf PE1 ospf 1 area 0 PE1 ospf 1 area 0 0 0 0 network 23 1 1 1 0 0 0 255 PE1 ospf 1 area 0 0 0 0 network 192 1 1 1 0 0 0 0 PE1 ospf 1 area 0 0 0 0 quit PE1 ospf 1 quit Create VLAN 10 and assign Ten Gigabit...

Page 375: ...ldp ASBR1 ldp quit Configure VLAN interface 23 the interface connected to PE 1 and enable LDP on the interface ASBR1 interface vlan interface 23 ASBR1 Vlan interface23 ip address 23 1 1 2 24 ASBR1 Vlan interface23 mpls enable ASBR1 Vlan interface23 mpls ldp enable ASBR1 Vlan interface23 quit Configure VLAN interface 26 the interface connected to ASBR 2 and enable MPLS on the interface ASBR1 interf...

Page 376: ...onfigure ASBR 2 Configure an LSR ID ASBR2 system view ASBR2 interface loopback 0 ASBR2 LoopBack0 ip address 192 3 3 3 32 ASBR2 LoopBack0 quit ASBR2 mpls lsr id 192 3 3 3 Enable L2VPN ASBR2 l2vpn enable Enable global LDP ASBR2 mpls ldp ASBR2 ldp quit Configure VLAN interface 22 the interface connected to PE 2 and enable LDP on the interface ASBR2 interface vlan interface 22 ASBR2 Vlan interface22 i...

Page 377: ...t to form a multi segment PW ASBR2 xconnect group vpn1 ASBR2 xcg vpn1 connection ldp ASBR2 xcg vpn1 ldp peer 192 2 2 2 pw id 1000 ASBR2 xcg vpn1 ldp 192 2 2 2 1000 quit ASBR2 xcg vpn1 ldp peer 192 4 4 4 pw id 1000 ASBR2 xcg vpn1 ldp 192 4 4 4 1000 quit ASBR2 xcg vpn1 ldp quit ASBR2 xcg vpn1 quit 5 Configure PE 2 Configure an LSR ID PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address ...

Page 378: ... cross connect PE2 xconnect group vpn1 PE2 xcg vpn1 connection ldp PE2 xcg vpn1 ldp ac interface ten gigabitethernet 1 0 1 service instance 1000 Create an LDP PW for the cross connect to bind the AC to the PW PE2 xcg vpn1 ldp peer 192 3 3 3 pw id 1000 PE2 xcg vpn1 ldp 192 3 3 3 1000 quit PE2 xcg vpn1 ldp quit PE2 xcg vpn1 quit 6 Configure CE 2 CE2 system view CE2 vlan 10 CE2 vlan10 quit CE2 interf...

Page 379: ...a multi segment PW ASBR2 display l2vpn pw Flags M main B backup H hub link S spoke link N no split horizon Total number of PWs 2 2 up 0 blocked 0 down 0 defect Xconnect group Name vpn1 Peer PW ID In Out Label Proto Flag Link ID State 192 2 2 2 1000 65651 65778 LDP M 0 Up 192 4 4 4 1000 65650 65779 LDP M 1 Up Display L2VPN PW information on PE 2 The output shows that a PW has been created PE2 displ...

Page 380: ...network A PE implements VPN access by mapping and forwarding packets between private networks and public network tunnels A PE can be a UPE or NPE in a hierarchical VPLS AC An attachment circuit physical or virtual connects a CE and a PE such as an Ethernet link or a VLAN PW A pseudowire is a bidirectional virtual connection between two PEs An MPLS PW consists of two unidirectional MPLS LSPs in opp...

Page 381: ...D identifies the PW bound to the PW label BGP PW To create a BGP PW BGP advertises label block information to the remote PE After the two PEs receive label block information from each other they use the label block information to calculate the incoming and outgoing labels and create the BGP PW A PE also uses the received label block information to automatically find the remote PE BGP auto discover...

Page 382: ...hose MAC addresses Unicast traffic forwarding and flooding After a PE receives a unicast packet from an AC the PE searches the MAC address table of the VSI bound to the AC to determine how to forward this packet If a match is found the PE forwards the packet according to the matching entry If the outgoing interface in the entry is a PW the PE inserts the PW label to the packet and adds the public ...

Page 383: ...ard packets received from a PW to any other PW in the same VSI but only forwards those packets to ACs H VPLS VPLS requires a full mesh of PWs among all PEs in a VPLS instance In a large scale network however a full mesh of PWs causes very high PW signaling overhead and creates difficulties for network management and expansion Hierarchical VPLS H VPLS reduces the number of PWs by dividing a VPLS ne...

Page 384: ...network The UPE and NPE 1 establish a point to point Ethernet QinQ connection in between After the UPE receives a packet from a CE it adds an outer VLAN tag into the packet and forwards the packet to NPE 1 NPE 1 regards the outer VLAN tag as the service provider VLAN tag It maps the packet to the VSI that corresponds to the VLAN tag and then searches the MAC address table of the VSI to forward the...

Page 385: ...d a backup tunnel is established over the link UPE NPE 4 NPE 1 When the primary tunnel fails traffic will be immediately switched to the backup tunnel The failover time is so short that the U PW switchover from primary to backup might not be triggered In this scenario NPE 1 needs to forward traffic received from NPE 4 to NPE 4 NPE 3 and NPE 2 in the backbone domain To ensure correct forwarding exe...

Page 386: ...dancy N A Required Configuring MAC address learning N A Optional Enabling packet statistics for an Ethernet service instance N A Enabling L2VPN Before you enable L2VPN perform the following tasks Configure an LSR ID for the PE with the mpls lsr id command Enable MPLS with the mpls enable command on the backbone interface of the PE To enable L2VPN Step Command Remarks 1 Enter system view system vie...

Page 387: ...ult no Ethernet service instance is created 4 Configure match criteria for the Ethernet service instance Match all incoming packets encapsulation default Match incoming packets with any VLAN ID or no VLAN ID encapsulation tagged untagged Match incoming packets with a specific outer VLAN ID encapsulation s vid vlan id only tagged By default no match criteria are configured for the Ethernet service ...

Page 388: ...signaling for PWs and enter VSI static view pwsignaling static By default no PW signaling protocol is specified 4 Configure a static PW and enter VSI static PW view peer ip address pw id pw id in label label value out label label value no split horizon pw class class name tunnel policy tunnel policy name By default no static PW is configured If both a default PW ID in the default pw id command and...

Page 389: ...nfigure a BGP PW perform the following configurations on PEs Configure BGP to advertise VPLS label block information Create a BGP PW Configuring BGP to advertise VPLS label block information Step Command Remarks 1 Enter system view system view N A 2 Enable BGP and enter BGP view bgp as number By default BGP is not enabled 3 Configure the remote PE as a BGP peer peer group name ip address mask leng...

Page 390: ... own router ID as the cluster ID 12 Optional Configure the filtering of reflected L2VPN information rr filter extended community number By default the route reflector does not filter reflected L2VPN information 13 Optional Return to user view return N A 14 Optional Soft reset L2VPN BGP sessions refresh bgp ip address mask length all external group group name internal export import l2vpn N A 15 Opt...

Page 391: ...configure a BGP auto discovery LDP PW perform the following configurations on PEs Configure BGP to advertise VPLS PE information Use LDP to create a PW Configuring BGP to advertise VPLS PE information Step Command Remarks 1 Enter system view system view N A 2 Enable BGP and enter BGP view bgp as number By default BGP is not enabled 3 Configure the remote PE as a BGP peer peer group name ip address...

Page 392: ...er ID as the cluster ID 12 Optional Configure the filtering of reflected L2VPN information rr filter extended community number By default the route reflector does not filter reflected L2VPN information 13 Optional Return to user view return N A 14 Optional Soft reset L2VPN BGP sessions refresh bgp ip address mask length all external group group name internal export import l2vpn N A 15 Optional Res...

Page 393: ... instance on the interface to a VSI and vice versa On a Layer 2 Ethernet or Layer 2 aggregate interface you can create an Ethernet service instance and bind it to a VSI The Ethernet service instance matches packets received on that interface The matching packets are then forwarded based on the MAC address table of the VSI An Ethernet service instance can match all packets tagged packets or untagge...

Page 394: ...mediately switched back from the backup PW to the primary PW 5 Configure a static PW and enter VSI static PW view peer ip address pw id pw id in label label value out label label value no split horizon pw class class name tunnel policy tunnel policy name By default no static PW is configured 6 Configure a backup static PW and enter VSI static backup PW view backup peer ip address pw id pw id in la...

Page 395: ...default no LDP PW is configured 6 Configure a backup LDP PW and enter VSI LDP backup PW view backup peer ip address pw id pw id pw class class name tunnel policy tunnel policy name By default no backup LDP PW is configured If both a default PW ID in the default pw id command and a PW ID in the backup peer command are configured the PW ID in the backup peer command is used If only a default PW ID i...

Page 396: ...or all Ethernet service instances 5 Return to user view return N A 6 Optional Clear packet statistics on the Ethernet service instance reset l2vpn statistics ac interface interface type interface number service instance instance id N A Displaying and maintaining VPLS Execute display commands in any view and reset commands in user view Task Command Display LDP PW label information display l2vpn ldp...

Page 397: ...label offset label offset advertise info statistics Display BGP L2VPN peer information display bgp peer l2vpn ip address mask length ip address group name group name log info ip address verbose standby slot slot number Display BGP L2VPN update group information display bgp update group l2vpn ip address Clear MAC address entries for VSIs reset l2vpn mac address vsi vsi name Reset L2VPN BGP sessions...

Page 398: ...pls lsr id 1 1 1 9 Enable L2VPN PE1 l2vpn enable Enable global LDP PE1 mpls ldp PE1 ldp quit Configure VLAN interface 20 the interface connected to PE 2 and enable LDP on the interface PE1 interface vlan interface 20 PE1 Vlan interface20 ip address 20 1 1 1 24 PE1 Vlan interface20 mpls enable PE1 Vlan interface20 mpls ldp enable PE1 Vlan interface20 quit Configure VLAN interface 30 the interface c...

Page 399: ... 1 0 1 PE1 Ten GigabitEthernet1 0 1 service instance 10 PE1 Ten GigabitEthernet1 0 1 srv10 encapsulation default Bind Ethernet service instance 10 to the VSI svc PE1 Ten GigabitEthernet1 0 1 srv10 xconnect vsi svc 2 Configure PE 2 Configure an LSR ID PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 2 2 2 9 32 PE2 LoopBack0 quit PE2 mpls lsr id 2 2 2 9 Enable L2VPN PE2 l2vpn enable...

Page 400: ...2 interface ten gigabitethernet 1 0 1 PE2 Ten GigabitEthernet1 0 1 service instance 10 PE2 Ten GigabitEthernet1 0 1 srv10 encapsulation default Bind Ethernet service instance 10 to the VSI svc PE2 Ten GigabitEthernet1 0 1 srv10 xconnect vsi svc 3 Configure PE 3 Configure an LSR ID PE3 system view PE3 interface loopback 0 PE3 LoopBack0 ip address 3 3 3 9 32 PE3 LoopBack0 quit PE3 mpls lsr id 3 3 3 ...

Page 401: ...E3 vsi svc static quit PE3 vsi svc quit Create Ethernet service instance 10 on Ten GigabitEthernet 1 0 1 to match all packets PE3 interface ten gigabitethernet 1 0 1 PE3 Ten GigabitEthernet1 0 1 service instance 10 PE3 Ten GigabitEthernet1 0 1 srv10 encapsulation default Bind Ethernet service instance 10 to the VSI svc PE3 Ten GigabitEthernet1 0 1 srv10 xconnect vsi svc Verifying the configuration...

Page 402: ...n 2 Configure PE 1 Configure basic MPLS PE1 system view PE1 interface loopback 0 PE1 LoopBack0 ip address 1 1 1 9 32 PE1 LoopBack0 quit PE1 mpls lsr id 1 1 1 9 PE1 mpls ldp PE1 ldp quit Enable L2VPN PE1 l2vpn enable Configure VSI aaa that uses LDP as the PW signaling protocol and establish PWs to PE 2 and PE 3 PE1 vsi aaa PE1 vsi aaa pwsignaling ldp PE1 vsi aaa ldp peer 2 2 2 9 pw id 500 PE1 vsi a...

Page 403: ...ling protocol and establish PWs to PE 1 and PE 3 PE2 vsi aaa PE2 vsi aaa pwsignaling ldp PE2 vsi aaa ldp peer 1 1 1 9 pw id 500 PE2 vsi aaa ldp 1 1 1 9 500 quit PE2 vsi aaa ldp peer 3 3 3 9 pw id 500 PE2 vsi aaa ldp 3 3 3 9 500 quit PE2 vsi aaa ldp quit PE2 vsi aaa quit Create Ethernet service instance 10 on Ten GigabitEthernet 1 0 1 to match all packets PE2 interface ten gigabitethernet 1 0 1 PE2...

Page 404: ... service instance 10 to the VSI aaa PE3 Ten GigabitEthernet1 0 1 srv10 xconnect vsi aaa Verifying the configuration Verify that two LDP PWs in up state have been established on PE 1 PE1 display l2vpn pw verbose VSI Name aaa Peer 2 2 2 9 PW ID 500 Signaling Protocol LDP Link ID 8 PW State Up In Label 131179 Out Label 131179 MTU 1500 PW Attributes Main VCCV CC VCCV BFD Tunnel Group ID 0x180000026000...

Page 405: ...tise VPLS label block information PE1 bgp 100 PE1 bgp peer 2 2 2 9 as number 100 PE1 bgp peer 2 2 2 9 connect interface loopback 0 PE1 bgp peer 3 3 3 9 as number 100 PE1 bgp peer 3 3 3 9 connect interface loopback 0 PE1 bgp address family l2vpn PE1 bgp l2vpn peer 2 2 2 9 enable PE1 bgp l2vpn peer 3 3 3 9 enable PE1 bgp l2vpn quit PE1 bgp quit Enable L2VPN PE1 l2vpn enable Configure the VSI aaa to ...

Page 406: ...PE 3 and use BGP to advertise VPLS label block information PE2 bgp 100 PE2 bgp peer 1 1 1 9 as number 100 PE2 bgp peer 1 1 1 9 connect interface loopback 0 PE2 bgp peer 3 3 3 9 as number 100 PE2 bgp peer 3 3 3 9 connect interface loopback 0 PE2 bgp address family l2vpn PE2 bgp l2vpn peer 1 1 1 9 enable PE2 bgp l2vpn peer 3 3 3 9 enable PE2 bgp l2vpn quit PE2 bgp quit Enable L2VPN PE2 l2vpn enable ...

Page 407: ...bgp l2vpn peer 2 2 2 9 enable PE3 bgp l2vpn quit PE3 bgp quit Enable L2VPN PE3 l2vpn enable Configure the VSI aaa to use BGP to establish BGP PWs to PE 1 and PE 2 PE3 vsi aaa PE3 vsi aaa auto discovery bgp PE3 vsi aaa auto route distinguisher 1 1 PE3 vsi aaa auto vpn target 1 1 PE3 vsi aaa auto signaling protocol bgp PE3 vsi aaa auto bgp site 3 range 10 default offset 0 PE3 vsi aaa auto bgp quit P...

Page 408: ...up ID 0x1800000060000000 Tunnel NHLFE IDs 136 Display VPLS label block information received from PE 2 and PE 3 on PE 1 PE1 display l2vpn bgp verbose VSI Name aaa Remote Site ID 2 Offset 0 RD 1 1 PW State Up Encapsulation BGP VPLS MTU 1500 Nexthop 2 2 2 9 Local VC Label 131195 Remote VC Label 131225 Link ID 9 Local Label Block 131193 10 0 Remote Label Block 131224 10 0 Export Route Target 1 1 Remot...

Page 409: ...igure PE 1 Configure basic MPLS PE1 system view PE1 interface loopback 0 PE1 LoopBack0 ip address 1 1 1 9 32 PE1 LoopBack0 quit PE1 mpls lsr id 1 1 1 9 PE1 mpls ldp PE1 ldp quit Establish IBGP connections to PE 1 and PE 2 and use BGP to advertise VPLS PE information PE1 bgp 100 PE1 bgp peer 2 2 2 9 as number 100 PE1 bgp peer 2 2 2 9 connect interface loopback 0 PE1 bgp peer 3 3 3 9 as number 100 P...

Page 410: ... Ten GigabitEthernet1 0 1 srv10 xconnect vsi aaa 3 Configure PE 2 Configure basic MPLS PE2 system view PE2 interface loopback 0 PE2 LoopBack0 ip address 2 2 2 9 32 PE2 LoopBack0 quit PE2 mpls lsr id 2 2 2 9 PE2 mpls ldp PE2 ldp quit Establish IBGP connections to PE 1 and PE 3 and use BGP to advertise VPLS PE information PE2 bgp 100 PE2 bgp peer 1 1 1 9 as number 100 PE2 bgp peer 1 1 1 9 connect in...

Page 411: ...BGP to advertise VPLS PE information PE3 bgp 100 PE3 bgp peer 1 1 1 9 as number 100 PE3 bgp peer 1 1 1 9 connect interface loopback 0 PE3 bgp peer 2 2 2 9 as number 100 PE3 bgp peer 2 2 2 9 connect interface loopback 0 PE3 bgp address family l2vpn PE3 bgp l2vpn peer 1 1 1 9 enable PE3 bgp l2vpn peer 2 2 2 9 enable PE3 bgp l2vpn quit PE3 bgp quit Enable L2VPN PE3 l2vpn enable Configure the VSI aaa ...

Page 412: ...Tunnel NHLFE IDs 139 Peer 3 3 3 9 VPLS ID 100 100 Signaling Protocol LDP Link ID 9 PW State Up In Label 131154 Out Label 131116 MTU 1500 PW Attributes Main VCCV CC VCCV BFD Tunnel Group ID 0x1800000160000001 Tunnel NHLFE IDs 140 Display LDP PW label information on PE 1 PE1 display l2vpn ldp verbose Peer 2 2 2 9 VPLS ID 100 100 VSI Name aaa PW State Up PW Status Communication Notification method PW...

Page 413: ...warding H VPLS using access configuration example Network requirements Configure an H VPLS network using MPLS access to avoid full mesh PW configuration The H VPLS uses LDP as the PW signaling protocol Figure 103 Network diagram Configuration procedure 1 Configure an IGP and public tunnels on each PE Details not shown 2 Configure UPE Configure basic MPLS UPE system view UPE interface loopback 0 UP...

Page 414: ...gure basic MPLS NPE1 system view NPE1 interface loopback 0 NPE1 LoopBack0 ip address 2 2 2 9 32 NPE1 LoopBack0 quit NPE1 mpls lsr id 2 2 2 9 NPE1 mpls ldp NPE1 ldp quit Enable L2VPN NPE1 l2vpn enable Configure VSI aaa that uses LDP as the PW signaling protocol establish a U PW to the UPE and establish N PWs to NPE 2 and NPE 3 NPE1 vsi aaa NPE1 vsi aaa pwsignaling ldp NPE1 vsi aaa ldp peer 1 1 1 9 ...

Page 415: ...Ten GigabitEthernet1 0 1 srv10 xconnect vsi aaa 5 Configure NPE 3 Configure basic MPLS NPE3 system view NPE3 interface loopback 0 NPE3 LoopBack0 ip address 4 4 4 9 32 NPE3 LoopBack0 quit NPE3 mpls lsr id 4 4 4 9 NPE3 mpls ldp NPE3 ldp quit Enable L2VPN NPE3 l2vpn enable Configure VSI aaa that uses LDP as the PW signaling protocol and establish N PWs to NPE 1 and NPE 2 NPE3 vsi aaa NPE3 vsi aaa pws...

Page 416: ...1 9 PW ID 500 Signaling Protocol LDP Link ID 8 PW State Up In Label 131177 Out Label 131177 MTU 1500 PW Attributes Main No split horizon VCCV CC VCCV BFD Tunnel Group ID 0x1800000460000000 Tunnel NHLFE IDs 130 Peer 3 3 3 9 PW ID 500 Signaling Protocol LDP Link ID 9 PW State Up In Label 131176 Out Label 131175 MTU 1500 PW Attributes Main VCCV CC VCCV BFD Tunnel Group ID 0x1800000560000001 Tunnel NH...

Page 417: ...ttributes Main VCCV CC VCCV BFD Tunnel Group ID 0x1800000670000000 Tunnel NHLFE IDs 132 NPE3 display l2vpn pw verbose VSI Name aaa Peer 2 2 2 9 PW ID 500 Signaling Protocol LDP Link ID 8 PW State Up In Label 131179 Out Label 131178 MTU 1500 PW Attributes Main VCCV CC VCCV BFD Tunnel Group ID 0x1800000660000000 Tunnel NHLFE IDs 131 Peer 3 3 3 9 PW ID 500 Signaling Protocol LDP Link ID 9 PW State Up...

Page 418: ...iagram Configuration procedure 1 Configure an IGP and public tunnels on each PE Details not shown 2 Configure UPE Configure basic MPLS UPE system view UPE interface loopback 0 UPE LoopBack0 ip address 1 1 1 1 32 UPE LoopBack0 quit UPE mpls lsr id 1 1 1 1 UPE mpls ldp UPE ldp quit Enable L2VPN UPE l2vpn enable Configure VSI aaa that uses LDP as the PW signaling protocol and establish the primary PW...

Page 419: ...ce Ten GigabitEthernet 1 0 2 the interface connected to CE 2 create an Ethernet service instance and bind the Ethernet service instance to VSI aaa UPE interface ten gigabitethernet 1 0 2 UPE Ten GigabitEthernet1 0 2 service instance 1000 UPE Ten GigabitEthernet1 0 2 srv1000 encapsulation s vid 11 UPE Ten GigabitEthernet1 0 2 srv1000 xconnect vsi aaa UPE Ten GigabitEthernet1 0 2 srv1000 quit 3 Conf...

Page 420: ...aaa ldp 2 2 2 2 500 quit NPE2 vsi aaa ldp peer 4 4 4 4 pw id 500 NPE2 vsi aaa ldp 4 4 4 4 500 quit NPE2 vsi aaa ldp quit NPE2 vsi aaa quit 5 Configure NPE 3 Configure basic MPLS NPE3 system view NPE3 interface loopback 0 NPE3 LoopBack0 ip address 4 4 4 4 32 NPE3 LoopBack0 quit NPE3 mpls lsr id 4 4 4 4 NPE3 mpls ldp NPE3 ldp quit Enable L2VPN NPE3 l2vpn enable Configure VSI aaa that uses LDP as the...

Page 421: ...lished on each PE UPE display l2vpn pw verbose VSI Name aaa Peer 2 2 2 2 PW ID 500 Signaling Protocol LDP Link ID 8 PW State Up In Label 131151 Out Label 131279 Wait to Restore Time 0 sec MTU 1500 PW Attributes Main VCCV CC VCCV BFD Tunnel Group ID 0x1800000260000002 Tunnel NHLFE IDs 137 Peer 3 3 3 3 PW ID 500 Signaling Protocol LDP Link ID 8 PW State Blocked In Label 131150 Out Label 131279 MTU 1...

Page 422: ... IDs 138 NPE2 display l2vpn pw verbose VSI Name aaa Peer 1 1 1 1 PW ID 500 Signaling Protocol LDP Link ID 8 PW State Up In Label 131279 Out Label 131150 MTU 1500 PW Attributes Main No split horizon VCCV CC VCCV BFD Tunnel Group ID 0x180000060000000 Tunnel NHLFE IDs 136 Peer 2 2 2 2 PW ID 500 Signaling Protocol LDP Link ID 9 PW State Up In Label 131290 Out Label 131280 MTU 1500 PW Attributes Main V...

Page 423: ...l LDP Link ID 8 PW State Up In Label 131279 Out Label 131278 MTU 1500 PW Attributes Main VCCV CC VCCV BFD Tunnel Group ID 0x180000060000000 Tunnel NHLFE IDs 136 Peer 3 3 3 3 PW ID 500 Signaling Protocol LDP Link ID 9 PW State Up In Label 131278 Out Label 131278 MTU 1500 PW Attributes Main VCCV CC VCCV BFD Tunnel Group ID 0x1800000160000001 Tunnel NHLFE IDs 137 ...

Page 424: ...tunnel is available for data forwarding and an MPLS echo reply with an error code indicates that the tunnel has failed MPLS tracert MPLS tracert displays the path that an MPLS LSP tunnel travels from the ingress node to the egress node to locate errors on the tunnel MPLS tracert consecutively sends MPLS echo requests along the LSP tunnel with the TTL increasing from 1 to a specific value Each hop ...

Page 425: ... or MPLS TE tunnel from the local device to the remote device A PW is bidirectional You will get the correct result using either the static or dynamic mode Periodic MPLS tracert The periodic MPLS tracert function automatically traces an LSP tunnel at a specific interval It locates errors on the LSP tunnel verifies the consistency of the data plane and control plane and records the detected errors ...

Page 426: ...ble 36 Configurations on the local and remote devices BFD session establishment mode Node type Execute the mpls bfd enable command Execute the mpls bfd command Configure the discriminator keyword Static mode Local Yes Yes Yes Remote Yes Yes Yes Dynamic mode Local Yes Yes No Remote Yes No N A Follow these guidelines to configure BFD for an LSP tunnel To establish a static BFD session ensure that th...

Page 427: ...uring periodic MPLS tracert for LSPs Step Command Remarks 1 Enter system view system view N A 2 Enable BFD for MPLS mpls bfd enable By default BFD for MPLS is disabled 3 Enable periodic LSP tracert for an FEC mpls periodic tracert dest addr mask length a source ip exp exp value h ttl value m wait time rtos tos value t time out u retry attempt fec check By default periodic LSP tracert is disabled C...

Page 428: ...able BFD for MPLS mpls bfd enable By default BFD for MPLS is disabled 3 Enter the view of the MPLS TE tunnel interface interface tunnel number N A 4 Configure BFD to verify MPLS TE tunnel connectivity mpls bfd discriminator local local id remote remote id template template name By default BFD is not configured to verify MPLS TE tunnel connectivity Configuring MPLS OAM for a PW Virtual Circuit Conn...

Page 429: ...on type to verify the PW connectivity Otherwise the PEs do not use BFD to verify the PW connectivity If both PEs have specified the same VCCV CC type the specified VCCV CC type is used Otherwise the PEs do not use any CC and they cannot establish a BFD session for the PW Configuring BFD for an MPLS L2VPN PW Perform this task to use BFD to verify the connectivity of a static PW or an LDP PW of MPLS...

Page 430: ...d remote discriminators for the BFD session used to verify the connectivity of the backup PW bfd discriminator local local id remote remote id By default no local and remote discriminators are configured Make sure the local discriminator and remote discriminator configured on the local PE are the same as the remote discriminator and local discriminator configured on the remote PE respectively Conf...

Page 431: ...d 12 Optional Configure the local and remote discriminators for the BFD session used to verify the connectivity of the backup PW bfd discriminator local local id remote remote id By default no local and remote discriminators are configured Make sure the local discriminator and remote discriminator configured on the local PE are the same as the remote discriminator and local discriminator configure...

Page 432: ...class name tunnel policy tunnel policy name By default no backup VPLS PW is configured 12 Optional Configure the local and remote discriminators for the BFD session used to verify the connectivity of the backup PW bfd discriminator local local id remote remote id By default no local and remote discriminators are configured Make sure the local discriminator and remote discriminator configured on th...

Page 433: ... 1 area 0 0 0 0 network 2 2 2 9 0 0 0 0 SwitchB ospf 1 area 0 0 0 0 network 10 1 1 0 0 0 0 255 SwitchB ospf 1 area 0 0 0 0 network 20 1 1 0 0 0 0 255 SwitchB ospf 1 area 0 0 0 0 quit SwitchB ospf 1 quit Configure Switch C SwitchC system view SwitchC ospf SwitchC ospf 1 area 0 SwitchC ospf 1 area 0 0 0 0 network 3 3 3 9 0 0 0 0 SwitchC ospf 1 area 0 0 0 0 network 20 1 1 0 0 0 0 255 SwitchC ospf 1 a...

Page 434: ...s ldp enable SwitchC Vlan interface3 quit 4 Enable BFD for MPLS and configure BFD to verify LSP connectivity Configure Switch A SwitchA mpls bfd enable SwitchA mpls bfd 3 3 3 9 32 Configure Switch C SwitchC mpls bfd enable SwitchC mpls bfd 1 1 1 9 32 Verifying the configuration Display BFD information for LSPs on Switch A and Switch C for example on Switch A SwitchA display mpls bfd Total number o...

Page 435: ...vity of the primary PW When the primary PW fails CE 1 and CE 2 communicate through the backup PW Figure 106 Network diagram Table 38 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 Vlan int10 100 1 1 1 24 PE 2 Loop0 2 2 2 2 32 PE 1 Loop0 1 1 1 1 32 Vlan int12 12 1 1 2 24 Vlan int12 12 1 1 1 24 PE 3 Loop0 3 3 3 3 32 Vlan int13 13 1 1 1 24 Vlan int13 ...

Page 436: ...n interface13 mpls enable PE1 Vlan interface13 mpls ldp enable PE1 Vlan interface13 quit Configure OSPF for LDP to create LSPs PE1 ospf PE1 ospf 1 area 0 PE1 ospf 1 area 0 0 0 0 network 1 1 1 1 0 0 0 0 PE1 ospf 1 area 0 0 0 0 network 12 1 1 0 0 0 0 255 PE1 ospf 1 area 0 0 0 0 network 13 1 1 0 0 0 0 255 PE1 ospf 1 area 0 0 0 0 quit PE1 ospf 1 quit Enable L2VPN PE1 l2vpn enable Enable BFD for MPLS P...

Page 437: ...ddress 2 2 2 2 32 PE2 LoopBack0 quit PE2 mpls lsr id 2 2 2 2 Enable global MPLS LDP PE2 mpls ldp PE2 ldp quit Establish an LDP session with PE 1 PE2 interface vlan interface 12 PE2 Vlan interface12 ip address 12 1 1 2 24 PE2 Vlan interface12 mpls enable PE2 Vlan interface12 mpls ldp enable PE2 Vlan interface12 quit Configure OSPF for LDP to create LSPs PE2 ospf PE2 ospf 1 area 0 PE2 ospf 1 area 0 ...

Page 438: ... global MPLS LDP PE3 mpls ldp PE3 ldp quit Establish an LDP session with PE 1 PE3 interface vlan interface 13 PE3 Vlan interface13 ip address 13 1 1 3 24 PE3 Vlan interface13 mpls enable PE3 Vlan interface13 mpls ldp enable PE3 Vlan interface13 quit Configure OSPF for LDP to create LSPs PE3 ospf PE3 ospf 1 area 0 PE3 ospf 1 area 0 0 0 0 network 13 1 1 0 0 0 0 255 PE3 ospf 1 area 0 0 0 0 network 3 ...

Page 439: ...utput shows that a PW has been established PE2 display l2vpn pw Flags M main B backup H hub link S spoke link N no split horizon Total number of PWs 1 1 up 0 blocked 0 down 0 defect Xconnect group Name vpna Peer PW ID In Out Label Proto Flag Link ID State 1 1 1 1 20 65779 65651 LDP M 1 Up Display L2VPN PW information on PE 3 The output shows that a PW has been established PE3 display l2vpn pw Flag...

Page 440: ... Type PW FEC 128 FEC Info Peer IP 3 3 3 3 PW ID 3 Connection ID 2147483648 Link ID 1 Local Discr 514 Remote Discr 514 Source IP 1 1 1 1 Destination IP 127 0 0 2 Session State Down Session Role Active Template Name Display L2VPN PW information on PE 1 The output shows that backup PW is in use PE1 display l2vpn pw Flags M main B backup H hub link S spoke link N no split horizon Total number of PWs 2...

Page 441: ...gure 107 Basic MPLS L3VPN architecture A basic MPLS L3VPN architecture has the following types of devices Customer edge device A CE device resides on a customer network and has one or more interfaces directly connected to a service provider network It does not support VPN or MPLS Provider edge device A PE device resides at the edge of a service provider network and connects to one or more CEs All ...

Page 442: ...ing Information Base LFIB An IP routing table Interfaces bound to the VPN instance VPN instance administration information including route distinguishers RDs route targets RTs and route filtering policies To associate a site with a VPN instance bind the VPN instance to the PE s interface connected to the site A site can be associated with only one VPN instance and different sites can associate wit...

Page 443: ...e target attribute MPLS L3VPN uses route target community attributes to control the advertisement of VPN routing information A VPN instance on a PE supports the following types of route target attributes Export target attribute A PE sets the export target attribute for VPN IPv4 routes learned from directly connected sites before advertising them to other PEs Import target attribute A PE checks the...

Page 444: ...terface 3 to VPN 2 The MCE and PE add a received route to the routing table of the VPN instance that is bound to the receiving VLAN interface You can configure static routes RIP OSPF IS IS EBGP or IBGP between an MCE and a VPN site and between an MCE and a PE NOTE To implement dynamic IP assignment for DHCP clients in private networks you can configure DHCP server or DHCP relay agent on the MCE Wh...

Page 445: ...on for the VPN instance description text By default no description is configured for a VPN instance 5 Optional Configure a VPN ID for the VPN instance vpn id vpn id By default no VPN ID is configured for a VPN instance Associating a VPN instance with an interface After creating and configuring a VPN instance associate the VPN instance with the MCE s interface connected to the site and the interfac...

Page 446: ...in the VPN instance is not limited Setting the maximum number of active routes for a VPN instance can prevent the PE from learning too many routes 5 Apply an import routing policy import route policy route policy By default all routes matching the import target attribute are accepted The specified routing policy must have been created For information about routing policies see Layer 3 IP Routing C...

Page 447: ...atic route to a VPN instance so that the static routes of different VPN instances can be isolated from each other To configure a static route to a VPN site Step Command Remarks 1 Enter system view system view N A 2 Configure a static route for a VPN instance ip route static vpn instance s vpn instance name dest address mask length mask interface type interface number next hop address next hop addr...

Page 448: ...efault cost value The default cost is 0 Configuring OSPF between an MCE and a VPN site An OSPF process belongs to the public network or a single VPN instance If you create an OSPF process without binding it to a VPN instance the process belongs to the public network Binding OSPF processes to VPN instances can isolate routes of different VPNs For more information about OSPF see Layer 3 IP Routing C...

Page 449: ...he same VPN on the MCEs 6 Redistribute remote site routes advertised by the PE into OSPF import route protocol process id all processes allow ibgp cost cost nssa only route policy route policy name tag tag type type By default no routes are redistributed into OSPF 7 Optional Configure OSPF to redistribute the default route default route advertise summary cost cost By default OSPF does not redistri...

Page 450: ...tem view quit N A 6 Enter interface view interface interface type interface number N A 7 Enable the IS IS process on the interface isis enable process id By default IS IS is disabled Configuring EBGP between an MCE and a VPN site To run EBGP between an MCE and a VPN site you must configure a BGP peer for each VPN instance on the MCE and redistribute the IGP routes of each VPN instance on the VPN s...

Page 451: ...1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Configure the MCE as an EBGP peer peer group name ip address mask length as number as number N A 4 Enter BGP VPN IPv4 unicast address family view address family ipv4 unicast N A 5 Enable BGP to exchange IPv4 unicast routes with the peer peer group name ip address mask length enable By default BGP does not exchange IPv4 unicas...

Page 452: ... the MCE 8 Redistribute remote site routes advertised by the PE into BGP import route protocol process id all processes med med value route policy route policy name By default no routes are redistributed into BGP 9 Optional Configure filtering of advertised routes filter policy acl number prefix list prefix list name export protocol process id By default BGP does not filter advertised routes 10 Op...

Page 453: ...en an MCE and a PE Step Command Remarks 1 Enter system view system view N A 2 Configure a static route for a VPN instance ip route static vpn instance s vpn instance name dest address mask length mask interface type interface number next hop address next hop address public track track entry number vpn instance d vpn instance name next hop address track track entry number permanent preference prefe...

Page 454: ...e the OSPF domain ID domain id domain id secondary The default domain ID is 0 5 Optional Configure the type codes of OSPF extended community attributes ext community type domain id type code1 router id type code2 route type type code3 The defaults are as follows 0x0005 for Domain ID 0x0107 for Router ID 0x0306 for Route Type 6 Optional Configure the external route tag for imported VPN routes route...

Page 455: ...longs to any area nor runs OSPF Configuring IS IS between an MCE and a PE Step Command Remarks 1 Enter system view system view N A 2 Create an IS IS process for a VPN instance and enter IS IS view isis process id vpn instance vpn instance name N A 3 Configure a network entity title network entity net By default no NET is configured 4 Redistribute VPN routes import route protocol process id all pro...

Page 456: ...ilter advertised routes 9 Optional Configure filtering of received routes filter policy acl number prefix list prefix list name import By default BGP does not filter received routes Configuring IBGP between an MCE and a PE Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Enter BGP VPN instance view ip vpn instance vpn instance name N A 4 Configure the P...

Page 457: ...y bgp peer ipv4 unicast vpn instance vpn instance name ip address mask length ip address group name group name log info ip address verbose standby slot slot number For other MCE related displaying and maintaining commands such as displaying routing table information for a VPN instance and maintaining routing sessions for a VPN instance see Layer 3 IP Routing Command Reference For more information ...

Page 458: ...pn instance vpn1 MCE vpn instance vpn1 route distinguisher 10 1 MCE vpn instance vpn1 vpn target 10 1 MCE vpn instance vpn1 quit MCE ip vpn instance vpn2 MCE vpn instance vpn2 route distinguisher 20 1 MCE vpn instance vpn2 vpn target 20 1 MCE vpn instance vpn2 quit Bind VLAN interface 10 to VPN instance vpn1 and configure an IP address for the VLAN interface MCE interface vlan interface 10 MCE Vla...

Page 459: ...t route with the next hop being 10 214 10 3 VR1 system view VR1 ip route static 0 0 0 0 0 0 0 0 10 214 10 3 On the MCE configure a static route to 192 168 0 0 24 with the next hop 10 214 10 2 Bind the static route to VPN instance vpn1 MCE ip route static vpn instance vpn1 192 168 0 0 24 10 214 10 2 On the MCE display the routing information maintained for VPN instance vpn1 MCE display ip routing t...

Page 460: ...inations 13 Routes 13 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 10 214 20 0 24 Direct 0 0 10 214 20 3 Vlan20 10 214 20 0 32 Direct 0 0 10 214 20 3 Vlan20 10 214 20 3 32 Direct 0 0 127 0 0 1 InLoop0 10 214 20 255 32 Direct 0 0 10 214 20 3 Vlan20 127 0 0 0 8 Direct 0 0 127 0 0 1 InLoop0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 ...

Page 461: ...e MCE and as 100 100 10 1 for PE 1 Specify the loopback interface address as the router ID for the MCE and PE 1 Details not shown Enable OSPF process 10 on the MCE and bind the process to VPN instance vpn1 MCE ospf 10 router id 101 101 10 1 vpn instance vpn1 Disable OSPF routing loop detection MCE ospf 10 vpn instance capability simple Set the domain ID to 10 MCE ospf 10 domain id 10 On the MCE ad...

Page 462: ...0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 On PE 1 display the routing information for VPN 2 The output shows that the routes of OSPF process 2 in VPN 2 have been redistributed to the OSPF routing table of PE 1 PE1 display ip routing table vpn instance vpn2 Destinations 13 Routes 13 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 40 1 1 ...

Page 463: ... Create VPN instances on the MCE and PE 1 and bind the VPN instances to VLAN interfaces For the configuration procedure see Configure the VPN instances on the MCE and PE 1 2 Configure routing between the MCE and VPN sites Enable an OSPF process on the devices in the two VPNs and advertise the subnets Details not shown Configure OSPF on the MCE and bind OSPF process 10 to VPN instance vpn1 to learn...

Page 464: ...es of VPN 2 The configuration procedure is similar to that for OSPF process 10 The output shows that the MCE has learned the private route of VPN 2 through OSPF MCE display ip routing table vpn instance vpn2 Destinations 13 Routes 13 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 10 214 20 0 24 Direct 0 0 10 214 20 3 Vlan20 10 214 20 0 32 Direct 0 0 10 21...

Page 465: ...g the configuration Display the routing information for VPN 1 on PE 1 PE1 display ip routing table vpn instance vpn1 Destinations 13 Routes 13 Destination Mask Proto Pre Cost NextHop Interface 0 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 30 1 1 0 24 Direct 0 0 30 1 1 2 Vlan30 30 1 1 0 32 Direct 0 0 30 1 1 2 Vlan30 30 1 1 2 32 Direct 0 0 127 0 0 1 InLoop0 30 1 1 255 32 Direct 0 0 30 1 1 2 Vlan30 127 0 0...

Page 466: ...p0 127 0 0 0 32 Direct 0 0 127 0 0 1 InLoop0 127 0 0 1 32 Direct 0 0 127 0 0 1 InLoop0 127 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 192 168 10 0 24 BGP 255 3 40 1 1 1 Vlan40 224 0 0 0 4 Direct 0 0 0 0 0 0 NULL0 224 0 0 0 24 Direct 0 0 0 0 0 0 NULL0 255 255 255 255 32 Direct 0 0 127 0 0 1 InLoop0 The MCE has redistributed the OSPF routes of the two VPN instances into the EBGP routing tables of P...

Page 467: ...Configuring route related attributes for a VPN instance Configuring routing on an MCE Required Configuring routing between an MCE and a VPN site Required Configuring routing between an MCE and a PE Configuring VPN instances VPN instances isolate VPN routes from public network routes and routes among VPNs You must configure VPN instances for an MCE network Creating a VPN instance A VPN instance is ...

Page 468: ...g vpn instance vpn instance name By default no VPN instance is associated with an interface The ip binding vpn instance command clears the IP address of the interface Therefore re configure an IP address for the interface after configuring this command Configuring route related attributes for a VPN instance VPN routes are controlled and advertised on a PE by using the following process 1 When a VP...

Page 469: ...ance can prevent the PE from storing too many routes 5 Apply an import routing policy import route policy route policy By default all routes matching the import target attribute are accepted Make sure the routing policy already exists Otherwise the device does not filter received routes For information about routing policies see Layer 3 IP Routing Configuration Guide 6 Apply an export routing poli...

Page 470: ...outing between an MCE and a VPN site Step Command Remarks 1 Enter system view system view N A 2 Configure an IPv6 static route for an IPv6 VPN instance ipv6 route static vpn instance s vpn instance name ipv6 address prefix length interface type interface number next hop address nexthop address public vpn instance d vpn instance name nexthop address permanent preference preference value tag tag val...

Page 471: ...v3 process without binding it to an IPv6 VPN instance the process belongs to the public network By configuring OSPFv3 process to IPv6 VPN instance bindings on a MCE you allow routes of different IPv6 VPNs to be exchanged between the MCE and the sites through different OSPFv3 processes ensuring the separation and security of IPv6 VPN routes For more information about OSPFv3 see Layer 3 IP Routing C...

Page 472: ...N site Step Command Remarks 1 Enter system view system view N A 2 Create an IPv6 IS IS process for a VPN instance and enter IS IS view isis process id vpn instance vpn instance name Perform this configuration on the MCE On a VPN site configure common IPv6 IS IS 3 Configure a network entity title for the IS IS process network entity net By default no NET is configured 4 Enable IPv6 for the IPv6 IS ...

Page 473: ...6 number prefix list ipv6 prefix name export protocol process id By default BGP does not filter advertised routes 9 Optional Configure filtering of received routes filter policy acl6 number prefix list ipv6 prefix name import By default BGP does not filter received routes 2 Configure a VPN site Step Command Remarks 1 Enter system view system view N A 2 Enter BGP view bgp as number N A 3 Configure ...

Page 474: ...ent of the RR peer group name ipv6 address prefix length reflect client By default no RR or RR client is configured After you configure a VPN site as an IBGP peer the MCE does not advertise the BGP routes learned from the VPN site to other IBGP peers including VPNv6 peers The MCE advertises routes learned from a VPN site only when you configure the VPN site as a client of the RR the MCE 8 Redistri...

Page 475: ...v6 VPN routes into the routing protocol running between the MCE and the PE Perform the following configuration tasks on the MCE Configure the PE in the same way that a PE in a basic MPLS L3VPN is configured For more information about configuring the PE see Configuring MPLS L3VPN Configuring IPv6 static routing between an MCE and a PE Step Command Remarks 1 Enter system view system view N A 2 Confi...

Page 476: ...e vpn instance name N A 3 Set the router ID router id router id N A 4 Disable routing loop detection vpn instance capability simple By default routing loop detection is enabled On an MCE network you must disable routing loop detection for an OSPFv3 VRF process Otherwise the MCE does not receive OSPFv3 routes from the PE 5 Optional Configure an OSPFv3 domain ID domain id domain id secondary null Th...

Page 477: ...ute routes from any other routing protocol If you do not specify the route level in the command the command redistributes routes to the level 2 routing table 6 Optional Configure filtering of advertised routes ipv6 filter policy acl6 number prefix list prefix list name route policy route policy name export protocol process id By default IPv6 IS IS does not filter advertised routes 7 Return to syst...

Page 478: ...s number N A 3 Enter BGP VPN instance view ip vpn instance vpn instance name N A 4 Configure the PE as an IBGP peer peer group name ipv6 address prefix length as number as number N A 5 Enter BGP VPN IPv6 unicast address family view address family ipv6 unicast N A 6 Enable BGP to exchange IPv6 unicast routes with the peer peer group name ipv6 address prefix length enable By default BGP does not exc...

Page 479: ...tance vpn instance name ipv6 address prefix length ipv6 address group name group name log info ipv6 address verbose standby slot slot number For commands that display information about a routing table see Layer 3 IP Routing Command Reference For more information about the display bgp group and display bgp peer commands see Layer 3 IP Routing Command Reference IPv6 MCE configuration example Network...

Page 480: ...route targets for each VPN instance MCE system view MCE ip vpn instance vpn1 MCE vpn instance vpn1 route distinguisher 10 1 MCE vpn instance vpn1 vpn target 10 1 MCE vpn instance vpn1 quit MCE ip vpn instance vpn2 MCE vpn instance vpn2 route distinguisher 20 1 MCE vpn instance vpn2 vpn target 20 1 MCE vpn instance vpn2 quit Bind VLAN interface 10 to VPN instance vpn1 and configure an IPv6 address ...

Page 481: ...o the MCE and 2012 1 2 64 to the interface connected to VPN 1 Add ports to VLANs Details not shown On VR 1 configure a default route with the next hop being 2001 1 1 VR1 system view VR1 ipv6 route static 0 2001 1 1 On the MCE configure an IPv6 static route to 2012 1 64 with the next hop 2001 1 2 Bind the static route to VPN instance vpn1 MCE ipv6 route static vpn instance vpn1 2012 1 64 2001 1 2 R...

Page 482: ...on 2012 1 64 Protocol Static NextHop 2001 1 2 Preference 60 Interface Vlan10 Cost 0 Destination FE80 10 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 Destination FF00 8 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 On the MCE display the routing table of VPN instance vpn2 MCE display ipv6 routing table vpn instance vpn2 Destinations 6 Routes 6 Destination 1 128 Protocol...

Page 483: ...0 MCE Vlan interface40 ip binding vpn instance vpn2 MCE Vlan interface40 ipv6 address 40 1 64 MCE Vlan interface40 quit On PE 1 bind VLAN interface 30 to VPN instance vpn1 and configure an IPv6 address for the VLAN interface PE1 interface vlan interface 30 PE1 Vlan interface30 ip binding vpn instance vpn1 PE1 Vlan interface30 ipv6 address 30 2 64 PE1 Vlan interface30 quit On PE 1 bind VLAN interfa...

Page 484: ...nfiguration Display the routing table for VPN instance vpn1 The output shows that PE 1 has learned the private route of VPN 1 through OSPFv3 PE1 display ipv6 routing table vpn instance vpn1 Destinations 6 Routes 6 Destination 1 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 30 64 Protocol Direct NextHop Preference 0 Interface Vlan30 Cost 0 Destination 30 2 128 Prot...

Page 485: ... 0 Destination 40 2 128 Protocol Direct NextHop 1 Preference 0 Interface InLoop0 Cost 0 Destination 2012 64 Protocol OSPFv3 NextHop FE80 200 FF FE0F 5 Preference 150 Interface Vlan40 Cost 1 Destination FE80 10 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 Destination FF00 8 Protocol Direct NextHop Preference 0 Interface NULL0 Cost 0 The routing information for the two VPNs has been a...

Page 486: ...ing you will receive email notification of product enhancements new driver versions firmware updates and other product resources Related information Documents To find related documents browse to the Manuals page of the HP Business Support Center website http www hp com support manuals For related documentation navigate to the Networking section and select a networking category For a complete list ...

Page 487: ...eparated by vertical bars from which you select one choice multiple choices or none 1 n The argument or keyword and argument combination before the ampersand sign can be entered 1 to n times A line that starts with a pound sign is comments GUI conventions Convention Description Boldface Window names button names field names and menu items are in bold text For example the New User window appears cl...

Page 488: ...r a unified wired WLAN module or the switching engine on a unified wired WLAN switch Represents an access point Represents a mesh access point Represents omnidirectional signals Represents directional signals Represents a security product such as a firewall UTM multiservice security gateway or load balancing device Represents a security card such as a firewall load balancing NetStream SSL VPN IPS ...

Page 489: ...53 MPLS TE link attribute IGP TE extension 67 MPLS TE link attribute IS IS TE 67 MPLS TE link attribute OSPF TE 67 MPLS TE traffic forwarding automatic route advertisement forwarding adjacency 55 MPLS TE traffic forwarding automatic route advertisement IGP shortcut 55 MPLS TE tunnel traffic direction automatic route advertisement 75 VPLS BGP label block information advertisement 380 VPLS BGP PE in...

Page 490: ...ation access 404 H VPLS UPE dual homing configuration 409 VPLS BGP PW configuration 395 VPLS configuration 371 376 388 VPLS LDP PW configuration 393 VPLS LDP PW configuration BGP auto discovery 400 VPLS static PW configuration 388 backing up MPLS L3VPN FRR IPv4 route backup VPNv4 route 181 MPLS L3VPN FRR VPNv4 route backup IPv4 route 180 MPLS L3VPN FRR VPNv4 route backup VPNv4 route 180 MPLS TE CR...

Page 491: ...VPN route advertising 454 MPLS L3VPN MP BGP 163 MPLS L3VPN nested VPN 197 243 MPLS L3VPN OSPF sham link 178 259 MPLS L3VPN route target attributes 163 434 VPLS BGP label block information advertisement 380 VPLS BGP PW configuration 380 395 VPLS BGP PW creation 381 VPLS LDP PW configuration BGP auto discovery 382 400 VPLS LDP PW creation BGP auto discovery 383 VPLS PE information advertisement 382 ...

Page 492: ... VPN option C PE 289 IPv6 MPLS L3VPN inter AS IPv6 VPN option C routing policy 289 IPv6 MPLS L3VPN inter AS option A 299 IPv6 MPLS L3VPN inter AS option C 304 IPv6 MPLS L3VPN loopback interface 290 IPv6 MPLS L3VPN MCE 458 IPv6 MPLS L3VPN MCE routing 461 IPv6 MPLS L3VPN MCE VPN site routing 461 IPv6 MPLS L3VPN MCE VPN site static routing 461 IPv6 MPLS L3VPN MCE PE EBGP 468 IPv6 MPLS L3VPN MCE PE IB...

Page 493: ...1 264 MPLS L3VPN BGP VPNv4 route control 190 MPLS L3VPN carrier s carrier 235 MPLS L3VPN FRR 201 MPLS L3VPN FRR IPv4 route VPNv4 route backup 270 MPLS L3VPN FRR VPNv4 route IPv4 route backup 272 MPLS L3VPN FRR VPNv4 route route backup 268 MPLS L3VPN HoVPN 198 252 MPLS L3VPN hub spoke network 21 1 MPLS L3VPN inter AS option A 218 MPLS L3VPN inter AS option B 223 MPLS L3VPN inter AS option C 228 MPL...

Page 494: ...ribute advertisement IS IS TE 67 MPLS TE link attribute advertisement OSPF TE 67 MPLS TE RSVP TE RSVP resource reservation style 74 MPLS TE traffic forwarding 75 MPLS TE tunnel affinity attribute 68 MPLS TE tunnel automatic route advertisement traffic direction forwarding adjacency 76 MPLS TE tunnel automatic route advertisement traffic direction IGP shortcut 75 MPLS TE tunnel constraints 68 MPLS ...

Page 495: ...LSP path selection metric type 70 MPLS TE CRLSP reoptimization 71 MPLS TE CRLSP route pinning 71 MPLS TE dynamic implementation 53 MPLS TE FRR 58 58 78 MPLS TE FRR bypass tunnel on PLR 78 MPLS TE FRR link protection 58 58 MPLS TE FRR manual bypass tunnel 1 12 MPLS TE FRR node fault detection 82 MPLS TE FRR node protection 58 MPLS TE FRR optimal bypass tunnel selection interval 82 MPLS TE IETF DS T...

Page 496: ...5 MPLS L3VPN PE CE RIP 185 MPLS L3VPN PE CE routing 184 MPLS L3VPN PE CE static routing 184 MPLS L3VPN PE PE routing 189 provider device See provider edge device See PEP static CRLSP configuration 132 DiffServ aware TE See DS TE discovering LDP discovery message type 16 LDP peer basic discovery 17 LDP peer extended discovery 17 LDP session parameters Basic Discovery 26 LDP session parameters Exten...

Page 497: ...tistics on Ethernet service instance 387 RSVP 142 RSVP BFD 147 VPLS L2VPN 377 establishing MPLS LSP 3 MPLS TE inter AS tunnel with RSVP TE 94 MPLS TE tunnel over static CRLSP 84 MPLS TE tunnel with RSVP TE 70 88 RSVP TE tunnel 148 Ethernet H VPLS access mode 374 exclusive tunnel MPLS 157 EXPLICIT_ROUTE object RSVP TE 139 exporting IPv6 MPLS L3VPN VPN instance route related attributes 279 MPLS L3VP...

Page 498: ...FRR configuration IPv4 route VPNv4 route backup 270 MPLS L3VPN FRR configuration VPNv4 route IPv4 route backup 272 MPLS L3VPN FRR configuration VPNv4 route route backup 268 MPLS L3VPN FRR IPv4 route backup VPNv4 route 181 MPLS L3VPN FRR VPNv4 route backup IPv4 route 180 MPLS L3VPN FRR VPNv4 route backup VPNv4 route 180 MPLS TE 58 MPLS TE auto FRR configuration 1 17 MPLS TE FRR bypass CRLSP 58 MPLS...

Page 499: ...ETF DS TE MPLS TE DiffServ aware TE mode 59 MPLS TE IETF DS TE configuration 124 IGP LDP IGP synchronization 22 32 MPLS TE attribute advertisement 54 MPLS TE CRLSP flooding 72 MPLS TE link attribute advertisement IGP TE extension 67 MPLS TE link attribute advertisement IS IS TE 67 MPLS TE link attribute advertisement OSPF TE 67 MPLS TE traffic forwarding automatic route advertisement IGP shortcut ...

Page 500: ...1 LDP NSR configuration 32 LDP operation 17 LDP session parameters 26 LDP session protection 31 LDP session reset 35 LDP SNMP notification 35 LDP IGP synchronization 22 32 LDP IS IS synchronization 34 LDP OSPF synchronization 33 MPLS basics configuration 1 5 static LSP configuration 12 13 IPv4 MPLS L3VPN FRR IPv4 route backup VPNv4 route 181 MPLS L3VPN FRR VPNv4 route backup IPv4 route 180 MPLS L3...

Page 501: ...ciation 278 459 VPN instance route related attributes 279 459 IS IS LDP IS IS synchronization 34 MPLS L3VPN MCE PE IS IS 446 MPLS L3VPN MCE VPN site IS IS 440 MPLS L3VPN PE CE IS IS configuration 186 MPLS TE attribute advertisement 54 MPLS TE link attribute advertisement IS IS TE 67 ISP MPLS L3VPN inter AS VPN 167 MPLS L3VPN inter AS VPN option A 168 MPLS L3VPN nested VPN 173 K keepalive parameter...

Page 502: ...tention modes 19 label space 16 link hello timer 25 loop detection configuration 31 LSP configuration 36 LSP establishment 17 LSP generation policy 28 MD5 authentication 27 message types 16 MPLS L2VPN BGP PW 347 MPLS L2VPN configuration 339 MPLS L2VPN LDP PW 331 343 MPLS L2VPN LDP PW redundancy 336 354 MPLS L2VPN multi segment PW configuration inter domain 364 MPLS L2VPN multi segment PW configura...

Page 503: ... route redistribution 200 loose explicit path MPLS TE configuration 69 LSA troubleshooting MPLS TE no TE LSA generated 131 LSP dynamic LSP establishment 3 exclusive tunnel configuration 157 LDP configuration 16 23 36 LDP label acceptance control 40 LDP label advertisement control 44 LDP loop detection 31 LDP LSP configuration 36 LDP LSP establishment 17 LDP LSP generation policy 28 MPLS control pl...

Page 504: ...splaying 448 IPv6 MPLS L3VPN MCE routing 461 IPv6 MPLS L3VPN MCE VPN site EBGP 463 IPv6 MPLS L3VPN MCE VPN site IBGP 465 IPv6 MPLS L3VPN MCE VPN site IPv6 IS IS 463 IPv6 MPLS L3VPN MCE VPN site OSPFv3 462 IPv6 MPLS L3VPN MCE VPN site RIPng 461 IPv6 MPLS L3VPN MCE VPN site routing 461 IPv6 MPLS L3VPN MCE VPN site static routing 461 IPv6 MPLS L3VPN MCE PE EBGP 468 IPv6 MPLS L3VPN MCE PE IBGP 469 IPv...

Page 505: ... 21 1 MPLS basic concepts 1 basics configuration 1 5 control plane 2 display 10 displaying tunnel information 157 egress label type advertisement 7 enable 6 exclusive tunnel configuration 157 FEC 1 FEC label format 1 forwarding plane 2 forwarding process 4 forwarding statistics enable 10 IPv4 LDP label acceptance control 40 IPv4 LDP label advertisement control 44 IPv4 LDP LSP configuration 36 L2VP...

Page 506: ...configuration intra domain 360 network models 324 PW class configuration 331 PW configuration 331 PW redundancy 325 PW redundancy configuration 335 PW VCCV 328 remote CCC connection configuration 351 static PW configuration 331 339 static PW redundancy configuration 336 VPLS configuration 376 388 VPLS MAC address learning 386 VPLS static PW configuration 388 MPLS L3VPN architecture 161 432 basic c...

Page 507: ...E routing 184 PE CE static routing 184 PE PE routing 189 protocols and standards 181 route advertisement 163 routing loop avoidance 177 site 162 433 SNMP notification enable 204 VPN instance 162 433 VPN instance configuration 182 436 VPN instance creation 182 436 VPN instance interface association 183 436 VPN instance route related attribute configuration 437 VPN instance route related attributes ...

Page 508: ...92 IPv6 MPLS L3VPN inter AS option A 299 IPv6 MPLS L3VPN inter AS option C 304 IPv6 MPLS L3VPN OSPFv3 sham link 317 link attribute advertisement IGP TE extension 67 link attribute advertisement IS IS TE 67 link attribute advertisement OSPF TE 67 link attribute configuration 66 maintain 83 make before break 56 MPLS L3VPN 206 MPLS L3VPN basics 206 MPLS L3VPN BGP AS number substitution 264 MPLS L3VPN...

Page 509: ... carrier s carrier 310 IPv6 MPLS L3VPN configuration 292 IPv6 MPLS L3VPN features 276 IPv6 MPLS L3VPN inter AS IPv6 VPN 288 IPv6 MPLS L3VPN inter AS IPv6 VPN option A 288 IPv6 MPLS L3VPN inter AS IPv6 VPN option C 288 IPv6 MPLS L3VPN inter AS option A 299 IPv6 MPLS L3VPN inter AS option C 304 IPv6 MPLS L3VPN logging for BGP route flapping 291 IPv6 MPLS L3VPN loopback address redistribution 290 IPv...

Page 510: ...n 334 MPLS L2VPN cross connect configuration 330 330 MPLS L2VPN cross connect AC binding 335 335 MPLS L2VPN LDP PW 331 343 MPLS L2VPN LDP PW redundancy 336 354 MPLS L2VPN MAC address software learning 337 MPLS L2VPN multi segment PW 326 MPLS L2VPN multi segment PW configuration inter domain 364 MPLS L2VPN multi segment PW configuration intra domain 360 MPLS L2VPN network models 324 MPLS L2VPN PW c...

Page 511: ...3VPN PE CE IBGP 188 MPLS L3VPN PE CE IS IS 186 MPLS L3VPN PE CE OSPF 185 MPLS L3VPN PE CE RIP 185 MPLS L3VPN PE CE routing 184 MPLS L3VPN PE CE static routing 184 MPLS L3VPN PE PE routing 189 MPLS L3VPN route advertisement 163 MPLS L3VPN routing loop avoidance 177 MPLS L3VPN site 162 433 MPLS L3VPN SNMP notification 204 MPLS L3VPN VPN instance 162 182 433 MPLS L3VPN VPN instance configuration 436 ...

Page 512: ...9 393 VPLS LDP PW configuration BGP auto discovery 382 400 VPLS MAC address learning 386 VPLS PW class 379 VPLS PW configuration 379 VPLS static PW configuration 379 388 VPLS VSI configuration 378 VPLS VSI AC binding 384 network management IPv6 MCE configuration 470 IPv6 MPLS L3VPN 277 292 IPv6 MPLS L3VPN configuration 275 IPv6 MPLS L3VPN MCE 458 LDP configuration 16 23 36 MCE configuration 448 MP...

Page 513: ... OSPFv3 281 IPv6 MPLS L3VPN sham link 290 P P device MPLS L3VPN architecture 161 432 P2P MPLS L2VPN configuration 323 MPLS L2VPN static PW configuration 339 packet IPv6 MPLS L3VPN packet forwarding 275 LDP FRR 23 LDP FRR configuration 35 MPLS control plane 2 MPLS egress label type advertisement 7 MPLS FEC 1 MPLS FEC label format 1 MPLS forwarding plane 2 MPLS forwarding process 4 MPLS L3VPN packet...

Page 514: ... VPN route advertising 454 MPLS L3VPN MCE OSPF VPN route advertising 448 MPLS L3VPN MCE routing 438 MPLS L3VPN MCE PE EBGP 447 MPLS L3VPN MCE PE IBGP configuration 447 MPLS L3VPN MCE PE IS IS 446 MPLS L3VPN MCE PE OSPF 445 MPLS L3VPN MCE PE RIP 444 MPLS L3VPN MCE PE routing 444 MPLS L3VPN MCE PE static routing 444 MPLS L3VPN MP BGP 163 MPLS L3VPN nested VPN 173 197 MPLS L3VPN OSPF area PE CE confi...

Page 515: ...LS L3VPN inter AS option A 299 configuring IPv6 MPLS L3VPN inter AS option C 304 configuring IPv6 MPLS L3VPN loopback interface 290 configuring IPv6 MPLS L3VPN MCE routing 461 configuring IPv6 MPLS L3VPN MCE VPN site routing 461 configuring IPv6 MPLS L3VPN MCE VPN site static routing 461 configuring IPv6 MPLS L3VPN MCE PE EBGP 468 configuring IPv6 MPLS L3VPN MCE PE IBGP 469 configuring IPv6 MPLS L...

Page 516: ... PW inter domain 364 configuring MPLS L2VPN multi segment PW intra domain 360 configuring MPLS L2VPN PW 331 configuring MPLS L2VPN PW class 331 configuring MPLS L2VPN PW redundancy 335 configuring MPLS L2VPN remote CCC connection 351 configuring MPLS L2VPN static PW 331 339 configuring MPLS L2VPN static PW redundancy 336 configuring MPLS L3VPN 181 configuring MPLS L3VPN basics 182 206 configuring ...

Page 517: ...OAM ping for PW 419 configuring MPLS OAM tracert for LSP 417 configuring MPLS OAM tracert for LSP periodic 418 configuring MPLS TE 62 configuring MPLS TE auto FRR 1 17 configuring MPLS TE automatic bandwidth adjustment 74 configuring MPLS TE bidirectional tunnel 76 102 configuring MPLS TE CRLSP backup 77 108 configuring MPLS TE CRLSP flooding interval 72 configuring MPLS TE CRLSP flooding threshol...

Page 518: ...uto discovery 382 400 configuring VPLS MAC address learning 386 configuring VPLS PW 379 configuring VPLS PW class 379 configuring VPLS static PW 379 388 configuring VPLS UPE dual homing 385 configuring VPLS UPE dual homing redundant LDP PWs 386 configuring VPLS UPE dual homing redundant static PWs 385 configuring VPLS VSI 378 controlling MPLS TE CRLSP path selection 70 controlling MPLS TE tunnel s...

Page 519: ...LSA generated 131 propagating MPLS L3VPN nested VPN information 174 MPLS TTL propagation 8 protocols and standards IPv6 MPLS L3VPN 277 LDP 23 MPLS 5 MPLS L3VPN 181 MPLS OAM 416 MPLS TE 62 RSVP 142 provider device See P device edge device See PE PSC MPLS TE bidirectional tunnel 61 Pseudo Wire Emulation Edge to Edge Use PWE3 pseudowire See PW public tunnel MPLS L2VPN 323 PW BGP PW configuration 380 ...

Page 520: ...anism 140 RSVP Srefresh configuration 143 RSVP Srefresh mechanism 140 reliable message delivery RSVP 140 143 remote MPLS L2VPN BGP PW remote CCC connection 334 MPLS L2VPN remote CCC connection configuration 351 MPLS L2VPN remote connection configuration 328 reoptimizing MPLS TE tunnel reoptimization 57 resetting LDP session 35 Resource Reservation Protocol Use RSVP restrictions MPLS TE FRR bypass ...

Page 521: ...PFv3 sham link 317 IPv6 MPLS L3VPN packet forwarding 275 IPv6 MPLS L3VPN PE CE EBGP 283 IPv6 MPLS L3VPN PE CE IBGP 284 IPv6 MPLS L3VPN PE CE routing 280 IPv6 MPLS L3VPN PE CE IPv6 IS IS 283 IPv6 MPLS L3VPN PE CE OSPFv3 281 IPv6 MPLS L3VPN PE CE RIPng 280 IPv6 MPLS L3VPN PE CE static routing 280 IPv6 MPLS L3VPN PE PE routing 286 IPv6 MPLS L3VPN routing information advertisement 276 IPv6 MPLS L3VPN ...

Page 522: ...inter AS tunnel with RSVP TE 94 MPLS TE make before break 56 MPLS TE route pinning 57 MPLS TE traffic forwarding 55 75 MPLS TE tunnel over static CRLSP 84 MPLS TE tunnel traffic direction automatic route advertisement 75 MPLS TE tunnel traffic direction static routing 75 MPLS TE tunnel with RSVP TE 88 RSVP configuration 139 142 148 RSVP GR configuration 152 RSVP TE EXPLICIT_ROUTE object 139 RSVP T...

Page 523: ...PLS TE tunnel setup retry 73 sham link IPv6 MPLS L3VPN OSPF sham link configuration 290 IPv6 MPLS L3VPN OSPF sham link creation 290 IPv6 MPLS L3VPN OSPFv3 sham link 317 MPLS L3VPN OSPF sham link 259 MPLS L3VPN OSPF sham link configuration 199 MPLS L3VPN OSPF sham link creation 200 site MPLS L3VPN 162 433 SNMP MPLS L3VPN notification 204 MPLS SNMP notifications 10 software MPLS L2VPN MAC address so...

Page 524: ...P 84 MPLS TE tunnel with RSVP TE 88 synchronizing LDP IGP synchronization 22 32 LDP IS IS synchronization 34 LDP OSPF synchronization 33 T targeted hello LDP 25 TCP LDP session 16 TE database See TEDB TEDB MPLS TE attribute advertisement 54 MPLS TE CSPF calculation 54 timer LDP backoff delay 27 LDP link hello 25 25 LDP targeted hello 25 25 topology MPLS network architecture 3 static LSP configurat...

Page 525: ...er static CRLSP 84 MPLS TE tunnel reoptimization 57 MPLS TE tunnel setup 72 MPLS TE tunnel with RSVP TE 70 88 policy See tunnel policy preferred tunnel configuration 157 preferred tunnel selection order 158 RSVP TE tunnel establishment 148 tunnel policy configuration 155 155 157 tunnel selection order configuration 158 VPLS architecture 371 type RSVP TE EXPLICIT_ROUTE object 139 RSVP TE Hello mess...

Page 526: ...BFD for VPLS LDP PW 422 MPLS OAM BFD for VPLS static PW 421 multicast traffic flooding 374 multicast traffic forwarding 374 packet statistics on Ethernet service instance 387 PW class configuration 379 PW configuration 379 PW creation 372 PW full mesh forwarding 374 PW LDP configuration 379 PW split horizon forwarding 374 static PW configuration 379 388 unicast traffic flooding 373 unicast traffic...

Reviews: