MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS XE Release 3S (Cisco ASR 1000)
MPLS VPN OSPF PE and CE Support
Downloads: This chapterpdf (PDF - 1.17MB) The complete bookPDF (PDF - 4.9MB) | The complete bookePub (ePub - 1.1MB) | Feedback

MPLS VPN OSPF PE and CE Support

MPLS VPN OSPF PE and CE Support

The MPLS VPN OSPF PE and CE Support feature allows service providers to configure Open Shortest Path First (OSPF) between provider edge (PE) and customer edge (CE) devices in a Multiprotocol Label Switching (MPLS) virtual private network ( VPN). This feature increases flexibility when devices exchange routing information among sites because a separate router ID for each interface or subinterface is configured on a PE device attached to multiple CE devices within a VPN. An MPLS VPN consists of a set of sites that are interconnected by means of an MPLS provider core network. At each customer site, one or more CE devices attach to one or more PE devices.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Prerequisites for MPLS VPN OSPF PE and CE Support

  • Configure MPLS Layer 3 VPNs.
  • Configure the Border Gateway Protocol (BGP) in the core.

Information About MPLS VPN OSPF PE and CE Support

Overview of MPLS VPN OSPF PE and CE Support

This feature allows service providers to configure Open Shortest Path First (OSPF) between provider edge (PE) and customer edge (CE) devices in an MPLS VPN network.

This feature increases flexibility when devices exchange routing information among sites because a separate router ID for each interface or subinterface is configured on a PE device attached to multiple CE devices within a VPN.

How to Configure MPLS VPN OSPF PE and CE Support

Configuring OSPF as the Routing Protocol Between the PE and CE Devices

Perform this task to configure PE-to-CE routing sessions that use Open Shortest Path First (OSPF).


Note


The Cisco implementation of OSPF in an MPLS VPN PE-CE environment is compliant with RFC 4576.


Before You Begin

Configure the PE device with the same routing protocol that the CE device uses.

SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    router ospf process-id [vrf vpn-name]

    4.    network ip-address wildcard-mask area area-id

    5.    address-family ipv4 [multicast | unicast | vrf vrf-name]

    6.    redistribute protocol | [process-id] | {level-1 | level-1-2 | level-2} [as-number] [metric metric-value] [metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag] [subnets]

    7.    exit-address-family

    8.    end


DETAILED STEPS
      Command or Action Purpose
    Step 1 enable


    Example:
    Device> enable
     

    Enables privileged EXEC mode.

    • Enter your password if prompted.
     
    Step 2 configure terminal


    Example:
    Device# configure terminal
     

    Enters global configuration mode.

     
    Step 3 router ospf process-id [vrf vpn-name]


    Example:
    Device(config)# router ospf 1 vrf grc
     

    Enables OSPF routing and enters router configuration mode.

    • The process-id argument identifies the OSPF process.
    • The vrf vpn-name keyword and argument identify a virtual private network (VPN). Create a separate OSPF process for each virtual routing and forwarding (VRF) instance that will receive VPN routes.
     
    Step 4 network ip-address wildcard-mask area area-id


    Example:
    Device(config-router)# network 10.0.0.1 0.0.0.3 area 20
     

    Defines the interfaces on which OSPF runs and to defines the area ID for those interfaces.

    • The ip-address argument identifies the IP address.
    • The wildcard-mask argument identifies the IP-address-type mask that includes “don’t care” bits.
    • The area-id argument identifies the area that is to be associated with the OSPF address range. It can be specified as either a decimal value or an IP address. To associate areas with IP subnets, specify a subnet address as the value of the area-id argument.
     
    Step 5 address-family ipv4 [multicast | unicast | vrf vrf-name]


    Example:
    Device(config-router)# address-family ipv4 vrf vpn1
     

    Specifies the IPv4 address family type and enters address family configuration mode.

    • The multicast keyword specifies IPv4 multicast address prefixes.
    • The unicast keyword specifies IPv4 unicast address prefixes.
    • The vrf vrf-name keyword and argument specify the name of the VRF to associate with subsequent IPv4 address family configuration mode commands.
     
    Step 6 redistribute protocol | [process-id] | {level-1 | level-1-2 | level-2} [as-number] [metric metric-value] [metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag] [subnets]


    Example:
    Device(config-router-af)#  redistribute rip metric 1 subnets
     

    Redistributes routes from one routing domain into another routing domain.

    You may need to include several protocols to ensure that all interior Border Gateway Protocol (IBGP) routes are distributed into the VRF.

     
    Step 7 exit-address-family


    Example:
    Device(config-router-af)# exit-address-family
     

    Exits address family configuration mode.

     
    Step 8 end


    Example:
    Device(config-router)# end
     

    (Optional) Exits to privileged EXEC mode.

     

    Verifying Connectivity Between MPLS Virtual Private Network Sites

    To verify that the local and remote customer edge (CE) devices can communicate across the Multiprotocol Label Switching (MPLS) core, perform the following tasks:

    Verifying IP Connectivity from CE Device to CE Device Across the MPLS Core

    SUMMARY STEPS

      1.    enable

      2.    ping [protocol] {host-name | system-address}

      3.    trace [protocol] [destination]

      4.    show ip route [ip-address [mask] [longer-prefixes]] | protocol [process-id]] | [list [access-list-name | access-list-number]


    DETAILED STEPS
      Step 1   enable

      Enables privileged EXEC mode.

      Step 2   ping [protocol] {host-name | system-address}

      Diagnoses basic network connectivity on AppleTalk, Connectionless-mode Network Service (CLNS), IP, Novell, Apollo, Virtual Integrated Network Service (VINES), DECnet, or Xerox Network Service (XNS) networks. Use the ping command to verify the connectivity from one CE device to another.

      Step 3   trace [protocol] [destination]

      Discovers the routes that packets take when traveling to their destination. The trace command can help isolate a trouble spot if two devices cannot communicate.

      Step 4   show ip route [ip-address [mask] [longer-prefixes]] | protocol [process-id]] | [list [access-list-name | access-list-number]

      Displays the current state of the routing table. Use the ip-address argument to verify that CE1 has a route to CE2. Verify the routes learned by CE1. Make sure that the route for CE2 is listed.


      Verifying That the Local and Remote CE Devices Are in the PE Routing Table

      SUMMARY STEPS

        1.    enable

        2.    show ip route vrf vrf-name [prefix]

        3.    show ip cef vrf vrf-name [ip-prefix]


      DETAILED STEPS
        Step 1   enable

        Enables privileged EXEC mode.

        Step 2   show ip route vrf vrf-name [prefix]

        Displays the IP routing table associated with a virtual routing and forwarding (VRF) instance. Check that the loopback addresses of the local and remote customer edge (CE) devices are in the routing table of the provider edge (PE) devices.

        Step 3   show ip cef vrf vrf-name [ip-prefix]

        Displays the Cisco Express Forwarding forwarding table associated with a VRF. Check that the prefix of the remote CE device is in the Cisco Express Forwarding table.


        Configuration Examples for MPLS VPN OSPF PE and CE Support

        Example: Configuring an MPLS VPN Using OSPF

        PE Configuration

        CE Configuration

        ip vrf vpn1
         rd 100:1
         route-target export 100:1
         route-target import 100:1
        !
        ip cef
        mpls ldp router-id Loopback0 force
        mpls label protocol ldp
        !
        interface Loopback0
         ip address 10.0.0.1 255.255.255.255
        !
        interface FastEthernet0/0/0
         ip vrf forwarding vpn1
         ip address 34.0.0.2 255.0.0.0
         no cdp enable
        !
        router ospf 1000 vrf vpn1
         log-adjacency-changes
         redistribute bgp 100 metric-type 1 subnets
         network 10.0.0.13 0.0.0.0 area 10000
         network 34.0.0.0 0.255.255.255 area 10000
        ! 
        router bgp 100
        no synchronization
        bgp log-neighbor changes
        neighbor 10.0.0.3 remote-as 100
        neighbor 10.0.0.3 update-source Loopback0
        no auto-summary
         !        
        address-family vpnv4
         neighbor 10.0.0.3 activate
         neighbor 10.0.0.3 send-community extended
         bgp scan-time import 5
         exit-address-family
         !        
        address-family ipv4 vrf vpn1
        redistribute connected
        redistribute ospf 1000 match internal external 1 external 2
        no auto-summary
        no synchronization
        exit-address-family
        ip cef
        mpls ldp router-id Loopback0 force
        mpls label protocol ldp
        !
        interface Loopback0
         ip address 10.0.0.9 255.255.255.255
        !
        interface FastEthernet0/0/0
         ip address 34.0.0.1 255.0.0.0
         no cdp enable
        !
        router ospf 1000
        log-adjacency-changes
        auto-cost reference-bandwidth 1000
        redistribute connected subnets
        network 34.0.0.0 0.255.255.255 area 1000
        network 10.0.0.0 0.0.0.0 area 1000

        Additional References

        Related Documents

        Related Topic

        Document Title

        Cisco IOS commands

        Cisco Master Command List, All Releases

        MPLS and MPLS applications commands

        Cisco IOS Multiprotocol Label Switching Command Reference

        Standards and RFCs

        Standard/RFC

        Title

        RFC 4576

        Using a Link State Advertisement (LSA) Options Bit to Prevent Looping in BGP/MPLS IP Virtual Private Networks (VPNs)

        Technical Assistance

        Description

        Link

        The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

        http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

        Feature Information for MPLS VPN OSPF PE and CE Support

        The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

        Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

        Table 1 Feature Information for MPLS VPN OSPF PE and CE Support

        Feature Name

        Releases

        Feature Information

        MPLS VPN OSPF PE and CE Support

        12.0(5)T

        12.0(11)ST

        12.0(21)ST

        12.2(17b)SXA

        12.2(28)SB

        Cisco IOS XE Release 2.1

        The MPLS VPN OSPF PE and CE Support feature allows service providers to configure Open Shortest Path First (OSPF) between provider edge (PE) and customer edge (CE) devices in a Multiprotocol Label Switching (MPLS) virtual private network (VPN).

        In Cisco IOS Release 12.0(5)T, this feature was introduced.

        In Cisco IOS Release 12.0(11)ST, 12.0(21)ST, 12.2(17b)SXA, and 12.2(28)SB, this feature was integrated.

        In Cisco IOS XE Release 2.1, this feature was implemented on Cisco ASR 1000 Series Routers.

        No commands were introduced or modified.