Cisco IOS XR Virtual Private Network Configuration Guide for the Cisco CRS Router, Release 4.3.x
Implementing IPv6 VPN Provider Edge Transport over MPLS
Downloads: This chapterpdf (PDF - 440.0KB) The complete bookPDF (PDF - 3.0MB) | Feedback

Implementing IPv6 VPN Provider Edge Transport over MPLS

Table Of Contents

Implementing IPv6 VPN Provider Edge Transport over MPLS

Contents

Prerequisites for Implementing 6PE

Information About 6PE

Overview of 6PE

Benefits of 6PE

Deploying IPv6 over MPLS Backbones

IPv6 on the Provider Edge and Customer Edge Routers

IPv6 Provider Edge Multipath

OSPFv3 6VPE

Multiple VRF Support

OSPFv3 PE-CE Extensions

VRF Lite

How to Implement 6PE

Configuring 6PE

Configuring OSPFv3 as the Routing Protocol Between the PE and CE Routers

Configuration Examples for 6PE

Configuring 6PE on a PE Router: Example

Configuring OSPFv3 6VPE: Example

Additional References

Related Document

Standards

MIBs

RFCs

Technical Assistance


Implementing IPv6 VPN Provider Edge Transport over MPLS


IPv6 VPN Provider Edge (6PE) uses the existing MPLS IPv4 core infrastructure for IPv6 transport. 6PE enables IPv6 sites to communicate with each other over an MPLS IPv4 core network using MPLS label switched paths (LSPs).

This feature relies heavily on multiprotocol Border Gateway Protocol (BGP) extensions in the IPv4 network configuration on the provider edge (PE) router to exchange IPv6 reachability information (in addition to an MPLS label) for each IPv6 address prefix. Edge routers are configured as dual-stack, running both IPv4 and IPv6, and use the IPv4 mapped IPv6 address for IPv6 prefix reachability exchange.

For detailed information about the commands used to configure L2TP functionality, see Cisco IOS XR Routing Command Reference.

Feature History for Implementing 6PE on Cisco IOS XR Software

Release
Modification

Release 3.7.0

This feature was introduced.

Support was added for Inter-AS 6PE.

Release 4.1.0

Support for the Open Shortest Path First version 3 (OSPFv3) IPv6 VPN Provider Edge (6VPE) feature was added.


Contents

Prerequisites for Implementing 6PE

Information About 6PE

How to Implement 6PE

Configuration Examples for 6PE

Additional References

Prerequisites for Implementing 6PE

The following prerequisites are required to implement 6PE:

To perform these configuration tasks, your Cisco IOS XR software system administrator must assign you to a user group associated with a task group that includes the corresponding command task IDs. All command task IDs are listed in individual command references and in the Cisco IOS XR Task ID Reference Guide.

If you need assistance with your task group assignment, contact your system administrator.

You must be familiar with MPLS and BGP4 configuration and troubleshooting.

Information About 6PE

To configure the 6PE feature, you should understand the following concepts, which are described in the following sections:

Overview of 6PE

Benefits of 6PE

Deploying IPv6 over MPLS Backbones

IPv6 on the Provider Edge and Customer Edge Routers

IPv6 Provider Edge Multipath

OSPFv3 6VPE

Overview of 6PE

Multiple techniques are available to integrate IPv6 services over service provider core backbones:

Dedicated IPv6 network running over various data link layers

Dual-stack IPv4-IPv6 backbone

Leveraging of an existing MPLS backbone

These solutions are deployed on service providers' backbones when the amount of IPv6 traffic and the revenue generated are in line with the necessary investments and the risks agreed to. Conditions are favorable for the introduction of native IPv6 service, from the edge, in a scalable way, without any IPv6 addressing restrictions and without putting a well-controlled IPv4 backbone in jeopardy. Backbone stability is key for service providers that recently stabilized their IPv4 infrastructure.

Service providers running an MPLS/IPv4 infrastructure follow the same trends, as several integration scenarios are possible to offer IPv6 services on an MPLS network. Cisco Systems specially developed Cisco 6PE, or, IPv6 Provider Edge Router over MPLS, to meet all of those requirements.

Inter-AS support for 6PE requires support of Border Gateway Protocol (BGP) to enable the address families and to allocate and distribute the PE and ASBR labels.

Benefits of 6PE

Service providers that currently deploy MPLS will experience the following benefits of Cisco 6PE:

Minimal operational cost and risk—No impact on existing IPv4 and MPLS services.

Provider edge routers upgrade only—A 6PE router can be an existing PE router or a new one dedicated to IPv6 traffic.

No impact on IPv6 customer edge routers—The ISP can connect to any customer CE running Static, IGP or EGP.

Ready for production services—An ISP can delegate IPv6 prefixes.

IPv6 introduction into an existing MPLS service—6PE routers can be added at any time.

It is possible to switch up to OC-192 speed in the core.

Deploying IPv6 over MPLS Backbones

Backbones enabled by 6PE (IPv6 over MPLS) allow IPv6 domains to communicate with each other over an MPLS IPv4 core network. This implementation requires no backbone infrastructure upgrades and no reconfiguration of core routers, because forwarding is based on labels rather than on the IP header itself. This provides a very cost-effective strategy for IPv6 deployment.

Additionally, the inherent virtual private network (VPN) and traffic engineering (TE) services available within an MPLS environment allow IPv6 networks to be combined into VPNs or extranets over an infrastructure that supports IPv4 VPNs and MPLS-TE.

IPv6 on the Provider Edge and Customer Edge Routers

Service Provider Edge Routers

6PE is particularly applicable to service providers who currently run an MPLS network. One of its advantages is that there is no need to upgrade the hardware, software, or configuration of the core network, and it eliminates the impact on the operations and the revenues generated by the existing IPv4 traffic. MPLS is used by many service providers to deliver services to customers. MPLS as a multiservice infrastructure technology is able to provide layer 3 VPN, QoS, traffic engineering, fast re-routing and integration of ATM and IP switching.

Customer Edge Routers

Using tunnels on the CE routers is the simplest way to deploy IPv6 over MPLS networks. It has no impact on the operation or infrastructure of MPLS and requires no changes to the P routers in the core or to the PE routers. However, tunnel meshing is required as the number of CEs to connect increases, and it is difficult to delegate a global IPv6 prefix for an ISP.

Figure 24 illustrates the network architecture using tunnels on the CE routers.

Figure 24 IPv6 Using Tunnels on the CE Routers

IPv6 Provider Edge Multipath

Internal and external BGP multipath for IPv6 allows the IPv6 router to load balance between several paths (for example, same neighboring autonomous system (AS) or sub-AS, or the same metric) to reach its destination. The 6PE multipath feature uses multiprotocol internal BGP (MP-IBGP) to distribute IPv6 routes over the MPLS IPv4 core network and to attach an MPLS label to each route.

When MP-IBGP multipath is enabled on the 6PE router, all labeled paths are installed in the forwarding table with MPLS information (label stack) when MPLS information is available. This functionality enables 6PE to perform load balancing.

OSPFv3 6VPE

The Open Shortest Path First version 3 (OSPFv3) IPv6 VPN Provider Edge (6VPE) feature adds VPN routing and forwarding (VRF) and provider edge-to-customer edge(PE-CE) routing support to Cisco IOS XR OSPFv3 implementation. This feature allows:

Multiple VRF support per OSPFv3 routing process

OSPFV3 PE-CE extensions

Multiple VRF Support

OSPFv3 supports multiple VRFs in a single routing process that allows scaling to tens and hundreds of VRFs without consuming too much route processor (RP) resources.

Multiple OSPFv3 processes can be configured on a single router. In large-scale VRF deployments, this allows partition VRF processing across multiple RPs. It is also used to isolate default routing table or high impact VRFs from the regular VRFs. It is recommended to use a single process for all the VRFs. If needed, a second OSPFv3 process must be configured for IPv6 routing.


Note The maximum of four OSPFv3 processes are supported.


OSPFv3 PE-CE Extensions

IPv6 protocol is being vastly deployed in today's customer networks. Service Providers (SPs) need to be able to offer Virtual Private Network (VPN) services to their customers for supporting IPv6 protocol, in addition to the already offered VPN services for IPv4 protocol.

In order to support IPv6, routing protocols require additional extensions for operating in the VPN environment. Extensions to OSPFv3 are required in order for OSPFv3 to operate at the PE-CE links.

VRF Lite

VRF lite feature enables VRF deployment without BGP or MPLS based backbone. In VRF lite, the PE routers are directly connected using VRF interfaces. For OSPFv3, the following needs to operate differently in the VRF lite scenario, as opposed to the deployment with BGP or MPLS backbone:

DN bit processing—In VRF lite environment, the DN bit processing is disabled.

ABR status—In VRF context (except default VRF), OSPFv3 router is automatically set as an ABR, regardless to it's connectivity to area 0. This automatic ABR status setting is disabled in the VRF lite environment.


Note To enable VRF Lite, issue the capability vrf-lite command in the OSPFv3 VRF configuration submode.


How to Implement 6PE

This section includes the following implementation procedure:

Configuring 6PE

Configuring OSPFv3 as the Routing Protocol Between the PE and CE Routers

Configuring 6PE

This task describes how to configure 6PE on PE routers to transport the IPv6 prefixes across the IPv4 cloud.

Be sure to configure 6PE on PE routers participating in both the IPv4 cloud and IPv6 clouds.


Note To learn routes from both clouds, you can use all routing protocols supported on Cisco IOS XR software: BGP, OSPF, IS-IS, EIGRP, RIP, and Static.


SUMMARY STEPS

1. configure

2. router bgp as-number

3. neighbor ip-address

4. address-family ipv6 labeled-unicast

5. exit

6. exit

7. address-family ipv6 unicast

8. allocate-label [all | route-policy policy_name]

9. end
or
commit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

router bgp as-number

Example:

RP/0/RP0/CPU0:router(config)# router bgp 1

Enters the number that identifies the autonomous system (AS) in which the router resides.

Range for 2-byte numbers is 1 to 65535. Range for 4-byte numbers is 1.0 to 65535.65535.

Step 3 

neighbor ip-address

Example:

RP/0/RP0/CPU0:router(config-bgp)# neighbor 1.1.1.1

Enters neighbor configuration mode for configuring Border Gateway Protocol (BGP) routing sessions.

Step 4 

address-family ipv6 labeled-unicast

Example:

RP/0/RP0/CPU0:router(config-bgp-nbr)# address-family ipv6 labeled-unicast

Specifies IPv6 labeled-unicast address prefixes.

Note This option is also available in IPv6 neighbor configuration mode and VRF neighbor configuration mode.

Step 5 

exit

Example:

RP/0/RP0/CPU0:router(config-bgp-nbr-af)# exit

Exits BGP address-family submode.

Step 6 

exit

Example:

RP/0/RP0/CPU0:router(config-bgp-nbr)# exit

Exits BGP neighbor submode.

Step 7 

address-family ipv6 unicast

Example:

RP/0/RP0/CPU0:router(config-bgp)# address-family ipv6 unicast

Specifies IPv6 unicast address prefixes.

Step 8 

allocate-label [all | route-policy policy_name]

Example:

RP/0/RP0/CPU0:router(config-bgp-af)# allocate-label all

Allocates MPLS labels for specified IPv4 unicast routes.

Note The route-policy keyword provides finer control to filter out certain routes from being advertised to the neighbor.

Step 9 

end

or

commit

Example:

RP/0/RP0/CPU0:router(config-bgp-af)# end

or

RP/0/RP0/CPU0:router(config-bgp-af)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes:

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:
 
        

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuring OSPFv3 as the Routing Protocol Between the PE and CE Routers

Perform this task to configure provider edge (PE)-to-customer edge (CE) routing sessions that use Open Shortest Path First version 3 (OSPFv3).

SUMMARY STEPS

1. configure

2. router ospfv3 process-name

3. vrf vrf-name

4. capability vrf-lite

5. router-id {router-id | type interface-path-id}

6. domain-id type {0005 | 0105 | 0205 | 8005} value domain-id

7. redistribute bgp process-id [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]
or
redistribute connected [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]
or
redistribute ospf process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]}] [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]
or
redistribute static [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]
or
redistribute eigrp process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]}] [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]
or
redistribute rip [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]

8. area area-id

9. interface type interface-path-id

10. end
or
commit

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

configure

Example:

RP/0/RP0/CPU0:router# configure

Enters global configuration mode.

Step 2 

router ospf process-name

Example:

RP/0/RP0/CPU0:router(config)# router ospf 109

Enters OSPF configuration mode allowing you to configure the OSPF routing process.

Step 3 

vrf vrf-name

Example:

RP/0/RP0/CPU0:router(config-ospf)# vrf vrf_1

Configures a VPN routing and forwarding (VRF) instance and enters VRF configuration mode for OSPF routing.

Step 4 

capability vrf-lite

Example:

RP/0/RP0/CPU0:router(config-ospf-vrf)# capability vrf-lite

Enables VRF Lite feature.

Step 5 

router-id {router-id | type interface-path-id}

Example:

RP/0/RP0/CPU0:router(config-ospf-vrf)# router-id 172.20.10.10

Configures the router ID for the VRF.

Note Router ID configuration is required for each VRF.

Step 6 

domain-id type {0005 | 0105 | 0205 | 8005} value domain-id

Example:

RP/0/RP0/CPU0:router(config-ospf-vrf)# domain-id type 0005 value CAFE00112233

Specifies the domain ID.

Step 7 

redistribute bgp process-id [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]

or

redistribute connected [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]

or

redistribute ospf process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]}] [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]

or

redistribute static [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]

or

redistribute eigrp process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]]}[metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]

or

redistribute rip [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]

Example:

RP/0/RP0/CPU0:router(config-ospf-vrf)# redistribute connected

Causes routes to be redistributed into OSPF. The routes that can be redistributed into OSPF are:

Border Gateway Protocol (BGP)

Connected

Enhanced Interior Gateway Routing Protocol (EIGRP)

OSPF

Static

Routing Information Protocol (RIP)

Step 8 

area area-id

Example:

RP/0/RP0/CPU0:router(config-ospf-vrf)# area 0

Configures the OSPF area as area 0.

Step 9 

interface type interface-path-id

Example:

RP/0/RP0/CPU0:router(config-ospf-vrf-ar)# interface GigabitEthernet 0/3/0/0

Associates interface GigabitEthernet 0/3/0/0 with area 0.

Step 10 

end

or

commit

Example:

RP/0/RP0/CPU0:router(config-ospf-vrf-ar-if)# end

or

RP/0/RP0/CPU0:router(config-ospf-vrf-ar-if)# commit

Saves configuration changes.

When you issue the end command, the system prompts you to commit changes:

Uncommitted changes found, commit them before 
exiting(yes/no/cancel)? 
[cancel]:
 
        

Entering yes saves configuration changes to the running configuration file, exits the configuration session, and returns the router to EXEC mode.

Entering no exits the configuration session and returns the router to EXEC mode without committing the configuration changes.

Entering cancel leaves the router in the current configuration session without exiting or committing the configuration changes.

Use the commit command to save the configuration changes to the running configuration file and remain within the configuration session.

Configuration Examples for 6PE

This section includes the following configuration example:

Configuring 6PE on a PE Router: Example

Configuring OSPFv3 6VPE: Example

Configuring 6PE on a PE Router: Example

The following sample configuration shows the configuration of 6PE on a PE router:

interface GigabitEthernet0/3/0/0
 ipv6 address 2001::1/64
!
router isis ipv6-cloud
 net 49.0000.0000.0001.00
 address-family ipv6 unicast
  single-topology
 interface GigabitEthernet0/3/0/0
  address-family ipv6 unicast
  !
!
router bgp 55400
 bgp router-id 54.6.1.1
 address-family ipv4 unicast
 !
 address-family ipv6 unicast
  network 55:5::/64
  redistribute connected
  redistribute isis ipv6-cloud
 !
 neighbor 34.4.3.3
  remote-as 55400
  address-family ipv4 unicast
  !
  address-family ipv6 labeled-unicast

Configuring OSPFv3 6VPE: Example

This example shows you how to configure provider edge (PE)-to-customer edge (CE) routing sessions that use Open Shortest Path First version 3 (OSPFv3):

router ospfv3 0
 vrf V1
  router-id 100.0.0.2
  domain-id type 0005 value CAFE00112233
  domain-id secondary type 0105 value beef00000001
  domain-id secondary type 0205 value beef00000002
  capability vrf-lite
  redistribute bgp 1
  area 0
   interface POS0/3/0/1
 vrf V2
  router-id 200.0.0.2
  capability vrf-lite
  area 1
   interface POS0/3/0/2
 
   

Additional References

For additional information related to this feature, refer to the following references:

Related Document

Related Topic
Document Title

Cisco IOS XR L2VPN command reference document

MPLS Virtual Private Network Commands on Cisco IOS XR Software module in Cisco IOS XR MPLS Command Reference

Cisco CRS router getting started material

Cisco IOS XR Getting Started Guide

Information about user groups and task IDs

Configuring AAA Services on Cisco IOS XR Software module in Cisco IOS XR System Security Configuration Guide


Standards

Standards 1
Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

1 Not all supported standards are listed.


MIBs

MIBs
MIBs Link

To locate and download MIBs using Cisco IOS XR software, use the Cisco MIB Locator found at the following URL and choose a platform under the Cisco Access Products menu: http://cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml


RFCs

RFCs
Title


Technical Assistance

Description
Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport