Guest

Cisco IOS Software Releases 12.1 T

HSRP Support for MPLS VPNs

Hierarchical Navigation

Downloads

Table Of Contents

HSRP Support for MPLS VPNs

Feature Overview

Benefits

Supported Platforms

Supported Standards, MIBs, and RFCs

Configuration Tasks

Defining VPNs

Enabling HSRP

Configuring HSRP Group Attributes

Verifying HSRP Support for MPLS VPNs

Configuration Examples

Command Reference

Glossary


HSRP Support for MPLS VPNs

Feature History

Release
Modification

12.1(3)T

This feature was introduced.

12.0(17)ST

This feature was integrated into Cisco IOS Release 12.0(17)ST.

12.0(22)S

This feature was integrated into Cisco IOS Release 12.0(22)S. The Cisco 10000 series was added to supported platforms.


1

This feature module describes the Hot Standby Router Protocol (HSRP) Support for Multiprotocol Label Switching (MPLS) Virtual Private Networks (VPNs) feature and includes the following sections:

Feature Overview

Supported Platforms

Supported Standards, MIBs, and RFCs

Configuration Tasks

Configuration Examples

Command Reference

Glossary

Feature Overview

HSRP support on an MPLS VPN interface is useful when an Ethernet is connected between two provider edges (PEs) with either of the following:

A customer edge (CE) with a default route to the HSRP virtual IP address

One or more hosts with the HSRP virtual IP address configured as the default gateway

Each VPN is associated with one or more VPN routing/forwarding (VRF) instances. A VRF consists of the following:

IP routing table

Cisco Express Forwarding (CEF) table

Set of interfaces that use the CEF forwarding table

Set of rules and routing protocol parameters to control the information in the routing tables

VPN routing information is stored in the IP routing table and the CEF table for each VRF. A separate set of routing and CEF tables is maintained for each VRF. These tables prevent information from being forwarded outside a VPN and also prevent packets that are outside a VPN from being forwarded to a router within the VPN.

HSRP currently adds Address Resolution Protocol (ARP) entries and IP hash table entries (aliases) using the default routing table instance. However, a different routing table instance is used when VRF forwarding is configured on an interface, causing ARP and Internet Control Message Protocol (ICMP) echo requests for the HSRP virtual IP address to fail.

The HSRP Support for MPLS VPNs feature ensures that the HSRP virtual IP address is added to the correct IP routing table and not to the default routing table.

Benefits

Allows MPLS VPNs to make use of HSRP

Provides transparent "first-hop IP routing" redundancy for workstations or routers connected to interfaces within MPLS VPNs

Supported Platforms

Cisco 3600 series

Cisco 4500 family routers

Cisco 4700 family routers

Cisco 7100 series

Cisco 7200 series

Cisco 7500 series

Cisco 10000 series

Cisco 12000 series (for the ST and S releases only)

Supported Standards, MIBs, and RFCs

Standards

No new or modified standards are supported by this feature.

MIBs

No new or modified MIBs are supported by this feature. To obtain lists of MIBs supported by platform and Cisco IOS release and to download MIB modules, go to the Cisco MIB web site on Cisco Connection Online (CCO) at

http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml.

RFCs

No new or modified RFCs are supported by this feature.

Configuration Tasks

See the following sections for configuration tasks for this feature. Each task in the list is identified as either optional or required:

Defining VPNs (Required)

Enabling HSRP (Required)

Configuring HSRP Group Attributes (Optional)

Defining VPNs

To define VPNs, use the following commands on the PE routers beginning in global configuration mode:

 
Command
Purpose

Step 1 

Router(config)# ip vrf vrf-name

Enters VRF configuration mode and assigns a VRF name.

Step 2 

Router(config-vrf)# rd route-distinguisher

Creates routing and forwarding tables.

Step 3 

Router(config-vrf)# route-target {import | export | both} route-target-ext-community

Creates a list of import or export route target communities for the specified VRF.

Step 4 

Router(config-vrf)# exit

Exits the current configuration mode and enters global configuration mode.

Step 5 

Router(config)# interface type number

Specifies an interface and enters interface configuration mode.

Step 6 

Router(config-vrf)# ip vrf forwarding vrf-name

Associates a VRF with an interface or subinterface.

Enabling HSRP

To enable the HSRP on an interface, use the following command in interface configuration mode:

Command
Purpose

Router (config-if)# standby [hsrp-group-number] ip ip-address

Enables the HSRP.


Configuring HSRP Group Attributes

To configure other HSRP group attributes that affect how the local router participates in HSRP, use the following commands in interface configuration mode:

 
Command
Purpose

Step 1 

Router (config-if)# standby [group-number] priority priority [preempt [delay [minimum | sync] delay]]

Sets the Hot Standby priority used in choosing the active router. Specify that, if the local router has priority over the current active router, the local router should attempt to take its place as the active router. Configures a preemption delay, after which the Hot Standby router preempts and becomes the active router.

Step 2 

Router(config-if)# standby [group-number] timers hellotime holdtime

Configures the time between hello packets and the hold time before other routers declare the active router to be down.

Step 3 

Router(config-if)# standby [group-number] track type number [interface-priority]

Configures the interface to track other interfaces, so that if one of the other interfaces goes down, the Hot Standby priority of the device is lowered.

Verifying HSRP Support for MPLS VPNs

The following example shows how to use show commands to verify that the HSRP virtual IP address is in the correct ARP and CEF tables: 

Router# show ip arp vrf vrf1


Protocol  Address          Age (min)  Hardware Addr   Type   Interface

Internet  10.2.0.1                -   00d0.bbd3.bc22  ARPA   Ethernet0/2

Internet  10.2.0.20               -   0000.0c07.ac01  ARPA   Ethernet0/2

Router# show ip cef vrf vrf1


Prefix              Next Hop             Interface

0.0.0.0/0           10.3.0.4             Ethernet0/3

0.0.0.0/32          receive

10.1.0.0/16         10.2.0.1             Ethernet0/2

10.2.0.0/16         attached             Ethernet0/2

10.2.0.1/32         receive

10.2.0.20/32        receive 

224.0.0.0/24        receive

255.255.255.255/32  receive

Configuration Examples

Figure 1 shows two PEs with HSRP running between their VRF interfaces. The CE is configured with the HSRP virtual IP address as its default route. HSRP is configured to track the interfaces connecting the PEs to the rest of the provider network. For example, if interface E1 of PE1 fails, the HSRP priority will be reduced such that PE2 takes over forwarding packets to the HSRP virtual IP address.

Figure 1 Topology Showing HSRP Support Between Two VRF Interfaces

Router PE1 Configuration 

conf t

 !

 ip cef

 !

 ip vrf vrf1

  rd 100:1

  route-target export 100:1

  route-target import 100:1

 !

 interface ethernet0

  ip vrf forwarding vrf1

  ip address 10.2.0.1 255.255.0.0

  standby 1 ip 10.2.0.20

  standby 1 priority 105 preempt delay 10

  standby 1 timers 3 1

  standby 1 track ethernet1 10

  standby 1 track ethernet2 10

Router PE2 Configuration 

conf t

 !

 ip cef

 !

 ip vrf vrf1

  rd 100:1

  route-target export 100:1

  route-target import 100:1

 !

 interface ethernet0

  ip vrf forwarding vrf1

  ip address 10.2.0.2 255.255.0.0

  standby 1 ip 10.2.0.20

  standby 1 priority 100 preempt delay 10

  standby 1 timers 3 1

  standby 1 track ethernet1 10

  standby 1 track ethernet2 10

Command Reference

No new or modified commands are required for this feature.

Glossary

CE router—customer edge router. A router that is part of a customer network and that interfaces to a provider edge (PE) router. CE routers are not aware of associated VPNs.

HSRP—Hot Standby Router Protocol. Provides high network availability and transparent network topology changes. HSRP creates a Hot Standby router group with a lead router that services all packets sent to the Hot Standby address. The lead router is monitored by other routers in the group, and if it fails, one of these standby routers inherits the lead position and the Hot Standby group address.

MPLS—Multiprotocol Label Switching. Emerging industry standard upon which tag switching is based.

PE router—provider edge router. A router that is part of a service provider network connected to a customer edge (CE) router. All VPN processing occurs in the PE router.

VPN—Virtual private network. Enables IP traffic to use tunneling to travel securely over a public TCP/IP network.

VRF—VPN routing/forwarding instance. A VRF consists of an IP routing table, a derived forwarding table, a set of interfaces that use the forwarding table, and a set of rules and routing protocols that determine what goes into the forwarding table. In general, a VRF includes the routing information that defines a customer VPN site that is attached to a PE router.