Table Of Contents
MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
Prerequisites for MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
Restrictions for MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
Information About MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
How BGP Sends MPLS Labels with Routes
Carrier Supporting Carrier Networks Supported for IPv4 BGP Label Distribution
Customer Carrier Is an Internet Service Provider with an IP Core
Customer Carrier is an MPLS Service Provider With or Without VPN Services
How to Configure and Verify MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
Identify the Carrier Supporting Carrier Topology
Configure and Verify the Backbone Carrier Core
Verify IP Connectivity and LDP Configuration in the CSC-Core
Configure VRFs for CSC-PE Routers
Configure Multiprotocol BGP for VPN Connectivity in the Backbone Carrier
Configure and Verify the Links Between CSC-PE and CSC-CE Routers
Configure EBGP with send-label Option for Carrier Supporting Carrier on CSC-PE Routers
Configure EGBP with send-label Option for Carrier Supporting Carrier on CSC-CE Routers
Verify Labels in the CSC-PE Routers
Verify Labels in the CSC-CE Routers
Configure Route Maps on the CSC-PE Routers
Configure and Verify the Customer Carrier Network
Verify IP Connectivity in the Customer Carrier
Configure a Customer Carrier Core Router as a Route Reflector
Configure and Verify the Customer Site for Hierarchical VPNs
Configure Provider Edge Routers for Hierarchical VPNs
Verify Labels in Each Provider Edge Router for Hierarchical VPNs
Configure Customer Edge Routers for Hierarchical VPNs
Verify IP Connectivity in the Customer Site
Configuration Examples for MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
Configuring and Verifying the Backbone Carrier Core Examples
Verifying IP Connectivity and LDP Configuration in the CSC-Core Example
Configuring VRFs for CSC-PE Routers Example
Configuring Multiprotocol BGP for VPN Connectivity in the Backbone Carrier Example
Configuring and Verifying the Links Between CSC-PE and CSC-CE Routers Examples
Verifying Labels in the CSC-PE Routers Examples
Verifying Labels in the CSC-CE Routers Examples
Configuring Route Maps on the CSC-PE Routers Example
Configuring and Verifying the Customer Carrier Network Examples
Verifying IP Connectivity in the Customer Carrier Example
Configuring a Customer Carrier Core Router as a Route Reflector Example
Configuring and Verifying the Customer Site for Hierarchical VPNs Examples
Configuring Provider Edge Routers for Hierarchical VPNs Examples
Verifying Labels in Each Provider Edge Router for Hierarchical VPNs Examples
Configuring Customer Edge Routers for Hierarchical VPNs Examples
Verifying IP Connectivity in the Customer Site Examples
MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
This feature enables you to configure your carrier supporting carrier network to enable Border Gateway Protocol (BGP) to transport routes and Multiprotocol Label Switching (MPLS) labels between the backbone carrier provider edge (PE) routers and the customer carrier customer edge (CE) routers. Previously you had to use Label Distribution Protocol (LDP) to carry the labels and an Internal Gateway Protocol (IGP) to carry the routes between PE and CE routers to achieve the same goal.
The benefits of using BGP to distribute IPv4 routes and MPLS label routes are that:
•
BGP takes the place of an IGP and LDP in a VPN forwarding/routing instance (VRF) table. You can use BGP to distribute routes and MPLS labels. Using a single protocol instead of two simplifies the configuration and troubleshooting.
•
This feature is an extension of the Carrier Supporting Carrier feature, introduced in Release 12.0(14)ST, which was based on LDP.
Feature Specifications for MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
12.0(21)ST
This feature was introduced.
12.0(22)S
This feature was implemented on the Cisco 12000 series router (see Table 1 for the line cards supported) and integrated into Cisco IOS Release 12.0(22)S.
12.0(23)S
Support was added for the Cisco 12000 Series Eight-Port OC-3c/STM-1c ATM Line Card (8-Port OC-3 ATM) and the Cisco 12000 Series Three-Port Gigabit Ethernet Line Card (3-Port GbE).
12.2(13)T
This feature was integrated into Cisco IOS Release 12.2(13)T.
12.0(24)S
Support was added for the Cisco 12000 Series One-Port 10-Gigabit Ethernet Line Card (1-Port 10-GbE) and the Cisco 12000 Series Modular Gigabit Ethernet/ Fast Ethernet Line Card (Modular GbE/FE) and implemented on Cisco IOS 12.0(24)S.
12.2(14)S
This feature was integrated into Cisco IOS Release 12.2(14)S and implemented on Cisco 7200 and Cisco 7500 series routers.
Cisco 7200 series, Cisco 7500 series, Cisco 12000 series (for specific Cisco 12000 series line cards supported on Cisco IOS S and ST releases, see Table 1).
Determining Platform Support Through Cisco Feature Navigator
Cisco IOS software is packaged in feature sets that are supported on specific platforms. To obtain updated information about platform support for this feature, access Cisco Feature Navigator. Cisco Feature Navigator dynamically updates the list of supported platforms as new platform support is added for the feature.
Cisco Feature Navigator is a web-based tool that enables you to determine which Cisco IOS software images support a specific set of features and which features are supported in a specific Cisco IOS image. You can search by feature or release. In the release section, you can compare releases side by side to display both the features unique to each software release and the features that releases have in common.
To access Cisco Feature Navigator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
Cisco Feature Navigator is updated regularly when major Cisco IOS software releases and technology releases occur. For the most current information, go to the Cisco Feature Navigator home page at the following URL:
Availability of Cisco IOS Software Images
Platform support for particular Cisco IOS software releases is dependent on the availability of the software images for those platforms. Software images for some platforms may be deferred, delayed, or changed without prior notice. For updated information about platform support and availability of software images for each Cisco IOS software release, refer to the online release notes or, if supported, Cisco Feature Navigator.
Contents
•
•
•
•
•
Prerequisites for MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
You should be able to configure Multiprotocol Virtual Private Networks (MPLS VPNs) with end-to-end (CE-to-CE router) pings working. To accomplish this, you need to know how to configure IGP routing protocols, LDP, and Multiprotocol Border Gateway Protocol (MP-BGP).
Make sure that the carrier supporting carrier provider edge (CSC-PE) routers and the carrier supporting carrier customer edge (CSC-CE) routers run images that support BGP label distribution. Otherwise, you cannot run external BGP (EBGP) between them.
Table 1 lists the Cisco 12000 series line cards support for Cisco IOS S and ST releases.
Restrictions for MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
On a PE router, you can configure an interface for either BGP with labels or LDP. You cannot enable both types of label distribution on the same interface. If you switch from one protocol to the other, then you must disable the existing protocol on all interfaces before enabling the other protocol.
This feature does not support the following:
•
•
•
The physical interfaces that connect the BGP speakers must support Cisco Express Forwarding (CEF) or distributed Cisco Express Forwarding (dCEF) and MPLS.
Information About MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
To configure a carrier supporting carrier network that uses BGP to distribute routes and MPLS labels between the PE and CE routers of a backbone carrier and a customer carrier, you need to understand the following concepts:
•
•
Major Components of MPLS VPNs
An MPLS-based VPN network has three major components:
•
•
•
A one-to-one relationship does not necessarily exist between customer sites and VPNs. A given site can be a member of multiple VPNs. However, a site can associate with only one VRF. A customer-site VRF contains all the routes available to the site from the VPNs of which it is a member.
An MPLS VPN consists of a set of sites that are interconnected by means of an MPLS provider core network. At each customer site, one or more CE routers attaches to one or more PE routers. The PE routers use the MP-BGP to dynamically communicate with each other.
BGP Label Distribution
This section contains the following topics:
•
BGP Routing Information
BGP routing information includes the following items:
•
•
•
Types of BGP Messages
MPLS labels are included in the update messages that a router sends. Routers exchange the following types of BGP messages:
•
•
•
•
How BGP Sends MPLS Labels with Routes
When BGP (both EBGP and IBGP) distributes a route, it can also distribute an MPLS label that is mapped to that route. The MPLS label mapping information for the route is carried in the BGP update message that contains the information about the route. If the next hop is not changed, the label is preserved.
When you issue the neighbor send-label command on both BPG routers, the routers advertise to each other that they can then send MPLS labels with the routes. If the routers successfully negotiate their ability to send MPLS labels, the routers add MPLS labels to all outgoing BGP updates.
Carrier Supporting Carrier Networks Supported for IPv4 BGP Label Distribution
This feature enables you to configure a carrier supporting carrier network that uses BGP to distribute routes and MPLS labels between the PE and CE routers of a backbone carrier and a customer carrier. The backbone carrier offers BGP and MPLS VPN services. The customer carrier can be either of the following:
•
•
This document describes how to use BGP to distribute MPLS labels and routes for both types of customer carrier.
Customer Carrier Is an Internet Service Provider with an IP Core
Figure 1 shows a network configuration where the customer carrier is an ISP. The customer carrier has two sites, each of which is a point of presence (POP). The customer carrier connects these sites using a VPN service provided by the backbone carrier. The backbone carrier uses MPLS. The ISP sites use IP.
Figure 1 Network Where the Customer Carrier Is an ISP
In this configuration, the links between the CE and PE routers use EBGP to distribute IPv4 routes and MPLS labels. Between the links, the PE routers use multiprotocol IBGP to distribute VPNv4 routes.
Note
Customer Carrier is an MPLS Service Provider With or Without VPN Services
Figure 2 shows a network configuration where the backbone carrier and the customer carrier are BGP/MPLS VPN service providers. The customer carrier has two sites. Both the backbone carrier and the customer carrier use MPLS in their networks.
Figure 2 Network Where the Customer Carrier Is an MPLS VPN Service Provider
In this configuration, the customer carrier can configure its network in one of the following ways:
•
•
How to Configure and Verify MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
This section contains the following tasks and processes that explain how to configure and verify the MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution feature:
•
•
•
•
•
Note
Identify the Carrier Supporting Carrier Topology
Before you configure the MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution feature, you need to identify both the backbone and customer carrier topology.
The main concern of this feature is the connectivity between the customer carrier and the backbone carrier. EBGP-based label distribution is configured on these links to enable MPLS between the customer and backbone carriers. MPLS VPNs described in the MPLS Virtual Private Networks (VPNs) feature module do not use MPLS on these carrier connections.
You need to identify the type of customer carrier as well as the topology of the carriers
Perform this task to identify the carrier supporting carrier topology.
SUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
What to Do Next
Set up your carrier supporting carrier networks for the MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution feature starting with the "Configure and Verify the Backbone Carrier Core" section.
Configure and Verify the Backbone Carrier Core
Configuring the backbone carrier core in an MPLS VPN carrier supporting carrier network with BGP label distribution requires setting up connectivity and routing functions for the CSC-Core and the CSC-PE routers.
Prerequisites
Before you configure a backbone carrier core for the MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution feature, you must configure the following on the CSC-Core routers:
•
•
Note
Configuring and verifying the CSC-Core (backbone carrier) involves the following tasks:
•
•
•
Verify IP Connectivity and LDP Configuration in the CSC-Core
Perform this task to verify IP connectivity and LDP configuration in the CSC-Core.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
DETAILED STEPS
Troubleshooting Tips
You can use the ping and trace commands to verify complete MPLS connectivity in the core. You also get useful troubleshooting information from the additional show commands.
Additional Information
For a configuration example for this task, see the "Verifying IP Connectivity and LDP Configuration in the CSC-Core Example" section.
Configure VRFs for CSC-PE Routers
Perform this task to configure VPN forwarding/routing instances (VRFs) for the backbone carrier edge (CSC-PE) routers.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
DETAILED STEPS
Troubleshooting Tips
Enter a show ip vrf detail command and make sure the MPLS VPN is up and associated with the right interfaces.
Additional Information
For a configuration example for this task, see the "Configuring VRFs for CSC-PE Routers Example" section.
Configure Multiprotocol BGP for VPN Connectivity in the Backbone Carrier
Perform this task to configure Multiprotocol BGP (MP-BGP) connectivity in the backbone carrier.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
DETAILED STEPS
Troubleshooting Tips
You can enter a show ip bgp neighbor command to verify that the neighbors are up and running. If this command is not successful, enter a debug ip bgp x.x.x.x events command, where x.x.x.x is the IP address of the neighbor.
Additional Information
For a configuration example for this task, see the "Configuring Multiprotocol BGP for VPN Connectivity in the Backbone Carrier Example" section.
Configure and Verify the Links Between CSC-PE and CSC-CE Routers
Configuring and verifying the links between the carrier supporting carrier backbone edge (CSC-PE) router and the carrier supporting carrier customer edge router (CSC-CE) router involves the following tasks:
•
•
•
•
•
Configure EBGP with send-label Option for Carrier Supporting Carrier on CSC-PE Routers
Perform this task to configure the carrier supporting carrier (CSC) on the CSC-PE routers so that they can distribute BGP routes with MPLS labels.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
DETAILED STEPS
Troubleshooting Tips
Enter a show ip bgp neighbor command to verify that the neighbors are up and running. Make sure you see the following line in the command output under Neighbor capabilities:
IPv4 MPLS Label capability:advertised and receivedAdditional Information
For a configuration example for this task, see the "Configuring EBGP Link with send-label Option for Carrier Supporting Carrier on CSC-PE Routers Examples" section.
Configure EGBP with send-label Option for Carrier Supporting Carrier on CSC-CE Routers
Perform this task to configure the carrier supporting carrier on the CSC-CE routers so that they can distribute BGP routes with MPLS labels.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Configuring EBGP Link with send-label Option for Carrier Supporting Carrier on CSC-CE Routers Examples" section.
Verify Labels in the CSC-PE Routers
Perform this task to verify the labels in the CSC-PE routers.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Verifying Labels in the CSC-PE Routers Examples" section.
Verify Labels in the CSC-CE Routers
Perform this task to verify the labels in the CSC-CE routers.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Verifying Labels in the CSC-CE Routers Examples" section.
Configure Route Maps on the CSC-PE Routers
The following tasks describe how to enable routers to send MPLS labels with the routes specified in the route maps:
•
•
•
To configure route maps on routers, specifically carrier edge routers, you need to understand how to use route maps to filter routes.
Using Route Maps to Filter Routes
When routers are configured to distribute routes with MPLS labels, all the routes are encoded with the multiprotocol extensions and contain an MPLS label. You can use a route map to control the distribution of MPLS labels between routers.
Route maps enable you to specify which routes are distributed with MPLS labels. Route maps also enable you to specify which routes with MPLS labels a router receives and adds to its BGP table.
Route maps work with access control lists (ACLs). You enter the routes into an ACL and then specify the ACL when you configure the route map. The routers accept only routes that are specified in the route map. The routers check the routes listed in the BGP update message against the list of routes in the ACL specified. If a route in the BGP update message matches a route in the ACL, the route is accepted and added to the BGP table.
Prerequisites
Before you configure and apply route maps for the CSC-PE routers, you need to create an ACL and specify the routes that the router should distribute with MPLS labels.
Configure a Route Map for Arriving Routes
This configuration is optional.
Perform this task to configure a route map to filter for arriving routes.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
DETAILED STEPS
Configure a Route Map for Departing Routes
This configuration is optional.
Perform this task to configure a route map to filter for departing routes.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
DETAILED STEPS
Apply the Route Maps to the CSC-PE and CSC-CE Routers
This configuration is optional.
Perform this task to enable the CSC-PE and the CSC-CE routers to use the route maps.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
DETAILED STEPS
Troubleshooting Tips
You can enter a show route-map map-name command to verify that the route map is applied to the CSC-CE and the CSC-PE routers.
Note
Additional Information
For a configuration example for this task, see the "Configuring Route Maps on the CSC-PE Routers Example" section.
Configure and Verify the Customer Carrier Network
Configuring and verifying the customer carrier network requires setting up connectivity and routing functions for the customer carrier core (P) routers and the customer carrier edge (PE) routers.
Prerequisites
Before you configure a customer carrier network for the MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution feature, you must configure the following on your customer carrier routers:
•
•
•
Note
Additional configuration and verification of the customer carrier network involves the following optional tasks:
•
•
Verify IP Connectivity in the Customer Carrier
Perform this task to verify IP connectivity in the customer carrier.
SUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Verifying IP Connectivity in the Customer Carrier Example" section.
Configure a Customer Carrier Core Router as a Route Reflector
Perform this task to configure a customer carrier core (P) router as a route reflector of multiprotocol BGP prefixes.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
DETAILED STEPS
Troubleshooting Tips
By default, neighbors that are defined using the neighbor remote-as command in router configuration mode exchange only unicast address prefixes. To exchange other address prefix types, such as multicast and VPNv4, neighbors must also be activated using the neighbor activate command in address family configuration mode, as shown.
Route reflectors and clients (neighbors or internal BGP peer groups) that are defined in router configuration mode using the neighbor route-reflector-client command reflect unicast address prefixes to and from those clients by default. To reflect prefixes for other address families, such as multicast, define the reflectors and clients in address family configuration mode using the neighbor route-reflector-client command, as shown.
Additional Information
For a configuration example for this task, see the "Configuring a Customer Carrier Core Router as a Route Reflector Example" section.
Configure and Verify the Customer Site for Hierarchical VPNs
The following tasks describe how to configure and verify the customer site for hierarchical VPNs:
•
•
•
•
Note
Configure Provider Edge Routers for Hierarchical VPNs
The following tasks describe how to configure PE routers for hierarchical VPNs:
•
•
Define VPNs on the Provider Edge Routers
Perform this task to define VPNs on the PE routers.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Configuring Provider Edge Routers for Hierarchical VPNs Examples" section.
Configure BGP Routing Sessions on the Provider Edge Routers
Perform this task to configure BGP routing sessions on the provider edge (PE) routers for PE-to-CE router communication.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Configuring Provider Edge Routers for Hierarchical VPNs Examples" section.
Verify Labels in Each Provider Edge Router for Hierarchical VPNs
Perform this task to verify labels in each PE router for hierarchical VPNs.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Verifying Labels in Each Provider Edge Router for Hierarchical VPNs Examples" section.
Configure Customer Edge Routers for Hierarchical VPNs
Perform this task to configure CE routers for hierarchical VPNs. This configuration is the same as that for an MPLS VPN that is not in an hierarchical topology.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Configuring Customer Edge Routers for Hierarchical VPNs Examples" section.
Verify IP Connectivity in the Customer Site
Perform this task to verify IP connectivity in the customer site.
SUMMARY STEPS
1.
2.
3.
4.
5.
DETAILED STEPS
Additional Information
For a configuration example for this task, see the "Verifying IP Connectivity in the Customer Site Examples" section.
Configuration Examples for MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution
Configuration examples for the MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution feature include the following:
•
•
•
•
Figure 3 shows a sample CSC topology for exchanging IPv4 routes and MPLS labels. Use this figure as a reference for configuring and verifying carrier supporting carrier routers to exchange IPv4 routes and MPLS labels.
Figure 3 Sample CSC Topology for Exchanging IPv4 Routes and MPLS Labels
Table 2 describes the sample configuration shown in Figure 3.
Table 2 Description of Sample Configuration Shown in Figure 3
CE1 and CE2
Belong to an end customer. CE1 and CE2 routers exchange routes learned from PE routers.
The end customer is purchasing VPN services from a customer carrier.
PE1 and PE2
Part of a customer carrier network that is configured to provide MPLS VPN services. PE1 and PE2 are peering with a VPNv4 IBGP session to form an MPLS VPN network.
CSC-CE1 and CSC-CE2
Part of a customer carrier network. CSC-CE1 and CSC-CE2 routers exchange IPv4 BGP updates with MPLS labels and redistribute PE loopback addressees to and from the IGP (OSPF in this example).
The customer carrier is purchasing carrier supporting carrier VPN services from a backbone carrier.
CSC-PE1 and CSC-PE2
Part of the backbone carrier's network configured to provide carrier supporting carrier VPN services. CSC-PE1 and CSC-PE2 are peering with a VPNv4 IP BGP session to form the MPLS VPN network. In the VRF, CSC-PE1 and CSC-PE2 are peering with the CSC-CE routers, which are configured for carrying MPLS labels with the routes, with an IPv4 EBGP session.
Configuring and Verifying the Backbone Carrier Core Examples
Configuration and verification examples for the backbone carrier core included in this section are as follows:
•
•
•
Verifying IP Connectivity and LDP Configuration in the CSC-Core Example
Check that CSC-PE2 is reachable from CSC-PE1 by entering the following command on CSC-CE1:
Router# ping ee.ee.ee.eeType escape sequence to abort.Sending 5, 100-byte ICMP Echos to ee.ee.ee.ee, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 msVerify the path from CSC-PE 1 to CSC-PE2 by entering the following command on CSC-CE1:
Router# trace ee.ee.ee.eeType escape sequence to abort.Tracing the route to ee.ee.ee.ee1 ee.ee.ee.ee 0 msec 0 msec *Check that CSC-PE router prefixes are in the MPLS forwarding table:
Router# show ip forwarding-tableLocal Outgoing Prefix or Bytes tag Outgoing Next Hoptag tag or VC Tunnel Id switched interface16 2/nn dd.dd.dd.dd/32 0 AT2/1/0.1 point2point17 16 bb.bb.bb.bb/32[V] 30204 Et1/0 pp.0.0.121 Pop tag cc.cc.cc.cc/32[V] 0 Et1/0 pp.0.0.122 Pop tag nn.0.0.0/8[V] 570 Et1/0 pp.0.0.123 Aggregate pp.0.0.0/8[V] 02 2/nn gg.gg.gg.gg/32[V] 0 AT3/0.1 point2point8 2/nn hh.hh.hh.hh/32[V] 15452 AT3/0.1 point2point29 2/nn qq.0.0.0/8[V] 0 AT3/0.1 point2point30 2/nn ss.0.0.0/8[V] 0 AT3/0.1 point2pointCheck the status of LDP discovery processes in the core:
Router# show mpls ldp discoveryLocal LDP Identifier:ee.ee.ee.ee:0Discovery Sources:Interfaces:ATM2/1/0.1 (ldp): xmit/recvTDP Id: dd.dd.dd.dd:1Check the status of LDP sessions in the core:
Router# show mpls ldp neighborPeer LDP Ident: dd.dd.dd.dd:1; Local LDP Ident ee.ee.ee.ee:1TCP connection: dd.dd.dd.dd.646 - ee.ee.ee.ee.11007State: Oper; Msgs sent/rcvd: 20/21; Downstream on demandUp time: 00:14:56LDP discovery sources:ATM2/1/0.1, Src IP addr: dd.dd.dd.ddCheck the forwarding table (prefixes, next-hops, and interfaces):
Router# show ip cefPrefix Next Hop Interface0.0.0.0/0 drop Null0 (default route handler entry)0.0.0.0/32 receivedd.dd.dd.dd/32 dd.dd.dd.dd ATM2/1/0.1ee.ee.ee.ee/32 receive224.0.0.0/4 drop224.0.0.0/24 receive255.255.255.255/32 receive
Note
Verify that interfaces are configured to use LDP:
Router# show mpls interfaces
Interface IP Tunnel OperationalEthernet0/1 Yes (ldp) No YesDisplay the entire routing table, including host IP address, next hop, interface, and so forth:
Router# show ip route
Codes: C - connected, S - static, I - IGRP, R - RIP, M - mobile, B - BGPD - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter areaN1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGPi - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area* - candidate default, U - per-user static route, o - ODRGateway of last resort is not setdd.0.0.0/32 is subnetted, 1 subnetsO dd.dd.dd.dd [110/7] via dd.dd.dd.dd, 00:16:42, ATM2/1/0.1ee.0.0.0/32 is subnetted, 1 subnetsC ee.ee.ee.ee is directly connected, Loopback0Configuring VRFs for CSC-PE Routers Example
The following example shows how to configure a VPN routing/forwarding instance (VRF) for a CSC-PE router:
ip cef distributedip vrf vpn1rd 100:1route target both 100:1!Configuring Multiprotocol BGP for VPN Connectivity in the Backbone Carrier Example
The following example shows how to configure Multiprotocol BGP for VPN connectivity in the backbone carrier:
ip cef distributedip vrf vpn1rd 100:1route target both 100:1hostname csc-pe1!router bgp 100no bgp default ipv4-unicastbgp log-neighbor-changestimers bgp 10 30neighbor ee.ee.ee.ee remote-as 100neighbor ee.ee.ee.ee update-source Loopback0no auto-summary!address-family vpnv4neighbor ee.ee.ee.ee activateneighbor ee.ee.ee.ee send-community extendedbgp dampening 30exit-address-family!router bgp 100. . .! (BGP IPv4 to CSC-CE router from CSC-PE router)!address-family ipv4 vrf vpn1neighbor ss.0.0.1 remote-as 200neighbor ss.0.0.1 activateneighbor ss.0.0.1 as-overrideneighbor ss.0.0.1 advertisement-interval 5neighbor ss.0.0.1 send-labelno auto-summaryno synchronizationbgp dampening 30exit-address-family!Configuring and Verifying the Links Between CSC-PE and CSC-CE Routers Examples
This section contains the following examples:
•
•
•
Configuring EBGP Link with send-label Option for Carrier Supporting Carrier on CSC-PE Routers Examples
CSC-PE configuration examples in this section include:
•
•
CSC-PE1 Configuration Example
The following example shows how to configure a CSC-PE1 router:
ip cef!ip vrf vpn1rd 100:1route-target export 100:1route-target import 100:1mpls label protocol ldp!interface Loopback0ip address dd.dd.dd.dd 255.255.255.255!interface Ethernet3/1ip vrf forwarding vpn1ip address pp.0.0.2 255.0.0.0!interface ATM0/1/0no ip addressno ip directed-broadcastno ip route-cache distributedatm clock INTERNALno atm enable-ilmi-trapno atm ilmi-keepalive!interface ATM0/1/0.1 mplsip unnumbered Loopback0no ip directed-broadcastno atm enable-ilmi-trapmpls label protocol ldpmpls atm vpi 2-5mpls ip!router ospf 100log-adjacency-changesauto-cost reference-bandwidth 1000redistribute connected subnetspassive-interface Ethernet3/1network dd.dd.dd.dd 0.0.0.0 area 100!router bgp 100no bgp default ipv4-unicastbgp log-neighbor-changestimers bgp 10 30neighbor ee.ee.ee.ee remote-as 100neighbor ee.ee.ee.ee update-source Loopback0!address-family vpnv4 !VPNv4 session with CSC-PE2.neighbor ee.ee.ee.ee activateneighbor ee.ee.ee.ee send-community extendedbgp dampening 30exit-address-family!address-family ipv4 vrf vpn1neighbor pp.0.0.1 remote-as 200neighbor pp.0.0.1 activateneighbor pp.0.0.1 as-overrideneighbor pp.0.0.1 advertisement-interval 5neighbor pp.0.0.1 send-labelno auto-summaryno synchronizationbgp dampening 30exit-address-familyCSC-PE2 Configuration Example
The following example shows how to configure a CSC-PE2 router:
ip cef!ip vrf vpn1rd 100:1route-target export 100:1route-target import 100:1mpls label protocol ldp!interface Loopback0ip address ee.ee.ee.ee 255.255.255.255!interface Ethernet5/0ip vrf forwarding vpn1ip address ss.0.0.2 255.0.0.0no ip directed-broadcastno ip route-cache distributedclock source internal!interface ATM2/1/0no ip addressno ip directed-broadcastno ip route-cache distributedatm clock INTERNALno atm enable-ilmi-trapno atm ilmi-keepalive!interface ATM2/1/0.1 mplsip unnumbered Loopback0no ip directed-broadcastno atm enable-ilmi-trapmpls label protocol ldpmpls atm vpi 2-5mpls ip!router ospf 100log-adjacency-changesauto-cost reference-bandwidth 1000redistribute connected subnetspassive-interface Ethernet5/0passive-interface ATM3/0/0network ee.ee.ee.ee 0.0.0.0 area 100!router bgp 100no bgp default ipv4-unicastbgp log-neighbor-changestimers bgp 10 30neighbor dd.dd.dd.dd remote-as 100neighbor dd.dd.dd.dd update-source Loopback0!address-family vpnv4 !VPNv4 session with CSC-PE1.neighbor dd.dd.dd.dd activateneighbor dd.dd.dd.dd send-community extendedbgp dampening 30exit-address-family!address-family ipv4 vrf vpn1neighbor ss.0.0.1 remote-as 200neighbor ss.0.0.1 activateneighbor ss.0.0.1 as-overrideneighbor ss.0.0.1 advertisement-interval 5neighbor ss.0.0.1 send-labelno auto-summaryno synchronizationbgp dampening 30exit-address-familyConfiguring EBGP Link with send-label Option for Carrier Supporting Carrier on CSC-CE Routers Examples
CSC-CE router configuration examples in this section include:
•
•
CSC-CE1 Configuration Example
The following example shows how to configure a CSC-CE1 router:
ip cef!mpls label protocol ldp!interface Loopback0ip address cc.cc.cc.cc 255.255.255.255!interface Ethernet3/0ip address pp.0.0.1 255.0.0.0!interface Ethernet4/0ip address nn.0.0.2 255.0.0.0no ip directed-broadcastno ip mroute-cachempls label protocol ldpmpls ip!router ospf 200log-adjacency-changesauto-cost reference-bandwidth 1000redistribute connected subnets !Exchange routesredistribute bgp 200 metric 3 subnets !learned from PE1.passive-interface ATM1/0passive-interface Ethernet3/0network cc.cc.cc.cc 0.0.0.0 area 200network nn.0.0.0 0.255.255.255 area 200!router bgp 200no bgp default ipv4-unicastbgp log-neighbor-changestimers bgp 10 30neighbor pp.0.0.2 remote-as 100neighbor pp.0.0.2 update-source Ethernet3/0no auto-summary!address-family ipv4redistribute connectedredistribute ospf 200 metric 4 match internalneighbor pp.0.0.2 activateneighbor pp.0.0.2 send-labelno auto-summaryno synchronizationbgp dampening 30exit-address-familyCSC-CE2 Configuration Example
This example shows how to configure a CSC-CE2 router:
ip cef!mpls label protocol ldp!interface Loopback0ip address gg.gg.gg.gg 255.255.255.255!interface Ethernet2/2ip address ss.0.0.2 255.0.0.0no ip directed-broadcastno ip mroute-cachempls label protocol ldpmpls ip!interface ATM3/1/0.1 point2pointip address yy.0.0.1 255.0.0.0no ip directed-broadcastno atm enable-ilmi-trapno ip mroute-cache!router ospf 200log-adjacency-changesauto-cost reference-bandwidth 1000redistribute connected subnets !Exchange routesredistribute bgp 200 metric 3 subnets !learned from PE2.passive-interface ATM3/1/0.1network gg.gg.gg.gg 0.0.0.0 area 200network ss.0.0.0 0.255.255.255 area 200!router bgp 200no bgp default ipv4-unicastbgp log-neighbor-changestimers bgp 10 30neighbor yy.0.0.2 remote-as 100neighbor yy.0.0.2 update-source ATM3/1/0.1no auto-summary!address-family ipv4redistribute connectedredistribute ospf 200 metric 4 match internalneighbor yy.0.0.2 activateneighbor yy.0.0.2 send-labelno auto-summaryno synchronizationbgp dampening 30exit-address-familyVerifying Labels in the CSC-PE Routers Examples
Commands that verify labels and their output on the CSC-PE router included in this section are as follows:
•
•
CSC-PE1 Router Verification Examples
Verify that the BGP session is up and running between the CSC-PE1 router and the CSC-CE1 router. Check the data in the State/PfxRcd column to verify that prefixes are learned during each session.
Router# show ip bgp vpnv4 all summaryBBGP router identifier dd.dd.dd.dd, local AS number 100BGP table version is 52, main routing table version 5212 network entries and 13 paths using 2232 bytes of memory6 BGP path attribute entries using 336 bytes of memory1 BGP AS-PATH entries using 24 bytes of memory1 BGP extended community entries using 24 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryDampening enabled. 0 history paths, 0 dampened pathsBGP activity 16/4 prefixes, 27/14 paths, scan interval 5 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcdee.ee.ee.ee 4 100 7685 7686 52 0 0 21:17:04 6pp.0.0.2 4 200 7676 7678 52 0 0 21:16:43 7Verify that the MPLS interfaces are up and running, and that LDP-enabled interfaces show that LDP is up and running. LDP is turned off on the VRF because EBGP distributes the labels.
Router# show mpls interfaces allInterface IP Tunnel OperationalGigabitEthernet6/0 Yes (ldp) No YesVRF vpn1:Ethernet3/1 No No YesVerify that the prefix for the PE1 router is in the routing table of the CSC-PE1 router:
Router# show ip route vrf vpn2 bb.bb.bb.bbRouting entry for bb.bb.bb.bb/32Known via "bgp 100", distance 20, metric 4Tag 200, type externalLast update from pp.0.0.2 21:28:39 agoRouting Descriptor Blocks:* pp.0.0.2, from pp.0.0.2, 21:28:39 agoRoute metric is 4, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefix for the PE2 router is in the routing table of the CSC-PE1 router:
Router# show ip route vrf vpn2 hh.hh.hh.hhRouting entry for hh.hh.hh.hh/32Known via "bgp 100", distance 200, metric 4Tag 200, type internalLast update from ee.ee.ee.ee 21:27:39 agoRouting Descriptor Blocks:* ee.ee.ee.ee (Default-IP-Routing-Table), from ee.ee.ee.ee, 21:27:39 agoRoute metric is 4, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefixes for the customer carrier MPLS VPN service provider networks are in the BGP table, and have appropriate labels:
Router# show ip bgp vpnv4 vrf vpn2 labelsNetwork Next Hop In label/Out labelRoute Distinguisher: 100:1 (vpn1)cc.cc.cc.cc/32 pp.0.0.2 22/imp-nullbb.bb.bb.bb/32 pp.0.0.2 27/20hh.hh.hh.hh/32 ee.ee.ee.ee 34/35gg.gg.gg.gg/32 ee.ee.ee.ee 30/30nn.0.0.0 pp.0.0.2 23/imp-nullss.0.0.0 ee.ee.ee.ee 33/34pp.0.0.0 pp.0.0.2 25/aggregate(vpn1)Verify that the prefix of the PE router in the local customer carrier MPLS VPN service provider (PE1) is in the CEF table:
Router# show ip cef vrf vpn2 bb.bb.bb.bbbb.bb.bb.bb/32, version 19, cached adjacency pp.0.0.20 packets, 0 bytestag information setlocal tag: 27fast tag rewrite with Et3/1, pp.0.0.2, tags imposed {20}via pp.0.0.2, 0 dependencies, recursivenext hop pp.0.0.2, Ethernet3/1 via pp.0.0.2/32valid cached adjacencytag rewrite with Et3/1, pp.0.0.2, tags imposed {20}Router# show ip cef vrf vpn2 bb.bb.bb.bb detailbb.bb.bb.bb/32, version 19, cached adjacency pp.0.0.20 packets, 0 bytestag information setlocal tag: 27fast tag rewrite with Et3/1, pp.0.0.2, tags imposed {20}via pp.0.0.2, 0 dependencies, recursivenext hop pp.0.0.2, Ethernet3/1 via pp.0.0.2/32valid cached adjacencytag rewrite with Et3/1, pp.0.0.2, tags imposed {20}Verify that the prefix of the PE router in the local customer carrier MPLS VPN service provider (PE1) is in the MPLS forwarding table:
Router# show mpls forwarding-table vrf vpn2 bb.bb.bb.bbLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface27 20 bb.bb.bb.bb/32[V] 958048 Et3/1 pp.0.0.2Router# show mpls forwarding-table vrf vpn2 bb.bb.bb.bb detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface27 20 bb.bb.bb.bb/32[V] 958125 Et3/1 pp.0.0.2MAC/Encaps=14/18, MTU=1500, Tag Stack{20}00B04A74A05400B0C26E10558847 00014000VPN route: vpn1No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15Verify that the prefix of the PE router in the remote customer carrier MPLS VPN service provider (PE2) is in the CEF table:
Router# show ip cef vrf vpn2 hh.hh.hh.hhhh.hh.hh.hh/32, version 25, cached adjacency rr.0.0.20 packets, 0 bytestag information setlocal tag: 34fast tag rewrite with Gi6/0, rr.0.0.2, tags imposed {35}via ee.ee.ee.ee, 0 dependencies, recursivenext hop rr.0.0.2, GigabitEthernet6/0 via ee.ee.ee.ee/32valid cached adjacencytag rewrite with Gi6/0, rr.0.0.2, tags imposed {35}Router# show ip cef vrf vpn2 hh.hh.hh.hh detailhh.hh.hh.hh/32, version 25, cached adjacency rr.0.0.20 packets, 0 bytestag information setlocal tag: 34fast tag rewrite with Gi6/0, rr.0.0.2, tags imposed {35}via ee.ee.ee.ee, 0 dependencies, recursivenext hop rr.0.0.2, GigabitEthernet6/0 via ee.ee.ee.ee/32valid cached adjacencytag rewrite with Gi6/0, rr.0.0.2, tags imposed {35}Verify that the prefix of the PE router in the remote customer carrier MPLS VPN service provider (PE2 router) is in the MPLS forwarding table:
Router# show mpls forwarding-table vrf vpn2 hh.hh.hh.hhLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface34 35 hh.hh.hh.hh/32[V] 139034 Gi6/0 rr.0.0.2Router# show mpls forwarding-table vrf vpn2 hh.hh.hh.hh detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface34 35 hh.hh.hh.hh/32[V] 139034 Gi6/0 rr.0.0.2MAC/Encaps=14/18, MTU=1500, Tag Stack{35}00B0C26E447000B0C26E10A88847 00023000VPN route: vpn1No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15CSC-PE2 Router Verification Examples
Verify that the BGP session is up and running between the CSC-PE2 router and the CSC-CE2 router. Check the data in the State/PfxRcd column to verify that prefixes are learned during each session.
Router# show ip bgp vpnv4 all summaryBGP router identifier ee.ee.ee.ee, local AS number 100BGP table version is 51, main routing table version 5112 network entries and 13 paths using 2232 bytes of memory6 BGP path attribute entries using 336 bytes of memory1 BGP AS-PATH entries using 24 bytes of memory1 BGP extended community entries using 24 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryDampening enabled. 0 history paths, 0 dampened pathsBGP activity 16/4 prefixes, 31/18 paths, scan interval 5 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcddd.dd.dd.dd 4 100 7901 7900 51 0 0 21:52:59 7ss.0.0.2 4 200 7871 7880 51 0 0 21:50:15 6Verify that the MPLS interfaces are up and running, and that LDP-enabled interfaces show that LDP is up and running. LDP is turned off on the VRF because EBGP distributes the labels.
Router# show mpls interfaces allInterface IP Tunnel OperationalGigabitEthernet4/0 Yes (ldp) No YesVRF vpn1:Ethernet5/0 No No YesVerify that the prefix of the PE1 router is in the routing table of the CSC-PE2 router:
Router# show ip route vrf vpn2 bb.bb.bb.bb.bbRouting entry for bb.bb.bb.bb/32Known via "bgp 100", distance 200, metric 4Tag 200, type internalLast update from dd.dd.dd.dd 21:53:30 agoRouting Descriptor Blocks:* dd.dd.dd.dd (Default-IP-Routing-Table), from dd.dd.dd.dd, 21:53:30 agoRoute metric is 4, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefix of the PE2 router is in the routing table of the CSC-PE2 router:
Router# show ip route vrf vpn2 hh.hh.hh.hhRouting entry for hh.hh.hh.hh/32Known via "bgp 100", distance 20, metric 4Tag 200, type externalLast update from ss.0.0.2 21:53:12 agoRouting Descriptor Blocks:* ss.0.0.2, from ss.0.0.2, 21:53:12 agoRoute metric is 4, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefixes for the customer carrier MPLS VPN service provider networks are in the BGP routing table, and that the prefixes have appropriate labels:
Router# show ip bgp vpnv4 vrf vpn2 labelsNetwork Next Hop In label/Out labelRoute Distinguisher: 100:1 (vpn1)cc.cc.cc.cc/32 dd.dd.dd.dd 27/22bb.bb.bb.bb/32 dd.dd.dd.dd 26/27hh.hh.hh.hh/32 ss.0.0.2 35/31gg.gg.gg.gg/32 ss.0.0.2 30/imp-nullnn.0.0.0 dd.dd.dd.dd 24/23ss.0.0.0 ss.0.0.2 34/aggregate(vpn1)pp.0.0.0 dd.dd.dd.dd 21/25Verify that the prefix of the PE router in the remote customer carrier MPLS VPN service provider (PE1) is in the CEF table:
Router# show ip cef vrf vpn2 bb.bb.bb.bbbb.bb.bb.bb/32, version 15, cached adjacency rr.0.0.10 packets, 0 bytestag information setlocal tag: 26fast tag rewrite with Gi4/0, rr.0.0.1, tags imposed {27}via dd.dd.dd.dd, 0 dependencies, recursivenext hop rr.0.0.1, GigabitEthernet4/0 via dd.dd.dd.dd/32valid cached adjacencytag rewrite with Gi4/0, rr.0.0.1, tags imposed {27}Router# show ip cef vrf vpn2 bb.bb.bb.bb detailbb.bb.bb.bb/32, version 15, cached adjacency rr.0.0.10 packets, 0 bytestag information setlocal tag: 26fast tag rewrite with Gi4/0, rr.0.0.1, tags imposed {27}via dd.dd.dd.dd, 0 dependencies, recursivenext hop rr.0.0.1, GigabitEthernet4/0 via dd.dd.dd.dd/32valid cached adjacencytag rewrite with Gi4/0, rr.0.0.1, tags imposed {27}Verify that the prefix of the PE router in the remote customer carrier MPLS VPN service provider (PE1) is in the MPLS forwarding table:
Router# show mpls forwarding-table vrf vpn2 bb.bb.bb.bbLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface26 27 bb.bb.bb.bb/32[V] 967450 Gi4/0 rr.0.0.1Router# show mpls forwarding-table vrf vpn2 bb.bb.bb.bb detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface26 27 bb.bb.bb.bb/32[V] 967510 Gi4/0 rr.0.0.1MAC/Encaps=14/18, MTU=1500, Tag Stack{27}00B0C26E10A800B0C26E44708847 0001B000VPN route: vpn1No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 1572k-131-9#Verify that the prefix of the PE router in the local customer carrier MPLS VPN service provider (PE2) is in the CEF table:
Router# show ip cef vrf vpn2 hh.hh.hh.hhhh.hh.hh.hh/32, version 33, cached adjacency ss.0.0.20 packets, 0 bytestag information setlocal tag: 35fast tag rewrite with Et5/0, ss.0.0.2, tags imposed {31}via ss.0.0.2, 0 dependencies, recursivenext hop ss.0.0.2, Ethernet5/0 via ss.0.0.2/32valid cached adjacencytag rewrite with Et5/0, ss.0.0.2, tags imposed {31}Router# show ip cef vrf vpn2 hh.hh.hh.hh detailhh.hh.hh.hh/32, version 33, cached adjacency ss.0.0.20 packets, 0 bytestag information setlocal tag: 35fast tag rewrite with Et5/0, ss.0.0.2, tags imposed {31}via ss.0.0.2, 0 dependencies, recursivenext hop ss.0.0.2, Ethernet5/0 via ss.0.0.2/32valid cached adjacencytag rewrite with Et5/0, ss.0.0.2, tags imposed {31}Verify that the prefix of the PE router in the local customer carrier MPLS VPN service provider (PE2) is in the MPLS forwarding table:
Router# show mpls forwarding-table vrf <CSC-PE-vrf-name> hh.hh.hh.hhLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface35 31 hh.hh.hh.hh/32[V] 2023332 Et5/0 ss.0.0.2Router# show mpls forwarding-table vrf <CSC-PE-vrf-name> hh.hh.hh.hh detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface35 31 hh.hh.hh.hh/32[V] 2023469 Et5/0 ss.0.0.2MAC/Encaps=14/18, MTU=1500, Tag Stack{31}0030A363380300B0C26E448C8847 0001F000VPN route: vpn1No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15Verifying Labels in the CSC-CE Routers Examples
Commands that verify labels and their output on the CSC-PE router included in this section are as follows:
•
•
CSC-CE1 Router Verification Examples
Verify that the BGP session is up and running:
Router# show ip bgp summaryBGP router identifier cc.cc.cc.cc, local AS number 200BGP table version is 35, main routing table version 3514 network entries and 14 paths using 2030 bytes of memory3 BGP path attribute entries using 168 bytes of memory1 BGP AS-PATH entries using 24 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryDampening enabled. 1 history paths, 0 dampened pathsBGP activity 17/67 prefixes, 29/15 paths, scan interval 60 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcdpp.0.0.1 4 100 7615 7613 35 0 0 21:06:19 5Verify that the loopback address of the local PE router (PE1) is in the routing table:
Router# show ip route bb.bb.bb.bbRouting entry for bb.bb.bb.bb/32Known via "ospf 200", distance 110, metric 101, type intra areaRedistributing via bgp 200Advertised by bgp 200 metric 4 match internalLast update from nn.0.0.1 on Ethernet4/0, 00:34:08 agoRouting Descriptor Blocks:* nn.0.0.1, from bb.bb.bb.bb, 00:34:08 ago, via Ethernet4/0Route metric is 101, traffic share count is 1Verify that the loopback address of the remote PE router (PE2) is in the routing table:
Router# show ip route hh.hh.hh.hhRouting entry for hh.hh.hh.hh/32Known via "bgp 200", distance 20, metric 0Tag 100, type externalRedistributing via ospf 200Advertised by ospf 200 metric 3 subnetsLast update from pp.0.0.1 00:45:16 agoRouting Descriptor Blocks:* pp.0.0.1, from pp.0.0.1, 00:45:16 agoRoute metric is 0, traffic share count is 1AS Hops 2, BGP network version 0Verify that the prefix of the local PE router (PE1) is in the MPLS LDP bindings:
Router# show mpls ldp bindings bb.bb.bb.bb 255.255.255.255tib entry: bb.bb.bb.bb/32, rev 20local binding: tag: 20remote binding: tsr: bb.bb.bb.bb:0, tag: imp-nullVerify that the prefix of the local PE router (PE1) is in the CEF table:
Router# show ip cef bb.bb.bb.bbbb.bb.bb.bb/32, version 46, cached adjacency nn.0.0.10 packets, 0 bytestag information setlocal tag: 20via nn.0.0.1, Ethernet4/0, 0 dependenciesnext hop nn.0.0.1, Ethernet4/0unresolvedvalid cached adjacencytag rewrite with Et4/0, nn.0.0.1, tags imposed {}Verify that the prefix of the local PE router (PE1) is in the MPLS forwarding table:
Router# show mpls forwarding-table bb.bb.bb.bbLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface20 Pop tag bb.bb.bb.bb/32 893397 Et4/0 nn.0.0.1Router# show mpls forwarding-table bb.bb.bb.bb detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface20 Pop tag bb.bb.bb.bb/32 893524 Et4/0 nn.0.0.1MAC/Encaps=14/14, MTU=1504, Tag Stack{}00074F83685400B04A74A0708847No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15Verify that the BGP routing table contains labels for prefixes in the customer carrier MPLS VPN service provider networks:
Router# show ip bgp labelsNetwork Next Hop In Label/Out Labelcc.cc.cc.cc/32 0.0.0.0 imp-null/exp-nullbb.bb.bb.bb/32 nn.0.0.1 20/exp-nullhh.hh.hh.hh/32 pp.0.0.1 26/34gg.gg.gg.gg/32 pp.0.0.1 23/30nn.0.0.0 0.0.0.0 imp-null/exp-nullss.0.0.0 pp.0.0.1 25/33pp.0.0.0 0.0.0.0 imp-null/exp-nullpp.0.0.1/32 0.0.0.0 16/exp-nullVerify that the prefix of the remote PE router (PE2) is in the CEF table:
Router# show ip cef hh.hh.hh.hhhh.hh.hh.hh/32, version 54, cached adjacency pp.0.0.10 packets, 0 bytestag information setlocal tag: 26fast tag rewrite with Et3/0, pp.0.0.1, tags imposed {34}via pp.0.0.1, 0 dependencies, recursivenext hop pp.0.0.1, Ethernet3/0 via pp.0.0.1/32valid cached adjacencytag rewrite with Et3/0, pp.0.0.1, tags imposed {34}Verify that the prefix of the remote PE router (PE2) is in the MPLS forwarding table:
Router# show mpls forwarding-table hh.hh.hh.hhLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface26 34 hh.hh.hh.hh/32 81786 Et3/0 pp.0.0.1Router# show mpls forwarding-table hh.hh.hh.hh detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface26 34 hh.hh.hh.hh/32 81863 Et3/0 pp.0.0.1MAC/Encaps=14/18, MTU=1500, Tag Stack{34}00B0C26E105500B04A74A0548847 00022000No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15CSC-CE2 Router Verification Examples
Verify that the BGP session is up and running:
Router# show ip bgp summaryBGP router identifier gg.gg.gg.gg, local AS number 200BGP table version is 31, main routing table version 3113 network entries and 13 paths using 1885 bytes of memory3 BGP path attribute entries using 168 bytes of memory1 BGP AS-PATH entries using 24 bytes of memory0 BGP route-map cache entries using 0 bytes of memory0 BGP filter-list cache entries using 0 bytes of memoryDampening enabled. 0 history paths, 0 dampened pathsBGP activity 17/4 prefixes, 20/7 paths, scan interval 60 secsNeighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcdss.0.0.1 4 100 7962 7953 31 0 0 22:03:55 6Verify that the loopback address of the local PE router (PE2) is in the routing table:
Router# show ip route hh.hh.hh.hhRouting entry for hh.hh.hh.hh/32Known via "ospf 200", distance 110, metric 7, type intra areaRedistributing via bgp 200Advertised by bgp 200 metric 4 match internalLast update from 19.19.19.19 on ATM3/1/0.1, 01:37:02 agoRouting Descriptor Blocks:* hh.hh.hh.hh, from hh.hh.hh.hh, 01:37:02 ago, via ATM3/1/0.1Route metric is 7, traffic share count is 1Verify that the loopback address of the remote PE router (PE1) is in the routing table:
Router# show ip route bb.bb.bb.bbRouting entry for bb.bb.bb.bb/32Known via "bgp 200", distance 20, metric 0Tag 100, type externalRedistributing via ospf 200Advertised by ospf 200 metric 3 subnetsLast update from ss.0.0.1 22:04:44 agoRouting Descriptor Blocks:* ss.0.0.1, from ss.0.0.1, 22:04:44 agoRoute metric is 0, traffic share count is 1AS Hops 2, BGP network version 0Verify that the prefix of the local PE router (PE2) is in the MPLS LDP bindings:
Router# show mpls ldp bindings hh.hh.hh.hh 255.255.255.255tib entry: hh.hh.hh.hh/32, rev 37local binding: tag: 31Router# show mpls ldp bindings hh.hh.hh.hh 255.255.255.255 detailtib entry: hh.hh.hh.hh/32, rev 37local binding: tag: 31Verify that the prefix of the local PE (PE2) is in the CEF table:
Router# show ip cef hh.hh.hh.hhhh.hh.hh.hh/32, version 31, cached adjacency to ATM3/1/0.10 packets, 0 bytestag information setlocal tag: 31fast tag rewrite with AT3/1/0.1, point2point, tags imposed {2/33(vcd=2)}via hh.hh.hh.hh, ATM3/1/0.1, 0 dependenciesnext hop hh.hh.hh.hh, ATM3/1/0.1unresolvedvalid cached adjacencytag rewrite with AT3/1/0.1, point2point, tags imposed {2/33(vcd=2)}Router# show ip cef hh.hh.hh.hh detailhh.hh.hh.hh/32, version 31, cached adjacency to ATM3/1/0.10 packets, 0 bytestag information setlocal tag: 31fast tag rewrite with AT3/1/0.1, point2point, tags imposed {2/33(vcd=2)}via hh.hh.hh.hh, ATM3/1/0.1, 0 dependenciesnext hop hh.hh.hh.hh, ATM3/1/0.1unresolvedvalid cached adjacencytag rewrite with AT3/1/0.1, point2point, tags imposed {2/33(vcd=2)}Verify that the prefix of the local PE router (PE2) is in the MPLS forwarding table:
Router# show mpls forwarding-table hh.hh.hh.hhLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface31 2/33 hh.hh.hh.hh/32 1908083 AT3/1/0.1 point2pointRouter# show mpls forwarding-table hh.hh.hh.hh detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface31 2/33 hh.hh.hh.hh/32 1908200 AT3/1/0.1 point2pointMAC/Encaps=4/8, MTU=4470, Tag Stack{2/33(vcd=2)}00028847 00002000No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15Verify that the BGP routing table contains labels for prefixes in the customer carrier MPLS VPN service provider networks:
Router# show ip bgp labelsNetwork Next Hop In Label/Out Labelcc.cc.cc.cc/32 ss.0.0.1 18/27bb.bb.bb.bb/32 ss.0.0.1 19/26hh.hh.hh.hh/32 hh.hh.hh.hh 31/exp-nullgg.gg.gg.gg/32 0.0.0.0 imp-null/exp-nullnn.0.0.0 ss.0.0.1 22/24ss.0.0.0 0.0.0.0 imp-null/exp-nullss.0.0.1/32 0.0.0.0 16/exp-nullpp.0.0.0 ss.0.0.1 26/21Verify that the prefix of the remote PE router (PE1) is in the CEF table:
Router# show ip cef bb.bb.bb.bbbb.bb.bb.bb/32, version 18, cached adjacency ss.0.0.10 packets, 0 bytestag information setlocal tag: 19fast tag rewrite with Et0/0/3, ss.0.0.1, tags imposed {26}via ss.0.0.1, 0 dependencies, recursivenext hop ss.0.0.1, Ethernet0/0/3 via ss.0.0.1/32valid cached adjacencytag rewrite with Et0/0/3, ss.0.0.1, tags imposed {26}Router# show ip cef bb.bb.bb.bb detailbb.bb.bb.bb/32, version 18, cached adjacency ss.0.0.10 packets, 0 bytestag information setlocal tag: 19fast tag rewrite with Et0/0/3, ss.0.0.1, tags imposed {26}via ss.0.0.1, 0 dependencies, recursivenext hop ss.0.0.1, Ethernet0/0/3 via ss.0.0.1/32valid cached adjacencytag rewrite with Et0/0/3, ss.0.0.1, tags imposed {26}Verify that the prefix of the remote PE router (PE1) is in the MPLS forwarding table:
Router# show mpls forwarding-table bb.bb.bb.bbLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface19 26 bb.bb.bb.bb/32 965401 Et0/0/3 ss.0.0.1Router# show mpls forwarding-table bb.bb.bb.bb detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface19 26 bb.bb.bb.bb/32 965478 Et0/0/3 ss.0.0.1MAC/Encaps=14/18, MTU=1500, Tag Stack{26}00B0C26E448C0030A36338038847 0001A000No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15Configuring Route Maps on the CSC-PE Routers Example
The following example creates two route maps, which are named:
•
•
The route maps specify the following:
•
•
The route maps are applied to the CSC-PE router with the address qq.0.0.1.
address-family ipv4 vrf vpn2neighbor qq.0.0.1 remote-as 200neighbor qq.0.0.1 activateneighbor qq.0.0.1 as-overrideneighbor qq.0.0.1 advertisement-interval 5neighbor qq.0.0.1 route-map IN inneighbor qq.0.0.1 route-map OUT outneighbor qq.0.0.1 send-label!access-list 88 permit rr.rr.rr.rraccess-list 88 permit ss.ss.ss.ssaccess-list 88 permit tt.tt.tt.ttaccess-list 99 permit uu.uu.uu.uuaccess-list 99 permit vv.vv.vv.vvaccess-list 99 permit ww.ww.ww.ww!route-map IN permit 1match ip address 99!route-map OUT permit 1match ip address 88set mpls-label!Configuring and Verifying the Customer Carrier Network Examples
Customer carrier configuration and verification examples in this section include:
•
•
Verifying IP Connectivity in the Customer Carrier Example
Verify the connectivity from one customer carrier core router to another (from CE1 to CE2) by entering the following command:
Router# ping jj.jj.jj.jjType escape sequence to abort.Sending 5, 100-byte ICMP Echos to jj.jj.jj.jj, timeout is 2 seconds:!!!!!Success rate is 100 percent (5/5), round-trip min/avg/max = 8/9/12 msVerify the path that a packet goes through on its way to its final destination from CE1 to CE2:
Router# trace jj.jj.jj.jjType escape sequence to abort.Tracing the route to jj.jj.jj.jj1 mm.0.0.2 0 msec 0 msec 4 msec2 nn.0.0.2 [MPLS: Labels 20/21 Exp 0] 8 msec 8 msec 12 msec3 pp.0.0.2 [MPLS: Labels 28/21 Exp 0] 8 msec 8 msec 12 msec4 ss.0.0.1 [MPLS: Labels 17/21 Exp 0] 8 msec 8 msec 12 msec5 ss.0.0.2 [MPLS: Labels 16/21 Exp 0] 8 msec 8 msec 12 msec6 tt.0.0.1 [AS 200] [MPLS: Label 21 Exp 0] 8 msec 8 msec 8 msec7 tt.0.0.2 [AS 200] 8 msec 4 msec *Verify the path that a packet goes through on its way to its final destination from CE2 to CE1:
Router# trace aa.aa.aa.aaType escape sequence to abort.Tracing the route to aa.aa.aa.aa1 tt.0.0.1 0 msec 0 msec 0 msec2 qq.0.0.2 [MPLS: Labels 18/21 Exp 0] 8 msec 12 msec 12 msec3 ss.0.0.1 [MPLS: Labels 28/21 Exp 0] 8 msec 8 msec 8 msec4 pp.0.0.2 [MPLS: Labels 17/21 Exp 0] 12 msec 8 msec 8 msec5 pp.0.0.1 [MPLS: Labels 16/21 Exp 0] 12 msec 12 msec 8 msec6 mm.0.0.2 [AS 200] [MPLS: Label 21 Exp 0] 12 msec 8 msec 12 msec7 mm.0.0.1 [AS 200] 4 msec 4 msec *Configuring a Customer Carrier Core Router as a Route Reflector Example
The following example shows how to use an address family to configure internal BGP peer 10.1.1.1 as a route-reflector client for both unicast and multicast prefixes:
router bgp 200address-family vpnv4neighbor 10.1.1.1 activateneighbor 10.1.1.1 route-reflector-clientrouter bgp 100address-family vpnv4neighbor xx.xx.xx.xx activateneighbor xx.xx.xx.xx route-reflector-client! xx.xx.xx,xx is a PE routerneighbor xx.xx.xx.xx send-community extendedexit address-family! You need to configure your peer BGP neighbor.Configuring and Verifying the Customer Site for Hierarchical VPNs Examples
This section contains the following configuration and verification examples for the customer site:
•
•
•
•
Configuring Provider Edge Routers for Hierarchical VPNs Examples
Provider Edge (PE) router configuration examples in this section include:
•
•
PE1 Router Configuration Example
This example shows how to configure a PE1 router:
ip cef!ip vrf vpn2rd 200:1route-target export 200:1route-target import 200:1mpls label protocol ldp!interface Loopback0ip address bb.bb.bb.bb 255.255.255.255!interface Ethernet3/0ip address nn.0.0.1 255.0.0.0no ip directed-broadcastno ip mroute-cachempls label protocol ldpmpls ip!interface Ethernet3/3ip vrf forwarding vpn2ip address mm.0.0.2 255.0.0.0no ip directed-broadcastno ip mroute-cache!router ospf 200log-adjacency-changesauto-cost reference-bandwidth 1000redistribute connected subnetspassive-interface Ethernet3/3network bb.bb.bb.bb 0.0.0.0 area 200network nn.0.0.0 0.255.255.255 area 200!router bgp 200no bgp default ipv4-unicastbgp log-neighbor-changestimers bgp 10 30neighbor hh.hh.hh.hh remote-as 200neighbor hh.hh.hh.hh update-source Loopback0!address-family vpnv4 !VPNv4 session with PE2.neighbor hh.hh.hh.hh activateneighbor hh.hh.hh.hh send-community extendedbgp dampening 30exit-address-family!address-family ipv4 vrf vpn2neighbor mm.0.0.1 remote-as 300neighbor mm.0.0.1 activateneighbor mm.0.0.1 as-overrideneighbor mm.0.0.1 advertisement-interval 5no auto-summaryno synchronizationbgp dampening 30exit-address-familyPE2 Router Configuration Example
This example shows how to configure a PE2 router:
ip cef!ip vrf vpn2rd 200:1route-target export 200:1route-target import 200:1!mpls label protocol ldp!interface Loopback0ip address hh.hh.hh.hh 255.255.255.255!interface Ethernet3/6ip vrf forwarding vpn2ip address tt.0.0.2 255.0.0.0!interface ATM5/0.1 point2pointip address qq.0.0.1 255.0.0.0no ip directed-broadcastno atm enable-ilmi-trapno ip mroute-cachempls label protocol ldpmpls ip!router bgp 200no bgp default ipv4-unicastbgp log-neighbor-changestimers bgp 10 30neighbor bb.bb.bb.bb remote-as 200neighbor bb.bb.bb.bb update-source Loopback0!address-family vpnv4 !VPNv4 session with PE1.neighbor bb.bb.bb.bb activateneighbor bb.bb.bb.bb send-community extendedbgp dampening 30exit-address-family!address-family ipv4 vrf vpn2neighbor tt.0.0.1 remote-as 300neighbor tt.0.0.1 activateneighbor tt.0.0.1 as-overrideneighbor tt.0.0.1 advertisement-interval 5no auto-summaryno synchronizationbgp dampening 30exit-address-familyVerifying Labels in Each Provider Edge Router for Hierarchical VPNs Examples
Provider edge (PE) router label verification examples in this section include the following:
•
•
PE1 Router Label Verification Examples
Verify that the loopback address of the local CE router (CE1) is in the routing table of the PE1 router:
Router# show ip route vrf vpn2 aa.aa.aa.aaRouting entry for aa.aa.aa.aa/32Known via "bgp 200", distance 20, metric 0Tag 300, type externalLast update from mm.0.0.2 20:36:59 agoRouting Descriptor Blocks:* mm.0.0.2, from mm.0.0.2, 20:36:59 agoRoute metric is 0, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefix for the local CE router (CE1) is in the MPLS forwarding table, and that the prefix is untagged:
Router# show mpls forwarding-table vrf vpn2 aa.aa.aa.aaLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface23 Untagged aa.aa.aa.aa/32[V] 0 Et3/3 mm.0.0.2Verify that the prefix of the remote PE router (PE2) is in the Cisco Express Forwarding (CEF) table:
Router# show ip cef hh.hh.hh.hhhh.hh.hh.hh/32, version 31, cached adjacency nn.0.0.20 packets, 0 bytestag information setlocal tag: 31fast tag rewrite with Et3/0, nn.0.0.2, tags imposed {26}via nn.0.0.2, Ethernet3/0, 2 dependenciesnext hop nn.0.0.2, Ethernet3/0unresolvedvalid cached adjacencytag rewrite with Et3/0, nn.0.0.2, tags imposed {26}Verify that the loopback address of the remote CE router (CE2) is in the routing table:
Router# show ip route vrf vpn2 jj.jj.jj.jjRouting entry for jj.jj.jj.jj/32Known via "bgp 200", distance 200, metric 0Tag 300, type internalLast update from hh.hh.hh.hh 20:38:49 agoRouting Descriptor Blocks:* hh.hh.hh.hh (Default-IP-Routing-Table), from hh.hh.hh.hh, 20:38:49 agoRoute metric is 0, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefix of the remote CE router (CE2) is in the MPLS forwarding table, and that an outgoing interface exists:
Router# show mpls forwarding-table vrf vpn2 jj.jj.jj.jjLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interfaceNone 26 jj.jj.jj.jj/32 0 Et3/0 nn.0.0.2Verify that the prefix of the remote CE router (CE2) is in the CEF table:
Router# show ip cef vrf vpn2 jj.jj.jj.jjjj.jj.jj.jj/32, version 12, cached adjacency nn.0.0.20 packets, 0 bytestag information setlocal tag: VPN route headfast tag rewrite with Et3/0, nn.0.0.2, tags imposed {26 32}via hh.hh.hh.hh, 0 dependencies, recursivenext hop nn.0.0.2, Ethernet3/0 via hh.hh.hh.hh/32valid cached adjacencytag rewrite with Et3/0, nn.0.0.2, tags imposed {26 32}Verify that the prefix of the local PE router (PE1) is in the CEF table:
Router# show ip cef bb.bb.bb.bbbb.bb.bb.bb/32, version 9, connected, receivetag information setlocal tag: implicit-nullPE2 Router Label Verification Examples
Verify that the loopback address of the local CE router (CE2) is in the routing table of the PE2 router:
Router# show ip route vrf vpn2 jj.jj.jj.jjRouting entry for jj.jj.jj.jj/32Known via "bgp 200", distance 20, metric 0Tag 300, type externalLast update from tt.0.0.2 22:11:06 agoRouting Descriptor Blocks:* tt.0.0.2, from tt.0.0.2, 22:11:06 agoRoute metric is 0, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefix of the local CE router (CE2) is in the MPLS forwarding table, and is untagged:
Router# show mpls forwarding-table vrf vpn2 jj.jj.jj.jjLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface32 Untagged jj.jj.jj.jj/32[V] 0 Et3/6 tt.0.0.2Router# show mpls forwarding-table vrf vpn2 jj.jj.jj.jj detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interface32 Untagged jj.jj.jj.jj/32[V] 0 Et3/6 tt.0.0.2MAC/Encaps=0/0, MTU=1504, Tag Stack{}VPN route: vpn2No output feature configuredPer-packet load-sharing, slots: 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15Verify that the prefix of the remote PE router (PE1) is in the CEF table:
Router# show ip cef bb.bb.bb.bbbb.bb.bb.bb/32, version 19, cached adjacency to ATM5/0.10 packets, 0 bytestag information setlocal tag: 20fast tag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6)}via gg.gg.gg.gg, ATM5/0.1, 2 dependenciesnext hop gg.gg.gg.gg, ATM5/0.1unresolvedvalid cached adjacencytag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6)}Router# show ip cef bb.bb.bb.bb detailbb.bb.bb.bb/32, version 19, cached adjacency to ATM5/0.10 packets, 0 bytestag information setlocal tag: 20fast tag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6)}via gg.gg.gg.gg, ATM5/0.1, 2 dependenciesnext hop gg.gg.gg.gg, ATM5/0.1unresolvedvalid cached adjacencytag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6)}Verify that the loopback address of the remote CE router (CE1) is in the routing table:
Router# show ip route vrf vpn2 aa.aa.aa.aaRouting entry for aa.aa.aa.aa/32Known via "bgp 200", distance 200, metric 0Tag 300, type internalLast update from bb.bb.bb.bb 01:43:34 agoRouting Descriptor Blocks:* bb.bb.bb.bb (Default-IP-Routing-Table), from bb.bb.bb.bb, 01:43:34 agoRoute metric is 0, traffic share count is 1AS Hops 1, BGP network version 0Verify that the prefix of the remote CE router (CE1) is in the MPLS forwarding table, and that it has an outgoing interface:
Router# show mpls forwarding-table vrf vpn2 aa.aa.aa.aaLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interfaceNone 2/35 aa.aa.aa.aa/32 0 AT5/0.1 point2pointRouter# show mpls forwarding-table vrf vpn2 aa.aa.aa.aa detailLocal Outgoing Prefix Bytes tag Outgoing Next Hoptag tag or VC or Tunnel Id switched interfaceNone 2/35 aa.aa.aa.aa/32 0 AT5/0.1 point2pointMAC/Encaps=4/12, MTU=4466, Tag Stack{2/35(vcd=6) 23}00068847 0000600000017000No output feature configuredVerify that the prefix of the remote CE router (CE1) is in the CEF table:
Router# show ip cef vrf vpn2 aa.aa.aa.aaaa.aa.aa.aa/32, version 10, cached adjacency to ATM5/0.10 packets, 0 bytestag information setlocal tag: VPN route headfast tag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6) 23}via bb.bb.bb.bb, 0 dependencies, recursivenext hop gg.gg.gg.gg, ATM5/0.1 via bb.bb.bb.bb/32valid cached adjacencytag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6) 23}Router# show ip cef vrf vpn2 aa.aa.aa.aa detailaa.aa.aa.aa/32, version 10, cached adjacency to ATM5/0.10 packets, 0 bytestag information setlocal tag: VPN route headfast tag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6) 23}via bb.bb.bb.bb, 0 dependencies, recursivenext hop gg.gg.gg.gg, ATM5/0.1 via bb.bb.bb.bb/32valid cached adjacencytag rewrite with AT5/0.1, point2point, tags imposed {2/35(vcd=6) 23}Verify that the prefix of the local PE router (PE2) is in the CEF table:
Router# show ip cef hh.hh.hh.hhhh.hh.hh.hh/32, version 9, connected, receivetag information setlocal tag: implicit-nullRouter# show ip cef hh.hh.hh.hh detailhh.hh.hh.hh/32, version 9, connected, receivetag information setlocal tag: implicit-nullConfiguring Customer Edge Routers for Hierarchical VPNs Examples
Customer edge (CE) router configuration examples in this section include:
CE1 Configuration Example
The following example shows how to configure a CE1 router:
ip cefinterface Loopback0ip address aa.aa.aa.aa 255.255.255.255!interface Ethernet3/3ip address mm.0.0.1 255.0.0.0!router bgp 300no synchronizationbgp log-neighbor-changestimers bgp 10 30redistribute connected !Redistributing routes into BGPneighbor mm.0.0.2 remote-as 200 !to send to PE1.neighbor mm.0.0.2 advertisement-interval 5no auto-summaryCE2 Configuration Example
The following example shows how to configure a CE2 router:
ip cef!interface Loopback0ip address jj.jj.jj.jj 255.255.255.255!interface Ethernet3/6ip address tt.0.0.1 255.0.0.0!router bgp 300no synchronizationbgp log-neighbor-changestimers bgp 10 30 !Redistributing static routes into BGPredistribute connected !to send to PE2.redistribute ospf 300 match internal external 1 external 2neighbor tt.0.0.2 remote-as 200neighbor tt.0.0.2 advertisement-interval 5no auto-summaryVerifying IP Connectivity in the Customer Site Examples
Customer edge (CE) router verification examples in this section include:
•
•
CE1 Router Verification Example
Verify that the loopback address of the remote CE router (CE2), learned from the PE router, is in the routing table of the CE1 router:
Router# show ip route jj.jj.jj.jjRouting entry for jj.jj.jj.jj/32Known via "bgp 300", distance 20, metric 0Tag 200, type externalRedistributing via ospf 300Advertised by ospf 300 subnetsLast update from mm.0.0.1 20:29:35 agoRouting Descriptor Blocks:* mm.0.0.1, from mm.0.0.1, 20:29:35 agoRoute metric is 0, traffic share count is 1AS Hops 2CE2 Router Verification Example
Verify that the loopback address of the remote CE router (CE1), learned from the PE router, is in the routing table of the CE2 router:
Router# show ip route aa.aa.aa.aaRouting entry for aa.aa.aa.aa/32Known via "bgp 300", distance 20, metric 0Tag 200, type externalRedistributing via ospf 300Advertised by ospf 300 subnetsLast update from tt.0.0.1 22:16:46 agoRouting Descriptor Blocks:* tt.0.0.1, from tt.0.0.1, 22:16:46 agoRoute metric is 0, traffic share count is 1AS Hops 2Additional References
For additional information related to MPLS VPN—Carrier Supporting Carrier—IPv4 BGP Label Distribution, refer to the following references:
•
•
Related Documents
MPLS configuration tasks
"Configuring Multiprotocol Label Switching" chapter in the
Cisco IOS Switching Services Configuration Guide, Release 12.2MPLS VPN configuration tasks
Enhanced MPLS VPN traffic management configuration tasks
Basic MPLS VPN Carrier Supporting Carrier configuration tasks
BGP configuration tasks
"Configuring BGP chapter" in the
Cisco IOS IP Configuration Guide, Release 12.2An explanation of how BGP works and how you can use it to participate in routing with other networks that run BGP
An explanation of the purpose of the BGP and the BGP route selection process, and how to use BGP attributes in route selection
"Border Gateway Protocol" chapter in the
Internetworking Technology OverviewCommands to configure and monitor BGP
"Border Gateway Protocol" chapter in the Cisco IOS IP Command Reference, Volume 2 of 3: Routing Protocols, Release 12.2
MPLS LDP configuration tasks
OSPF configuration tasks
"Configuring OSFP" chapter in the "
Cisco IOS IP Configuration Guide, Part II: IP Routing Protocols, Release 12.2IS-IS configuration tasks
"Configuring Integrated IS-IS chapter" in the
Cisco IOS IP Configuration Guide, Part II: IP Routing Protocol, Release 12.2Extended ping and extended traceroute commands
Using the Extended ping and Extended traceroute Commands
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
MIBs
No new or modified MIBs are supported by this feature, and support for existing MIBs has not been modified by this feature.
To obtain lists of supported MIBs by platform and Cisco IOS release, and to download MIB modules, go to the Cisco MIB website on Cisco.com at the following URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
1 Not all supported MIBs are listed.
To locate and download MIBs for selected platforms, Cisco IOS releases, and feature sets, use Cisco MIB Locator found at the following URL:
http://tools.cisco.com/ITDIT/MIBS/servlet/index
If Cisco MIB Locator does not support the MIB information that you need, you can also obtain a list of supported MIBs and download MIBs from the Cisco MIBs page at the following URL:
http://www.cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml
To access Cisco MIB Locator, you must have an account on Cisco.com. If you have forgotten or lost your account information, send a blank e-mail to cco-locksmith@cisco.com. An automatic check will verify that your e-mail address is registered with Cisco.com. If the check is successful, account details with a new random password will be e-mailed to you. Qualified users can establish an account on Cisco.com by following the directions found at this URL:
RFCs
RFC 1164
Application of the Border Gateway Protocol in the Internet
RFC 1171
A Border Gateway Protocol 4
RFC 1700
Assigned Numbers
RFC 1966
BGP Route Reflection: An Alternative to Full Mesh IBGP
RFC 2283
Multiprotocol Extensions for BGP-4
RFC 2547
BGP/MPLS VPNs
RFC 2842
Capabilities Advertisement with BGP-4
RFC 2858
Multiprotocol Extensions for BGP-4
RFC 3107
Carrying Label Information in BGP-4
1 Not all supported RFCs are listed.
Technical Assistance
Command Reference
This section documents new or modified commands. All other commands used with this feature are documented in the Cisco IOS Release 12.2 command reference publications.
New Commands
Modified Commands
debug ip bgp
To display information related to processing of the Border Gateway Protocol (BGP), use the debug ip bgp command in privileged EXEC mode. To disable the display of BGP information, use the no form of this command.
debug ip bgp [A.B.C.D. | dampening | events | in | keepalives | out | updates | vpnv4 | mpls]
no debug ip bgp [A.B.C.D. | dampening | events | in | keepalives | out | updates | vpnv4 | mpls]
Syntax Description
Command Modes
Privileged EXEC
Command History
Examples
The following example displays the output from this command:
Router# debug ip bgp vpnv403:47:14:vpn:bgp_vpnv4_bnetinit:100:2:58.0.0.0/803:47:14:vpn:bnettable add:100:2:58.0.0.0 / 803:47:14:vpn:bestpath_hook route_tag_change for vpn2:58.0.0.0/255.0.0.0(ok)03:47:14:vpn:bgp_vpnv4_bnetinit:100:2:57.0.0.0/803:47:14:vpn:bnettable add:100:2:57.0.0.0 / 803:47:14:vpn:bestpath_hook route_tag_change for vpn2:57.0.0.0/255.0.0.0(ok)03:47:14:vpn:bgp_vpnv4_bnetinit:100:2:14.0.0.0/803:47:14:vpn:bnettable add:100:2:14.0.0.0 / 803:47:14:vpn:bestpath_hook route_tag_chacle ip bgp *nge for vpn2:14.0.0.0/255.0.0.0(ok)match mpls-label
To redistribute routes that include Multiprotocol Label Switching (MPLS) labels if the routes meet the conditions specified in the route map, use the match mpls-label command in route map configuration mode. To disable this function, use the no form of this command.
match mpls-label
no match mpls-label
Syntax Description
This command has no arguments or keywords.
Defaults
This command has no default behavior or values.
Command Modes
Route map configuration
Command History
Usage Guidelines
A route map that includes this command can be used in the following instances:
•
•
Use the route-map global configuration command, and the match and set route map configuration commands, to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
The match route-map configuration command has multiple formats. The match commands can be given in any order, and all match commands must "pass" to cause the route to be redistributed according to the set actions given with the set commands. The no forms of the match commands remove the specified match criteria.
When you are passing routes through a route map, a route map can have several parts. Any route that does not match at least one match clause relating to a route-map command will be ignored; that is, the route will not be advertised for outbound route maps and will not be accepted for inbound route maps. If you want to modify only some data, you must configure a second route map section with an explicit match specified.
Examples
The following example creates a route map that redistributes routes if the following conditions are met:
•
•
Router(config-router)# route-map incoming permit 10Router(config-route-map)# match ip address 2Router(config-route-map)# match mpls-labelRelated Commands
neighbor send-label
To enable a Border Gateway Protocol (BGP) router to send Multiprotocol Label Switching (MPLS) labels with BGP routes to a neighboring BGP router, use the neighbor send-label command in router configuration mode. To disable the BGP router from sending MPLS labels with BGP routes, use the no form of this command.
neighbor {ip-address} send-label
no neighbor {ip-address} send-label
Syntax Description
Defaults
By default, BGP routers distribute only BGP routes.
Command Modes
Router configuration
Command History
Usage Guidelines
This command enables a router to use BGP to distribute MPLS labels along with the IPv4 routes to a peer router. You must issue this command on both the local router and the neighboring router.
This command has the following restrictions:
•
•
Cisco IOS installs /32 routes for directly connected external BGP (eBGP) peers when the BGP session for such a peer comes up. The /32 routes are installed only when MPLS labels are exchanged between such peers. Directly connected eBGP peers exchange MPLS labels for:
•
•
A single BGP session can include multiple address families. If one of the families exchanges MPLS labels, the /32 neighbor route is installed for the connected peer.
Examples
The following example enables a router called BGP 1 to send MPLS labels with BGP routes to the neighboring router, whose IP address is 192.168.0.0:
Router(config)# router bgp1Router(config-router)# neighbor 192.168.0.0 send-labelRelated Commands
neighbor activate
Enables the exchange of information with a neighboring router.
set mpls-label
To enable a route to be distributed with a Multiprotocol Label Switching (MPLS) label if the route matches the conditions specified in the route map, use the set mpls-label command in route map configuration mode. To disable this function, use the no form of this command.
set mpls-label
no set mpls-label
Syntax Description
This command has no arguments or keywords.
Defaults
This command has no default behavior or values.
Command Modes
Route map configuration
Command History
Usage Guidelines
This command can be used only with the neighbor route-map out command to manage outbound route maps for a Border Gateway Protocol (BGP) session.
Use the route-map global configuration command with match and set route-map configuration commands to define the conditions for redistributing routes from one routing protocol into another. Each route-map command has a list of match and set commands associated with it. The match commands specify the match criteria—the conditions under which redistribution is allowed for the current route-map command. The set commands specify the set actions—the particular redistribution actions to perform if the criteria enforced by the match commands are met. The no route-map command deletes the route map.
Examples
The following example creates a route map that enables the route to be distributed with a label if the IP address of the route matches an IP address in ACL 1.
Router(config-router)# route-map incoming permit 10Router(config-route-map)# match ip address 1Router(config-route-map)# set mpls-labelRelated Commands
show ip bgp
To display entries in the Border Gateway Protocol (BGP) routing table, use the show ip bgp command in privileged EXEC mode.
show ip bgp [network] [network-mask] [longer-prefixes]
Syntax Description
Command Modes
Privileged EXEC
Command History
Examples
The following is sample output from the show ip bgp command in privileged EXEC mode:
Router# show ip bgpBGP table version is 5, local router ID is 10.0.33.34Status codes: s suppressed, d damped, h history, * valid, > best, i - internalOrigin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path*> 1.0.0.0 0.0.0.0 0 32768 ?* 2.0.0.0 10.0.33.35 10 0 35 ?*> 0.0.0.0 0 32768 ?* 10.0.0.0 10.0.33.35 10 0 35 ?*> 0.0.0.0 0 32768 ?*> 192.168.0.0/16 10.0.33.35 10 0 35 ?Table 3 describes the significant fields shown in the display.
The following is sample output from the show ip bgp command in privileged EXEC mode when you specify the longer-prefixes keyword:
Router# show ip bgp 198.92.0.0 255.255.0.0 longer-prefixesBGP table version is 1738, local router ID is 198.92.72.24Status codes: s suppressed, * valid, > best, i - internalOrigin codes: i - IGP, e - EGP, ? - incompleteNetwork Next Hop Metric LocPrf Weight Path*> 198.92.0.0 198.92.72.30 8896 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.1.0 198.92.72.30 8796 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.11.0 198.92.72.30 42482 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.14.0 198.92.72.30 8796 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.15.0 198.92.72.30 8696 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.16.0 198.92.72.30 1400 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.17.0 198.92.72.30 1400 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.18.0 198.92.72.30 8876 32768 ?* 198.92.72.30 0 109 108 ?*> 198.92.19.0 198.92.72.30 8876 32768 ?* 198.92.72.30 0 109 108 ?The following is sample output from the show ip bgp command in privileged EXEC mode, showing information for prefix ww.0.0.0:
Router# show ip bgp ww.0.0.0BGP routing table entry for ww.0.0.0/8, version 628Paths: (1 available, best #1)Advertised to peer-groups:ebgpAdvertised to non peer-group peers:171.69.232.162
Guest
