Home | Skip to Content | Skip to Search | Skip to Navigation | Skip to Footer |
Worldwide [change] |Register |About Cisco
Guest

Hierarchical Navigation

Cisco IOS Software Releases 12.2 T

MPLS VPN support for EIGRP between Provider Edge (PE) and Customer Edge (CE)

Downloads

Table Of Contents

MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge

Contents

Prerequisites for MPLS VPN Support for EIGRP Between PE and CE

Restrictions for MPLS VPN Support for EIGRP Between PE and CE

Information About MPLS VPN Support for EIGRP Between PE and CE

MPLS VPN Support for EIGRP

EIGRP Extended Community Attributes

Benefits of MPLS VPN Support for EIGRP

How to Configure an MPLS VPN Using EIGRP

Configuring the VRF for the EIGRP MPLS VPN

Creating a VRF

Prerequisites

Restrictions

What to Do Next

Configuring EIGRP Redistribution in the MPLS VPN

Creating the MPLS VPN

Prerequisites

Restrictions

Troubleshooting Tips

What to Do Next

Configuring the PE Routers to Support the EIGRP MPLS VPN

Basic BGP Configuration

Prerequisites

Verifying the VPN Configuration

Verifying PE-to-PE Connectivity

Verifying EIGRP VRF Configuration

Configuration Examples for the EIGRP MPLS VPN

EIGRP MPLS VPN Configuration Example

BGP Network Configuration Example

EIGRP Redistribution Example

EIGRP MPLS VPN Verification Examples

Verifying Route Distinguisher and MPLS Configuration Example

Verifying PE-to-PE Connectivity Example

Verifying EIGRP VRF Configuration Example

Where to Go Next

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Command Reference

address-family ipv4 (EIGRP)

autonomous-system (EIGRP)

clear ip eigrp vrf neighbor

default-metric (EIGRP)

exit-address-family

ip vrf

network (EIGRP)

rd

redistribute (IP)

show ip eigrp vrf interfaces

show ip eigrp vrf neighbors

show ip eigrp vrf topology

show ip eigrp vrf traffic

show ip protocols vrf

show ip route vrf

show ip vrf


MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge

The MPLS VPN Support for EIGRP Between Provider Edge (PE) and Customer Edge (CE) feature introduces the capability to redistribute Enhanced Interior Gateway Routing Protocol (EIGRP) routes through a Multiprotocol Label Switching (MPLS) Virtual Private Network (VPN) over a Border Gateway Protocol (BGP) core network. This feature is configured only on PE routers and requires no upgrade or configuration changes to customer equipment. This feature also introduces EIGRP support for MPLS and support for EIGRP extended community attributes.

History for the MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge feature

Release
Modification

12.0(22)S

This feature was introduced.

12.2(15)T

This feature was integrated into Cisco IOS Release 12.2(15)T.

12.2(18)S

This feature was integrated into Cisco IOS Release 12.2(18)S.

12.0(27)S

EIGRP back door link support was introduced. This support is provided by a new POI in the BGP Cost Community (updated in this release) and EIGRP MPLS VPN PE-CE Site of Origin (SoO) (introduced in this release) features.

12.2(27)SBC

This feature was integrated into Cisco IOS Release 12.2(27)SBC.


Finding Support Information for Platforms and Cisco IOS Software Images

Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.

Contents

Prerequisites for MPLS VPN Support for EIGRP Between PE and CE

Restrictions for MPLS VPN Support for EIGRP Between PE and CE

Information About MPLS VPN Support for EIGRP Between PE and CE

How to Configure an MPLS VPN Using EIGRP

Configuration Examples for the EIGRP MPLS VPN

Additional References

Command Reference

Prerequisites for MPLS VPN Support for EIGRP Between PE and CE

In this document, it is assumed that BGP is configured in the network core. You will also need to complete the following tasks before you can configure this feature:

MPLS and Cisco Express Forwarding (CEF) must be configured in the BGP core network. EIGRP and multiprotocol BGP (mBGP) must be configured on all PE routers that provide VPN services to the CE routers at the customer sites.

The metric must be configured for routes from external EIGRP autonomous systems and non-EIGRP networks before these routes can be redistributed into an EIGRP CE router. The metric can be configured in the redistribute statement using the redistribute (IP) command or configured with the default-metric (EIGRP) command.

Restrictions for MPLS VPN Support for EIGRP Between PE and CE

Metric Must Be Configured for Routes from Other Autonomous Systems and Non-EIGRP Networks

If an external route is received from another EIGRP autonomous system or a non-EIGRP network without a configured metric, the route will not be advertised to the CE router. The metric can be configured in the redistribute statement by use of the redistribute command or configured with the default-metric command.

Native EIGRP VRF to VRF Redistribution Is Not Supported

Redistribution between native EIGRP VRFs is not supported. This is designed behavior.

Information About MPLS VPN Support for EIGRP Between PE and CE

To configure this feature, you must understand the following concepts:

MPLS VPN Support for EIGRP

EIGRP Extended Community Attributes

Benefits of MPLS VPN Support for EIGRP

MPLS VPN Support for EIGRP

The MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge feature provides the capability to transparently connect EIGRP customer networks through an MPLS-enabled BGP core network so that EIGRP routes are redistributed through the VPN across the BGP network as internal BGP (iBGP) routes. The configuration of this feature does not require any customer equipment upgrades or configuration changes; this feature is configured only on PE routers within the service provider network.

Customer networks and remote sites are connected to each other through the MPLS VPN. The configuration of this feature allows several EIGRP sites to connect seamlessly and appear as a single network. This integration is transparent to the customer sites. When this feature is enabled, EIGRP routes are converted to iBGP routes and transported through the BGP core network. EIGRP extended community attributes are used to define EIGRP routes and preserve internal metrics. These attributes are carried across the core network by multiprotocol BGP.

Figure 1 shows 2 customer EIGRP networks that are connected by the VPN over a service provider backbone:"Site1" and "Site 2."

Figure 1

EIGRP Connectivity Between VPN Client Sites over a Service Provider Backbone

In Figure 1, the EIGRP routes in Site 1 are carried through the BGP core network as iBGP routes. The EIGRP routes in "Site 1" and "Site 2" are converted to iBGP routes and EIGRP extended community attributes are appended to the iBGP routes. (See Table 1 for a description of these attributes.) The EIGRP extended community attributes are appended to the EIGRP routes when they are redistributed into BGP as iBGP routes, and VPN routing information is redistributed between the PE routers by multiprotocol BGP.

The routes that originate in "Site 1" travel to the PE router that is connected to the CE router in "Site 2" of the VPN and are then converted back to EIGRP routes using the EIGRP extended community attributes. EIGRP routes are treated the same in "Site 1" and "Site 2." If the route is internal in "Site 1", it will be internal in "Site 2", and if the route is external in "Site 1", it will be external in "Site 2." All EIGRP metrics are preserved, and EIGRP metric information, along with the autonomous system, tag, and external data, is carried across the VPN over the BGP core network.

Note EIGRP adjacencies, EIGRP updates, and EIGRP queries are not sent across the VPN. If a route is received from another EIGRP autonomous system without a configured metric, the route is not advertised to the CE router.

Each VPN is associated with a single VPN routing or forwarding instance (VRF). A VRF consists of an IP routing table, a CEF table, and a set of interfaces that use the CEF forwarding table. The router maintains a separate routing and CEF table for each VRF, which prevents information being sent outside the VPN and allows the same addresses to be used in several VPNs without causing problems that are associated with duplicate IP addresses.

A single EIGRP routing process can support multiple VRFs. This support is limited only by the available system resources on the router, which are determined by the number of configured VRF instances, running processes, and amount of available memory. However, only a single VRF can be supported by each VPN. Separate VRFs are unique and do not share neighbor, routing, or topology information. Redistribution between native EIGRP VRFs is not supported. An EIGRP process must be created for the default VRF even if it is not used for establishing EIGRP neighbors, and a separate VRF address family must be configured in BGP for each EIGRP VRF.

EIGRP Extended Community Attributes

EIGRP routes are converted to iBGP routes on the PE router by the appending of EIGRP extended community attributes. The PE router uses multiprotocol BGP to distribute the VPN routing information using the these extended community attributes. The BGP routes are converted back to EIGRP routes by use of the extended community attribute information when the iBGP routes reach the PE router that is connected to the destination CE router.

Table 1 describes the extended community attributes that are appended to BGP routes and used to carry EIGRP information across the service provider backbone.

Table 1 EIGRP-Specific Extended Community Attribute Descriptions

Type
Usage
Values

EIGRP Appended Attributes

Type 0x8800

EIGRP General Route Information

Route Flag and Tag

EIGRP Metric Information

Type 0x8801

EIGRP Route Metric Information and Autonomous System

Autonomous System and Delay

Type 0x8802

EIGRP Route Metric Information

Reliability, Next Hop, and Bandwidth

Type 0x8803

EIGRP Route Metric Information

Reserve, Load and MTU

EIGRP External Route Information

Type 0x8804

EIGRP External Route Information

Remote Autonomous System and Remote ID

Type 0x8805

EIGRP External Route Information

Remote Protocol and Remote Metric


Benefits of MPLS VPN Support for EIGRP

Multiple VRFs Are Supported

A single EIGRP routing process can support multiple VRFs. This support is limited only by the available system resources on the router, which are determined by the number of configured VRF instances, running processes, and amount of available memory. However, only a single VRF can be supported by each VPN.

Seamless Integration of Existing Customer EIGRP Deployments

This feature is configured only on PE routers that provide VPN services across the service provider network. The customer need not upgrade the version of Cisco IOS software being used or make any changes to equipment or configurations.

Secure, Scalable, and Cost-Effective Alternative

Remote sites can be seamlessly and securely connected through VPNs to customer networks. This feature provides a cost-effective alternative to traditional methods, such as WAN leased lines.

How to Configure an MPLS VPN Using EIGRP

This section contains the following procedures:

Configuring the VRF for the EIGRP MPLS VPN (required)

Configuring EIGRP Redistribution in the MPLS VPN (required)

Configuring the PE Routers to Support the EIGRP MPLS VPN (required)

Verifying the VPN Configuration, page 13 (optional)

Verifying PE-to-PE Connectivity, page 13 (optional)

Verifying EIGRP VRF Configuration, page 14 (optional)

Configuring the VRF for the EIGRP MPLS VPN

Creating a VRF

A VRF must be created, and a route distinguisher and route target must be configured in order for the PE routers in the BGP network to carry EIGRP routes to the EIGRP CE site. The VRF must also be associated with an interface in order for the PE router to send routing updates to the CE router. Use the following steps to create and configure the VRF and associate the VRF with an interface.

Prerequisites

Before this feature can be configured, MPLS and CEF must be configured in the BGP network, and multiprotocol BGP and EIGRP must be configured on all PE routers that provide VPN services to CE routers.

Restrictions

Native EIGRP VRF to VRF redistribution is not supported.

SUMMARY STEPS

1. enable

2. configure terminal

3. ip vrf vrf-name

4. rd route-distinguisher

5. route-target {import | export | both} route-target-ext-community

6. exit

7. interface type number

8. ip vrf forwarding vrf-name

9. ip address ip-address subnet-mask

10. end

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

ip vrf vrf-name

Example:

Router(config)# ip vrf RED

Defines a VPN VRF instance, specifies the VRF name (or tag), and enters VRF configuration mode.

The ip vrf vrf-name command creates a VRF routing table and a CEF table, and both are named using the vrf-name argument. Associated with these tables is the default route distinguisher value.

Step 4 

rd route-distinguisher

Example:

Router(config-vrf)# rd 100:1

Creates routing and forwarding tables for the VRF instance created in step 3.

There are two formats for configuring the route distinguisher argument. It can be configured in the as-number:network number (ASN:nn) format, as shown in the example, or it can be configured in the IP address:network number format (IP-address:nn).

Step 5 

route-target {import | export | both} route-target-extcommunity

Example:

Router(config-vrf)# route-target both 100:1

Creates a list of import and/or export route-target extended communities for the specified VRF.

There are two formats for configuring the route-target-ext-community argument. It can be configured in the as-number:network number (ASN:nn) format, as shown in the example, or it can be configured in the IP address:network number format (IP-address:nn).

Step 6 

exit

Example:

Router(config-vrf)# exit

Exits VRF configuration mode and enters global configuration mode.

Step 7 

interface type number

Example:

Router(config)# interface FastEthernet 0/0

Enters interface configuration mode to configure the specified interface.

Step 8 

ip vrf forwarding vrf-name

Example:

Router(config-if)# ip vrf forwarding RED

Associates the VRF with an interface or subinterface.

The VRF name configured in this step should match the VRF name created in step 3.

Step 9 

ip address ip-address subnet-mask

Example:

Router(config-if)# ip address 10.0.0.1 255.255.255.0

Configures the IP address for the interface.

The IP address needs to be reconfigured after you enable VRF forwarding.

Step 10 

end

Example:

Router(config-if)# end

Exits interface configuration mode and enters privileged EXEC mode.

What to Do Next

The next task is to configure the EIGRP redistribution in the MPLS VPN. Use the steps in the following section.

Configuring EIGRP Redistribution in the MPLS VPN

Creating the MPLS VPN

Perform this task to enable EIGRP redistribution in the MPLS VPN. This task should be applied to every PE router that provides VPN services.

Prerequisites

Before EIGRP SoO BGP Cost Community support was introduced, BGP preferred locally sourced routes over routes learned from BGP peers. Backdoor links in an EIGRP MPLS VPN topology are preferred by BGP if the back door link is learned first. (A back door link or a route is a connection that is configured outside of the VPN between a remote and a main site. For example, a WAN leased line that connects a remote site to the corporate network).

The "pre-bestpath" point of insertion (POI) has been introduced in the BGP Cost Community feature to support mixed EIGRP VPN network topologies that contain VPN and backdoor links. This POI is applied automatically to EIGRP routes that are redistributed into BGP. The "pre-best path" POI carries the EIGRP route type and metric. This POI influences the best path calculation process by configuring BGP to consider this POI before any other comparison step. No configuration is required. This feature is enabled automatically for EIGRP VPN sites when Cisco IOS Release 12.0(27)S is installed to a PE, CE, or back door router.

For more information about the BGP Cost Community feature and the absolute value POI, refer to the BGP Cost Community feature documentation in Cisco IOS Release 12.0(27)S.

For more information about the EIGRP MPLS VPN PE-CE Site of Origin (SoO) feature, refer to the EIGRP MPLS VPN PE-CE Site of Origin (SoO) feature documentation in Cisco IOS Release 12.0(27)S.

Restrictions

Metrics must be configured for routes from other EIGRP autonomous systems and non-EIGRP networks. If an external route is received from another EIGRP autonomous system or a non-EIGRP network without a configured metric, the route will not be advertised to the CE router. The metric can be configured in the redistribute statement by means of the redistribute command or the default-metric command.

SUMMARY STEPS

1. enable

2. configure terminal

3. router eigrp autonomous-system-number

4. address-family ipv4 vrf vrf-name

5. network ip-address wildcard-mask

6. redistribute bgp [autonomous-system-number] [metric bandwidth delay reliability load mtu]

7. autonomous-system autonomous-system-number

8. exit-address-family

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

router eigrp as-number

Example:

Router(config)# router eigrp 1

Enters router configuration mode and creates an EIGRP routing process.

The EIGRP routing process for the PE router is created in this step.

Step 4 

address-family ipv4 vrf vrf-name]

Example:

Router(config-router)# address-family ipv4 vrf RED

Enters address-family configuration mode and creates a VRF.

The VRF name (or tag) must match the VRF name that was created in Step 3 of the previous section.

Step 5 

network ip-address wildcard-mask

Example:

Router(config-router-af)# network 172.16.0.0 0.0.255.255

Specifies the network for the VRF.

The network statement is used to identify which interfaces to include in EIGRP. The VRF must be configured with addresses that fall within the wildcard-mask range of the network statement.

Step 6 

redistribute bgp autonomous-system-number [metric bandwidth delay reliability load mtu] [route-map map-name]

Example:

Router(config-router-af)# redistribute bgp 10 metric 10000 100 255 1 1500

Redistributes BGP into the EIGRP.

The autonomous system number and metric of the BGP network are configured in this step. BGP must be redistributed into EIGRP for the CE site to accept the BGP routes that carry the EIGRP information. A metric must also be specified for the BGP network and is configured in this step.

Step 7 

autonomous-system autonomous-system-number

Example:

Router(config-router-af)# autonomous-system 101

Specifies the autonomous system number of the EIGRP network for the customer site.

Step 8 

exit-address-family

Example:

Router(config-router-af)# exit-address-family

Exits address family configuration mode and enters router configuration mode.

Troubleshooting Tips

If the MPLS VPN is not working properly:

Verify the configurations on each router. Make sure that the VRF and route distinguisher have been correctly configured. Check the VRF routing table and VRF CEF table.

Verify that there is connectivity between both PE routers. Check the PE router and other neighbors that carry the VPN. The network operator should be able to ping between the PE routers that carry the VPN to verify the neighbor relationships.

The commands in the following table can also be useful for monitoring and troubleshooting the configuration of this feature.

Command
Purpose

Router# clear ip eigrp vrf vrf-name neighbor

Clears EIGRP neighbors from the VRF table.

Router# debug ip eigrp vrf vrf-name

Specifies a VRF for trace debugging.

A VRF name must be specified with the vrf-name argument, or the asterisk (*) can be used as a wildcard to specify all configured VRFs.

Router# show ip eigrp vrf vrf-name interfaces

Displays EIGRP interfaces that are defined under the specified VRF.

If an interface is specified, only that interface is displayed. Otherwise, all interfaces on which EIGRP is running as part of the specified VRF are displayed.

Router# show ip eigrp vrf vrf-name neighbors

Displays when VRF neighbors become active and inactive.

This command can be used to help debug transport problems.

Router# show ip eigrp vrf vrf-name topology

Displays VRF entries in the EIGRP topology table.

This command can be used to determine Diffusing Update Algorithm (DUAL) states and to troubleshoot possible DUAL problems.

Router# show ip vrf

Displays the set of defined VRFs and associated interfaces.

This command is used to verify that the correct route distinguishers (RDs) are configured for the VRF.

Router# show mpls interfaces

Displays information about one or more interfaces that have been configured for label switching.

This command is used to verify that MPLS is configured for interfaces that are used with this feature.


What to Do Next

The next task is to configure the PE routers to support the EIGRP MPLS VPN. Use the steps in the following section.

Configuring the PE Routers to Support the EIGRP MPLS VPN

Basic BGP Configuration

The BGP configuration provided in this section includes the elements necessary for configuring this feature. Steps 11 through 13 will need to be repeated on a per EIGRP VRF basis if multiple EIGRP VRFs need to be configured.

Prerequisites

Before this feature can be configured, MPLS and CEF must be enabled in the BGP network, and multiprotocol BGP must be enabled on all PE routers that provide VPN services to CE routers.

SUMMARY STEPS

1. enable

2. configure terminal

3. router bgp autonomous-system-number

4. no synchronization

5. neighbor ip-address remote-as autonomous-system-number

6. neighbor ip-address update-source loopback interface-number

7. address-family vpnv4

8. neighbor ip-address activate

9. neighbor ip-address send-community extended

10. exit-address-family

11. address-family ipv4 vrf vrf-name

12. redistribute eigrp autonomous-system-number

13. no synchronization

14. exit-address-family

15. end

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

configure terminal

Example:

Router# configure terminal

Enters global configuration mode.

Step 3 

router bgp autonomous-system-number

Example:

Router(config)# router bgp 10

Enters router configuration mode, and creates a BGP routing process.

Step 4 

no synchronization

Example:

Router(config-router)# no synchronization

Configures BGP to send advertisements without waiting to synchronize with the IGP.

Step 5 

neighbor ip-address remote-as autonomous-system-number

Example:

Router(config-router)# neighbor 10.0.0.1 remote-as 10

Establishes peering with the specified neighbor or peer-group.

In this step, you are establishing an iBGP session with the PE router that is connected to the CE router at the other CE site.

Step 6 

neighbor ip-address update-source loopback interface-number

Example:

Router(config-router)# neighbor 10.0.0.1 update-source loopback 0

Configures BGP to use any operational interface for TCP connections.

This configuration step is not required. However, the BGP routing process will be less susceptible to the effects of interface or link flapping.

Step 7 

address-family vpnv4

Example:

Router(config-router)# address-family vpnv4

Enters address family configuration mode for configuring routing sessions that use standard IPv4 address prefixes, such as BGP, RIP, and static routing sessions.

Step 8 

neighbor ip-address activate

Example:

Router(config-router-af)# neighbor 10.0.0.1 activate

Establishes peering with the specified neighbor or peer-group.

In this step, you are activating the exchange of VPNv4 routing information between the PE routers.

Step 9 

neighbor ip-address send-community extended

Example:

Router(config-router-af)# neighbor 10.0.0.1 send-community extended

Configures the local router to send extended community attribute information to the specified neighbor.

This step is required for the exchange of EIGRP extended community attributes.

Step 10 

exit-address-family

Example:

Router(config-router-af)# exit-address-family

Exits address family configuration mode and enters router configuration mode.

Step 11 

address-family ipv4 vrf vrf-name

Example:

Router(config-router)# address-family ipv4 vrf RED

Configures an IPv4 address-family for the EIGRP VRF.

An address-family VRF needs to be configured for each EIGRP VRF that runs between the PE and CE routers.

Step 12 

redistribute eigrp autonomous-system-number

Example:

Router(config-router-af)# redistribute eigrp 101

Redistributes the EIGRP VRF into BGP.

The autonomous system number from the CE network is configured in this step.

Step 13 

no synchronization

Example:

Router(config-router-af)# no synchronization

Configures BGP to send advertisements without waiting to synchronize with the IGP.

Step 14 

exit-address-family

Example:

Router(config-router-af)# exit-address-family

Exits address family configuration mode and enters router configuration mode.

Step 15 

end

Example:

Router(config-router)# end

Exits address family configuration mode and enters privileged EXEC mode.

Verifying the VPN Configuration

A route distinguisher must be configured for the VRF, and MPLS must be configured on the interfaces that carry the VRF. Use the show ip vrf command to verify the route distinguisher (RD) and interface that are configured for the VRF.

SUMMARY STEPS

1. show ip vrf

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

show ip vrf

Example:

Router> show ip vrf

Displays the set of defined VRF instances and associated interfaces.

The output also maps the VRF instances to the configured route distinguisher.

Verifying PE-to-PE Connectivity

Perform this task to verify PE-to-PE connectivity in the service provider network.

SUMMARY STEPS

1. enable

2. ping ip-address

3. show ip route vrf vrf-name

4. show ip cef vrf vrf-name

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Note The ping command can be issued only from privileged EXEC mode. The other commands in this table can be issued from both user EXEC and privileged EXEC mode.

Step 2 

ping ip-address

Example:

Router# ping 172.16.0.1

The ping command can be used to verify PE to PE connectivity within the service provider network.

If a PE router cannot be reached with the ping command, use the commands in the following steps to isolate the problem.

Step 3 

show ip route vrf vrf-name

Example:

Router# show ip route vrf RED

Displays the IP routing table associated with a VRF instance.

The show ip route vrf command is used to verify that the VRF is in the routing table. If the VRF is in the routing table but the PE router still cannot be reached with the ping command, proceed to the next step.

Step 4 

show ip cef [vrf vrf-name]

Example:

Router# show ip cef vrf RED

Displays the CEF forwarding table associated with a VRF instance.

The show ip cef vrf command is used to verify that the interfaces and networks associated with the VRF are not in the global CEF database. If the VRF route is in the global CEF table, deconfigure and reconfigure CEF.

Verifying EIGRP VRF Configuration

Use the following steps to verify EIGRP VRF configuration.

SUMMARY STEPS

1. enable

2. show ip eigrp vrf vrf-name topology

3. show ip bgp vpnv4 {all | rd route-distinguisher | vrf vrf-name}

DETAILED STEPS

 
Command or Action
Purpose

Step 1 

enable

Example:

Router> enable

Enables privileged EXEC mode.

Enter your password if prompted.

Step 2 

show ip eigrp vrf vrf-name topology

Example:

Router# show ip eigrp vrf RED topology

The show ip eigrp vrf command verifies that the correct VRF routes are in the EIGRP topology table.

If the VRF route is not in the EIGRP topology table, proceed to the next step.

Step 3  

show ip bgp vpnv4 {all | rd route-distinguisher 
| vrf vrf-name}
Example:

Router# show ip bgp vpnv4 vrf RED

Displays VPN address information from the BGP table.

The show ip bgp vpnv4 command is used to verify that the route is in the BGP VRF table. If the VRF route is not in the BGP VRF, reconfigure the VRF and route distinguisher.

Configuration Examples for the EIGRP MPLS VPN

EIGRP MPLS VPN Configuration Example

BGP Network Configuration Example

EIGRP Redistribution Example

EIGRP MPLS VPN Verification Examples

EIGRP MPLS VPN Configuration Example

The following configuration example in global configuration mode creates a VRF named RED and associates it with an interface: 

ip vrf RED

 rd 100:1

 route-target both 100:1

 exit

interface FastEthernet 0/0

 ip vrf forwarding RED

 ip address 10.0.0.1 255.255.255.0

 end

BGP Network Configuration Example

The following configuration example shows the minimum BGP configuration required on the PE routers to support the EIGRP MPLS VPN: 

router bgp 65000

 no synchronization

 neighbor 10.0.0.1 remote-as 65000

 neighbor 10.0.0.1 update-source loopback 0

 address-family vpnv4 

 neighbor 10.0.0.1 activate

 neighbor 10.0.0.1 send-community extended 

 exit-address-family

 address-family ipv4 vrf RED

 redistribute eigrp 101

 no synchronization

 exit-address-family

EIGRP Redistribution Example

The following configuration example shows how to configure EIGRP redistribution through the MPLS VPN over the BGP core network: 

router eigrp 1

 address-family ipv4 vrf RED

 network 172.16.0.0 0.0.255.255

 redistribute bgp 10 metric 10000 100 255 1 1500

 autonomous-system 101

 exit-address-family

EIGRP MPLS VPN Verification Examples

The examples in the following section show how to verify the configuration of the MPLS VPN Support for EIGRP Between Provider Edge and Customer Edge feature:

Verifying Route Distinguisher and MPLS Configuration Example

Verifying PE-to-PE Connectivity Example

Verifying EIGRP VRF Configuration Example

Verifying Route Distinguisher and MPLS Configuration Example

A route distinguisher must be configured for the VRF, and MPLS must be configured on the interfaces that carry the VRF.

Use the show ip vrf command to verify the route distinguisher (RD) and interface that are configured for the VRF. The VRF name, RD, and configured interface are displayed in the output. The following sample output is similar to the output that will be displayed when the show ip vrf command is issued: 

Router# show ip vrf

  Name                             Default RD          Interfaces

  BLUE                             120:1

  PINK                             130:1               Ethernet3/0

  RED                              100:1

  YELLOW                           110:1               Serial12/0

Use the show ip eigrp vrf interfaces command to display and verify specific information about VRFs configured under EIGRP. The interface to VRF mapping that is displayed in the output of this command should match the mapping that is displayed for the show ip vrf command. The following sample output is similar to the output that will be displayed when the show ip eigrp vrf interfaces command is issued: 

Router# show ip eigrp vrf PINK interfaces

IP-EIGRP interfaces for process 1 

                        Xmit Queue   Mean   Pacing Time   Multicast  Pending

Interface        Peers  Un/Reliable  SRTT   Un/Reliable   Flow Timer Routes

Et3/0              1        0/0       131       0/10         528       0

Use the show mpls interfaces command to verify that MPLS is configured for interfaces that need to carry any configured VRFs. The following sample output is similar to the output that will be displayed when the show mpls interfaces command is issued: 

Router# show mpls interfaces

Interface              IP            Tunnel   Operational

Ethernet2/0            Yes (tdp)     No       Yes

Verifying PE-to-PE Connectivity Example

The ping command can be used to verify PE-to-PE connectivity within the service provider network. If a PE router cannot be reached with the ping command, use the following steps to isolate the problem:

Step 1 Verify that the VRF is in the routing table with the show ip route vrf vrf-name command. 

Router# show ip route vrf PINK


Routing Table:PINK

Codes:C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter

area

       * - candidate default, U - per-user static route, o - ODR

       P - periodic downloaded static route


Gateway of last resort is not set


     172.16.0.0/24 is subnetted, 1 subnets

D       172.16.17.0 [90/409600] via 10.10.10.2, 1d15h, Ethernet3/0

     10.0.0.0/24 is subnetted, 1 subnets

C       10.10.10.0 is directly connected, Ethernet3/0

     10.19.0.0/24 is subnetted, 1 subnets

D       10.19.19.0 [90/409600] via 10.10.10.2, 1d15h, Ethernet3/0

     192.168.0.0/24 is subnetted, 1 subnets

B       192.168.10.0 [200/0] via 10.14.14.14, 1d15h

Step 2 If the VRF is in the routing table but the PE router still cannot be reached with the ping command, verify that the VRF is in the CEF table with the show ip cef vrf vrf-name command. 

Router# show ip cef vrf PINK

Prefix              Next Hop             Interface

0.0.0.0/0           drop                 Null0 (default route handler

entry)

0.0.0.0/32          receive

172.16.17.0/24       10.10.10.2           Ethernet3/0

10.19.19.0/24       10.10.10.2           Ethernet3/0

10.10.10.0/24       attached             Ethernet3/0

10.10.10.0/32       receive

10.10.10.1/32       receive

10.10.10.2/32       10.10.10.2           Ethernet3/0

10.10.10.255/32     receive

172.16.10.0/24      10.22.10.1           Ethernet2/0

224.0.0.0/24        receive

255.255.255.255/32  receive

Step 3 If the VRF is in the CEF table but the PE router still cannot be reached with the ping command, verify that the interfaces and networks associated with the VRF are not in the global CEF database with the show ip cef command. 

Router# show ip cef

Prefix              Next Hop             Interface

0.0.0.0/0           drop                 Null0 (default route handler

entry)

0.0.0.0/32          receive

10.14.14.14/32      10.22.10.1           Ethernet2/0

10.15.15.15/32      receive

10.16.16.16/32      10.22.10.1           Ethernet2/0

172.16.17.17/32      10.22.10.1           Ethernet2/0

10.22.10.0/24       attached             Ethernet2/0

10.22.10.0/32       receive

10.22.10.1/32       10.22.10.1           Ethernet2/0

10.22.10.2/32       receive

10.22.10.255/32     receive

10.23.10.0/24       10.22.10.1           Ethernet2/0

224.0.0.0/4         drop

224.0.0.0/24        receive

255.255.255.255/32  receive

If the VRF route is in the global CEF table, deconfigure and reconfigure CEF.

Verifying EIGRP VRF Configuration Example

To verify EIGRP VRF configuration, perform the following steps:

Step 1 Use the show ip eigrp vrf vrf-name topology command to verify that the correct VRF route is in the EIGRP topology table. 

Router# show ip eigrp vrf PINK topology

IP-EIGRP Topology Table for AS(1)/ID(10.10.10.1) Routing Table:PINK


Codes:P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status


P 172.16.17.0/24, 1 successors, FD is 409600

         via 10.10.10.2 (409600/128256), Ethernet3/0

P 10.19.19.0/24, 1 successors, FD is 409600

         via 10.10.10.2 (409600/128256), Ethernet3/0

P 10.10.10.0/24, 1 successors, FD is 281600

         via Connected, Ethernet3/0

P 172.16.10.0/24, 1 successors, FD is 281600

         via Redistributed (281600/0)

Step 2 If the VRF route is not in the EIGRP topology table, verify that the route is in the BGP VRF table with the show ip bgp vpnv4 vrf vrf-name command. 

Router# show ip bgp vpnv4 vrf PINK

BGP table version is 17, local router ID is 10.15.15.15

Status codes:s suppressed, d damped, h history, * valid, > best, i -

internal,

              r RIB-failure, S Stale

Origin codes:i - IGP, e - EGP, ? - incomplete


   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher:130:1 (default for vrf PINK)

*> 172.16.17.0/24    10.10.10.2          409600         32768 ?

*> 10.19.19.0/24    10.10.10.2          409600         32768 ?

*> 10.10.10.0/24    0.0.0.0                  0         32768 ?

*>i172.16.10.0/24   10.14.14.14              0    100      0 ?

Where to Go Next

For more information about the BGP Cost Community feature, refer to the BGP Cost Community feature documentation in Cisco IOS Release 12.0(27)S.

For more information about the EIGRP MPLS VPN PE-CE Site of Origin (SoO) feature, refer to the EIGRP MPLS VPN PE-CE Site of Origin (SoO) feature documentation in Cisco IOS Release 12.0(27)S.

Additional References

The following sections provide references related to the MPLS VPN Support for EIGRP Between Provider Edge and Customer feature:

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Related Documents

Related Topic
Document Title

BGP Cost Community

BGP Cost Community, Cisco IOS Release 12.0(27)S

CEF commands

Cisco IOS Switching Services Configuration Guide, Release 12.3

CEF configuration tasks

Cisco IOS Switching Services Command Reference, Release 12.3

EIGRP commands

Cisco IOS IP Command Reference, Volume 2 of 4: Routing Protocols, Release 12.3

EIGRP configuration tasks

Cisco IOS IP Configuration Guide, Release 12.3

EIGRP Site of Origin

EIGRP MPLS VPN PE-CE Site of Origin (SoO), Cisco IOS Release 12.0(27)S.

MPLS VPNs

MPLS Virtual Private Networks, Cisco IOS Release 12.0(5)T


Standards

Standards