Table Of Contents
Dialing to Destinations with the Same IP Address for MPLS VPNs
Prerequisites for Dialing to Destinations with the Same IP Address
Restrictions for Dialing to Destinations with the Same IP Address
Information About Dialing to Destinations with the Same IP Address
Introduction to Dialing to Destinations with the Same IP Address
How to Enable Dialing to Destinations with the Same IP Address
Mapping the VRF and Next-Hop Address to a Dial String
Configuration Examples for Dialing to Destinations with the Same IP Address
Feature Information for Dialing to Destinations with the Same IP Address
Dialing to Destinations with the Same IP Address for MPLS VPNs
The dialer software in Cisco IOS prior to Release 12.2(8)T had no way to dial two different destinations with the same IP address. More specifically, in networks where a network access server (NAS) supports dialing clients with overlapping addresses, dial-out attempts fail. This module explains how to dial to more than one destination with the same IP address.
Module History
This module was first published on May 2, 2005, and last updated on May 2, 2005.
Finding Feature Information in This Module
Your Cisco IOS software release may not support all features. To find information about feature support and configuration, use the "Feature Information for Dialing to Destinations with the Same IP Address" section.
Contents
•
Prerequisites for Dialing to Destinations with the Same IP Address
•
•
•
•
•
Prerequisites for Dialing to Destinations with the Same IP Address
Before configuring this feature, you should understand how to configure the following network features:
•
•
Refer to the documents listed in the "Additional References" section for information about configuring these features.
Restrictions for Dialing to Destinations with the Same IP Address
When configuring static routes in an MPLS or MPLS VPN environment, some variations of the ip route and ip route vrf commands are not supported. These variations of the commands are not supported in Cisco IOS releases that support the Tag Forwarding Information Base (TFIB), specifically Cisco IOS Releases 12.xT, 12.xM, and 12.0S. The TFIB cannot resolve prefixes when the recursive route over which the prefixes travel disappears and then reappears. However, the command variations are supported in Cisco IOS releases that support the MPLS Forwarding Infrastructure (MFI), specifically Cisco IOS Release 12.2(25)S and later. Use the following guidelines when configuring static routes.
Supported Static Routes in an MPLS Environment
The following ip route command is supported when you configure static routes in MPLS environment:
ip route destination-prefix mask interface next-hop-address
The following ip route commands are supported when you configure static routes in an MPLS environment and configure load sharing with static nonrecursive routes and a specific outbound interface:
ip route destination-prefix mask interface1 next-hop1
ip route destination-prefix mask interface2 next-hop2Unsupported Static Routes in an MPLS Environment that Uses the TFIB
The following ip route command is not supported when you configure static routes in an MPLS environment:
ip route destination-prefix mask next-hop-address
The following ip route command is not supported when you configure static routes in an MPLS environment and enable load sharing where the next hop can be reached through two paths:
ip route destination-prefix mask next-hop-address
The following ip route command is not supported when you configure static routes in an MPLS environment and enable load sharing where the destination can be reached through two next hops:
ip route destination-prefix mask next-hop1
ip route destination-prefix mask next-hop2Use the interface an next-hop arguments when specifying static routes.
Supported Static Routes in an MPLS VPN Environment
The following ip route vrf commands are supported when you configure static routes in a MPLS VPN environment, and the next hop and interface are in the same VRF:
–
–
–
ip route vrf vrf-name destination-prefix mask interface2 next-hop2The following ip route vrf commands are supported when you configure static routes in a MPLS VPN environment, and the next hop is in the global table in the MPLS cloud in the global routing table. For example, these commands are supported when the next hop is pointing to the Internet Gateway.
–
–
(This command is supported when the next hop and interface are in the core.)The following ip route commands are supported when you configure static routes in a MPLS VPN environment and enable load sharing with static nonrecursive routes and a specific outbound interfaces:
ip route destination-prefix mask interface1 next-hop1
ip route destination-prefix mask interface2 next-hop2Unsupported Static Routes in an MPLS VPN Environment that Uses the TFIB
The following ip route command is not supported when you configure static routes in a MPLS VPN environment, the next hop is in the global table in the MPLS cloud within the core, and you enable load sharing where the next hop can be reached through two paths:
ip route vrf destination-prefix mask next-hop-address global
The following ip route commands are not supported when you configure static routes in a MPLS VPN environment, the next hop is in the global table in the MPLS cloud within the core, and you enable load sharing where the destination can be reached through two next hops:
ip route vrf destination-prefix mask next-hop1 global
ip route vrf destination-prefix mask next-hop2 globalThe following ip route vrf commands are not supported when you configure static routes in an MPLS VPN environment, and the next hop and interface are in the same VRF:
ip route vrf vrf-name destination-prefix mask next-hop1
ip route vrf vrf-name destination-prefix mask next-hop2Supported Static Routes in an MPLS VPN Environment Where the Next Hop Resides in the Global Table on the CE Router
The following ip route vrf command is supported when you configure static routes in a MPLS VPN environment, and the next hop is in the global table on the CE side. For example, the following command is supported when the destination-prefix is the CE router's loopback address, as in EBGP multihop cases.
ip route vrf vrf-name destination-prefix mask interface next-hop-address
The following ip route commands are supported when you configure static routes in a MPLS VPN environment, the next hop is in the global table on the CE side, and you enable load sharing with static non-recursive routes and a specific outbound interfaces:
ip route destination-prefix mask interface1 nexthop1
ip route destination-prefix mask interface2 nexthop2Information About Dialing to Destinations with the Same IP Address
Before configuring this feature, you should understand the following concepts:
•
Introduction to Dialing to Destinations with the Same IP Address
The Cisco IOS dialer software can distinguish between two destinations with the same IP address using information stored in the VRF. This capability is provided to the dialer software by two existing Cisco IOS commands, dialer map and ip route, which have been enhanced to include VPN routing and forwarding (VRF) information.
In previous Cisco IOS releases, the dialer software obtained the telephone number for dial-out based on the destination IP address configured in the dialer map command. Now, the enhanced dialer map command supplies the name of the VRF so that the telephone number to be dialed is based on the VRF name and the destination IP address. The VRF is identified based on the incoming interface of the packet, and is used with the destination IP address defined in the dialer map command to determine the telephone number to be dialed.
The ip route configuration command also includes the VRF information. When a packet arrives in an incoming interface that belongs to a particular VRF, only those ip route commands that correspond to that particular VRF are used to determine the destination interface.
Benefits of this Feature
This feature allows the dialer software to dial out in an MPLS-based VPN. The MPLS VPN model simplifies network routing. For example, rather than needing to manage routing over a complex virtual network backbone composed of many virtual circuits, an MPLS VPN user can employ the backbone of the service provider as the default route in communicating with all other VPN sites.
This default route capability allows several sites to transparently interconnect through the service provider network. One service provider network can support several different IP VPNs, each of which appears to its users as a separate, private network. Within a VPN, each site can send IP packets to any other site in the same VPN, because each VPN is associated with one or more VRFs. The VRF is a key element in the VPN technology, because it maintains the routing information that defines a customer VPN site.
How to Enable Dialing to Destinations with the Same IP Address
This section includes the following procedures:
•
•
Mapping the VRF and Next-Hop Address to a Dial String
Use the following procedure to map a VRF and next-hop address combination to a dial string and thereby allow the dialer software to be VRF-aware for an MPLS VPN.
Prerequisites
These commands are only part of the required configuration and show how to map a VRF and next-hop address combination to a dial string. Refer to the documents listed in the "Additional References" section and the example in the "Configuration Examples for Dialing to Destinations with the Same IP Address" section for details on where to include these commands in the network configuration.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
DETAILED STEPS
Verifying the Configuration
To verify the configuration, use the following procedure.
SUMMARY STEPS
1.
2.
DETAILED STEPS
Step 1
Use this command on the customer edge NAS to place a call to a peer. The expected result is that the NAS successfully dials out to that peer.
Step 2
Use this command if the call fails to check Cisco Express Forwarding (CEF) adjacency table information.
Troubleshooting Tips
If you encounter problems with the feature, use the following debug privileged EXEC commands on the NAS to help you determine where the problem lies:
•
•
•
•
•
•
Configuration Examples for Dialing to Destinations with the Same IP Address
This section provides a configuration example of the feature for a simple network topology shown in Figure 1.
Figure 1 MPLS VPN Topology
Note
Customer Edge (CE) Router
!hostname oaktree02enable secret 5 !1!35Fg$Ep4.D8JGpg7rKxQa49BF9/!ip subnet-zerono ip domain-lookup!controller T1 5/0!controller T1 5/1!interface FastEthernet0/0no ip addressno ip mroute-cacheduplex autospeed auto!interface FastEthernet0/1no ip addressno ip mroute-cacheshutdownduplex autospeed auto!interface Ethernet1/0ip address 10.0.58.11 255.255.255.0no ip mroute-cachehalf-duplex!interface Ethernet1/1ip address 50.0.0.2 255.0.0.0no ip mroute-cachehalf-duplex!interface Ethernet1/2no ip addressno ip mroute-cacheshutdownhalf-duplex!interface Ethernet1/3no ip addressno ip mroute-cacheshutdownhalf-duplex!interface Serial2/0no ip addressno ip mroute-cacheshutdownno fair-queueserial restart-delay 0!interface Serial2/1no ip addressno ip mroute-cacheshutdownserial restart-delay 0!interface Serial2/2no ip addressno ip mroute-cacheshutdownserial restart-delay 0!interface Serial2/3no ip addressno ip mroute-cacheshutdownserial restart-delay 0!interface FastEthernet4/0no ip addressno ip mroute-cacheshutdownduplex autospeed auto!ip classlessip route 0.0.0.0 0.0.0.0 10.0.58.1ip route 60.0.0.0 255.0.0.0 50.0.0.1no ip http server!!snmp-server managerbanner motd ^C AV-8B OAKTREE^Calias exec r sh run!line con 0exec-timeout 0 0line aux 0loginline vty 0 4no login!endProvider Edge (PE) Router
hostname pinetree02!aaa new-model!!aaa authentication login con-log noneaaa authentication ppp default group radiusaaa authorization network default group radiusaaa session-id commonenable secret 5 $1$7KlA$xpC8l4dJCZogbzZvGUtFl/!username rubbertree02 password 0 Helloip subnet-zero!no ip domain-lookup!ip vrf yellowrd 100:1ip cefvirtual-profile aaaisdn switch-type primary-5ess!controller T1 3/0framing esflinecode b8zspri-group timeslots 1-24!controller T1 3/1framing esflinecode b8zs!controller T1 3/2framing esflinecode b8zs!controller T1 3/3framing esflinecode b8zs!controller T1 3/4framing esflinecode b8zs!controller T1 3/5framing esflinecode b8zs!controller T1 3/6framing esflinecode b8zs!controller T1 3/7framing esflinecode b8zs!interface Loopback0ip vrf forwarding yellowip address 70.0.0.1 255.0.0.0!interface FastEthernet1/0no ip addressshutdownduplex half!interface Ethernet2/0ip address 10.0.58.3 255.255.255.0duplex full!interface Ethernet2/1ip vrf forwarding yellowip address 50.0.0.1 255.0.0.0duplex half!interface Ethernet2/2no ip addressshutdownduplex half!interface Ethernet2/3no ip addressshutdownduplex half!interface Serial3/0:23description phone# 555-3123no ip addressencapsulation pppdialer rotary-group 0dialer-group 1isdn switch-type primary-5essppp authentication chap!interface Serial4/0no ip addressshutdownno fair-queue!interface Dialer0ip address negotiatedencapsulation pppdialer in-banddialer map ip 60.0.0.12 vrf yellow name rubbertree02 5552171dialer map ip 60.0.0.2 5552172dialer-group 1ppp authentication chap!ip classlessip route 0.0.0.0 0.0.0.0 10.0.58.1ip route 60.0.0.2 255.255.255.255 Dialer0ip route vrf yellow 60.0.0.0 255.0.0.0 Dialer0 permanentno ip http serverip pim bidir-enable!ip director cache time 60dialer-list 1 protocol ip permit!radius-server host 172.19.192.89 auth-port 1645 acct-port 1646 key rad123radius-server retransmit 3call rsvp-sync!no mgcp timer receive-rtcp!mgcp profile default!dial-peer cor custom!gatekeepershutdown!banner motd ^C F/A-18 PINETREE ^C!line con 0exec-timeout 0 0login authentication con-logline aux 0line vty 5 15!endPeer Router
hostname rubbertree02!logging buffered 32000 debuggingenable secret 5 $1$RCKC$scgtdlaDzjSyUVAi7KK5Q.enable password Windy!username pinetree02 password 0 Hello!ip subnet-zerono ip domain-lookup!isdn switch-type basic-5ess!interface Ethernet0ip address 10.0.58.9 255.255.255.0no ip route-cache!interface BRI0description phone# 555-2171ip address 60.0.0.12 255.0.0.0encapsulation pppno ip route-cachedialer map ip 60.0.0.11 5553123dialer map ip 60.0.0.2 5552172dialer-group 1isdn switch-type basic-5essisdn fast-rollover-delay 45!ip default-gateway 10.0.58.1ip classlessip route 0.0.0.0 0.0.0.0 10.0.58.1ip route 50.0.0.0 255.0.0.0 70.0.0.1no ip http server!dialer-list 1 protocol ip permitno cdp runbanner motd ^C F-4B RUBBERTREE^C!line con 0exec-timeout 0 0line vty 0 4password Windylogin!endAAA Server User File
[aaa-serv]/usr/testing/bin> ./radiusd_1.16 -d . -a . -xgreentree-16 Password = "Hello", Expiration = "Dec 31 2005"Service-Type = Framed-User,Framed-Protocol = PPPcisco-avpair = "lcp:interface-config=ip vrf forwarding yellow \nipunnumbered Loopback0"Additional References
Related Documents
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
MIBs
RFCs
Technical Assistance
Feature Information for Dialing to Destinations with the Same IP Address
Table 1 lists the features in this module and provides links to specific configuration information.
Not all commands may be available in your Cisco IOS software release. For details on when support for specific commands was introduced, see the command reference documents.
Cisco IOS software images are specific to a Cisco IOS software release, a feature set, and a platform. Use Cisco Feature Navigator to find information about platform support and Cisco IOS software image support. Access Cisco Feature Navigator at http://www.cisco.com/go/fn. You must have an account on Cisco.com. If you do not have an account or have forgotten your username or password, click Cancel at the login dialog box and follow the instructions that appear.
Note
Table 1 Feature Information for Dialing to Destinations with the Same IP Address
Dialer Map VRF-Aware for MPLS VPNs
12.2(8)T
The Cisco IOS dialer software is "VRF-aware for an MPLS VPN," which means that it can distinguish between two destinations with the same IP address using information stored in the VRF.
The following sections provide information about this feature:
•
•
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2007 Cisco Systems, Inc. All rights reserved.
