Cisco Active Network Abstraction Managing MPLS User Guide, 3.6.6
Viewing MPLS VPNs
Download this chapter
Viewing MPLS VPNsViewing MPLS VPNs
Download the complete book
mpls.pdfmpls.pdf (PDF - 2 MB)
give_us_feedback

Table Of Contents

Viewing MPLS VPNs

Supported MPLS and VPN Technologies and Routing Protocols

MPLS VPN Maps Overview

VPN Business Configurations

Layer 3 VPN Business Configuration

Layer 2 VPN Business Configuration and Tunnels

VPN Topology Connections

Layer 3 VPN Map

Layer 2 VPN Map

Tree Pane

Map Pane

Ticket Pane


Viewing MPLS VPNs

The following topics provide an overview to Multiprotocol Label Switching (MPLS) virtual private network (VPN) technologies displayed by Cisco Active Network Abstraction (Cisco ANA) including the MPLS service view, business configuration, and maps:

Supported MPLS and VPN Technologies and Routing Protocols—Provides an overview to MPLS VPN technologies supported by Cisco ANA.

MPLS VPN Maps Overview—Provides an overview of MPLS VPN maps.

VPN Business Configurations—Provides an introduction to the Layer 2 and Layer 3 VPN business configurations and available business elements.

VPN Topology Connections—Describes Layer 2 and Layer 3 VPN map topologies.

For a more detailed description of the Cisco ANA NetworkVision window, menus, and toolbars, and working with tables, see the Cisco Active Network Abstraction 3.6.6 User Guide.

Supported MPLS and VPN Technologies and Routing Protocols

Cisco ANA supports the following technologies:

MPLS.

Border Gateway Protocol (BGP) including route reflector scenarios.

Layer 3 BGP MPLS VPNs as defined in RFC2547.

Label Distribution Protocol (LDP).

Interior Gateway Routing Protocol (IGRP).

Cisco IGRP.

Extended IGRP.

Pseudowire end-to-end emulation tunnels as defined in RFC3985 and implemented for Cisco Any Transport over MPLS (AToM). Pseudowire support is based on the Luca Martini drafts (draft-martini-l2circuit-encap-mpls-03.txt and draft-martini-l2circuit-trans-mpls-07.txt).

Note Cisco ANA supports payload types packet and cell only. For more information, see RFC3985, Section 3.3.

MPLS traffic engineering based on RFC2702 with Resource Reservation (RSVP) protocol for signaling as described in RFC3209.

Policy-Based Tunnel Selection (PBTS) for Cisco CRS-1 routers running Cisco IOS XR 3.6 software in MPLS or MPLS VPN networks.

Open Shortest Path First (OSPF).

MPLS VPN Maps Overview

Cisco ANA automatically discovers MPLS VPNs and displays their configurations and topologies in service view maps. The physical and logical inventory information that Cisco ANA discovers about network devices is displayed in network maps. Cisco ANA may contain multiple maps, service view as well as network. The VPNs that are discovered and displayed in service view maps allow you to drill down into specific VPNs and view information about the elements they contain.

Note In previous releases, network maps displayed only devices, and service view maps displayed only VPNs. Starting in Release 3.6.6, devices can be displayed in service view maps, and VPNs can be displayed on network maps.

Cisco ANA can automatically discover Layer 3 VPNs in the network and their associated virtual routers. After creating an MPLS VPN map, you can, for example:

Add or remove VPNs that were automatically discovered by the system based on the automatically discovered information from the network.

View business element properties.

Select and move logical circuit peers (LCPs) and logical circuit aggregators (LCAs).

View VPN logical topology and understand the connectivity between sites.

View VPN topology.

Select and display an overlay of a specific VPN on top of the devices in the map.

View logical inventory.

Add tunnels to a service view map and view Layer 3 pseudowires and MPLS traffic engineering (TE) tunnel information.

View the active faults and tickets generated by Cisco ANA for the devices in the map.

Identify extranets.

VPN Business Configurations

Cisco ANA allows you to map service-related information to network resources by using a business element as a wrapper for a network element (NE) or service. VPNs are considered business elements because they represent interconnected sites that form a single VPN over a public network. Sites can be connected over virtual routing and forwarding (VRF) instances or through pseudowire tunnels.

The Cisco ANA business element containment hierarchy reflects the VPN structure. Business elements are available through the Northbound Interface (NBI) as well as in Cisco ANA NetworkVision. Any changes that are made to the business configuration are reflected in all maps. For example, if a link is removed, the link removal is reflected in all the maps.

Layer 3 VPN Business Configuration

The following business elements represent a Layer 3 VPN configuration:

Site (IP Interface)—Represents the VPN access point on the provider edge (PE) device.

Virtual Router—Represents a PE VRF.

The Layer 3 VPN configuration hierarchy is composed of VPN business elements that in turn contain multiple virtual routers and sites. The relationship between the contents of VPNs and virtual routers can be changed, for example, by moving a virtual router between VPNs, which causes each site connected to the moved virtual router to move as well. The relationship between virtual routers and sites cannot be changed; sites are automatically attached to virtual routers (sites cannot be moved on their own).

In the Layer 3 VPN configuration, the VPNs are created and named automatically and new virtual routers are automatically detected. The virtual router is then automatically related or matched to the VPN based on the VRF name. If there is no related or matching VPN, then a new VPN is automatically created and a VRF is assigned to it. You can then add these VPNs to a map. You can manually change the autodiscovered service information, for example, by manually creating new VPNs, by deleting empty VPNs, by renaming VPNs, and so on.

Cisco ANA can use different criteria to determine the different Layer 3 VPNs in the network and their associated virtual routers. By default, Cisco ANA uses the VRF name to determine the network VPNs.

Layer 2 VPN Business Configuration and Tunnels

Layer 2 VPNs are not automatically created. You create the VPNs and then add the tunnels. The following business elements represent the Layer 2 VPN configuration:

Logical Circuit Peer (LCP)—Represents a Layer 2 tunnel edge that resides on a single device. A pair of LCPs represents both sides of the tunnel edge.

Note A tunnel can be associated with only one VPN.

Logical Circuit Aggregator (LCA)—Represents an aggregation of LCPs on the same device.

LCAs can be manually or automatically created:

Automatically—When an LCP is added to the VPN system, the system automatically creates the LCA by taking all the LCPs that belong to the same device and aggregating them into an LCA (the LCPs are automatically added under the LCA).

Manually—An LCA that is manually created on a specific VPN has no rules. Manually creating an LCA is a preparatory step for adding tunnels or stranded peers.

VPN Topology Connections

Cisco ANA uses route targets (based on the router configuration) to determine the topology between VRFs. Layer 3 VPN topology information is continuously updated to reflect the actual state of the network connections. Cisco ANA uses the virtual circuit (VC) ID and the router IP address (based on the router configuration) to determine the connectivity between the Layer 2 tunnel edges forming the pseudowire tunnels.

Cisco ANA shows the actual tunnel state (up or down) for the Layer 2 logical link if discovered. The link appears with a minor severity (yellow) when the tunnel is down. Table 1-1 shows common MPLS VPN topology map icons.

Table 1-1 Topology

Topology Example
Line
Description

Solid with arrows at either end.

VPN topology (extranet).

Solid with arrows at either end.

VPN topology between virtual routers.

Solid.

Note The link does not reflect a status.

Tunnel topology between LCPs.


Note PE and customer edge (CE) Border Gateway Protocol (BGP) topologies are not supported.

Figure 1-1 displays several devices that are connected in a multipath VPN MPLS map in the Cisco ANA PathTracer multipath window.

Figure 1-1 Cisco ANA PathTracer Multipath Window

Table 1-2 lists the associations that might appear on the service view map.

Table 1-2 Service View Map Associations

Association Example
Description

The association between the customer site (IP interface) and the access point on the PE.

The overall connection between the CE device and the site (IP interface), which may cross different technologies and layers.

The overall connection between the CE device and the LCP.


Layer 3 VPN Map

The Layer 3 VPN service view map presents existing Layer 3 VPNs in the network. At the top level, you can see inter-VPN (extranet) connections. Drilling down into each VPN presents the service view map, with the following:

Participating virtual routers and their associations with site entities.

Site entities and their associations with CE devices.

Connections between virtual routers and their topologies (for example, Mesh, Hub, Spoke, and others).

Layer 2 VPN Map

The Layer 2 VPN service view map presents existing Layer 2 VPNs in the network. At the top level, you can see inter-VPN (extranet) associations. Drilling down into each VPN presents the service view map, with the following:

Connections between LCPs.

Connections between LCPs and CEs.

LCAs containing LCPs.

Figure 1-2 shows an example of the Cisco ANA NetworkVision window with an open service view map.

Figure 1-2 Cisco ANA NetworkVision Window

1

Menu bar

5

Map pane

2

Toolbar

6

Ticket pane

3

Tree pane

7

Status bar

4

Aggregation

8

Hide or display ticket pane buttons


The Cisco ANA NetworkVision window is divided into three areas or panes:

Tree pane.

Workspace, which includes the map pane, device view, and links view.

Ticket pane.

Note The toolbar and shortcut menus are context sensitive. The available options depend on your Cisco ANA selection.

Tree Pane

The Cisco ANA NetworkVision tree pane displays the VPN business elements in a tree and branch representation. Each business element is represented by an icon in a color that reflects the highest alarm severity. The icon might have a management state icon or alarm. Table 1-3 shows the tree and map pane icons.

Table 1-3 Tree and Map Pane Icons

Tree Pane
Map Pane
Represents

Root (map name) or aggregation.

VPN business element.

Virtual router business element.

Site business element.

Site business element with an actively associated, hidden CE device.

LCA business element.

LCP business element.

LCP business element with an actively assigned tunnel edge for a hidden CE device.


Management state icons, shown in Table 1-4, can also appear in MPLS VPN service view maps.

Table 1-4 Management State Icons 

Tree Pane
Map Pane
Description

The reconciliation icon. The network element wrapped by this business element does not exist; for example, the device configuration has changed and a network problem exists.

The neighboring LCP does not exist or was not discovered.


The highest level of the tree pane displays the root or map name. The branches display the VPN and aggregated business elements as well as their names. The Layer 3 VPN sub branch displays the virtual routers and sites contained in the VPN along with the names of the business elements. In addition, CE devices can also be displayed in the Layer 3 VPN sub branches. The Layer 2 VPN sub branches display the LCAs and LCPs contained in the VPN along with the names of the business elements. In addition, CE devices can also be displayed in the Layer 2 VPN sub branches. If you select an aggregated business element in the tree pane, the map pane displays the business elements contained within the aggregated business element.

Map Pane

The Cisco ANA NetworkVision map pane displays the VPN business elements and aggregated business elements loaded in the service view map, along with the names of the business elements. In addition, the map pane displays the VPN topology (between the virtual routers in the VPNs) and the topology and associations between other business elements. After you select the root in the tree pane, the service view map displays all the VPNs.

Ticket Pane

Cisco ANA presents tickets related to the map in the ticket pane, which allows you to view and manage the VPN tickets that have been generated. For more information about the alarms that Cisco ANA detects and reports for Layer 2 and Layer 3 VPNs, see Chapter 7, "MPLS Network Faults."

For more information about the ticket pane, see the Cisco Active Network Abstraction 3.6.6 User Guide.

Note Only when a device or logical part of the device is added to the service view map are the tickets of that device (for example, the link or port down ticket) displayed in the ticket pane.