- About This Guide
- Cisco MWR 2941 Router Overview
- Cisco IOS Software Basics
- First-Time Configuration
- Configuring Gigabit Ethernet Interfaces
- Configuring Layer 2 Interfaces
- Configuring HWIC-D-9ESW Interfaces
- Configuring VLANs
- Configuring IEEE 802.1Q Tunneling and Layer 2 Protocol Tunneling
- Configuring STP
- Configuring Mutliple STP
- Configuring Optional Spanning-Tree Features
- Managing the MAC Address Table
- Configuring Cisco Express Forwarding
- Configuring Resilient Ethernet Protocol
- Configuring Ethernet OAM, CFM, and E-LMI
- Configuring Clocking and Timing
- Configuring Synchronous Ethernet ESMC and SSM
- Configuring MLPPP Backhaul
- Configuring Multiprotocol Label Switching
- Configuring IPv6
- Configuring Routing Protocols
- Configuring Bidirectional Forwarding Detection
- Configuring Pseudowire
- Configuring MPLS VPNs
- Configuring Quality of Service
- Configuring Link Noise Monitor
- Configuring Cisco Discovery Protocol
- Configuring Traffic Storm Control
- Configuring IEEE 802.3ad LACP EtherChannels on the Cisco MWR 2941
- Monitoring and Managing the Cisco MWR 2941 Router
- Index
Cisco MWR Mobile Wireless Edge Router Release 3.5.1, Cisco IOS Release 15.1(3)MRA
- Updated:
- October 19, 2013
Chapter: Configuring MPLS VPNs
Configuring MPLS VPNs
A Virtual Private Network (VPN) is an IP-based network that delivers private network services over a public infrastructure. VPNs allow you to create a set of sites that can communicate privately over the Internet or other public or private networks.
The following sections describe how to configure MPLS VPNs on the Cisco MWR 2941:
•
Sample MPLS VPN Configuration
Understanding MPLS VPNs
A conventional VPN consists of a full mesh of tunnels or permanent virtual circuits (PVCs) connecting all of the sites within the VPN. This type of VPN requires changes to each edge device in the VPN in order to add a new site. MPLS VPNs, also known as Layer 3 VPNs, are easier to manage and expand than conventional VPNs because they use layer 3 communication protocols and are based on a peer model. The peer model enables the service provider and customer to exchange Layer 3 routing information, enabling service providers to relay data between customer sites without customer involvement. The peer model also provides improved security of data transmission between VPN sites because data is isolated between improves security between VPN sites.
The Cisco MWR 2941 supports the following MPLS VPN types:
•Basic Layer 3 VPN—Provides a VPN private tunnel connection between customer edge (CE) devices in the service provider network. The provider edge (PE) router uses Multiprotocol Border Gateway Protocol (MP-BGP) to distribute VPN routes and MPLS Label Distribution Protocol (LDP) to distribute Interior Gateway Protocol (IGP) labels to the next-hop PE router.
•MPLS Carrier Supporting Carrier (CSC) VPN—Enables an MPLS VPN-based service provider to allow other service providers to use a segment of its backbone network. MPLS CSC VPNs use MPLS LDP to distribute MPLS labels and IGP to distribute routes.
•Inter-Autonomous System (AS) VPN—An inter-AS VPN allows service providers running separate networks to jointly offer MPLS VPN services to the same end customer; an inter-AS VPN can begin at one customer site and traverse multiple service provider backbones before arriving at another customer site.
Configuring MPLS VPNs
Layer 3 VPNs allow you to establish VPNs in a routed environment, improving the flexibility and ease of maintenance of VPNs. For instructions on how to configure layer 3 VPNs, see the MPLS Configuration Guide, Cisco IOS Release 15.0S.
Sample MPLS VPN Configuration
The following section shows a sample configuration for Layer 3 Virtual Private Network (VPN).
Note This section provides a partial configuration intended to demonstrate a specific feature.
!
-----------Customer definitions for 2 customers---------------------------------------
vrf definition customer_a
rd 192.168.1.1:100
route-target export 192.168.1.1:100
route-target import 192.168.1.1:100
!
address-family ipv4
exit-address-family
!
vrf definition customer_b
rd 192.168.2.1:200
route-target export 192.168.2.1:200
route-target import 192.168.2.1:200
!
address-family ipv4
exit-address-family
!
-------------------Loopback addresses for 2 customers-----------------------------------
interface Loopback100
vrf forwarding customer_a
ip address 192.169.1.3 255.255.255.255
!
interface Loopback101
vrf forwarding customer_b
ip address 192.168.100.1 255.255.255.255
!
------------------------Core-facing OSPF instance----------------------------
router ospf 1
log-adjacency-changes
network 100.0.0.0 0.255.255.255 area 0
network 192.168.0.0 0.0.255.255 area 0
network 192.169.0.0 0.0.255.255 area 0
!
----------------------VRF OSPF instances for 2 customers -------------------------------
router ospf 100 vrf customer_a
router-id 192.168.1.3
log-adjacency-changes
redistribute bgp 101 metric-type 1 subnets
network 192.168.0.0 0.0.255.255 area 0
network 192.169.0.0 0.0.255.255 area 0
!
router ospf 100 vrf customer_b
router-id 192.168.100.1
log-adjacency-changes
redistribute bgp 101 metric-type 1 subnets
network 192.168.0.0 0.0.255.255 area 0
network 192.169.0.0 0.0.255.255 area 0
!
----------------------MP-BGP with 2 VRF customers ---------------------------------
router bgp 101
bgp router-id 100.1.1.1
bgp log-neighbor-changes
neighbor 100.1.1.2 remote-as 101
neighbor 100.1.1.2 update-source Loopback1
!
address-family ipv4
redistribute connected
neighbor 100.1.1.2 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 100.1.1.2 activate
neighbor 100.1.1.2 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf customer_b
redistribute connected
neighbor 100.1.1.2 remote-as 101
neighbor 100.1.1.2 update-source Loopback1
neighbor 100.1.1.2 activate
no synchronization
exit-address-family
!
address-family ipv4 vrf customer_a
redistribute connected
neighbor 100.1.1.2 remote-as 101
neighbor 100.1.1.2 update-source Loopback1
neighbor 100.1.1.2 activate
no synchronization
exit-address-family
!
----------------MP-BGP loopback interface ---------------------------------
interface Loopback1
ip address 100.1.1.1 255.255.255.255
!
------------------Core-facing Vlan interface -------------------------------
interface GigabitEthernet0/1
switchport access vlan 20
switchport trunk allowed vlan 1,2,20-23,1002-1005
switchport mode trunk
load-interval 30
!
interface Vlan20
ip address 192.169.10.1 255.255.255.0
load-interval 30
no ptp enable
mpls ip
!
------------------CE-facing Vlan interfaces for 2 customers------------------------------
interface GigabitEthernet0/4
switchport access vlan 100
load-interval 30
duplex full
!
interface Vlan100
vrf forwarding customer_a
ip address 192.169.3.2 255.255.255.0
!
interface GigabitEthernet0/5
switchport access vlan 99
load-interval 30
duplex full
!
interface Vlan99
vrf forwarding customer_b
ip address 192.169.3.2 255.255.255.0
!
Feedback