Simple MPLS VPN LAB

Hi,
good lab to practicec from gns3 vault, good example which allow us to understand about VRF technology, the reason i'm doing this lab from this url (http://gns3vault.com/MPLS/basic-mpls-vpn.html) is because to understand clearly while i'm reading about CEF FIB of MPLS. Enjoy!


the main configs from SP1(or)SP3 are this: these two routers were configured almost the same to each other as the PE routers.
The router SP2 does not need to configure the BGP and its just carry the packets via MPLS which act as a pure LSR.

SP1#sh running-config | sec vrf
ip vrf KC
 rd 100:1
 route-target export 1:100
 route-target import 1:100
 ip vrf forwarding KC
 address-family ipv4 vrf KC
  redistribute bgp 8 metric 64000 1000 255 1 1500
  network 192.168.12.0
  no auto-summary
  autonomous-system 100
 address-family ipv4 vrf KC
  redistribute eigrp 100
  no synchronization
SP1#

SP1#sh running-config | sec bgp
  redistribute bgp 8 metric 64000 1000 255 1 1500
router bgp 8
 no synchronization
 bgp log-neighbor-changes
 neighbor 4.4.4.4 remote-as 8
 neighbor 4.4.4.4 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community both
 exit-address-family
 !
 address-family ipv4 vrf KC
  redistribute eigrp 100
  no synchronization
 exit-address-family
SP1#

SP1#sh running-config | sec eigrp
router eigrp 1
 no auto-summary
 !
 address-family ipv4 vrf KC
  redistribute bgp 8 metric 64000 1000 255 1 1500
  network 192.168.12.0
  no auto-summary
  autonomous-system 100
 exit-address-family
  redistribute eigrp 100
SP1#


SP1#sh ip route vrf KC 5.5.5.5
Routing entry for 5.5.5.5/32
  Known via "bgp 8", distance 200, metric 409600, type internal
  Redistributing via eigrp 100
  Advertised by eigrp 100 metric 64000 1000 255 1 1500
  Last update from 4.4.4.4 00:01:49 ago
  Routing Descriptor Blocks:
  * 4.4.4.4 (Default-IP-Routing-Table), from 4.4.4.4, 00:01:49 ago
      Route metric is 409600, traffic share count is 1
      AS Hops 0

Customer has completely no idea how their packet are travel through the provider's network but their goal simply is to connect their Branch and HQ. Their simple configs from HQ and Branch routers as follow.

HQ#sh run | sec eigrp
router eigrp 100
 network 1.0.0.0
 network 192.168.12.0
 no auto-summary
HQ#

Branch#sh run | sec eigrp
router eigrp 100
 network 5.0.0.0
 network 192.168.45.0
 no auto-summary
Branch#

But now they can connect each other through provider's network, successfully. 

HQ#ping 192.168.45.5
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.45.5, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 56/73/88 ms
HQ#traceroute 192.168.45.5
Type escape sequence to abort.
Tracing the route to 192.168.45.5
  1 192.168.12.2 24 msec 24 msec 12 msec
  2 192.168.23.3 [MPLS: Labels 16/19 Exp 0] 48 msec 56 msec 68 msec
  3 192.168.45.4 60 msec 44 msec 40 msec
  4 192.168.45.5 72 msec *  92 msec
HQ#

Branch#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/83/104 ms
Branch#traceroute 1.1.1.1
Type escape sequence to abort.
Tracing the route to 1.1.1.1
  1 192.168.45.4 20 msec 48 msec 16 msec
  2 192.168.34.3 [MPLS: Labels 17/20 Exp 0] 68 msec 68 msec 72 msec
  3 192.168.12.2 [MPLS: Label 20 Exp 0] 52 msec 68 msec 52 msec
  4 192.168.12.1 72 msec *  100 msec
Branch#

KEY TOPIC: (copy from CCIE BOOK) Cisco routers can be confiugred to disable MPLS TTL propagation. When disabled, the ingress E-LSR set the MPLS header's TTL field to 255, and the egress E-LSR leaves the original IP header's TL field unchanged. As a result, the entire MPLS network appears to be a single router hop from a TTL perspective, and the routers inside the MPLS network are not seen from the customer's traceroute command.

I've book for my lab in coming August, but its seem like 80% sure to fail, anyway Goodluck!








2 comments:

Sei Thu said...

Good Luck Bro!!

Packet Fusion said...

Nice Post. For more information visit carrier services

Post a Comment