MPLS VPN Carrier Supporting Carrier: The BGP way

Posted on April 12, 2010

As usual when you study CCIE you need to know at least 2 ways to do everything, same for Carrier supporting Carrier (CsC). I know that InterNetwork Expert they say that the chances are slim to have MPLS VPN Carrier supporting Carrier but you never know, it’s not the biggest bit of study anyway.

MPLS VPN Carrier supporting Carrier Lab Topology

So for our setup I’ll be using a 8 router setup

MPLS VPN Carrier Supporting Carrier with BGP Topology

AS100 will be our super service provider providing the CsC service, AS200 will be our CsC customer. R1 and R8 are our customer devices running EIGRP with the PE devices.

I pre-configured all the MPLS VPN, there is nothing new there. We’re going to focus on the MPLS VPN Carrier supporting Carrier side.

So lets start, as a first step lets configure a VRF on the CsC routers and advertise it in BGP.

On R4

R4-CsC-PE#sh run | s ip vrf
ip vrf CSC
 rd 100:1
 route-target export 100:1
 route-target import 100:1
 ip vrf forwarding CSC
R4-CsC-PE#sh run int g1/0
Building configuration...
Current configuration : 134 bytes
!
interface GigabitEthernet1/0
 ip vrf forwarding CSC
 ip address 34.1.34.4 255.255.255.0
 negotiation auto
end

R4-CsC-PE#sh run | s router bgp
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 45.99.5.5 remote-as 100
 neighbor 45.99.5.5 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 45.99.5.5 activate
  neighbor 45.99.5.5 send-community extended
 exit-address-family

and on R5

R5-CsC-PE#sh run | s ip vrf
ip vrf CSC
 rd 100:1
 route-target export 100:1
 route-target import 100:1
 ip vrf forwarding CSC
R5-CsC-PE#sh run int g2/0
Building configuration...

Current configuration : 134 bytes
!
interface GigabitEthernet2/0
 ip vrf forwarding CSC
 ip address 56.1.56.5 255.255.255.0
 negotiation auto
end

R5-CsC-PE#sh run | s router bgp
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 45.99.4.4 remote-as 100
 neighbor 45.99.4.4 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 45.99.4.4 activate
  neighbor 45.99.4.4 send-community extended
 exit-address-family

Give it a quick check

R4-CsC-PE#sh ip bgp s
BGP router identifier 45.99.4.4, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
45.99.5.5       4   100      89      89        1    0    0 01:19:21        0
R4-CsC-PE#sh ip bgp vpnv4 all s
BGP router identifier 45.99.4.4, local AS number 100
BGP table version is 36, main routing table version 36
5 network entries using 705 bytes of memory
5 path entries using 340 bytes of memory
7/4 BGP path/bestpath attribute entries using 532 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1625 total bytes of memory
BGP activity 12/7 prefixes, 17/12 paths, scan interval 15 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
45.99.5.5       4   100      94      98       36    0    0 01:18:51        0

 

R5-CsC-PE#sh ip bgp s
BGP router identifier 45.99.5.5, local AS number 100
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
45.99.4.4       4   100      90      90        1    0    0 01:20:15        0
R5-CsC-PE#sh ip bgp vpnv4 all s
BGP router identifier 45.99.5.5, local AS number 100
BGP table version is 41, main routing table version 41
5 network entries using 705 bytes of memory
5 path entries using 340 bytes of memory
7/4 BGP path/bestpath attribute entries using 532 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 1625 total bytes of memory
BGP activity 7/2 prefixes, 17/12 paths, scan interval 15 secs

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
45.99.4.4       4   100      99      95       41    0    0 01:19:44        0

All good. Our super ISP is ready to take the traffic.
Next step, lets configure our MPLS VPN Carrier supporting Carrier CE devices

First part lets configure the BGP peering with the MPLS VPN Carrier supporting Carrier PE router

R3-CsC-CE(config)#router bgp 200
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 34.1.34.4 remote-as 100
 !
 address-family ipv4
  no synchronization
  neighbor 34.1.34.4 activate
  neighbor 34.1.34.4 send-label
  no auto-summary
 exit-address-family

You may notice I put a neighbor x.x.x.x send-label statement, this is there to tell BGP to exchange label mapping with his neighbors. You can use the command show ip bgp label to see this mapping, we’ll see that in action a bit later.

Before going further lets check our BGP sessions

R3-CsC-CE(config-router-af)#do sh ip bgp neighbor  34.1.34.4
BGP neighbor is 34.1.34.4,  remote AS 100, external link
  BGP version 4, remote router ID 45.99.4.4
  BGP state = Established, up for 00:45:18
  Last read 00:00:04, last write 00:00:46, hold time is 180, keepalive interval is 60 seconds
  Neighbor sessions:
    1 active, is multisession capable
  Neighbor capabilities:
    Route refresh: advertised and received(new)
    Address family IPv4 Unicast: advertised and received
    ipv4 MPLS Label capability: advertised and received
    Multisession Capability: advertised and received
  Message statistics, state Established:
    InQ depth is 0
    OutQ depth is 0

                         Sent       Rcvd
    Opens:                  1          1
    Notifications:          0          0
    Updates:                2          5
    Keepalives:            51         51
    Route Refresh:          0          0
    Total:                 54         57
  Default minimum time between advertisement runs is 30 seconds

 For address family: IPv4 Unicast
  Session: 34.1.34.4 session 1
  BGP table version 10, neighbor version 10/0
  Output queue size : 0
  Index 1, Offset 0, Mask 0x2
  1 update-group member
  Outbound path policy configured
  Route map for outgoing advertisements is SET-LABEL
  Sending Prefix & Label
                                 Sent       Rcvd
  Prefix activity:               ----       ----
    Prefixes Current:               3          2 (Consumes 104 bytes)
    Prefixes Total:                 3          4
    Implicit Withdraw:              0          0
    Explicit Withdraw:              0          2
    Used as bestpath:             n/a          2
    Used as multipath:            n/a          0

                                   Outbound    Inbound
  Local Policy Denied Prefixes:    --------    -------
    Bestpath from this peer:              4        n/a
    Total:                                4          0
  Number of NLRIs in the update sent: max 2, min 1

  Address tracking is enabled, the RIB does have a route to 34.1.34.4
  Connections established 4; dropped 3
  Last reset 00:45:23, due to User reset of session 1
  Transport(tcp) path-mtu-discovery is enabled
  Graceful-Restart is disabled
Connection state is ESTAB, I/O status: 1, unread input bytes: 0
Connection is ECN Disabled
Mininum incoming TTL 0, Outgoing TTL 1
Local host: 34.1.34.3, Local port: 29048
Foreign host: 34.1.34.4, Foreign port: 179
Connection tableid (VRF): 0

Enqueued packets for retransmit: 0, input: 0  mis-ordered: 0 (0 bytes)

Event Timers (current time is 0x7516F8):
Timer          Starts    Wakeups            Next
Retrans            54          0             0x0
TimeWait            0          0             0x0
AckHold            53         51             0x0
SendWnd             0          0             0x0
KeepAlive           0          0             0x0
GiveUp              0          0             0x0
PmtuAger         6160       6159        0x7517E3
DeadWait            0          0             0x0
Linger              0          0             0x0

iss: 1053524898  snduna: 1053526055  sndnxt: 1053526055     sndwnd:  15228
irs: 1489319462  rcvnxt: 1489320759  rcvwnd:      15088  delrcvwnd:   1296

SRTT: 300 ms, RTTO: 303 ms, RTV: 3 ms, KRTT: 0 ms
minRTT: 20 ms, maxRTT: 300 ms, ACK hold: 200 ms
Status Flags: none
Option Flags: higher precendence, nagle, path mtu capable

Datagrams (max data segment is 1436 bytes):
Rcvd: 107 (out of order: 0), with data: 55, total data bytes: 1296
Sent: 106 (retransmit: 0 fastretransmit: 0),with data: 53, total data bytes: 1156

Good news, ipv4 MPLS Label capability: advertised and received this is telling us we are exchanging labels with our neighbor

We now have a peering but no routes, now we’ll configure redistribution between OSPF and BGP to advertise our loopbacks only.

route-map LOOPBACK->OSPF permit 10
 match ip address prefix-list LOOPBACK-AS200-IN
route-map LOOPBACK->BGP permit 10
 match ip address prefix-list LOOPBACK-AS200-OUT

 

ip prefix-list LOOPBACK-AS200-IN seq 5 permit 67.99.6.6/32
ip prefix-list LOOPBACK-AS200-IN seq 10 permit 67.99.7.7/32
ip prefix-list LOOPBACK-AS200-OUT seq 5 permit 23.99.3.3/32
ip prefix-list LOOPBACK-AS200-OUT seq 10 permit 23.99.2.2/32

 

R3-CsC-CE(config)#router bgp 200
 address-family ipv4
  redistribute ospf 1 route-map LOOPBACK->BGP

 

R3-CsC-CE(config)#router ospf 1
 router-id 23.99.3.3
 log-adjacency-changes
 redistribute bgp 200 subnets route-map LOOPBACK->OSPF
 network 23.1.0.0 0.0.255.255 area 0
 network 23.99.0.0 0.0.255.255 area 0

Lets have a look on the other side to see if our routes are learned in BGP

R6-CsC-CE(config-router-af)#do sh ip route bgp
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

      23.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B        23.99.2.2/32 [20/0] via 56.1.56.5, 00:39:51
B        23.99.3.3/32 [20/0] via 56.1.56.5, 00:39:51

Ok we’re ready to move to the label part.

[ad#Google Adsense]

Lets check our label mapping

R3-CsC-CE(config-route-map)#do sh ip bgp lab
   Network          Next Hop      In label/Out label
   23.99.2.2/32     23.1.23.2       16(from LDP)/nolabel
   23.99.3.3/32     0.0.0.0         imp-null(from LDP)/nolabel
   67.99.6.6/32     34.1.34.4       20/17
   67.99.7.7/32     34.1.34.4       21/19

Looks good as well. Lets ping to see if we have connectivity

R2-PE#ping 67.99.7.7 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 67.99.7.7, timeout is 2 seconds:
Packet sent with a source address of 23.99.2.2
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/52/108 ms

Perfect we’ll follow the LSP to see if everything is ok

R2-PE#sh ip cef 67.99.7.7
67.99.7.7/32
  nexthop 23.1.23.3 GigabitEthernet2/0 label 19

 

R3-CsC-CE#sh mpls for lab 19
Local  Outgoing      Prefix            Bytes Label   Outgoing   Next Hop
Label  Label or VC   or Tunnel Id      Switched      interface
19     20            67.99.7.7/32      590           Gi2/0      34.1.34.4

 

R4-CsC-PE#sh mpls for lab 20
Local  Outgoing      Prefix            Bytes Label   Outgoing   Next Hop
Label  Label or VC   or Tunnel Id      Switched      interface
20     18            67.99.7.7/32[V]   590           Gi2/0      45.1.45.5

 

R5-CsC-PE#sh mpls for lab 18
Local  Outgoing      Prefix            Bytes Label   Outgoing   Next Hop
Label  Label or VC   or Tunnel Id      Switched      interface
18     17            67.99.7.7/32[V]   590           Gi2/0      56.1.56.6

 

R6-CsC-CE#sh mpls for lab 17
Local  Outgoing      Prefix            Bytes Label   Outgoing   Next Hop
Label  Label or VC   or Tunnel Id      Switched      interface
17     Pop Label     67.99.7.7/32      570           Gi2/0      67.1.67.7

All good, we can see that we’re using MPLS from end to end without any ldp between CsC-PE and CsC-CE.

All we need to do it to setup a BGP VPNv4 session between our 2 sides to exchange routes

R3-CsC-CE(config)#router bgp 200
 neighbor 67.99.6.6 remote-as 200
 neighbor 67.99.6.6 update-source Loopback0
!
 address-family vpnv4
  neighbor 67.99.6.6 activate
  neighbor 67.99.6.6 send-community extended
  neighbor 67.99.6.6 route-reflector-client
 exit-address-family

We now have the BGP VPNv4 routes

R7-PE#sh ip bgp vpnv4 all
BGP table version is 5, local router ID is 67.99.7.7
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 200:1 (default for vrf CustA)
*>i12.1.12.0/24     23.99.2.2                0    100      0 ?
*> 78.1.78.0/24     0.0.0.0                  0         32768 ?

The redistribution to EIGRP is working fine

R8-CE#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, + - replicated route

Gateway of last resort is not set

      12.0.0.0/24 is subnetted, 1 subnets
D        12.1.12.0 [90/3072] via 78.1.78.7, 00:11:25, GigabitEthernet1/0
      78.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        78.1.78.0/24 is directly connected, GigabitEthernet1/0
L        78.1.78.8/32 is directly connected, GigabitEthernet1/0

And we can ping through the MPLS VPN Carrier supporting Carrier network

R8-CE#ping 12.1.12.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 12.1.12.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 24/65/136 ms

Here we are MPLS VPN Carrier supporting Carrier without LDP. For further details, check out Cisco’s website (http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_carrier_bgp.html)


1 Reply to "MPLS VPN Carrier Supporting Carrier: The BGP way"


Got something to say?

Some html is OK