MPLS-VPNv4 Configuration

In this tutorial, I will explain step by step how to configure VPNv4 MPLS. I will use the topology shown below:

Topology.PNG

In this topology we have two customers with two different sites (S1, S2). Both customers use the same private network. I will upload the GNS3 topology and the config files at the end of this tutorial for those who want to practice.

To allow the customer to connect from one site to another site without interfering with the traffic of the other customers, in the ISP network we have to create MPLS L3 VPN ( Note that this VPN has nothing to do with IPsec VPN or SSL VPN). In each edge router (PE1 and PE2) we need to create one VRF for each customer to separate the routing information of each customer.

Below the list of all steps needed for such configuration :

  1. Configure internal routing protocol inside ISP network, we will use OSPF for this purpose.
  2. Create VRFs on PE1 and PE2.
  3. Assign Interfaces to a specific VRF.
  4. Activate the MPLS.
  5. Configure BGP VPNv4 between PE1 and PE2.
  6. Configure routing protocol between customer Router and PE. We will use EIGRP for this lab.
  7. Routes redistribution from external routing protocol EIRGP to iBGP.
  8. Routes redistribution from iBGP to EIRGP.

Let’s go ….

1. Configure internal routing protocol inside ISP network, we will use OSPF for this purpose: 

I will configure loopback interface on EP1 and EP2, so we can test the connectivity between EP1 and EP2:

PE1_Loopback0

PE2_Loopback0

The first step is to create the internal routing. We will configure OSPF in all ISP routers :

On PE1:

PE1_OSPF

On PE2:

PE2_OSPF

On R4:

R4_OSPF

On R6:

R6_OSPF

At this stage we should be able to ping from EP1 to EP2 and vice versa :

PE1_PE2_PING

2. Create VRFs on PE1 and PE2.

The second step is to create the two VRFs in the edge routers, PE1 and PE2:

On PE1:

PE1_VRFs

On PE2:

PE2_VRF

3. Assign Interfaces to a specific VRF.

After that the VRFs are created, we will need to assign the interface connected to each customer to the VRF which corresponds. Note that the interface need to be assigned only to one VRF.

On PE1:

Interface f0/0 is connected to customer 1, so it should be assigned to Customer1 VRF.

PE1_Assign_Interfaces1

Interface f0/1 is connected to customer 2, so it should be assigned to Customer2 VRF:

PE1_Assign_Interfaces2

On PE2:

Interface f0/0 is connected to customer 1, so it should be assigned to Customer1 VRF.

PE2_Assign_Interfaces1

Interface f0/1 is connected to customer 2, so it should be assigned to Customer2 VRF:

PE2_Assign_Interfaces2

4. Enable the MPLS.

We need to enable MPLS in all ISP routers globally and at the interface level

To enable the MPLS we use the following command :

EP1_Enable_MPLS

Note that we don’t need to enable MPLS in the interfaces connected to the customers , f0/0 and f0/1 for the Edge routers (PE1, PE2).

5. Configure BGP VPNv4 between PE1 and PE2.

To be able to propagate the VPNv4 prefixes inside the MPLS network, we need to configure the iBGP between EP1 and EP2.

On PE1:

PE1_iBGP

On PE2:

PE2_iBGP

6. Configure routing protocol between Customer Router and PE.

For the routing protocol between the customer and the EP routers we will use EIGRP:

On PE1 :

PE1_EIRGP

On PE2:

PE2_EIRGP

And for the customer routers we will use the same configuration as shown below :

Customers_EIRGP

7. Routes redistribution from External routing protocol EIRGP to iBGP.

8. Routes redistribution from External routing protocol iBGP to EIRGP.

moment of truth …

Let’s test our configuration. If everything is configured correctly,  the router of customer 1 on site 1 should be able to ping the router of customer 1 on site 2 (same thing for customer 2).

Before checking the ping let us check the “ip route” on the customer 1 router on site 1 (Customer1-S1).

Awesome!!! as you can see below, the router has learned about the network 10.1.22.0/30 on site 2 via the PE1 (10.1.11.2).

IP_Route

Now let’s try to ping Customer1-S2 from Customer1-S1 router:

C1_PING

Finally for those who want to practice, you can find below the GNS3 topology and the configuration files.

GNS3 Topology

Config files

Note that i have used this version of the ISO image :   c7200-advipservicesk9-mz.152-4.S5.image.

I hope this tutorial was useful for you. Don’t hesitate to leave a comment.

Thanks for reading.

Mostafa Garziad

 

 

Advertisements

One thought on “MPLS-VPNv4 Configuration”

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s