Rabu, 14 Januari 2009

Enable Multicast Support for MPLS VPN

this is my new topology, enabling multicast support for MPLS VPN










recently i thought how to enable multicast support on MPLS VPN until finally found articel from cisco so i try it

this is the configuration for PE Router


!--- Configure VRF, Route Distinguser (RD) to allow IP overlaping
!--- Configure the default Multicast Distribution Tree (MDT)
!--- for VRF vpn1 & vpn2

!
ip vrf vpn1
rd 777:1
route-target export 777:1
route-target import 777:1
mdt default 239.1.1.1
mdt data 239.2.2.0 0.0.0.255 threshold 1
!
ip vrf vpn2
rd 777:2
route-target export 777:2
route-target import 777:2
mdt default 239.7.7.7
mdt data 239.3.3.0 0.0.0.255 threshold 1
!

!----Enable global multicast routing

ip multicast-routing

!----Enable multicast routing in VRF vpn1 & vpn2

ip multicast-routing vrf vpn1
ip multicast-routing vrf vpn2
!
!
interface Loopback0
ip address 202.162.208.1 255.255.255.255
ip pim sparse-dense-mode
!
interface Loopback10
ip vrf forwarding vpn1
ip address 192.168.2.254 255.255.255.255
ip pim sparse-dense-mode

!--- Multicast needs to be enable on loopback interface
!--- This is used as a source
!--- for MP-BGP session between PE routers that participate in Multicast VPN


interface Loopback20
ip vrf forwarding vpn2
ip address 192.168.2.254 255.255.255.255
ip pim sparse-dense-mode

!--- this routers needs to be RP for multicast in VRF vpn1 & vpn2
!--- therefore multicast needs to be enabled on the interface is used as Rendezvous Point (RP)
!
!
interface Serial1/0
no ip address
encapsulation frame-relay
serial restart-delay 0
no arp frame-relay
no frame-relay inverse-arp

!--- Multicast is enabled on PE-CE interfaces in VRF
!
interface Serial1/0.101 point-to-point
ip vrf forwarding vpn1
ip address 192.168.1.1 255.255.255.252
ip pim sparse-dense-mode
no arp frame-relay
frame-relay interface-dlci 101
!
interface Serial1/1
no ip address
encapsulation frame-relay
serial restart-delay 0
!
interface Serial1/1.102 point-to-point
ip vrf forwarding vpn2
ip address 192.168.1.1 255.255.255.252
ip pim sparse-dense-mode
no arp frame-relay
frame-relay interface-dlci 102
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0

!--- Service provider core needs to run multicast as global multicast
!--- to support MVPN services, so multicast is enabled on PE-P links

interface FastEthernet0/0
ip address 202.162.208.6 255.255.255.252
ip pim sparse-dense-mode
duplex auto
speed auto
mpls ip
!
!--- Configure global unicast routing PE-P routers
!
router ospf 1
log-adjacency-changes
network 202.162.208.0 0.0.0.255 area 0

!--- Configure unicast routing in VRF vpn1 & vpn2
!
router rip
version 2
!
address-family ipv4 vrf vpn2
redistribute bgp 777 metric transparent
network 192.168.1.0
network 192.168.2.0
no auto-summary
version 2
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute bgp 777 metric transparent
network 192.168.1.0
network 192.168.2.0
no auto-summary
version 2
exit-address-family

!--- Configure MP-BGP session
!
router bgp 777
no synchronization
bgp log-neighbor-changes
neighbor vpn peer-group
neighbor vpn remote-as 777
neighbor vpn update-source Loopback0
neighbor vpn next-hop-self
neighbor 202.162.208.2 peer-group vpn
neighbor 202.162.208.3 peer-group vpn
no auto-summary
!
address-family vpnv4
neighbor vpn send-community both
neighbor 202.162.208.2 activate
neighbor 202.162.208.3 activate
exit-address-family
!
address-family ipv4 vrf vpn2
redistribute connected
redistribute rip
no synchronization
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
redistribute rip
no synchronization
exit-address-family


!--- Configure auto-RP. The PE1's VRF loopback interfaces
!--- 100 is the RP in VRF vpn1 & vpn2
!
ip pim bidir-enable
ip pim vrf vpn1 send-rp-announce Loopback10 scope 100
ip pim vrf vpn1 send-rp-discovery Loopback10 scope 100
ip pim vrf vpn2 send-rp-announce Loopback20 scope 100
ip pim vrf vpn2 send-rp-discovery Loopback20 scope 100


for P router

!−−− Enable global multicast routing.

!
interface Loopback0
ip address 202.162.208.254 255.255.255.255
ip pim sparse-dense-mode
!
interface FastEthernet0/0
ip address 202.162.208.5 255.255.255.252
ip pim sparse-dense-mode
duplex auto
speed auto
mpls ip

!−−− Enable multicast on links to PE routers
!−−− which have MVPNs configured.

!
interface FastEthernet1/0
ip address 202.162.208.9 255.255.255.252
ip pim sparse-dense-mode
duplex auto
speed auto
mpls ip
!
interface FastEthernet2/0
ip address 202.162.208.249 255.255.255.252
ip pim sparse-dense-mode
duplex auto
speed auto
mpls ip
!

!−−− P1 is configured to announce itself as
!−−− the RP through auto−RP.

router ospf 1
log-adjacency-changes
network 202.162.208.0 0.0.0.255 area 0
!
!
ip pim bidir-enable
ip pim send-rp-announce Loopback0 scope 100
ip pim send-rp-discovery Loopback0 scope 100


troubleshoot it




























































see all configuration at
http://sioduy.100webspace.net/Multicast%20VPN/
Diposting oleh di Tidak ada komentar:

Minggu, 04 Januari 2009

6VPE

my network diagram for 6VPE







what is 6VPE ?

IPv6 VPN Network through MPLS IPv4 network

for this topology I use IOS c7200-adventerprisek9-mz.122-33.SRC1.bin i need feature vpnv6 in BGP extension

1.create vrf vpnv6_a & vpnv6_b

2. Network VPN must overlap

3. use sonet interface for backbone


here configuration for PE1


Use vrf definition command to create vrf vpnv6_a & vpnv6_b

you must activate address family ipv6 for ipv6 vpn support

!

vrf definition vpnv6_a
rd 777:1
route-target export 777:1
route-target import 777:1
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
vrf definition vpnv6_b
rd 777:2
route-target export 777:2
route-target import 777:2
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!

Activate ipv6 unicast routing

!
ip cef
ipv6 unicast-routing
ipv6 cef
!

Configure Loopback Interface

!

interface Loopback0
ip address 202.162.208.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!

Activate MPLS using command mpls ip on PE to backbone interface


interface POS1/0

ip address 202.162.208.5 255.255.255.252
mpls ip
!

Configure vrf forwarding on PE to CE Interface In different vrf name you can configure IP overlap with other vrf for example interface in vrf vpnv6_a have the same IPv6 address with vrf vpnv6_b

!
interface FastEthernet2/0
vrf forwarding vpnv6_a
no ip address
speed auto
duplex auto
ipv6 address 2001:5C0:1::1/126
!
interface FastEthernet2/1
vrf forwarding vpnv6_b
no ip address
speed auto
duplex auto
ipv6 address 2001:5C0:1::1/126
!

Activate IGP between PE to P router

!

router ospf 1
log-adjacency-changes
network 202.162.208.0 0.0.0.255 area 0
!

Configure MP-BGP

router bgp 777

bgp log-neighbor-changes
neighbor 125.126.46.1 remote-as 777
neighbor 125.126.46.1 update-source Loopback0
!
address-family ipv4
no synchronization
redistribute static
neighbor 125.126.46.1 activate
neighbor 125.126.46.1 next-hop-self
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor 125.126.46.1 activate
neighbor 125.126.46.1 send-community both
exit-address-family
!
address-family vpnv6
neighbor 125.126.46.1 activate
neighbor 125.126.46.1 send-community both
exit-address-family
!
address-family ipv4 vrf vpnv6_a
no synchronization
redistribute static
exit-address-family
!
address-family ipv6 vrf vpnv6_a
redistribute static
no synchronization
exit-address-family
!
address-family ipv4 vrf vpnv6_b
no synchronization
redistribute static
exit-address-family
!
address-family ipv6 vrf vpnv6_b
redistribute static
no synchronization
exit-address-family

Create IPv6 static route in VRF vpnv6_a & vpnv6_b with destination to CE router

!

ipv6 route vrf vpnv6_b 2001:D30:7::/64 2001:5C0:1::3
ipv6 route vrf vpnv6_a 2001:D30:7::/64 2001:5C0:1::3
!

for P router configure each interface with mpls ip and global IPv4 IGP

!
interface Loopback0
ip address 202.162.208.2 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface POS1/0
ip address 202.162.208.6 255.255.255.252
mpls ip
!
interface POS2/0
ip address 202.162.208.254 255.255.255.252
mpls ip
!
router ospf 1
log-adjacency-changes
network 202.162.208.0 0.0.0.255 area 0
!
ip classless
!


troubleshoot it











































now we check the packet passing P Router







see the all configuration at

http://sioduy.100webspace.net/6VPE/

Diposting oleh di 3 komentar:

MPLS VPN IPv4

hai everybody i am back, long time no see
its time for me to continue posting about networking
maybe starting this time and next time i wilL posting about MPLS Network
now its about MPLS VPN IPv4








this is my first MPLS lab using GNS 3

how about the rule ???
1. don't use sub interface on serial interface PE-CE1
2. create vrf name vpn_1 & vpn_2
3. network PE-CE must overlap ecah other
example PE-CE1 must overlap PE-CE2
4.use rip for PE-CE
5.use ospf for backbone router

and this is sample configuration for PE1

create vrf for vpn_1 & vpn_2
this configuration is mandatory configured

ip vrf vpn_1
rd 777:1
route-target export 777:1
route-target import 777:1
!
ip vrf vpn_2
rd 777:2
route-target export 777:2
route-target import 777:2

configure loopback interface you must configure IP with /32 prefix

interface Loopback0
ip address 202.162.208.1 255.255.255.255


configure interface to backbone network in cisco 3640 you can use tag switching ip or mpls ip command
!
interface FastEthernet0/0
ip address 202.162.208.5 255.255.255.252
duplex auto
speed auto
mpls ip
!

Configure PE-CE interface

!
interface Serial1/0
ip vrf forwarding vpn_1
ip address 192.168.2.1 255.255.255.252
encapsulation frame-relay
serial restart-delay 0
clock rate 504000
no arp frame-relay
frame-relay map ip 192.168.2.2 101 broadcast
no frame-relay inverse-arp
!
interface Serial1/1
no ip address
encapsulation frame-relay
serial restart-delay 0
clock rate 1008000
!
interface Serial1/1.102 point-to-point
ip vrf forwarding vpn_2
ip address 192.168.2.1 255.255.255.252
no arp frame-relay
frame-relay interface-dlci 102
!

Configure global IGP

router ospf 1
log-adjacency-changes
network 202.162.208.0 0.0.0.255 area 0
!

Configure IGP in VRF vpn_1 & vpn_2

router rip
version 2
!
address-family ipv4 vrf vpn_2
redistribute bgp 777 metric transparent
network 192.168.2.0
no auto-summary
version 2
exit-address-family
!
address-family ipv4 vrf vpn_1
redistribute bgp 777 metric transparent
network 192.168.2.0
no auto-summary
version 2
exit-address-family
!

Configure MP-BGP session

!
router bgp 777
no synchronization
bgp log-neighbor-changes
neighbor 202.162.208.3 remote-as 777
neighbor 202.162.208.3 update-source Loopback0
neighbor 202.162.208.3 next-hop-self
no auto-summary
!
address-family vpnv4
neighbor 202.162.208.3 activate
neighbor 202.162.208.3 send-community both
exit-address-family
!
address-family ipv4 vrf vpn_2
redistribute rip
no synchronization
exit-address-family
!
address-family ipv4 vrf vpn_1
redistribute rip
no synchronization
exit-address-family

finish configuration for PE

for P router

Activate tag switching or mpls IP and global IGP

interface Loopback0
ip address 202.162.208.2 255.255.255.255
!
interface FastEthernet0/0
ip address 202.162.208.6 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet1/0
ip address 202.162.208.9 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet2/0
ip address 202.162.208.253 255.255.255.252
duplex auto
speed auto
mpls ip
!
router ospf 1
log-adjacency-changes
network 202.162.208.0 0.0.0.255 area 0

now let's troubleshoot them

you can use show mpls forwarding table command









let's check it with traceroute



















if you want to see all configuration download at
http://sioduy.100webspace.net/MPLS%20VPN%20IPv4/


for the next post i will posting MPLS IPv6 or 6VPE
Diposting oleh di Tidak ada komentar:
Langganan: Postingan (Atom)