Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1951
Views
0
Helpful
2
Replies

Internet Routing using MPLS Aggregate Lookup

Bobbins_McSnorkle
Level 1
Level 1

‎07-18-2012 07:45 AM

Hi,

I'm attempting to adapt a scenario from the MPLS and VPN Architecture CCIP edition book.  The scenario that I'm working with has two PE/P IOS XR routers in a collapsed MPLS core.  All customers are terminated in their own VRF on each PE/P router.  I want to be able to terminate multiple Internet providers on the PE/P routers as a cost-cutting measure and the question I'm trying to solve is how to route the customer traffic to the Internet. 

Page 233 of the MPLS and VPN Architecture CCIP edition book lays out the possibility of using default route that generates an aggregate label thus forcing the PE to perform a lookup in the Internet VRF prior to forwarding the packet.  I've set up this scenario in a lab whereby the Internet VRF on the left PE/P router has a static default configured pointing at a loopback address in the VRF.  The Left PE/P progagates the default through MPBGP using the network 0.0.0.0 command.  All customer VRFs that require internet access receive the default.  When customer traffic on the right PE/P is forwarded to the Internet VRF by the default, forwarding works - the aggregate lable forces a lookup to be performed in the Internet VRF where full Internet routes exist and the packet is forwarded using the best path.  The problem is that customer traffic using the default route from the left PE/P router is blackholed.  The aggregate lookup doesn't work and the customers terminated on the left PE/P do not have Internet access.  The scenario in the book is using a third router attached to each PE to distribute the aggregate default route. Is it possible to make it work without requiring a third device to propagate the MPLS aggregate labelled default route?

The basic configs are below:

Right PE:

vrf VRF_TEST

address-family ipv4 unicast

  import route-target

   555:5555123

   555:5555555

  !

  export route-target

   555:5555555

  !

!

!

router bgp 65005

vrf VRF_TEST

  rd 555:5555555

  address-family ipv4 unicast

   redistribute connected

RP/0/RSP0/CPU0:RouterRight#sho route vrf VRF_TEST

Gateway of last resort is 192.168.1.1 to network 0.0.0.0

B*   0.0.0.0/0 [200/0] via 192.168.1.1 (nexthop in vrf default), 00:00:29

L    192.168.202.1/32 is directly connected, 18:01:24, Loopback5555

Left PE:

vrf VRF_INET_TEST

address-family ipv4 unicast

  import route-target

   555:5555555

  !

  export route-target

   555:5555123

vrf VRF_TEST

address-family ipv4 unicast

  import route-target

   555:5555123

   555:5555555

  !

  export route-target

   555:5555555

  !

!

!

router bgp 65005

vrf VRF_INET_TEST

  rd 555:5555123

  address-family ipv4 unicast

   network 0.0.0.0/0

   redistribute connected

router bgp 65005

vrf VRF_TEST

  rd 555:5555555

  address-family ipv4 unicast

   redistribute connected

  !

!

!

router static

vrf VRF_INET_TEST

  address-family ipv4 unicast

   0.0.0.0/0 Loopback5555

interface Loopback5555

vrf VRF_INET_TEST

ipv4 address 192.168.200.1 255.255.255.255

RP/0/RSP0/CPU0:RouterLeft#sho route vrf VRF_TEST

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

B*   0.0.0.0/0 is directly connected, 00:03:09, Loopback5555 (nexthop in vrf VRF_INET_TEST)

B    192.168.200.1/32 is directly connected, 17:34:46, Loopback5555 (nexthop in vrf VRF_INET_TEST)

L    192.168.201.1/32 is directly connected, 18:07:59, Loopback12345

RP/0/RSP0/CPU0:RouterLeft#sho route vrf VRF_INET_TEST

Gateway of last resort is 0.0.0.0 to network 0.0.0.0

S*   0.0.0.0/0 is directly connected, 00:03:25, Loopback5555

L    192.168.200.1/32 is directly connected, 18:13:17, Loopback5555

B    192.168.201.1/32 is directly connected, 17:35:02, Loopback12345 (nexthop in vrf VRF_TEST)

B    192.168.202.1/32 [200/0] via 192.168.1.2 (nexthop in vrf default), 18:04:21

B     <Full Table of Internet Routes - Snipped>

Labels:
0 Helpful
2 Replies 2

shivjain
Cisco Employee
Cisco Employee

‎07-18-2012 09:38 PM

hi

aggregate label is generated only by the router which is the exit interface of vrf. aggregate label means remove all the label and perform the ip lookup.

it all depends how would you like to proceed.

Use of aggregate labels

http://www.mplsvpn.info/2009/02/use-of-aggregate-labels.html

how internet works in vrf by using aggregate label

http://www.mplsvpn.info/2009/03/provisioning-internet-with-internet-vrf.html

regards

shivlu jain

0 Helpful

Bobbins_McSnorkle
Level 1
Level 1
In response to shivjain

‎07-19-2012 12:50 PM

I've seen those links before but the scenario isn't quite the same as what I am trying to do.  In the "how internet works in vrf by using aggregate label" article, combine the function of R2 and R1 so the Internet gateway and the PE device are the same.  I understand how your scenario plays out when the Internet gateway is one device removed, that matches the scenario laid out in the MPLS and VPN Architectures book in my original question.  What I am trying to do is combine the Internet Gateway and PE functionality into one device... For example:

ISP_A ------------ R1 (PE/IGW) ----------- CPE

0 Helpful
Customers Also Viewed These Support Documents