Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
851
Views
0
Helpful
0
Replies

MPLS - VRF internet access with NAT

FranciscoRC
Level 1
Level 1

‎02-09-2020 11:43 AM

Hi everyone.

I´m running a lab, simulating ans ISP connected to other ISPs and some clients. eBGP with other ISPs and iBGP and OSPF internally, and everything is working great. Now I´m trying to configure a customer MPLS network with internet access (NAT).

I´ve manage to connect all Customer1 sites together and run OSFP in between them. But now I´m having and hard time figuring out how to provide internet access.


What I´m trying to achieve is:
1. In the customer network make C1-3 as the default-gateway
2. NAT traffic to PE8 - (pool 30.136.17.1/24)
3. PE8 to internet and back.

 

Using the default information originate always I managed to make C1-3 as the default gateway, but if I do NAT and send the traffic to PE8, it sends me back because it also received the OSPF command.

I´ve looked through some examples about doing the NAT on the PE routers, but I got more confused since the ip route ... global command forces me to say what is the next hop and I don´t know since PE8 has to look at his routing table to decide which of the 2 links use for exiting the network.

 

C1-3

hostname C1-3
!
no ip domain lookup
!
interface Loopback0
 ip address 192.168.254.33 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.3.254 255.255.255.0
 ip ospf network broadcast
 no shut
!
interface GigabitEthernet3/0
 ip address 192.168.0.10 255.255.255.252
 ip ospf network point-to-point
 no shut
!
router ospf 101
 router-id 192.168.254.33
 auto-cost reference-bandwidth 1000
 network 192.168.0.0 255.255.0.0 area 0
!

PE8

hostname PE8
!
no ip icmp rate-limit unreachable
ip cef
!
ip classless
!
no ip domain lookup
no ipv6 cef
!
mpls label protocol ldp
mpls ldp router-id Loopback0
mpls ip
mpls traffic-eng tunnels
!
ip vrf Customer1
 rd 10:1
 route-target export 10:1
 route-target import 10:1
! 
ip vrf Customer2
 rd 10:2
 route-target export 10:2
 route-target import 10:2
!
interface Loopback0
 ip address 172.25.8.8 255.255.255.255
!
interface Loopback101
 ip vrf forwarding Customer1
 ip address 192.168.254.3 255.255.255.255
!
interface Loopback102
 ip vrf forwarding Customer2
 ip address 192.168.255.3 255.255.255.255
!
interface GigabitEthernet1/0
 description Connected to P10 - g1/0
 ip address 10.110.12.2 255.255.255.252
 ip ospf network point-to-point
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp source interface Loopback0
 ip rsvp bandwidth 1000000
 no shut
!
interface GigabitEthernet2/0
 description Connected to P4 - g3/0
 ip address 10.110.42.2 255.255.255.252
 ip ospf network point-to-point
 mpls ip
 mpls traffic-eng tunnels
 ip rsvp source interface Loopback0
 ip rsvp bandwidth 1000000
 no shut
!
interface GigabitEthernet3/0
 description Connected to C1-3 - g3/0
 ip vrf forwarding Customer1
 ip address 192.168.0.9 255.255.255.252
 ip ospf network point-to-point
 no cdp enable
 no shut
!
interface GigabitEthernet5/0
 description Connected to C1-4 - g5/0
 ip vrf forwarding Customer1
 ip address 192.168.0.13 255.255.255.252
 ip ospf network point-to-point
 no cdp enable
 no shut
!
router ospf 30
 router-id 172.25.8.8
 mpls traffic-eng area 0
 mpls traffic-eng router-id loopback 0
 auto-cost reference-bandwidth 1000
 passive-interface default
 no passive-interface GigabitEthernet1/0
 no passive-interface GigabitEthernet2/0
 network 10.110.0.0 0.0.255.255 area 0
 network 172.25.8.8 0.0.0.0 area 0
!
router ospf 101 vrf Customer1
 router-id 192.168.254.3 
 redistribute bgp 30 subnets
 area 0 sham-link 192.168.254.3 192.168.254.1 cost 1
 area 0 sham-link 192.168.254.3 192.168.254.2 cost 1
 network 192.168.0.0 0.0.0.255 area 0
!
router ospf 102 vrf Customer2
 router-id 192.168.255.3 
 redistribute bgp 30 subnets
 area 0 sham-link 192.168.255.3 192.168.255.1 cost 1
 area 0 sham-link 192.168.255.3 192.168.255.2 cost 1
 network 192.168.0.0 0.0.0.255 area 0
!
router bgp 30
 bgp router-id 172.25.8.8
 no bgp default ipv4-unicast
!
 neighbor internal-peers peer-group
 neighbor internal-peers remote-as 30
 neighbor internal-peers update-source Loopback0
 neighbor internal-peers timers 5 15
 neighbor 172.20.1.1 peer-group internal-peers
!
 address-family ipv4
  neighbor internal-peers next-hop-self
  neighbor 172.20.1.1 activate
  no auto-summary
  no synchronization
  exit-address-family
!
 address-family vpnv4
  neighbor internal-peers send-community extended
  neighbor 172.20.1.1 activate
  exit-address-family
!
 address-family ipv4 vrf Customer1
  redistribute ospf 101 vrf Customer1 match internal external 1 external 2
  redistribute connected
  no auto-summary
  no synchronization
  exit-address-family
!
 address-family ipv4 vrf Customer2
  redistribute ospf 102 vrf Customer2 match internal external 1 external 2
  redistribute connected
  no auto-summary
  no synchronization
  exit-address-family
!

 I´m very confused, so sorry if I don´t explained myself very well.

Anyway thanks for reading this.

Labels:
Preview file
364 KB
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents