Re: Unbale to configure MPLS VPN in the below scenario

mirzaakberali · ‎04-07-2009

Hi Experts,

I tried in my GNS3 lab for configuring MPLS VPN lab with the below attached scenario and configurations.

I am struggling to know what else should be configured on the P/PE /CE devices.

MPLS Flow diagram

R7-CE-Cust A

|

R3-PE--R4-P.Router---R5-PE--R8-CE-CustB

| |

| R2 CE-CustA

R1( CE- CustB)

Please refer the attached diagram and configuration .

Request you to suggest with valuable posts to configure MPLS VPN with the below scenario.

Also Can any one confirm me if i can use 7206 vxr router in GNS3 lab along with IOS c7200-jk9s-mz.124-23.bin .

Highly appreciate your earliest response and posts.

Configuration attached for reference.

Thanks in advance!

Regards,

Mirza.

shivlu jain · ‎04-07-2009

core backbone links should be configured with

mpls ip

mpls label protcol ldp

same above mentioned commands need to be enabled in global config also

mpls ip

mpls label protcol ldp

mpls ldp advertise-labels

under bgp address familiy of customer enable redistribute connetced and satatic

under Mp-iBGP use loopback as update source

You can refer my blog and find lot of good material http://shivlu.blogspot.com

regards

shivlu jain

regards

shivlu jain

JamesLuther · ‎04-07-2009

Hi,

As shivlu has said, configure the following

(config)# mpls ip

(config)# mpls label protcol ldp

(config-if)# mpls ip

(config-if)# mpls label protcol ldp

Are you running an IGP routing protocol between your backbone routers R3-R6? For the MPLS VPN to work then the loopback IPs of all the backbone routers must be known. ISPs will normally run ISIS in their backbone for this, however you can just configure static routes for GNS3. I see you've already configured the MP-BPG to use update-source loopback which is correct.

Once you've configured the routing for the loopbacks and enabled mpls then it should all start working.

You can check that LDP has created all the VPNV4 labels using the following on R3/R5/R6

sh mpls forwarding-table

You should see the VPNV4 routes with a [V] (on regular IOS) and you should see labels for all the MP-BGP neighbor loopbacks. Also you can see if your exchanging VPNV4 routes by typing the following

sh ip bgp vpnv4 all summary

sh ip bgp vpnv4 rd 1:1

sh ip bgp vpnv4 rd 1:1 x.x.x.x/24

For the code level, I use the "telco" image for GNS3 as it's small and includes MPLS/BGP. As long as it takes the "mpls ip" command you're OK.

Regards

mirzaakberali · ‎04-08-2009

Thanks Shivlu for your posts.

I am still unable to establish MPLS VPN using the below scenario with your above posts.::(.

Can you or somebody go through my configs attached and suggest the missing configurations for MPLS VPN.

I have to setup this task in my organsation.

Highly appreciate your efforts.

Thanks ,Mirza.

JamesLuther · ‎04-08-2009

Hi,

Can you please post the output of the following from R3

sh mpls forwarding-table

sh ip bgp vpnv4 all summary

sh ip ro 150.1.5.5

sh ip ro 150.1.6.6

sh run int lo0

Regards

shivlu jain · ‎04-08-2009

can you check whether your mpls ldp neighbors is coming up or not.

Command for check:-

show mpls ldp neighbors

regards

shivlu jain

mirzaakberali · ‎04-09-2009

Hi James/Shivlu & Experts,

Thanks for your continuous follow-up.

Currently my MP-BGP established . I am still confused to configure static routes from where to where & MPLS commands if any missed out.

Attaching you the existing config and show commands for your reference.

I suspect i am missing something on static routes may be.

Highly appreciate your efforts.

Thanks ,

Mirza.

ozzyosbu1 · ‎04-09-2009

Hello

are u running any IGP to ensure the reachability of the IBGP neighbors within AS 101. if not how is the reachability achieved

mirzaakberali · ‎04-10-2009

Hello,

I am using Static route on R3/R5/R6 on PE routers and also on R4- P router.

also using redistribute connected on on R3/R5/R6 .

Would you plz go through my previous post which are attached with configurations and let me know if i missed out any or wrongly configured.

Thanks,

Mirza.

JamesLuther · ‎04-10-2009

Hi Mirza,

Thanks for posting the output. I've spotted a couple of things.

1) Please change all of your loopback addresses to have a /32 subnet mask. I've noticed that one of them is a /24. This can cause problems with LDP.

2) For MP-BGP to come up you must have a route for the peers router-id otherwise LDP won't create a label. On R3 you don't have a route for 150.1.5.5 or .6. If you are using static routes please ensure that all the PE routers (and R4) can route to each others loopback addresses. Otherwise you need to run ISIS in your core.

You can see from "sh ip bgp vpnv4 all summary" that MP-BGP is down because no routes have been exchanged to 150.1.5.5 and .6 (due to no routes).

Also "sh mpls forwarding-table" is only showing locally attached routes, you have no labels for remote subnets

Regards

mirzaakberali · ‎04-10-2009

Hello James,

Thanks for your above Inputs.

Should my static route look likes this?

R3:

ip route 150.1.3.3 255.255.255.255 150.1.6.6.

ip route 150.1.3.3 255.255.255.255 150.1.5.5.

Similarly on R5 & R6.

but still result is same.

Could you plz go through my static routes and eigrp config in the attached.

I am using eigrp on R1/R2/R7/R8 - does it reqd.

Can u suggest wht comand shld i use to see R5& R6 routes from R3 loc.

Sincerely thanking you for your continuous advice.

Thanks,

Mirza.

JamesLuther · ‎04-10-2009

Hi Mirza,

Your static routes on R3 for example will be

ip route 150.1.5.5 255.255.255.255 192.168.34.2

ip route 150.1.6.6 255.255.255.255 192.168.36.2

On R4 they will be

ip route 150.1.5.5 255.255.255.255 192.168.45.1

ip route 150.1.3.3 255.255.255.255 192.168.34.1

In the core the important thing is to have all the MP-BGP loopbacks present in order to bring up MP-BGP. You also need LDP enabled everywhere.

Normally these routes are distributed via ISIS in a production core. Hopefully this will be enough to get MP-BGP. Once the MP-BGP is up all the routes for each remote vrf should get populated.

Remember to use the following to validate your configurations

sh mpls forwarding-table

sh ip bgp vpnv4 all summary

Regards

mirzaakberali · ‎04-10-2009

Hello James,

Finally my MP-BGP came-up after a long trouble :)

After this , I wanted to know will I be able to ping from to the follwoing .

R3- R5 /R3-R7/R3-R8/R3-R2 .currently i am not able to ping these.

Also currently i am not able to see 150.1.5.5 & 150.1.6.6 from R3 by the below commmand.

R3 :- sh ip bgp 150.1.5.5

sh ip bgp 150.1.6.6/150.1.3.3

shows error as network not in table

where as can see routes of 150.1.1.1.

Can you also check my RIP on R1/R2/R7/R8..does it reqd.I want to ping from R1-R8/R1-R7 ....

I am very delighted to reach at this stage of MPLS with all your & Shivlu support.

Attaching the configurations & output result for reference.

Thanks,

Mirza.

maldin · ‎04-10-2009

Hi Mirzaak,

I have built your topology and configure basic MPLS VPN by using 3600 routers on the core (r3,r4,r5,r6) and 2600 for the CEs. But since i want to do it very quickly, i did not use any frame relay switch, so all serial are back to back hdlcs.

I use OSPF for core routing.

LDP for mpls labels

For Customer B i run Ospf between them and for customer A one site runs BGP and the other runs eigrp.

This should be a very basic setup.

From your configs, some of the errors have been corrected by others, but i suppose your redistribution was not correct and you do not have next hop self in the vpnv4 neighbors.

i attached here a zip file containing the NET file saved by GNS3 and also all the router final config.

Hope this helps.

It sure helps me practice :)

mirzaakberali · ‎04-10-2009

Hi Maldin,

Thanks for your Posts and it looks good.

I shall simulate them once i achieve complete Lab for my above scenario.

Attaching my current scenario diagram for you, for which i have used 7206 vxr module for all routers.

Thanks,

Mirza.