Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
938
Views
0
Helpful
2
Replies

Service Provide MPLS L3VPN and Internet access on same router but different VRFs

Winnie89
Level 1
Level 1

‎11-05-2018 07:34 AM - edited ‎03-01-2019 03:12 PM

Hi, 

 

I work for a self startup ISP/reseller of MPLS L3VPN and internet leased lines. Trying to understand technically what our suppliers are doing in their core network its proving challenging and am struggling to understand and configure our network to mirror what our suppliers offer. 

 

Scenario: 

Carrier offer 1 CPE with 2 service handoffs, 1 Direct internet access and 1 MPLS port handoff both separated onto separate ports on the same CPE. 

 

How on the service providers PE do they do this? 

I understand that the service provider uses a layer 1 provider who uses Q in Q to differentiate each customer connection but i do not understand how the service provider then separates the customers traffic for the internet and MPLS services. 

 

For example lets say VLAN 2000 is the customer outer VLAN and the inner VLAN was VLAN 10 for MPLS. VLAN 10 we would be tagging on the WAN interface on the CPE for MPLS. 

 

PE:

Router(config-subif) ip address 10.0.0.1 255.255.255.0

Router(config-subif) description CUSTA MPLS 

Router(config-subif) encapsulation dot1q 2000 second-dot1q 10

Router(config-subif) ip VRF forwarding  CUST A

 

PE:

would i then configure for the internet service vrf on the PE?

(using VLAN 20 for internet):

Router(config-subif) ip address 1.2.3.4 255.255.255.0

Router(config-subif) description CUSTA Internet  

Router(config-subif) encapsulation dot1q 2000 second-dot1q 20

Router(config-subif) ip VRF forwarding  CUST A

 

 

CPE:

Router(config-subif) ip address 10.0.0.2 255.255.255.0

Router(config-subif) description MPLS WAN 

Router(config-subif) encapsulation 10

 

CPE:

Router(config-subif) ip address 1.2.3.1 255.255.255.0

Router(config-subif) description Internet WAN 

Router(config-subif) encapsulation 20

 

any help would be greatly appreciated. 

 

Thanks

 

 

 

 

 

Labels:
0 Helpful
2 Replies 2

BannerMOTD
Level 1
Level 1

‎12-04-2018 02:48 AM

I would say QinQ is an L2VPN implementation using MPLS. Not an L3VPN MPLS technology. VRF's sounds right, that would be a possible solution in this case.

0 Helpful

Patrick.Williams
Level 1
Level 1

‎01-08-2019 12:26 PM

It is great that you are trying to expand your technical knowledge in the areas of the overall MPLS infrastructure.

 

This is a huge topic and there are a lot that could be said, however this is a compressed version.

It is important to understand the concept of (VRF) Virtual Routing & Forwarding , this is the process of virtualizing a router into sub compartments with its own little area containing its routing table etc ,  a comparison would be similar to how we create VLANs within a switch, its a logical separation that is accomplished, client 1 cannot communicate with client 2 etc.

 

The first step in this process is to create a VRF definition as seen below, this is then associated with a physical interface or a vlan within your router or switch, in essence only devices connected to that assigned interface will be able to communicate to the assigned ip address for said interface.

 

vrf definition VEL
 rd 200:200    
 address-family ipv4
  route-target export 200:200
  route-target import 200:200
 exit-address-family

Interface Association with above vrf definition

interface G1/01
 vrf forwarding VEL
 ip address 192.168.2.1 255.255.255.255

The (RD) Route Distinguisher and the route- target that are highlighted are the  extra baggage that are added to the ip packet as it exists the Provider Edge router to be transported across the MPLS core otherwise referred to as the (LSP) Label Switched Path , these are transported by eBGP .

The RD sole purpose is to ensure that the ip address remains unique for each vrf across the network along with the route target that determines the PEs that are allowed to import the routing details to their routing table /vrf.

From an end user perspective each vrf or client circuit is encapsulated by a VLAN ID across a trunk link to the client Demark Location.

 

Key points to take away from this :

1.  vrf Performs a logical separation of all client circuits on a physical device, router or switch

2. Vlan Trunks are used to transport multi vlan services to the client demarc switches

3. Clients are connected to access ports on each demarc switch, different access vlans provides access to different service types.

 

See the following.

Multi VLAN.png

 

**** PLEASE REMEMBER TO RATE THIS POST****

 

P.Williams
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents