Re: Connecting 2 locations via MPLS

Ryan69 · ‎12-03-2024

Hi everyone,

I have some questions regarding MPLS, I work with a transport company and am wondering is there any configuration must set from our company side regarding MPLS on the router or that is a ISP thing?

The ip address handled to up from ISP are class c addresses 192.168.1.0/24, so my question is should I only configure the ip to the interface and then use routing protocol like ospf and advertise the inside networks of our site to other branches needed plus allow specific vlans I want to be crossed over, while there is no mpls configuration from our side?

Regarding the security aspect do the ISP provide VPN services or is that a thing we set from our side?

Last thing I need to know if there is anything I should configure from my company side, regarding MPLS in any aspect that I didn't mention?

Thanks in advance

Ryan

MHM Cisco World · ‎12-03-2024

For mpls no' not need this ISP job.

From your side you need to config IGP in both sites.

I recommend eBGP.

MHM

Joseph W. Doherty · ‎12-03-2024

@Ryan69 wrote:

I have some questions regarding MPLS, I work with a transport company and am wondering is there any configuration must set from our company side regarding MPLS on the router or that is a ISP thing?

That depends on whether you want to "do" MPLS.

Often service provider provides a hand-off where MPLS is "invisible" to you, although sometimes there are restrictions to how you can use the "network" the service provider hands you.

@Ryan69 wrote:

The ip address handled to up from ISP are class c addresses 192.168.1.0/24, so my question is should I only configure the ip to the interface and then use routing protocol like ospf and advertise the inside networks of our site to other branches needed plus allow specific vlans I want to be crossed over, while there is no mpls configuration from our side?

If your SP gave you a private /24 address block, you'll need to find out whether it operates as p2p or multi-point. As to running any dynamic routing protocol across it, it might be, to you, the same as running a dynamic routing protocol across a private p2p or Ethernet link, or (as alluded above) there may be restrictions on certain traffic cannot flow across the SP network, which might interfere with some dynamic routing protocols.

@Ryan69 wrote:

Regarding the security aspect do the ISP provide VPN services or is that a thing we set from our side?

Last thing I need to know if there is anything I should configure from my company side, regarding MPLS in any aspect that I didn't mention?

Thanks in advance

Ryan

In theory, a service provider provides a "network" that only they could see your traffic. If their being able to "see" you traffic is a concern, and/or perhaps a misconfiguration that would all other customers to see your traffic is a concern, you can provide your own VPN on top of the SP network (again, assuming their network doesn't have issues with encrypted traffic - normally it shouldn't).

If your service provider is also going to provide Internet access, security and/or VPN would be left to you or possibly you can work in conjunction with your SP. SP "services" can be more extensive than just provide network media extends beyond your sites.

Again, as to what you may need to configure on your side of the SP connection, really depends on what you've obtained from your SP. All you've told us, is SP has provided a private /24 address block for you to use between your sites, and that you only have two sites. Possibly using the SP network make be similar to using a VLAN with a /24 assigned to it. For example, the /24 might be used just for transit (in which case you only really needed a /30) or you might be able to actually use it as a VLAN that spans your sites. (The latter is logically nice and simple, but then hosts can "wonder" why some other hosts are so "slow" [those at another site].)