12-07-2013 04:09 PM - edited 03-04-2019 09:48 PM
Hi everybody.
I have a problem with my assignment. Can you help me?
I have a topology of MPLS VPN like this
And my problem is my teacher ask me to configure one site with RIP routing protocol between PE1 and CPE1; another one with OSPF routing protocol between PE2 and CPE2. And this is my problem, i dont know how to do that. If configure two site RIP-RIP or OSPF-OSPF, i can practice immetately but with this problem, i dont know how to start.
Anyone can help me? I'm very apreciate your help.
This is my basic configuration:
Configuration PE1(RIP):
hostname PE1
no ip domain lookup
ip http server
interface loopback 0
ip address 10.0.1.1 255.255.255.255
exit
interface serial 1/0
ip address 10.0.12.1 255.255.255.0
clock rate 64000
no shutdown
exit
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
exit
mpls ldp router-id loopback0 force
interface serial1/0ư
mpls label protocol ldp
mpls ip
exit
ip vrf A
rd 100:1
route-target both 1:100
exit
interface fastethernet 0/0
ip vrf forwarding A
ip address 172.16.100.1 255.255.255.0
no shut
exit
router rip
version 2
address-family ipv4 vrf A
no auto-summary
network 172.16.0.0
redistribute bgp 100 metric transpa
exit
exit
router bgp 100
neighbor 10.0.4.1 remote-as 100
neighbor 10.0.4.1 update-source loopback0
address-family vpnv4
neighbor 10.0.4.1 activate
neighbor 10.0.4.1 send-community both
exit
address-family ipv4 vrf A
redistribute rip
no auto-summary
exit
exit
Configuration PE2 (OSPF):
hostname PE1
no ip domain lookup
ip http server
interface loopback 0
ip address 10.0.4.1 255.255.255.255
exit
interface serial 1/0
ip address 10.0.23.1 255.255.255.0
clock rate 64000
no shutdown
exit
router ospf 1
network 10.0.0.0 0.255.255.255 area 0
exit
mpls ldp router-id loopback0 force
interface serial1/0
mpls label protocol ldp
mpls ip
exit
ip vrf A
rd 100:1
route-target both 1:100
exit
interface fastethernet 0/0
ip vrf forwarding A
ip address 172.16.200.1 255.255.255.0
no shut
exit
router ospf 2 vrf A
network 172.16.0.0 0.0.255.255 area 0
redistribute bgp 100 subnets
exit
router bgp 100
neighbor 10.0.1.1 remote-as 100
neighbor 10.0.1.1 update-source loopback0
address-family vpnv4
neighbor 10.0.1.1 activate
neighbor 10.0.1.1 send-community both
exit
address-family ipv4 vrf A
redistribute ospf 2
no auto-summary
exit
exit
Solved! Go to Solution.
12-08-2013 08:08 AM
Cuong,
I can not give you the entire solution as that would be harmful to your learning - but let me give you a few hints.
First, when configuring MPLS L3 VPNs and the PE/CE routing, always focus simply on the single location and totally ignore the routing protocol run at other locations. On the CE, you configure the routing protocol in an absolutely normal way, ignoring even the fact that there is anything like a VPN or MPLS somewhere along the path. One CE is going to be configured with totally plain RIPv2, the other with totally plain OSPF preferably in area 0.
The configuration of PE routers is very similar - the only extra facts that need to be taken into account are:
Try this out - and let us know what you have found out. Step by step, you'll get it working!
Best regards,
Peter
12-08-2013 08:08 AM
Cuong,
I can not give you the entire solution as that would be harmful to your learning - but let me give you a few hints.
First, when configuring MPLS L3 VPNs and the PE/CE routing, always focus simply on the single location and totally ignore the routing protocol run at other locations. On the CE, you configure the routing protocol in an absolutely normal way, ignoring even the fact that there is anything like a VPN or MPLS somewhere along the path. One CE is going to be configured with totally plain RIPv2, the other with totally plain OSPF preferably in area 0.
The configuration of PE routers is very similar - the only extra facts that need to be taken into account are:
Try this out - and let us know what you have found out. Step by step, you'll get it working!
Best regards,
Peter
12-09-2013 01:38 AM
Yeah. I did it. It worked, thank you so much.
But i still dont understand about "metric transparent" and "metric 1" ( 1 is your advice)
With my knowledge, i just know that we use "transparent" in the VPN between two customers and we dont want ISP to see routes of customers. So when RIP distribute to BGP, they dont add the details of hop count into MED feature of BGP, and it's neccesary.
So how about your example "metric 1" ? Can you explain me?
Best Regard !
12-11-2013 03:30 AM
Cuong,
With my knowledge, i just know that we use "transparent" in the VPN between two customers and we dont want ISP to see routes of customers
The transparent keyword in the redistribute command does not refer to "hiding networks" but instead to retaking the metric of the route from the source protocol and simply copying it into the destination routing protocol without any change. In your case, the redistribution is from OSPF-to-BGP and from BGP-to-RIP. Note that the metrics in OSPF are quite wide; they are in the range of 1 to (2^24)-1, much more than RIP is capable of understanding. When OSPF is redistributed into BGP, the OSPF costs of routes are stored in the BGP MED (metric) attribute. During the BGP-to-RIP redistribution with the transparent keyword, the router would try to use the BGP MED value, in essence the OSPF's original metric, and advertise it in RIP along with the routes. That would not work, as the maximal usable metric in RIP is 15 and 16 equals to infinity (an unreachable network). If you took the OSPF costs and advertised them into RIP thanks to the transparent keyword, you would create a set of routes whose metric would be, most probably, higher than 15, so they would immediately be advertised into RIP as unreachable. That is why I objected to using the transparent keyword.
The metric 1 causes RIP to take all routes from BGP with the initial metric of 1, disregarding BGP metrics of those routes. They have no meaning in RIP, anyway.
Isolation between MPLS L3VPN customers is provided by means of VRFs. These VRFs also prevent the customers from seeing ISP's networks, and they also allow the ISP to contain customer routes inside their particular VRFs and not leak them into the ISP's core. So the key to isolation between customers in MPLS are the VRFs. The transparent keyword has nothing to do with it.
Best regards,
Peter
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide