01-02-2016 07:28 AM - edited 03-05-2019 03:02 AM
CE-----> PE1------------>PE2---------->CE2
in this scenario why MPLS is required in between PE . in both PE Vrf is present. and we are using MP-BGP.
01-02-2016 12:03 PM
Perhaps I am not understanding your question. You have not provided any information about what you are attempting to achieve with this environment. It would appear that you have two sites in different locations that need to communicate with each other. Probably you could achieve that with an Internet connection to each site and have the sites communicate over the Internet. But my guess is that you regard the Internet as not providing sufficient protection for your traffic. Perhaps you could protect the traffic by utilizing a site to site VPN. But perhaps that is more complex than you want to undertake. So it may be that you contracted with the ISP to provide protected communication between the sites which requires little from your site other than MP-BGP by deploying MPLS. So the reason that MPLS is required is because that is what you contracted with the ISP to provide.
HTH
Rick
01-03-2016 09:14 AM
CE-PE---ospf is running
PE-PE ---MP-BGP is working.
PE-PE OSPF as IGP is working.
all distribution done perfectly.
we are getting route in CE1 from CE2 and In CE2 from CE1
But we are unable to ping IP of CE1 from CE2 and vice versa.
if we configure MPLS in between both PE , then we can ping them,, my question is why MPLS is require here. both PE have the information of VRF. no p router is present here.
01-03-2016 12:36 PM
I had assumed from your original post that the PE routers were ISP routers and that this was a real live network situation. But your additional post begins to sound like this is just a test or lab environment and that you control all of the routers including both PE routers. In that case we need to know more about the relationship between the PE routers. How are they connected? If there anything in between them? Or are they directly connected?
Also in you post you say that you get route in CE1 from CE2. But you do not tell us whether this route that you learn is route to address of CE2 or is route to addresses connected behind CE2. Can you provide clarification?
HTH
Rick
01-03-2016 02:56 PM
R1-
ip vrf A
 rd 100:100
 route-target export 100:100
 route-target import 100:100
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 20.20.20.1 255.255.255.252
 duplex auto
 speed auto
interface FastEthernet0/1
 ip vrf forwarding A
 ip address 192.168.1.2 255.255.255.252
 duplex auto
 speed auto
router ospf 10 vrf A
 log-adjacency-changes
 redistribute bgp 100 subnets
 network 192.168.1.0 0.0.0.3 area 0
!
router ospf 100
 log-adjacency-changes
 network 1.1.1.1 0.0.0.0 area 0
 network 20.20.20.0 0.0.0.3 area 0
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 100
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 3.3.3.3 next-hop-self
 no auto-summary
 !
 address-family vpnv4
 neighbor 3.3.3.3 activate
 neighbor 3.3.3.3 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf A
 redistribute ospf 10 vrf A match internal external 1 external 2
 no synchronization
 exit-address-family
PE2----------------------------------------------------------------------
ip vrf B
 rd 200:200
 route-target export 100:100
 route-target import 100:100
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
 ip address 20.20.20.2 255.255.255.252
 duplex auto
 speed auto
interface FastEthernet0/1
 ip vrf forwarding B
 ip address 192.168.2.1 255.255.255.252
 duplex auto
 speed auto
router ospf 20 vrf B
 log-adjacency-changes
 redistribute bgp 100 subnets
 network 192.168.2.0 0.0.0.3 area 0
!
router ospf 100
 log-adjacency-changes
 network 3.3.3.3 0.0.0.0 area 0
 network 20.20.20.0 0.0.0.3 area 0
!
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 100
 neighbor 1.1.1.1 update-source Loopback0
 neighbor 1.1.1.1 next-hop-self
 no auto-summary
 !
 address-family vpnv4
 neighbor 1.1.1.1 activate
 neighbor 1.1.1.1 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf B
 redistribute ospf 20 vrf B
 no synchronization
 exit-address-family
CE1---------------------------------------------------
router ospf 10
 log-adjacency-changes
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.1.0 0.0.0.3 area 0
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/1
 ip address 192.168.1.1 255.255.255.252
 duplex auto
 speed auto
CE2--------------------------------------------------------
interface Loopback0
 ip address 4.4.4.4 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet0/1
 ip address 192.168.2.2 255.255.255.252
 duplex auto
 speed auto
router ospf 20
 log-adjacency-changes
 network 4.4.4.4 0.0.0.0 area 0
 network 192.168.2.0 0.0.0.3 area 0
-----------------------------------------------------------
Route-table at CE1
R4#show ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
 D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
 N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
 E1 - OSPF external type 1, E2 - OSPF external type 2
 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
 ia - IS-IS inter area, * - candidate default, U - per-user static route
 o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
2.0.0.0/32 is subnetted, 1 subnets
O E2 2.2.2.2 [110/11] via 192.168.2.1, 01:13:41, FastEthernet0/1
 4.0.0.0/32 is subnetted, 1 subnets
C 4.4.4.4 is directly connected, Loopback0
 192.168.1.0/30 is subnetted, 1 subnets
O E2 192.168.1.0 [110/1] via 192.168.2.1, 01:13:41, FastEthernet0/1
 192.168.2.0/30 is subnetted, 1 subnets
C 192.168.2.0 is directly connected, FastEthernet0/1
same table at ce1
but unable to ping CE1 from CE2 and vice versa
01-04-2016 02:14 AM
Hello,
the reason why you are unable to have reachability between the CE´s is because the MP-BGP session between PE´s is established through their loopbacks, therefore, even though they are directly connected (no P´s in between) the MP-BGP session is not established through their directly attached interfaces. By the way, this is the most common approach (to use the loopback) in SP core networks.
You need to enable explicitly MPLS, which will run LDP protocol, in order to have reachability to the next-hop as this will be a labeled-next hop. Remember that the VPN label (assigned by MP-BGP) is what is needed to reach the "VRF" prefixes and the IGP label (assigned by LDP in this case) is what is needed to reach the "Next-Hop" inside the cloud.
You could have a working scenario in this case without enabling LDP if you run the MP-BGP session between PE´s thorugh their directly connected interfaces and also add the interface command "mpls bgp forwarding" in these interfaces.
Hope this helps,
Jose.
01-04-2016 11:30 AM
Hi Jose
Thank you very much
01-06-2016 10:47 AM
Hi I would say it required for DataPlane.
Theoretically:
When you have VRf and enabled MP-BGP an VPN label will generated. So when you will send traffic from CE1 to CE2 traffic at PE1 will be labeled with VPN Label and will try to find IGP or transport label. If you do not have an MPLS enabled interface and running LDP your traffic will be dropped.
KR,
Dan
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide