Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
485
Views
5
Helpful
0
Comments

MPLS VPN using OSPFv3 address family between PE-CE link

Meddane
VIP
VIP

on ‎07-14-2022 04:53 PM

MPLS1.PNG

 

The interfaces of P and PE routers are enabled for frame mode MPLS with the mpls ip interface subcommand and all P and PE routers use a common IGP (EIGRP with AS 200):

 

P#show mpls ldp neighbor

    Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 3.3.3.3:0

        TCP connection: 1.1.1.1.646 - 3.3.3.3.33628

        State: Oper; Msgs sent/rcvd: 10/11; Downstream

        Up time: 00:01:54

        LDP discovery sources:

          Serial1/0, Src IP addr: 192.168.1.1

        Addresses bound to peer LDP Ident:

          10.1.1.1        192.168.1.1     1.1.1.1

    Peer LDP Ident: 2.2.2.2:0; Local LDP Ident 3.3.3.3:0

        TCP connection: 2.2.2.2.646 - 3.3.3.3.17194

        State: Oper; Msgs sent/rcvd: 9/10; Downstream

        Up time: 00:01:19

        LDP discovery sources:

          Serial1/1, Src IP addr: 192.168.2.1

        Addresses bound to peer LDP Ident:

          10.2.2.1        192.168.2.1     2.2.2.2

P#

 

PE1#show mpls ldp neighbor

    Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 1.1.1.1:0

        TCP connection: 3.3.3.3.33628 - 1.1.1.1.646

        State: Oper; Msgs sent/rcvd: 10/9; Downstream

        Up time: 00:01:43

        LDP discovery sources:

          Serial1/0, Src IP addr: 192.168.1.2

        Addresses bound to peer LDP Ident:

          192.168.1.2     192.168.2.2     3.3.3.3

PE1#

 

PE2#show mpls ldp neighbor

    Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0

        TCP connection: 3.3.3.3.17194 - 2.2.2.2.646

        State: Oper; Msgs sent/rcvd: 10/9; Downstream

        Up time: 00:01:13

        LDP discovery sources:

          Serial1/0, Src IP addr: 192.168.2.2

        Addresses bound to peer LDP Ident:

          192.168.1.2     192.168.2.2     3.3.3.3

PE2#

 

PE1#show mpls forwarding-table

Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop

Label      Label      or Tunnel Id     Switched      interface

16         Pop Label  3.3.3.0/24       0             Se1/0      point2point

17         Pop Label  192.168.2.0/24   0             Se1/0      point2point

18         17         2.2.2.0/24       0             Se1/0      point2point

PE1#

 

PE2#show mpls forwarding-table

Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop

Label      Label      or Tunnel Id     Switched      interface

16         Pop Label  3.3.3.0/24       0             Se1/0      point2point

17         Pop Label  192.168.1.0/24   0             Se1/0      point2point

18         16         1.1.1.0/24       0             Se1/0      point2point

PE2#

 

Configuration of VRF:

Create each VRF, RD, and RT, plus associating the customer-facing PE interfaces with the correct VRF:

VRF CUST-A, RD 1:111, RT 1:100

VRF CUST-B, RD 2:222, RT 2:200

 

PE1

ip vrf CUST-A

 rd 1:111

 route-target export 1:100

 route-target import 1:100

!

ip vrf CUST-B

 rd 2:222

 route-target export 2:200

 route-target import 2:200

!

interface FastEthernet0/0

 ip vrf forwarding CUST-A

 ip address 10.1.1.1 255.255.255.0

!

interface FastEthernet0/1

 ip vrf forwarding CUST-B

 ip address 10.3.3.1 255.255.255.0

 

PE2

ip vrf CUST-A

 rd 1:111

 route-target export 1:100

 route-target import 1:100

!

ip vrf CUST-B

 rd 2:222

 route-target export 2:200

 route-target import 2:200

!

interface FastEthernet0/0

 ip vrf forwarding CUST-A

 ip address 10.2.2.1 255.255.255.0

!

interface FastEthernet0/1

 ip vrf forwarding CUST-B

 ip address 10.4.4.1 255.255.255.0

 

Configuring the IGP Between PE and CE routers

I am using OSPFv3 address families between CEs and PEs routers:

 

CE-A1:

interface Loopback0

 ospfv3 1 ipv4 area 0

!

interface FastEthernet0/0

 ipv6 enable

 ospfv3 1 ipv4 area 0

!

router ospfv3 1

 !

 address-family ipv4 unicast

 exit-address-family

 

CE-A2:

interface Loopback0

 ospfv3 1 ipv4 area 0

!

interface FastEthernet0/0

 ipv6 enable

 ospfv3 1 ipv4 area 0

!

router ospfv3 1

 !

 address-family ipv4 unicast

 exit-address-family

 

PE1:

interface FastEthernet0/0

 ipv6 enable

 ospfv3 1 ipv4 area 0

!

interface FastEthernet0/1

 ipv6 enable

 ospfv3 1 ipv4 area 0

!

router ospfv3 1

 !

 address-family ipv4 unicast vrf CUST-B

 exit-address-family

 !

 address-family ipv4 unicast vrf CUST-A

 exit-address-family

 

PE2:

interface FastEthernet0/0

 ipv6 enable

 ospfv3 1 ipv4 area 0

!

interface FastEthernet0/1

 ipv6 enable

 ospfv3 1 ipv4 area 0

!

router ospfv3 1

 !

 address-family ipv4 unicast vrf CUST-B

 exit-address-family

 !

 address-family ipv4 unicast vrf CUST-A

 exit-address-family

 

Verify the OSPFv3 neighbors for each VRF on the PE routers:

 

PE1#show ospfv3 vrf CUST-A neighbor

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.1.1.1)

 

Neighbor ID     Pri   State           Dead Time   Interface ID    Interface

172.16.1.1        1   FULL/DR         00:00:30    2               FastEthernet0/0

PE1#

PE1#show ospfv3 vrf CUST-B neighbor

 

          OSPFv3 1 address-family ipv4 vrf CUST-B (router-id 10.3.3.1)

 

Neighbor ID     Pri   State           Dead Time   Interface ID    Interface

172.16.1.1        1   FULL/DR         00:00:36    2               FastEthernet0/1

PE1#

 

PE2#show ospfv3 vrf CUST-A neighbor

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.2.2.1)

 

Neighbor ID     Pri   State           Dead Time   Interface ID    Interface

172.16.2.1        1   FULL/DR         00:00:35    2               FastEthernet0/0

PE2#

PE2#show ospfv3 vrf CUST-B neighbor

 

          OSPFv3 1 address-family ipv4 vrf CUST-B (router-id 10.4.4.1)

 

Neighbor ID     Pri   State           Dead Time   Interface ID    Interface

172.16.2.1        1   FULL/DR         00:00:39    2               FastEthernet0/1

PE2#

 

The PE routers create two separate LSDB for each VRF customers as shown by the following output on PE1 router:

 

PE1#show ospfv3 vrf CUST-A database

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.1.1.1)

 

                Router Link States (Area 0)

 

ADV Router       Age         Seq#        Fragment ID  Link count  Bits

 10.1.1.1        603         0x80000002  0            1           B

 172.16.1.1      609         0x80000002  0            1           None

 

                Net Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Rtr count

 172.16.1.1      608         0x80000001  2          2

 

                Link (Type-8) Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Interface

 10.1.1.1        608         0x80000001  2          Fa0/0

 172.16.1.1      990         0x80000001  2          Fa0/0

 

                Intra Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Ref-lstype  Ref-LSID

 172.16.1.1      608         0x80000003  0          0x2001      0

 172.16.1.1      608         0x80000001  2048       0x2002      2

PE1#

 

The show ospfv3 vrf CUST-A command shown that the MPLS VPN backbone acts as a Super Backbone, therefore the PE routers act as an ABR, notice the lines "Connected to

MPLS VPN Superbackbone" and "It is an area border router".

 

PE1#show ospfv3 vrf CUST-A

 OSPFv3 1 address-family ipv4 vrf CUST-A

 Router ID 10.1.1.1

 Supports NSSA (compatible with RFC 3101)

 Domain ID (none)

 Connected to MPLS VPN Superbackbone

 Event-log enabled, Maximum number of events: 1000, Mode: cyclic

 It is an area border router

 Router is not originating router-LSAs with maximum metric

 Initial SPF schedule delay 5000 msecs

 Minimum hold time between two consecutive SPFs 10000 msecs

 Maximum wait time between two consecutive SPFs 10000 msecs

 Minimum LSA interval 5 secs

 Minimum LSA arrival 1000 msecs

 LSA group pacing timer 240 secs

 Interface flood pacing timer 33 msecs

 Retransmission pacing timer 66 msecs

 Retransmission limit dc 24 non-dc 24

 Number of external LSA 0. Checksum Sum 0x000000

 Number of areas in this router is 1. 1 normal 0 stub 0 nssa

 Graceful restart helper support enabled

 Reference bandwidth unit is 100 mbps

 RFC1583 compatibility enabled

    Area BACKBONE(0)

        Number of interfaces in this area is 1

        SPF algorithm executed 2 times

        Number of LSA 7. Checksum Sum 0x0340D2

        Number of DCbitless LSA 0

        Number of indication LSA 0

        Number of DoNotAge LSA 0

        Flood list length 0

 

PE1#

 

The LSA Type 1 generated by PE1 router confirms that the B-bit has been set to 1 to tell to the CE routers that it is an ABR, notice the line "Area Border Router".

 

PE1#show ospfv3 vrf CUST-A database router self-originate

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.1.1.1)

 

                Router Link States (Area 0)

 

  LS age: 908

  Options: (E-Bit, R-bit, DC-Bit, AF-Bit)

  LS Type: Router Links

  Link State ID: 0

  Advertising Router: 10.1.1.1

  LS Seq Number: 80000002

  Checksum: 0x35F7

  Length: 40

  Area Border Router

  Number of Links: 1

 

    Link connected to: a Transit Network

      Link Metric: 1

      Local Interface ID: 2

      Neighbor (DR) Interface ID: 2

      Neighbor (DR) Router ID: 172.16.1.1

 

 

PE1#

 

Verify the IP routes for each VRF:

 

PE1#show ip route vrf CUST-A ospfv3

 

Routing Table: CUST-A

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

 

Gateway of last resort is not set

 

      172.16.0.0/32 is subnetted, 1 subnets

O        172.16.1.1 [110/1] via 10.1.1.2, 00:19:40, FastEthernet0/0

PE1#

PE1#show ip route vrf CUST-B ospfv3

 

Routing Table: CUST-B

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

 

Gateway of last resort is not set

 

      172.16.0.0/32 is subnetted, 1 subnets

O        172.16.1.1 [110/1] via 10.3.3.2, 00:19:52, FastEthernet0/1

PE1#

 

PE2#show ip route vrf CUST-A ospfv3

 

Routing Table: CUST-A

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

 

Gateway of last resort is not set

 

      172.16.0.0/32 is subnetted, 1 subnets

O        172.16.2.1 [110/1] via 10.2.2.2, 00:20:02, FastEthernet0/0

PE2#

PE2#show ip route vrf CUST-B ospfv3

 

Routing Table: CUST-B

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP

       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

       E1 - OSPF external type 1, E2 - OSPF external type 2

       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

       ia - IS-IS inter area, * - candidate default, U - per-user static route

       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP

       + - replicated route, % - next hop override

 

Gateway of last resort is not set

 

      172.16.0.0/32 is subnetted, 1 subnets

O        172.16.2.1 [110/1] via 10.4.4.2, 00:20:36, FastEthernet0/1

PE2#

 

Redistribution Between PE-CE routers (between OSPFv3 and MP-BGP):

 

PE1(config)#router bgp 65000

PE1(config-router)#address-family ipv4 vrf CUST-A

PE1(config-router-af)#redistribute ospfv3 1

PE1(config-router-af)#address-family ipv4 vrf CUST-B

PE1(config-router-af)#redistribute ospfv3 1

 

PE1(config-router-af)#router ospfv3 1

PE1(config-router)#address-family ipv4 vrf CUST-A

PE1(config-router-af)#redistribute bgp 65000

PE1(config-router-af)#address-family ipv4 vrf CUST-B

PE1(config-router-af)#redistribute bgp 65000

 

PE2(config)#router bgp 65000

PE2(config-router)#address-family ipv4 vrf CUST-A

PE2(config-router-af)#redistribute ospfv3 1

PE2(config-router-af)#address-family ipv4 vrf CUST-B

PE2(config-router-af)#redistribute ospfv3 1

 

PE2(config-router-af)#router ospfv3 1

PE2(config-router)#address-family ipv4 vrf CUST-A

PE2(config-router-af)#redistribute bgp 65000

PE2(config-router-af)#address-family ipv4 vrf CUST-B

PE2(config-router-af)#redistribute bgp 65000

 

Configuration MP-BGP Between PEs routers:

 

PE1(config)#router bgp 65000

PE1(config-router)#neighbor 2.2.2.2 remote-as 65000

PE1(config-router)#neighbor 2.2.2.2 update-source loop0

PE1(config-router)#address-family vpnv4

PE1(config-router-af)#neighbor 2.2.2.2 activate

PE1(config-router-af)#neighbor 2.2.2.2 send-community

 

PE2(config)#router bgp 65000

PE2(config-router)#neighbor 1.1.1.1 remote-as 65000

PE2(config-router)#neighbor 1.1.1.1 update-source loop0

PE2(config-router)#address-family vpnv4

PE2(config-router-af)#neighbor 1.1.1.1 activate

PE2(config-router-af)#neighbor 1.1.1.1 send-community

 

Verify the BGP neighbor:

 

PE1#show ip bgp summary

BGP router identifier 1.1.1.1, local AS number 65000

BGP table version is 1, main routing table version 1

 

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

2.2.2.2         4        65000      17       9        1    0    0 00:00:46        0

PE1#

 

PE2#show ip bgp summary

BGP router identifier 2.2.2.2, local AS number 65000

BGP table version is 1, main routing table version 1

 

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd

1.1.1.1         4        65000      10      17        1    0    0 00:01:20        0

PE2#

 

Verify the per-RD BGP table. And we can see the overlapping subnets 172.16.1.1/32 and 172.16.2.1/32 are a part of the two customers’ address spaces:

 

PE1#show ip bgp vpnv4 all

BGP table version is 13, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

              x best-external, a additional-path, c RIB-compressed,

Origin codes: i - IGP, e - EGP, ? - incomplete

RPKI validation codes: V valid, I invalid, N Not found

 

     Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 1:111 (default for vrf CUST-A)

 *>  10.1.1.0/24      0.0.0.0                  0         32768 ?

 *>i 10.2.2.0/24      2.2.2.2                  0    100      0 ?

 *>  172.16.1.1/32    10.1.1.2                 1         32768 ?

 *>i 172.16.2.1/32    2.2.2.2                  1    100      0 ?

Route Distinguisher: 2:222 (default for vrf CUST-B)

 *>  10.3.3.0/24      0.0.0.0                  0         32768 ?

 *>i 10.4.4.0/24      2.2.2.2                  0    100      0 ?

 *>  172.16.1.1/32    10.3.3.2                 1         32768 ?

 *>i 172.16.2.1/32    2.2.2.2                  1    100      0 ?

PE1#

 

PE2#show ip bgp vpnv4 all

BGP table version is 13, local router ID is 2.2.2.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

              x best-external, a additional-path, c RIB-compressed,

Origin codes: i - IGP, e - EGP, ? - incomplete

RPKI validation codes: V valid, I invalid, N Not found

 

     Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 1:111 (default for vrf CUST-A)

 *>i 10.1.1.0/24      1.1.1.1                  0    100      0 ?

 *>  10.2.2.0/24      0.0.0.0                  0         32768 ?

 *>i 172.16.1.1/32    1.1.1.1                  1    100      0 ?

 *>  172.16.2.1/32    10.2.2.2                 1         32768 ?

Route Distinguisher: 2:222 (default for vrf CUST-B)

 *>i 10.3.3.0/24      1.1.1.1                  0    100      0 ?

 *>  10.4.4.0/24      0.0.0.0                  0         32768 ?

 *>i 172.16.1.1/32    1.1.1.1                  1    100      0 ?

 *>  172.16.2.1/32    10.4.4.2                 1         32768 ?

PE2#

 

Verify the the per-VRF routing tables of PEs routers, they receive both the BGP routes toward 172.16.1.1/32 and 172.16.2.1/32 for each VRF:

 

PE1#show ip route vrf CUST-A | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

C        10.1.1.0/24 is directly connected, FastEthernet0/0

L        10.1.1.1/32 is directly connected, FastEthernet0/0

B        10.2.2.0/24 [200/0] via 2.2.2.2, 00:05:21

      172.16.0.0/32 is subnetted, 2 subnets

O        172.16.1.1 [110/1] via 10.1.1.2, 00:09:55, FastEthernet0/0

B        172.16.2.1 [200/1] via 2.2.2.2, 00:05:21

PE1#

PE1#show ip route vrf CUST-B | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

C        10.3.3.0/24 is directly connected, FastEthernet0/1

L        10.3.3.1/32 is directly connected, FastEthernet0/1

B        10.4.4.0/24 [200/0] via 2.2.2.2, 00:06:24

      172.16.0.0/32 is subnetted, 2 subnets

O        172.16.1.1 [110/1] via 10.3.3.2, 00:10:50, FastEthernet0/1

B        172.16.2.1 [200/1] via 2.2.2.2, 00:06:24

PE1#

 

PE2#show ip route vrf CUST-A | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

B        10.1.1.0/24 [200/0] via 1.1.1.1, 00:07:41

C        10.2.2.0/24 is directly connected, FastEthernet0/0

L        10.2.2.1/32 is directly connected, FastEthernet0/0

      172.16.0.0/32 is subnetted, 2 subnets

B        172.16.1.1 [200/1] via 1.1.1.1, 00:07:41

O        172.16.2.1 [110/1] via 10.2.2.2, 00:10:45, FastEthernet0/0

PE2#

PE2#show ip route vrf CUST-B | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

B        10.3.3.0/24 [200/0] via 1.1.1.1, 00:07:46

C        10.4.4.0/24 is directly connected, FastEthernet0/1

L        10.4.4.1/32 is directly connected, FastEthernet0/1

      172.16.0.0/32 is subnetted, 2 subnets

B        172.16.1.1 [200/1] via 1.1.1.1, 00:07:46

O        172.16.2.1 [110/1] via 10.4.4.2, 00:10:46, FastEthernet0/1

PE2#

 

Verify that the customer routers have learned the routes from each customer router in the same VRF:

By definition when the PE router redistributes the VPNv4 routes to the OSPF domain, it checks the Domain ID to decide whether the routes should be redistributed as inter-area (same Domain ID) or external (different Domain ID) routes to the CE router.

 

Each OSPF instance must be assigned a unique Domain ID. On Cisco routers, the OSPF Domain ID is the OSPF Process ID by default. When BGP distributes VPNv4 routes to other PE routers, the Domain ID is carried with the routes as extended community.

 

Since the Domain IDs on both PE routers match , PE routers redistributes the subnets 172.16.1.1/32 and 172.16.2.1/32 to CE routers as inter-area routes (LSA Type 3) as shown by the routing tables of the CE routers:

 

CE-A1# show ip route OSPFv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA     10.2.2.0/24 [110/2] via 10.1.1.1, 00:09:48, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O IA     172.16.2.1/32 [110/2] via 10.1.1.1, 00:09:48, FastEthernet0/0

CE-A1#

 

CE-A2#show ip route OSPFv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA     10.1.1.0/24 [110/2] via 10.2.2.1, 00:10:53, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O IA     172.16.1.1/32 [110/2] via 10.2.2.1, 00:10:53, FastEthernet0/0

CE-A2#

 

CE-B1#show ip route OSPFv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA     10.4.4.0/24 [110/2] via 10.3.3.1, 00:11:53, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O IA     172.16.2.1/32 [110/2] via 10.3.3.1, 00:11:53, FastEthernet0/0

CE-B1#

 

CE-B2#show ip route OSPFv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA     10.3.3.0/24 [110/2] via 10.4.4.1, 00:12:54, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O IA     172.16.1.1/32 [110/2] via 10.4.4.1, 00:12:54, FastEthernet0/0

CE-B2#

 

Verify the connectivity between the customers:

 

CE-A1#ping 172.16.2.1 sou 172.16.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:

Packet sent with a source address of 172.16.1.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 156/188/224 ms

CE-A1#

 

CE-B1#ping 172.16.2.1 sou 172.16.1.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:

Packet sent with a source address of 172.16.1.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 184/284/356 ms

CE-B1#

 

The above following output shown that PE2 router is advertising the 172.16.2.1/32 prefixes for each VRF to PE1 using BGP. PE2 has included all OSPF related BGP

Extended communities. The route-type is set as LSA Type-2 (intra-area) route as shown by the line: OSPF RT:0.0.0.0:2:0. The Router ID is the router-id of PE2 router set for that VRF instance (ROUTER ID:10.2.2.1:0 for VRF CUST-A and ROUTER ID:10.4.4.1:0 for VRF CUST-B).

 

PE1#show ip bgp vpnv4 all 172.16.2.1

BGP routing table entry for 1:111:172.16.2.1/32, version 11

Paths: (1 available, best #1, table CUST-A)

  Not advertised to any peer

  Refresh Epoch 1

  Local

    2.2.2.2 (metric 2809856) from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 1, localpref 100, valid, internal, best

      Extended Community: RT:1:100 OSPF ROUTER ID:10.2.2.1:0

        OSPF RT:0.0.0.0:2:0

      mpls labels in/out nolabel/21

      rx pathid: 0, tx pathid: 0x0

BGP routing table entry for 2:222:172.16.2.1/32, version 13

Paths: (1 available, best #1, table CUST-B)

  Not advertised to any peer

  Refresh Epoch 1

  Local

    2.2.2.2 (metric 2809856) from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 1, localpref 100, valid, internal, best

      Extended Community: RT:2:200 OSPF ROUTER ID:10.4.4.1:0

        OSPF RT:0.0.0.0:2:0

      mpls labels in/out nolabel/20

      rx pathid: 0, tx pathid: 0x0

PE1#

 

Since the Domain IDs on both PE routers match, the CE routers receives the prefixes 172.16.1.1/32 and 172.16.2.1/32 as inter-area routes as shown by the routing table

of the CE-A1 router for the prefix 172.16.2.1/32:

 

CE-A1#show ip route 172.16.2.1

Routing entry for 172.16.2.1/32

  Known via "ospfv3 1", distance 110, metric 2, type inter area

  Last update from 10.1.1.1 on FastEthernet0/0, 00:23:04 ago

  Routing Descriptor Blocks:

  * 10.1.1.1, from 10.1.1.1, 00:23:04 ago, via FastEthernet0/0

      Route metric is 2, traffic share count is 1

CE-A1#

 

Verify that PE1 router created the Summary LSA Type 3 for the prefix 172.16.2.1/32 with the show ospfv3 vrf CUST-A database inter-area prefix command:

 

PE1#show ospfv3 vrf CUST-A database inter-area prefix

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.1.1.1)

 

                Inter Area Prefix Link States (Area 0)

 

  LS age: 1519

  LS Type: Inter Area Prefix Links

  Link State ID: 0

  Advertising Router: 10.1.1.1

  LS Seq Number: 80000001

  Checksum: 0x10E6

  Length: 32

  Metric: 1

  Prefix Address: 10.2.2.0

  Prefix Length: 24, Options: DN

 

  LS age: 1519

  LS Type: Inter Area Prefix Links

  Link State ID: 1

  Advertising Router: 10.1.1.1

  LS Seq Number: 80000001

  Checksum: 0xF14A

  Length: 32

  Metric: 1

  Prefix Address: 172.16.2.1

  Prefix Length: 32, Options: DN

 

PE1#

 

Verify the LSDB of the PE1 router for the VRF CUST-A:

 

PE1#show ospfv3 vrf CUST-A database

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.1.1.1)

 

                Router Link States (Area 0)

 

ADV Router       Age         Seq#        Fragment ID  Link count  Bits

 10.1.1.1        1903        0x80000004  0            1           B E

 172.16.1.1      172         0x80000004  0            1           None

 

                Net Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Rtr count

 172.16.1.1      172         0x80000003  2          2

 

                Inter Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Prefix

 10.1.1.1        1624        0x80000001  10.2.2.0/24

 10.1.1.1        1624        0x80000001  172.16.2.1/32

 

                Link (Type-8) Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Interface

 10.1.1.1        1989        0x80000002  2          Fa0/0

 172.16.1.1      430         0x80000003  2          Fa0/0

 

                Intra Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Ref-lstype  Ref-LSID

 172.16.1.1      172         0x80000005  0          0x2001      0

 172.16.1.1      172         0x80000003  2048       0x2002      2

PE1#

 

PE1#show ip bgp vpnv4 vrf CUST-A 172.16.2.1

BGP routing table entry for 1:111:172.16.2.1/32, version 11

Paths: (1 available, best #1, table CUST-A)

  Not advertised to any peer

  Refresh Epoch 1

  Local

    2.2.2.2 (metric 2809856) from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 1, localpref 100, valid, internal, best

      Extended Community: RT:1:100 OSPF ROUTER ID:10.2.2.1:0

        OSPF RT:0.0.0.0:2:0

      mpls labels in/out nolabel/21

      rx pathid: 0, tx pathid: 0x0

PE1#

 

Configure the Domain ID manually with the value 000000000310 for the VRF CUST-A on PE2 router:

 

PE2(config-router)#router ospfv3 1

PE2(config-router)#address-family ipv4 vrf CUST-A

PE2(config-router-af)#domain-id type 0005 value 000000000310

 

PE2 router advertises the 172.16.2.1/32 prefix for the VRF CUST-A with Domain ID 000000000309. PE1 matches that with its own Domain ID (which is by default is equal to 1 the process ID of OSPF) before redistributing the prefix to CE-A1 router. Since the Domain IDs dont match, PE1 advertises the prefix as an External Type-2 prefix to CE-A1 router as shown by the following output below and notice the prefix 172.16.2.1/32 for the VRF CUST-B is advertised with the default domain ID by PE2 router.

 

PE1#show ip bgp vpnv4 all 172.16.2.1/32

BGP routing table entry for 1:111:172.16.2.1/32, version 15

Paths: (1 available, best #1, table CUST-A)

  Not advertised to any peer

  Refresh Epoch 1

  Local

    2.2.2.2 (metric 2809856) from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 1, localpref 100, valid, internal, best

      Extended Community: RT:1:100 OSPF DOMAIN ID:0x0005:0x000000000310

        OSPF ROUTER ID:10.2.2.1:0 OSPF RT:0.0.0.0:2:0

      mpls labels in/out nolabel/21

      rx pathid: 0, tx pathid: 0x0

BGP routing table entry for 2:222:172.16.2.1/32, version 13

Paths: (1 available, best #1, table CUST-B)

  Not advertised to any peer

  Refresh Epoch 1

  Local

    2.2.2.2 (metric 2809856) from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 1, localpref 100, valid, internal, best

      Extended Community: RT:2:200 OSPF ROUTER ID:10.4.4.1:0

        OSPF RT:0.0.0.0:2:0

      mpls labels in/out nolabel/20

      rx pathid: 0, tx pathid: 0x0

PE1#

 

We can display only the entry for the 172.16.2.1/32 prefix in VRF CUST-A using the show ip bgp vpnv4 vrf CUST-A 172.16.2.1 command:

 

PE1#show ip bgp vpnv4 vrf CUST-A 172.16.2.1

BGP routing table entry for 1:111:172.16.2.1/32, version 15

Paths: (1 available, best #1, table CUST-A)

  Not advertised to any peer

  Refresh Epoch 1

  Local

    2.2.2.2 (metric 2809856) from 2.2.2.2 (2.2.2.2)

      Origin incomplete, metric 1, localpref 100, valid, internal, best

      Extended Community: RT:1:100 OSPF DOMAIN ID:0x0005:0x000000000310

        OSPF ROUTER ID:10.2.2.1:0 OSPF RT:0.0.0.0:2:0

      mpls labels in/out nolabel/21

      rx pathid: 0, tx pathid: 0x0

PE1#

 

And we can verify that CE-A1 router received an external route for the prefix 172.16.2.1/32 as shown by its routing table:

 

CE-A1#show ip route ospfv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O E2     10.2.2.0/24 [110/1] via 10.1.1.1, 00:00:31, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O E2     172.16.2.1/32 [110/1] via 10.1.1.1, 00:00:31, FastEthernet0/0

CE-A1#

 

CE-A1#show ip route 172.16.2.1

Routing entry for 172.16.2.1/32

  Known via "ospfv3 1", distance 110, metric 1, type extern 2, forward metric 1

  Last update from 10.1.1.1 on FastEthernet0/0, 00:01:28 ago

  Routing Descriptor Blocks:

  * 10.1.1.1, from 10.1.1.1, 00:01:28 ago, via FastEthernet0/0

      Route metric is 1, traffic share count is 1

CE-A1#

 

Verify that PE1 router is advertising an LSA Type 5 for the 172.16.2.1/32 prefix:

 

PE1#show ospfv3 vrf CUST-A database external

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.1.1.1)

 

                Type-5 AS External Link States

 

  LS age: 5

  LS Type: AS External Link

  Link State ID: 0

  Advertising Router: 10.1.1.1

  LS Seq Number: 80000001

  Checksum: 0x1EB2

  Length: 32

  Prefix Address: 10.2.2.0

  Prefix Length: 24, Options: DN

  Metric Type: 2 (Larger than any link state path)

  Metric: 1

 

  LS age: 5

  LS Type: AS External Link

  Link State ID: 1

  Advertising Router: 10.1.1.1

  LS Seq Number: 80000001

  Checksum: 0xFF16

  Length: 32

  Prefix Address: 172.16.2.1

  Prefix Length: 32, Options: DN

  Metric Type: 2 (Larger than any link state path)

  Metric: 1

 

PE1#

 

Verify the LSDB of the VRF CUST-A on PE1 router and the LSA Type 5:

 

PE1#show ospfv3 vrf CUST-A database

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.1.1.1)

 

                Router Link States (Area 0)

 

ADV Router       Age         Seq#        Fragment ID  Link count  Bits

 10.1.1.1        892         0x80000005  0            1           B E

 172.16.1.1      1087        0x80000004  0            1           None

 

                Net Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Rtr count

 172.16.1.1      1087        0x80000003  2          2

 

                Link (Type-8) Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Interface

 10.1.1.1        892         0x80000003  2          Fa0/0

 172.16.1.1      1345        0x80000003  2          Fa0/0

 

                Intra Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Ref-lstype  Ref-LSID

 172.16.1.1      1087        0x80000005  0          0x2001      0

 172.16.1.1      1087        0x80000003  2048       0x2002      2

 

                Type-5 AS External Link States

 

ADV Router       Age         Seq#        Prefix

 10.1.1.1        539         0x80000001  10.2.2.0/24

 10.1.1.1        539         0x80000001  172.16.2.1/32

PE1#

 

Verify that the prefix 172.16.2.1/32 is advertised as inter-area route for VRF CUST-B by looking the LSBD for VRF CUST-B, because simply the prefix 172.16.2.1/32 for the VRF CUST-B is advertised with the default domain ID by PE2 router:

 

PE1#show ospfv3 vrf CUST-B database

 

          OSPFv3 1 address-family ipv4 vrf CUST-B (router-id 10.3.3.1)

 

                Router Link States (Area 0)

 

ADV Router       Age         Seq#        Fragment ID  Link count  Bits

 10.3.3.1        850         0x80000005  0            1           B E

 172.16.1.1      808         0x80000004  0            1           None

 

                Net Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Rtr count

 172.16.1.1      808         0x80000003  2          2

 

                Inter Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Prefix

 10.3.3.1        608         0x80000002  10.4.4.0/24

 10.3.3.1        608         0x80000002  172.16.2.1/32

 

                Link (Type-8) Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Interface

 10.3.3.1        850         0x80000003  3          Fa0/1

 172.16.1.1      1067        0x80000003  2          Fa0/1

 

                Intra Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Ref-lstype  Ref-LSID

 172.16.1.1      808         0x80000005  0          0x2001      0

 172.16.1.1      809         0x80000003  2048       0x2002      2

PE1#

 

At the other side, PE2 router advertises an LSA Type 5 for the prefix 172.16.1.1/32 into VRF CUST-A because the PE1 advertises it with the default domain ID 1 and PE2's domain ID has been changed earlier to be 000000000310 for VRF CUST-A:

 

PE2#show ospfv3 vrf CUST-A database

 

          OSPFv3 1 address-family ipv4 vrf CUST-A (router-id 10.2.2.1)

 

                Router Link States (Area 0)

 

ADV Router       Age         Seq#        Fragment ID  Link count  Bits

 10.2.2.1        1015        0x80000005  0            1           B E

 172.16.2.1      1070        0x80000004  0            1           None

 

                Net Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Rtr count

 172.16.2.1      1070        0x80000003  2          2

 

                Link (Type-8) Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Interface

 10.2.2.1        1015        0x80000003  2          Fa0/0

 172.16.2.1      1330        0x80000003  2          Fa0/0

 

                Intra Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Ref-lstype  Ref-LSID

 172.16.2.1      1070        0x80000005  0          0x2001      0

 172.16.2.1      1070        0x80000003  2048       0x2002      2

 

                Type-5 AS External Link States

 

ADV Router       Age         Seq#        Prefix

 10.2.2.1        712         0x80000001  10.1.1.0/24

 10.2.2.1        712         0x80000001  172.16.1.1/32

 

Verify that PE2 is receiving the prefix 172.16.1.1/32 as inter-area route because both PE routers are using their default domain ID which the process ID of OSPF:

 

PE2#show ospfv3 vrf CUST-B database

 

          OSPFv3 1 address-family ipv4 vrf CUST-B (router-id 10.4.4.1)

 

                Router Link States (Area 0)

 

ADV Router       Age         Seq#        Fragment ID  Link count  Bits

 10.4.4.1        983         0x80000005  0            1           B E

 172.16.2.1      926         0x80000004  0            1           None

 

                Net Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Rtr count

 172.16.2.1      926         0x80000003  2          2

 

                Inter Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Prefix

 10.4.4.1        724         0x80000002  10.3.3.0/24

 10.4.4.1        724         0x80000002  172.16.1.1/32

 

                Link (Type-8) Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Interface

 10.4.4.1        983         0x80000003  3          Fa0/1

 172.16.2.1      1179        0x80000003  2          Fa0/1

 

                Intra Area Prefix Link States (Area 0)

 

ADV Router       Age         Seq#        Link ID    Ref-lstype  Ref-LSID

 172.16.2.1      926         0x80000005  0          0x2001      0

 172.16.2.1      926         0x80000003  2048       0x2002      2

PE2#

 

Finally verify the routing tables of the CE routers:

 

CE-A1 and CE-A2  routers are receiving external routes O E2 from PE1 and PE2 routers respectively because the mismatched domain ID.

CE-B1 and CE-B2 routers are receiving inter-area routes O IA from PE1 and PE2 routers respectively because the matched domain ID.

 

CE-A1#show ip route OSPFv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O E2     10.2.2.0/24 [110/1] via 10.1.1.1, 00:13:45, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O E2     172.16.2.1/32 [110/1] via 10.1.1.1, 00:13:45, FastEthernet0/0

CE-A1#

 

CE-A2#show ip route ospfv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O E2     10.1.1.0/24 [110/1] via 10.2.2.1, 00:15:06, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O E2     172.16.1.1/32 [110/1] via 10.2.2.1, 00:15:06, FastEthernet0/0

CE-A2#

 

CE-B1#show ip route ospfv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA     10.4.4.0/24 [110/2] via 10.3.3.1, 00:48:56, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O IA     172.16.2.1/32 [110/2] via 10.3.3.1, 00:48:56, FastEthernet0/0

CE-B1#

 

CE-B2#show ip route ospfv3 | beg Gate

Gateway of last resort is not set

 

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

O IA     10.3.3.0/24 [110/2] via 10.4.4.1, 00:50:02, FastEthernet0/0

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks

O IA     172.16.1.1/32 [110/2] via 10.4.4.1, 00:50:02, FastEthernet0/0

CE-B2#

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
Discussions
Customers Also Viewed These Support Documents