Page 1 HPE FlexNetwork 10500 Switch Series MPLS Configuration Guide Part number: 5200-1902a Software version: 10500-CMW710-R7557P01 Document version: 6W101-20171020...
Page 2 © Copyright 2017 Hewlett Packard Enterprise Development LP The information contained herein is subject to change without notice. The only warranties for Hewlett Packard Enterprise products and services are set forth in the express warranty statements accompanying such products and services. Nothing herein should be construed as constituting an additional warranty. Hewlett Packard Enterprise shall not be liable for technical or editorial errors or omissions contained herein.
Page 3: Table Of Contents
Contents Configuring basic MPLS ················································································ 1 Overview ···························································································································································· 1 Basic concepts ··········································································································································· 1 MPLS network architecture ························································································································ 2 LSP establishment ····································································································································· 3 MPLS forwarding ········································································································································ 4 PHP ···························································································································································· 5 Protocols and standards ···························································································································· 5 Restrictions and guidelines for basic MPLS ······································································································· 5 MPLS configuration task list ·······························································································································...
Page 4 Configuring a label acceptance policy ············································································································· 33 Configuring LDP loop detection ······················································································································· 34 Configuring LDP session protection ················································································································· 35 Configuring LDP GR ········································································································································ 36 Configuring LDP NSR ······································································································································ 36 Configuring LDP-IGP synchronization ············································································································· 36 Configuring LDP-OSPF synchronization ·································································································· 36 Configuring LDP IS-IS synchronization ···································································································· 38 Configuring LDP FRR ······································································································································...
Page 5 Configuring a bidirectional MPLS TE tunnel ···································································································· 96 Configuring CRLSP backup ····························································································································· 97 Configuring MPLS TE FRR ······························································································································ 98 Enabling FRR ··········································································································································· 98 Configuring a bypass tunnel on the PLR·································································································· 98 Configuring node fault detection ············································································································ 102 Setting the optimal bypass tunnel selection interval ·············································································· 102 Enabling SNMP notifications for MPLS TE ····································································································...
Page 6 Tunnel policy configuration examples ············································································································ 182 Exclusive tunnel configuration example ································································································· 182 Preferred tunnel and tunnel selection order configuration example ······················································· 182 Configuring MPLS L3VPN ········································································· 185 Overview ························································································································································ 185 Basic MPLS L3VPN architecture ··········································································································· 185 MPLS L3VPN concepts ·························································································································· 185 MPLS L3VPN route advertisement ········································································································...
Page 7 Configuring IPv6 MPLS L3VPN ································································· 270 Overview ························································································································································ 270 IPv6 MPLS L3VPN packet forwarding ··································································································· 270 IPv6 MPLS L3VPN routing information advertisement ·········································································· 271 IPv6 MPLS L3VPN network schemes and features ··············································································· 271 Protocols and standards ························································································································ 271 Configuration restrictions and guidelines ······································································································· 272 IPv6 MPLS L3VPN configuration task list ······································································································...
Page 8 Configuring a static PW ·························································································································· 339 Configuring an LDP PW ························································································································· 343 Configuring a BGP PW ·························································································································· 347 Configuring a remote CCC connection ·································································································· 352 Configuring LDP PW redundancy ·········································································································· 355 Configuring an intra-domain multi-segment PW ···················································································· 361 Configuring an inter-domain multi-segment PW ···················································································· 364 Configuring VPLS ······················································································...
Page 9 Associating a VPN instance with an interface ························································································ 425 Configuring route related attributes for a VPN instance ········································································· 425 Configuring routing on an MCE ······················································································································ 426 Configuring routing between an MCE and a VPN site ··········································································· 427 Configuring routing between an MCE and a PE ···················································································· 431 Displaying and maintaining MCE ···················································································································...
Page 10: Configuring Basic Mpls
Configuring basic MPLS Multiprotocol Label Switching (MPLS) provides connection-oriented label switching over connectionless IP backbone networks. It integrates both the flexibility of IP routing and the simplicity of Layer 2 switching. Overview MPLS has the following features: • High speed and efficiency—MPLS uses short- and fixed-length labels to forward packets, avoiding complicated routing table lookups.
Page 11: Mpls Network Architecture
A label switched path (LSP) is the path along which packets of an FEC travel through an MPLS network. An LSP is a unidirectional packet forwarding path. Two neighboring LSRs are called the upstream LSR and downstream LSR along the direction of an LSP. As shown in Figure 2, LSR B is the downstream LSR of LSR A, and LSR A is the upstream LSR of LSR B.
Page 12: Lsp Establishment
Figure 3 MPLS network architecture MPLS network Ingress LSR Egress LSR IP network IP network Transit LSR LSP establishment LSPs include static and dynamic LSPs. • Static LSP—To establish a static LSP, you must configure an LFIB entry on each LSR along the LSP.
Page 13: Mpls Forwarding
Figure 4 Dynamic LSP establishment Ingress Egress LSR A LSR C LSR B LSR D LSR E LSR F LSR G LSR H Label mapping MPLS forwarding As shown in Figure 5, a packet is forwarded over the MPLS network as follows: Device B (the ingress LSR) receives a packet with no label.
Page 14: Php
Figure 5 MPLS forwarding FIB table LFIB table Dest Out label Nexthop Out int In label Oper Out label Nexthop Out int Device C GE1/0/2 Device E GE1/0/2 10.1.0.0 LFIB table In label Oper Out label Nexthop Out int Swap Device D GE1/0/2 IP:10.1.1.1...
Page 15: Mpls Configuration Task List
• The following interface modules support PHP only when the operating mode is bridging or normal: EA interface modules:  − LSU1GP24TXEA0 (JC621A, JG380A). − LSU1GP48EA0 (JC622A, JG381A). − LSU1GT48EA0 (JC623A, JG382A). − LSU1TGX4EA0 (JC624A, JG383A). EB interface modules:  −...
Page 16: Setting Mpls Mtu
Step Command Remarks Enter system view. system-view By default, no LSR ID is configured. An LSR ID must be unique in an Configure an LSR ID for the mpls lsr-id lsr-id MPLS network and in IP address local node. format. As a best practice, use the IP address of a loopback interface as an LSR ID.
Page 17: Specifying The Label Type Advertised By Egress
• If you do not configure the MPLS MTU of an interface, fragmentation for MPLS packets is based on the IP MTU. If IP MTU is not configured, fragmentation for MPLS packets is based on the MTU of the interface. The length of a fragment does not include that of the MPLS label. Thus, after an MPLS label is added into a fragment, the length of the MPLS fragment might exceed the interface MTU.
Page 18 label copies the remaining label TTL value back to the IP TTL of the packet. The IP TTL value can reflect how many hops the packet has traversed in the MPLS network. The IP tracert facility can show the real path along which the packet has traveled. Figure 6 TTL propagation TTL 252 TTL 251...
Page 19: Enabling Sending Mpls Ttl-Expired Messages
Enabling sending MPLS TTL-expired messages This feature enables an LSR to generate an ICMP TTL-expired message upon receiving an MPLS packet with a TTL of 1. If the MPLS packet has only one label, the LSR sends the ICMP TTL-expired message back to the source through IP routing.
Page 20 Task Command display mpls forwarding ilm [ label ] [ slot slot-number ] (In standalone mode.) Display ILM entries. display mpls forwarding ilm [ label ] [ chassis (In IRF mode.) Display ILM entries. chassis-number slot slot-number ] (In standalone mode.) Display NHLFE entries. display mpls forwarding nhlfe [ nid ] [ slot slot-number ] display mpls forwarding nhlfe [ nid ] [ chassis (In IRF mode.) Display NHLFE entries.
Page 21: Configuring A Static Lsp
Configuring a static LSP Overview A static label switched path (LSP) is established by manually specifying the incoming label and outgoing label on each node (ingress, transit, or egress node) of the forwarding path. Static LSPs consume fewer resources, but they cannot automatically adapt to network topology changes.
Page 22: Configuration Procedure
• Make sure the ingress node has a route to the destination address of the LSP. • If you want to associate the static LSP with an LDP LSP, make sure the egress node of the static LSP has a route to the destination. Configuration procedure To configure a static LSP: Step...
Page 23: Configuration Restrictions And Guidelines
Figure 8 Network diagram Loop0 Loop0 Loop0 2.2.2.9/32 1.1.1.9/32 3.3.3.9/32 Vlan-int2 Vlan-int3 10.1.1.1/24 20.1.1.2/24 Vlan-int4 Vlan-int5 Vlan-int2 Vlan-int3 11.1.1.1/24 21.1.1.1/24 10.1.1.2/24 20.1.1.1/24 Switch A Switch B Switch C 11.1.1.0/24 21.1.1.0/24 Configuration restrictions and guidelines • For an LSP, the outgoing label specified on an LSR must be identical with the incoming label specified on the downstream LSR.
Page 24: Verifying The Configuration
# Configure Switch C. [SwitchC] mpls lsr-id 3.3.3.9 [SwitchC] interface vlan-interface 3 [SwitchC-Vlan-interface3] mpls enable [SwitchC-Vlan-interface3] quit Configure a static LSP from Switch A to Switch C: # Configure the LSP ingress node, Switch A. [SwitchA] static-lsp ingress AtoC destination 21.1.1.0 24 nexthop 10.1.1.2 out-label # Configure the LSP transit node, Switch B.
Page 25 100 bytes from 10.1.1.1: Sequence=3 time=1 ms 100 bytes from 10.1.1.1: Sequence=4 time=1 ms 100 bytes from 10.1.1.1: Sequence=5 time=1 ms --- Ping statistics for FEC 11.1.1.0/24 --- 5 packets transmitted, 5 packets received, 0.0% packet loss Round-trip min/avg/max = 1/1/5 ms...
Page 26: Configuring Ldp
Configuring LDP Overview The Label Distribution Protocol (LDP) dynamically distributes FEC-label mapping information between LSRs to establish LSPs. Terminology LDP session Two LSRs establish a TCP-based LDP session to exchange FEC-label mappings. LDP peer Two LSRs that use LDP to exchange FEC-label mappings are LSR peers. Label spaces and LDP identifiers Label spaces include the following types: •...
Page 27: Ldp Operation
• Advertisement messages—Create, alter, and remove FEC-label mappings, such as Label Mapping messages used to advertise FEC-label mappings. • Notification messages—Provide advisory information and notify errors, such as Notification messages. LDP uses UDP to transport discovery messages for efficiency, and uses TCP to transport session, advertisement, and notification messages for reliability.
Page 28: Label Distribution And Control
Establishing LSPs LDP classifies FECs according to destination IP addresses in IP routing entries, creates FEC-label mappings, and advertises the mappings to LDP peers through LDP sessions. After an LDP peer receives an FEC-label mapping, it uses the received label and the label locally assigned to that FEC to create an LFIB entry for that FEC.
Page 29 NOTE: To successfully establish an LSP, a pair of upstream and downstream LSRs must use the same label advertisement mode. Label distribution control LDP controls label distribution in one of the following ways: • Independent label distribution—Distributes an FEC-label mapping to an upstream LSR at any time.
Page 30: Ldp Gr
LDP GR LDP Graceful Restart (GR) preserves label forwarding information when the signaling protocol or control plane fails, so that LSRs can still forward packets according to forwarding entries. As shown in Figure 12, GR defines the following roles: • GR restarter—An LSR that performs GR.
Page 31: Ldp Nsr
When the MPLS Forwarding State Holding timer expires, the GR restarter deletes all stale MPLS forwarding entries. When the LDP Recovery timer expires, the GR helper deletes all stale FEC-label mappings. Figure 13 LDP GR operation GR restarter GR helper Set up an LDP session, and identify that they are LDP GR capable Protocol...
Page 32: Ldp Frr
After LDP-IGP synchronization is enabled, IGP advertises the actual cost of a link only when LDP convergence on the link is completed. Before LDP convergence is completed, IGP advertises the maximum cost of the link. In this way, the link is visible on the IGP topology, but IGP does not select this link as the optimal route when other links are available.
Page 33: Ldp Over Mpls Te
Figure 14 Network diagram for LDP FRR LSR C LSR A LSR B Primary LSP The following interface modules do not support LDP FRR: • EA interface modules: LSU1GP24TXEA0 (JC621A, JG380A).  LSU1GP48EA0 (JC622A, JG381A).  LSU1GT48EA0 (JC623A, JG382A).  LSU1TGX4EA0 (JC624A, JG383A).
Page 34: Protocols
Figure 15 LDP over MPLS TE LDP LSP MPLS TE LSP LDP session PE 2 PE 1 MPLS TE Core layer Distribution Distribution layer layer Protocols • RFC 5036, LDP Specification • draft-ietf-mpls-ldp-ipv6-09.txt Restrictions and guidelines for LDP LDP is mutually exclusive with EVI and VXLAN. For more information about EVI, see EVI Configuration Guide.
Page 35: Enabling Ldp
Tasks at a glance (Optional.) Configuring LDP NSR (Optional.) Configuring LDP-IGP synchronization (Optional.) Configuring LDP FRR (Optional.) Setting a DSCP value for outgoing LDP packets (Optional.) Resetting LDP sessions (Optional.) Enabling SNMP notifications for LDP Enabling LDP To enable LDP, you must first enable LDP globally. Then, enable LDP on relevant interfaces or configure IGP to automatically enable LDP on those interfaces.
Page 36: Configuring Hello Parameters
Configuring Hello parameters Perform this task to set the following hello timers: • Link Hello hold time and Link Hello interval. If an interface is enabled with both IPv4 LDP and IPv6 LDP, the parameters configured on the interface can be used for both IPv4 and IPv6 Link Hello messages. •...
Page 37: Restrictions And Guidelines
Restrictions and guidelines When you configure LDP session parameters, follow these restrictions and guidelines: • The configured LDP transport address must be the IP address of an up interface on the device. Otherwise, no LDP session can be established. • Make sure the LDP transport addresses of the local and peer LSRs can reach each other.
Page 38 Step Command Remarks By default: • The LDP IPv4 transport address is the local LSR ID if the interface where you want to establish an LDP session belongs to the public • IPv4 LDP: network. If the interface mpls ldp belongs to a VPN, the LDP transport-address IPv4 transport address is the...
Page 39: Configuring Ldp Backoff
Step Command Remarks mpls ldp timer keepalive-hold By default, the Keepalive hold Set the Keepalive hold time. timeout time is 45 seconds. mpls ldp timer By default, the Keepalive Set the Keepalive interval. keepalive-interval interval interval is 15 seconds. By default, the LDP IPv6 Configure the LDP transport mpls ldp transport-address transport address is not...
Page 40: Configuring Ldp To Redistribute Bgp Unicast Routes
Step Command Remarks • Enter LDP view: mpls ldp • Enter LDP-VPN instance view: Enter LDP view or enter LDP-VPN instance view. a. mpls ldp b. vpn-instance vpn-instance-name Enable LDP MD5 md5-authentication peer-lsr-id { cipher | By default, LDP MD5 authentication.
Page 41: Configuring The Ldp Label Distribution Control Mode
• Use only IPv4 host routes with a 32-bit mask or IPv6 host routes with a 128-bit mask to establish LSPs. By default, LDP uses only IPv4 host routes with a 32-bit mask or IPv6 host routes with a 128-bit mask to establish LSPs.
Page 42: Configuring A Label Acceptance Policy
Figure 16 Label advertisement control diagram Advertise label mappings permitted by IP prefix list B LSR B LSR A LSR C A label advertisement policy on an LSR and a label acceptance policy on its upstream LSR can achieve the same purpose. As a best practice, use label advertisement policies to reduce network load if downstream LSRs support label advertisement control.
Page 43: Configuring Ldp Loop Detection
Figure 17 Label acceptance control diagram Drop the label Label mappings not permitted mappings by the IP prefix list LSR B LSR A Label mappings permitted Accept the by the IP prefix list label mappings LSR C A label advertisement policy on an LSR and a label acceptance policy on its upstream LSR can achieve the same purpose.
Page 44: Configuring Ldp Session Protection
Step Command Remarks Enter system view. system-view • Enter LDP view: mpls ldp • Enter LDP-VPN instance view: Enter LDP view or enter LDP-VPN instance view. a. mpls ldp b. vpn-instance vpn-instance-name By default, loop detection is disabled. After loop detection is Enable loop detection.
Page 45: Configuring Ldp Gr
Configuring LDP GR Before you configure LDP GR, enable LDP on the GR restarter and GR helpers. The LDP GR configuration is required only on a GR restarter. Because the role (GR restarter or helper) of a device in a GR process is unpredictable, configure LDP GR on all involved devices as a best practice.
Page 46 Step Command Remarks Enable LDP-OSPF By default, LDP-OSPF mpls ldp sync synchronization. synchronization is disabled. Return to system view. quit interface interface-type Enter interface view. interface-number (Optional.) Disable LDP-IGP By default, LDP-IGP synchronization on the mpls ldp igp sync disable synchronization is enabled on an interface.
Page 47: Configuring Ldp Is-Is Synchronization
Configuring LDP IS-IS synchronization LDP-IGP synchronization is not supported for an IS-IS process that belongs to a VPN instance. To configure LDP-ISIS synchronization for an IS-IS process: Step Command Remarks Enter system view. system-view Enter IS-IS view. isis [ process-id ] Enable LDP-ISIS By default, LDP-ISIS mpls ldp sync [ level-1 | level-2 ]...
Page 48: Resetting Ldp Sessions
Resetting LDP sessions Changes to LDP session parameters take effect only on new LDP sessions. To apply the changes to an existing LDP session, you must reset all LDP sessions by executing the reset mpls ldp command. Execute the reset mpls ldp command in user view. Task Command Remarks...
Page 49: Ipv4 Ldp Configuration Examples
Task Command display mpls ldp summary [ all | vpn-instance Display LDP summary information. vpn-instance-name ] IPv4 LDP configuration examples LDP LSP configuration example Network requirements Switch A, Switch B, and Switch C all support MPLS. Configure LDP to establish LSPs between Switch A and Switch C, so subnets 11.1.1.0/24 and 21.1.1.0/24 can reach each other over MPLS.
Page 50 <SwitchB> system-view [SwitchB] ospf [SwitchB-ospf-1] area 0 [SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] ospf [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [SwitchC-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 21.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit...
Page 51 [SwitchA-ldp] quit [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] mpls enable [SwitchA-Vlan-interface2] mpls ldp enable [SwitchA-Vlan-interface2] quit # Configure Switch B. [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls ldp [SwitchB-ldp] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls enable [SwitchB-Vlan-interface2] mpls ldp enable [SwitchB-Vlan-interface2] quit [SwitchB] interface vlan-interface 3 [SwitchB-Vlan-interface3] mpls enable [SwitchB-Vlan-interface3] mpls ldp enable...
Page 52 [SwitchC] ip prefix-list switchc index 10 permit 1.1.1.9 32 [SwitchC] ip prefix-list switchc index 20 permit 2.2.2.9 32 [SwitchC] ip prefix-list switchc index 30 permit 3.3.3.9 32 [SwitchC] ip prefix-list switchc index 40 permit 11.1.1.0 24 [SwitchC] ip prefix-list switchc index 50 permit 21.1.1.0 24 [SwitchC] mpls ldp [SwitchC-ldp] lsp-trigger prefix-list switchc [SwitchC-ldp] quit...
Page 53: Label Acceptance Control Configuration Example
5 packets transmitted, 5 packets received, 0.0% packet loss Round-trip min/avg/max = 1/1/1 ms Label acceptance control configuration example Network requirements Two links, Switch A—Switch B—Switch C and Switch A—Switch D—Switch C, exist between subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only for routes to subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only on the link Switch A—Switch B—Switch C to forward traffic between subnets 11.1.1.0/24 and 21.1.1.0/24.
Page 54 # Configure Switch A. <SwitchA> system-view [SwitchA] mpls lsr-id 1.1.1.9 [SwitchA] mpls ldp [SwitchA-ldp] quit [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] mpls enable [SwitchA-Vlan-interface2] mpls ldp enable [SwitchA-Vlan-interface2] quit [SwitchA] interface vlan-interface 6 [SwitchA-Vlan-interface6] mpls enable [SwitchA-Vlan-interface6] mpls ldp enable [SwitchA-Vlan-interface6] quit # Configure Switch B.
Page 55 [SwitchD] interface vlan-interface 7 [SwitchD-Vlan-interface7] mpls enable [SwitchD-Vlan-interface7] mpls ldp enable [SwitchD-Vlan-interface7] quit Configure IPv4 LSP generation policies: # On Switch A, create IP prefix list switcha, and configure LDP to use only the routes permitted by the prefix list to establish LSPs. [SwitchA] ip prefix-list switcha index 10 permit 11.1.1.0 24 [SwitchA] ip prefix-list switcha index 20 permit 21.1.1.0 24 [SwitchA] mpls ldp...
Page 56 # On Switch C, create IP prefix list prefix-from-d that denies subnet 11.1.1.0/24. Switch A uses this list to filter FEC-label mappings received from Switch D. [SwitchC] ip prefix-list prefix-from-d index 10 deny 11.1.1.0 24 # On Switch C, configure label acceptance policies to filter FEC-label mappings received from Switch B and Switch D.
Page 57: Label Advertisement Control Configuration Example
Label advertisement control configuration example Network requirements Two links, Switch A—Switch B—Switch C and Switch A—Switch D—Switch C, exist between subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only for routes to subnets 11.1.1.0/24 and 21.1.1.0/24. Configure LDP to establish LSPs only on the link Switch A—Switch B—Switch C to forward traffic between subnets 11.1.1.0/24 and 21.1.1.0/24.
Page 58 [SwitchA] mpls lsr-id 1.1.1.9 [SwitchA] mpls ldp [SwitchA-ldp] quit [SwitchA] interface vlan-interface 2 [SwitchA-Vlan-interface2] mpls enable [SwitchA-Vlan-interface2] mpls ldp enable [SwitchA-Vlan-interface2] quit [SwitchA] interface vlan-interface 6 [SwitchA-Vlan-interface6] mpls enable [SwitchA-Vlan-interface6] mpls ldp enable [SwitchA-Vlan-interface6] quit # Configure Switch B. <SwitchB> system-view [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls ldp [SwitchB-ldp] quit...
Page 59 [SwitchD-Vlan-interface7] mpls ldp enable [SwitchD-Vlan-interface7] quit Configure IPv4 LSP generation policies: # On Switch A, create IP prefix list switcha, and configure LDP to use only the routes permitted by the prefix list to establish LSPs. [SwitchA] ip prefix-list switcha index 10 permit 11.1.1.0 24 [SwitchA] ip prefix-list switcha index 20 permit 21.1.1.0 24 [SwitchA] mpls ldp [SwitchA-ldp] lsp-trigger prefix-list switcha...
Page 60 # On Switch C, configure a label advertisement policy to advertise only the label mapping for FEC 21.1.1.0/24 to Switch B. [SwitchC] mpls ldp [SwitchC-ldp] advertise-label prefix-list prefix-to-b peer peer-b [SwitchC-ldp] quit # On Switch D, create IP prefix list prefix-to-a that denies subnet 21.1.1.0/24. Switch D uses this list to filter FEC-label mappings to be advertised to Switch A.
Page 61 FECs: 2 Ingress: 1 Transit: 1 Egress: 1 In/Out Label Nexthop OutInterface 11.1.1.0/24 -/1277 20.1.1.1 Vlan-int3 1148/1277 20.1.1.1 Vlan-int3 21.1.1.0/24 1149/- -/1276(L) -/1150(L) [SwitchD] display mpls ldp lsp Status Flags: * - stale, L - liberal, B - backup FECs: 2 Ingress: 0 Transit: 0 Egress: 2...
Page 62: Ldp Frr Configuration Example
LDP FRR configuration example Network requirements Switch S, Switch A, and Switch D reside in the same OSPF domain. Configure OSPF FRR so LDP can establish a primary LSP and a backup LSP on the Switch S—Switch D and the Switch S—Switch A—Switch D links, respectively.
Page 63 # Configure Switch D. <SwitchD> system-view [SwitchD] bfd echo-source-ip 11.11.11.11 [SwitchD] ospf 1 [SwitchD-ospf-1] fast-reroute lfa [SwitchD-ospf-1] quit (Method 2.) Enable OSPF FRR to specify a backup next hop by using a routing policy:  # Configure Switch S. <SwitchS> system-view [SwitchS] bfd echo-source-ip 10.10.10.10 [SwitchS] ip prefix-list abc index 10 permit 21.1.1.0 24 [SwitchS] route-policy frr permit node 10...
Page 64 [SwitchD] interface vlan-interface 13 [SwitchD-Vlan-interface13] mpls enable [SwitchD-Vlan-interface13] mpls ldp enable [SwitchD-Vlan-interface13] quit [SwitchD] interface vlan-interface 24 [SwitchD-Vlan-interface24] mpls enable [SwitchD-Vlan-interface24] mpls ldp enable [SwitchD-Vlan-interface24] quit # Configure Switch A. [SwitchA] mpls lsr-id 2.2.2.2 [SwitchA] mpls ldp [SwitchA-mpls-ldp] quit [SwitchA] interface vlan-interface 12 [SwitchA-Vlan-interface12] mpls enable [SwitchA-Vlan-interface12] mpls ldp enable [SwitchA-Vlan-interface12] quit...
Page 65: Ipv6 Ldp Configuration Examples
IPv6 LDP configuration examples IPv6 LDP LSP configuration example Network requirements Switch A, Switch B, and Switch C all support MPLS. Configure LDP to establish IPv6 LSPs between Switch A and Switch C, so subnets 11::0/64 and 21::0/64 can reach each other over MPLS. Configure LDP to establish IPv6 LSPs only for destinations 100::1/128, 100::2/128, 100::3/128, 11::0/64, and 21::0/64 on Switch A, Switch B, and Switch C.
Page 66 [SwitchA-Vlan-interface4] ospfv3 1 area 0.0.0.0 [SwitchA-Vlan-interface4] quit # Configure Switch B. <SwitchB> system-view [SwitchB] ospfv3 [SwitchB-ospfv3-1] router-id 2.2.2.9 [SwitchB-ospfv3-1] area 0 [SwitchB-ospfv3-1-area-0.0.0.0] quit [SwitchB-ospfv3-1] quit [SwitchB] interface loopback 0 [SwitchB-LoopBack0] ospfv3 1 area 0.0.0.0 [SwitchB-LoopBack0] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] ospfv3 1 area 0.0.0.0 [SwitchB-Vlan-interface2] quit [SwitchB] interface vlan-interface 3...
Page 67 NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 11::/64 Protocol : Direct NextHop : :: Preference: 0 Interface : Vlan4 Cost Destination: 11::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 20::/64 Protocol : O_INTRA NextHop : FE80::20C:29FF:FE9D:EAC0...
Page 68 # Configure Switch B. [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls ldp [SwitchB-ldp] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls enable [SwitchB-Vlan-interface2] mpls ldp ipv6 enable [SwitchB-Vlan-interface2] mpls ldp transport-address 10::2 [SwitchB-Vlan-interface2] quit [SwitchB] interface vlan-interface 3 [SwitchB-Vlan-interface3] mpls enable [SwitchB-Vlan-interface3] mpls ldp ipv6 enable [SwitchB-Vlan-interface3] mpls ldp transport-address 20::1 [SwitchB-Vlan-interface3] quit # Configure Switch C.
Page 69 [SwitchC] ipv6 prefix-list switchc index 30 permit 100::3 128 [SwitchC] ipv6 prefix-list switchc index 40 permit 11::0 64 [SwitchC] ipv6 prefix-list switchc index 50 permit 21::0 64 [SwitchC] mpls ldp [SwitchC-ldp] ipv6 lsp-trigger prefix-list switchc [SwitchC-ldp] quit Verifying the configuration # Display IPv6 LDP LSP information on the switches, for example, on Switch A.
Page 70: Ipv6 Label Acceptance Control Configuration Example
56 bytes from 21::1, icmp_seq=4 hlim=63 time=2.000 ms --- Ping6 statistics for 21::1 --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 1.000/2.200/3.000/0.748 ms # Test the connectivity of the IPv6 LDP LSP from Switch C to Switch A. [SwitchC] ping ipv6 -a 21::1 11::1 Ping6(56 data bytes) 21::1 -->...
Page 71 • To establish IPv6 LDP LSPs, configure an IPv6 routing protocol to ensure IP connectivity between the LSRs. This example uses OSPFv3. • To ensure that LDP establishes IPv6 LSPs only for the routes 11::0/64 and 21::0/64, configure IPv6 LSP generation policies on each LSR. •...
Page 72 # Configure Switch C. <SwitchC> system-view [SwitchC] mpls lsr-id 3.3.3.9 [SwitchC] mpls ldp [SwitchC-ldp] quit [SwitchC] interface vlan-interface 3 [SwitchC-Vlan-interface3] mpls enable [SwitchC-Vlan-interface3] mpls ldp ipv6 enable [SwitchC-Vlan-interface3] mpls ldp transport-address 20::2 [SwitchC-Vlan-interface3] quit [SwitchC] interface vlan-interface 7 [SwitchC-Vlan-interface7] mpls enable [SwitchC-Vlan-interface7] mpls ldp ipv6 enable [SwitchC-Vlan-interface7] mpls ldp transport-address 40::2 [SwitchC-Vlan-interface7] quit...
Page 73 [SwitchC] ipv6 prefix-list switchc index 20 permit 21::0 64 [SwitchC] mpls ldp [SwitchC-ldp] ipv6 lsp-trigger prefix-list switchc [SwitchC-ldp] quit # On Switch D, create IPv6 prefix list switchd, and configure LDP to use only the routes permitted by the prefix list to establish IPv6 LSPs. [SwitchD] ipv6 prefix-list switchd index 10 permit 11::0 64 [SwitchD] ipv6 prefix-list switchd index 20 permit 21::0 64 [SwitchD] mpls ldp...
Page 74: Ipv6 Label Advertisement Control Configuration Example
Nexthop : FE80::20C:29FF:FE9D:EAC0 In/Out Label: 2415/2416 OutInterface : Vlan2 Nexthop : FE80::20C:29FF:FE9D:EAC0 The output shows that the next hop of the IPv6 LSP for FEC 21::0/64 is Switch B (FE80::20C:29FF:FE9D:EAC0). The IPv6 LSP has been established over the link Switch A—Switch B—Switch C, not over the link Switch A—Switch D—Switch C.
Page 75 Figure 24 Network diagram Loop0 2.2.2.9/32 100::2/128 Vlan-int2 Vlan-int3 Loop0 Loop0 10::2/64 20::1/64 1.1.1.9/32 3.3.3.9/32 Switch B 100::1/128 100::3/128 Vlan-int3 Vlan-int2 20::2/64 10::1/64 Vlan-int7 Vlan-int4 Vlan-int6 Vlan-int5 Loop0 40::2/64 11::1/64 30::1/64 21::1/64 4.4.4.9/32 Switch A 100::4/128 Switch C Vlan-int6 Vlan-int7 30::2/64 40::1/64 Switch D...
Page 76 [SwitchA] interface vlan-interface 6 [SwitchA-Vlan-interface6] mpls enable [SwitchA-Vlan-interface6] mpls ldp ipv6 enable [SwitchA-Vlan-interface6] mpls ldp transport-address 30::1 [SwitchA-Vlan-interface6] quit # Configure Switch B. <SwitchB> system-view [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls ldp [SwitchB-ldp] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls enable [SwitchB-Vlan-interface2] mpls ldp ipv6 enable [SwitchB-Vlan-interface2] mpls ldp transport-address 10::2 [SwitchB-Vlan-interface2] quit...
Page 77 [SwitchD-Vlan-interface7] mpls ldp transport-address 40::1 [SwitchD-Vlan-interface7] quit Configure IPv6 LSP generation policies: # On Switch A, create IPv6 prefix list switcha, and configure LDP to use only the routes permitted by the prefix list to establish IPv6 LSPs. [SwitchA] ipv6 prefix-list switcha index 10 permit 11::0 64 [SwitchA] ipv6 prefix-list switcha index 20 permit 21::0 64 [SwitchA] mpls ldp [SwitchA-ldp] ipv6 lsp-trigger prefix-list switcha...
Page 78 # On Switch C, configure an IPv6 label advertisement policy to advertise only the label mapping for FEC 21::0/64 to Switch B. [SwitchC] mpls ldp [SwitchC-ldp] ipv6 advertise-label prefix-list prefix-to-b peer peer-b [SwitchC-ldp] quit # On Switch D, create IPv6 prefix list prefix-to-a that denies subnet 21::0/64. Switch D uses this list to filter FEC-label mappings to be advertised to Switch A.
Page 79 FEC: 11::/64 In/Out Label: -/2417 OutInterface : Vlan2 Nexthop : FE80::20C:29FF:FE9D:EA8E In/Out Label: 2418/2417 OutInterface : Vlan2 Nexthop : FE80::20C:29FF:FE9D:EA8E FEC: 21::/64 In/Out Label: -/1099 OutInterface : Vlan3 Nexthop : FE80::20C:29FF:FE05:1C01 In/Out Label: 2416/1099 OutInterface : Vlan3 Nexthop : FE80::20C:29FF:FE05:1C01 [SwitchC] display mpls ldp lsp ipv6 Status Flags: * - stale, L - liberal, B - backup FECs: 2...
Page 80 56 bytes from 21::1, icmp_seq=2 hlim=63 time=3.000 ms 56 bytes from 21::1, icmp_seq=3 hlim=63 time=2.000 ms 56 bytes from 21::1, icmp_seq=4 hlim=63 time=1.000 ms --- Ping6 statistics for 21::1 --- 5 packets transmitted, 5 packets received, 0.0% packet loss round-trip min/avg/max/std-dev = 1.000/2.600/4.000/1.020 ms # Test the connectivity of the IPv6 LDP LSP from Switch C to Switch A.
Page 81: Configuring Mpls Te
Configuring MPLS TE Overview TE and MPLS TE Network congestion can degrade the network backbone performance. It might occur when network resources are inadequate or when load distribution is unbalanced. Traffic engineering (TE) is intended to avoid the latter situation where partial congestion might occur because of improper resource allocation.
Page 82 A label distribution protocol (such as RSVP-TE) advertises labels to establish CRLSPs and reserves bandwidth resources on each node along the calculated path. Dynamic CRLSPs adapt to network changes and support CRLSP backup and fast reroute, but they require complicated configurations. Advertising TE attributes MPLS TE uses extended link state IGPs, such as OSPF and IS-IS, to advertise TE attributes for links.
Page 83: Crlsp Establishment Using Pce Path Calculation
Explicit path specifies the nodes to pass and the nodes to not pass for a tunnel. Explicit paths include the following types: Strict explicit path—Among the nodes that the path must traverse, a node and its previous  hop must be directly connected. Strict explicit path precisely specifies the path that an MPLS TE tunnel must traverse.
Page 84: Traffic Forwarding
PCE 1 uses the local and received path information to select an end-to-end path for the PCC to reach the CRLSP destination, and sends the path to PCC as a reply. PCC uses the path calculated by PCEs to establish the CRLSP through RSVP-TE. Figure 25 BRPC path calculation Area 0 PCE 1...
Page 85: Make-Before-Break
Figure 26 IGP shortcut and forwarding adjacency diagram Router B Router C Router A Router D Router E Make-before-break Make-before-break is a mechanism to change an MPLS TE tunnel with minimum data loss and without using extra bandwidth. In the case of tunnel reoptimization, traffic forwarding is interrupted if the existing CRLSP is removed before a new CRLSP is established.
Page 86: Route Pinning
Figure 27 Diagram for make-before-break Router A Router B Router C Router D Router E Route pinning Route pinning enables CRLSPs to always use the original optimal path even if a new optimal route has been learned. On a network where route changes frequently occur, you can use route pinning to avoid re-establishing CRLSPs upon route changes.
Page 87: Diffserv-Aware Te
• Bypass tunnel—An MPLS TE tunnel used to protect a link or node of the primary CRLSP. • Point of local repair—A PLR is the ingress node of the bypass tunnel. It must be located on the primary CRLSP but must not be the egress node of the primary CRLSP. •...
Page 88 • IETF mode—Complies with RFC 4124, RFC 4125, and RFC 4127. Basic concepts • CT—Class Type. DS-TE allocates link bandwidth, implements constraint-based routing, and performs admission control on a per-class type basis. A given traffic flow belongs to the same CT on all links.
Page 89: Bidirectional Mpls Te Tunnel
Figure 30 RDM bandwidth constraints model CT 2 CT 2+CT 1 CT 2+CT 1+CT 0 BC 2 BC 1 BC 0=Max reservable BW In MAM model, a BC constrains the bandwidth for only one CT. This ensures bandwidth  isolation among CTs no matter whether preemption is used or not. Compared with RDM, MAM is easier to configure.
Page 90: Protocols And Standards
direction is established. The CRLSPs of a bidirectional MPLS TE tunnel established in co-routed mode use the same path. • Associated mode—In this mode, you establish a bidirectional MPLS TE tunnel by binding two unidirectional CRLSPs in opposite directions. The two CRLSPs can be established in different modes and use different paths.
Page 91 On the ingress node of the MPLS TE tunnel, configure the tunnel interface to use the created static CRLSP. On the ingress node of the MPLS TE tunnel, configure static routing or automatic route advertisement to direct traffic to the MPLS TE tunnel. To configure an MPLS TE tunnel to use a CRLSP dynamically established by RSVP-TE, perform the following tasks: Enable MPLS TE and RSVP on each node and interface that the MPLS TE tunnel traverses.
Page 92: Enabling Mpls Te
Tasks at a glance (Required.) Perform one of the following tasks to configure an MPLS TE tunnel: • Configuring an MPLS TE tunnel to use a static CRLSP • Configuring an MPLS TE tunnel to use a dynamic CRLSP • Configuring an MPLS TE tunnel to use a CRLSP calculated by PCEs (Required.) Configuring traffic...
Page 93: Configuring Ds-Te
Step Command Remarks Create an MPLS TE tunnel interface tunnel tunnel-number By default, no tunnel interfaces interface and enter tunnel mode mpls-te exist. interface view. Configure an IP address for ip address ip-address By default, a tunnel interface does the tunnel interface. { mask-length | mask } not have an IP address.
Page 94: Configuring An Mpls Te Tunnel To Use A Dynamic Crlsp
• Specify the MPLS TE tunnel establishment mode as static. • Configure the MPLS TE tunnel to use the static CRLSP. Other configurations, such as tunnel constraints and IGP extension, are not needed. To configure an MPLS TE tunnel to use a static CRLSP: Step Command Remarks...
Page 95: Configuring Mpls Te Attributes For A Link
Configuring MPLS TE attributes for a link MPLS TE attributes for a link include the maximum link bandwidth, the maximum reservable bandwidth, and the link attribute. Perform this task on each interface that the MPLS TE tunnel traverses. To configure the link TE attributes: Step Command Remarks...
Page 96: Configuring Mpls Te Tunnel Constraints
Step Command Remarks Enter system view. system-view Enter OSPF view. ospf [ process-id ] By default, opaque LSA advertisement and reception are Enable opaque LSA enabled. advertisement and opaque-capability enable For more information about this reception. command, see Layer 3—IP Routing Command Reference.
Page 97 Step Command Remarks Enter MPLS TE tunnel interface tunnel tunnel-number interface view. [ mode mpls-te ] Configure bandwidth By default, no bandwidth is required for the tunnel, and mpls te bandwidth [ ct0 | ct1 | assigned, and the class type is CT specify a CT for the tunnel's ct2 | ct3 ] bandwidth traffic.
Page 98: Establishing An Mpls Te Tunnel By Using Rsvp-Te
Step Command Remarks By default, an explicit path is Enable the explicit path. undo disable enabled. By default, an explicit path does not include any node. You can specify the include nexthop [ index index-number ] Add or modify a node in the keyword to have the CRLSP ip-address [ exclude | include explicit path.
Page 99 link delay (a smaller IGP metric value indicates a lower link delay), and use the TE metric to represent a link bandwidth value (a smaller TE metric value indicates a bigger link bandwidth value). You can establish two MPLS TE tunnels: Tunnel 1 for voice traffic and Tunnel 2 for video traffic. Configure Tunnel 1 to use IGP metrics for path selection, and configure Tunnel 2 to use TE metrics for path selection.
Page 100 Configuring tunnel reoptimization Tunnel reoptimization allows you to manually or dynamically trigger the ingress node to recalculate a path. If the ingress node recalculates a better path, it creates a new CRLSP, switches the traffic from the old CRLSP to the new CRLSP, and then deletes the old CRLSP. Perform this task on the ingress node of an MPLS TE tunnel.
Page 101: Controlling Mpls Te Tunnel Setup
Controlling MPLS TE tunnel setup Before performing the configuration tasks in this section, be aware of each configuration objective and its impact on your device. Perform the tasks in this section on the ingress node of the MPLS TE tunnel. Enabling route and label recording Perform this task to record the nodes that an MPLS TE tunnel traverses and the label assigned by each node.
Page 102: Configuring An Mpls Te Tunnel To Use A Crlsp Calculated By Pces
Step Command Remarks By default, the retry interval is 2 Set the retry interval. mpls te timer retry seconds seconds. Configuring RSVP resource reservation style Step Command Remarks Enter system view. system-view Enter MPLS TE tunnel interface tunnel tunnel-number interface view. [ mode mpls-te ] By default, the resource reservation style is SE.
Page 103: Establishing A Crlsp By Using The Path Calculated By Pces
Establishing a CRLSP by using the path calculated by PCEs Step Command Remarks Enter system view. system-view Enter MPLS TE tunnel interface tunnel tunnel-number [ mode interface view. mpls-te ] By default, the automatically calculated path is used to establish a CRLSP. After this command is Establish a CRLSP by executed, the local device acts...
Page 104: Configuring Traffic Forwarding
Step Command Remarks Set the path calculation By default, the request timeout pce request-timeout value request timeout time. time is 10 seconds. Set the PCEP session By default, the PCEP session pce deadtimer value deadtimer. deadtimer is 120 seconds. Set the keepalive interval for By default, the keepalive pce keepalive interval PCEP sessions.
Page 105: Configuring A Bidirectional Mpls Te Tunnel
• The route to the tunnel interface address and the route to the tunnel destination must be in the same OSPF area or at the same IS-IS level. Configuring IGP shortcut Step Command Remarks Enter system view. system-view Enter MPLS TE tunnel interface tunnel tunnel-number [ mode interface view.
Page 106: Configuring Crlsp Backup
Step Command Remarks By default, bidirectional tunnel is Configure a co-routed disabled on the tunnel interface, bidirectional MPLS TE tunnel mpls te bidirectional co-routed and tunnels established on the and specify the local end as active tunnel interface are unidirectional the active end of the tunnel.
Page 107: Configuring Mpls Te Frr
Step Command Remarks Specify a path for the backup mpls te backup-path preference By default, MPLS TE uses the CRLSP and set the value { dynamic | explicit-path dynamically calculated path to set preference of the path. path-name } [ no-cspf ] up the backup CRLSP.
Page 108 tunnels, the PLR selects the bypass tunnel for protecting the primary CRLSP by following these rules: Selects a bypass tunnel according to the principles, as shown in Table Prefers the bypass tunnel in node protection mode over the one in link protection mode. Prefers the bypass tunnel with a smaller ID over the one with a bigger tunnel ID.
Page 109 Primary Bandwidt CRLSP h required requires Bypass tunnel providing Bypass tunnel providing no bandwidth bandwidth protection bandwidth protection primary protection or CRLSP The primary CRLSP can be bound to the bypass tunnel when all the following conditions are met: The primary CRLSP can be bound •...
Page 110 Manually configuring a bypass tunnel The bypass tunnel setup method is the same as a normal MPLS TE tunnel. This section describes only FRR-related configurations. To configure a bypass tunnel on the PLR: Step Command Remarks Enter system view. system-view Enter tunnel interface view of interface tunnel tunnel-number the bypass tunnel.
Page 111: Configuring Node Fault Detection
Step Command Remarks (Optional.) Set a removal By default, a bypass tunnel is timer for unused bypass timers removal unused seconds removed after it is unused for tunnels. 3600 seconds. (Optional.) Return to system quit view. (Optional.) Enter interface interface interface-type view.
Page 112: Enabling Snmp Notifications For Mpls Te
Step Command Remarks Enter system view. system-view Enter MPLS TE view. mpls te Set the interval for selecting By default, the interval is 300 fast-reroute timer interval an optimal bypass tunnel. seconds. Enabling SNMP notifications for MPLS TE This feature enables generating SNMP notifications for MPLS TE upon MPLS TE state changes, as defined in RFC 3812.
Page 113: Mpls Te Configuration Examples
Task Command Display information about MPLS TE tunnel display mpls te tunnel-interface [ tunnel number ] interfaces. Display information about PCEs discovered by display ospf [ process-id ] [ area area-id ] mpls te pce OSPF. [ originate-router advertising-router-id | self-originate ] display ospf [ process-id ] [ area area-id ] mpls te Display link and node information in an OSPF advertisement [ originate-router advertising-router-id |...
Page 114 [SwitchA] isis 1 [SwitchA-isis-1] network-entity 00.0005.0000.0000.0001.00 [SwitchA-isis-1] quit [SwitchA] interface vlan-interface 1 [SwitchA-Vlan-interface1] isis enable 1 [SwitchA-Vlan-interface1] quit [SwitchA] interface loopback 0 [SwitchA-LoopBack0] isis enable 1 [SwitchA-LoopBack0] quit # Configure Switch B. <SwitchB> system-view [SwitchB] isis 1 [SwitchB-isis-1] network-entity 00.0005.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] isis enable 1...
Page 115 [SwitchB] mpls te [SwitchB-te] quit [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] mpls enable [SwitchB-Vlan-interface1] mpls te enable [SwitchB-Vlan-interface1] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls enable [SwitchB-Vlan-interface2] mpls te enable [SwitchB-Vlan-interface2] quit # Configure Switch C. [SwitchC] mpls lsr-id 3.3.3.3 [SwitchC] mpls te [SwitchC-te] quit [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] mpls enable...
Page 116 Create a static CRLSP: # Configure Switch A as the ingress node of the static CRLSP, and specify the next hop address as 2.1.1.2, outgoing label as 20, and bandwidth for the tunnel as 2000 kbps. [SwitchA] static-cr-lsp ingress static-cr-lsp-1 nexthop 2.1.1.2 out-label 20 bandwidth 2000 # On Switch A, configure tunnel 0 to use static CRLSP static-cr-lsp-1.
Page 117 Ingress LSR ID : 1.1.1.1 Egress LSR ID : 3.3.3.3 Signaling : Static Static CRLSP Name : static-cr-lsp-1 Resv Style Tunnel mode Reverse-LSP name Reverse-LSP LSR ID Reverse-LSP Tunnel ID: - Class Type Tunnel Bandwidth Reserved Bandwidth Setup Priority Holding Priority Affinity Attr/Mask : -/- Explicit Path...
Page 118: Establishing An Mpls Te Tunnel With Rsvp-Te
# Execute the display ip routing-table command on Switch A. The output shows a static route entry with interface Tunnel 0 as the output interface. (Details not shown.) Establishing an MPLS TE tunnel with RSVP-TE Network requirements Switch A, Switch B, Switch C, and Switch D run IS-IS and all of them are Level-2 switches. Use RSVP-TE to establish an MPLS TE tunnel from Switch A to Switch D to transmit data between the two IP networks.
Page 119 [SwitchA-Vlan-interface1] isis circuit-level level-2 [SwitchA-Vlan-interface1] quit [SwitchA] interface loopback 0 [SwitchA-LoopBack0] isis enable 1 [SwitchA-LoopBack0] isis circuit-level level-2 [SwitchA-LoopBack0] quit # Configure Switch B. <SwitchB> system-view [SwitchB] isis 1 [SwitchB-isis-1] network-entity 00.0005.0000.0000.0002.00 [SwitchB-isis-1] quit [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] isis enable 1 [SwitchB-Vlan-interface1] isis circuit-level level-2 [SwitchB-Vlan-interface1] quit [SwitchB] interface vlan-interface 2...
Page 120 [SwitchD-Vlan-interface3] quit [SwitchD] interface loopback 0 [SwitchD-LoopBack0] isis enable 1 [SwitchD-LoopBack0] isis circuit-level level-2 [SwitchD-LoopBack0] quit # Execute the display ip routing-table command on each switch to verify that the switches have learned the routes to one another, including the routes to the loopback interfaces. (Details not shown.) Configure an LSR ID, and enable MPLS, MPLS TE, and RSVP-TE: # Configure Switch A.
Page 121 [SwitchC-Vlan-interface2] mpls enable [SwitchC-Vlan-interface2] mpls te enable [SwitchC-Vlan-interface2] rsvp enable [SwitchC-Vlan-interface2] quit # Configure Switch D. [SwitchD] mpls lsr-id 4.4.4.9 [SwitchD] mpls te [SwitchD-te] quit [SwitchD] rsvp [SwitchD-rsvp] quit [SwitchD] interface vlan-interface 3 [SwitchD-Vlan-interface3] mpls enable [SwitchD-Vlan-interface3] mpls te enable [SwitchD-Vlan-interface3] rsvp enable [SwitchD-Vlan-interface3] quit Configure IS-IS TE:...
Page 122 [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls te max-link-bandwidth 10000 [SwitchB-Vlan-interface2] mpls te max-reservable-bandwidth 5000 [SwitchB-Vlan-interface2] quit # Set the maximum link bandwidth and maximum reservable bandwidth on Switch C. [SwitchC] interface vlan-interface 3 [SwitchC-Vlan-interface3] mpls te max-link-bandwidth 10000 [SwitchC-Vlan-interface3] mpls te max-reservable-bandwidth 5000 [SwitchC-Vlan-interface3] quit [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] mpls te max-link-bandwidth 10000...
Page 123: Establishing An Inter-As Mpls Te Tunnel With Rsvp-Te
Last 300 seconds output rate: 6 bytes/sec, 48 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 177 packets, 11428 bytes, 0 drops # Display detailed information about the MPLS TE tunnel on Switch A. [SwitchA] display mpls te tunnel-interface Tunnel Name : Tunnel 1 Tunnel State...
Page 124 link that the tunnel traverses is 10000 kbps and the maximum reservable bandwidth of the link is 5000 kbps. Figure 34 Network diagram IP network IP network MPLS backbone MPLS backbone AS 100 AS 200 Vlan-int10 Vlan-int10 Switch A Switch D Vlan-int1 Vlan-int3 Loop0...
Page 125 [SwitchB-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [SwitchB-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [SwitchB-ospf-1-area-0.0.0.0] quit [SwitchB-ospf-1] quit # Configure Switch C. <SwitchC> system-view [SwitchC] ospf [SwitchC-ospf-1] import-route direct [SwitchC-ospf-1] import-route bgp [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit # Configure Switch D.
Page 126 [SwitchC] bgp 200 [SwitchC-bgp] peer 20.1.1.1 as-number 100 [SwitchC-bgp] address-family ipv4 unicast [SwitchC-bgp-ipv4] peer 20.1.1.1 enable [SwitchC-bgp-ipv4] import-route ospf [SwitchC-bgp-ipv4] import-route direct [SwitchC-bgp-ipv4] quit [SwitchC-bgp] quit # Verify that the switches have learned AS-external routes. [SwitchA] display ip routing-table Destinations : 10 Routes : 10 Destination/Mask Proto...
Page 127 [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls enable [SwitchB-Vlan-interface2] mpls te enable [SwitchB-Vlan-interface2] rsvp enable [SwitchB-Vlan-interface2] quit # Configure Switch C. [SwitchC] mpls lsr-id 3.3.3.9 [SwitchC] mpls te [SwitchC-te] quit [SwitchC] rsvp [SwitchC-rsvp] quit [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] mpls enable [SwitchC-Vlan-interface2] mpls te enable [SwitchC-Vlan-interface2] rsvp enable [SwitchC-Vlan-interface2] quit...
Page 128 [SwitchC] ospf [SwitchC-ospf-1] opaque-capability enable [SwitchC-ospf-1] area 0 [SwitchC-ospf-1-area-0.0.0.0] mpls te enable [SwitchC-ospf-1-area-0.0.0.0] quit [SwitchC-ospf-1] quit # Configure Switch D. [SwitchD] ospf [SwitchD-ospf-1] opaque-capability enable [SwitchD-ospf-1] area 0 [SwitchD-ospf-1-area-0.0.0.0] mpls te enable [SwitchD-ospf-1-area-0.0.0.0] quit [SwitchD-ospf-1] quit Configure an explicit path on Switch A. Specify Switch B and Switch D as loose nodes, and Switch C as a strict node.
Page 129 [SwitchD-Vlan-interface3] quit Configure an MPLS TE tunnel on Switch A: # Configure MPLS TE tunnel interface Tunnel 1. [SwitchA] interface tunnel 1 mode mpls [SwitchA-Tunnel1] ip address 7.1.1.1 255.255.255.0 # Specify the tunnel destination address as the LSR ID of Switch D. [SwitchA-Tunnel1] destination 4.4.4.9 # Configure MPLS TE to use RSVP-TE to establish the tunnel.
Page 130: Establishing An Inter-Area Mpls Te Tunnel Over A Crlsp Calculated By Pces
Reverse-LSP LSR ID Reverse-LSP Tunnel ID: - Class Type : CT0 Tunnel Bandwidth : 2000 kbps Reserved Bandwidth : 2000 kbps Setup Priority Holding Priority Affinity Attr/Mask : 0/0 Explicit Path : atod Backup Explicit Path : - Metric Type : TE Record Route : Disabled...
Page 131 Establish an MPLS TE tunnel over a CRLSP from Switch C to Switch D that uses the inter-area path calculated by PCEs. Figure 35 Network diagram Loop0 Loop0 1.1.1.1/32 2.2.2.2/24 Area 0 Vlan-int10 Switch A Switch B 10.1.1.1/24 Vlan-int10 Vlan-int11 Vlan-int11 10.1.1.2/24 10.2.1.1/24...
Page 132 <SwitchC> system-view [SwitchC] ospf [SwitchC-ospf-1] area 1 [SwitchC-ospf-1-area-0.0.0.1] network 10.2.1.0 0.0.0.255 [SwitchC-ospf-1-area-0.0.0.1] network 3.3.3.3 0.0.0.0 [SwitchC-ospf-1-area-0.0.0.1] mpls te enable [SwitchC-ospf-1-area-0.0.0.1] quit [SwitchC-ospf-1] quit # Configure Switch D. <SwitchD> system-view [SwitchD] ospf [SwitchD-ospf-1] area 2 [SwitchD-ospf-1-area-0.0.0.2] network 10.3.1.0 0.0.0.255 [SwitchD-ospf-1-area-0.0.0.2] network 4.4.4.4 0.0.0.0 [SwitchD-ospf-1-area-0.0.0.2] mpls te enable [SwitchD-ospf-1-area-0.0.0.2] quit [SwitchD-ospf-1] quit...
Page 133 [SwitchB-Vlan-interface11] rsvp enable [SwitchB-Vlan-interface11] quit # Configure Switch C. [SwitchC] mpls lsr-id 3.3.3.3 [SwitchC] mpls te [SwitchC-te] quit [SwitchC] rsvp [SwitchC-rsvp] quit [SwitchC] interface vlan-interface 11 [SwitchC-Vlan-interface11] mpls enable [SwitchC-Vlan-interface11] mpls te enable [SwitchC-Vlan-interface11] rsvp enable [SwitchC-Vlan-interface11] quit # Configure Switch D. [SwitchD] mpls lsr-id 4.4.4.4 [SwitchD] mpls te [SwitchD-te] quit...
Page 134 PCE address: 2.2.2.2 Discovery methods: OSPF Path scopes: Path scope Preference Compute intra-area paths Act as PCE for inter-area TE LSP computation Act as a default PCE for inter-area TE LSP computation Capabilities: Bidirectional path computation Support for request prioritization Support for multiple requests per message Domains: OSPF 1 area 0.0.0.0...
Page 135: Bidirectional Mpls Te Tunnel Configuration Example
Delegation timeout : 30 sec Bidirectional MPLS TE tunnel configuration example Network requirements Switch A, Switch B, Switch C, and Switch D all run IS-IS and they are all level-2 switches. Use RSVP-TE to establish a bidirectional MPLS TE tunnel between Switch A and Switch D. Figure 36 Network diagram IP network IP network...
Page 136 [SwitchA-rsvp] quit [SwitchA] interface vlan-interface 1 [SwitchA-Vlan-interface1] mpls enable [SwitchA-Vlan-interface1] mpls te enable [SwitchA-Vlan-interface1] rsvp enable [SwitchA-Vlan-interface1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls te [SwitchB-te] quit [SwitchB] rsvp [SwitchB-rsvp] quit [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] mpls enable [SwitchB-Vlan-interface1] mpls te enable [SwitchB-Vlan-interface1] rsvp enable...
Page 137 [SwitchD] interface vlan-interface 3 [SwitchD-Vlan-interface3] mpls enable [SwitchD-Vlan-interface3] mpls te enable [SwitchD-Vlan-interface3] rsvp enable [SwitchD-Vlan-interface3] quit Configure IS-IS TE: # Configure Switch A. [SwitchA] isis 1 [SwitchA-isis-1] cost-style wide [SwitchA-isis-1] mpls te enable level-2 [SwitchA-isis-1] quit # Configure Switch B. [SwitchB] isis 1 [SwitchB-isis-1] cost-style wide [SwitchB-isis-1] mpls te enable level-2...
Page 138 # On switch D, create a static route to direct traffic destined for 100.1.1.0/24 to MPLS TE tunnel [SwitchD] ip route-static 100.1.1.0 24 tunnel 4 preference 1 Verifying the configuration # Verify that the tunnel interface is up on Switch A. [SwitchA] display interface tunnel Tunnel1 Current state: UP...
Page 139 Backup Type : None Backup LSP ID Auto Bandwidth : Disabled Auto Bandwidth Freq Min Bandwidth Max Bandwidth Collected Bandwidth # Display detailed information about the bidirectional MPLS TE tunnel on Switch A. [SwitchA] display mpls lsp verbose Destination : 4.4.4.9 : 1.1.1.9/1/30478 Protocol : RSVP...
Page 140 Current state: UP Line protocol current state: UP Description: Tunnel4 Interface Bandwidth: 64kbps Maximum transmission unit: 1496 Internet address: 8.1.1.1/24 (primary) Tunnel source unknown, destination 1.1.1.9 Tunnel TTL 255 Tunnel protocol/transport CR_LSP Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets input, 0 bytes, 0 drops Output: 0 packets output, 0 bytes, 0 drops...
Page 141: Crlsp Backup Configuration Example
Destination : 4.4.4.9 : 1.1.1.9/1/30478 Protocol : RSVP LSR Type : Egress Service In-Label State : Active Nexthop : 127.0.0.1 Out-Interface: - Destination : 4.4.4.9 : 1.1.1.9/1/30478 Protocol : RSVP LSR Type : Ingress Service NHLFE ID : 1025 State : Active Out-Label : 1150...
Page 142 Figure 37 Network diagram IP network IP network Switch B Loop0 Vlan-int10 Vlan-int10 Vlan-int1 Vlan-int2 Switch C Switch A Vlan-int1 Vlan-int2 Vlan-int4 Vlan-int3 Loop0 Loop0 Switch D Vlan-int4 Vlan-int3 Loop0 Table 6 Interface and IP address assignment Device Interface IP address Device Interface IP address...
Page 143 [SwitchA-Vlan-interface1] rsvp enable [SwitchA-Vlan-interface1] quit [SwitchA] interface vlan-interface 4 [SwitchA-Vlan-interface4] mpls enable [SwitchA-Vlan-interface4] mpls te enable [SwitchA-Vlan-interface4] rsvp enable [SwitchA-Vlan-interface4] quit # Configure Switch B, Switch C, and Switch D in the same way that Switch A is configured. (Details not shown.) Configure an MPLS TE tunnel on Switch A: # Configure MPLS TE tunnel interface Tunnel 3.
Page 144 Proto In/Out Label Interface/Out NHLFE 1.1.1.9/3/34311 RSVP -/1150 Vlan1 1.1.1.9/3/34312 RSVP -/1151 Vlan4 10.1.1.2 Local Vlan1 30.1.1.2 Local Vlan4 Tunnel3 Local NHLFE1026 Backup NHLFE1028 # Display the paths used by the two CRLSPs on Switch A. [SwitchA] display rsvp lsp verbose Tunnel name: SwitchA_t3 Destination: 3.3.3.9 Source: 1.1.1.9...
Page 145: Manual Bypass Tunnel For Frr Configuration Example
# Trace the path that MPLS TE tunnel 3 traverses. The output shows that the used CRLSP is the one that traverses Switch B. [SwitchA] tracert mpls te tunnel 3 MPLS trace route TE tunnel Tunnel3 Replier Time Type Downstream Ingress 10.1.1.2/[1147] 10.1.1.2...
Page 146 Figure 38 Network diagram IP network IP network Switch B Switch C Loop0 Loop0 Vlan-int10 Vlan-int10 Vlan-int1 Vlan-int2 Vlan-int3 Switch D Switch A Vlan-int2 Vlan-int1 Vlan-int3 Vlan-int4 Vlan-int5 Loop0 Loop0 Vlan-int5 Vlan-int4 Primary CRLSP Bypass tunnel Loop0 Switch E Table 7 Interface and IP address assignment Device Interface IP address...
Page 147 [SwitchA-Vlan-interface1] rsvp enable [SwitchA-Vlan-interface1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] mpls lsr-id 2.2.2.2 [SwitchB] mpls te [SwitchB-te] quit [SwitchB] rsvp [SwitchB-rsvp] quit [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] mpls enable [SwitchB-Vlan-interface1] mpls te enable [SwitchB-Vlan-interface1] rsvp enable [SwitchB-Vlan-interface1] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls enable [SwitchB-Vlan-interface2] mpls te enable...
Page 148 [SwitchA] display interface tunnel Tunnel4 Current state: UP Line protocol current state: UP Description: Tunnel4 Interface Bandwidth: 64kbps Maximum transmission unit: 1496 Internet address: 10.1.1.1/24 (primary) Tunnel source unknown, destination 4.4.4.4 Tunnel TTL 255 Tunnel protocol/transport CR_LSP Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 1911 bytes/sec, 15288 bits/sec, 0 packets/sec Input: 0 packets input, 0 bytes, 0 drops...
Page 149 Configure a bypass tunnel on Switch B (the PLR): # Configure an explicit path for the bypass tunnel. [SwitchB] explicit-path by-path [SwitchB-explicit-path-by-path] nexthop 3.2.1.2 [SwitchB-explicit-path-by-path] nexthop 3.3.1.2 [SwitchB-explicit-path-by-path] nexthop 3.3.3.3 [SwitchB-explicit-path-by-path] quit # Create MPLS TE tunnel interface Tunnel 5 for the bypass tunnel. [SwitchB] interface tunnel 5 mode mpls-te [SwitchB-Tunnel5] ip address 11.1.1.1 255.255.255.0 # Specify the tunnel destination address as LSR ID of Switch C.
Page 150 [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] shutdown [SwitchB-Vlan-interface2] quit # Execute the display interface tunnel 4 command on Switch A to display information about the primary CRLSP. The output shows that the tunnel interface is still up. (Details not shown.) # Display detailed information about the tunnel interface on Switch A. [SwitchA] display mpls te tunnel-interface Tunnel Name : Tunnel 4...
Page 151: Auto Frr Configuration Example
# On the PLR, configure the interval for selecting an optimal bypass tunnel as 5 seconds. [SwitchB] mpls te [SwitchB-te] fast-reroute timer 5 [SwitchB-te] quit # On the PLR, bring up the protected interface VLAN-interface 2. [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] undo shutdown # Execute the display interface tunnel 4 command on Switch A to display information about the primary CRLSP.
Page 152 Table 8 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Loop0 1.1.1.1/32 Switch E Loop0 5.5.5.5/32 Vlan-int1 2.1.1.1/24 Vlan-int4 3.2.1.2/24 Switch B Loop0 2.2.2.2/32 Vlan-int5 3.4.1.1/24 Vlan-int1 2.1.1.2/24 Switch C Loop0 3.3.3.3/32 Vlan-int2 3.1.1.1/24 Vlan-int3 4.1.1.1/24...
Page 153 [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls enable [SwitchB-Vlan-interface2] mpls te enable [SwitchB-Vlan-interface2] rsvp enable [SwitchB-Vlan-interface2] rsvp bfd enable [SwitchB-Vlan-interface2] quit [SwitchB] interface vlan-interface 4 [SwitchB-Vlan-interface4] mpls enable [SwitchB-Vlan-interface4] mpls te enable [SwitchB-Vlan-interface4] rsvp enable [SwitchB-Vlan-interface4] quit [SwitchB] interface vlan-interface 6 [SwitchB-Vlan-interface6] mpls enable [SwitchB-Vlan-interface6] mpls te enable [SwitchB-Vlan-interface6] rsvp enable...
Page 154 Tunnel TTL 255 Tunnel protocol/transport CR_LSP Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 1911 bytes/sec, 15288 bits/sec, 0 packets/sec Input: 0 packets input, 0 bytes, 0 drops Output: 1526 packets output, 22356852 bytes, 0 drops # Display detailed information about the MPLS TE tunnel interface on Switch A.
Page 155 Verifying the configuration # Verify that two tunnels have been created automatically on Switch B. [SwitchB] display interface tunnel brief Brief information on interfaces in route mode: Link: ADM - administratively down; Stby - standby Protocol: (s) - spoofing Interface Link Protocol Primary IP Description Tun50...
Page 156 LSP ID : 16802 Tunnel ID : 51 Admin State : Normal Ingress LSR ID : 2.2.2.2 Egress LSR ID : 3.3.3.3 Signaling : RSVP-TE Static CRLSP Name Resv Style : SE Tunnel mode Reverse-LSP name Reverse-LSP LSR ID Reverse-LSP Tunnel ID: - Class Type : CT0 Tunnel Bandwidth...
Page 157: Ietf Ds-Te Configuration Example
Include-Any: 0 Include-all: 0 Average bitrate: 0 kbps Maximum burst: 1000.00 bytes Path MTU: 1500 Class type: CT0 RRO number: 12 2.1.1.1/32 Flag: 0x00 (No FRR) 2.1.1.2/32 Flag: 0x00 (No FRR) 1150 Flag: 0x01 (Global label) 2.2.2.2/32 Flag: 0x20 (No FRR/Node-ID) 3.1.1.1/32 Flag: 0x09 (FRR Avail/Node-Prot) 3.1.1.2/32...
Page 158 Table 9 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A Loop0 1.1.1.9/32 Switch D Loop0 4.4.4.9/32 Vlan-int1 10.1.1.1/24 Vlan-int3 30.1.1.2/24 Vlan-int10 100.1.1.1/24 Vlan-int10 100.1.2.1/24 Switch B Loop0 2.2.2.9/32 Switch C Loop0 3.3.3.9/32 Vlan-int1 10.1.1.2/24 Vlan-int3 30.1.1.1/24...
Page 159 [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 3 [SwitchC-Vlan-interface3] isis enable 1 [SwitchC-Vlan-interface3] isis circuit-level level-2 [SwitchC-Vlan-interface3] quit [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] isis enable 1 [SwitchC-Vlan-interface2] isis circuit-level level-2 [SwitchC-Vlan-interface2] quit [SwitchC] interface loopback 0 [SwitchC-LoopBack0] isis enable 1 [SwitchC-LoopBack0] isis circuit-level level-2 [SwitchC-LoopBack0] quit # Configure Switch D.
Page 160 [SwitchA] rsvp [SwitchA-rsvp] quit [SwitchA] interface vlan-interface 1 [SwitchA-Vlan-interface1] mpls enable [SwitchA-Vlan-interface1] mpls te enable [SwitchA-Vlan-interface1] rsvp enable [SwitchA-Vlan-interface1] quit # Configure Switch B. [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls te [SwitchB-te] ds-te mode ietf [SwitchB-te] quit [SwitchB] rsvp [SwitchB-rsvp] quit [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] mpls enable [SwitchB-Vlan-interface1] mpls te enable...
Page 161 [SwitchD] interface vlan-interface 3 [SwitchD-Vlan-interface3] mpls enable [SwitchD-Vlan-interface3] mpls te enable [SwitchD-Vlan-interface3] rsvp enable [SwitchD-Vlan-interface3] quit Configure IS-IS TE: # Configure Switch A. [SwitchA] isis 1 [SwitchA-isis-1] cost-style wide [SwitchA-isis-1] mpls te enable level-2 [SwitchA-isis-1] quit # Configure Switch B. [SwitchB] isis 1 [SwitchB-isis-1] cost-style wide [SwitchB-isis-1] mpls te enable level-2...
Page 162 [SwitchC] interface vlan-interface 3 [SwitchC-Vlan-interface3] mpls te max-link-bandwidth 10000 [SwitchC-Vlan-interface3] mpls te max-reservable-bandwidth rdm 10000 bc1 8000 bc2 5000 bc3 2000 [SwitchC-Vlan-interface3] quit [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] mpls te max-link-bandwidth 10000 [SwitchC-Vlan-interface2] mpls te max-reservable-bandwidth rdm 10000 bc1 8000 bc2 5000 bc3 2000 [SwitchC-Vlan-interface2] quit # Set the maximum bandwidth, maximum reservable bandwidth, and bandwidth constraints on...
Page 163 Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drop Output: 0 packets, 0 bytes, 0 drop # Display detailed information about the MPLS TE tunnel on Switch A. [SwitchA] display mpls te tunnel-interface Tunnel Name : Tunnel 1 Tunnel State...
Page 164: Troubleshooting Mpls Te
8000 5000 2000 TE Class Class Type Priority BW Reserved(kbps) BW Available(kbps) # Execute the display ip routing-table command on Switch A. The output shows a static route entry with interface Tunnel 1 as the output interface. (Details not shown.) Troubleshooting MPLS TE No TE LSA generated Symptom...
Page 165: Configuring A Static Crlsp
Configuring a static CRLSP Overview A static Constraint-based Routed Label Switched Path (CRLSP) is established by manually specifying CRLSP setup information on the ingress, transit, and egress nodes of the forwarding path. The CRLSP setup information includes the incoming label, outgoing label, and required bandwidth. If the device does not have enough bandwidth resources required by a CRLSP, the CRLSP cannot be established.
Page 166: Configuration Procedure
• Static CRLSP is mutually exclusive with EVI and VXLAN. For more information about EVI, see EVI Configuration Guide. For more information about VXLAN, see VXLAN Configuration Guide. Configuration procedure To configure a static CRLSP: Step Command Remarks Enter system view. system-view •...
Page 167: Configuration Procedure
Figure 41 Network diagram Loop0 2.2.2.2/32 Vlan-int1 Vlan-int2 3.2.1.1/24 2.1.1.2/24 Switch B Vlan-int1 Vlan-int2 Vlan-int10 Vlan-int10 2.1.1.1/24 3.2.1.2/24 100.1.2.1/24 100.1.1.1/24 IP network IP network Switch A Switch C Loop0 Loop0 3.3.3.3/32 1.1.1.1/32 Configuration procedure Configure IP addresses and masks for interfaces. (Details not shown.) Configure IS-IS to advertise interface addresses, including the loopback interface address: # Configure Switch A.
Page 168 [SwitchC-isis-1] network-entity 00.0005.0000.0000.0003.00 [SwitchC-isis-1] quit [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] isis enable 1 [SwitchC-Vlan-interface2] quit [SwitchC] interface loopback 0 [SwitchC-LoopBack0] isis enable 1 [SwitchC-LoopBack0] quit # Execute the display ip routing-table command on each switch to verify that the switches have learned the routes to one another, including the routes to the loopback interfaces.
Page 169: Verifying The Configuration
[SwitchB-Vlan-interface1] mpls te max-link-bandwidth 10000 [SwitchB-Vlan-interface1] mpls te max-reservable-bandwidth 5000 [SwitchB-Vlan-interface1] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] mpls te max-link-bandwidth 10000 [SwitchB-Vlan-interface2] mpls te max-reservable-bandwidth 5000 [SwitchB-Vlan-interface2] quit # On Switch C, set the maximum bandwidth and the maximum reservable bandwidth. [SwitchC] interface vlan-interface 2 [SwitchC-Vlan-interface2] mpls te max-link-bandwidth 10000 [SwitchC-Vlan-interface2] mpls te max-reservable-bandwidth 5000...
Page 170 Description: Tunnel1 Interface Bandwidth: 64kbps Maximum transmission unit: 1496 Internet address: 6.1.1.1/24 (primary) Tunnel source unknown, destination 3.3.3.3 Tunnel TTL 255 Tunnel protocol/transport CR_LSP Last clearing of counters: Never Last 300 seconds input rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Last 300 seconds output rate: 0 bytes/sec, 0 bits/sec, 0 packets/sec Input: 0 packets, 0 bytes, 0 drops Output: 0 packets, 0 bytes, 0 drops...
Page 171 Proto In/Out Label Interface/Out NHLFE StaticCR 20/30 Vlan2 3.2.1.2 Local Vlan2 [SwitchC] display mpls lsp Proto In/Out Label Interface/Out NHLFE StaticCR 30/- [SwitchA] display mpls static-cr-lsp Name LSR Type In/Out Label Out Interface State static-cr-lsp-1 Ingress Null/20 Vlan1 [SwitchB] display mpls static-cr-lsp Name LSR Type In/Out Label...
Page 172: Configuring Rsvp
Configuring RSVP Overview The Resource Reservation Protocol (RSVP) is a signaling protocol that reserves resources on a network. Extended RSVP supports MPLS label distribution and allows resource reservation information to be transmitted with label bindings. This extended RSVP is called RSVP-TE. RSVP-TE is a label distribution protocol for MPLS TE.
Page 173: Crlsp Setup Procedure
CRLSP setup procedure As shown in Figure 42, a CRLSP is set up by using the following steps: The ingress LSR generates a Path message that carries LABEL_REQUEST, and then forwards the message along the path calculated by CSPF hop-by-hop towards the egress LSR. After receiving the Path message, the egress LSR generates a Resv message carrying the reservation information and the LABEL object.
Page 174: Rsvp Authentication
by sending back a message that includes the Message_ID_ACK object. If the sender does not receive a Message_ID_ACK within the retransmission interval (Rf), it performs the following tasks: • Retransmits the message when Rf expires. • Sets the next transmission interval to (1 + delta) × Rf. The sender repeats this process until it receives the Message_ID_ACK before the retransmission time expires or it has transmitted the message three times.
Page 175: Protocols And Standards
Protocols and standards • RFC 2205, Resource ReSerVation Protocol • RFC 3209, RSVP-TE: Extensions to RSVP for LSP Tunnels • RFC 2961, RSVP Refresh Overhead Reduction Extensions • RFC 4461, Signaling Requirements for Point-to-Multipoint Traffic-Engineered MPLS Label Switched Paths (LSPs) •...
Page 176: Configuring Rsvp Refresh
Configuring RSVP refresh Step Command Remarks Enter system view. system-view Enter RSVP view. rsvp By default, the refresh interval is Set the refresh interval for refresh interval interval 30 seconds for both path and Path and Resv messages. Resv messages. Set the PSB and RSB By default, the PSB and RSB keep-multiplier number...
Page 177: Configuring Rsvp Authentication
If the device receives a hello request from the neighbor, the device replies with a hello ACK message. If the device receives no hello request from the neighbor within the interval specified by the hello interval command, the device sends hello requests to the neighbor. When the number of consecutive lost hellos or erroneous hellos from the neighbor reaches the maximum (specified by the hello lost command), the device determines the neighbor is in fault.
Page 178 Step Command Remarks Enable challenge-response By default, the handshake for the RSVP authentication challenge challenge-response handshake neighbor. feature is disabled. Set the idle timeout for the By default, the idle timeout is 1800 RSVP security associations authentication lifetime life-time seconds (30 minutes). with the RSVP neighbor.
Page 179: Setting A Dscp Value For Outgoing Rsvp Packets
Step Command Remarks Set the global RSVP authentication window size By default, only one RSVP (the maximum number of authentication window-size authenticated message can be RSVP authenticated number received out of sequence. messages that can be received out of sequence). Setting a DSCP value for outgoing RSVP packets The DSCP value of an IP packet specifies the priority level of the packet and affects the transmission priority of the packet.
Page 180: Displaying And Maintaining Rsvp
Step Command Remarks Enter system view. system-view interface interface-type You must enable RSVP on the Enter interface view. interface-number interface. Enable BFD for the RSVP rsvp bfd enable By default, RSVP BFD is disabled. neighbor on the interface. Displaying and maintaining RSVP Execute display commands in any view and reset commands in user view.
Page 181 Figure 43 Network diagram IP network IP network Vlan-int10 Vlan-int10 Switch A Switch D Vlan-int1 Vlan-int3 Loop0 Loop0 Loop0 Loop0 Vlan-int3 Vlan-int1 Vlan-int2 Vlan-int2 Switch B Switch C Table 10 Interface and IP address assignment Device Interface IP address Device Interface IP address Switch A...
Page 182 [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] isis enable 1 [SwitchB-Vlan-interface1] isis circuit-level level-2 [SwitchB-Vlan-interface1] quit [SwitchB] interface vlan-interface 2 [SwitchB-Vlan-interface2] isis enable 1 [SwitchB-Vlan-interface2] isis circuit-level level-2 [SwitchB-Vlan-interface2] quit [SwitchB] interface loopback 0 [SwitchB-LoopBack0] isis enable 1 [SwitchB-LoopBack0] isis circuit-level level-2 [SwitchB-LoopBack0] quit # Configure Switch C.
Page 183 [SwitchA] mpls te [SwitchA-te] quit [SwitchA] rsvp [SwitchA-rsvp] quit [SwitchA] interface vlan-interface 1 [SwitchA-Vlan-interface1] mpls enable [SwitchA-Vlan-interface1] mpls te enable [SwitchA-Vlan-interface1] rsvp enable [SwitchA-Vlan-interface1] quit # Configure Switch B. [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls te [SwitchB-te] quit [SwitchB] rsvp [SwitchB-rsvp] quit [SwitchB] interface vlan-interface 1 [SwitchB-Vlan-interface1] mpls enable...
Page 184 [SwitchD-Vlan-interface3] mpls enable [SwitchD-Vlan-interface3] mpls te enable [SwitchD-Vlan-interface3] rsvp enable [SwitchD-Vlan-interface3] quit Configure IS-IS TE: # Configure Switch A. [SwitchA] isis 1 [SwitchA-isis-1] cost-style wide [SwitchA-isis-1] mpls te enable level-2 [SwitchA-isis-1] quit # Configure Switch B. [SwitchB] isis 1 [SwitchB-isis-1] cost-style wide [SwitchB-isis-1] mpls te enable level-2 [SwitchB-isis-1] quit # Configure Switch C.
Page 185 [SwitchC-Vlan-interface2] mpls te max-reservable-bandwidth 5000 [SwitchC-Vlan-interface2] quit # Set the maximum link bandwidth and maximum reservable bandwidth on Switch D. [SwitchD] interface vlan-interface 3 [SwitchD-Vlan-interface3] mpls te max-link-bandwidth 10000 [SwitchD-Vlan-interface3] mpls te max-reservable-bandwidth 5000 [SwitchD-Vlan-interface3] quit Configure an MPLS tunnel on Switch A: # Configure MPLS TE tunnel interface Tunnel 1.
Page 186: Rsvp Gr Configuration Example
Signaling : RSVP-TE Static CRLSP Name Resv Style : SE Tunnel mode Reverse-LSP name Reverse-LSP LSR ID Reverse-LSP Tunnel ID: - Class Type : CT0 Tunnel Bandwidth : 2000 kbps Reserved Bandwidth : 2000 kbps Setup Priority Holding Priority Affinity Attr/Mask : 0/0 Explicit Path Backup Explicit Path : -...
Page 187 [SwitchA] mpls lsr-id 1.1.1.9 [SwitchA] mpls te [SwitchA-te] quit [SwitchA] rsvp [SwitchA-rsvp] quit [SwitchA] interface vlan-interface 1 [SwitchA-Vlan-interface1] mpls enable [SwitchA-Vlan-interface1] mpls te enable [SwitchA-Vlan-interface1] rsvp enable [SwitchA-Vlan-interface1] rsvp hello enable [SwitchA-Vlan-interface1] quit # Configure Switch B. <SwitchB> system-view [SwitchB] mpls lsr-id 2.2.2.9 [SwitchB] mpls te [SwitchB-te] quit [SwitchB] rsvp...
Page 188 [SwitchA-rsvp] graceful-restart enable # Configure Switch B. [SwitchB] rsvp [SwitchB-rsvp] graceful-restart enable # Configure Switch C. [SwitchC] rsvp [SwitchC-rsvp] graceful-restart enable Verifying the configuration # After a tunnel is established from Switch A and Switch C, display detailed RSVP neighbor information on Switch A.
Page 189: Configuring Tunnel Policies
Configuring tunnel policies Overview Tunnel policies enable a PE to forward traffic for each MPLS VPN over a preferred tunnel or over multiple tunnels. The tunnels supported by MPLS VPN include MPLS LSPs and MPLS TE tunnels. For more information about MPLS TE, see "Configuring MPLS TE."...
Page 190: Configuration Procedure
application might take a great time to sequence the packets. As a best practice, do not use the second method. Figure 45 MPLS VPN tunnel selection diagram Tunnel 1 PE 1 PE 2 Tunnel 2 Tunnel 3 Configuration procedure To configure a tunnel policy: Step Command Remarks...
Page 191: Tunnel Policy Configuration Examples
Tunnel policy configuration examples Exclusive tunnel configuration example Network requirements PE 1 has multiple tunnels to reach PE 2: two MPLS TE tunnels on interface Tunnel 1 and Tunnel 2, and one LDP LSP tunnel. Two MPLS VPNs, vpna and vpnb, exist on PE 1. The VPN vpna exclusively uses the MPLS TE tunnel 1, and the VPN vpnb exclusively uses the MPLS TE tunnel 2.
Page 192 VPN instance Tunnel policy vpnc, vpnd Use MPLS TE tunnel Tunnel 2 as the preferred tunnel. vpne Uses one tunnel selected in LDP LSP-MPLS TE order. Configuration procedure Configure tunnel policies on PE 1: # Create tunnel policy preferredte1, and configure tunnel 1 as the preferred tunnel. <PE1>...
Page 193 [PE1-vpn-instance-vpne] vpn-target 100:5 [PE1-vpn-instance-vpne] tnl-policy select-lsp...
Page 194: Configuring Mpls L3Vpn
Configuring MPLS L3VPN Overview MPLS L3VPN is a L3VPN technology used to interconnect geographically dispersed VPN sites. MPLS L3VPN uses BGP to advertise VPN routes and uses MPLS to forward VPN packets over a service provider backbone. MPLS L3VPN provides flexible networking modes, excellent scalability, and convenient support for MPLS QoS and MPLS TE.
Page 195 • The classification of a site depends on the topology relationship of the devices, rather than the geographical positions. However, the devices at a site are, in most cases, adjacent to each other geographically. • The devices at a site can belong to multiple VPNs, which means that a site can belong to multiple VPNs.
Page 196: Mpls L3Vpn Route Advertisement
• When the Type field is 2, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1. To guarantee global uniqueness for a VPN-IPv4 address, do not set the Administrator subfield to any private AS number or private IP address.
Page 197: Mpls L3Vpn Packet Forwarding
d. Advertises those routes to the connected CE over a static route, RIP route, OSPF route, IS-IS route, EBGP route, or IBGP route. MPLS L3VPN packet forwarding In a basic MPLS L3VPN (within a single AS), a PE adds the following information into VPN packets: •...
Page 198: Mpls L3Vpn Networking Schemes
MPLS L3VPN networking schemes In MPLS L3VPNs, route target attributes are used to control the advertisement and reception of VPN routes between sites. They work independently and can be configured with multiple values to support flexible VPN access control and implement multiple types of VPN networking schemes. Basic VPN networking scheme In the simplest case, all users in a VPN form a closed user group.
Page 199 • The import target attribute of a spoke PE is different from the export target attribute of any other spoke PE. Any two spoke PEs do not directly advertise VPN-IPv4 routes to each other. Therefore, they cannot directly access each other. Figure 50 Network diagram for hub and spoke network VPN 1 Site 1...
Page 200: Inter-As Vpn
Figure 51 Network diagram for extranet networking scheme VPN 1 Site 1 VPN 1: Import:100:1 Export:100:1 PE 1 VPN 1 PE 3 Site 3 PE 2 VPN 1: Import:100:1,200:1 Export:100:1,200:1 VPN 2: Import:200:1 Site 2 Export:200:1 VPN 2 As shown in Figure 51, route targets configured on PEs produce the following results: •...
Page 201 Figure 52 Network diagram for inter-AS option A VPN 1 VPN 1 CE 1 CE 3 PE 1 PE 3 ASBR 2 ASBR 1 EBGP (PE) (PE) AS 200 AS 100 PE 2 PE 4 VPN LSP 1 VPN LSP 2 LSP 1 IP Forwarding LSP 2...
Page 202 Figure 53 Network diagram for inter-AS option B VPN 1 VPN 1 CE 1 CE 3 ASBR 2 ASBR 1 PE 1 PE 3 (PE) (PE) MP-EBGP MPLS backbone MPLS backbone AS 100 AS 200 PE 2 PE 4 VPN LSP 1 VPN LSP 3 VPN LSP2 CE 4...
Page 203 In this solution, PEs exchange VPN-IPv4 routes over a multihop MP-EBGP session. Each PE must have a route to the peer PE and a label for the route so that the inter-AS public tunnel between the PEs can be set up. Inter-AS option C sets up a public tunnel by using the following methods: •...
Page 204: Ospf Vpn Extension
Assume that the outgoing label for the public tunnel on PE 3 is Lv. After route advertisement and public tunnel setup, a packet is forwarded from CE 3 to CE 1 by using the following process: PE 3 performs the following routing table lookups for the packet: a.
Page 205 In the OSPF VPN extension application, the MPLS VPN backbone is considered the backbone area (area 0). The area 0 of each site must be connected to the MPLS VPN backbone (physically connected or logically connected through a virtual link) because OSPF requires that the backbone area be contiguous.
Page 206 Routing loop avoidance Figure 57 Network diagram for routing loop avoidance VPN 1 OSPF Area 1 Site 2 PE 1 CE 21 MPLS backbone PE 3 VPN 1 OSPF Area 0 CE 22 Site 1 CE 11 VPN 1 PE 2 OSPF Area 2 Site 3 As shown in...
Page 207: Bgp As Number Substitution And Soo Attribute
Figure 58 Network diagram for sham link Sham-link MPLS backbone PE 1 PE 2 Site 1 Site 2 CE 12 CE 22 OSPF Area 1 OSPF Area 1 Backdoor-link VPN 1 VPN 1 A sham link is considered a virtual point-to-point link within a VPN and is advertised in a Type 1 LSA. It is identified by the source IP address and destination IP address that are the local PE address and the remote PE address in the VPN address space.
Page 208: Mpls L3Vpn Frr
However, the AS number substitution feature also introduces a routing loop in Site 2 because route updates originated from CE 3 can be advertised back to Site 2 through PE 2 and CE 2. To remove the routing loop, you can configure the same SoO attribute on PE 2 for CE 2 and CE 3. PE 2 adds the SoO attribute to route updates received from CE 2 or CE 3, and checks the SoO attribute of route updates to be advertised to CE 2 or CE 3.
Page 209 VPNv4 route backup for an IPv4 route Figure 61 Network diagram PE 2 PE 1 MPLS VPN 1 VPN 1 backbone CE 1 CE 2 Primary link Backup link PE 3 As shown in Figure 61, configure FRR on the egress node PE 2, and specify the backup next hop for VPN 1 as PE 3.
Page 210: Ecmp Vpn Route Redistribution
ECMP VPN route redistribution This feature enables a VPN instance to redistribute all routes that have the same prefix and RD into its routing table. Based on the ECMP routes, the device can perform load sharing (as configured by the balance command) or MPLS L3VPN FRR. For more information about the balance command, see BGP in Layer 3—IP Routing Command Reference.
Page 211: Configuring Basic Mpls L3Vpn
Tasks at a glance (Optional.) Configuring inter-AS VPN (Optional.) Configuring an OSPF sham link (Optional.) Specifying the VPN label processing mode on the egress PE (Optional.) Configuring BGP AS number substitution and SoO attribute (Optional.) Configuring MPLS L3VPN FRR (Optional.) Configuring BGP RT filtering (Optional.) Configuring route replication...
Page 212 Step Command Remarks Enter system view. system-view Create a VPN instance and ip vpn-instance By default, no VPN instances enter VPN instance view. vpn-instance-name exist. Configure an RD for the VPN route-distinguisher By default, no RD is configured for instance. route-distinguisher a VPN instance.
Page 213: Configuring Routing Between A Pe And A Ce
Step Command Remarks By default, the number of active routes is not limited. Set the maximum routing-table limit number Setting the maximum number of number of active routes. { warn-threshold | simply-alert } active routes for a VPN instance can prevent the PE from learning too many routes.
Page 214 Configuring RIP between a PE and a CE A RIP process belongs to the public network or a single VPN instance. If you create a RIP process without binding it to a VPN instance, the process belongs to the public network. To configure RIP between a PE and a CE: Step Command...
Page 215 Step Command Remarks The defaults are as follows: • 0x0005 for Domain ID. ext-community-type Configure the type codes of • 0x0107 for Router ID. { domain-id type-code1 | OSPF extended community • router-id type-code2 | route-type 0x0306 for Route Type. attributes.
Page 216 Step Command Remarks Create the BGP-VPN IPv4 By default, the BGP-VPN IPv4 unicast family and enter its address-family ipv4 [ unicast ] unicast family is not created. view. Enable IPv4 unicast route By default, BGP does not exchange with the peer { group-name | ip-address exchange IPv4 unicast routes specified peer or peer...
Page 217 Configuring IBGP between a PE and a CE Use IBGP between PE and CE only in a basic MPLS L3VPN network. In networks such as Hub&Spoke, Extranet, and inter-AS VPN, you cannot use IBGP between PE and CE. Configure the PE: Step Command Remarks...
Page 218: Configuring Routing Between Pes
Step Command Remarks bgp as-number [ instance Enter BGP instance view. instance-name ] peer { group-name | ip-address Configure the PE as an [ mask-length ] } as-number By default, no BGP peers exist. IBGP peer. as-number Create the BGP IPv4 By default, the BGP IPv4 unicast family and enter its address-family ipv4 [ unicast ]...
Page 219 Step Command Remarks bgp as-number [ instance Enter BGP instance view. instance-name ] Enter BGP VPNv4 address address-family vpnv4 family view. filter-policy { ipv4-acl-number | Configure filtering of By default, BGP does not filter prefix-list prefix-list-name } advertised routes. advertised routes. export [ protocol process-id ] filter-policy { ipv4-acl-number | Configure filtering of...
Page 220: Configuring Inter-As Vpn
Step Command Remarks 15. Apply a prefix list to filter peer { group-name | ipv4-address routes received from or [ mask-length ] } prefix-list By default, no prefix list based advertised to a peer or peer prefix-list-name { export | filtering is configured.
Page 221: Configuring Inter-As Option B
The route targets configured on the PEs must match those configured on the ASBRs in the same AS to make sure VPN routes sent by the PEs (or ASBRs) can be received by the ASBRs (or PEs). Route targets configured on the PEs in different ASs do not have such requirements. For more information, see "Configuring basic MPLS L3VPN."...
Page 222: Configuring Inter-As Option C
Step Command Remarks 12. Enable BGP to exchange By default, BGP cannot exchange VPNv4 routes with the PE in peer { group-name | ipv4-address VPNv4 routing information with a the same AS and the ASBR [ mask-length ] } enable peer.
Page 223 Step Command Remarks peer { group-name | ipv4-address Configure the PE of another [ mask-length ] } as-number By default, no BGP peers exist. AS as an EBGP peer. as-number Create the BGP IPv4 unicast By default, the BGP IPv4 unicast address family and enter its address-family ipv4 [ unicast ] address family is not created.
Page 224: Configuring An Ospf Sham Link
Step Command Remarks Enter interface view of the interface interface-type interface connected to an interface-number internal router of the AS. Enable MPLS on the By default, MPLS is disabled on mpls enable interface. the interface. Enable MPLS LDP on the By default, MPLS LDP is disabled mpls ldp enable interface.
Page 225: Configuring A Loopback Interface
Before you configure an OSPF sham link, perform the following tasks: • Configure basic MPLS L3VPN (OSPF is used between PE and CE). • Configure OSPF in the LAN where customer CEs reside. Configuring a loopback interface Step Command Remarks Enter system view.
Page 226: Specifying The Vpn Label Processing Mode On The Egress Pe
Step Command Remarks Enter OSPF area view. area area-id sham-link source-ip-address destination-ip-address [ cost cost-value | dead dead-interval | hello hello-interval | { { hmac-md5 | md5 } key-id Configure a sham link. { cipher | plain } string | keychain By default, no sham links exist.
Page 227: Configuring Mpls L3Vpn Frr
Step Command Remarks bgp as-number [ instance Enter BGP instance view. instance-name ] Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { ipv4-address Enable the BGP AS number By default, BGP AS number [ mask-length ] | group-name } substitution feature. substitution is disabled.
Page 228: Configuring Bgp Rt Filtering
Step Command Remarks By default, no backup next hop address is set for FRR. This step is required to enable Set the backup next hop apply fast-reroute MPLS L3VPN FRR in Method 2. for FRR. backup-nexthop ip-address For more information about this command, see Layer 3—IP Routing Command Reference.
Page 229: Procedure
Procedure Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] Enter BGP IPv4 RT filter address-family ipv4 rtfilter address family view. Enable the device to By default, the device cannot peer { group-name | ipv4-address exchange routing information exchange routing information [ mask-length ] } enable...
Page 230: Enabling Ecmp Vpn Route Redistribution
Step Command Remarks route-replicate from { public | vpn-instance vpn-instance-name } protocol bgp as-number [ route-policy route-policy-name ] By default, a VPN instance Replicate routes from the cannot replicate routes from the route-replicate from { public | public network or other VPN public network or other VPN vpn-instance vpn-instance-name } instances.
Page 231: Enabling Snmp Notifications For Mpls L3Vpn
Step Command Remarks By default, ECMP VPN route redistribution is disabled. If multiple routes have the same prefix and RD, a VPN instance redistributes only the optimal route into its routing table. Enable ECMP VPN route In BGP IPv4 unicast address vpn-route cross multipath redistribution.
Page 232: Displaying And Maintaining Mpls L3Vpn
Step Command Remarks • Enter BGP VPNv4 address family view: a. bgp as-number [ instance instance-name ] b. address-family vpnv4 Enter BGP VPNv4 address • Enter BGP-VPN VPNv4 address family view or BGP-VPN family view: VPNv4 address family view. c. bgp as-number [ instance instance-name ] d.
Page 233: Mpls L3Vpn Configuration Examples
Task Command display bgp [ instance instance-name ] peer vpnv4 [ vpn-instance Display BGP VPNv4 peer vpn-instance-name ] [ ipv4-address mask-length | { ipv4-address | information. group-name group-name } log-info | [ ipv4-address ] verbose ] display bgp [ instance instance-name ] routing-table vpnv4 [ [ route-distinguisher route-distinguisher ] [ ipv4-address [ { mask-length | mask } [ longest-match ] ] | ipv4-address [ mask-length | mask ] advertise-info | as-path-acl...
Page 234 Figure 64 Network diagram AS 65410 AS 65430 VPN 1 VPN 1 CE 3 CE 1 Vlan-int11 Vlan-int11 Loop0 PE 2 Vlan-int11 Vlan-int11 PE 1 Vlan-int13 Vlan-int12 Loop0 Loop0 Vlan-int13 Vlan-int12 Vlan-int12 Vlan-int13 MPLS backbone Vlan-int12 Vlan-int13 CE 2 CE 4 VPN 2 VPN 2 AS 65420...
Page 235 # Configure the P device. <P> system-view [P] interface loopback 0 [P-LoopBack0] ip address 2.2.2.9 32 [P-LoopBack0] quit [P] interface vlan-interface 13 [P-Vlan-interface13] ip address 172.1.1.2 24 [P-Vlan-interface13] quit [P] interface vlan-interface 12 [P-Vlan-interface12] ip address 172.2.1.1 24 [P-Vlan-interface12] quit [P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255...
Page 236 [P-ldp] quit [P] interface vlan-interface 13 [P-Vlan-interface13] mpls enable [P-Vlan-interface13] mpls ldp enable [P-Vlan-interface13] quit [P] interface vlan-interface 12 [P-Vlan-interface12] mpls enable [P-Vlan-interface12] mpls ldp enable [P-Vlan-interface12] quit # Configure PE 2. [PE2] mpls lsr-id 3.3.3.9 [PE2] mpls ldp [PE2-ldp] quit [PE2] interface vlan-interface 12 [PE2-Vlan-interface12] mpls enable [PE2-Vlan-interface12] mpls ldp enable...
Page 237 [PE2-Vlan-interface11] ip binding vpn-instance vpn1 [PE2-Vlan-interface11] ip address 10.3.1.2 24 [PE2-Vlan-interface11] quit [PE2] interface vlan-interface 13 [PE2-Vlan-interface13] ip binding vpn-instance vpn2 [PE2-Vlan-interface13] ip address 10.4.1.2 24 [PE2-Vlan-interface13] quit # Configure IP addresses for the CEs according to Figure 64. (Details not shown.) # Execute the display ip vpn-instance command on the PEs to display the configuration of the VPN instance, for example, on PE 1.
Page 238 [PE1-bgp-default] ip vpn-instance vpn2 [PE1-bgp-default-vpn2] peer 10.2.1.1 as-number 65420 [PE1-bgp-default-vpn2] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] peer 10.2.1.1 enable [PE1-bgp-default-ipv4-vpn2] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Configure PE 2 in the same way that PE 1 is configured. (Details not shown.) # Execute the display bgp peer ipv4 vpn-instance command on the PEs to verify that a BGP peer relationship in Established state has been established between a PE and a CE.
Page 239: Configuring A Hub-Spoke Network
224.0.0.0/24 Direct 0 0.0.0.0 NULL0 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 The output shows that PE 1 has a route to the remote CE. Output on PE 2 is similar. # Verify that CEs of the same VPN can ping each other, whereas those of different VPNs cannot. For example, CE 1 can ping CE 3 (10.3.1.1) but cannot ping CE 4 (10.4.1.1).
Page 240 Configuration procedure Configure an IGP on the MPLS backbone to ensure IP connectivity within the backbone: # Configure Spoke-PE 1. <Spoke-PE1> system-view [Spoke-PE1] interface loopback 0 [Spoke-PE1-LoopBack0] ip address 1.1.1.9 32 [Spoke-PE1-LoopBack0] quit [Spoke-PE1] interface vlan-interface 4 [Spoke-PE1-Vlan-interface4] ip address 172.1.1.1 24 [Spoke-PE1-Vlan-interface4] quit [Spoke-PE1] ospf [Spoke-PE1-ospf-1] area 0...
Page 241 # Execute the display ospf peer command on the devices to verify that OSPF adjacencies in Full state have been established between Spoke-PE 1, Spoke-PE 2, and Hub-PE. Execute the display ip routing-table command on the devices to verify that the PEs have learned the routes to the loopback interfaces of each other.
Page 242 [Spoke-PE2] ip vpn-instance vpn1 [Spoke-PE2-vpn-instance-vpn1] route-distinguisher 100:2 [Spoke-PE2-vpn-instance-vpn1] vpn-target 111:1 import-extcommunity [Spoke-PE2-vpn-instance-vpn1] vpn-target 222:2 export-extcommunity [Spoke-PE2-vpn-instance-vpn1] quit [Spoke-PE2] interface vlan-interface 3 [Spoke-PE2-Vlan-interface3] ip binding vpn-instance vpn1 [Spoke-PE2-Vlan-interface3] ip address 10.2.1.2 24 [Spoke-PE2-Vlan-interface3] quit # Configure Hub-PE. [Hub-PE] ip vpn-instance vpn1-in [Hub-PE-vpn-instance-vpn1-in] route-distinguisher 100:3 [Hub-PE-vpn-instance-vpn1-in] vpn-target 222:2 import-extcommunity [Hub-PE-vpn-instance-vpn1-in] quit...
Page 243 Establish EBGP peer relationships between the PEs and CEs, and redistribute VPN routes into BGP: # Configure Spoke-CE 1. <Spoke-CE1> system-view [Spoke-CE1] bgp 65410 [Spoke-CE1-bgp-default] peer 10.1.1.2 as-number 100 [Spoke-CE1-bgp-default] address-family ipv4 [Spoke-CE1-bgp-default-ipv4] peer 10.1.1.2 enable [Spoke-CE1-bgp-default-ipv4] import-route direct [Spoke-CE1-bgp-default-ipv4] quit [Spoke-CE1-bgp-default] quit # Configure Spoke-CE 2.
Page 244 [Spoke-PE2-bgp-default] quit # Configure Hub-PE. [Hub-PE] bgp 100 [Hub-PE-bgp-default] ip vpn-instance vpn1-in [Hub-PE-bgp-default-vpn1-in] peer 10.3.1.1 as-number 65430 [Hub-PE-bgp-default-vpn1-in] address-family ipv4 [Hub-PE-bgp-default-ipv4-vpn1-in] peer 10.3.1.1 enable [Hub-PE-bgp-default-ipv4-vpn1-in] quit [Hub-PE-bgp-default-vpn1-in] quit [Hub-PE-bgp-default] ip vpn-instance vpn1-out [Hub-PE-bgp-default-vpn1-out] peer 10.4.1.1 as-number 65430 [Hub-PE-bgp-default-vpn1-out] address-family ipv4 [Hub-PE-bgp-default-ipv4-vpn1-out] peer 10.4.1.1 enable [Hub-PE-bgp-default-ipv4-vpn1-out] peer 10.4.1.1 allow-as-loop 2 [Hub-PE-bgp-default-ipv4-vpn1-out] quit...
Page 245: Configuring Mpls L3Vpn Inter-As Option A
# Execute the display bgp peer vpnv4 command on the PEs to verify that a BGP peer relationship in Established state has been established between the PEs. (Details not shown.) Verifying the configuration # Execute the display ip routing-table vpn-instance command on the PEs to display the routes to the CEs.
Page 246 Figure 66 Network diagram MPLS backbone MPLS backbone Loop0 Loop0 AS 100 AS 200 Vlan-int12 Vlan-int12 Vlan-int11 Vlan-int11 ASBR-PE 1 ASBR-PE 2 Loop0 Loop0 Vlan-int11 Vlan-int11 PE 2 PE 1 Vlan-int12 Vlan-int12 Vlan-int12 Vlan-int12 CE 1 CE 2 AS 65001 AS 65002 Table 14 Interface and IP address assignment Device...
Page 247 # Configure basic MPLS on ASBR-PE 1, and enable MPLS LDP on the interface connected to PE 1. <ASBR-PE1> system-view [ASBR-PE1] mpls lsr-id 2.2.2.9 [ASBR-PE1] mpls ldp [ASBR-PE1-ldp] quit [ASBR-PE1] interface vlan-interface 11 [ASBR-PE1-Vlan-interface11] mpls enable [ASBR-PE1-Vlan-interface11] mpls ldp enable [ASBR-PE1-Vlan-interface11] quit # Configure basic MPLS on ASBR-PE 2, and enable MPLS LDP on the interface connected to PE 2.
Page 248 [PE1-Vlan-interface12] quit # Configure CE 2. <CE2> system-view [CE2] interface vlan-interface 12 [CE2-Vlan-interface12] ip address 10.2.1.1 24 [CE2-Vlan-interface12] quit # Configure PE 2. [PE2] ip vpn-instance vpn1 [PE2-vpn-instance] route-distinguisher 200:2 [PE2-vpn-instance] vpn-target 200:1 both [PE2-vpn-instance] quit [PE2] interface vlan-interface 12 [PE2-Vlan-interface12] ip binding vpn-instance vpn1 [PE2-Vlan-interface12] ip address 10.2.1.2 24 [PE2-Vlan-interface12] quit...
Page 249 # Configure PE 1. [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] peer 10.1.1.1 as-number 65001 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] peer 10.1.1.1 enable [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Configure CE 2. [CE2] bgp 65002 [CE2-bgp-default] peer 10.2.1.2 as-number 200 [CE2-bgp-default] address-family ipv4 unicast [CE2-bgp-default-ipv4] peer 10.2.1.2 enable [CE2-bgp-default-ipv4] import-route direct...
Page 250: Configuring Mpls L3Vpn Inter-As Option B
[ASBR-PE1-bgp-default-vpnv4] peer 1.1.1.9 enable [ASBR-PE1-bgp-default-vpnv4] peer 1.1.1.9 next-hop-local [ASBR-PE1-bgp-default-vpnv4] quit [ASBR-PE1-bgp-default] quit # Configure ASBR-PE 2. [ASBR-PE2] bgp 200 [ASBR-PE2-bgp-default] ip vpn-instance vpn1 [ASBR-PE2-bgp-default-vpn1] peer 192.1.1.1 as-number 100 [ASBR-PE2-bgp-default-vpn1] address-family ipv4 unicast [ASBR-PE2-bgp-default-ipv4-vpn1] peer 192.1.1.1 enable [ASBR-PE2-bgp-default-ipv4-vpn1] quit [ASBR-PE2-bgp-default-vpn1] quit [ASBR-PE2-bgp-default] peer 4.4.4.9 as-number 200 [ASBR-PE2-bgp-default] peer 4.4.4.9 connect-interface loopback 0 [ASBR-PE2-bgp-default] address-family vpnv4...
Page 251 Figure 67 Network diagram MPLS backbone MPLS backbone Loop0 Loop0 AS 100 AS 600 Vlan-int12 Vlan-int12 Vlan-int11 Vlan-int11 ASBR-PE 2 ASBR-PE 1 Loop0 Loop0 Vlan-int11 Vlan-int11 PE 2 PE 1 Vlan-int12 Vlan-int12 Site 1 Site 2 CE 1 CE 2 AS 65001 AS 65002 Table 15 Interface and IP address assignment...
Page 252 # Configure Loopback 0, and enable IS-IS on it. [PE1] interface loopback 0 [PE1-LoopBack0] ip address 2.2.2.9 32 [PE1-LoopBack0] isis enable 1 [PE1-LoopBack0] quit # Create VPN instance vpn1, and configure the RD and route target attributes. [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 11:11 [PE1-vpn-instance-vpn1] vpn-target 1:1 2:2 3:3 import-extcommunity [PE1-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity...
Page 253 # Configure VLAN-interface 12, and enable MPLS on it. [ASBR-PE1] interface vlan-interface 12 [ASBR-PE1-Vlan-interface12] ip address 11.0.0.2 255.0.0.0 [ASBR-PE1-Vlan-interface12] mpls enable [ASBR-PE1-Vlan-interface12] quit # Configure Loopback 0, and enable IS-IS on it. [ASBR-PE1] interface loopback 0 [ASBR-PE1-LoopBack0] ip address 3.3.3.9 32 [ASBR-PE1-LoopBack0] isis enable 1 [ASBR-PE1-LoopBack0] quit # Enable BGP on ASBR-PE 1.
Page 254 [ASBR-PE2-LoopBack0] ip address 4.4.4.9 32 [ASBR-PE2-LoopBack0] isis enable 1 [ASBR-PE2-LoopBack0] quit # Enable BGP on ASBR-PE 2. [ASBR-PE2] bgp 600 [ASBR-PE2-bgp-default] peer 11.0.0.2 as-number 100 [ASBR-PE2-bgp-default] peer 11.0.0.2 connect-interface vlan-interface 12 [ASBR-PE2-bgp-default] peer 5.5.5.9 as-number 600 [ASBR-PE2-bgp-default] peer 5.5.5.9 connect-interface loopback 0 # Disable route target based filtering of received VPNv4 routes.
Page 255: Configuring Mpls L3Vpn Inter-As Option C
[PE2-Vlan-interface12] ip binding vpn-instance vpn1 [PE2-Vlan-interface12] ip address 20.0.0.1 8 [PE2-Vlan-interface12] quit # Enable BGP on PE 2. [PE2] bgp 600 # Configure IBGP peer 4.4.4.9 as a VPNv4 peer. [PE2-bgp-default] peer 4.4.4.9 as-number 600 [PE2-bgp-default] peer 4.4.4.9 connect-interface loopback 0 [PE2-bgp-default] address-family vpnv4 [PE2-bgp-default-vpnv4] peer 4.4.4.9 enable [PE2-bgp-default-vpnv4] quit...
Page 256 Figure 68 Network diagram Loop0 Loop0 MPLS backbone MPLS backbone AS 100 AS 600 Vlan-int12 Vlan-int12 Vlan-int11 Vlan-int11 ASBR-PE 1 ASBR-PE 2 Loop0 Loop0 Vlan-int11 Vlan-int11 PE 2 PE 1 Vlan-int12 Vlan-int12 MP-EBGP Vlan-int12 Vlan-int12 Site 1 Site 2 CE 1 CE 2 Table 16 Interface and IP address assignment Device...
Page 257 [PE1] isis 1 [PE1-isis-1] network-entity 10.111.111.111.111.00 [PE1-isis-1] quit # Configure the LSR ID, and enable MPLS and LDP. [PE1] mpls lsr-id 2.2.2.9 [PE1] mpls ldp [PE1-ldp] quit # Configure VLAN-interface 11, and enable IS-IS, MPLS, and LDP on the interface. [PE1] interface vlan-interface 11 [PE1-Vlan-interface11] ip address 1.1.1.2 255.0.0.0 [PE1-Vlan-interface11] isis enable 1...
Page 258 [PE1-bgp-default-vpnv4] quit # Establish an EBGP peer relationship with CE 1, and add the learned BGP routes to the routing table of VPN instance vpn1. [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] peer 30.0.0.2 as-number 65001 [PE1-bgp-default-vpn1] address-family ipv4 unicast [PE1-bgp-default-ipv4-vpn1] peer 30.0.0.2 enable [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit...
Page 259 [ASBR-PE1-bgp-default] peer 2.2.2.9 as-number 100 [ASBR-PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0 [ASBR-PE1-bgp-default] address-family ipv4 unicast [ASBR-PE1-bgp-default-ipv4] peer 2.2.2.9 enable [ASBR-PE1-bgp-default-ipv4] peer 2.2.2.9 route-policy policy2 export # Enable the capability to advertise labeled routes to IBGP peer 2.2.2.9 and to receive labeled routes from the peer.
Page 260 # Create routing policies. [ASBR-PE2] route-policy policy1 permit node 1 [ASBR-PE2-route-policy-policy1-1] apply mpls-label [ASBR-PE2-route-policy-policy1-1] quit [ASBR-PE2] route-policy policy2 permit node 1 [ASBR-PE2-route-policy-policy2-1] if-match mpls-label [ASBR-PE2-route-policy-policy2-1] apply mpls-label [ASBR-PE2-route-policy-policy2-1] quit # Enable BGP on ASBR-PE 2, and enable the capability to advertise labeled routes to IBGP peer 5.5.5.9 and to receive labeled routes from the peer.
Page 261 # Configure Loopback 0, and enable IS-IS on it. [PE2] interface loopback 0 [PE2-LoopBack0] ip address 5.5.5.9 32 [PE2-LoopBack0] isis enable 1 [PE2-LoopBack0] quit # Create VPN instance vpn1, and configure the RD and route target attributes. [PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] route-distinguisher 11:11 [PE2-vpn-instance-vpn1] vpn-target 1:1 2:2 3:3 import-extcommunity [PE2-vpn-instance-vpn1] vpn-target 3:3 export-extcommunity...
Page 262: Configuring An Ospf Sham Link
[CE2-Vlan-interface12] ip address 20.0.0.2 24 [CE2-Vlan-interface12] quit # Establish an EBGP peer relationship with PE 2, and redistribute VPN routes. [CE2] bgp 65002 [CE2-bgp-default] peer 20.0.0.1 as-number 600 [CE2-bgp-default] address-family ipv4 unicast [CE2-bgp-default-ipv4] peer 20.0.0.1 enable [CE2-bgp-default-ipv4] import-route direct [CE2-bgp-default-ipv4] quit [CE2-bgp-default] quit Verifying the configuration # Execute the display ip routing table command on CE 1 and CE 2 to verify that CE 1 and CE 2...
Page 263 Device Interface IP address Device Interface IP address Vlan-int12 30.1.1.1/24 Configuration procedure Configure OSPF on the customer networks: # Configure conventional OSPF on CE 1, Switch A, and CE 2 to advertise subnet addresses of the interfaces (see Table 17). (Details not shown.) # Set the cost value to 2 for both the link between CE 1 and Switch A, and the link between CE 2 and Switch A.
Page 264 [PE2-ldp] quit [PE2] interface vlan-interface 12 [PE2-Vlan-interface12] ip address 10.1.1.2 24 [PE2-Vlan-interface12] mpls enable [PE2-Vlan-interface12] mpls ldp enable [PE2-Vlan-interface12] quit # Configure PE 2 to take PE 1 as an MP-IBGP peer. [PE2] bgp 100 [PE2-bgp-default] peer 1.1.1.9 as-number 100 [PE2-bgp-default] peer 1.1.1.9 connect-interface loopback 0 [PE2-bgp-default] address-family vpnv4 [PE2-bgp-default-vpnv4] peer 1.1.1.9 enable...
Page 265 [PE2-vpn-instance-vpn1] vpn-target 1:1 [PE2-vpn-instance-vpn1] quit [PE2] interface vlan-interface 11 [PE2-Vlan-interface11] ip binding vpn-instance vpn1 [PE2-Vlan-interface11] ip address 120.1.1.2 24 [PE2-Vlan-interface11] quit [PE2] ospf 100 vpn-instance vpn1 [PE2-ospf-100] domain-id 10 [PE2-ospf-100] area 1 [PE2-ospf-100-area-0.0.0.1] network 120.1.1.0 0.0.0.255 [PE2-ospf-100-area-0.0.0.1] quit [PE2-ospf-100] quit [PE2] bgp 100 [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] address-family ipv4 unicast...
Page 266: Configuring Bgp As Number Substitution
• A route to the sham link destination address exists. # Execute the display ip routing-table command on the CEs. Verify that the next hop of the OSPF route to the peer CE is the interface connected to the PE (VLAN interface 11). This means that the VPN traffic to the peer CE is forwarded over the backbone.
Page 267 Table 18 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 Vlan-int11 10.1.1.1/24 Loop0 2.2.2.9/32 Vlan-int12 100.1.1.1/24 Vlan-int11 30.1.1.1/24 PE 1 Loop0 1.1.1.9/32 Vlan-int12 20.1.1.2/24 Vlan-int11 10.1.1.2/24 PE 2 Loop0 3.3.3.9/32 Vlan-int12 20.1.1.1/24 Vlan-int11 30.1.1.2/24 CE 2 Vlan-int12...
Page 268 255.255.255.255/32 Direct 0 127.0.0.1 InLoop0 # Execute the display ip routing-table command on CE 1 to verify that CE 1 has not learned the route to the VPN behind CE 2. (Details not shown.) # Execute the display ip routing-table vpn-instance command on the PEs. The output shows the route to the VPN behind the peer CE.
Page 269 * >e 10.1.1.0/24 10.2.1.2 100? e 10.2.1.0/24 10.2.1.2 100? Configure BGP AS number substitution on PE 2. <PE2> system-view [PE2] bgp 100 [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] peer 10.2.1.1 substitute-as [PE2-bgp-default-vpn1] address-family ipv4 unicast [PE2-bgp-default-ipv4-vpn1] peer 10.2.1.1 enable [PE2-bgp-default-ipv4-vpn1] quit [PE2-bgp-default-vpn1] quit [PE2-bgp-default] quit Verifying the configuration...
Page 270: Configuring Bgp As Number Substitution And Soo Attribute
100.1.1.0/24 10.2.1.2 Vlan12 127.0.0.0/8 Direct 0 127.0.0.1 InLoop0 127.0.0.0/32 Direct 0 127.0.0.1 InLoop0 127.0.0.1/32 Direct 0 127.0.0.1 InLoop0 127.255.255.255/32 Direct 0 127.0.0.1 InLoop0 200.1.1.0/24 Direct 0 200.1.1.1 Vlan13 200.1.1.0/32 Direct 0 200.1.1.1 Vlan13 200.1.1.1/32 Direct 0 127.0.0.1 InLoop0 200.1.1.255/32 Direct 0 200.1.1.1 Vlan13 224.0.0.0/4...
Page 271 Device Interface IP address Device Interface IP address Vlan-int2 10.1.1.2/24 Vlan-int4 40.1.1.2/24 Vlan-int3 30.1.1.1/24 Vlan-int5 50.1.1.1/24 Vlan-int4 40.1.1.1/24 Loop0 3.3.3.9/32 PE 3 Loop0 4.4.4.9/32 Vlan-int3 30.1.1.2/24 Vlan-int6 60.1.1.2/24 Vlan-int5 50.1.1.2/24 Vlan-int7 10.3.1.2/24 Vlan-int6 60.1.1.1/24 Configuration procedure Configure basic MPLS L3VPN: Configure OSPF on the MPLS backbone to allow the PEs and P device to learn the routes ...
Page 272: Configuring Mpls L3Vpn Frr Through Vpnv4 Route Backup For A Vpnv4 Route
<PE1> system-view [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] address-family ipv4 [PE1-bgp-default-ipv4-vpn1] peer 10.1.1.1 soo 1:100 # On PE 2, configure the SoO attribute as 1:100 for CE 2. <PE2> system-view [PE2] bgp 100 [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] address-family ipv4 [PE2-bgp-default-ipv4-vpn1] peer 10.2.1.1 soo 1:100 Verifying the configuration # PE 2 does not advertise routes received from CE 1 to CE 2 because the same SoO attribute has...
Page 273 • When BFD detects that the LSP between PE 1 and PE 2 fails, traffic from CE 1 to CE 2 goes through the path CE 1—PE 1—PE 3—CE 2. Figure 72 Network diagram Loop0 PE 2 Vlan-int11 Vlan-int13 VPN 1 PE 1 VPN 1 Vlan-int13...
Page 274: Configuring Mpls L3Vpn Frr Through Vpnv4 Route Backup For An Ipv4 Route
[PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit # Specify the preferred value as 100 for BGP VPNv4 routes received from PE 2. This value is greater than the preferred value (0) for routes from PE 3, so PE 1 prefers the routes from PE 2. [PE1-bgp-default] address-family vpnv4 [PE1-bgp-default-vpnv4] peer 2.2.2.2 preferred-value 100 [PE1-bgp-default-vpnv4] quit...
Page 275 Figure 73 Network diagram Loop0 PE 2 Vlan-int11 Vlan-int13 Vlan-int15 VPN 1 PE 1 VPN 1 Vlan-int13 Vlan-int10 Vlan-int11 MPLS Loop0 Loop0 Vlan-int12 Vlan-int10 backbone CE 2 CE 1 Vlan-int14 Loop0 Vlan-int15 Vlan-int12 Vlan-int14 Primary link PE 3 Backup link Loop0 Table 21 Interface and IP address assignment Device...
Page 276: Configuring Mpls L3Vpn Frr Through Ipv4 Route Backup For A Vpnv4 Route
# Configure FRR for VPN instance vpn1 to use routing policy frr. [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] address-family ipv4 unicast [PE2-bgp-default-ipv4-vpn1] fast-reroute route-policy frr # Specify the preferred value as 200 for BGP routes received from CE 2. This value is greater than the preferred value (0) for routes from PE 3, so PE 2 prefers the routes from CE 2.
Page 277 Figure 74 Network diagram Loop0 PE 1 Vlan-int10 Vlan-int11 Vlan-int12 VPN 1 VPN 1 Vlan-int11 MPLS Vlan-int10 Loop0 Loop0 backbone CE 2 CE 1 Vlan-int13 Vlan-int12 Vlan-int13 Primary link PE 2 Backup link Loop0 Table 22 Interface and IP address assignment Device Interface IP address...
Page 278 [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit # Specify the preferred value as 200 for BGP VPNv4 routes received from PE 2. This value is greater than the preferred value (0) for IPv4 unicast routes from CE 2, so PE 1 prefers the routes from PE 2.
Page 279: Configuring Ipv6 Mpls L3Vpn
Configuring IPv6 MPLS L3VPN Overview IPv6 MPLS L3VPN uses BGP to advertise IPv6 VPN routes and uses MPLS to forward IPv6 VPN packets on the service provider backbone. Figure 75 shows a typical IPv6 MPLS L3VPN model. The service provider backbone in the IPv6 MPLS L3VPN model is an IPv4 network.
Page 280: Ipv6 Mpls L3Vpn Routing Information Advertisement
Based on the inbound interface and destination address of the packet, PE 1 finds a matching entry from the routing table of the VPN instance, labels the packet with both a private network label (inner label) and a public network label (outer label), and forwards the packet out. The MPLS backbone transmits the packet to PE 2 by outer label.
Page 281: Configuration Restrictions And Guidelines
Configuration restrictions and guidelines IPv6 MPLS L3VPN is mutually exclusive with EVI and VXLAN. For more information about EVI and VXLAN, see EVI Configuration Guide and VXLAN Configuration Guide. IPv6 MPLS L3VPN configuration task list Tasks at a glance (Required.) Configuring basic IPv6 MPLS L3VPN (Optional.) Configuring inter-AS IPv6 VPN...
Page 282 Creating a VPN instance A VPN instance is a collection of the VPN membership and routing rules of its associated site. A VPN instance might correspond to more than one VPN. To create and configure a VPN instance: Step Command Remarks Enter system view.
Page 283: Configuring Routing Between A Pe And A Ce
Step Command Remarks • Enter VPN instance view: Configurations made in VPN ip vpn-instance instance view apply to both IPv4 vpn-instance-name VPN and IPv6 VPN. Enter VPN instance view or • Enter VPN instance IPv6 IPv6 VPN prefers the VPN instance IPv6 VPN VPN view: configurations in VPN instance view.
Page 284 Configuring IPv6 static routing between a PE and a CE Step Command Remarks Enter system view. system-view By default, no IPv6 static route is configured for a VPN instance. ipv6 route-static vpn-instance Perform this s-vpn-instance-name ipv6-address configuration on the PE. Configure an IPv6 static prefix-length { interface-type interface-number On the CE, configure a...
Page 285 Step Command Remarks The default domain ID is 0. Perform this configuration on the When you redistribute OSPFv3 routes into BGP, BGP adds the primary domain ID to the redistributed BGP VPNv6 routes as a BGP extended community (Optional.) Set an OSPFv3 domain-id { domain-id attribute.
Page 286 Step Command Remarks By default, the PE does not check the external route tag but checks the DN bit in OSPFv3 LSAs to avoid routing loops. (Optional.) Enable the This command is only for external route check feature route-tag-check enable backward compatibility with the for OSPFv3 LSAs.
Page 287 Step Command Remarks Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | Configure the CE as the ipv6-address [ prefix-length ] } By default, no BGP peers exist. VPN EBGP peer. as-number as-number By default, the BGP-VPN IPv6 unicast address family is not created.
Page 288 Step Command Remarks Enable IPv6 unicast route By default, BGP does not exchange with the peer { group-name | ip-address exchange IPv6 unicast routes specified peer or peer [ prefix-length ] } enable with any peer. group. import-route protocol A CE must advertise its VPN [ { process-id | all-processes } (Optional.) Configure route routes to the connected PE so...
Page 289: Configuring Routing Between Pes
Step Command Remarks By default, the RR uses its own router ID as the cluster ID. If multiple RRs exist in a cluster, (Optional.) Configure the reflector cluster-id { cluster-id | use this command to configure cluster ID for the RR. ip-address } the same cluster ID for all RRs in the cluster to avoid routing...
Page 290: Configuring Bgp Vpnv6 Route Control
Configuring BGP VPNv6 route control BGP VPNv6 route control is configured similarly with BGP route control, except that it is configured in BGP VPNv6 address family view. For more information about BGP route control, see Layer 3—IP Routing Configuration Guide. To configure BGP VPNv6 route control: Step Command...
Page 291: Configuring Inter-As Ipv6 Vpn
Step Command Remarks By default, route target filtering is enabled for received VPNv6 14. Enable route target filtering routes. Only VPNv6 routes whose for received BGP VPNv6 policy vpn-target export route target attribute routes. matches local import route target attribute are added to the routing table.
Page 292: Configuring Inter-As Ipv6 Vpn Option A
Configuring inter-AS IPv6 VPN option A Inter-AS IPv6 VPN option A applies to scenarios where the number of VPNs and that of VPN routes on the PEs are relatively small. To configure inter-AS IPv6 option A, perform the following tasks: •...
Page 293: Configuring An Ospfv3 Sham Link
Configuring the ASBRs In the inter-AS IPv6 VPN option C solution, an inter-AS LSP is needed, and the routes advertised between the PEs and ASBRs must carry MPLS label information. The configuration is the same as that in the Inter-AS IPv4 VPN option C solution. For more information, see "Configuring MPLS L3VPN."...
Page 294: Creating A Sham Link
Creating a sham link Step Command Remarks Enter system view. system-view ospfv3 [ process-id | vpn-instance Enter OSPFv3 view. vpn-instance-name ] * Enter OSPFv3 area view. area area-id sham-link source-ipv6-address destination-ipv6-address [ cost cost-value | dead dead-interval | hello Configure an OSPFv3 hello-interval | instance instance-id | By default, no sham links exist.
Page 295: Enabling Logging For Bgp Route Flapping
Enabling logging for BGP route flapping This feature enables BGP to generate logs for BGP route flappings that trigger log generation. The generated logs are sent to the information center. For the logs to be output correctly, you must also configure information center on the device.
Page 296: Ipv6 Mpls L3Vpn Configuration Examples
Task Command display bgp [ instance instance-name ] peer vpnv6 Display BGP VPNv6 peer information. [ ipv4-address mask-length | { ipv4-address | group-name group-name } log-info | [ ipv4-address ] verbose ] display bgp [ instance instance-name ] routing-table vpnv6 [ [ route-distinguisher route-distinguisher ] [ ipv6-address prefix-length [ advertise-info ] | as-path-acl as-path-acl-number | community-list { { basic-community-list-number |...
Page 297 Figure 77 Network diagram AS 65410 AS 65430 VPN 1 VPN 1 CE 3 CE 1 Vlan-int11 Vlan-int11 Loop0 PE 2 Vlan-int11 Vlan-int11 PE 1 Vlan-int13 Vlan-int12 Loop0 Loop0 Vlan-int13 Vlan-int12 Vlan-int12 Vlan-int13 MPLS backbone Vlan-int12 Vlan-int13 CE 2 CE 4 VPN 2 VPN 2 AS 65420...
Page 298 [PE1-ospf-1] quit # Configure the P switch. <P> system-view [P] interface loopback 0 [P-LoopBack0] ip address 2.2.2.9 32 [P-LoopBack0] quit [P] interface vlan-interface 13 [P-Vlan-interface13] ip address 172.1.1.2 24 [P-Vlan-interface13] quit [P] interface vlan-interface 12 [P-Vlan-interface12] ip address 172.2.1.1 24 [P-Vlan-interface12] quit [P] ospf [P-ospf-1] area 0...
Page 299 [P] mpls ldp [P-ldp] quit [P] interface vlan-interface 13 [P-Vlan-interface13] mpls enable [P-Vlan-interface13] mpls ldp enable [P-Vlan-interface13] quit [P] interface vlan-interface 12 [P-Vlan-interface12] mpls enable [P-Vlan-interface12] mpls ldp enable [P-Vlan-interface12] quit # Configure PE 2. [PE2] mpls lsr-id 3.3.3.9 [PE2] mpls ldp [PE2-ldp] quit [PE2] interface vlan-interface 12 [PE2-Vlan-interface12] mpls enable...
Page 300 [PE2] interface vlan-interface 11 [PE2-Vlan-interface11] ip binding vpn-instance vpn1 [PE2-Vlan-interface11] ipv6 address 2001:3::2 96 [PE2-Vlan-interface11] quit [PE2] interface vlan-interface 13 [PE2-Vlan-interface13] ip binding vpn-instance vpn2 [PE2-Vlan-interface13] ipv6 address 2001:4::2 96 [PE2-Vlan-interface13] quit # Configure IP addresses for the CEs according to Figure 77.
Page 301 [PE1-bgp-default-vpn1] quit [PE1-bgp-default] ip vpn-instance vpn2 [PE1-bgp-default-vpn2] peer 2001:2::1 as-number 65420 [PE1-bgp-default-vpn2] address-family ipv6 unicast [PE1-bgp-default-ipv6-vpn2] peer 2001:2::1 enable [PE1-bgp-default-ipv6-vpn2] quit [PE1-bgp-default-vpn2] quit [PE1-bgp-default] quit # Configure PE 2 in the same way that PE 1 is configured. (Details not shown.) # Execute the display bgp peer ipv6 vpn-instance command on the PEs to verify that a BGP peer relationship in Established state has been established between a PE and a CE.
Page 302: Configuring A Hub-Spoke Network
Destination: 2001:3::/96 Protocol : BGP4+ NextHop : ::FFFF:3.3.3.9 Preference: 255 Interface : Vlan13 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost [PE1] display ipv6 routing-table vpn-instance vpn2 Destinations : 6 Routes : 6...
Page 303 Configure EBGP between the Spoke-CEs and Spoke-PEs and between the Hub-CE and Hub-PE to exchange VPN routing information. Configure OSPF between the Spoke-PEs and Hub-PE to implement communication between the PEs. Configure MP-IBGP between the Spoke-PEs and Hub-PE to exchange VPN routing information.
Page 304 [Spoke-PE1-ospf-1] area 0 [Spoke-PE1-ospf-1-area-0.0.0.0] network 172.1.1.0 0.0.0.255 [Spoke-PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [Spoke-PE1-ospf-1-area-0.0.0.0] quit [Spoke-PE1-ospf-1] quit # Configure Spoke-PE 2. <Spoke-PE2> system-view [Spoke-PE2] interface loopback 0 [Spoke-PE2-LoopBack0] ip address 3.3.3.9 32 [Spoke-PE2-LoopBack0] quit [Spoke-PE2] interface vlan-interface 5 [Spoke-PE2-Vlan-interface5] ip address 172.2.1.1 24 [Spoke-PE2-Vlan-interface5] quit [Spoke-PE2] ospf [Spoke-PE2-ospf-1] area 0...
Page 305 [Spoke-PE1-Vlan-interface4] mpls ldp enable [Spoke-PE1-Vlan-interface4] quit # Configure Spoke-PE 2. [Spoke-PE2] mpls lsr-id 3.3.3.9 [Spoke-PE2] mpls ldp [Spoke-PE2-ldp] quit [Spoke-PE2] interface vlan-interface 5 [Spoke-PE2-Vlan-interface5] mpls enable [Spoke-PE2-Vlan-interface5] mpls ldp enable [Spoke-PE2-Vlan-interface5] quit # Configure Hub-PE. [Hub-PE] mpls lsr-id 2.2.2.9 [Hub-PE] mpls ldp [Hub-PE-ldp] quit [Hub-PE] interface vlan-interface 4 [Hub-PE-Vlan-interface4] mpls enable...
Page 306 [Hub-PE] ip vpn-instance vpn1-in [Hub-PE-vpn-instance-vpn1-in] route-distinguisher 100:3 [Hub-PE-vpn-instance-vpn1-in] vpn-target 222:2 import-extcommunity [Hub-PE-vpn-instance-vpn1-in] quit [Hub-PE] ip vpn-instance vpn1-out [Hub-PE-vpn-instance-vpn1-out] route-distinguisher 100:4 [Hub-PE-vpn-instance-vpn1-out] vpn-target 111:1 export-extcommunity [Hub-PE-vpn-instance-vpn1-out] quit [Hub-PE] interface vlan-interface 6 [Hub-PE-Vlan-interface6] ip binding vpn-instance vpn1-in [Hub-PE-Vlan-interface6] ip address 13::2 24 [Hub-PE-Vlan-interface6] quit [Hub-PE] interface vlan-interface 7 [Hub-PE-Vlan-interface7] ip binding vpn-instance vpn1-out...
Page 307 # Configure Spoke-CE 2. <Spoke-CE2> system-view [Spoke-CE2] bgp 65420 [Spoke-CE2-bgp-default] peer 12::2 as-number 100 [Spoke-CE2-bgp-default] address-family ipv6 [Spoke-CE2-bgp-default-ipv6] peer 12::2 enable [Spoke-CE2-bgp-default-ipv6] import-route direct [Spoke-CE2-bgp-default-ipv6] quit [Spoke-CE2-bgp-default] quit # Configure Hub-CE. <Hub-CE> system-view [Hub-CE] bgp 65430 [Hub-CE-bgp-default] peer 13::2 as-number 100 [Hub-CE-bgp-default] peer 14::2 as-number 100 [Hub-CE-bgp-default] address-family ipv6 [Hub-CE-bgp-default-ipv6] peer 13::2 enable...
Page 308 [Hub-PE-bgp-default-vpn1-out] address-family ipv6 [Hub-PE-bgp-default-ipv6-vpn1-out] peer 14::1 enable [Hub-PE-bgp-default-ipv6-vpn1-out] peer 14::1 allow-as-loop 2 [Hub-PE-bgp-default-ipv6-vpn1-out] quit [Hub-PE-bgp-default-vpn1-out] quit [Hub-PE-bgp-default] quit # Execute the display bgp peer ipv6 vpn-instance command on the PEs to verify that a BGP peer relationship in Established state has been established between a PE and a CE. (Details not shown.) Establish an MP-IBGP peer relationship between the Spoke-PEs and Hub-PE: # Configure Spoke-PE 1.
Page 309: Configuring Ipv6 Mpls L3Vpn Inter-As Option A
56 bytes from 12::1, icmp_seq=3 hlim=59 time=1.000 ms 56 bytes from 12::1, icmp_seq=4 hlim=59 time=0.000 ms --- Ping6 statistics for 12::1 --- 5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss round-trip min/avg/max/std-dev = 0.000/0.400/1.000/0.490 ms Configuring IPv6 MPLS L3VPN inter-AS option A Network requirements CE 1 and CE 2 belong to the same VPN.
Page 310 Configuration procedure Configure an IGP on each MPLS backbone to ensure IP connectivity within the backbone. This example uses OSPF. (Details not shown.) # Execute the display ospf peer command to verify that each ASBR-PE has established an OSPF adjacency in Full state with the PE in the same AS, and that PEs and ASBR-PEs in the same AS can learn the routes to the loopback interfaces of each other.
Page 311 # Execute the display mpls ldp peer command on the switches to verify that the session status is Operational, and that each PE and the ASBR-PE in the same AS have established an LDP neighbor relationship. (Details not shown.) Configure a VPN instance on the PEs: For the same VPN, the route targets for the VPN instance on the PE must match those for the VPN instance of the ASBR-PE in the same AS.
Page 312 [ASBR-PE2-vpn-vpn-vpn1] quit [ASBR-PE2] interface vlan-interface 12 [ASBR-PE2-Vlan-interface12] ip binding vpn-instance vpn1 [ASBR-PE2-Vlan-interface12] ipv6 address 2002:1::2 96 [ASBR-PE2-Vlan-interface12] quit # Execute the display ip vpn-instance command to display VPN instance configurations. Verify that each PE can ping its attached CE, and that ASBR-PE 1 and ASBR-PE 2 can ping each other.
Page 313 [PE1-bgp-default] peer 2.2.2.9 as-number 100 [PE1-bgp-default] peer 2.2.2.9 connect-interface loopback 0 [PE1-bgp-default] address-family vpnv6 [PE1-bgp-default-vpnv6] peer 2.2.2.9 enable [PE1-bgp-default-vpnv6] quit [PE1-bgp-default] quit # Configure ASBR-PE 1. [ASBR-PE1] bgp 100 [ASBR-PE1-bgp-default] ip vpn-instance vpn1 [ASBR-PE1-bgp-default-vpn1] peer 2002:1::2 as-number 200 [ASBR-PE1-bgp-default-vpn1] address-family ipv6 unicast [ASBR-PE1-bgp-default-ipv6-vpn1] peer 2002:1::2 enable [ASBR-PE1-bgp-default-ipv6-vpn1] quit [ASBR-PE1-bgp-default-vpn1] quit...
Page 314: Configuring Ipv6 Mpls L3Vpn Inter-As Option C
Configuring IPv6 MPLS L3VPN inter-AS option C Network requirements Site 1 and Site 2 belong to the same VPN. Site 1 accesses the network through PE 1 in AS 100, and Site 2 accesses the network through PE 2 in AS 600. PEs in the same AS run IS-IS. PE 1 and ASBR-PE 1 exchange labeled IPv4 routes by IBGP.
Page 315 # Establish an EBGP peer relationship with PE 1, and redistribute VPN routes. [CE1] bgp 65001 [CE1-bgp-default] peer 2001::1 as-number 100 [CE1-bgp-default] address-family ipv6 unicast [CE1-bgp-default-ipv6] peer 2001::1 enable [CE1-bgp-default-ipv6] import-route direct [CE1-bgp-default-ipv6] quit [CE1-bgp-default] quit Configure PE 1: # Run IS-IS on PE 1. <PE1>...
Page 316 [PE1-bgp-default] address-family ipv4 unicast [PE1-bgp-default-ipv4] peer 3.3.3.9 enable [PE1-bgp-default-ipv4] peer 3.3.3.9 label-route-capability [PE1-bgp-default-ipv4] quit # Configure the maximum hop count from PE 1 to EBGP peer 5.5.5.9 as 10. [PE1-bgp-default] peer 5.5.5.9 as-number 600 [PE1-bgp-default] peer 5.5.5.9 connect-interface loopback 0 [PE1-bgp-default] peer 5.5.5.9 ebgp-max-hop 10 # Configure peer 5.5.5.9 as a VPNv6 peer.
Page 317 # Create routing policies. [ASBR-PE1] route-policy policy1 permit node 1 [ASBR-PE1-route-policy-policy1-1] apply mpls-label [ASBR-PE1-route-policy-policy1-1] quit [ASBR-PE1] route-policy policy2 permit node 1 [ASBR-PE1-route-policy-policy2-1] if-match mpls-label [ASBR-PE1-route-policy-policy2-1] apply mpls-label [ASBR-PE1-route-policy-policy2-1] quit # Start BGP on ASBR-PE 1 and apply routing policy policy2 to routes advertised to IBGP peer 2.2.2.9 [ASBR-PE1] bgp 100 [ASBR-PE1-bgp-default] peer 2.2.2.9 as-number 100...
Page 318 [ASBR-PE2-Vlan-interface11] quit # Configure Loopback 0, and start IS-IS on it. [ASBR-PE2] interface loopback 0 [ASBR-PE2-LoopBack0] ip address 4.4.4.9 32 [ASBR-PE2-LoopBack0] isis enable 1 [ASBR-PE2-LoopBack0] quit # Configure VLAN-interface 12, and enable MPLS on it. [ASBR-PE2] interface vlan-interface 12 [ASBR-PE2-Vlan-interface12] ip address 11.0.0.1 255.0.0.0 [ASBR-PE2-Vlan-interface12] mpls enable [ASBR-PE2-Vlan-interface12] quit # Create routing policies.
Page 319 # Configure an LSR ID, and enable MPLS and LDP. [PE2] mpls lsr-id 5.5.5.9 [PE2] mpls ldp [PE2-ldp] quit # Configure VLAN-interface 11, and enable IS-IS, MPLS, and LDP on the interface. [PE2] interface vlan-interface 11 [PE2-Vlan-interface11] ip address 9.1.1.2 255.0.0.0 [PE2-Vlan-interface11] isis enable 1 [PE2-Vlan-interface11] mpls enable [PE2-Vlan-interface11] mpls ldp enable...
Page 320: Configuring An Ospfv3 Sham Link
[PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] peer 2002::2 as-number 65002 [PE2-bgp-default-vpn1] address-family ipv6 unicast [PE2-bgp-default-ipv6-vpn1] peer 2002::2 enable [PE2-bgp-default-ipv6-vpn1] quit [PE2-bgp-default-vpn1] quit [PE2-bgp-default] quit Configure CE 2: # Configure an IPv6 address for VLAN-interface 12. <CE2> system-view [CE2] interface vlan-interface 12 [CE2-Vlan-interface12] ipv6 address 2002::2 64 [CE2-Vlan-interface12] quit # Establish an EBGP peer relationship with PE 2, and redistribute VPN routes.
Page 321 Table 27 Interface and IP address assignment Device Interface IP address Device Interface IP address CE 1 Vlan-int11 100::1/64 CE 2 Vlan-int11 120::1/64 Vlan-int13 20::1/64 Vlan-int12 30::2/64 PE 1 Loop0 1.1.1.9/32 PE 2 Loop0 2.2.2.9/32 Loop1 3::3/128 Loop1 5::5/128 Vlan-int11 100::2/64 Vlan-int11 120::2/64...
Page 322 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Configure basic MPLS and MPLS LDP on PE 2 to establish LDP LSPs. <PE2> system-view [PE2] interface loopback 0 [PE2-LoopBack0] ip address 2.2.2.9 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 2.2.2.9 [PE2] mpls ldp [PE2-ldp] quit [PE2] interface vlan-interface 12 [PE2-Vlan-interface12] ip address 10.1.1.2 24...
Page 323 [PE1-bgp-default-vpn1] address-family ipv6 unicast [PE1-bgp-default-ipv6-vpn1] import-route ospfv3 100 [PE1-bgp-default-ipv6-vpn1] import-route direct [PE1-bgp-default-ipv6-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Configure PE 2. [PE2] ip vpn-instance vpn1 [PE2-vpn-instance-vpn1] route-distinguisher 100:2 [PE2-vpn-instance-vpn1] vpn-target 1:1 [PE2-vpn-instance-vpn1] quit [PE2] interface vlan-interface 11 [PE2-Vlan-interface11] ip binding vpn-instance vpn1 [PE2-Vlan-interface11] ipv6 address 120::2 64 [PE2-Vlan-interface11] ospfv3 100 area 1 [PE2-Vlan-interface11] quit...
Page 324: Configuring Bgp As Number Substitution
[PE2-ospfv3-100] area 1 [PE2-ospfv3-100-area-0.0.0.1] sham-link 5::5 3::3 [PE2-ospfv3-100-area-0.0.0.1] quit [PE2-ospfv3-100] quit Verifying the configuration # Execute the display ipv6 routing-table vpn-instance command on the PEs to verify the following results (details not shown): • The path to the peer CE is now along the IPv6 BGP route across the backbone. •...
Page 325 Figure 82 Network diagram MPLS backbone AS 100 Loop0 Vlan-int12 Vlan-int11 Loop0 Loop0 Vlan-int12 Vlan-int11 Vlan-int12 Vlan-int11 PE 1 PE 2 CE 1 CE 2 Vlan-int11 Vlan-int12 VPN 1 VPN 1 AS 600 AS 600 Vlan-int12 Vlan-int13 Table 28 Interface and IP address assignment Device Interface IP address...
Page 326 Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 10:2::/96 Protocol : Direct NextHop : :: Preference: 0 Interface : Vlan-int12 Cost Destination: 10:2::2/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 200::/96 Protocol...
Page 327 Interface : Vlan-int12 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost # Enable BGP update packet debugging on PE 2. The output shows that PE 2 has advertised the route to 100::/96, and the AS_PATH is 100 600.
Page 328 Verifying the configuration # The output shows that among the routes advertised by PE 2 to CE 2, the AS_PATH of 100::/96 has changed from 100 600 to 100 100. *Jun 27 18:07:34:420 2013 PE2 BGP/7/DEBUG: -MDC=1; BGP_IPV6.vpn1: Send UPDATE to peer 10:2::2 for following destinations: Origin : Incomplete AS path...
Page 329: Configuring Bgp As Number Substitution And Soo Attribute
Interface : NULL0 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost # Verify that VLAN-interface 12 of CE 1 and VLAN-interface 13 of CE 2 can ping each other. (Details not shown.) Configuring BGP AS number substitution and SoO attribute Network requirements...
Page 330 Device Interface IP address Device Interface IP address Vlan-int4 40.1.1.1/24 Loop0 3.3.3.9/32 PE 3 Loop0 4.4.4.9/32 Vlan-int3 30.1.1.2/24 Vlan-int6 60.1.1.2/24 Vlan-int5 50.1.1.2/24 Vlan-int7 10:3::2/96 Vlan-int6 60.1.1.1/24 Configuration procedure Configure basic IPv6 MPLS L3VPN: Configure OSPF on the MPLS backbone to allow the PEs and P device to learn the routes ...
Page 331 [PE1] bgp 100 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] address-family ipv6 [PE1-bgp-default-ipv6-vpn1] peer 10:1::1 soo 1:100 # On PE 2, configure the SoO attribute as 1:100 for CE 2. [PE2] bgp 100 [PE2-bgp-default] ip vpn-instance vpn1 [PE2-bgp-default-vpn1] address-family ipv6 [PE2-bgp-default-ipv6-vpn1] peer 10:2::1 soo 1:100 Verifying the configuration # PE 2 does not advertise routes received from CE 1 to CE 2 because the same SoO attribute has been configured.
Page 332: Configuring Mpls L2Vpn
Configuring MPLS L2VPN MPLS L2VPN provides point-to-point and point-to-multipoint connections. This chapter describes only the MPLS L2VPN technologies that provide point-to-point connections. For information about the MPLS L2VPN technologies that provide point-to-multipoint connections, see "Configuring VPLS." Overview MPLS L2VPN is an implementation of Pseudo Wire Emulation Edge-to-Edge (PWE3). It offers Layer 2 VPN services over an MPLS or IP backbone.
Page 333: Remote Connection Model
For example, a VPN has 10 sites, and a PE assigns the first label block LB1/0/10 to the VPN. When another 15 sites are added, the PE keeps the first label block and assigns the second label block LB2/10/15 to extend the network. LB1 and LB2 are the initial label values that are randomly selected by the PE.
Page 334: Pw Types
PEs. The PW type specifies the encapsulation type for data transmitted over the PW, such as Ethernet or VLAN. PEs advertise the PW label and PW ID FEC in label mapping messages to create a PW. Dynamic PWs have simple configurations but consume more resources than static PWs.
Page 335 − If the packet contains a P-tag, the PE removes the P-tag, and adds a PW label and an outer tag into the packet before forwarding it. − If the packet contains no P-tag, the PE directly adds a PW label and an outer tag into the packet before forwarding it.
Page 336: Control Word
configure flexible match criteria for the Ethernet service instance. For example, configure the Ethernet service instance to match all packets, tagged packets, or untagged packets. The default PW type for flexible mode is VLAN. Flexible mode can also implement the port and VLAN modes through match criteria configuration.
Page 337: Multi-Segment Pw
Multi-segment PW A multi-segment PW includes multiple concatenated static or LDP PWs. Creating two PWs for a cross-connect on a PE can concatenate the two PWs. Upon receiving a packet from one PW, the PE removes the tunnel ID and PW label of the packet, adds the PW label of the other PW, and forwards the packet over the public tunnel.
Page 338: Vccv
Figure 88 Intra-domain multi-segment PW MPLS or IP backbone PW 1 CE 1 PE 1 PE 2 Tunnel PW 2 PE 3 PE 4 CE 2 Inter-domain multi-segment PW An inter-domain multi-segment PW has concatenated PWs in different ASs, and is a method for inter-AS option B networking.
Page 339: Restrictions And Guidelines For Mpls L2Vpn
Restrictions and guidelines for MPLS L2VPN Follow these restrictions and guidelines when you configure MPLS L2VPN: • On a PE, the interfaces connected to CEs do not support STP. Make sure the interfaces do not form loops. For more information about STP, see Layer 2—LAN Switching Configuration Guide. •...
Page 340: Enabling L2Vpn
Enabling L2VPN Before you enable L2VPN, perform the following tasks: • Configure an LSR ID for the PE with the mpls lsr-id command. • Enable MPLS with the mpls enable command on the core-facing interface of the PE. To enable L2VPN: Step Command Remarks...
Page 341: Configuring A Pw
Step Command Remarks (Optional.) Configure a By default, no description is description for the description text configured for the cross-connect cross-connect group. group. (Optional.) Enable the By default, the cross-connect undo shutdown cross-connect group. group is enabled. Create a cross-connect and By default, no cross-connects connection connection-name enter cross-connect view.
Page 342: Configuring An Ldp Pw
Configuring an LDP PW Before you configure an LDP PW, enable global and interface MPLS LDP on the PE. For information about MPLS LDP configuration, see "Configuring LDP." To configure an LDP PW: Step Command Remarks Enter system view. system-view Enter cross-connect group xconnect-group group-name view.
Page 343 Step Command Remarks (Optional.) Permit the local AS By default, the local AS number to appear in routes peer { group-name | ip-address number is not allowed in from the specified peer or peer [ mask-length ] } allow-as-loop routes from a peer or peer group and specify the [ number ] group.
Page 344: Configuring A Remote Ccc Connection
Step Command Remarks vpn-target vpn-target&<1-8> By default, no route targets are Configure route targets for [ both | export-extcommunity | configured for the cross-connect the cross-connect group. import-extcommunity ] group. (Optional.) Specify a PW By default, no PW class is class for the auto-discovery pw-class class-name specified.
Page 345: Binding An Ethernet Service Instance To A Cross-Connect
Step Command Remarks By default, no remote CCC connections exist. Use the out-interface keyword to specify the outgoing interface ccc in-label in-label-value out-label only on a point-to-point link. On out-label-value { nexthop nexthop | Create a remote CCC other types of interfaces such as out-interface interface-type connection.
Page 346: Configuring Pw Redundancy
Step Command Remarks Enter auto-discovery auto-discovery bgp cross-connect group view. site site-id [ range range-value ] Enter site view. [ default-offset default-offset-value ] Enter auto-discovery connection remote-site-id cross-connect view. remote-site-id ac interface interface-type interface-number Bind the Ethernet service By default, no Ethernet service service-instance instance-id instance on the interface to instance is bound to the BGP...
Page 347: Configuring Ldp Pw Redundancy
Configuring LDP PW redundancy Step Command Remarks Enter system view. system-view Enter cross-connect group xconnect-group group-name view. Enter cross-connect view. connection connection-name (Optional.) Specify the By default, the switchover mode is switchover mode and set the revertive { wtr wtr-time | never } revertive and the switchover wait wait time for the switchover.
Page 348: Mpls L2Vpn Configuration Examples
Task Command display l2vpn forwarding { ac | pw } [ xconnect-group (In IRF mode.) Display cross-connect group-name ] [ chassis chassis-number slot slot-number ] forwarding information. [ verbose ] display l2vpn pw [ xconnect-group group-name ] [ protocol { bgp Display L2VPN PW information.
Page 349 Figure 90 Network diagram MPLS or IP backbone Loop0 Loop0 Loop0 Vlan-int30 Vlan-int20 Vlan-int20 Vlan-int30 GE1/0/1 GE1/0/1 PE 1 PE 2 Vlan-int10 Vlan-int10 Site 1 Site 2 CE 1 CE 2 Table 31 Interface and IP address assignment Device Interface IP address Device Interface...
Page 350 [PE1-Vlan-interface20] quit # Configure OSPF for LDP to create LSPs. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Create VLAN 10 and assign GigabitEthernet 1/0/1 to the VLAN. [PE1] vlan 10 [PE1-vlan10] port gigabitethernet 1/0/1 [PE1-vlan10] quit # Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer...
Page 351 [P] interface vlan-interface 30 [P-Vlan-interface30] ip address 10.2.2.2 24 [P-Vlan-interface30] mpls enable [P-Vlan-interface30] mpls ldp enable [P-Vlan-interface30] quit # Configure OSPF for LDP to create LSPs. [P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 10.1.1.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 10.2.2.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit Configure PE 2:...
Page 352: Configuring An Ldp Pw
[PE2-GigabitEthernet1/0/1-srv10] quit [PE2-GigabitEthernet1/0/1] quit # Create a cross-connect group named vpna, create a cross-connect named svc in the group, and bind Ethernet service instance 10 on GigabitEthernet 1/0/1 to the cross-connect. [PE2] xconnect-group vpna [PE2-xcg-vpna] connection svc [PE2-xcg-vpna-svc] ac interface gigabitethernet 1/0/1 service-instance 10 # Create a static PW for the cross-connect to bind the AC to the PW.
Page 353 Figure 91 Network diagram MPLS or IP backbone Loop0 Loop0 Loop0 Vlan-int26 Vlan-int23 Vlan-int23 Vlan-int26 GE1/0/1 GE1/0/1 PE 1 PE 2 Vlan-int10 Vlan-int10 Site 1 Site 2 CE 2 CE 1 Table 32 Interface and IP address assignment Device Interface IP address Device Interface...
Page 354 [PE1-Vlan-interface23] quit # Configure OSPF for LDP to create LSPs. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 23.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 (the interface connected to CE 1).
Page 355 [P-Vlan-interface26] quit # Configure OSPF for LDP to create LSPs. [P] ospf [P-ospf-1] area 0 [P-ospf-1-area-0.0.0.0] network 23.1.1.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 26.2.2.2 0.0.0.255 [P-ospf-1-area-0.0.0.0] network 192.4.4.4 0.0.0.0 [P-ospf-1-area-0.0.0.0] quit [P-ospf-1] quit Configure PE 2: # Configure an LSR ID. <PE2> system-view [PE2] interface loopback 0 [PE2-LoopBack0] ip address 192.3.3.3 32 [PE2-LoopBack0] quit...
Page 356: Configuring A Bgp Pw
[PE2-xcg-vpn1-ldp] peer 192.2.2.2 pw-id 1000 [PE2-xcg-vpn1-ldp-192.2.2.2-1000] quit [PE2-xcg-vpn1-ldp] quit [PE2-xcg-vpn1] quit Configure CE 2. <CE2> system-view [CE2] interface vlan-interface 10 [CE2-Vlan-interface10] ip address 100.1.1.2 24 [CE2-Vlan-interface10] quit Verifying the configuration # Verify that an LDP PW has been established on PE 1. [PE1] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 1...
Page 357 Figure 92 Network diagram MPLS or IP backbone Loop0 Loop0 Loop0 Vlan-int30 Vlan-int20 Vlan-int20 Vlan-int30 GE1/0/1 GE1/0/1 PE 1 PE 2 Vlan-int10 Vlan-int10 Site 1 Site 2 CE 1 CE 2 Table 33 Interface and IP address assignment Device Interface IP address Device Interface...
Page 358 [PE1-Vlan-interface20] quit # Enable OSPF for LSP establishment. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 10.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Create an IBGP connection to PE 2, and enable BGP to advertise L2VPN information to PE 2. [PE1] bgp 100 [PE1-bgp-default] peer 192.3.3.3 as-number 100 [PE1-bgp-default] peer 192.3.3.3 connect-interface loopback 0...
Page 359 [P-ldp] quit # Configure VLAN-interface 20 (the interface connected to PE 1), and enable LDP on the interface. [P] interface vlan-interface 20 [P-Vlan-interface20] ip address 10.1.1.2 24 [P-Vlan-interface20] mpls enable [P-Vlan-interface20] mpls ldp enable [P-Vlan-interface20] quit # Configure VLAN-interface 30 (the interface connected to PE 2), and enable LDP on the interface.
Page 360 [PE2-ospf-1] quit # Create an IBGP connection to PE 1, and enable BGP to advertise L2VPN information to PE 1. [PE2] bgp 100 [PE2-bgp-default] peer 192.2.2.2 as-number 100 [PE2-bgp-default] peer 192.2.2.2 connect-interface loopback 0 [PE2-bgp-default] address-family l2vpn [PE2-bgp-default-l2vpn] peer 192.2.2.2 enable [PE2-bgp-default-l2vpn] quit [PE2-bgp-default] quit # Create VLAN 10 and assign GigabitEthernet 1/0/1 to the VLAN.
Page 361: Configuring A Remote Ccc Connection
# Verify that a BGP PW has been established on PE 2. <PE2> display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 1 1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: vpnb Peer...
Page 362 [CE1-Vlan-interface10] quit Configure PE 1: # Configure an LSR ID. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 192.2.2.2 32 [PE1-LoopBack0] quit [PE1] mpls lsr-id 192.2.2.2 # Enable L2VPN. [PE1] l2vpn enable # Configure VLAN-interface 20 (the interface connected to the P device), and enable MPLS on the interface.
Page 363 [P-Vlan-interface20] quit # Configure VLAN-interface 30 (the interface connected to PE 2), and enable MPLS on the interface. [P] interface vlan-interface 30 [P-Vlan-interface30] ip address 10.2.2.2 24 [P-Vlan-interface30] mpls enable [P-Vlan-interface30] quit # Configure a static LSP to forward packets from PE 1 to PE 2. [P] static-lsp transit pe1-pe2 in-label 201 nexthop 10.2.2.1 out-label 202 # Configure a static LSP to forward packets from PE 2 to PE 1.
Page 364: Configuring Ldp Pw Redundancy
[CE2] interface vlan-interface 10 [CE2-Vlan-interface10] ip address 100.1.1.2 24 [CE2-Vlan-interface10] quit Verifying the configuration # Verify that a remote CCC connection (identified by PW ID/Rmt Site "-" and Proto Static) has been established on PE 1. [PE1] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 1 1 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate...
Page 365 Figure 94 Network diagram Loop0 Loop0 Vlan-int10 Vlan-int12 GE1/0/1 Site 1 Site 2 Vlan-int12 GE1/0/1 Vlan-int10 Vlan-int13 CE 1 PE 1 PE 2 CE 2 Loop0 MPLS or IP backbone Vlan-int13 GE1/0/1 PE 3 Table 35 Interface and IP address assignment Device Interface IP address...
Page 366 # Configure VLAN interface 12 (the interface connected to PE 2) and VLAN interface 13 (the interface connected to PE 3), and enable LDP for the interfaces. [PE1] interface vlan-interface 12 [PE1-Vlan-interface12] ip address 12.1.1.1 24 [PE1-Vlan-interface12] mpls enable [PE1-Vlan-interface12] mpls ldp enable [PE1-Vlan-interface12] quit [PE1] interface vlan-interface 13 [PE1-Vlan-interface13] ip address 13.1.1.1 24...
Page 367 [PE2] interface loopback 0 [PE2-LoopBack0] ip address 2.2.2.2 32 [PE2-LoopBack0] quit [PE2] mpls lsr-id 2.2.2.2 # Enable global MPLS LDP. [PE2] mpls ldp [PE2-ldp] quit # Configure VLAN interface 12 (the interface connected to PE 1), and enable LDP on it. [PE2] interface vlan-interface 12 [PE2-Vlan-interface12] ip address 12.1.1.2 24 [PE2-Vlan-interface12] mpls enable...
Page 368 # Enable global MPLS LDP. [PE3] mpls ldp [PE3-ldp] quit # Configure VLAN interface 13 (the interface connected to PE 1), and enable LDP on it. [PE3] interface vlan-interface 13 [PE3-Vlan-interface13] ip address 13.1.1.3 24 [PE3-Vlan-interface13] mpls enable [PE3-Vlan-interface13] mpls ldp enable [PE3-Vlan-interface13] quit # Configure OSPF on PE 3 for LDP to create LSPs.
Page 369 Xconnect-group Name: vpna Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State 2.2.2.2 1151/1279 3.3.3.3 1150/1279 Blocked # Display detailed information about the primary and backup PWs on PE 1. <PE1> display l2vpn pw verbose Xconnect-group Name: vpna Connection Name: ldp Peer: 2.2.2.2 PW ID: 20...
Page 370: Configuring An Intra-Domain Multi-Segment Pw
# Verify that CE 1 and CE 2 can ping each other. (Details not shown.) # Manually switch to the backup PW on PE 1. <PE1> l2vpn switchover peer 2.2.2.2 pw-id 20 # Verify that the PW switchover is successful on PE 1. <PE1>...
Page 371 Configuration procedure Configure VLANs and add ports to VLANs on each switch. (Details not shown.) Configure CE 1. <CE1> system-view [CE1] interface vlan-interface 10 [CE1-Vlan-interface10] ip address 100.1.1.1 24 [CE1-Vlan-interface10] quit Configure PE 1: # Configure an LSR ID. <PE1> system-view [PE1] interface loopback 0 [PE1-LoopBack0] ip address 192.2.2.2 32 [PE1-LoopBack0] quit...
Page 372 # Enable LDP globally. [P] mpls ldp [P-ldp] quit # Configure MPLS TE to establish an MPLS TE tunnel between PE 1 and P, and between P and PE 2. For more information, see "Configuring MPLS TE." # Create a cross-connect group named vpn1, create a cross-connect named ldpsvc in the group, and create an LDP PW and a static PW for the cross-connect to form a multi-segment [P] xconnect-group vpn1 [P-xcg-vpn1] connection ldpsvc...
Page 373: Configuring An Inter-Domain Multi-Segment Pw
[CE2-Vlan-interface10] quit Verifying the configuration # Verify that two PWs have been created to form a multi-segment PW on the P device. [P] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 2 2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: vpn1...
Page 374 Figure 96 Network diagram Loop0 Loop0 MPLS or IP MPLS or IP backbone backbone Vlan-int26 Vlan-int26 Vlan-int23 Vlan-int22 AS 100 AS 200 ASBR 1 ASBR 2 PE 1 PE 2 Vlan-int23 Vlan-int22 Loop0 Loop0 GE1/0/1 GE1/0/1 Vlan-int10 Vlan-int10 Site 1 Site 2 CE 1 CE 2...
Page 375 [PE1-Vlan-interface23] mpls enable [PE1-Vlan-interface23] mpls ldp enable [PE1-Vlan-interface23] quit # Configure OSPF for LDP to create LSPs. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 23.1.1.1 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 192.1.1.1 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 (the interface connected to CE 1).
Page 376 [ASBR1] interface vlan-interface 26 [ASBR1-Vlan-interface26] ip address 26.2.2.2 24 [ASBR1-Vlan-interface26] mpls enable [ASBR1-Vlan-interface26] quit # Configure OSPF for LDP to create LSPs. [ASBR1] ospf [ASBR1-ospf-1] area 0 [ASBR1-ospf-1-area-0.0.0.0] network 23.1.1.2 0.0.0.255 [ASBR1-ospf-1-area-0.0.0.0] network 192.2.2.2 0.0.0.0 [ASBR1-ospf-1-area-0.0.0.0] quit [ASBR1-ospf-1] quit # Configure BGP to advertise labeled routes on ASBR1. [ASBR1] bgp 100 [ASBR1-bgp-default] peer 26.2.2.3 as-number 200 [ASBR1-bgp-default] address-family ipv4 unicast...
Page 377 [ASBR2] interface vlan-interface 22 [ASBR2-Vlan-interface22] ip address 22.2.2.3 24 [ASBR2-Vlan-interface22] mpls enable [ASBR2-Vlan-interface22] mpls ldp enable [ASBR2-Vlan-interface22] quit # Configure VLAN-interface 26 (the interface connected to ASBR 1), and enable MPLS on the interface. [ASBR2] interface vlan-interface 26 [ASBR2-Vlan-interface26] ip address 26.2.2.3 24 [ASBR2-Vlan-interface26] mpls enable [ASBR2-Vlan-interface26] quit # Configure OSPF for LDP to create LSPs.
Page 378 # Enable L2VPN. [PE2] l2vpn enable # Enable global LDP. [PE2] mpls ldp [PE2-ldp] quit # Configure VLAN-interface 22 (the interface connected to ASBR 1), and enable LDP on the interface. [PE2] interface vlan-interface 22 [PE2-Vlan-interface22] ip address 22.2.2.1 24 [PE2-Vlan-interface22] mpls enable [PE2-Vlan-interface22] mpls ldp enable [PE2-Vlan-interface22] quit...
Page 379 Xconnect-group Name: vpn1 Peer PW ID/Rmt Site In/Out Label Proto Flag Link ID State 192.2.2.2 1000 1151/1279 # Verify that two PWs have been created to form a multi-segment PW on ASBR 1. [ASBR1] display l2vpn pw Flags: M - main, B - backup, BY - bypass, H - hub link, S - spoke link, N - no split horizon Total number of PWs: 2 2 up, 0 blocked, 0 down, 0 defect, 0 idle, 0 duplicate Xconnect-group Name: vpn1...
Page 380: Configuring Vpls
Configuring VPLS Overview Virtual Private LAN Service (VPLS) delivers a point-to-multipoint L2VPN service over an MPLS or IP backbone. The provider backbone emulates a switch to connect all geographically dispersed sites of each customer network. The backbone is transparent to the customer sites. The sites can communicate with each other as if they were on the same LAN.
Page 381: Vpls Implementation
to create a single Layer 2 VPN, which is referred to as a VPLS instance. Sites in different VPLS instances cannot communicate with each other at Layer 2. • VSI—A virtual switch instance provides Layer 2 switching services for a VPLS instance on a PE. A VSI acts as a virtual switch that has all the functions of a conventional Ethernet switch, including source MAC address learning, MAC address aging, and flooding.
Page 382 Figure 98 Source MAC address learning on a PE PE 1 Port ARP broadcast VPN 1 Vlan 10, port 1 ARP response VPN 1 PW 1 MPLS or IP PE 1 PE 3 backbone PW 3 VLAN 10 VLAN 10 Port 1 Port 1 MAC A IP 1.1.1.2...
Page 383: H-Vpls
PW full mesh and split horizon A Layer 2 network requires a loop prevention protocol such as STP to avoid loops. However, a loop prevention protocol on PEs brings management and maintenance difficulties. Therefore, VPLS uses the following methods to prevent loops: •...
Page 384 Figure 100 H-VPLS using Ethernet access Backbone NPE 2 domain CE 1 N-PW N-PW Edge domain (Ethernet) CE 3 QinQ N-PW NPE 1 NPE 3 CE 2 As shown in Figure 100, the edge domain is an Ethernet network. The UPE and NPE 1 establish a point-to-point Ethernet QinQ connection in between.
Page 385: Restrictions And Guidelines For Vpls
• A primary and backup U-PW switchover is triggered by a command. Restrictions and guidelines for VPLS Follow these guidelines when you configure VPLS: • On a PE, the customer-facing interfaces do not support STP. Make sure the interfaces do not form loops.
Page 386: Enabling L2Vpn
Enabling L2VPN Before you enable L2VPN, perform the following tasks: • Configure an LSR ID for the PE with the mpls lsr-id command. • Enable MPLS with the mpls enable command on the backbone interface of the PE. To enable L2VPN: Step Command Remarks...
Page 387: Configuring A Vsi
Configuring a VSI Step Command Remarks Enter system view. system-view Create a VSI and enter VSI vsi vsi-name By default, no VSIs exist. view. (Optional.) Configure a By default, no description is description text description for the VSI. configured for a VSI. (Optional.) Set the default By default, no default PW ID is default-pw-id default-pw-id...
Page 388: Configuring An Ldp Pw
Step Command Remarks By default, no static PWs exist. If both the default PW ID in the default-pw-id command and a PW ID in the peer command are configured, peer ip-address [ pw-id pw-id ] the PW ID in the peer command is in-label label-value out-label used.
Page 389 Configuring BGP to advertise VPLS label block information Step Command Remarks Enter system view. system-view bgp as-number [ instance Enable BGP instance and instance-name ] By default, BGP is disabled. enter BGP instance view. [ multi-session-thread ] peer { group-name | ip-address Configure the remote PE as [ mask-length ] } as-number By default, no BGP peers exist.
Page 390: Configuring A Bgp Auto-Discovery Ldp Pw
For more information about the peer as-number, peer enable, peer allow-as-loop, peer reflect-client, reflect between-clients, reflector cluster-id, refresh bgp l2vpn, and reset bgp l2vpn commands, see Layer 3—IP Routing Command Reference. Creating a BGP PW Step Command Remarks Enter system view. system-view Enter VSI view.
Page 391 Step Command Remarks Create the BGP L2VPN address family and enter By default, no BGP L2VPN address-family l2vpn BGP L2VPN address family address family exists. view. Enable BGP to exchange By default, BGP cannot exchange VPLS PE information with peer { group-name | ip-address VPLS PE information with a peer the specified peer or peer [ mask-length ] } enable...
Page 392: Binding An Ethernet Service Instance To A Vsi
Creating a BGP auto-discovery LDP PW Step Command Remarks Enter system view. system-view Enter VSI view. vsi vsi-name Configure the VSI to automatically discover By default, a VSI does not neighbors through BGP and auto-discovery bgp automatically discover neighbors enter auto-discovery VSI through BGP.
Page 393: Configuring Upe Dual Homing
Step Command Remarks • Enter Layer 2 Ethernet interface view: interface interface-type Enter Layer 2 Ethernet interface-number interface view or Layer 2 • Enter Layer 2 aggregate aggregate interface view. interface view: interface bridge-aggregation interface-number Create an Ethernet service By default, no Ethernet instance and enter Ethernet service-instance instance-id service instances exist.
Page 394: Configuring Ldp Pw Redundancy
Step Command Remarks By default, no backup static PW exists. If both the default PW ID in the default-pw-id command and a backup-peer ip-address [ pw-id PW ID in the backup-peer Configure a backup static PW pw-id ] in-label label-value command are configured, the PW and enter VSI static backup out-label label-value [ pw-class...
Page 395: Configuring Mac Address Learning
Configuring MAC address learning Step Command Remarks Enter system view. system-view Enter VSI view. vsi vsi-name Enable MAC address learning By default, MAC address learning mac-learning enable for the VSI. is enabled for a VSI. Enabling SNMP notifications for L2VPN PW This feature enables L2VPN to generate SNMP notifications when PW deletions, PW switchovers, or PW status changes occur.
Page 396: Vpls Configuration Examples
Task Command display l2vpn bgp [ instance instance-name ] [ peer Display VPLS label block information. ip-address | local ] [ vsi vsi-name ] [ verbose ] display bgp [ instance instance-name ] group l2vpn Display BGP L2VPN peer group information. [ group-name group-name ] display bgp [ instance instance-name ] l2vpn auto-discovery [ peer ip-address { advertised | received }...
Page 397 Figure 102 Network diagram Loop0 3.3.3.9/32 VPN 1 GE1/0/1 CE 3 Vlan-int30 Vlan-int40 30.1.1.3/24 40.1.1.3/24 PE 3 PE 1 PE 2 Vlan-int30 Vlan-int40 30.1.1.1/24 40.1.1.2/24 GE1/0/1 Vlan-int20 Vlan-int20 GE1/0/1 20.1.1.1/24 20.1.1.2/24 Loop0 Loop0 2.2.2.9/32 1.1.1.9/32 VPN 1 VPN 1 CE 1 CE 2 Configuration procedure Before configuration, disable the spanning tree feature globally or map each VLAN to an MSTI.
Page 398 [PE1-Vlan-interface30] mpls ldp enable [PE1-Vlan-interface30] quit # Configure OSPF for LDP to create LSPs. [PE1] ospf [PE1-ospf-1] area 0 [PE1-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [PE1-ospf-1-area-0.0.0.0] network 1.1.1.9 0.0.0.0 [PE1-ospf-1-area-0.0.0.0] quit [PE1-ospf-1] quit # Create a VSI, specify the peer PEs, and establish static PWs to the peer PEs. [PE1] vsi svc [PE1-vsi-svc] pwsignaling static [PE1-vsi-svc-static] peer 2.2.2.9 pw-id 3 in-label 100 out-label 100...
Page 399 [PE2-Vlan-interface40] mpls enable [PE2-Vlan-interface40] mpls ldp enable [PE2-Vlan-interface40] quit # Configure OSPF for LDP to create LSPs. [PE2] ospf [PE2-ospf-1] area 0 [PE2-ospf-1-area-0.0.0.0] network 20.1.1.0 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] network 40.1.1.0 0.0.0.255 [PE2-ospf-1-area-0.0.0.0] network 2.2.2.9 0.0.0.0 [PE2-ospf-1-area-0.0.0.0] quit [PE2-ospf-1] quit # Create a VSI, specify the peer PEs, and establish static PWs to the peer PEs. [PE2] vsi svc [PE2-vsi-svc] pwsignaling static [PE2-vsi-svc-static] peer 1.1.1.9 pw-id 3 in-label 100 out-label 100...
Page 400 [PE3-Vlan-interface40] ip address 40.1.1.3 24 [PE3-Vlan-interface40] mpls enable [PE3-Vlan-interface40] mpls ldp enable [PE3-Vlan-interface40] quit # Configure OSPF for LDP to create LSPs. [PE3] ospf [PE3-ospf-1] area 0 [PE3-ospf-1-area-0.0.0.0] network 30.1.1.0 0.0.0.255 [PE3-ospf-1-area-0.0.0.0] network 40.1.1.0 0.0.0.255 [PE3-ospf-1-area-0.0.0.0] network 3.3.3.9 0.0.0.0 [PE3-ospf-1-area-0.0.0.0] quit [PE3-ospf-1] quit # Create a VSI, specify the peer PEs, and establish static PWs to the peer PEs.
Page 401: Ldp Pw Configuration Example
VCCV BFD Tunnel Group ID : 0x260000002 Tunnel NHLFE IDs : 1028 LDP PW configuration example Network requirements Configure a VSI on each PE, and establish LDP PWs between the PEs to interconnect the CEs. Configure an Ethernet service instance on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 100 on each PE.
Page 402 [PE1-vsi-aaa-ldp-2.2.2.9-500] quit [PE1-vsi-aaa-ldp] peer 3.3.3.9 pw-id 500 [PE1-vsi-aaa-ldp-3.3.3.9-500] quit [PE1-vsi-aaa-ldp] quit [PE1-vsi-aaa] quit # Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 100, and bind the Ethernet service instance to VSI aaa. [PE1] interface gigabitethernet 1/0/1 [PE1-GigabitEthernet1/0/1] service-instance 10 [PE1-GigabitEthernet1/0/1-srv10] encapsulation s-vid 100...
Page 403: Bgp Pw Configuration Example
[PE3] l2vpn enable # Configure VSI aaa that uses LDP as the PW signaling protocol, and establish PWs to PE 1 and PE 2. [PE3] vsi aaa [PE3-vsi-aaa] pwsignaling ldp [PE3-vsi-aaa-ldp] peer 1.1.1.9 pw-id 500 [PE3-vsi-aaa-ldp-1.1.1.9-500] quit [PE3-vsi-aaa-ldp] peer 2.2.2.9 pw-id 500 [PE3-vsi-aaa-ldp-2.2.2.9-500] quit [PE3-vsi-aaa-ldp] quit [PE3-vsi-aaa] quit...
Page 404 Configure an Ethernet service instance on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 100 on each PE. Bind the Ethernet service instance to the VSI to forward the matching packets through the VSI. Figure 104 Network diagram Loop0 3.3.3.9/32 VPN 1...
Page 405 [PE1-vsi-aaa] auto-discovery bgp [PE1-vsi-aaa-auto] route-distinguisher 1:1 [PE1-vsi-aaa-auto] vpn-target 1:1 [PE1-vsi-aaa-auto] signaling-protocol bgp [PE1-vsi-aaa-auto-bgp] site 1 range 10 default-offset 0 [PE1-vsi-aaa-auto-bgp] quit [PE1-vsi-aaa-auto] quit [PE1-vsi-aaa] quit # Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 100, and bind the Ethernet service instance to VSI aaa.
Page 406 # Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 100, and bind the Ethernet service instance to VSI aaa. [PE2] interface gigabitethernet 1/0/1 [PE2-GigabitEthernet1/0/1] service-instance 10 [PE2-GigabitEthernet1/0/1-srv10] encapsulation s-vid 100 [PE2-GigabitEthernet1/0/1-srv10] xconnect vsi aaa Configure PE 3: # Configure basic MPLS.
Page 407 VSI Name: aaa Peer: 2.2.2.9 Remote Site: 2 Signaling Protocol : BGP Link ID PW State : Up In Label : 1295 Out Label: 1025 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x800000160000001 Tunnel NHLFE IDs : 1027 Peer: 3.3.3.9...
Page 408: Bgp Auto-Discovery Ldp Pw Configuration Example
Local Label Block : 1293/10/0 Remote Label Block : 1024/10/0 Export Route Target: 1:1 BGP auto-discovery LDP PW configuration example Network requirements Configure a VSI on each PE. Use BGP to discover remote PEs and use LDP to create PWs among PEs so CEs in different sites of VPN 1 can communicate with each other.
Page 409 [PE1-bgp-default] peer 3.3.3.9 connect-interface loopback 0 [PE1-bgp-default] address-family l2vpn [PE1-bgp-default-l2vpn] peer 2.2.2.9 enable [PE1-bgp-default-l2vpn] peer 3.3.3.9 enable [PE1-bgp-default-l2vpn] quit [PE1-bgp-default] quit # Enable L2VPN. [PE1] l2vpn enable # Configure VSI aaa to use BGP to discover remote PEs and use LDP to establish LDP PWs to PE 2 and PE 3.
Page 410 # Configure VSI aaa to use BGP to discover remote PEs and use LDP to establish LDP PWs to PE 1 and PE 3. [PE2] vsi aaa [PE2-vsi-aaa] auto-discovery bgp [PE2-vsi-aaa-auto] route-distinguisher 1:1 [PE2-vsi-aaa-auto] vpn-target 1:1 [PE2-vsi-aaa-auto] signaling-protocol ldp [PE2-vsi-aaa-auto-ldp] vpls-id 100:100 [PE2-vsi-aaa-auto-ldp] quit [PE2-vsi-aaa-auto] quit [PE2-vsi-aaa] quit...
Page 411 [PE3-vsi-aaa-auto] quit [PE3-vsi-aaa] quit # Create Ethernet service instance 10 on GigabitEthernet 1/0/1 to match packets with an outer VLAN ID of 100, and bind the Ethernet service instance to VSI aaa. [PE3] interface gigabitethernet 1/0/1 [PE3-GigabitEthernet1/0/1] service-instance 10 [PE3-GigabitEthernet1/0/1-srv10] encapsulation s-vid 100 [PE3-GigabitEthernet1/0/1-srv10] xconnect vsi aaa Verifying the configuration # Verify that two PWs have been established on PE 1.
Page 412: H-Vpls Using Mpls Access Configuration Example
PW Status : PW forwarding/PW forwarding Peer: 3.3.3.9 VPLS ID: 100:100 VSI Name: aaa PW State: Up PW Status Communication: Notification method PW ID FEC (Local/Remote): Local AII : (1.1.1.9, 3.3.3.9) Remote AII : (3.3.3.9, 1.1.1.9) PW Type : VLAN/VLAN Group ID : 0/0 Label...
Page 413 [UPE-LoopBack0] ip address 1.1.1.9 32 [UPE-LoopBack0] quit [UPE] mpls lsr-id 1.1.1.9 [UPE] mpls ldp [UPE-ldp] quit # Enable L2VPN. [UPE] l2vpn enable # Configure VSI aaa to use LDP to establish a U-PW to NPE 1. [UPE] vsi aaa [UPE-vsi-aaa] pwsignaling ldp [UPE-vsi-aaa-ldp] peer 2.2.2.9 pw-id 500 [UPE-vsi-aaa-ldp-2.2.2.9-500] quit [UPE-vsi-aaa-ldp] quit...
Page 414 [NPE2-LoopBack0] quit [NPE2] mpls lsr-id 3.3.3.9 [NPE2] mpls ldp [NPE2–ldp] quit # Enable L2VPN. [NPE2] l2vpn enable # Configure VSI aaa that uses LDP as the PW signaling protocol, and establish N-PWs to NPE 1 and NPE 3. [NPE2] vsi aaa [NPE2-vsi-aaa] pwsignal ldp [NPE2-vsi-aaa-ldp] peer 2.2.2.9 pw-id 500 [NPE2-vsi-aaa-ldp-2.2.2.9-500] quit...
Page 415 [NPE3-GigabitEthernet1/0/1] service-instance 10 [NPE3-GigabitEthernet1/0/1-srv10] encapsulation s-vid 100 [NPE3-GigabitEthernet1/0/1-srv10] xconnect vsi aaa [NPE3-GigabitEthernet1/0/1-srv10] quit [NPE3-GigabitEthernet1/0/1] quit Verifying the configuration # Verify that PWs in up state have been established on each PE. [UPE] display l2vpn pw verbose VSI Name: aaa Peer: 2.2.2.9 PW ID: 500 Signaling Protocol : LDP...
Page 416 VCCV BFD Tunnel Group ID : 0x570000001 Tunnel NHLFE IDs : 1032 [NPE2] display l2vpn pw verbose VSI Name: aaa Peer: 2.2.2.9 PW ID: 500 Signaling Protocol : LDP Link ID PW State : Up In Label : 1275 Out Label: 1276 : 1500 PW Attributes : Main...
Page 417: Ethernet Service Instance And Vsi Binding Configuration Example
Ethernet service instance and VSI binding configuration example Network requirements As shown in Figure 107, CE 1, CE 2, and CE 3 access PE 1, PE 2, and PE 3 in VLAN mode. Configure a VSI on each PE, and establish LDP PWs between the PEs to interconnect the CEs. Configure an Ethernet service instance on GigabitEthernet 1/0/1 of each PE to match packets with VLAN ID 100.
Page 418 [PE1-vsi-aaa-ldp] peer 2.2.2.9 pw-id 500 [PE1-vsi-aaa-ldp-2.2.2.9-500] quit [PE1-vsi-aaa-ldp] quit [PE1-vsi-aaa] quit # Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 (the interface connected to CE 1), and bind the Ethernet service instance to VSI aaa. [PE1] interface gigabitethernet 1/0/1 [PE1-GigabitEthernet1/0/1] service-instance 1000 [PE1-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 100 [PE1-GigabitEthernet1/0/1-srv1000] xconnect vsi aaa [PE1-GigabitEthernet1/0/1-srv1000] quit...
Page 419 [PE3] mpls ldp [PE3-ldp] quit # Enable L2VPN. [PE3] l2vpn enable # Configure VSI aaa that uses LDP as the PW signaling protocol, and establish PWs to PE 1 and PE 2. [PE3] vsi aaa [PE3-vsi-aaa] pwsignal ldp [PE3-vsi-aaa-ldp] peer 1.1.1.9 pw-id 500 [PE3-vsi-aaa-ldp-1.1.1.9-500] quit [PE3-vsi-aaa-ldp] peer 2.2.2.9 pw-id 500 [PE3-vsi-aaa-ldp-2.2.2.9-500] quit...
Page 420 Peer: 1.1.1.9 PW ID: 500 Signaling Protocol : LDP Link ID PW State : Up In Label : 1274 Out Label: 1274 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x760000000 Tunnel NHLFE IDs : 1033 Peer: 3.3.3.9 PW ID: 500...
Page 421: H-Vpls Upe Dual Homing Configuration Example
H-VPLS UPE dual homing configuration example Network requirements To improve reliability of the H-VPLS network, the UPE establishes a U-PW with NPE 1 and NPE 2. The U-PW between UPE and NPE 1 is the primary PW and that between UPE and NPE 2 is the backup PW.
Page 422 [UPE-vsi-aaa-ldp-3.3.3.3-500-backup] quit [UPE-vsi-aaa-ldp-2.2.2.2-500] quit [UPE-vsi-aaa-ldp] quit [UPE-vsi-aaa] quit # Create Ethernet service instance 1000 on GigabitEthernet 1/0/1 (the interface connected to CE 1), and bind the Ethernet service instance to VSI aaa. [UPE] interface gigabitethernet 1/0/1 [UPE-GigabitEthernet1/0/1] service-instance 1000 [UPE-GigabitEthernet1/0/1-srv1000] encapsulation s-vid 10 [UPE-GigabitEthernet1/0/1-srv1000] xconnect vsi aaa [UPE-GigabitEthernet1/0/1-srv1000] quit # Create Ethernet service instance 1000 on GigabitEthernet 1/0/2 (the interface connected to...
Page 423 [NPE2] mpls ldp [NPE2–ldp] quit # Enable L2VPN. [NPE2] l2vpn enable # Configure VSI aaa that uses LDP as the PW signaling protocol, and establish PWs to UPE, NPE 1, and NPE 3. [NPE2] vsi aaa [NPE2-vsi-aaa] pwsignaling ldp [NPE2-vsi-aaa-ldp] peer 1.1.1.1 pw-id 500 no-split-horizon [NPE2-vsi-aaa-ldp-1.1.1.1-500] quit [NPE2-vsi-aaa-ldp] peer 2.2.2.2 pw-id 500 [NPE2-vsi-aaa-ldp-2.2.2.2-500] quit...
Page 424 Peer: 2.2.2.2 PW ID: 500 Signaling Protocol : LDP Link ID PW State : Up In Label : 1151 Out Label: 1279 Wait to Restore Time: 0 sec : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x260000002 Tunnel NHLFE IDs : 1027...
Page 425 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x160000001 Tunnel NHLFE IDs : 1028 [NPE2] display l2vpn pw verbose VSI Name: aaa Peer: 1.1.1.1 PW ID: 500 Signaling Protocol : LDP Link ID PW State : Up In Label : 1279 Out Label: 1150...
Page 426 Tunnel NHLFE IDs : 1026 Peer: 3.3.3.3 PW ID: 500 Signaling Protocol : LDP Link ID PW State : Up In Label : 1278 Out Label: 1278 : 1500 PW Attributes : Main VCCV CC VCCV BFD Tunnel Group ID : 0x160000001 Tunnel NHLFE IDs : 1027...
Page 427: Configuring Mpls Oam
Configuring MPLS OAM Overview MPLS Operation, Administration, and Maintenance (OAM) provides the on-demand tools for the following purposes: • MPLS data plane connectivity verification. • Data plane and control plane consistency verification. • Fault locating. The on-demand tools must be triggered manually, such as MPLS ping and MPLS tracert. You can use the on-demand tools to detect and locate faults of MPLS tunnels.
Page 428: Configuring Mpls Ping For Lsps
Configuring MPLS ping for LSPs Perform the following task in any view: Task Command ping mpls [ -a source-ip | -c count | -exp exp-value | -h ttl-value | -m wait-time | -r reply-mode | -rtos tos-value | -s Use MPLS ping to verify MPLS LSP packet-size | -t time-out | -v ] * ipv4 ipv4-address connectivity for an IPv4 prefix.
Page 429 connectivity detection. The packets used to verify PW connectivity are collectively referred to as VCCV packets. A PE transfers VCCV packets through an MPLS router alert label type control channel (CC) to test PW connectivity. The MPLS router alert label type CC identifies a VCCV packet by adding an MPLS router alert label before the PW label.
Page 430: Configuring Mce
Configuring MCE This chapter describes MCE configuration. MPLS L3VPN overview MPLS L3VPN is a L3VPN technology used to interconnect geographically dispersed VPN sites. MPLS L3VPN uses BGP to advertise VPN routes and uses MPLS to forward VPN packets over a service provider backbone.
Page 431 • The classification of a site depends on the topology relationship of the devices, rather than the geographical positions. However, the devices at a site are, in most cases, adjacent to each other geographically. • The devices at a site can belong to multiple VPNs, which means that a site can belong to multiple VPNs.
Page 432: Mce Overview
• When the Type field is 2, the Administrator subfield occupies four bytes, the Assigned number subfield occupies two bytes, and the RD format is 32-bit AS number:16-bit user-defined number, where the minimum value of the AS number is 65536. For example, 65536:1. To guarantee global uniqueness for a VPN-IPv4 address, do not set the Administrator subfield to any private AS number or private IP address.
Page 433: Mce Configuration Task List
Figure 111 Network diagram for the MCE feature VPN 1 VPN 2 Site 1 Site 1 PE 2 GE1/0/3.1 GE1/0/1.1 GE1/0/1 GE1/0/3 GE1/0/1 GE1/0/2 GE1/0/3.2 GE1/0/1.2 PE 1 PE 3 VPN 2 Site 2 VPN 1 Site 2 You can configure static routes, RIP, OSPF, IS-IS, EBGP, or IBGP between an MCE and a VPN site and between an MCE and a PE.
Page 434: Creating A Vpn Instance
Creating a VPN instance A VPN instance is a collection of the VPN membership and routing rules of its associated site. A VPN instance might correspond to more than one VPN. To create and configure a VPN instance: Step Command Remarks Enter system view.
Page 435: Configuring Routing On An Mce
Step Command Remarks • Enter VPN instance view: Configurations made in VPN ip vpn-instance instance view apply to both IPv4 vpn-instance-name VPN and IPv6 VPN. Enter VPN instance • Enter VPN instance IPv4 VPN IPv4 VPN prefers the view or VPN instance view: configurations in VPN instance IPv4 VPN view...
Page 436: Configuring Routing Between An Mce And A Vpn Site
• Disable route redistribution between routing protocols to save system resources. Before you configure routing on an MCE, configure VPN instances, and bind the VPN instances to the interfaces connected to the VPN sites and the PE. Configuring routing between an MCE and a VPN site You can configure static routing, RIP, OSPF, IS-IS, EBGP or IBGP between an MCE and a VPN site.
Page 437 Configuring OSPF between an MCE and a VPN site An OSPF process belongs to the public network or a single VPN instance. If you create an OSPF process without binding it to a VPN instance, the process belongs to the public network. Binding OSPF processes to VPN instances can isolate routes of different VPNs.
Page 438 Step Command Remarks By default, IS-IS does not import-route protocol redistribute routes from any other [ process-id | all-processes | routing protocol. Redistribute remote site allow-ibgp ] [ allow-direct | cost If you do not specify the route routes advertised by the PE cost-value | cost-type { external | level in the command, the into IS-IS.
Page 439 Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] By default, BGP is not enabled. [ multi-session-thread ] peer { group-name | Configure the MCE as an By default, no BGP peers or ipv4-address [ mask-length ] } EBGP peer.
Page 440: Configuring Routing Between An Mce And A Pe
Step Command Remarks By default, no RR or RR client is configured. After you configure a VPN site as an IBGP peer, the MCE does (Optional.) Configure the not advertise the BGP routes peer { group-name | system to be the RR, and learned from the VPN site to ipv4-address [ mask-length ] } specify the peer as the...
Page 441 Configuring static routing between an MCE and a PE Step Command Remarks Enter system view. system-view ip route-static vpn-instance s-vpn-instance-name dest-address { mask-length | mask } { interface-type interface-number [ next-hop-address ] | By default, no Configure a static route next-hop-address [ public ] [ track static routes are for a VPN instance.
Page 442 Step Command Remarks Enable OSPF on the By default, an interface neither network ip-address interface attached to the belongs to any area nor runs wildcard-mask specified network in the area. OSPF. Configuring IS-IS between an MCE and a PE Step Command Remarks Enter system view.
Page 443: Displaying And Maintaining Mce
Configuring IBGP between an MCE and a PE Step Command Remarks Enter system view. system-view bgp as-number [ instance By default, BGP is not Enter BGP instance view. instance-name ] enabled. [ multi-session-thread ] Enter BGP-VPN instance ip vpn-instance vpn-instance-name view.
Page 444 Figure 112 Network diagram VPN 2 Site 1 CE 1 PE 2 PE 1 Vlan-int30: 30.1.1.2/24 Vlan-int40: 40.1.1.2/24 PE 3 CE 2 Vlan-int30: 30.1.1.1/24 VPN 1 VPN 1 Vlan-int40: 40.1.1.1/24 192.168.0.0/24 Vlan-int10 Site 2 10.214.10.3/24 Vlan-int20 VR 1 10.214.20.3/24 VR 2 VPN 2 192.168.10.0/24 Configuration procedure...
Page 445 [MCE-Vlan-interface20] ip binding vpn-instance vpn2 [MCE-Vlan-interface20] ip address 10.214.20.3 24 [MCE-Vlan-interface20] quit # On PE 1, configure VPN instances vpn1 and vpn2, and specify an RD and route targets for each VPN instance. <PE1> system-view [PE1] ip vpn-instance vpn1 [PE1-vpn-instance-vpn1] route-distinguisher 10:1 [PE1-vpn-instance-vpn1] vpn-target 10:1 [PE1-vpn-instance-vpn1] quit [PE1] ip vpn-instance vpn2...
Page 446 [MCE] ospf 2 vpn-instance vpn2 # Advertise subnet 10.214.20.0. [MCE-ospf-2] area 0 [MCE-ospf-2-area-0.0.0.0] network 10.214.20.0 0.0.0.255 [MCE-ospf-2-area-0.0.0.0] quit [MCE-ospf-2] quit # On VR 2, assign IP address 10.214.20.2/24 to the interface connected to MCE and 192.168.10.1/24 to the interface connected to VPN 2. (Details not shown.) # Configure OSPF process 2, and advertise subnets 192.168.10.0 and 10.214.20.0.
Page 447 [MCE-Vlan-interface40] ip binding vpn-instance vpn2 [MCE-Vlan-interface40] ip address 40.1.1.1 24 [MCE-Vlan-interface40] quit # On PE 1, bind VLAN-interface 30 to VPN instance vpn1, and configure an IP address for the VLAN interface. [PE1] interface vlan-interface 30 [PE1-Vlan-interface30] ip binding vpn-instance vpn1 [PE1-Vlan-interface30] ip address 30.1.1.2 24 [PE1-Vlan-interface30] quit # Bind VLAN-interface 40 to VPN instance vpn2, and configure an IP address for the VLAN...
Page 448: Configuring The Mce That Uses Ebgp To Advertise Vpn Routes To The Pe
30.1.1.0/24 Direct 30.1.1.2 Vlan30 30.1.1.0/32 Direct 30.1.1.2 Vlan30 30.1.1.2/32 Direct 127.0.0.1 InLoop0 30.1.1.255/32 Direct 30.1.1.2 Vlan30 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 192.168.0.0/24 O_ASE2 150 1 30.1.1.1 Vlan30 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24...
Page 449 Figure 113 Network diagram VPN 2 Site 1 CE 1 PE 2 PE 1 Vlan-int30: 30.1.1.2/24 Vlan-int40: 40.1.1.2/24 PE 3 CE 2 VPN 1 Vlan-int30: 30.1.1.1/24 VPN 1 Site 2 Vlan-int40: 40.1.1.1/24 172.16.10.0 Vlan-int2 10.100.10.1/24 Vlan-int3 VR 1 10.100.20.1/24 VR 2 VPN 2 172.16.20.0 Configuration procedure...
Page 450 10.214.10.3/32 Direct 127.0.0.1 InLoop0 10.214.10.255/32 Direct 10.214.10.3 Vlan10 127.0.0.0/8 Direct 127.0.0.1 InLoop0 127.0.0.0/32 Direct 127.0.0.1 InLoop0 127.0.0.1/32 Direct 127.0.0.1 InLoop0 127.255.255.255/32 Direct 127.0.0.1 InLoop0 192.168.0.0/24 O_INTRA 10 10.214.10.2 Vlan10 224.0.0.0/4 Direct 0.0.0.0 NULL0 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0 The output shows that the MCE has learned the private route of VPN 1 through OSPF process # On the MCE, bind OSPF process 20 to VPN instance vpn2 to learn the routes of VPN 2.
Page 451 # On PE 1, enable BGP in AS 200, and specify the MCE as its EBGP peer. [PE1] bgp 200 [PE1-bgp-default] ip vpn-instance vpn1 [PE1-bgp-default-vpn1] peer 30.1.1.1 as-number 100 [PE1-bgp-default-vpn1] address-family ipv4 [PE1-bgp-default-ipv4-vpn1] peer 30.1.1.1 enable [PE1-bgp-default-ipv4-vpn1] quit [PE1-bgp-default-vpn1] quit [PE1-bgp-default] quit # Use similar procedures to configure VPN 2 settings on MCE and PE 1.
Page 452 224.0.0.0/24 Direct 0.0.0.0 NULL0 255.255.255.255/32 Direct 127.0.0.1 InLoop0 The MCE has redistributed the OSPF routes of the two VPN instances into the EBGP routing tables...
Page 453: Configuring Ipv6 Mce
Configuring IPv6 MCE This chapter describes IPv6 MCE configuration. IPv6 MPLS L3VPN overview IPv6 MPLS L3VPN uses BGP to advertise IPv6 VPN routes and uses MPLS to forward IPv6 VPN packets on the service provider backbone. Figure 114 shows a typical IPv6 MPLS L3VPN model. The service provider backbone in the IPv6 MPLS L3VPN model is an IPv4 network.
Page 454: Configuring Vpn Instances
Tasks at a glance Configuring routing on an MCE: (Required.) Configuring routing between an MCE and a VPN site (Required.) Configuring routing between an MCE and a PE Configuring VPN instances By configuring VPN instances on a PE, you isolate not only VPN routes from public network routes, but also routes between VPNs.
Page 455: Configuring Route Related Attributes For A Vpn Instance
Step Command Remarks By default, an interface is not associated with a VPN instance and belongs to the public network. The ip binding vpn-instance Associate a VPN instance ip binding vpn-instance command clears the IP address of with the interface. vpn-instance-name the interface.
Page 456: Configuring Routing On An Mce
Step Command Remarks By default, only one tunnel is selected (no load balancing) in this order: LSP tunnel, GRE tunnel, and CR-LSP tunnel. Apply a tunnel policy to the tnl-policy tunnel-policy-name The specified tunnel policy must VPN instance. have been created. For information about tunnel policies, see "Configuring tunnel...
Page 457 Step Command Remarks (Optional.) Configure The default ipv6 route-static default-preference the default preference preference for IPv6 default-preference for IPv6 static routes. static routes is 60. Configuring RIPng between an MCE and a VPN site A RIPng process belongs to the public network or a single IPv6 VPN instance. If you create a RIPng process without binding it to an IPv6 VPN instance, the process belongs to the public network.
Page 458 Step Command Remarks import-route protocol [ process-id | all-processes | Redistribute remote site allow-ibgp ] [ allow-direct | cost By default, no routes are routes advertised by the PE. cost-value | nssa-only | redistributed into OSPFv3. route-policy route-policy-name | tag tag | type type ] * Return to system view.
Page 459 Step Command Remarks Enter system view. system-view bgp as-number [ instance Enter BGP instance view. instance-name ] [ multi-session-thread ] Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | Specify an IPv6 BGP peer ipv6-address [ prefix-length ] } By default, no BGP peers exist.
Page 460 Step Command Remarks bgp as-number [ instance Enter BGP instance view. instance-name ] By default, BGP is not enabled. [ multi-session-thread ] Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | By default, no BGP peers or Configure an IBGP peer. ipv6-address [ prefix-length ] } peer groups exist.
Page 461: Configuring Routing Between An Mce And A Pe
Configuring routing between an MCE and a PE MCE-PE routing configuration includes the following tasks: • Binding the MCE-PE interfaces to IPv6 VPN instances. • Performing routing configurations. • Redistributing IPv6 VPN routes into the routing protocol running between the MCE and the PE. Perform the following configuration tasks on the MCE.
Page 462 Step Command Remarks Set the router ID. router-id router-id By default, routing loop detection is enabled. On an MCE network, you must Disable routing loop disable routing loop detection for vpn-instance-capability simple detection. a VPN OSPFv3 process. Otherwise, the MCE does not receive OSPFv3 routes from the import-route protocol [ process-id | all-processes |...
Page 463: Displaying And Maintaining Ipv6 Mce
Step Command Remarks bgp as-number [ instance Enter BGP instance view. instance-name ] [ multi-session-thread ] Enter BGP-VPN instance ip vpn-instance view. vpn-instance-name peer { group-name | ipv6-address Configure the PE as an [ prefix-length ] } as-number By default, no BGP peers exist. EBGP peer.
Page 464: Ipv6 Mce Configuration Example
IPv6 MCE configuration example Network requirements As shown in Figure 115, RIPng runs in VPN 2. Configure the MCE device to separate routes from different VPNs and advertise VPN routes to PE 1 through OSPFv3. Figure 115 Network diagram VPN 2 Site 1 PE 2 PE 1...
Page 465 [MCE-vpn-instance-vpn2] route-distinguisher 20:1 [MCE-vpn-instance-vpn2] vpn-target 20:1 [MCE-vpn-instance-vpn2] quit # Bind VLAN-interface 10 to VPN instance vpn1, and configure an IPv6 address for the VLAN interface. [MCE] interface vlan-interface 10 [MCE-Vlan-interface10] ip binding vpn-instance vpn1 [MCE-Vlan-interface10] ipv6 address 2001:1::1 64 [MCE-Vlan-interface10] quit # Bind VLAN-interface 20 to VPN instance vpn2, and configure an IPv6 address for the VLAN interface.
Page 466 [VR2-ripng-20] quit [VR2] interface vlan-interface 20 [VR2-Vlan-interface20] ripng 20 enable [VR2-Vlan-interface20] quit [VR2] interface vlan-interface 21 [VR2-Vlan-interface21] ripng 20 enable [VR2-Vlan-interface21] quit # On the MCE, display the routing tables of VPN instances vpn1 and vpn2. [MCE] display ipv6 routing-table vpn-instance vpn1 Destinations : 6 Routes : 6 Destination: ::1/128 Protocol...
Page 467 NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 2012::/64 Protocol : RIPng NextHop : FE80::20C:29FF:FE40:701 Preference: 100 Interface : Vlan20 Cost Destination: FE80::/10 Protocol : Direct NextHop : :: Preference: 0 Interface : NULL0 Cost Destination: FF00::/8 Protocol : Direct NextHop : ::...
Page 468: Verifying The Configuration
[MCE-ospf-10] import-route static [MCE-ospf-10] quit # Enable OSPFv3 on VLAN-interface 30. [MCE] interface vlan-interface 30 [MCE-Vlan-interface30] ospfv3 10 area 0.0.0.0 [MCE-Vlan-interface30] quit # On PE 1, enable OSPFv3 process 10 and bind the process to VPN instance vpn1. [PE1] ospfv3 10 vpn-instance vpn1 [PE1-ospf-10] router-id 100.100.10.1 [PE1-ospf-10] quit # Enable OSPFv3 on VLAN-interface 30.
Page 469 # Verify that PE 1 has learned the private route of VPN 2 through OSPFv3. [PE1] display ipv6 routing-table vpn-instance vpn2 Destinations : 6 Routes : 6 Destination: ::1/128 Protocol : Direct NextHop : ::1 Preference: 0 Interface : InLoop0 Cost Destination: 40::/64 Protocol...
Page 470: Document Conventions And Icons
Document conventions and icons Conventions This section describes the conventions used in the documentation. Command conventions Convention Description Boldface Bold text represents commands and keywords that you enter literally as shown. Italic Italic text represents arguments that you replace with actual values. Square brackets enclose syntax choices (keywords or arguments) that are optional.
Page 471: Network Topology Icons
Network topology icons Convention Description Represents a generic network device, such as a router, switch, or firewall. Represents a routing-capable device, such as a router or Layer 3 switch. Represents a generic switch, such as a Layer 2 or Layer 3 switch, or a router that supports Layer 2 forwarding and other Layer 2 features.
Page 472: Support And Other Resources
Hewlett Packard Enterprise Support Center More Information on Access to Support Materials page: www.hpe.com/support/AccessToSupportMaterials IMPORTANT: Access to some updates might require product entitlement when accessed through the Hewlett Packard Enterprise Support Center. You must have an HP Passport set up with relevant entitlements.
Page 473: Websites
Websites Website Link Networking websites Hewlett Packard Enterprise Information Library for www.hpe.com/networking/resourcefinder Networking Hewlett Packard Enterprise Networking website www.hpe.com/info/networking Hewlett Packard Enterprise My Networking website www.hpe.com/networking/support Hewlett Packard Enterprise My Networking Portal www.hpe.com/networking/mynetworking Hewlett Packard Enterprise Networking Warranty www.hpe.com/networking/warranty General websites Hewlett Packard Enterprise Information Library www.hpe.com/info/enterprise/docs Hewlett Packard Enterprise Support Center...
Page 474 part number, edition, and publication date located on the front cover of the document. For online help content, include the product name, product version, help edition, and publication date located on the legal notices page.
Page 475: Index
Index MPLS TE tunnel constraints, aging accepting VPLS MAC address aging, LDP label acceptance policy, algorithm accessing MPLS TE CSPF path calculation, H-VPLS access mode, architecture H-VPLS Ethernet access mode, MPLS L3VPN, 185, 421 address MPLS network, VPLS MAC address aging, VPLS, VPLS MAC address learning, 372, 386...
Page 476 ASBR MPLS TE tunnel traffic direction (automatic route advertisement/forwarding adjacency), IPv6 MPLS L3VPN inter-AS IPv6 VPN option C ASBR, MPLS TE tunnel traffic direction (automatic route advertisement/IGP shortcut), MPLS L3VPN inter-AS VPN option C ASBR, VPLS LDP PW configuration (BGP auto-discovery), associating VPLS LDP PW creation (BGP auto-discovery),...
Page 477 IPv6 MPLS L3VPN BGP route flapping MPLS L3VPN route target attributes, 187, 423 logging, MPLS L3VPN RT filtering, IPv6 MPLS L3VPN configuration, 270, 272, VPLS BGP label block information advertisement, 287, 287 IPv6 MPLS L3VPN inter-AS option A VPLS BGP PW configuration, 379, 394 configuration, VPLS BGP PW creation,...
Page 478 IPv6 MPLS L3VPN PE-CE EBGP, IPv6 MCE VPN instance, IPv6 MCE VPN instance route related attributes, IPv6 MPLS L3VPN PE-CE IBGP, IPv6 MPLS L3VPN PE-CE IPv6 IS-IS, IPv6 MCE-PE EBGP, IPv6 MPLS L3VPN PE-CE OSPFv3, IPv6 MCE-PE IBGP, IPv6 MPLS L3VPN PE-CE RIPng, IPv6 MCE-PE IPv6 IS-IS, IPv6 MPLS L3VPN PE-CE routing, IPv6 MCE-PE IPv6 static routing,...
Page 479 IPv6 MPLS L3VPN VPN instance route MPLS L2VPN BGP PW, 333, 347 related attributes, MPLS L2VPN BGP PW remote CCC connection, LDP, 17, 25 LDP backoff, MPLS L2VPN cross-connect configuration, LDP BGP unicast route redistribution, MPLS L2VPN cross-connect+Ethernet service instance binding, LDP FRR, MPLS L2VPN Ethernet service instance, LDP GR,...
Page 480 MPLS L3VPN PE-CE static routing, MPLS TE tunnel setup priority, MPLS TE tunnel setup retry, MPLS L3VPN PE-PE routing, MPLS L3VPN route replication, MPLS TE tunnel strict explicit path, MPLS L3VPN VPN instance, MPLS TE tunnel traffic direction (automatic route advertisement), MPLS L3VPN VPN instance route related attribute,...
Page 481 MPLS L2VPN remote connection MPLS TE inter-AS tunnel establishment establishment, (RSVP-TE), Constraint-based MPLS TE make-before-break, Routed Label Switched Path. See CRLSP MPLS TE route pinning, Shortest Path First. Use CSPF MPLS TE static implementation, Constraint-based Routed Label Switched Paths. MPLS TE tunnel configuration (dynamic CRLSP), CRLSP controlling MPLS TE tunnel configuration (static CRLSP),...
Page 482 IPv4 LDP label advertisement control, MPLS L2VPN LDP PW redundancy, IPv4 LDP LSP configuration, MPLS L2VPN multi-segment PW configuration (inter-domain), IPv6 LDP configuration, MPLS L2VPN multi-segment PW configuration IPv6 LDP label acceptance control, (intra-domain), IPv6 LDP label advertisement control, MPLS L2VPN remote CCC connection, IPv6 LDP LSP configuration, MPLS L2VPN static PW configuration, IPv6 MCE configuration,...
Page 483 provider device. See P device MPLS TE DS-TE, provider edge device. See MPLS TE DS-TE configuration, RSVP configuration, MPLS TE IETF DS-TE configuration, RSVP GR configuration, dual homing RSVP-TE tunnel establishment, H-VPLS UPE, static CRLSP configuration, 156, 157 H-VPLS UPE dual homing configuration, static LSP configuration, VPLS UPE configuration, VPLS BGP PW configuration,...
Page 484 MPLS TE, MPLS TE FRR, MPLS TE label recording, IPv4 LDP configuration, MPLS TE loop detection, IPv4 LDP label acceptance control, MPLS TE route recording, IPv4 LDP label advertisement control, MPLS TE SNMP notification, IPv4 LDP LSP configuration, MPLS TTL-expired message send, IPv6 LDP configuration, RSVP, IPv6 LDP label acceptance control,...
Page 485 IPv4 LDP FRR configuration, RSVP GR, RSVP GR configuration, LDP FRR, LDP FRR configuration, RSVP hello extension, MPLS L3VPN, RSVP-TE hello message, hierarchical VPLS. Use H-VPLS MPLS L3VPN FRR configuration, MPLS L3VPN FRR configuration (IPv4 hop count (LDP loop detection), route/VPNv4 route backup), hot standby CRLSP backup (MPLS TE), MPLS L3VPN FRR configuration (VPNv4...
Page 486 MPLS TE tunnel traffic direction (automatic H-VPLS configuration (MPLS access), route advertisement/IGP shortcut), H-VPLS UPE dual homing configuration, implementing MPLS L3VPN loopback address redistribution, VPLS, importing MPLS L3VPN loopback interface, MCE VPN instance route related attributes, VPLS BGP PW configuration, VPLS configuration, 371, 376, 387 MPLS L3VPN BGP import target attribute,...
Page 487 LDP LSP configuration, IPv6 MPLS L3VPN basic configuration, MCE-PE EBGP configuration, MCE-PE IBGP configuration, BGP AS number substitution configuration, MPLS L3VPN FRR IPv4 route backup (VPNv4 BGP AS number substitution+SoO attribute route), configuration, 285, 320 MPLS L3VPN FRR VPNv4 route backup (IPv4 BGP route flapping logging enable, route), BGP VPNv6 route control,...
Page 488 routing information advertisement, MPLS TE CRLSP RSVP-TE setup, VPN instance, MPLS TE CRLSP static implementation, VPN instance creation, MPLS TE label recording, VPN instance route related attributes, RSVP configuration, 163, 166, 171 VPN instance+interface association, RSVP GR configuration, IS-IS RSVP-TE LABEL object, LDP IS-IS synchronization, RSVP-TE LABEL_REQUEST object, MCE-PE IS-IS,...
Page 489 label retention mode, LDP session protection, LDP over MPLS TE, MPLS L2VPN attachment circuit (AC), loop detection configuration, MPLS L3VPN OSPF sham link, 197, 215 LSP generation policy, MPLS L3VPN OSPF sham link configuration, MD5 authentication, MPLS L3VPN OSPF sham link creation, message types, MPLS TE attribute advertisement, MPLS L2VPN BGP PW configuration,...
Page 490 LDP LSP generation policy, maintaining LDP over MPLS TE, IPv6 MPLS L3VPN, MPLS control plane, MCE, MPLS dynamic LSP establishment, MPLS, MPLS OAM configuration, MPLS L2VPN, MPLS OAM for LSP tunnel configuration, MPLS L3VPN, MPLS OAM ping for LSP, MPLS TE, MPLS OAM tracert for LSP, RSVP, MPLS static LSP establishment,...
Page 491 MCE-VPN site OSPF, basic concepts, MCE-VPN site RIP, basics configuration, 1, 6 MCE-VPN site routing, configuration restrictions and guidelines, 5, 330 MCE-VPN site static routing, control plane, OSPF VPN route advertisement, display, routing configuration, egress node label type advertisement, VPN instance configuration, enable, VPN instance creation, exclusive tunnel configuration,...
Page 492 LDP-IGP synchronization, multi-segment PW configuration (intra-domain), LFIB, PW class configuration, LSP, PW configuration, LSP establishment, PW redundancy, LSR, PW redundancy configuration, maintain, PW SNMP notification enable, MTU set, PW type, network architecture, PW VCCV, OAM. See MPLS OAM remote CCC connection, PHP, remote connection establishment, preferred tunnel+selection order configuration,...
Page 493 inter-AS option A configuration, PE-CE OSPF, PE-CE RIP, inter-AS option B configuration, inter-AS option C configuration, PE-CE routing, inter-AS VPN, PE-CE static routing, PE-PE routing, inter-AS VPN configuration, inter-AS VPN option A, protocols and standards, inter-AS VPN option B, route advertisement, inter-AS VPN option C, route replication configuration, inter-AS VPN option C ASBR,...
Page 494 MPLS L3VPN inter-AS option C configuration, link attribute advertisement (IS-IS TE), link attribute advertisement (OSPF TE), MPLS L3VPN OSPF sham link configuration, link attribute configuration, maintain, MPLS TE make-before-break, attribute advertisement, MCE configuration, auto FRR configuration, MCE EBGP VPN route advertisement, backup CRLSP establishment (PCE path MCE OSPF VPN route advertisement, calculation),...
Page 495 troubleshoot, IPv6 MCE-PE EBGP, troubleshoot no TE LSA generated, IPv6 MCE-PE IBGP, tunnel configuration (dynamic CRLSP), IPv6 MCE-PE IPv6 IS-IS, tunnel configuration (static CRLSP), IPv6 MCE-PE IPv6 static routing, tunnel constraint configuration, IPv6 MCE-PE OSPFv3, tunnel CRLSP configuration (PCE calculation), IPv6 MCE-PE RIPng, IPv6 MCE-PE routing, tunnel establishment (RSVP-TE),...
Page 496 IPv6 MPLS L3VPN PE-CE routing, MCE-PE IS-IS, IPv6 MPLS L3VPN PE-CE static routing, MCE-PE OSPF, IPv6 MPLS L3VPN PE-PE routing, MCE-PE RIP, IPv6 MPLS L3VPN routing information MCE-PE routing configuration, advertisement, MCE-PE static routing, IPv6 MPLS L3VPN VPN instance, MCEVPN instance creation, IPv6 MPLS L3VPN VPN instance creation, MCE-VPN site EBGP, MCE-VPN site IBGP,...
Page 497 MPLS L3VPN BGP AS number substitution MPLS L3VPN OSPF area PE-CE configuration, configuration, MPLS L3VPN BGP AS number MPLS L3VPN OSPF sham link, 197, 215 substitution+SoO attribute, 198, 217 MPLS L3VPN OSPF sham link configuration, MPLS L3VPN BGP AS number MPLS L3VPN OSPF sham link creation, substitution+SoO attribute configuration, MPLS L3VPN OSPF VPN extension,...
Page 498 MPLS TE FRR manual bypass tunnel, network management MPLS TE FRR node fault detection, IPv4 LDP configuration, MPLS TE FRR optimal bypass tunnel IPv6 LDP configuration, selection interval, IPv6 MCE configuration, 444, 444, 455 MPLS TE IETF DS-TE configuration, IPv6 MPLS L3VPN configuration, 270, 272, 287 MPLS TE inter-AS tunnel establishment LDP configuration,...
Page 499 MPLS L3VPN BGP AS number MPLS L3VPN architecture, 185, 421 substitution+SoO attribute configuration, MPLS L2VPN configuration, MPLS L2VPN static PW configuration, packet MPLS L2VPN PW VCCV, IPv6 MPLS L3VPN packet forwarding, MPLS OAM. See MPLS OAM LDP FRR, MPLS TE bidirectional tunnel, LDP FRR configuration, object LDP packet DSCP value,...
Page 500 MPLS TE PCEP session parameters, MCE-PE routing configuration, MPLS TE tunnel CRLSP configuration (PCE MCE-PE static routing, calculation), MPLS L2VPN Ethernet service instance, PCEP MPLS L2VPN provider edge device (PE), MPLS TE CRLSP establishment (PCE path MPLS L3VPN architecture, 185, 421 calculation), MPLS L3VPN egress PE VPN label processing MPLS TE PCEP session parameter,...
Page 501 POP label forwarding mode (MPLS L3VPN), configuring IPv6 MCE-VPN site EBGP, configuring IPv6 MCE-VPN site IBGP, POPGO label forwarding mode (MPLS L3VPN), configuring IPv6 MCE-VPN site IPv6 IS-IS, preferring configuring IPv6 MCE-VPN site OSPFv3, preferred tunnel+selection order configuration, configuring IPv6 MCE-VPN site RIPng, configuring IPv6 MCE-VPN site static routing, prerequisites configuring IPv6 MPLS L3VPN,...
Page 502 configuring IPv6 MPLS L3VPN PE-PE routing, configuring MCE-VPN site OSPF, configuring MCE-VPN site RIP, configuring IPv6 MPLS L3VPN VPN instance, configuring MCE-VPN site routing, configuring MCE-VPN site static routing, configuring IPv6 MPLS L3VPN VPN instance configuring MPLS basics, route related attributes, configuring MPLS L2VPN, configuring LDP, configuring MPLS L2VPN BGP label block...
Page 503 configuring MPLS L3VPN inter-AS VPN configuring MPLS TE CRLSP tunnel configuration, reoptimization, configuring MPLS L3VPN inter-AS VPN configuring MPLS TE DS-TE, option A, configuring MPLS TE FRR, configuring MPLS L3VPN inter-AS VPN configuring MPLS TE FRR bypass tunnel on PLR, option B, configuring MPLS L3VPN inter-AS VPN configuring MPLS TE FRR manual bypass tunnel,...
Page 504 configuring RSVP authentication (interface discovering MPLS TE PCE, view), displaying IPv6 MCE, configuring RSVP authentication (RSVP displaying IPv6 MPLS L3VPN, neighbor view), displaying LDP, configuring RSVP authentication (RSVP view), displaying MCE, displaying MPLS, configuring RSVP GR, 170, 177 displaying MPLS L2VPN, configuring RSVP hello extension, displaying MPLS L3VPN, configuring RSVP refresh,...
Page 505 establishing RSVP-TE tunnel, L2VPN PW SNMP notification, maintaining IPv6 MPLS L3VPN, LDP PW configuration, 379, 392 maintaining MCE, LDP PW configuration (BGP auto-discovery), maintaining MPLS, MPLS L2VPN BGP PW, maintaining MPLS L2VPN, MPLS L2VPN BGP PW configuration, maintaining MPLS L3VPN, MPLS L2VPN BGP PW remote CCC connection, maintaining MPLS TE, MPLS L2VPN configuration,...
Page 506 MPLS TE DS-TE, RSVP, static CRLSP, Resv message (RSVP-TE), ResvConf message (RSVP-TE), MPLS TE DS-TE bandwidth constraint model, ResvErr message (RSVP-TE), ResvTear message (RSVP-TE), RECORD_ROUTE object (RSVP-TE), redistributing MCE-PE RIP, IPv6 MCE-PE routing, MCE-VPN site RIP, IPv6 MPLS L3VPN loopback interface MPLS L3VPN PE-CE RIP configuration, address, RIPng...
Page 507 IPv6 MCE-VPN site IBGP, MCE EBGP VPN route advertisement, IPv6 MCE-VPN site IPv6 IS-IS, MCE OSPF VPN routes advertisement, IPv6 MCE-VPN site OSPFv3, MCE routing configuration, IPv6 MCE-VPN site RIPng, MCE-PE EBGP, IPv6 MCE-VPN site static routing, MCE-PE IBGP configuration, IPv6 MPLS L3VPN basic configuration, MCE-PE IS-IS, IPv6 MPLS L3VPN BGP AS number...
Page 508 MPLS L3VPN OSPF sham link, maintain, packet DSCP value, MPLS L3VPN OSPF sham link configuration, protocols and standards, MPLS L3VPN OSPF VPN extension, refresh configuration, MPLS L3VPN OSPF VPN on PE, refresh mechanism, MPLS L3VPN PE-PE routing, reliable message delivery configuration, MPLS L3VPN route advertisement, restrictions and guidelines, MPLS L3VPN routing loop avoidance,...
Page 509 RSVP authentication, IPv6 MPLS L3VPN BGP AS number substitution+SoO attribute configuration, selecting IPv6 MPLS L3VPN BGP AS number preferred tunnel+selection order configuration, substitution+SoO attribute+SoO attribute configuration, sending MPLS L3VPN BGP AS number substitution+SoO MPLS TTL-expired message send, attribute, 198, 217 service MPLS L3VPN BGP SoO attribute configuration, MPLS L2VPN Ethernet service instance,...
Page 510 IPv6 MPLS L3VPN BGP AS number MPLS TE bidirectional tunnel configuration, substitution configuration, MPLS TE configuration, 72, 81, 104 IPv6 MPLS L3VPN BGP AS number MPLS TE CRLSP backup configuration, substitution+SoO attribute configuration, MPLS TE FRR, IPv6 MPLS L3VPN BGP AS+SoO attribute MPLS TE FRR manual bypass tunnel, configuration, MPLS TE IETF DS-TE configuration,...
Page 511 MPLS TE traffic forwarding, MPLS TE tunnel configuration (static CRLSP), transit MPLS TE tunnel CRLSP configuration (PCE calculation), MPLS transit LSR, MPLS TE tunnel establishment (RSVP-TE), transporting MPLS TE tunnel establishment (static CRLSP), LDP transport address, trapping MPLS TE tunnel interface, L2VPN PW SNMP notification, MPLS TE tunnel reoptimization, LDP SNMP notification,...
Page 512 private LAN service. Use VPLS PW class configuration, switch instance. Use PW configuration, Virtual Circuit Connectivity Verification. See PW creation, VCCV PW full mesh forwarding, VLAN PW LDP configuration, MPLS L2VPN BGP PW configuration, PW split horizon forwarding, MPLS L2VPN LDP PW configuration, static PW configuration, 378, 387 VPLS...

HP FlexNetwork 10500 Series Configuration Manual

Configuring Basic MPLS

Configuring a Static LSP

Configuring LDP

Configuring MPLS te

Configuring a Static CRLSP

Configuring RSVP

Configuring Tunnel Policies

Configuring MPLS L3VPN

Configuring Ipv6 MPLS L3VPN

Configuring MPLS L2VPN

Quick Links

Related Manuals for HP FlexNetwork 10500 Series

Summary of Contents for HP FlexNetwork 10500 Series