Home > Articles > Cisco Network Technology > General Networking > Configuration of Frame Mode MPLS

Configuration of Frame Mode MPLS

Contents

  1. 10-1 Configuring Basic MPLS
  2. 10-2 MPLS Traffic Engineering
  3. 10-3 MPLS Virtual Private Networks (VPN)
  4. References

Chapter Description

This chapter covers the background and configuration of frame mode Multiprotocol Label Switching (MPLS), discussing common configurations and features such as Configuring Basic MPLS, MPLS Traffic Engineering, and MPLS Virtual Private Networks.

10-3 MPLS Virtual Private Networks (VPN)

  • MPLS virtual private networks (VPN) offer greater scalability than Frame Relay or ATM overlay VPN solutions.
  • MPLS VPNs have a separate routing and forwarding (VRF) instance for each customer.
  • Each VRF has a 64-bit route distinguisher (RD) to keep each customer's IP subnet separate from other routing and forwarding tables.
  • Routers maintain a global routing table that is used to reach other routers in the provider's network.
  • BGP route target communities are used to exchange route information between routers.
  • There is a separate CEF and routing table for each VRF.

Configuration

  1. Configure MPLS according to Section 10-1.
  2. Create the VRF and enter into VRF configuration mode:
    (global) ip vrf name
          
    Every customer will have their own VRF.
  3. Create a route distinguisher for the VRF:
    (vrf) rd route-distinguisher
          
    You must configure a route distinguisher for the VRF to be functional. This command adds an 8-byte value to an IPv4 prefix to create a VPN IPv4 prefix. The RD can be entered in one of the two formats shown in Table 10-1.

    Table 10-1. RD Formats

    Format

    Example

    16-bit autonomous system number: a 32-bit number

    65501:1

    32-bit IP address: a 16-bit number

    192.168.0.1:1

  4. Create a route target for import, export, or both import and export:
    (vrf) route-target {import | export | both} route-target-community-number
          
    This command creates a list of import and export route target extended communities for the VRF. Learned routes that carry the same extended community number as the route-target-community-number you configure can be either imported into the VRF or exported out of the VRF (or both). Extended communities follow the same format as RDs.
  5. Associate the VRF with an interface facing a customer edge (CE) router:
    (interface) ip vrf forwarding vrf-name
          
    This command associates the VRF instance you created earlier in Step 2 with an interface. Configuring this command removes the IP address so you need to reconfigure the IP address after applying this command.
  6. Configure the VRF instance under the BGP process:
    1. Enter BGP configuration mode:
      (global) router bgp autonomous-system-number
                  
    2. Enter the address family configuration mode for the VRF instance:
      (router) address-family ipv4 vrf vrf-name
                  
      Enter the VRF name you created earlier in Step 2.
    3. Configure the customer edge neighbor:
      (address-family) neighbor ip-address remote-as autonomous-system-number
                  
      This command goes on the provider edge (PE) router and associates the VRF created in Step 2 with the BGP neighbor defined here under the VRF address family mode.
    4. Activate the CE BGP neighbor:
      (address-family) neighbor ip-address activate
                  
  7. Configure the provider edge (PE) to provider edge (PE) routing:
    1. Enter BGP configuration mode:
      (global) router bgp autonomous-system-number
                  
    2. Configure the PE BGP neighbor:
      (router) neighbor ip-address remote-as autonomous-system-number
                  
      There is a separate VRF instance for each customer and a global routing table. The global routing is created here by defining the BGP peers within the provider.
    3. Activate the PE BGP neighbor:
      (router) neighbor ip-address activate
                  
    4. Enter the vpn4 unicast address family:
      (router) address-family vpnv4 unicast
                  
      This address family configures an IPv4 unicast VPN routing instance that enables the PE routers to exchange BGP information with each other while still remaining separate from the customers' VRF instances.
    5. Define and activate the PE BGP neighbors:
      (address-family) neighbor ip-address remote-as autonomous-system-number
      (address-family) neighbor ip-address activate
                  
    6. Allow extended communities for the PE BGP neighbor:
      (address-family) neighbor ip-address send-community extended
                  
      Configuring this command activates support for extended communities. Extended communities are necessary for route targets to work with VRFs.

Example

Figure 10-3 is used in this example. The configuration that follows shows the configuration on the PE1 router. A VRF instance is created for Customer_A and Customer_B. For Customer_A, the router is configured to both import and export all routes tagged with the extended community 100:1. For Customer_B, the router is configured to both import and export all routes tagged with the extended community 100:2:

hostname PE1
!
ip cef
!
ip vrf Customer_A
 rd 100:1
 route-target both 100:1
!
ip vrf Customer_B
 rd 100:2
 route-target both 100:2
!
interface serial0/0
 ip address 192.168.1.5 255.255.255.252
 mpls ip
 description Link to PE
!
interface serial0/1
 ip address 192.168.1.9 255.255.255.252
 description Link to Customer_A
 ip vrf forwarding Customer_A
!
interface serial0/2
 ip address 192.168.1.13 255.255.255.252
 description Link to Customer_B
 ip vrf forwarding Customer_B
!
router bgp 100
 neighbor 192.168.1.6 remote-as 100
 neighbor 192.168.1.6 activate
 address-family vpnv4 unicast
 neighbor 192.168.1.6 remote-as 100
 neighbor 192.168.1.6 activate
 neighbor 192.168.1.6 send-community extended
 address-family ipv4 unicast vrf Customer_A
 redistribute connected
 neighbor 192.168.1.10 remote-as 65535
 neighbor 192.168.1.10 activate
 address-family ipv4 unicast vrf Customer_B
 redistribute connected
 neighbor 192.168.1.14 remote-as 65534
 neighbor 192.168.1.14 activate
Figure 10-3

Figure 10-3 MPLS VPN Example

4. References | Next Section Previous Section