This section describes how to configure a simple MPLS L3VPN, where
only one carrier is involved, the MPLS backbone is not inter-provider,
and none of the PEs or CEs functions as a PE and a CE at the same time.
Some special MPLS L3VPN networking scenarios such as HoVPN, multi-role host, and inter-provider VPN require additional configurations. For more information, refer to the related sections in this chapter.
In configuring MPLS L3VPN, the key task is to manage the advertisement of VPN routes on the MPLS backbone and includes the management of route advertisement between PEs and CEs and that between PEs.
As for the route exchange between a PE and a CE, you can configure static routes, multiple RIP instances, multiple OSPF instances, multiple IS-IS instances, or BGP according to the networking situations. MP-IBGP is adopted between PEs.
Configuration Prerequisites
Before configuring basic MPLS L3VPN, complete these tasks:
Some special MPLS L3VPN networking scenarios such as HoVPN, multi-role host, and inter-provider VPN require additional configurations. For more information, refer to the related sections in this chapter.
In configuring MPLS L3VPN, the key task is to manage the advertisement of VPN routes on the MPLS backbone and includes the management of route advertisement between PEs and CEs and that between PEs.
As for the route exchange between a PE and a CE, you can configure static routes, multiple RIP instances, multiple OSPF instances, multiple IS-IS instances, or BGP according to the networking situations. MP-IBGP is adopted between PEs.
Configuration Prerequisites
Before configuring basic MPLS L3VPN, complete these tasks:
- Configure IGP for the MPLS backbone (PEs and Ps) to achieve IP connectivity
- Configure MPLS basic capability for the MPLS backbone (PEs and Ps)
- Configure MPLS LDP for the MPLS backbone (PEs and Ps) so that LDP LSPs can be established
- On CEs, configure the IP addresses of the interfaces for accessing the PEs.
Configuring a VPN Instance
Follow these steps to configure a VPN instance:
Configuring Route Advertisement between PE and CE
Route advertisement between PE and CE can depend on static routes, RIP, OSPF, IS-IS, or EBGP. You may choose one as needed.
I. Configuring static routes between PEs and CEs
Follow these steps to configure static routes between PEs and CEs:
Note:
- Perform this configuration on the PEs. The configuration method on the CEs is the same for configuring ordinary static routes.
- For information about static route, refer to Static Routing Configuration in the IP Routing Volume.
II. Configuring RIP between PE and CE
A
RIP process belongs to only one VPN instance. If you run a RIP process
without binding it to a VPN instance, the process is considered a public
network process.
Follow these steps to configure RIP between PE and CE:
Note:
- Perform this configuration on the PEs. Only conventional RIP is required on CEs.
- After configuring a RIP instance, you must start RIP by using the same method for starting a common RIP process.
- For description and detailed configuration about RIP, refer to RIP Configuration in the IP Routing Volume.
III. Configuring OSPF between PE and CE
An OSPF process that
is bound to a VPN instance does not use the public network router ID
configured in system view. Therefore, you need to specify the router ID
when starting a process or to configure the IP address for at least one
interface of the VPN instance.
An
OSPF process belongs to only one VPN instance. If you run an OSPF
process without binding it to a VPN instance, the process is considered a
public network process.
Follow these steps to configure OSPF between PE and CE:
Note:
- Perform the configurations on PEs. Only conventional OSPF is required on CEs.
- The number of OSPF processes that a router supports varies by device. The number of OSPF processes for a VPN instance varies by device too.
- After a VPN instance is deleted, all related OSPF processes are deleted at the same time.
An OSPF process can be configured with only one domain ID. Domain IDs of different OSPF processes are independent of each other.
All
OSPF processes of a VPN must be configured with the same domain ID for
routes to be correctly advertised, while OSPF processes on PEs in
different VPNs can be configured with domain IDs as desired.
The
domain ID of an OSPF process is included in the routes generated by the
process. When an OSPF route is injected into BGP, the OSPF domain ID is
included in the BGP VPN route and delivered as a BGP extended community
attribute.
Note:
- After configuring an OSPF instance, you must start OSPF by using the same method for starting a common OSPF process.
- For description and detailed configuration about OSPF, refer to OSPF Configuration in the IP Routing Volume.
IV. Configuring IS-IS between PE and CE
An
IS-IS process belongs to only one VPN instance. If you run a IS-IS
process without binding it to a VPN instance, the process is considered a
public network process.
Follow these steps to configure IS-IS between PE and CE:
Note:
- After configuring an IS-IS instance, you must start IS-IS by using the same method for starting a common IS-IS process.
- For description and detailed configuration about IS-IS, refer to IS-IS Configuration in the IP Routing Volume.
- After configuring an IS-IS instance, you must start IS-IS by using the same method for starting a common IS-IS process.
- For description and detailed configuration about IS-IS, refer to IS-IS Configuration in the IP Routing Volume.
V. Configuring EBGP Between PE and CE
1) On a PE
Follow these steps to configure EBGP between PE and CE on a PE:
Note:
Normally,
BGP detects routing loops by AS number. In the hub and spoke networking
scheme, however, with EBGP running between PE and CE, the routing
information the PE advertises to a CE carries the number of the AS where
the PE resides. Therefore, the route updates that the PE receives from
the CE also include the number of the AS where the PE resides. This
causes the PE unable to receive the route updates. In this case, routing
loops must be allowed.
2) On a CE
Follow these steps to configure EBGP between PE and CE on a CE:
Note:
- Exchange of BGP routes for a VPN instance is the same as that of ordinary BGP routes.
- The configuration task in BGP instance view is the same as that in BGP view. For detailed information, refer to BGP Configuration and BGP Commands in the IP Routing Volume.
- For information about BGP peer and peer group configuration, refer to BGP Configuration and BGP Commands in the IP Routing Volume. This chapter does not differentiate between peer and peer group.
Configuring Route Advertisement Between PEs
Follow these steps to configure route advertisement between PEs:
Configuring Routing Features for BGP VPNv4 Subaddress Family
With
BGP VPNv4 subaddress family, there are a variety of routing features
that are the same as those for BGP IPv4 unicast routing. You can select
any of the features as required.
I. Configuring common routing features for all types of subaddress families
For
VPN applications, BGP address families include BGP VPN-IPv4 address
family, BGP-L2VPN address family, and VPLS address family. Every command
in the following table has the same function on BGP routes for each
type of the address families.
Follow these steps to configure common routing features for all types of subaddress families:
Note:
For
information about BGP-L2VPN address family and VPLS address family,
refer to MPLS L2VPN Commands and VPLS Commands in the MPLS Volume.
No comments:
Post a Comment