Thursday, March 31, 2011

Lab 91 - non-BGP Transit with MPLS

Prerequisites: CCNP level skills.

Notice!
Interfaces in the topology changed (my previous setup using 3640 does not support MPLS; here 3275 routers are used). Also, for the purposes of MPLS, R4 is connected using sub-interfaces to R1 and R2.

Topology

Pic. 1 - Topology Diagram.
Icons designed by: Andrzej Szoblik - http://www.newo.pl

Notice!
Use Initial configuration (Task 1) from the lab 89.

Task 1
Ensure 172.16.105.0/24 (R5) can reach 172.16.102.0/24 (R2). Use MPLS to accomplish the goal.

Lab Solution

Notice!
The same problem as in Lab 89. R1 is NOT running BGP and drops the packets between 172.16.102.0/24 and 172.16.105.0/24

Task 1
Ensure 172.16.105.0/24 (R5) can reach 172s.16.102.0/24 (R2). Use MPLS to accomplish the goal.

Personal Note!
Since this mini-lab is a bit more complex than the previous ones, step-by-step procedure is shown below. Just so I can get back to it at a later stage when I begin to forget some details.

R2 BGP Configuration:
!
 bgp router-id 172.16.102.2
 bgp log-neighbor-changes
 network 172.16.102.0 mask 255.255.255.0
 neighbor 10.1.24.4 remote-as 134
 no auto-summary
!

R5 BGP Configuration:
!
router bgp 50
 no synchronization
 bgp router-id 172.16.105.5
 bgp log-neighbor-changes
 network 172.16.105.0 mask 255.255.255.0
 neighbor 10.1.35.3 remote-as 134
 no auto-summary
!


Step 1 - IGP Routing protocol configuration

R1 Configuration:
!
router ospf 1
 router-id 172.16.101.1
 log-adjacency-changes
 network 10.1.13.1 0.0.0.0 area 0
 network 10.1.14.1 0.0.0.0 area 0
 network 172.16.101.1 0.0.0.0 area 0
!

R3 Configuration:
!
router ospf 1
 router-id 172.16.103.3
 log-adjacency-changes
 network 10.1.13.3 0.0.0.0 area 0
 network 172.16.103.3 0.0.0.0 area 0
!

R4 Configuration:
!
router ospf 1
 router-id 172.16.104.4
 log-adjacency-changes
 network 10.1.14.4 0.0.0.0 area 0
 network 172.16.104.4 0.0.0.0 area 0
!

Notice!
Loopback interfaces have been advertised into OSPF. They will be used by LDP protocol to establish session TCP session (DPort=646). It is recommended to use the same router ID when implementing BGP, OSPF, LDP, so I use manual settings.

Step 2 - LDP configuration

Notice!
IP CEF is enabled on all interfaces (it is a pre-requisite).

Notice!
R3 and R4 loopbacks have been re-configured to have /32 network mask as per LDP requirement. VPN does not work otherwise. BGP sends the following message:

%BGP-4-VPNV4NH_MASK: Nexthop 172.16.103.3 may not be reachable from neigbor 172.16.104.4 - not /32 mask

R1 Configuration:
!
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force
!
interface FastEthernet0/0
 ip address 10.1.14.1 255.255.255.0
 speed 100
 full-duplex
 mpls ip
!
interface serial1/1
 mpls ip

Verification:
Pic. 2 - LDP-enabled Interfaces on R1.
  
R3 Configuration:
!
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force

!
interface Serial1/1
 ip address 10.1.13.3 255.255.255.0
 mpls ip
 serial restart-delay 0
!


R4 Configuration:
!
mpls label protocol ldp
!
mpls ldp router-id Loopback0 force

!
interface FastEthernet0/0.14
 encapsulation dot1Q 14
 ip address 10.1.14.4 255.255.255.0
 mpls ip
!


Notice!
R4 has two loopbacks. The higher IP address becomes LDP ID. Since I did not advertised loopback1, I need to force R4 to use loopback0  address as its ID.

Verification:
Pic. 3 - R1's LDP Neighbors.


Pic. 4 - R1's LDP Neighbor Discovery.

Pic. 5 - R3's LFIB.

Pic. 6 - R4's LFIB.
  
Notice!
The Loopbacks shown (pic. 6 and pic. 7) become the next-hop attributes for MP-BGP session in my configuration.

Step 3 - Basic BGP Configuration

R3 Configuration:
!
router bgp 134
 no synchronization
 bgp router-id 172.16.103.3
 bgp log-neighbor-changes
 neighbor 172.16.104.4 remote-as 134
 neighbor 172.16.104.4 update-source Loopback0
 no auto-summary
!

R4 Configuration:
!
router bgp 134
 no synchronization
 bgp router-id 172.16.104.4
 bgp log-neighbor-changes
 neighbor 172.16.103.3 remote-as 134
 neighbor 172.16.103.3 update-source Loopback0
 no auto-summary
!

Verification:
Pic. 7 - BGP Neighbors.

Step 4 - MP-IBGP Configuration

R3 Configuration:
!
router bgp 134
 no synchronization
 bgp router-id 172.16.103.3
 bgp log-neighbor-changes
 neighbor 172.16.104.4 remote-as 134
 neighbor 172.16.104.4 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 172.16.104.4 activate
  neighbor 172.16.104.4 send-community both
  neighbor 172.16.104.4 next-hop-self
 exit-address-family
!

R4 Configuration:
!
router bgp 134
 no synchronization
 bgp router-id 172.16.104.4
 bgp log-neighbor-changes
 neighbor 172.16.103.3 remote-as 134
 neighbor 172.16.103.3 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 172.16.103.3 activate
  neighbor 172.16.103.3 send-community both
  neighbor 172.16.103.3 next-hop-self
 exit-address-family
!

Verification:
Pic. 8 - MP-IBGP Session.

Step 4 - VRF Configuration:

R3 Configuration:
!
ip vrf R2_R5
 rd 134:25
 route-target export 134:25
 route-target import 134:25
!
interface FastEthernet0/0
 ip vrf forwarding R2_R5
 ip address 10.1.35.3 255.255.255.0
 speed 100
 full-duplex
!

R4 Configuration:
!
ip vrf R2_R5
 rd 134:25
 route-target export 134:25
 route-target import 134:25
!
interface FastEthernet0/0.24
 encapsulation dot1Q 24
 ip vrf forwarding R2_R5
 ip address 10.1.24.4 255.255.255.0
!

Notice!
Once you activate VRF on an interface, the IP address is removed and must be manually re-created.

Pic. 9 - Reachability Check Using VRF.

Step 5 - PE-CE BGP Connection

R3 Configuration:
!
router bgp 134
 no synchronization
 bgp router-id 172.16.103.3
 bgp log-neighbor-changes
 neighbor 172.16.104.4 remote-as 134
 neighbor 172.16.104.4 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 172.16.104.4 activate
  neighbor 172.16.104.4 send-community both
  neighbor 172.16.104.4 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf R2_R5
  neighbor 10.1.35.5 remote-as 50
  neighbor 10.1.35.5 activate
  no synchronization
 exit-address-family
!

Verification:
Pic. 10 - BGP Neighbor and VRF Table on R3.

Pic. 11 - VRF Table on R4.

R4 Configuration:
!
router bgp 134
 no synchronization
 bgp router-id 172.16.104.4
 bgp log-neighbor-changes
 neighbor 172.16.103.3 remote-as 134
 neighbor 172.16.103.3 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
  neighbor 172.16.103.3 activate
  neighbor 172.16.103.3 send-community both
  neighbor 172.16.103.3 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf R2_R5
  neighbor 10.1.24.2 remote-as 20
  neighbor 10.1.24.2 activate
  no synchronization
 exit-address-family
!

Verfication:
The same verification as per R3.

Pic. 12 - Ping Test.