Lesson Contents
6PE and 6VPE allow us to run IPv6 over an IPv4-only MPLS core where we use dual stack PE routers.
On the PE routers, we use MP-BGP to exchange IPv6 prefixes and the LSP (Label Switched Path) is based on IPv4. This allows service providers to offer IPv6 to their customers without making major changes to the core of their MPLS network.
To achieve this, a small modification to MP-BGP was needed. The LSP between the PE routers is based on IPv4 so the next hop addresses are IPv4 addresses. When a PE router advertises an IPv6 prefix through MP-BGP to another PE router, it embeds the IPv4 address in the IPv6 next hop address so that a PE router knows which IPv4 address (and thus which label) to use to get to the other PE router.
- 6PE uses the global IPv6 routing table on the PE routers.
- 6VPE uses VRFs on the PE routers (MPLS VPN).
In this lesson, I’ll show you how to configure 6PE and 6VPE.
Configuration
Here is the topology we will use:
Above, we have a service provider in AS234 with two PE routers and one P router, the MPLS core is based on IPv4. The SP has a customer that is ready to use IPv6. On each CE router, there is a loopback with an IPv6 address. Between the PE-CE routers, we are going to use MP-BGP to advertise those IPv6 prefixes so that we have connectivity between CE1 and CE2.
Configurations
Want to take a look for yourself? Here you will find the startup configuration of each device.
CE1
hostname CE1
!
ip cef
!
interface Loopback0
ipv6 address 2001:DB8:1:1::1/128
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:12::1/64
!
endCE2
hostname CE2
!
ip cef
!
interface Loopback0
ipv6 address 2001:DB8:5:5::5/128
!
interface GigabitEthernet0/0
ip address 10.255.1.147 255.255.0.0
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:45::5/64
!
endP
hostname P
!
ip cef
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface GigabitEthernet0/1
ip address 192.168.23.3 255.255.255.0
!
interface GigabitEthernet0/2
ip address 192.168.34.3 255.255.255.0
!
router ospf 1
mpls ldp autoconfig
network 3.3.3.3 0.0.0.0 area 0
network 192.168.23.0 0.0.0.255 area 0
network 192.168.34.0 0.0.0.255 area 0
!
endPE1
hostname PE1
!
ip cef
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:12::2/64
!
interface GigabitEthernet0/2
ip address 192.168.23.2 255.255.255.0
!
router ospf 1
mpls ldp autoconfig
network 2.2.2.2 0.0.0.0 area 0
network 192.168.23.0 0.0.0.255 area 0
!
router bgp 234
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 234
neighbor 4.4.4.4 update-source Loopback0
!
endPE2
hostname PE2
!
ip cef
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:45::4/64
!
interface GigabitEthernet0/2
ip address 192.168.34.4 255.255.255.0
!
router ospf 1
mpls ldp autoconfig
network 4.4.4.4 0.0.0.0 area 0
network 192.168.34.0 0.0.0.255 area 0
!
router bgp 234
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 234
neighbor 2.2.2.2 update-source Loopback0
!
endWith the configuration above, I have an LSP between PE1 and PE2. These two PE routers are MP-BGP neighbors:
PE1#show ip bgp summary
BGP router identifier 2.2.2.2, local AS number 234
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
4.4.4.4 4 234 65 65 1 0 0 00:55:23 0PE2#show ip bgp summary
BGP router identifier 4.4.4.4, local AS number 234
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
2.2.2.2 4 234 66 66 1 0 0 00:55:59 0We can see the transport labels that are used between PE1 (2.2.2.2) and PE2 (4.4.4.4):
PE1#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 3.3.3.3/32 0 Gi0/2 192.168.23.3
17 Pop Label 192.168.34.0/24 0 Gi0/2 192.168.23.3
18 17 4.4.4.4/32 0 Gi0/2 192.168.23.3P#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 2.2.2.2/32 8361 Gi0/1 192.168.23.2
17 Pop Label 4.4.4.4/32 8415 Gi0/2 192.168.34.4PE2#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 Pop Label 3.3.3.3/32 0 Gi0/2 192.168.34.3
17 16 2.2.2.2/32 0 Gi0/2 192.168.34.3
18 Pop Label 192.168.23.0/24 0 Gi0/2 192.168.34.3Now let’s see if we can get IPv6 traffic over this network.
6PE
Let’s start with 6PE, this is where we use the global IPV6 routing table on the PE routers.
PE Routers
Let’s start with PE1. There are a couple of things I need to do:
- Configure the CE1 router as a neighbor.
- Activate the CE1 router under the IPv6 address-family.
- Activate the PE2 router under the IPv6 address-family.
- Send labels for IPv6 prefixes to the PE2 router.
Let’s configure all of this:
PE1(config)#ipv6 unicast-routing
PE1(config)#router bgp 234
PE1(config-router)#neighbor 2001:DB8:0:12::1 remote-as 1
PE1(config-router)#address-family ipv6
PE1(config-router-af)#neighbor 2001:DB8:0:12::1 activate
PE1(config-router-af)#neighbor 4.4.4.4 activate
PE1(config-router-af)#neighbor 4.4.4.4 send-labelOn the PE2 router, we do the exact same thing:
PE2(config)#ipv6 unicast-routing
PE2(config)#router bgp 234
PE2(config-router)#neighbor 2001:DB8:0:45::5 remote-as 5
PE2(config-router)#address-family ipv6
PE2(config-router-af)#neighbor 2001:DB8:0:45::5 activate
PE2(config-router-af)#neighbor 2.2.2.2 activate
PE2(config-router-af)#neighbor 2.2.2.2 send-labelThis completes the configuration of the PE routers.
CE Routers
The configuration of the CE routers is pretty straightforward. We configure MP-BGP for IPv6 and advertise the IPv6 prefix on the loopback interface. Let’s start with CE1:
CE1(config)#ipv6 unicast-routing
CE1(config)#router bgp 1
CE1(config-router)#bgp router-id 1.1.1.1
CE1(config-router)#neighbor 2001:DB8:0:12::2 remote-as 234
CE1(config-router)#address-family ipv6
CE1(config-router-af)#neighbor 2001:DB8:0:12::2 activate
CE1(config-router-af)#network 2001:DB8:1:1::1/128The configuration of CE2 is the same as CE1:
CE2(config)#ipv6 unicast-routing
CE2(config)#router bgp 5
CE2(config-router)#bgp router-id 5.5.5.5
CE2(config-router)#neighbor 2001:DB8:0:45::4 remote-as 234
CE2(config-router)#address-family ipv6
CE2(config-router-af)#neighbor 2001:DB8:0:45::4 activate
CE2(config-router-af)#network 2001:DB8:5:5::5/128That completes our configuration.
Verification
Let’s verify our work. Let’s start with the PE routers to see if MP-BGP has exchanged any prefixes:
PE1#show bgp ipv6 unicast
BGP table version is 6, local router ID is 2.2.2.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*> 2001:DB8:1:1::1/128
2001:DB8:0:12::1
0 0 1 i
*>i 2001:DB8:5:5::5/128
::FFFF:4.4.4.4 0 100 0 5 iWe see two entries on the PE router. The 2001:DB8:1:1::1/128 prefix we learned from CE1 and the 2001:DB8:5:5::5/128 prefix we learned from PE2. Take a good look at the next hop address for that second prefix, it has IPv4 address 4.4.4.4 embedded in it.
4.4.4.4 is the IPv4 address on the loopback of the PE2 router which is used for our LSP. This is how the PE1 router is able to figure out what LSP to use if it wants to reach 2001:DB8:5:5::5/128.
Let’s take a closer look at this prefix:
PE1#show bgp ipv6 unicast 2001:DB8:5:5::5/128
BGP routing table entry for 2001:DB8:5:5::5/128, version 6
Paths: (1 available, best #1, table default)
Advertised to update-groups:
3
Refresh Epoch 1
5
::FFFF:4.4.4.4 (metric 3) from 4.4.4.4 (4.4.4.4)
Origin IGP, metric 0, localpref 100, valid, internal, best
mpls labels in/out nolabel/19
rx pathid: 0, tx pathid: 0x0Above, we see the next hop again but also the VPN label (19) that is used to reach this prefix. You can also use the show bgp ipv6 unicast labels command to see the labels that are used:
PE1#show bgp ipv6 unicast labels
Network Next Hop In label/Out label
2001:DB8:1:1::1/128
2001:DB8:0:12::1
19/nolabel
2001:DB8:5:5::5/128
::FFFF:4.4.4.4 nolabel/19With 6PE, prefixes are installed in the global IPv6 routing table. Let’s take a look:
PE1#show ipv6 route bgp
IPv6 Routing Table - default - 5 entries
B 2001:DB8:1:1::1/128 [20/0]
via FE80::F816:3EFF:FEEA:B8E3, GigabitEthernet0/1
B 2001:DB8:5:5::5/128 [200/0]
via 4.4.4.4%default, indirectly connectedAbove, we see the two prefixes in the global IPv6 routing table. Let’s take a look at the PE2 router:
PE2#show bgp ipv6 unicast
BGP table version is 5, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 2001:DB8:1:1::1/128
::FFFF:2.2.2.2 0 100 0 1 i
*> 2001:DB8:5:5::5/128
2001:DB8:0:45::5
0 0 5 iPE2 uses ::FFFF:2:2:2:2 as the next hop address for 2001:DB8:1:1::1/128. That’s the IPv4 address on the loopback interface of the PE1 router, that is used for the LSP.
Let’s take a closer look at the 2001:DB8:1:1::1/128 prefix:
PE2#show bgp ipv6 unicast 2001:DB8:1:1::1/128
BGP routing table entry for 2001:DB8:1:1::1/128, version 3
Paths: (1 available, best #1, table default)
Advertised to update-groups:
3
Refresh Epoch 1
1
::FFFF:2.2.2.2 (metric 3) from 2.2.2.2 (2.2.2.2)
Origin IGP, metric 0, localpref 100, valid, internal, best
mpls labels in/out nolabel/19
rx pathid: 0, tx pathid: 0x0Above, we see the VPN label (19) that is used.
PE2#show bgp ipv6 unicast labels
Network Next Hop In label/Out label
2001:DB8:1:1::1/128
::FFFF:2.2.2.2 nolabel/19
2001:DB8:5:5::5/128
2001:DB8:0:45::5
19/nolabelLet’s check the global routing table:
PE2#show ipv6 route bgp
IPv6 Routing Table - default - 5 entries
B 2001:DB8:1:1::1/128 [200/0]
via 2.2.2.2%default, indirectly connected
B 2001:DB8:5:5::5/128 [20/0]
via FE80::F816:3EFF:FEC3:25CB, GigabitEthernet0/1The PE routers look good, everything we need is there. Let’s take a look at the CE routers:
CE1#show ipv6 route bgp
B 2001:DB8:5:5::5/128 [20/0]
via FE80::F816:3EFF:FE44:53EA, GigabitEthernet0/1CE2#show ipv6 route bgp
B 2001:DB8:1:1::1/128 [20/0]
via FE80::F816:3EFF:FE4C:A56C, GigabitEthernet0/1Each CE router has a BGP route. Let’s see if we can ping from one loopback interface to another:
CE1#ping 2001:DB8:5:5::5 source 2001:DB8:1:1::1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2001:DB8:5:5::5, timeout is 2 seconds:
Packet sent with a source address of 2001:DB8:1:1::1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 6/7/10 msOur ping is successful, if we want to see the labels then we can use a traceroute:
CE1#traceroute
Protocol [ip]: ipv6
Target IPv6 address: 2001:DB8:5:5::5
Source address: 2001:DB8:1:1::1
Insert source routing header? [no]:
Numeric display? [no]:
Timeout in seconds [3]:
Probe count [3]: 1
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Priority [0]:
Port Number [0]:
Type escape sequence to abort.
Tracing the route to 2001:DB8:5:5::5
1 2001:DB8:0:12::2 7 msec
2 ::FFFF:192.168.23.3 [MPLS: Labels 17/19 Exp 0] 12 msec
3 2001:DB8:0:45::4 [MPLS: Label 19 Exp 0] 9 msec
4 2001:DB8:0:45::5 8 msecThis is looking good. We see the VPN label (19) and the transport label (17) in this output.
Configurations
Want to take a look for yourself? Here you will find the startup configuration of each device.
CE1
hostname CE1
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
ipv6 address 2001:DB8:1:1::1/128
!
interface GigabitEthernet0/0
ip address 10.255.1.146 255.255.0.0
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:12::1/64
ipv6 enable
!
router bgp 1
bgp router-id 1.1.1.1
bgp log-neighbor-changes
neighbor 2001:DB8:0:12::2 remote-as 234
!
address-family ipv4
no neighbor 2001:DB8:0:12::2 activate
exit-address-family
!
address-family ipv6
network 2001:DB8:1:1::1/128
neighbor 2001:DB8:0:12::2 activate
exit-address-family
!
endCE2
hostname CE2
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
ipv6 address 2001:DB8:5:5::5/128
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:45::5/64
!
router bgp 5
bgp router-id 5.5.5.5
bgp log-neighbor-changes
neighbor 2001:DB8:0:45::4 remote-as 234
!
address-family ipv4
no neighbor 2001:DB8:0:45::4 activate
exit-address-family
!
address-family ipv6
network 2001:DB8:5:5::5/128
neighbor 2001:DB8:0:45::4 activate
exit-address-family
!
endP
hostname P
!
ip cef
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface GigabitEthernet0/1
ip address 192.168.23.3 255.255.255.0
!
interface GigabitEthernet0/2
ip address 192.168.34.3 255.255.255.0
!
router ospf 1
mpls ldp autoconfig
network 3.3.3.3 0.0.0.0 area 0
network 192.168.23.0 0.0.0.255 area 0
network 192.168.34.0 0.0.0.255 area 0
!
endPE1
hostname PE1
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:12::2/64
!
interface GigabitEthernet0/2
ip address 192.168.23.2 255.255.255.0
!
router ospf 1
mpls ldp autoconfig
network 2.2.2.2 0.0.0.0 area 0
network 192.168.23.0 0.0.0.255 area 0
!
router bgp 234
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 234
neighbor 4.4.4.4 update-source Loopback0
neighbor 2001:DB8:0:12::1 remote-as 1
!
address-family ipv4
neighbor 4.4.4.4 activate
no neighbor 2001:DB8:0:12::1 activate
exit-address-family
!
address-family ipv6
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-label
neighbor 2001:DB8:0:12::1 activate
exit-address-family
!
endPE2
hostname PE2
!
ip cef
ipv6 unicast-routing
ipv6 cef
!
interface Loopback0
ip address 4.4.4.4 255.255.255.255
!
interface GigabitEthernet0/1
ipv6 address 2001:DB8:0:45::4/64
!
interface GigabitEthernet0/2
ip address 192.168.34.4 255.255.255.0
!
router ospf 1
mpls ldp autoconfig
network 4.4.4.4 0.0.0.0 area 0
network 192.168.34.0 0.0.0.255 area 0
!
router bgp 234
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 234
neighbor 2.2.2.2 update-source Loopback0
neighbor 2001:DB8:0:45::5 remote-as 5
!
address-family ipv4
neighbor 2.2.2.2 activate
no neighbor 2001:DB8:0:45::5 activate
exit-address-family
!
address-family ipv6
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-label
neighbor 2001:DB8:0:45::5 activate
exit-address-family
!
end6VPE
Now let’s try the 6VPE configuration. I’ll use the same startup configuration I showed in the beginning of this lesson.
PE Routers
6VPE uses VRFs so that’s the first thing I am going to configure. We’ll create a VRF called “CUSTOMER” and use RD 1:1:
PE1(config)#vrf definition CUSTOMER
PE1(config-vrf)#rd 1:1
PE1(config-vrf)#address-family ipv6
PE1(config-vrf-af)#route-target both 1:1
PE1(config)#interface GigabitEthernet 0/1
PE1(config-if)#vrf forwarding CUSTOMER
PE1(config-if)#ipv6 address 2001:DB8:0:12::2/64Make sure IPv6 unicast routing is enabled before you configure MP-BGP:
PE1(config)#ipv6 unicast-routingNow we can configure MP-BGP. I need to enable the VPNv6 address family and activate the PE2 router. We also need to configure the CE router as a neighbor under the VRF:
Hi,
what is the
send labelcommand do? is it allowing the PE routers to add the transport label and the VPN label to IPv6 prefixes and then forward to other PE routers?Hello Tuong
The
neighbor send-labelcommand is used to enable a router to distribute MPLS labels along with IPv4 routes to a peer router. When using IPv6 the command can be used in address family configuration mode, to bind and advertise IPv6 prefix MPLS labels.For more information, you can take a look at the following link:
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mpls/command/mp-cr-book/mp-m4.html#wp2505210460
I hope this has been helpful!
Laz
Hi Guys - quick question - is dual stack in terms of IPv6 simply running v4 and v6 addresses on the same interfaces? Cheers - Gareth.
Hello Gareth
The term “dual stack” can mean several things depending on the context. In general, the term means that a single device is running both IPv4 and IPv6 simultaneously. On a host with one NIC, this means that the NIC has both an IPv4 and IPv6 address. On a router, this could mean that a single port has both an IPv4 and IPv6 address, or, as is the case in this specific lesson, it simply means that the same device is running both IPv4 and IPv6 simultaneously, but not necessarily on the same interface.
I hope this has been helpful!
Laz
Thanks Laz - good to know that it’s just a generic term.