MPLS VPN Configuration Example

In this lesson I’m going to walk you through the configuration of a small MPLS VPN network using MP-BGP (Multi-Protocol Border Gateway Protocol) and only two VRFs. I will be using the following topology for this:

MPLS VPN MPBGP VRF blue red

Above you see 3 routers connected to each other. R1 and R3 each have two loopback interfaces. The loopback 0 interface will be used to establish a BGP neighbor adjacency, the loopback 1 interfaces will be in two different VRFs called blue and red.

First we’ll configure OSPF so that R1 and R3 can reach each others loopback 0 interface:

R1(config)#router ospf 1
R1(config-router)#network 192.168.12.1 0.0.0.0 area 0
R1(config-router)#network 1.1.1.1 0.0.0.0 area 0
R2(config)#router ospf 1
R2(config-router)#network 192.168.12.2 0.0.0.0 area 0
R2(config-router)#network 192.168.23.2 0.0.0.0 area 0
R3(config)#router ospf 1
R3(config-router)#network 192.168.23.3 0.0.0.0 area 0
R3(config-router)#network 3.3.3.3 0.0.0.0 area 0
Make sure you configure a /32 network mask on the loopback 0 interfaces. If you don’t, you’ll run into issues with MPLS because OSPF by default will always advertise a loopback interface as /32.

We’ll continue by configuring MPLS on the interfaces of all routers:

R1(config)#interface fastEthernet 0/0
R1(config-if)#mpls ip
R2(config)#interface fastEthernet 0/0
R2(config-if)#mpls ip

R2(config)#interface fastEthernet 1/0
R2(config-if)#mpls ip 
R3(config)#interface fastEthernet 0/0
R3(config-if)#mpls ip

Enabling MPLS is simple enough, let’s verify that we have neighbors:

R2#show mpls ldp neighbor 
    Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 192.168.23.2:0
	TCP connection: 1.1.1.1.646 - 192.168.23.2.35345
	State: Oper; Msgs sent/rcvd: 7/7; Downstream
	Up time: 00:00:21
	LDP discovery sources:
	  FastEthernet0/0, Src IP addr: 192.168.12.1
        Addresses bound to peer LDP Ident:
          192.168.12.1    1.1.1.1         
    Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 192.168.23.2:0
	TCP connection: 3.3.3.3.646 - 192.168.23.2.45741
	State: Oper; Msgs sent/rcvd: 7/7; Downstream
	Up time: 00:00:03
	LDP discovery sources:
	  FastEthernet1/0, Src IP addr: 192.168.23.3
        Addresses bound to peer LDP Ident:
          192.168.23.3    3.3.3.3   

Fair enough, R2 has two MPLS LDP neighbors. If you are interested, you can take a look at the labels that are in use:

R1#show mpls forwarding-table 
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
16     17          3.3.3.3/32        0          Fa0/0      192.168.12.2 
17     Pop tag     192.168.23.0/24   0          Fa0/0      192.168.12.2
R2#show mpls forwarding-table 
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
16     Pop tag     1.1.1.1/32        0          Fa0/0      192.168.12.1 
17     Pop tag     3.3.3.3/32        0          Fa1/0      192.168.23.3
R3#show mpls forwarding-table 
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
16     Pop tag     192.168.12.0/24   0          Fa0/0      192.168.23.2 
17     16          1.1.1.1/32        0          Fa0/0      192.168.23.2

With MPLS running and labels being advertised, we can continue and create the two VRFs:

R1(config)#ip vrf BLUE
R1(config-vrf)#rd 100:1
R1(config-vrf)#route-target export 100:1
R1(config-vrf)#route-target import 100:3

VRF Blue will be created on R1. We will use RD (Route Distinguisher) 100:1 for VRF blue and 100:3 for VRF red . Now we can create a new loopback and add it to the VRF:

R1(config)#interface loopback1
R1(config-if)#ip vrf forwarding BLUE
R1(config-if)#ip address 11.11.11.11 255.255.255.0

Loopback 1 has an IP address and is added to VRF blue. Now let’s do the same thing on R3:

R3(config)#ip vrf RED
R3(config-vrf)#rd 100:3
R3(config-vrf)#route-target export 100:3
R3(config-vrf)#route-target import 100:1
R3(config)#interface loopback 1
R3(config-if)#ip vrf forwarding RED
R3(config-if)#ip address 33.33.33.33 255.255.255.0

On R3 we’ll create VRF red and use 100:3 as the RD.  Now we can configure BGP on both routers:

We're Sorry, Full Content Access is for Members Only...

If you like to keep on reading, Become a Member Now! Here is why:

  • Learn any CCNA, CCNP and CCIE R&S Topic. Explained As Simple As Possible.
  • Try for Just $1. The Best Dollar You've Ever Spent on Your Cisco Career!
  • Full Access to our 654 Lessons. More Lessons Added Every Week!
  • Content created by Rene Molenaar (CCIE #41726)

535 Sign Ups in the last 30 days

satisfaction-guaranteed
100% Satisfaction Guaranteed!
You may cancel your monthly membership at any time.
No Questions Asked!

Tags: , ,


Forum Replies

  1. R3(config-router)#address-family vpnv4 
    R3(config-router-af)#neighbor 1.1.1.1 activate 
    R3(config-router-af)#neighbor 1.1.1.1 send-community extended 
    

    what is the use of the above command.if we not provided these commands what will happened. could u explain each and every functionality of above command

  2. Hi Rene - what about R2, don’t we need to configure VRF on R2 also? how the middle router will come to know about the VRF data, OR the middle one is only a transit router that works on MPLS BGP.

  3. I’ll write some more mpls tutorials in the future, there’s plenty to talk about.

  4. Hi Taslim,

    Glad to hear you like it. I will add these topics for sure, hopefully in a few weeks.

    Rene

25 more replies! Ask a question or join the discussion by visiting our Community Forum