Lab Setup-Men Part 2

Lab Setup-MEN Part 2
PC-C
SW-C
Fe 0/0/9
Ge 0/0/1
1/0/4 RT-C 1/0/6

1/0/8
1/0/0
1/0/4
1/0/2
2/1
1/2 1/1
2/4
2/0/2
1/0/2 1/2
1/3
2/2 2/0/4 RT-D
1/1
2/0/0 1/0/0
RT-A RT-E RT-F
RT-B
1/4
2/0/8
2/3 1/0/6
Ge0/1
Ge0/1
2/5 2/0/6 SW-D
Ge 0/0/1
SW-A Ge 0/0/1
Fe0/9 SW-B
SW-E
Fe 0/0/9
PC-A PC-B
CX600- RT-C, RT-D, RT-E

C7609-RT-A, RT-B, RT-F
C3400 – SW-A
CX200D – SW-B, SW-C
Lab1- Configuring Basic BGP Functions
RT-C
1/0/0 1/0/2
2/1 1/2 2/0/2 1/1

1/0/2
1/2
RT-A 2/2 1/1 1/3

2/0/4 2/0/0 1/0/0 RT-F
RT-B
RT-D RT-E
2/3
0/1 Group1- RT-A & RT-B

Group2- RT-C & RT-D
Group3- RT-E & RT-F
AS 65001 AS 65000 AS 65002

Summary IP-192.168.0.0/16 Summary IP-10.0.0.0/8 Summary IP-172.16.0.0/16
RT-A RT-B RT-E
Lo- 192.168.255.12/32 Lo- 10.0.255.11/32 Lo- 172.16.255.33/32
2/2 -10.0.1.2/30 1/1 -10.0.1.1/30 1/0/0 -10.0.2.2/30
2/1-192.168.0.1/30 1/2 -10.0.0.1/30 1/0/2 -172.16.0.1/30
2/3 -Switchport 1/3 -10.0.0.10/30 RT-F
RT-C Lo- 172.16.255.23/32
Lo- 10.0.255.21/32 1/2 -172.16.0.2/30
1/0/0 -10.0.0.2/30 1/1 -192.168.0.2/30
1/0/2 -10.0.0.5/30
RT-D
Lo- 10.0.255.31/32
2/0/0 -10.0.2.1/30
2/0/4 -10.0.0.9/30
2/0/2 -10.0.0.6/30
1
Configuration Procedure
Step 1
1. Clear the Configuration
2. Change the hostname or sysname
3. Configure the IP address for each interface
Interface loopback0
Ip address 192.168.255.12 255.255.255.255
Interface gigabitethernet 2/2

Ip address 10.0.1.2 255.255.255.252
No shut/undo shut
Negotiation auto (on CX port, if it is connected to Cisco)
Step 2 Configure IBGP connections.

# Configure RT-B.
RT-B(config)#router bgp 65000
RT-B(config-router)#neighbor 10.0.0.2 remote-as 65000
# Configure RT-D.
[RT-D] bgp 65000
[RT-D-bgp] peer 10.0.0.10 as-number 65000
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 10.0.0.1 as-number 65000
# Configure RT-E.
[RT-E] bgp 65002
[RT-E-bgp] peer 172.16.0.2 as-number 65002
# Configure RT-F.
RT-F(config)#router bgp 65002
RT-F(config-router)#neighbor 172.16.0.1 remote-as 65002
2
Check:-
Disp bgp peer
Show bgp neighbor
Disp bgp routing-table
Show ip route bgp
There is no bgp routes in the routing table
Step 3 Configure EBGP.

# Configure RT-A.
RT-A(config)#router bgp 65001
RT-A(config-router)#neighbor 10.0.255.11 remote-as 65000
RT-A(config-router)#neighbor 10.0.255.11 update-source loopback0
RT-A(config-router)#neighbor 10.0.255.11 ebgp-multihop 3
RT-A(config)#ip route 10.0.0.0 255.0.0.0 10.0.1.1

RT-A (config-router)#neighbor 172.16.255.23 update-source loopback0
# Configure RT-B.
RT-B(config)#router bgp 65000
RT-B(config-router)#neighbor 192.168.255.12 update-source loopback0
RT-B(config-router)#neighbor 192.168.255.12 ebgp-multihop 3
RT-B(config)#ip route 192.168.0.0 255.255.0.0 10.0.1.2
# Configure RT-D.
[RT-D] bgp 65000
[RT-D-bgp] peer 172.16.255.33 connect-interface loopback0
[RT-D-bgp] peer 172.16.255.33 ebgp-max-hop 3
[RT-D] ip route-static 172.16.0.0 16 10.0.2.2
# Configure RT-E.
[RT-E] bgp 65002
[RT-E-bgp] peer 10.0.255.31 connect-interface loopback0
[RT-E-bgp] peer 10.0.255.31 ebgp-max-hop 3
[RT-E] ip route-static 10.0.0.0 8 10.0.2.1
3
# Configure RT-F.
RT-F(config)#router bgp 65002
RT-F(config-router)#neighbor 192.168.255.12 remote-as 65001
RT-F(config-router)#neighbor 192.168.255.12 update-source loopback0
RT-F(config-router)#neighbor 192.168.255.12 ebgp-multihop 3
RT-F(config)#ip route 192.168.0.0 255.255.0.0 192.168.0.1
# Display the connection status of the BGP peers.

[CX] display bgp peer
Cisco# show bgp neighbor
It should be established
Step 4 Configure RT-A to advertise 100.0.0.0/8.

Connect Switch to the gigaetherent interface
Switch(config-if)# switchport mode trunk
Switch(config-if)#switchport trunk allow vlan all
Switch(config-if)#no shut
Switch(config)# vlan 100

Switch(config)# interface vlan 100
Switch(config-if)#ip address 100.0.0.2 255.0.0.0
Switch(config)#ip default-gateway 100.0.0.1

[Quidway]ip route-static 0.0.0.0 0 vlanif 100
RT-A(config-if)#switchport
RT-A(config-if)#switchport trunk encaspulation dot1q
RT-A(config-if)#switchport mode trunk
RT-A(config-if)#switchport trunk allow vlan all
RT-A(config-if)#no shut
RT-A(config)#vlan 100
RT-A(config)#interface vlan 100
RT-A(config-if)#ip address 100.0.0.1 255.0.0.0

RT-A(config-router)# address-family ipv4
RT-A(config-router-af)# network 100.0.0.0 mask 255.0.0.0
4
# Display the routing table of RT-B.
RT-B# show ip route bgp
B 100.0.0.0/8 [20/0] via 192.168.255.12
Check:
RT-B# ping 100.0.0.1
Reply from RT-A
# Display the routing table of RT-C.

[RT-C] display bgp routing-table
Network NextHop MED LocPrf PrefVal Path/Ogn
i 100.0.0.0 192.168.255.12 0 100 0 65001i
Check:
[RT-C] ping 100.0.0.1
No Reply from RT-A
# Display the routing table of RT-D.

[RT-D] display bgp routing-table
i 100.0.0.0 192.168.255.12 0 100 0 65001i
Check:
[RT-D] ping 100.0.0.1
No Reply from RT-A
# Display the routing table of RT-F.

RT-F# show ip route bgp
B 100.0.0.0/8 [20/0] via 192.168.255.12
Check:
RT-F# ping 100.0.0.1
Reply from RT-A
Note:- To Solve the above problem
• In Step5 we will change the BGP route next hop and reach 100.x.x.x network
without using OSPF
• AS specific routes should be available in the ip routing table. In step3 this is
manually added in ASBR, but it should be redistributed in the entire AS. We
will do this by using OSPF in Step6
5
Step 5 Configure ASBR to change the next hop as self
# Configure RT-B for route updates from AS65001 to AS65000
RT-B(config-router)address-family ipv4
RT-B(config-router-af)neighbor 10.0.0.2 next-hop-self
RT-B(config-router-af)neighbor 10.0.0.9 next-hop-self
Check: On RT-C
[RT-C] disp bgp route
*>i 100.0.0.0 10.0.0.1 0 100 0 65001i
[RT-C] ping 100.0.0.1

Reply from RT-A
# Configure RT-D for route updates from AS65000 to AS65002

[RT-D-bgp]peer 172.16.255.33 next-hop-local
# Configure RT-F for route updates from AS65001 to AS65002

RT-F(config-router)address-family ipv4
RT-F(config-router-af)neighbor 172.16.0.1 next-hop-self
Check: On RT-E
[RT-E] disp bgp route
*>i 100.0.0.0 172.16.0.2 0 100 0 65001i
Note: Remove next-hop-self and next-hop-local commands before starting step6
6
Step 6 Configure OSPF on each network of ASs
# Configure AS65001
RT-A(config)# router ospf 200
RT-A(config-router)# network 192.168.255.12 0.0.0.0 area 0
RT-A(config-router)# redistributed connected
RT-A(config-router)# redistributed static
# Configure AS65000
RT-B(config)# router ospf 100
RT-B(config-router)# network 10.0.255.11 0.0.0.0 area 0
RT-B(config-router)# redistributed connected
RT-B(config-router)# redistributed static
[RT-D]ospf 100
[RT-D-ospf-100]area 0
[RT-D-ospf-100-area-0.0.0.0]network 10.0.255.31 0.0.0.0
[RT-D-ospf-100]import-route direct
[RT-D-ospf-100]import-route static
[RT-C]ospf 100
[RT- C-ospf-100]area 0
[RT-C-ospf-100-area-0.0.0.0]network 10.0.255.21 0.0.0.0
[RT-C-ospf-100]import-route direct
[RT-C-ospf-100]import-route static
7
# Configure AS65002
[RT-E]ospf 300
[RT-E-ospf-300]area 0
[RT-E-ospf-300-area-0.0.0.0]network 172.16.255.33 0.0.0.0
[RT-E-ospf-300]import-route direct
[RT-E-ospf-300]import-route static
RT-F(config)# router ospf 300

RT-F(config-router)# network 172.16.255.23 0.0.0.0 area 0
RT-F(config-router)# network 172.16.0.0 0.0.255.255 area 0
RT-F(config-router)# redistributed connected
RT-F(config-router)# redistributed static
Check: Ping any IP from any where
8
Lab2- Working with BGP & IGP
2/4 1/0/4
1/0/2 2/0/2
RT-A
RT-C
RT-D
2/3
0/1 Group1- RT-A

Group2- RT-C
CX600- RT-C, RT-D
Group3- RT-D
C7609-RT-A
AS 65001 AS 65000
Summary IP-192.168.0.0/16 Summary IP-10.0.0.0/8
RT-A RT-C
Lo- 192.168.255.12/32 Lo- 10.0.255.11/32
2/4 -10.0.1.2/30 1/0/4 -10.0.1.1/30
2/3 - Switchport 1/0/2 -10.0.0.1/30
RT-D
Lo- 10.0.255.21/32
2/0/2 -10.0.0.2/30
1
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure the OSPF protocol on RT-C and RT-D to realize the interconnection.
2. Configure the EBGP connection on RT-A and RT-C.
3. Enable BGP and OSPF to import routes from each other on RT-C, and check the routing information.
4. Configure BGP route aggregation on RT-C and simplify the BGP routing table.
Step 1
Interface loopback0
Ip address 192.168.255.12 255.255.255.255
Interface gigabitethernet 1/0/4

Ip address 10.0.1.1 255.255.255.252
No shut/undo shut
Step 2 Configure OSPF in AS 65000

[RT-C]ospf 100
[RT-C-ospf-100]area 0
[RT-D]ospf 100

# Configure RT-A.
2
# Configure RT-C.
[RT-C]bgp 65000
[RT-C-bgp] peer 192.168.255.12 connect-interface loopback0
[RT-C-bgp]peer 192.168.255.12 ebgp-max-hop 3
[RT-C]ip route-static 192.168.255.12 255.255.255.255 10.0.1.2

Step 4 Configure RT-A to advertise 100.0.0.0/8.



[Quidway]ip route-static 0.0.0.0 0 vlanif 100

RT-A(config-router)# address-family ipv4
RT-A(config-router-af)# network 100.0.0.0 mask 255.0.0.0
3
# Display the routing table of RT-C.
[RT-C] display bgp routing-table
*i> 100.0.0.0 192.168.255.12 0 100 0 65001i
[RT-C] display ip routing-table protocol ospf
You will see 4 routes
1 active route of 10.0.255.21/32

3 inactive route of directly connected networks
Step 5 Configure BGP on RT-C to import OSPF routes

[RT-C-bgp] ipv4-family unicast
[RT-C-bgp-af-ipv4] import-route ospf 100
# Display the routing table of RT-A

RT-A# show ip route bgp
You should see 2 OSPF routes of 10.x.x.x in BGP routing table
Step 6 Configure OSPF on RT-C to import BGP routes
[RT-C-ospf-100] import-route bgp
# Display the routing table of RT-D

[RT-D] display ip routing-table
You should see BGP route of 100.x.x.x in OSPF routing table
To check:
Ping 100.0.0.1 form RT-D
4
Step 7 Configure the automatic route aggregation.
# Configure RT-C
[RT-C] bgp 65000
[RT-C-bgp-af-ipv4] summary automatic
# Display the routing table of RT-A.

[RT-A] display bgp routing-table
You should see single route for all 10.x.x.x networks of AS 65000
5
Lab3- Configuring AS-Path Filter
EBGP connections are set up between RT-A, RT-C, and RT-D. Configure the AS-Path filter on RT-A. AS
65001 thus does not advertises routes of AS 65002 to AS 65000, or advertise routes of AS 65000 to AS 65002.
RT-C
1/0/4
2/4 1/0/2
RT-A
2/0/2
2/5
2/0/6
RT-D
Group1- RT-A
Group2- RT-C
CX600- RT-C, RT-D
Group3- RT-D
C7609-RT-A
AS 65001 AS 65000 AS 65002

RT-A RT-C RT-D
Lo- 192.168.255.12/32 Lo- 10.0.255.11/32 Lo- 172.16.255.13/32
2/4 -10.0.1.2/24 1/0/4 -10.0.1.1/24 2/0/2-10.0.2.2/24
2/5 - 10.0.3.1/24 1/0/2-10.0.2.1/24 2/0/6 -10.0.3.2/24
1
1. Configure the EBGP connecting between RT-C and RT-A, RT-A and RT-D, RT-D
and RT-C respectively, and import direct routes.
2. Configure the AS-Path on RT-A, and apply the filtering rule.
Step 1
# Configure RT-A

RT-A(config-router)#redistributed connected
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 192.168.255.12 ebgp-max-hop 3
[RT-C]ip route-static 192.168.255.12 32 10.0.1.2

[RT-C-bgp] import-route direct
2
# Configure RT-D
[RT-D] bgp 65002
[RT-D]ip route-static 192.168.255.12 32 10.0.3.1

[RT-D-bgp] import-route direct

# Check the routing table advertised by RT-A to peer RT-C. You can find that RT-A
advertises the routes for direct network between RT-C and RT-D.
RT-A#show bgp ipv4 unicast neighbors 10.0.255.11 advertised-routes
BGP table version is 13, local router ID is 192.168.255.12

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path

*> 10.0.1.0/24 0.0.0.0 0 32768 ?
*> 10.0.2.0/24 172.16.255.13 0 0 65002 ?
*> 10.0.3.0/24 0.0.0.0 0 32768 ?
r> 10.0.255.11/32 10.0.255.11 0 0 65000 ?
r> 172.16.255.13/32 172.16.255.13 0 0 65002 ?
*> 192.168.255.12/32
0.0.0.0 0 32768 ?
Total number of prefixes 6
Huawei command
<RT-A> display bgp routing-table peer 10.0.255.11 advertised-routes
3
Check the routing table of RT-C, and you can find that RT-C learns the two routes
advertised by RT-A.
<RT-C> display bgp routing-table
Total Number of Routes: 13
BGP Local router ID is 10.0.255.11

Status codes: * - valid, > - best, d - damped,
h - history, i - internal, s - suppressed, S - Stale
Origin : i - IGP, e - EGP, ? - incomplete
*> 10.0.1.0/24 0.0.0.0 0 0 ?

* 192.168.255.12 0 0 65001?
*> 10.0.1.1/32 0.0.0.0 0 0 ?
*> 10.0.2.0/24 0.0.0.0 0 0 ?
* 172.16.255.13 0 0 65002?
* 192.168.255.12 0 65001 65002?
*> 10.0.2.1/32 0.0.0.0 0 0 ?
*> 10.0.3.0/24 172.16.255.13 0 0 65002?
* 192.168.255.12 0 0 65001?
*> 10.0.255.11/32 0.0.0.0 0 0 ?
172.16.255.13/32 172.16.255.13 0 0 65002?
* 192.168.255.12 0 65001 65002?
192.168.255.12/32 192.168.255.12 0 0 65001?
Step 3 Configure the AS-Path filter on RT-A and apply the filter in the outgoing direction of RT-A
# Create AS-Path filter 1, refusing the passing of routes carrying AS 65002 (The regular
expression _65002_ indicates any AS list that contains AS 65002 and * matches any
character.)
RT-A(config)# ip as-path access-list 1 deny _65002_
RT-A(config)# ip as-path access-list 1 permit .*
# Create AS-Path filter 2, refusing the passing of routes carrying AS 65000.

RT-A(config)# ip as-path access-list 2 deny _65000_
RT-A(config)# ip as-path access-list 2 permit .*
# Apply the AS-Path filter in two outgoing directions of RT-A.

RT-A#router bgp 65001
RT-A(config-router)# neighbor 10.0.255.11 filter-list 1 out
RT-A(config-router)# neighbor 172.16.255.13 filter-list 2 out
Additional Info:- If RT-A is a CX600 router use following commands

[RT-A] ip as-path-filter 1 deny _65002_
4
[RT-A] ip as-path-filter 1 permit .*
[RT-A] ip as-path-filter 2 deny _65000_

[RT-A] ip as-path-filter 2 permit .*
# Apply the AS-Path filter in two outgoing directions of RT-A
[RT-A] bgp 20
[RT-A-bgp] peer 200.1.2.1 as-path-filter 1 export
[RT-A-bgp] peer 200.1.3.2 as-path-filter 2 export
Step 4 Check the routing table advertised by RT-A, and it will not have advertised direct
routes for networks between RT-C and RT-D.
RT-A#show bgp ipv4 unicast neighbor 10.0.255.11 advertised-routes
It will not have routes learned from AS65002.


*> 10.0.1.0/24 0.0.0.0 0 32768 ?
*> 10.0.3.0/24 0.0.0.0 0 32768 ?
*> 192.168.255.12/32
0.0.0.0 0 32768 ?
Total number of prefixes 3
Additional Info:- If RT-A is a CX600 router use following commands
<RT-A> display bgp routing-table peer 172.16.255.13 advertised-routes
Similarly, the BGP routing table of RT-C does not have the two routes.
<RT-C> display bgp routing-table
This will not have routes coming from AS65002 via AS65001

5
*> 10.0.1.0/24 0.0.0.0 0 0 ?

* 192.168.255.12 0 0 65001?
*> 10.0.1.1/32 0.0.0.0 0 0 ?
*> 10.0.2.0/24 0.0.0.0 0 0 ?
* 172.16.255.13 0 0 65002?
*> 10.0.2.1/32 0.0.0.0 0 0 ?
*> 10.0.3.0/24 172.16.255.13 0 0 65002?
* 192.168.255.12 0 0 65001?
*> 10.0.255.11/32 0.0.0.0 0 0 ?
172.16.255.13/32 172.16.255.13 0 0 65002?
192.168.255.12/32 192.168.255.12 0 0 65001?
Step 5 # Similarly Check the routing table advertised by RT-A to RT-D
It will not have routes learned from AS65000 via AS65001
6
Additional Info:
Metacharacter- Metacharacter- Connotation

Cisco Huawei
\ Indicates escape character.

. . Matches any single character including the space except for \n.
* * Indicates that characters on the left of it appear for 0 or many times
continuously in the target object
+ + Indicates that characters on the left of it appear for 1 or many times
continuously in the target object.
| | The 'or' relationship exists between characters on the left and right
sides of it.
^ ^ Characters on the right of it must appear at the beginning of the
target object.
$ $ Characters on the left of it must appear at the end of the target
object.
[] [xyz] Matches the character listed in the square character.
[^ ] [^xyz] Matches any character that is not listed in the square bracket (^ is on
the left of the character).
- [a-z] Matches any character within the specified range.
[^a-z] Matches any character that is not within the specified range.
{n} The matches appear for n times (n is a non-negative integer).
{n,} The matches appear for at least n times (n is a non-negative integer).
{n,m} The matches appear for n–m times (m and n are non-negative
integer and n is smaller than or equal to m).
Note that there is no space between n and m.
? Zero or one instance of the character or pattern
7
Lab4- BGP Community Attribute
Networking Requirements
RT-A creates EBGP connections with RT-C and RT-D respectively. You can configure the No_Export
community attribute on RT-C. Thus, the routes advertised from AS65000 to AS65001 are not advertised to
other ASs.
RT-C
Ge0/0/1
1/0/4
1/0/6 SW-C
2/4
RT-A
2/5
2/0/6
RT-D
Group1- RT-A
Group2- RT-C , SW-C
CX600- RT-C, RT-D
Group3- RT-D
C7609-RT-A
CX200D- SW-C
AS 65001 AS 65000 AS 65002

RT-A RT-C RT-D
Lo- 192.168.255.12/32 Lo- 10.0.255.11/32 Lo- 172.16.255.13/32
2/4 -10.0.1.2/24 1/0/4 -10.0.1.1/24 2/0/6 -10.0.3.2/24
2/5 - 10.0.3.1/24 1/0/6 - Switchport
1
1. Configure the EBGP connection between RT-C and RT-A, as well as between RT-A and RT-D.
2. Configure the routing policy on RT-C, and advertise No_Export community attribute.
Step 1
Step 2 Configure the EBGP.
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] ] ipv4-family unicast

[RT-C-bgp-af-ipv4] network 100.0.0.0 255.0.0.0
[RT-C-GigabitEthernet1/0/6]portswitch
[RT-C-GigabitEthernet1/0/6]port link-type trunk
[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-C-GigabitEthernet1/0/6]undo shut
[RT-C]vlan 100
[RT-C]interface Vlanif 100
[RT-C-Vlan127]ip address 100.0.0.1 255.0.0.0
2
[SW-C-gigabitethernet0/0/1]port link-type trunk
[SW-C-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-C-gigabitethernet0/0/1]bpdu enable
[SW-C-gigabitethernet0/0/1]undo shut
[SW-C ]vlan 100

[SW-C ]interface vlan 100
[SW-C-vlanif100]ip address 100.0.0.2 255.0.0.0
[SW-C-vlanif100]undo shut
[SW-C]ip route-static 0.0.0.0 0 vlanif 100
# Configure RT-A

# Configure RT-D
[RT-D] bgp 65002
3
RT-A# show ip bgp 100.0.0.0
BGP routing table entry for 100.0.0.0/8, version 34

Paths: (1 available, best #1, table default)
Advertised to update-groups: 1
65000
10.0.255.11 from 10.0.255.11 (10.0.255.11)
Origin IGP, metric 0, localpref 100, valid, external, best
You can see that RT-A advertises the routes received from RT-C to RT-D in AS65002.
# Display the routing table of RT-D

[RT-D] display bgp routing-table

*> 100.0.0.0 192.168.255.12 0 65001

65000i
From the routing table, you can confirm that RT-D has learned a route to the destination
100.0.0.0/8 from RT-A
Step 3 Configure BGP community attributes.

# Configure the routing policy on RT-C to enable RT-C to advertise routes to RT-A. As the
result RT-A does not advertise the routes advertised by RT-C to any other AS.
[RT-C] route-policy RT-A permit node 10
Info: New Sequence of this List !!
[RT-C-route-policy] apply community no-export
# Apply routing policies.

[RT-C] bgp 65000
[RT-C-bgp-af-ipv4] peer 192.168.255.12 route-policy RT-A export
[RT-C-bgp-af-ipv4] peer 192.168.255.12 advertise-community
4
Additional Info: It RT-C is a Cisco router than use following commands
access-list 1 permit 100.0.0.0
Route-map RT-C permit 10
Match ip address 1
Set community no-export
Route-map RT-C permit 20
# Apply routing policies.

RT-C(config-router)#neighbor 192.168.255.12 send-community
RT-C(config-router)#neighbor 192.168.255.12 route-map RT-C out

RT-A# show ip bgp 100.0.0.0
BGP routing table entry for 100.0.0.0/8, version 40

Paths: (1 available, best #1, table default, not advertised to EBGP peer)
Flag: 0x880
Not advertised to any peer
65000
10.0.255.11 from 10.0.255.11 (10.0.255.11)
Origin IGP, metric 0, localpref 100, valid, external, best
Community: no-export
You can see the configured community attribute in the routing table of RT-A. At this time,
there are no routes to the destination 100.0.0.0/8 in the routing table of RT-D
5
Lab5- BGP Load Balancing and the MED Attribute
RT-C
1/0/4
2/4 1/0/2
RT-A
2/0/2
2/5
2/0/6
RT-D
Group1- RT-A
CX600- RT-C, RT-D
Group2- RT-C
C7609-RT-A
Group3- RT-D
AS 65001 AS 65000
Summary IP-192.168.0.0/16 Summary IP-10.0.0.0/8
RT-A RT-C
Lo- 192.168.255.12/32 Lo- 10.0.255.11/32
2/4 -192.168.1.1/30 1/0/4 -192.168.1.2/30
2/5 - 192.168.2.1/30 1/0/2 -20.0.0.1/24
RT-D
Lo- 10.0.255.21/32
2/0/2 -20.0.0.2/24
2/0/6 -192.168.2.2/30
1
1. Configure the EBGP connections between RT-A and RT-C, as well as between RT-A
and RT-D.
2. Configure the IBGP connections between RT-C and RT-D
3. Configure the load balancing on RT-A and MED value RT-C, and check the routing
information.
Step 1
Step 2 Configure BGP.

# Configure RT-A.

# Configure RT-C.
[RT-C] bgp 65000

[RT-C-bgp-af-ipv4] network 20.0.0.0 255.255.255.0
# Configure RT-D.
[RT-D] bgp 65000
2

[RT-D-bgp] ipv4-family unicast
[RT-D-bgp-af-ipv4] network 20.0.0.0 255.255.255.0


Gateway of last resort is not set
20.0.0.0/30 is subnetted, 1 subnets

B 20.0.0.0 [20/0] via 10.0.255.11, 00:04:00
RT-A#sh ip bgp 20.0.0.0 255.255.255.0 subnets


* 20.0.0.0/24 10.0.255.21 0 0 65000 i
*> 10.0.255.11 0 0 65000 i
As displayed in the routing table, there are two valid routes to the destination 20.0.0.0/24.
The route whose next hop is 10.0.255.11 is the optimum route. This is because the Router
ID of RT-C is smaller.
3
Step 3 Configure load balancing.
# Configure RT-A
RT-A(config-router)#address-family ipv4
RT-A(config-router-af)#maximum-paths 2
Additional info: Huawei commands

[CX-A] bgp 65001
[CX-A-bgp] ipv4-family unicast
[CX-A-bgp-af-ipv4] maximum load-balancing 2

20.0.0.0/24 is subnetted, 1 subnets

B 20.0.0.0 [20/0] via 10.0.255.21, 00:00:17
[20/0] via 10.0.255.11, 00:00:17
As displayed in the routing table, BGP route 20.0.0.0/24 has two next hops. They are
10.0.255.11 and 10.0.255.21. Both of them are optimum routes.
4
Step 4 Configure MED attributes.
# Set the default value of MED sent by RT-C to RT-A by using the policy.
[RT-C] route-policy 10 permit node 10
[RT-C -route-policy] apply cost 100
[RT-C] bgp 65000
[RT-C -bgp] peer 192.168.255.12 route-policy 10 export

RT-A#sh ip bgp 20.0.0.0 255.255.255.0 subnets


*> 20.0.0.0/24 10.0.255.21 0 0 65000 i
* 10.0.255.11 100 0 65000 i
As displayed in the routing table, the MED of the next hop 10.0.255.11 (RT-C) is 100, and
that of the next hop 10.0.255.21 is 0. Therefore, the route with the smaller MED is
selected.
5
Lab6- Basic MPLS Configuration
SW-C
Ge
0/0/1
RT-C 1/0/6
1/0/2
2/0/2
2/2 2/0/4
1/1 1/3
RT-A
RT-B
2/3 RT-D
Ge
0/1
SW-A
CX600- RT-C, RT-D

Group1- RT-A, SW-A
C7609-RT-A, RT-B
Group2- RT-B, RT-D
C3400 – SW-A
Group3- RT-C, SW-C
CX200D – SW-C
Summary IP-10.0.0.0/8 RT-C

RT-A Lo- 10.0.255.31/32
Lo- 10.0.255.11/32 1/0/2 -10.0.3.2/30
2/2 -10.0.1.1/30 1/0/6 –switchport (100.0.2.0/24)
2/3 –switchport (100.0.1.0/24) RT-D
RT-B Lo- 10.0.255.41/32
Lo- 10.0.255.21/32 2/0/4 -10.0.2.2/30
1/1 -10.0.1.2/30 2/0/2 -10.0.3.1/30
1/3 -10.0.2.1/30 1
Step 1
Interface loopback0
Ip address 10.0.255.11 255.255.255.255

Ip address 10.0.1.1 255.255.255.252
No shut/undo shut
Step 2 Configure OSPF


[RT-C]ospf 100
[RT-D]ospf 100
2
Step 3 Configure SW-A & RT-A for 100.0.1.0/24.

Step 4 Configure SW-C & RT-C for 100.0.2.0/24.

[SW-C ]vlan 100

[SW-C ]interface vlan 100
[SW-C-vlanif100]undo shut
[SW-C]ip route-static 0.0.0.0 0 vlanif 100
[RT-C]vlan 100
[RT-C]interface Vlanif 100
[RT-C-Vlan127]ip address 100.0.2.1 255.255.255.0
3
Step 5 Configure MPLS
z Configure RTA:
RT-A(config)#mpls ip
RT-A(config)#mpls ldp router-id Loopback0 force
RT-A(config-if)#mpls ip
RT-A(config-if)#mpls lable protocol ldp
z Configure RTB:
RT-B(config)#mpls ip
RT-B(config)#mpls ldp router-id Loopback0 force
RT-B(config-if)#mpls ip
RT-B(config-if)#mpls lable protocol ldp
RT-B(config-if)#mpls lable protocol ldp
z Configure RTC:
[RT-C]mpls lsr-id 10.0.255.31

[RT-C]mpls
[RT-C-mpls]lsp-trigger all
[RT-C]mpls ldp
[RT-C-gigabitethernet1/0/2]mpls
[RT-C-gigabitethernet1/0/2]mpls ldp
z Configure RTD:
[RT-D]mpls lsr-id 10.0.255.41

[RT-D]mpls
[RT-D-mpls]lsp-trigger all
[RT-D]mpls ldp
[RT-D-gigabitethernet2/0/2]mpls
[RT-D-gigabitethernet2/0/2]mpls ldp
4
Check:
1) View the interface on which the LDP runs:
RT-B>show mpls interfaces
Interface IP Tunnel BGP Static Operational

GigabitEthernet1/1 Yes (ldp) No No No Yes
[RT-D]display mpls ldp interface
LDP Interface Information in Public Network

------------------------------------------------------------------------------
IF-Name Status LAM Transport-Address Hello-Sent/Rcv
------------------------------------------------------------------------------
GE2/0/2 Active DU 10.0.255.41 316/314
GE2/0/4 Active DU 10.0.255.41 312/354
------------------------------------------------------------------------------
LAM: Label Advertisement Mode IF-Name: Interface name
2) View the established LDP Session:
RT-B>show mpls ldp neighbor
Peer LDP Ident: 10.0.255.11:0; Local LDP Ident 10.0.255.21:0

TCP connection: 10.0.255.11.646 - 10.0.255.21.11000
State: Oper; Msgs sent/rcvd: 84/82; Downstream
Up time: 01:02:42
LDP discovery sources:
GigabitEthernet1/1, Src IP addr: 10.0.1.1
Addresses bound to peer LDP Ident:
100.0.1.1 10.0.255.11 10.0.1.1

TCP connection: 10.0.255.41.52580 - 10.0.255.21.646
Up time: 00:30:44
10.0.3.1 10.0.2.2 10.0.255.41
5
[RT-D]display mpls ldp peer
LDP Peer Information in Public network

------------------------------------------------------------------------------
Peer-ID Transport-Address Discovery-Source
------------------------------------------------------------------------------
10.0.255.31:0 10.0.255.31 GigabitEthernet2/0/2
------------------------------------------------------------------------------
TOTAL: 2 Peer(s) Found.
3) Take FEC:100.0.2.0/24 for example to view the label switching in the whole forwarding
process:
View the MPLS LSP of RT-A:
RT-A#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 10.0.255.21/32 0 Gi2/2 10.0.1.2
17 Pop Label 10.0.2.0/30 0 Gi2/2 10.0.1.2
18 18 10.0.3.0/30 0 Gi2/2 10.0.1.2
19 19 10.0.255.41/32 0 Gi2/2 10.0.1.2
20 20 10.0.255.31/32 0 Gi2/2 10.0.1.2
21 21 100.0.2.0/24 0 Gi2/2 10.0.1.2
On RT-A, the outbound label to 100.0.2.0/24 is 21. View the MPLS LSP of RT-B:
6
RT-B#show mpls forwarding-table
16 Pop Label 10.0.255.11/32 0 Gi1/1 10.0.1.1
17 Pop Label 100.0.1.0/24 0 Gi1/1 10.0.1.1
18 Pop Label 10.0.3.0/30 0 Gi1/3 10.0.2.2
19 Pop Label 10.0.255.41/32 0 Gi1/3 10.0.2.2
20 1029 10.0.255.31/32 0 Gi1/3 10.0.2.2
21 1028 100.0.2.0/24 0 Gi1/3 10.0.2.2
On RT-B, inbound labels being 21 are switched to 1028. On RT-D, view the MPLS LSP:
[RT-D]display mpls lsp
-------------------------------------------------------------------------------
LSP Information: LDP LSP
-------------------------------------------------------------------------------
FEC In/Out Label In/Out IF Vrf Name
10.0.2.0/30 3/NULL -/-
10.0.255.41/32 3/NULL -/-
100.0.2.0/24 NULL/3 -/GE2/0/2
10.0.255.31/32 NULL/3 -/GE2/0/2
10.0.255.31/32 1029/3 -/GE2/0/2
100.0.2.0/24 1028/3 -/GE2/0/2
10.0.1.0/30 1024/3 -/GE2/0/4
10.0.1.0/30 NULL/3 -/GE2/0/4
10.0.255.11/32 1026/16 -/GE2/0/4
10.0.255.11/32 NULL/16 -/GE2/0/4
10.0.255.21/32 1027/3 -/GE2/0/4
10.0.255.21/32 NULL/3 -/GE2/0/4
100.0.1.0/24 1025/17 -/GE2/0/4
100.0.1.0/24 NULL/17 -/GE2/0/4
7
10.0.3.0/30 3/NULL -/-
Outbound label of the packet with inbound label 1028 is 3. It indicates that RT-D is the
penultimate hop and thus needs to pop off the label and send the IP data packet to the last
hop, RT-C, directly.
[RT-C]display mpls lsp
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
10.0.2.0/30 NULL/3 -/GE1/0/2
10.0.255.41/32 NULL/3 -/GE1/0/2
10.0.1.0/30 NULL/1024 -/GE1/0/2
100.0.1.0/24 NULL/1025 -/GE1/0/2
10.0.255.11/32 NULL/1026 -/GE1/0/2
10.0.255.21/32 NULL/1027 -/GE1/0/2
100.0.2.0/24 3/NULL -/-
10.0.255.31/32 3/NULL -/-
Labels allocated by RT-C to RT-D are specially 3, which indicates that RT-C is the last
hop. The MPLS LSP forwarding process for other FECs is similar.
8
Lab7 - L3 VPN (Switchport is assigned to customer)
SW-C Ge
Ge 0/0/9
PC-C
0/0/1
RT-C 1/0/6
1/0/2
2/0/2
2/2 2/0/4
1/1 1/3
RT-A
RT-B
2/3 RT-D
Ge
0/1
Ge
0/9
SW-A
CX600- RT-C, RT-D

Group1- RT-B, RT-D
C7609-RT-A, RT-B
Group2- RT-A, SW-A
PC-A
C3400 – SW-A
Group3- RT-C, SW-C
CX200D – SW-C
As65000 RT-C
Summary IP-10.0.0.0/8 Lo- 10.0.255.31/32
RT-A 1/0/2 -10.0.3.2/30
Lo- 10.0.255.11/32 1/0/6 –switchport (100.0.2.0/24)
2/2 -10.0.1.1/30 RT-D
2/3 –switchport (100.0.1.0/24) Lo- 10.0.255.41/32
RT-B 2/0/4 -10.0.2.2/30
Lo- 10.0.255.21/32 2/0/2 -10.0.3.1/30
1/1 -10.0.1.2/30 1
1/3 -10.0.2.1/30
1. Configure OSPF between PEs to implement interworking.
2. Configure the basic MPLS functions and MPLS LDP
3. Configure the VPN instance on the PE connected with the CE in the backbone
network, bind the PE interface connected with the CE to the corresponding VPN
instance, and then reconfigure the IP address for the PE interface connected with the
CE.
4. Configure MP IBGP to exchange the VPN routing information between the PEs.
5. Configure CEs and PEs to exchange VPN routes by using direct connection, static
routes, OSPF, or EBGP.
RD= PE loopback IP: 1

RT=100:1 (every site can talk to any other site)
1. Configure IP address
2. Enable OSPF
3. Enable MPLS
4. Enable LDP
5. Create VRF + RD + RT
6. Bind interface to VRF
7. iBGP between PE
8. Redistribute static into BGP
2
Step 1
Interface loopback0
Ip address 10.0.255.11 255.255.255.255

Ip address 10.0.1.1 255.255.255.252
No shut/undo shut
Step 2 Configure OSPF in MPLS Backbone


[RT-D]ospf 100
[RT-C]ospf 100
3
After the configuration, the OSPF neighbor relationship should be established between RT-A, RT-B, RT-D and
RT-C. After running the show ip ospf neighbor & display ospf peer command, you can find that the OSPF
neighbor relationship is in Full state. Run the show ip routing-table & display ip routing-table command on
the PE (RT-A, RT-C), and you can view the Loopback0 routes imported from the peer.
RT-A# show ip ospf neighbor

[RT-C] display ospf peer
RT-A# show ip routing-table

[RT-C] display ip routing-table
Step 3 Configure basic MPLS functions and MPLS LDP on the MPLS backbone network to setup LDP
LSP.
z Configure RTA:
RT-A(config-if)#mpls label protocol ldp
z Configure RTB:
RT-B(config-if)#mpls label protocol ldp
z Configure RTD:

[RT-D]mpls
[RT-D]mpls ldp
4
z Configure RTC:

[RT-C]mpls
[RT-C]mpls ldp
After the configuration, LDP sessions are set up between RT-A, RT-B, RT-D and RT-C.
After running following commands on the devices, you can find the status of the session is
"Operational" in the display result. Run the display mpls ldp lsp command, and view the
state of the LDP LSP.
RT-A>show mpls ldp neighbor

[RT-C] display mpls ldp session
[RT-C]display mpls ldp peer
[RT-C] display mpls ldp lsp
Step 4 Configure SW-A & RT-A for 100.0.1.0/24.
RT-A(config-if)#switchport trunk allowed vlan all
SW-A(config-if)# switchport mode trunk

SW-A(config-if)#switchport trunk allow vlan all
SW-A(config-if)#no shut
SW-A(config)# vlan 100
SW-A(config)# interface fastEthernet 0/9

SW-A(config-if)#switchport access vlan 100
SW-A(config-if)#port-type nni
5
PC-A:- On the second interface card give following IP
IP- 100.0.1.2
Mask-255.255.255.0
Gateway-100.0.1.1
On Command prompt add folowing route
Route add 100.0.2.0 mask 255.255.255.0 100.0.1.1 metric 1
Step 5 Configure SW-C & RT-C for 100.0.2.0/24.
[RT-C]vlan 100

[SW-C ]vlan 100
[SW-C ]interface Ethernet 0/0/9

[SW-C-ethernet0/0/9]port link-type access
[SW-C-ethernet0/0/9]port default vlan 100
[SW-C-ethernet0/0/9]undo shut
PC-C:- On the second interface card give following IP

IP- 100.0.2.2
Mask-255.255.255.0
Gateway-100.0.2.1
On Command prompt add folowing route
Route add 100.0.1.0 mask 255.255.255.0 100.0.2.1 metric 1
Step 6 Configure VPN instances on PEs (RT-A & RT-C) and bind the instance to the interfaces of CEs.
# Configure RT-A (PE1).

RT-A(config)# ip vrf vpna
RT-A(config-vrf)# rd 100: 1
RT-A(config-vrf)# route-target export 111:1
RT-A(config-vrf)# route-target import 111:1
RT-A(config)# interface vlan 100

RT-A(config-if)# ip vrf forwarding vpna
RT-A(config-if)# ip address 100.0.1.1 255.255.255.0
6
# Configure RT-C (PE2).
[RT-C] ip vpn-instance vpna
[RT-C-vpn-instance-vpna] route-distinguisher 200:1
[Rt-C-vpn-instance-vpna] vpn-target 111:1 both
[RT-C] interface vlanif 100

[RT-C-vlanif100] ip binding vpn-instance vpna
[RT-C-vlanif100]ip address 100.0.2.1 24
[RT-C-vlanif100]undo shut
After the configuration, view the configuration of VPN instances by running following
commands on the PEs. The PE can ping through its own CE.
RT-A# show ip vrf

RT-A#show ip route vrf vpna
[RT-C] display ip vpn-instance
[RT-C] display ip vpn-instance verbose
[RT-C] display ip routing-table vpn-instance vpna
RT-A# ping vrf vpna 100.0.1.1

RT-A# ping vrf vpna 100.0.1.2
[RT-C] ping -vpn-instance vpna 100.0.2.1
[RT-C] ping -vpn-instance vpna 100.0.2.2
Step 7 Establish MP-IBGP peering between the PEs (RT-A & RT-C).
# Configure RT-A.
RT-A(config-router)# neighbor 10.0.255.31 remote-as 65000
RT-A(config-router)# neighbor 10.0.255.31 update-source loopback0
RT-A(config-router)# address-family vpnv4

RT-A(config-router-af)# neighbor 10.0.255.31 activate
RT-A(config-router)# address-family ipv4 vrf vpna

RT-A(config-router-af)# redistributed connected
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 10.0.255.11 connect-interface loopback 0
[RT-C-bgp] ipv4-family vpnv4

[RT-C-bgp-af-vpnv4] peer 10.0.255.11 enable
7
[RT-C-bgp] ipv4-family vpn-instance vpna
[RT-C-bgp-vpna] import-route direct
After the configuration, you can find that the BGP peer relationship has been set up
between PE1 and PE2 by running the following commands
RT-A#sh bgp neig
BGP neighbor is 10.0.255.31, remote AS 65000, internal link

BGP version 4, remote router ID 10.0.255.31
BGP state = Established, up for 00:27:17
Last read 00:00:47, last write 00:00:32, hold time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
Neighbor capabilities:
Route refresh: advertised and received(new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 2 1
Keepalives: 28 32
Route Refresh: 0 0
Total: 31 34
Default minimum time between advertisement runs is 0 seconds
8
RT-A#show bgp vpnv4 unicast vrf vpna


Route Distinguisher: 100:1 (default for vrf vpna)
*> 100.0.1.0/24 0.0.0.0 0 32768 ?
*>i100.0.2.0/24 10.0.255.31 0 100 0?
[RT-C]display bgp peer
BGP local router ID : 10.0.255.31

Local AS number : 65000
Total number of peers : 1 Peers in established state : 1
Peer V AS MsgRcvd MsgSent OutQ Up/Down State PrefRcv
10.0.255.11 4 65000 42 52 0 00:15:53 Established 0
[RT-C]display bgp vpnv4 all peer

10.0.255.11 4 65000 42 53 0 00:16:20 Established 1
9
Check:
Find the route to peer CEs(PC-A & PC-C).
RT-A# show ip route vrf vpna
Routing Table: vpna

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
100.0.0.0/8 is variably subnetted, 3 subnets, 2 masks

C 100.0.1.0/24 is directly connected, Vlan100
L 100.0.1.1/32 is directly connected, Vlan100
B 100.0.2.0/24 [200/0] via 10.0.255.31, 00:32:38
[RT-C]display ip routing-table vpn-instance vpna
Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------
Routing Tables: vpna
Destinations : 7 Routes : 7
Destination/Mask Proto Pre Cost Flags NextHop Interface
10
100.0.1.0/24 BGP 255 0 RD 10.0.255.11 GigabitEthernet1/0/2
100.0.2.0/24 Direct 0 0 D 100.0.2.1 Vlanif100
100.0.2.1/32 Direct 0 0 D 127.0.0.1 InLoopBack0
100.0.2.2/32 Direct 0 0 D 100.0.2.2 Vlanif100
100.0.2.3/32 Direct 0 0 D 100.0.2.3 Vlanif100
The CEs (PC-A & PC-C) in the same VPN can ping through each other
PC-A> ping 100.0.2.2
PC-C> ping 100.0.1.2
You can also ping from PEs VRF
RT-A#ping vrf vpna 100.0.2.1
Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 100.0.2.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
RT-A#ping vrf vpna 100.0.2.2

!!!!!
[RT-C]ping -vpn-instance vpna 100.0.1.1
11
PING 100.0.1.1: 56 data bytes, press CTRL_C to break
Reply from 100.0.1.1: bytes=56 Sequence=1 ttl=253 time=1 ms
--- 100.0.1.1 ping statistics ---

5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/1/1 ms
[RT-C]ping -vpn-instance vpna 100.0.1.2


0.00% packet loss
12
1) View the interface on which the LDP runs:
RT-A#show mpls interfaces
Interface IP Tunnel BGP Static Operational

[RT-C]display mpls ldp interface
LDP Interface Information in Public Network

------------------------------------------------------------------------------
IF-Name Status LAM Transport-Address Hello-Sent/Rcv
------------------------------------------------------------------------------
GE1/0/2 Active DU 10.0.255.31 16551/16529
------------------------------------------------------------------------------
LAM: Label Advertisement Mode IF-Name: Interface name
2) View the established LDP Session:
RT-A#show mpls ldp neighbor

TCP connection: 10.0.255.21.11000 - 10.0.255.11.646
Up time: 23:18:53
10.0.1.2 10.0.2.1 10.0.255.21
13
LDP Peer Information in Public network

------------------------------------------------------------------------------
Peer-ID Transport-Address Discovery-Source
------------------------------------------------------------------------------
------------------------------------------------------------------------------
TOTAL: 1 Peer(s) Found.
3) To view the label switching in the whole forwarding process:


16 Pop Label 10.0.2.0/30 0 Gi2/2 10.0.1.2
17 16 10.0.3.0/30 0 Gi2/2 10.0.1.2
18 Pop Label 10.0.255.21/32 0 Gi2/2 10.0.1.2
19 18 10.0.255.31/32 0 Gi2/2 10.0.1.2
20 19 10.0.255.41/32 0 Gi2/2 10.0.1.2
21 Pop Label IPv4 VRF[V] 1420 aggregate/vpna
On RT-A, the outbound label to PE2 is 18. View the MPLS LSP of RT-B:
14
RT-B#sh mpls forwarding-table

16 Pop Label 10.0.3.0/30 490 Gi1/3 10.0.2.2
17 Pop Label 10.0.255.11/32 464681 Gi1/1 10.0.1.1
18 1027 10.0.255.31/32 486060 Gi1/3 10.0.2.2
19 Pop Label 10.0.255.41/32 0 Gi1/3 10.0.2.2
On RT-B, inbound label being 18 are switched to 1027. On RT-D, view the MPLS LSP:
[RT-D]display mpls lsp

-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
10.0.255.41/32 3/NULL -/-
10.0.2.0/30 3/NULL -/-
10.0.255.31/32 NULL/3 -/GE2/0/2
10.0.255.31/32 1027/3 -/GE2/0/2
10.0.1.0/30 1024/3 -/GE2/0/4
10.0.1.0/30 NULL/3 -/GE2/0/4
10.0.255.11/32 1026/17 -/GE2/0/4
10.0.255.11/32 NULL/17 -/GE2/0/4
10.0.255.21/32 1025/3 -/GE2/0/4
10.0.255.21/32 NULL/3 -/GE2/0/4
10.0.3.0/30 3/NULL -/-
penultimate hop and thus needs to pop off the label
15
-------------------------------------------------------------------------------
LSP Information: BGP LSP
-------------------------------------------------------------------------------
100.0.2.0/24 115712/NULL -/- vpna
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
10.0.255.31/32 3/NULL -/-
10.0.255.41/32 NULL/3 -/GE1/0/2
10.0.2.0/30 NULL/3 -/GE1/0/2
10.0.1.0/30 NULL/1024 -/GE1/0/2
10.0.255.21/32 NULL/1025 -/GE1/0/2
10.0.255.11/32 NULL/1026 -/GE1/0/2
16
Lab 8- L3 VPN (Router port is given to customer)
RT-E
1/0/4
1/0/8
RT-C
1/0/2
2/0/2
2/2 2/0/4
1/1 1/3
RT-A
RT-B
2/1 RT-D
1/1
Group1- RT-A, RT-F
RT-F Group2- RT-B, RT-D

Group3- RT-C, RT-E
RT-A RT-C RT-E

Lo- 10.0.255.11/32 Lo- 10.0.255.31/32 Lo- 100.0.255.1/32
2/2 -10.0.1.1/30 1/0/2 -10.0.3.2/30 1/0/4 –100.0.2.2/24
2/1 –100.0.1.1/24 1/0/8 –100.0.2.1/24 RT-F
RT-B RT-D Lo- 100.0.255.2/32
Lo- 10.0.255.21/32 Lo- 10.0.255.41/32 1/1 -100.0.1.2/24
1/1 -10.0.1.2/30 2/0/4 -10.0.2.2/30
1/3 -10.0.2.1/30 2/0/2 -10.0.3.1/30
1
RD= PE loopback IP: 1

RT=100:1 (every site can talk to any other site)
1. Configure IP address
2. Enable OSPF
3. Enable MPLS
4. Enable LDP
5. Create VRF + RD + RT
6. Bind interface to VRF
7. iBGP between PE
8. Redistribute connected into BGP
Step 1
Interface loopback0
Ip address 10.0.255.11 255.255.255.255

Ip address 10.0.1.1 255.255.255.252
No shut/undo shut


2
[RT-D]ospf 100
[RT-C]ospf 100


Step 3 Configure basic MPLS functions and MPLS LDP on the MPLS backbone network to setup LDP
LSP.
z Configure RTA:
z Configure RTB:
z Configure RTD:

[RT-D]mpls
[RT-D]mpls ldp
3
z Configure RTC:

[RT-C]mpls
[RT-C]mpls ldp
After the configuration, LDP sessions are set up between RT-A, RT-B, RT-D and RT-C.
After running following commands on the devices, you can find the status of the session is
"Operational" in the display result. Run the display mpls ldp lsp command, and view the
state of the LDP LSP.
RT-A>show mpls ldp neighbor

[RT-C] display mpls ldp session
[RT-C] display mpls ldp lsp
Step 4 Configure VPN instances on PEs (RT-A & RT-C) and bind the instance to the interfaces of CEs.
# Configure RT-A (PE1).
RT-A(config)# ip vrf vpnb
RT-A(config)# rd 100: 2
RT-A(config)# # route-target export 222:2
RT-A(config)# # route-target import 222:2
RT-A(config)# interface gigabitethernet 2/1

RT-A(config-if)# ip vrf forwarding vpnb
RT-A(config-if)# ip address 100.0.1.1 255.255.255.0
# Configure RT-C (PE2).

[RT-C] ip vpn-instance vpnb
[RT-C-vpn-instance-vpna] route-distinguisher 200:2
[Rt-C-vpn-instance-vpna] vpn-target 222:2 both
[RT-C] interface gigabitethernet 1/0/8

[RT-C-GigabitEthernet1/0/8] ip binding vpn-instance vpnb
[RT-C- GigabitEthernet1/0/8]ip address 100.0.2.1 24
[RT-C- GigabitEthernet1/0/8]undo shut
4
Step 5 Configure a routing protocol between the PE and the CE, and import routes to the VPN
routing table.
# Configure RT-E.
[RT-E] bgp 65400
[RT-E-bgp] peer 100.0.2.1 ebgp-max-hop 2
[RT-E-bgp] import-route direct
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] ipv4-family vpn-instance vpnb
[RT-C-bgp-vpnb] peer 100.0.2.2 as-number 65400
[RT-C-bgp-vpnb] peer 100.0.2.2 ebgp-max-hop 2
# Configure RT-F.
RT-F(config)# ip route 0.0.0.0 0.0.0.0 100.0.1.1
After the configuration, view the configuration of VPN instances by running following
commands on the PEs. The PE can ping through its own CE.
RT-A# show ip vrf

RT-A#show ip route vrf vpnb
[RT-C] display ip vpn-instance
[RT-C] display ip vpn-instance verbose
[RT-C] display ip routing-table vpn-instance vpnb
RT-A# ping vrf vpnb 100.0.1.1

RT-A# ping vrf vpnb 100.0.1.2
[RT-C] ping -vpn-instance vpnb 100.0.2.1
[RT-C] ping -vpn-instance vpnb 100.0.2.2
Step 6 Establish MP-IBGP peers between the PEs (RT-A & RT-C).
# Configure RT-A.
RT-A(config-router)# neighbor 10.0.255.31 remote-as 65000
RT-A(config-router)# neighbor 10.0.255.31 update-source loopback0
RT-A(config-router)# address-family vpnv4

RT-A(config-router-af)# neighbor 10.0.255.31 activate
RT-A(config-router)# address-family ipv4 vrf vpnb
5
RT-A(config-router-af)# redistributed connected
# Configure RT-C.
[RT-C] bgp 65000
[RT-C-bgp] peer 10.0.255.11 connect-interface loopback 0
[RT-C-bgp] ipv4-family vpnv4

[RT-C-bgp-af-vpnv4] peer 10.0.255.11 enable
[RT-C-bgp] ipv4-family vpn-instance vpnb

[RT-C-bgp-vpna] import-route direct
After the configuration, you can find that the BGP peer relationship has been set up
between PE1 and PE2 by running the following commands
RT-A#sh bgp nei
BGP neighbor is 10.0.255.31, remote AS 65000, internal link

BGP version 4, remote router ID 10.0.255.31
BGP state = Established, up for 05:11:47
Last read 00:00:51, last write 00:00:05, hold time is 180, keepalive interval is 60 seconds
Neighbor sessions:
1 active, is not multisession capable
Neighbor capabilities:
Route refresh: advertised and received(new)
Address family IPv4 Unicast: advertised and received
Address family VPNv4 Unicast: advertised and received
Message statistics:
InQ depth is 0
OutQ depth is 0
Sent Rcvd
Opens: 1 1
Notifications: 0 0
Updates: 5 9
Keepalives: 309 354
6
Route Refresh: 2 1
Total: 317 365
Default minimum time between advertisement runs is 0 seconds
RT-A#show bgp vpnv4 unicast vrf vpnb


Route Distinguisher: 100:2 (default for vrf vpnb)
*> 100.0.1.0/24 0.0.0.0 0 32768 ?
*>i100.0.2.0/24 10.0.255.31 0 100 0?
*>i100.0.255.1/32 10.0.255.31 0 100 0 65400 ?
[RT-C]display bgp peer

10.0.255.11 4 65000 342 401 0 05:15:31 Established 0
[RT-C]display bgp vpnv4 all peer

7
10.0.255.11 4 65000 343 401 0 05:16:00 Established 2
Peer of vpn instance :
vpn instance vpnb :

100.0.2.2 4 65400 42 50 0 00:36:42 Established 2
Check:
Find the route to peer CEs (RT-F & RT-E).
RT-A#show ip route vrf vpnb
Routing Table: vpnb

Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, + - replicated route
100.0.0.0/8 is variably subnetted, 4 subnets, 2 masks

C 100.0.1.0/24 is directly connected, GigabitEthernet2/1
L 100.0.1.1/32 is directly connected, GigabitEthernet2/1
B 100.0.2.0/24 [200/0] via 10.0.255.31, 00:30:56
B 100.0.255.1/32 [200/0] via 10.0.255.31, 00:30:56
8
[RT-C]display ip routing-table vpn-instance vpnb
Route Flags: R - relay, D - download to fib

------------------------------------------------------------------------------
Routing Tables: vpnb
Destinations : 6 Routes : 6
Destination/Mask Proto Pre Cost Flags NextHop Interface

100.0.2.0/24 Direct 0 0 D 100.0.2.1 GigabitEthernet1/0/8
The CEs (RT-F & RT-E) in the same VPN can ping through each other
RT-F> ping 100.0.2.2
Rt-E> ping 100.0.1.2
You can also ping from PEs VRF
RT-A#ping vrf vpnb 100.0.2.1

!!!!!
9
RT-A#ping vrf vpnb 100.0.2.2

!!!!!
[RT-C]ping -vpn-instance vpnb 100.0.1.1


0.00% packet loss
[RT-C]ping -vpn-instance vpnb 100.0.1.2

10
0.00% packet loss
To view the label switching in the whole forwarding process:


16 Pop Label 10.0.2.0/30 0 Gi2/2 10.0.1.2
17 16 10.0.3.0/30 0 Gi2/2 10.0.1.2
18 Pop Label 10.0.255.21/32 0 Gi2/2 10.0.1.2
19 18 10.0.255.31/32 0 Gi2/2 10.0.1.2
20 19 10.0.255.41/32 0 Gi2/2 10.0.1.2
21 Pop Label IPv4 VRF[V] 1420 aggregate/vpna
22 Pop Label IPv4 VRF[V] 2672 aggregate/vpnb
On RT-A, the outbound label to PE2 is 18. View the MPLS LSP of RT-B:
RT-B#sh mpls forwarding-table

16 Pop Label 10.0.3.0/30 490 Gi1/3 10.0.2.2
17 Pop Label 10.0.255.11/32 1875863 Gi1/1 10.0.1.1
18 1027 10.0.255.31/32 1968423 Gi1/3 10.0.2.2
19 Pop Label 10.0.255.41/32 0 Gi1/3 10.0.2.2
11
On RT-B, inbound label being 18 are switched to 1027. On RT-D, view the MPLS LSP:
[RT-D]disp mpls ls
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
10.0.255.41/32 3/NULL -/-
10.0.2.0/30 3/NULL -/-
10.0.255.31/32 NULL/3 -/GE2/0/2
10.0.255.31/32 1027/3 -/GE2/0/2
10.0.1.0/30 1024/3 -/GE2/0/4
10.0.1.0/30 NULL/3 -/GE2/0/4
10.0.255.11/32 1026/17 -/GE2/0/4
10.0.255.11/32 NULL/17 -/GE2/0/4
10.0.255.21/32 1025/3 -/GE2/0/4
10.0.255.21/32 NULL/3 -/GE2/0/4
10.0.3.0/30 3/NULL -/-
penultimate hop and thus needs to pop off the label
[RT-C]disp mpls ls
-------------------------------------------------------------------------------
LSP Information: BGP LSP
-------------------------------------------------------------------------------
100.0.2.0/24 115712/NULL -/- vpna
100.0.2.0/24 115713/NULL -/- vpnb
100.0.255.1/32 115714/NULL -/- vpnb
12
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
10.0.255.31/32 3/NULL -/-
10.0.255.41/32 NULL/3 -/GE1/0/2
10.0.2.0/30 NULL/3 -/GE1/0/2
10.0.1.0/30 NULL/1024 -/GE1/0/2
10.0.255.21/32 NULL/1025 -/GE1/0/2
10.0.255.11/32 NULL/1026 -/GE1/0/2
13
Lab 9- L2 VPN (sub-interface on 7609 and SVI on CX600)
RT-C PC-C
1/0/6 SW-C
1/0/0 Ge Fe
0/0/1 0/0/9
1/2
2/2
1/1
RT-A
RT-B
2/3
Ge
0/1
Fe SW-A
0/9
PC-A
Group1- RT-B
CX600- RT-C Group2- RT-A, SW-A
C7609-RT-A, RT-B Group3- RT-C, SW-C
C3400 – SW-A
CX200D – SW-C
AS 65000 RT-B RT-C

RT-A Lo- 10.0.255.21/32 Lo- 10.0.255.31/32
Lo- 10.0.255.11/32 1/1 -10.0.1.2/30 1/0/0 -10.0.2.2/30
2/2 -10.0.1.1/30 1/2 -10.0.2.1/30 1/0/6 –switchport
2/3 –switchport
1
VLAN – 100(A) & 200 (C)
VC ID – 10
VSI - 11
Step 1 Configure CE.
In our example CE is a PC, therefore configure
PC-A- IP- 50.0.0.1/24
PC-C- IP- 50.0.0.2/24
If CE is a Router, configure a sub interface as below

# Huawei
<Quidway> system-view
[Quidway] sysname CE1
[CE1] interface gigabitethernet 1/0/0
[CE1-GigabitEthernet1/0/0] undo shutdown
[CE1-GigabitEthernet1/0/0] quit
[CE1] interface gigabitethernet 1/0/0.1
[CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 100
[CE1-GigabitEthernet1/0/0.1] ip address 50.0.0.1 24
[CE1-GigabitEthernet1/0/0.1] undo shutdown
[CE1-GigabitEthernet1/0/0.1] quit
# Cisco
interface GigabitEthernet2/4.100
encapsulation dot1Q 100
ip address 50.0.0.1 255.255.255.0
Step 2 Configure SW-A, SW-C

# Configure SW-A.


2
# Configure SW-C.
[SW-C ]vlan 200



[RT-C]ospf 100


Step 4 Configure MPLS basic capability and LDP on MPLS backbone network.
# Configure RT-A.
3
# Configure RT-B.
# Configure RT-C.
[RT-C]mpls
[RT-C]mpls ldp
Step 5 Establish the remote LDP session on PE.

# Configure RT-C.
[PE2] mpls ldp remote-peer 1
[PE2-mpls-ldp-remote-1] remote-ip 10.0.255.11
[PE2-mpls-ldp-remote-1] quit
After the configuration, run the display mpls ldp session command on PE2 to check the
establishment of the LDP session. You can find that the remote LDP session between PE1
and PE2 is newly set up.
[RT-C]display mpls ldp session
LDP Session(s) in Public Network

------------------------------------------------------------------------------
Peer-ID Status LAM SsnRole SsnAge KA-Sent/Rcv
------------------------------------------------------------------------------
10.0.255.11:0 Operational DU Active 000:01:37 389/444
------------------------------------------------------------------------------
TOTAL: 2 session(s) Found.
LAM : Label Advertisement Mode SsnAge Unit : DDD:HH:MM
RT-A#sh mpls ldp neighbor

TCP connection: 10.0.255.21.11037 - 10.0.255.11.646
Up time: 02:08:12
4
10.0.1.2 10.0.255.21 10.0.2.1
TCP connection: 10.0.255.31.49803 - 10.0.255.11.646
Up time: 01:47:50
Targeted Hello 10.0.255.11 -> 10.0.255.31, active, passive
10.0.2.2 10.0.255.31
Step 6 Enable MPLS L2VPN on PE and create the VC connection.

# On RT-A, create a VC on sub interface Gigabit Ethernet 2/3.100, which connects PC-A
through SW-A.
RT-A(config)#interface gigabitetherent 2/3
RT-A(config-if)# switchport trunk encapsulation dot1q
RT-A(config-if)# switchport mode trunk
RT-A(config)#interface gigabitetherent 2/3.100
RT-A(config-subif)#encapsulation dot1q 100
RT-A(config-subif)#xconnect 10.0.255.31 10 encap mpls
# On RT-C, create a VSI, which connects PC-C through SW-C.

[RT-C] mpls l2vpn
[RT-C-l2vpn] mpls l2vpn default martini
[RT-C]Vlan 200
[RT-C]vsi 11 static
[RT-C-vsi-11]pwsignal ldp
[RT-C-vsi-11-ldp]vsi-id 10
[RT-C-vsi-11-ldp]peer 10.0.255.11

[RT-C-vlanif200] l2 binding vsi 11
[RT-C] interface gigabitethernet1/0/6

[RT-C-GigabitEthernet1/0/6] undo shutdown
Extra info- Command for Cisco
RT-A(config-if)#no ip address
RT-A(config-if)#xconnect 10.0.255.11 10 encap mpls
5
Check:-
PC-A and PC-C can successfully ping each other.
Check the L2VPN connection on the PEs. You can find that an L2VC is set up and the VC
status is Up.
RT-A#sh mpls l2transport vc
Local intf Local circuit Dest address VC ID Status

------------- -------------------------- --------------- ---------- ----------
Gi2/3.100 Eth VLAN 100 10.0.255.31 10 UP
[RT-C]display vsi name 11
Vsi Mem PW Mac Encap Mtu Vsi

Name Disc Type Learn Type Value State
--------------------------------------------------------------------------
11 static ldp unqualify vlan 1500 up
6
Lab 10- L2 VPN (sub-interface both sides) (Optional)
RT-C PC-C
1/0/6 SW-C
1/0/0 Ge Fe
0/0/1 0/0/9
1/2
2/2
1/1
RT-A
RT-B
2/3
Ge
0/1
Fe SW-A
0/9
PC-A
Group1- RT-B
CX600- RT-C Group2- RT-A, SW-A
C3400 – SW-A
CX200D – SW-C
AS 65000 RT-B RT-C

RT-A Lo- 10.0.255.21/32 Lo- 10.0.255.31/32
Lo- 10.0.255.11/32 1/1 -10.0.1.2/30 1/0/0 -10.0.2.2/30
2/2 -10.0.1.1/30 1/2 -10.0.2.1/30 1/0/6 –switchport
2/3 –switchport
1
VLAN – 100(A) & 200 (C)
VC ID - 10
PC-A- IP- 50.0.0.1/24
PC-C- IP- 50.0.0.2/24
If CE is a Router, configure a sub interface as below

# Huawei
<Quidway> system-view
[Quidway] sysname CE1
[CE1] interface gigabitethernet 1/0/0
[CE1-GigabitEthernet1/0/0] undo shutdown
[CE1-GigabitEthernet1/0/0] quit
[CE1] interface gigabitethernet 1/0/0.1
[CE1-GigabitEthernet1/0/0.1] vlan-type dot1q 100
[CE1-GigabitEthernet1/0/0.1] ip address 50.0.0.1 24
[CE1-GigabitEthernet1/0/0.1] undo shutdown
[CE1-GigabitEthernet1/0/0.1] quit
# Cisco
interface GigabitEthernet2/4.100
encapsulation dot1Q 100
ip address 50.0.0.1 255.255.255.0
Step 2 Configure SW-A, SW-C

# Configure SW-A.


2
# Configure SW-C.
[SW-C ]vlan 200



[RT-C]ospf 100


Step 4 Configure MPLS basic capability and LDP on MPLS backbone network.
# Configure RT-A.
3
# Configure RT-B.
# Configure RT-C.
[RT-C]mpls
[RT-C]mpls ldp
Step 5 Establish the remote LDP session on PE.

# Configure RT-C.
[PE2-mpls-ldp-remote-1] quit
After the configuration, run the display mpls ldp session command on PE2 to check the
establishment of the LDP session. You can find that the remote LDP session between PE1
and PE2 is newly set up.
[RT-C]display mpls ldp session

------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------

TCP connection: 10.0.255.21.11037 - 10.0.255.11.646
Up time: 02:08:12
4
10.0.1.2 10.0.255.21 10.0.2.1
TCP connection: 10.0.255.31.49803 - 10.0.255.11.646
Up time: 01:47:50
10.0.2.2 10.0.255.31
Step 6 Enable MPLS L2VPN on PE and create the VC connection.

# On RT-A, create a VC on sub interface Gigabit Ethernet 2/3.100, which connects PC-A
through SW-A.
RT-A(config)#interface gigabitetherent 2/3.100
RT-A(config-subif)#encapsulation dot1q 100
RT-A(config-subif)#xconnect 10.0.255.31 10 encap mpls
# On RT-C, create a VC on sub interface, which connects PC-C through SW-C.

[RT-C] mpls l2vpn
[RT-C-l2vpn] mpls l2vpn default martini

[RT-C-GigabitEthernet1/0/6]port trunk allow-pass vlan 127
[RT-C] interface gigabitethernet1/0/6.200

[RT-C-GigabitEthernet1/0/6.200] mpls l2vc 10.0.255.11 10
[RT-C-GigabitEthernet1/0/6.200]vlan-type dot1q 200
5
Check:-
PC-A and PC-C can successfully ping each other.
Check the L2VPN connection on the PEs. You can find that an L2VC is set up and the VC
status is Up.
RT-A#sh mpls l2transport vc
Local intf Local circuit Dest address VC ID Status

------------- -------------------------- --------------- ---------- ----------
Gi2/3.100 Eth VLAN 100 10.0.255.31 10 UP
[RT-C]display mpls l2vc interface GigabitEthernet 1/0/6.200
*client interface : GigabitEthernet1/0/6.200 is up

session state : up
AC state : up
VC state : up
VC ID : 10
VC type : VLAN
destination : 10.0.255.11
local group ID : 0 remote group ID : 0
local VC label : 146432 remote VC label : 20
local AC OAM State : up
local PSN State : up
local forwarding state : forwarding
remote AC OAM state : up
remote PSN state : up
remote forwarding state: forwarding
BFD for PW : unavailable
manual fault : not set
active state : active
forwarding entry : exist
link state : up
local VC MTU : 1500 remote VC MTU : 1500
local VCCV : Disable
remote VCCV : alert lsp-ping
local control word : disable remote control word : disable
tunnel policy name : --
traffic behavior name : --
PW template name : --
primary or secondary : primary
VC tunnel/token info : 1 tunnels/tokens
NO.0 TNL type : lsp , TNL ID : 0x1008001
create time : 0 days, 0 hours, 32 minutes, 48 seconds
up time : 0 days, 0 hours, 21 minutes, 25 seconds
last change time : 0 days, 0 hours, 21 minutes, 25 seconds
6
Lab 11- VPLS (using SVI on CX600)
RT-E
1/0/6 SW-E
1/0/0 Ge
0/0/1
2/0/0
RT-C 1/0/2
2/0/2
2/0/8
1/0/6 RT-D
Ge Ge
0/0/1 0/1
SW-C
SW-D
Group1- RT-C, SW-C

CX600- RT-C, RT-D, RT-E Group2- RT-D, SW-D
C3400 – SW-D Group3- RT-E, SW-E
CX200D – SW-C, SW-E
AS 65000 RT-E VLAN – 10, 20 & 30

RT-C Lo- 10.0.255.51/32 vsi - 50
Lo- 10.0.255.31/32 1/0/0 -10.0.2.2/30 VC ID - 25
1/0/2 -10.0.1.1/30 1/0/6 –switchport
1/0/6 –switchport
RT-D
Lo- 10.0.255.41/32
2/0/0 -10.0.2.1/30
2/0/2 -10.0.1.2/30
2/0/8 –switchport
1
Step 1 Configure SW & RT for access
# Configure RT-C & SW-C.


[SW-C ]vlan 10
[SW-C ]interface vlanif 10

[SW-C- vlanif10]undo shut
# Configure RT-D & SW-D.

[RT-D] interface gigabitethernet2/0/8
[RT-D-GigabitEthernet2/0/8]portswitch
[RT-D-GigabitEthernet2/0/8]port link-type trunk
[RT-D-GigabitEthernet2/0/8]port trunk allow-pass vlan all
[RT-D-GigabitEthernet2/0/8] undo shutdown
SW-D(config-if)# switchport mode trunk

SW-D(config-if)#switchport trunk allowed vlan all
SW-D(config-if)#port-type nni
SW-D(config-if)#no shut
SW-D(config)# vlan 20
SW-D(config)# interface vlan 20

SW-D(config-if)#ip address 1.0.0.2 255.0.0.0
SW-D(config-if)#no shut
# Configure RT-E & SW-E.

[RT-E] interface gigabitethernet1/0/6
[RT-E-GigabitEthernet1/0/6]portswitch
[RT-E-GigabitEthernet1/0/6]port link-type trunk
[RT-E-GigabitEthernet1/0/6]port trunk allow-pass vlan all
[RT-E-GigabitEthernet1/0/6] undo shutdown
[SW-E-gigabitethernet0/0/1]port link-type trunk

[SW-E-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-E-gigabitethernet0/0/1]undo shut
2
[SW-E ]vlan 30
[SW-E]interface vlanif 30
[SW-E-vlanif30]ip address 1.0.0.3 255.0.0.0
[SW-E- vlanif30]undo shut
Step 2 Configure OSPF.

[RT-C]ospf 100
[RT-D]ospf 100
[RT-E]ospf 100
[RT-E-ospf-100]area 0
Step 3 Configure basic MPLS capability and LDP.
# Configure RT-C.
[RT-C]mpls
[RT-C]mpls ldp
# Configure RT-D.
[RT-D]mpls
[RT-D]mpls ldp
# Configure RT-E.
[RT-E]mpls lsr-id 10.0.255.51
[RT-E]mpls
[RT-E]mpls ldp
[RT-E-gigabitethernet1/0/0]mpls
3
[RT-E-gigabitethernet1/0/0]mpls ldp
Step 4 Configure remote session of LDP.
# Configure RT-C.
[RT-C] mpls ldp remote-peer 1
[RT-C-mpls-ldp-remote-1] remote-ip 10.0.255.51
# Configure RT-E.
[RT-E] mpls ldp remote-peer 1
[RT-E-mpls-ldp-remote-1] remote-ip 10.0.255.31
After the configuration, run the display mpls ldp session command on PEs to check the
establishment of the LDP session. You can find that the remote LDP session between PEs
are newly set up.
[RT-C]disp mpls ldp session

------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------
Step 5 Enable MPLS L2VPN on PEs.

# Configure RT-C.
[RT-C] mpls l2vpn
# Configure RT-D.
[RT-D] mpls l2vpn
# Configure RT-E.
[RT-E] mpls l2vpn
4
Step 6 Configure a VSI on each PE.
# Configure RT-C.
[RT-C]vsi 50 static
[RT-C-vsi-50-ldp]peer 10.0.255.41
[RT-C-vsi-50-ldp]peer 10.0.255.51
# Configure RT-D.
[RT-D]vsi 50 static
[RT-D-vsi-50]pwsignal ldp
[RT-D-vsi-50-ldp]vsi-id 25
[RT-D-vsi-50-ldp]peer 10.0.255.31
[RT-D-vsi-50-ldp]peer 10.0.255.51
# Configure RT-E.
[RT-E]vsi 50 static
[RT-E-vsi-50]pwsignal ldp
[RT-E-vsi-50-ldp]vsi-id 25
[RT-E-vsi-50-ldp]peer 10.0.255.31
[RT-E-vsi-50-ldp]peer 10.0.255.41
Step 7 Bind the VSI with the interface on PE.
# Configure RT-C.
[RT-C] vlan 10
# Configure RT-D.
[RT-D] vlan 20
[RT-D] interface vlanif 20
[RT-D-vlanif20] l2 binding vsi 50
[RT-D-vlanif20]undo shut
# Configure RT-E.
[RT-E] vlan 30
[RT-E] interface vlanif 30
[RT-E-vlanif30] l2 binding vsi 50
[RT-E-vlanif30]undo shut
5
Step 8 Verify the configuration.
After the configuration, run the following command on PEs, and you can see that VSI named
50 establishes a PW to PE1 & PE2 and the VSI is Up.
[RT-C]disp vsi name 50

--------------------------------------------------------------------------
Check:-
Ping from [SW-C]ping 1.0.0.2
Ping from [SW-C]ping 1.0.0.3
Similarly try from other switches
6
Lab 12- VPLS (using SVI) (Optional)
Note- VFI/VSI will be UP, but will not ping because 7609 don’t have OSM card.
RT-C
1/0/6 SW-C
1/0/0 Ge Fe
0/0/1 0/0/9 PC-C
1/2
2/2
1/1
RT-A 1/4
RT-B
2/3
Ge Ge
0/1 0/0/1
Fe SW-A
0/9 PC-B
SW-B
PC-A
Group1- RT-A, SW-A

CX600- RT-C Group2- RT-B, SW-B
C3400 – SW-A
CX200D – SW-B, SW-C
AS 65000 RT-C VLAN – 100,200 & 300

RT-A Lo- 10.0.255.31/32 vfi/vsi - 2611
Lo- 10.0.255.11/32 1/0/0 -10.0.2.2/30 VC ID - 20
2/2 -10.0.1.1/30 1/0/6 –switchport
2/3 –switchport
RT-B
Lo- 10.0.255.21/32
1/1 -10.0.1.2/30 1
1/2 -10.0.2.1/30
1/4 –switchport
PC-A- IP- 100.0.0.1/24
PC-B- IP- 100.0.0.2/24
PC-C- IP- 100.0.0.3/24
Step 2 Configure SW & RT for access

# Configure SW-A & RT-A.



# Configure SW-B & RT-B.
RT-B(config)#interface gigabitetherent 1/4

RT-B(config-if)#switchport
RT-B(config-if)# switchport trunk encapsulation dot1q
RT-B(config-if)# switchport mode trunk
RT-B(config-if)#no shut
[SW-B-gigabitethernet0/0/1]port link-type trunk

[SW-B-gigabitethernet0/0/1]port trunk allow-pass vlan all
[SW-B-gigabitethernet0/0/1]bpdu enable
[SW-B-gigabitethernet0/0/1]undo shut
[SW-B ]vlan 200
[SW-B ]interface Ethernet 0/0/9

[SW-B-ethernet0/0/9]port link-type access
[SW-B-ethernet0/0/9]port default vlan 200
2
[SW-B-ethernet0/0/9]undo shut
# Configure SW-C & RT-C.


[SW-C ]vlan 300

Step 3 Configure OSPF.


[RT-C]ospf 100
Step 4 Configure basic MPLS capability and LDP.

# Configure RT-A.
# Configure RT-B.
3
# Configure RT-C.
[RT-C]mpls
[RT-C]mpls ldp
Step 5 Configure remote session of LDP.
# Configure RT-C.
After the configuration, run the display mpls ldp session or show mpls ldp neighbor
command on PEs to check the establishment of the LDP session. You can find that the
remote LDP session between PEs are newly set up.
[RT-C]disp mpls ldp session

------------------------------------------------------------------------------
------------------------------------------------------------------------------
------------------------------------------------------------------------------
RT-B#sh mpls ldp neighbor

TCP connection: 10.0.255.11.646 - 10.0.255.21.11037
Up time: 05:11:27
10.0.255.11 10.0.1.1
TCP connection: 10.0.255.31.51690 - 10.0.255.21.646
Up time: 04:58:30
4
10.0.2.2 10.0.255.31

TCP connection: 10.0.255.21.11037 - 10.0.255.11.646
Up time: 05:15:35
10.0.1.2 10.0.255.21 10.0.2.1
TCP connection: 10.0.255.31.51916 - 10.0.255.11.646
Up time: 01:02:43
10.0.2.2 10.0.255.31
Step 6 Enable MPLS L2VPN on PEs.

# Configure RT-C.
[RT-C] mpls l2vpn
Step 7 Configure a VFI/VSI on each PE.
# Configure RT-A.
RT-A(config)#l2 vfi 2611 manual
RT-A(config-vfi)#vpn id 20
RT-A(config-vfi)#neighbor 10.0.255.21 encapsulation mpls
# Configure RT-B.
RT-B(config)#l2 vfi 2611 manual
RT-A(config-vfi)#vpn id 20
# Configure RT-C.
[RT-C]vsi 2611 static
5
[RT-C-vsi-2611-ldp]peer 10.0.255.11
[RT-C-vsi-2611-ldp]peer 10.0.255.21
Step 8 Bind the VSI/VFI with the interface on PE.
# Configure RT-A.
RT-A(config-if)#no ip address
RT-A(config-if)#xconnect vfi 2611
# Configure RT-B.
RT-B(config)#vlan 200
RT-B(config)#interface vlan 200
RT-B(config-if)#no ip address
RT-B(config-if)#xconnect vfi 2611
RT-B(config-if)#no shut
# Configure RT-C.
[RT-C] vlan 300
Step 9 Verify the configuration.

After the configuration, run the following command on PEs, and you can see that VSI/VFI
named 2611 establishes a PW to PE1 & PE2and the VSI is Up.
[RT-C]disp vsi name 2611

--------------------------------------------------------------------------
RT-B#sh vfi 2611
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No
VFI name: 2611, state: up, type: multipoint

VPN ID: 20
Local attachment circuits:
Vlan200
Neighbors connected via pseudowires:
6
Peer Address VC ID S
10.0.255.31 20 Y
10.0.255.11 20 Y
RT-A#sh vfi 2611
Legend: RT=Route-target, S=Split-horizon, Y=Yes, N=No
VFI name: 2611, state: up, type: multipoint

VPN ID: 20
Local attachment circuits:
Vlan100
Neighbors connected via pseudowires:
Peer Address VC ID S
10.0.255.31 20 Y
10.0.255.21 20 Y

Lab Setup-Men Part 2 - NoRestriction

Загружено:

Сведения о документе

Оригинальное название

Авторское право

Доступные форматы

Поделиться этим документом

Поделиться или встроить документ

Параметры публикации

Этот документ был вам полезен?

Это неприемлемый материал?

Авторское право:

Доступные форматы

Lab Setup-Men Part 2 - NoRestriction

Загружено:

Авторское право:

Доступные форматы

1/0/4 RT-C 1/0/6

CX600- RT-C, RT-D, RT-E

2/1 1/2 2/0/2 1/1

RT-A 2/2 1/1 1/3

0/1 Group1- RT-A & RT-B

AS 65001 AS 65000 AS 65002

Interface gigabitethernet 2/2

Step 2 Configure IBGP connections.

Show ip route bgp

There is no bgp routes in the routing table

Step 3 Configure EBGP.

RT-A(config-router)#neighbor 172.16.255.23 remote-as 65002

# Display the connection status of the BGP peers.

Step 4 Configure RT-A to advertise 100.0.0.0/8.

Switch(config)# vlan 100

Switch(config)#ip default-gateway 100.0.0.1

RT-A(config)#router bgp 65001

B 100.0.0.0/8 [20/0] via 192.168.255.12

# Display the routing table of RT-C.

Network NextHop MED LocPrf PrefVal Path/Ogn

i 100.0.0.0 192.168.255.12 0 100 0 65001i

# Display the routing table of RT-D.

Network NextHop MED LocPrf PrefVal Path/Ogn

i 100.0.0.0 192.168.255.12 0 100 0 65001i

# Display the routing table of RT-F.

B 100.0.0.0/8 [20/0] via 192.168.255.12

Note:- To Solve the above problem

[RT-C] disp bgp route

*>i 100.0.0.0 10.0.0.1 0 100 0 65001i

[RT-C] ping 100.0.0.1

# Configure RT-D for route updates from AS65000 to AS65002

# Configure RT-F for route updates from AS65001 to AS65002

[RT-E] disp bgp route

*>i 100.0.0.0 172.16.0.2 0 100 0 65001i

Note: Remove next-hop-self and next-hop-local commands before starting step6

RT-F(config)# router ospf 300

Check: Ping any IP from any where

0/1 Group1- RT-A

Interface gigabitethernet 1/0/4

Step 2 Configure OSPF in AS 65000

Step 3 Configure EBGP.

# Display the connection status of the BGP peers.

Step 4 Configure RT-A to advertise 100.0.0.0/8.

Switch(config)# vlan 100

Switch(config)#ip default-gateway 100.0.0.1

RT-A(config)#router bgp 65001

Network NextHop MED LocPrf PrefVal Path/Ogn

*i> 100.0.0.0 192.168.255.12 0 100 0 65001i

[RT-C] display ip routing-table protocol ospf

You will see 4 routes

1 active route of 10.0.255.21/32

Step 5 Configure BGP on RT-C to import OSPF routes

# Display the routing table of RT-A

You should see 2 OSPF routes of 10.x.x.x in BGP routing table

Step 6 Configure OSPF on RT-C to import BGP routes

[RT-C-ospf-100] import-route bgp

# Display the routing table of RT-D

You should see BGP route of 100.x.x.x in OSPF routing table

Ping 100.0.0.1 form RT-D

# Display the routing table of RT-A.

AS 65001 AS 65000 AS 65002

Step 2 Configure EBGP.