Pages

network cisco ccna gns3 certification arteq

network cisco ccna gns3 certification arteq
a network runs through it

Search insearchofthecert

Sunday, September 9, 2012

mpls vpn again, cont...


in global configuration mode:

pe1

ip vrf cust_a
rd 65000:1
route-target both 65000:1

ip vrf cust_b
rd 65000:2
 route-target both 65000:2

pe2

ip vrf cust_a
rd 65000:1
route-target both 65000:1

ip vrf cust_b
rd 65000:2
route-target both 65000:2

then for pe1 int f0/0 and f0/1

ip vrf forwarding cust_a

pe1(config-if)#ip vrf forwarding cust_a
% Interface FastEthernet0/0 IPv4 disabled and address(es) removed due to enabling VRF cust_a
pe1(config-if)#
pe1(config-if)#
*Sep  9 14:25:39: %OSPF-5-ADJCHG: Process 1, Nbr 10.1.1.1 on FastEthernet0/0 from FULL to DOWN, Neighbor Down: Interface down or detached
pe1(config-if)#ip add 172.16.1.1 255.255.255.0

ip ospf 2 area 0

interface FastEthernet0/1
 ip vrf forwarding cust_b
 ip address 192.168.1.1 255.255.255.0
 ip ospf 3 area 0


set the ospf area's on the vrf interfaces right away, and witness the adjacency...do this during vrf interface configuration; don't wait for the redsitribution section...

pe2(config-if)#ip ospf 3 area 0
pe2(config-if)#
*Sep  9 16:28:09: %OSPF-5-ADJCHG: Process 3, Nbr 10.1.4.1 on FastEthernet1/0 from LOADING to FULL, Loading Done


do the same for pe2's ce interfaces...


pe1#sh ip vrf int
Interface              IP-Address      VRF                              Protocol
Fa0/0                  172.16.1.1      cust_a                           up     
Fa0/1                  192.168.1.1     cust_b                           up  

pe2#sh ip vrf int
Interface              IP-Address      VRF                              Protocol
Fa0/1                  172.16.2.1      cust_a                           up     
Fa1/0                  192.168.2.1     cust_b                           up 

kick off bgp on the 2 pe's...

pe1

router bgp 65000
 bgp log-neighbor-changes
 neighbor 11.0.0.2 remote-as 65000
 neighbor 11.0.0.2 update-source Loopback0

 address-family vpnv4
  neighbor 11.0.0.2 activate


pe2

router bgp 65000
 bgp log-neighbor-changes
 neighbor 11.0.0.1 remote-as 65000
 neighbor 11.0.0.1 update-source Loopback0

 address-family vpnv4
  neighbor 11.0.0.1 activate

i am not yet clear on the asn's matching... suffice it to say, if once you launch bgp and an adjacency isn't formed, match the asn's...

for pe1

router ospf 2 vrf cust_a
 router-id 172.16.1.1
router ospf 3 vrf cust_b
 router-id 192.168.1.1

and pe2


router ospf 2 vrf cust_a
 router-id 172.16.1.1
router ospf 3 vrf cust_b
 router-id 192.168.1.1


pe2#sh ip route vrf cust_a

Routing Table: cust_a

Gateway of last resort is not set

      10.0.0.0/32 is subnetted, 1 subnets
O        10.1.3.1 [110/2] via 172.16.2.2, 00:16:40, FastEthernet0/1
      172.16.0.0/16 is variably subnetted, 2 subnets, 2 masks
C        172.16.2.0/24 is directly connected, FastEthernet0/1
L        172.16.2.1/32 is directly connected, FastEthernet0/1

now redistribute both ways, (this is the easiest part of the whole damn thing)...

into ospf on both pe's...

for ce1a

router ospf 2 vrf cust_a
 router-id 172.16.1.1
 redistribute bgp 65000 subnets

router ospf 3 vrf cust_b
 router-id 192.168.1.1
 redistribute bgp 65000 subnets

and into bgp on both...

address-family ipv4 vrf cust_a
  redistribute ospf 2
 exit-address-family

 address-family ipv4 vrf cust_b
  redistribute ospf 3
 exit-address-family

and it works...

ce1a#sh ip route

Gateway of last resort is not set

      10.0.0.0/32 is subnetted, 2 subnets
C        10.1.1.1 is directly connected, Loopback0
O IA     10.1.3.1 [110/3] via 172.16.1.1, 00:00:16, FastEthernet0/0
      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C        172.16.1.0/24 is directly connected, FastEthernet0/0
L        172.16.1.2/32 is directly connected, FastEthernet0/0
O IA     172.16.2.0/24 [110/2] via 172.16.1.1, 00:00:15, FastEthernet0/0

major points:

get the loopbacks squared away before ospf, use /32's

ip cef everywhere

mpls only on isp core, and core facing interfaces (pe's)

be sure vrf interfaces are up and set up the customer ospf areas as you configure the interfaces for vrf... note adjacency

once mp-bgp is set on both sides, note adjacency and ensure you have established neighbors

sh ip bgp neigh

do not use the router-id for process 1... use the interface ip's for each new process, ie, 172.16.1.1 for ospf 2 area 0 on ce1a, et al, or process 1 (in use) will bitch...

there are many silly mistakes  you can make along the way that will set you back...  you'll be more efficient if you type out the configs and scrape as you go...

this takes getting used to... try to be nicer to yourself than i am to myself...

ce1a#ping 10.1.4.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.4.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
ce1a#ping 10.1.3.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.3.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/16/24 ms
ce1a#



                                               
Posted by arteq at Sunday, September 09, 2012
Labels: , , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)