Basic IP MPLS VPN configuration on Cisco Routers
- March 24, 2024
- Posted by: Lyfey Technologies
- Categories: Cisco, Networking
Lab Objective:
Implement IP MPLS VPN and ensure CE01 can communicate with CE03 while CE02 can communicate with CE04.
Configure hostname, IP address, and MPLS on interfaces in the MPLS backbone network.
***************************PE01
enable
configure terminal
hostname PE01
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet1/0
ip address 10.10.10.2 255.255.255.254
duplex auto
speed auto
mpls ip
!**************************P01
enable
configure terminal
hostname P01
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
ip address 10.10.10.3 255.255.255.254
no shutdown
mpls ip
!
interface FastEthernet1/0
ip address 10.10.10.1 255.255.255.254
no shutdown
mpls ip
!*******************************PE02
enable
configure terminal
hostname PE02
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet1/0
ip address 10.10.10.0 255.255.255.254
no shutdown
mpls ip
!Step 2: Configure OSPF in the MPLS backbone
***************************PE01
router ospf 10
router-id 1.1.1.1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 0
network 10.10.10.2 0.0.0.1 area 0
!***************************PE02
!
router ospf 10
router-id 2.2.2.2
log-adjacency-changes
network 2.2.2.2 0.0.0.0 area 0
network 10.10.10.0 0.0.0.1 area 0
!*****************************P01
!
router ospf 10
router-id 3.3.3.3
log-adjacency-changes
network 3.3.3.3 0.0.0.0 area 0
network 10.10.10.0 0.0.0.1 area 0
network 10.10.10.2 0.0.0.1 area 0
!Verify OSPF adjacency status. We have two adjacencies on P01 and PE01 has routes and we can ping the Loopback IP of PE02
Configure VRFs on PEs, bind VRFs to customer-facing interfaces and assign IP addresses on PEs
*****************************PE01
!
ip vrf CE01_CE03
rd 65500:1
route-target export 65500:1
route-target import 65500:1
!
ip vrf CE02_CE04
rd 65500:2
route-target export 65500:2
route-target import 65500:2
!
interface FastEthernet0/0
ip vrf forwarding CE01_CE03
ip address 172.100.100.4 255.255.255.254
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
ip vrf forwarding CE02_CE04
ip address 172.100.100.0 255.255.255.254
duplex auto
speed auto
!****************************PE02
!
ip vrf CE01_CE03
rd 65500:1
route-target export 65500:1
route-target import 65500:1
!
ip vrf CE02_CE04
rd 65500:2
route-target export 65500:2
route-target import 65500:2
!
interface FastEthernet0/0
ip vrf forwarding CE01_CE03
ip address 172.100.100.2 255.255.255.254
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
ip vrf forwarding CE02_CE04
ip address 172.100.100.6 255.255.255.254
duplex auto
speed auto
!Configure BGP peering between PE01 and PE02, PEs and CEs
**************************PE01
router bgp 65500
bgp log-neighbor-changes
neighbor 2.2.2.2 remote-as 65500
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
no neighbor 2.2.2.2 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf CE02_CE04
neighbor 172.100.100.1 remote-as 65100
neighbor 172.100.100.1 activate
no synchronization
exit-address-family
!
address-family ipv4 vrf CE01_CE03
neighbor 172.100.100.5 remote-as 65200
neighbor 172.100.100.5 activate
no synchronization
exit-address-family
!*************************PE02
router bgp 65500
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 65500
neighbor 1.1.1.1 update-source Loopback0
!
address-family ipv4
no neighbor 1.1.1.1 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf CE02_CE04
neighbor 172.100.100.7 remote-as 65400
neighbor 172.100.100.7 activate
exit-address-family
!
address-family ipv4 vrf CE01_CE03
neighbor 172.100.100.3 remote-as 65300
neighbor 172.100.100.3 activate
exit-address-family
!Configure CEs.
***************************CE01
enable
configure terminal
hostname CE01
!
interface FastEthernet0/0
ip address 172.100.100.5 255.255.255.254
duplex auto
speed auto
!
router bgp 65200
bgp log-neighbor-changes
neighbor 172.100.100.4 remote-as 65500
!
address-family ipv4
redistribute connected
neighbor 172.100.100.4 activate
exit-address-family
!***************************CE02
interface FastEthernet0/0
ip address 172.100.100.1 255.255.255.254
duplex auto
speed auto
!
router bgp 65100
bgp log-neighbor-changes
neighbor 172.100.100.0 remote-as 65500
!
address-family ipv4
redistribute connected
neighbor 172.100.100.0 activate
exit-address-family
!*****************************CE03
enable
configure terminal
hostname CE03
!
interface FastEthernet0/0
ip address 172.100.100.3 255.255.255.254
no shutdown
!
router bgp 65300
bgp log-neighbor-changes
neighbor 172.100.100.2 remote-as 65500
!
address-family ipv4
redistribute connected
neighbor 172.100.100.2 activate
exit-address-family
!Verify BGP status on PEs and CEs.
Verify Connectivity between CE01 and CE03, CE02 and CE04. Confirm you getting the routes and can ping.
Read Related Posts
- VXLAN (intra-subnet communication) Implementation on Huawei switches.
- Implementing BGP confederation on Huawei routers.
- Implementing GRE over IPsec (ISAKMP mode) on Huawei routers.
- Implementing Internet Protocol Security (IPsec) ISAKMP mode on Huawei routers.
- Implementing Internet Protocol Security (IPsec) manual mode on Huawei routers.
Thank you so much for your informative and helpful presentation, much appreciated
Pleasure. Thanks for your comment. We motivated to share more content with our readers.