CCDE – Inter AS L3 VPNs

Building the MPLS Underlay

Layer 2 MPLS VPN
The virtualized multi-tenant data center use case allows multiple tenants to be hosted in a data center. It does not wait for the downstream or next-hop LSR to advertise the label binding for the FEC that is being distributed in the upstream direction. Also, an application that asks for children of a tenant must be prepared to receive children of types other than project. In some cases, certain levels in the hierarchy may be redundant. In Figure 24 the network is depicted as a 2-tier access, core network.

Does your organization use SSL VPN or IPsec VPN?

MPLS Basics

R2 config int lo0 R2 config-if ip add R2 config mpls label protocol ldp R2 config mpls ldp router-id lo0. Here we configured the interface to be used in LDP. R2 config router bgp R2 config-router address-family ipv4 vrf cust1 R2 config-router-af neighbor Since Customer-2 is doing static routing we have redistributed the static and connected routes, static route defined in next step R2 config-router address-family ipv4 vrf cust2 R2 config-router-af redistribute static R2 config-router-af redistribute connected R2 config-router-af end.

R2 config ip route vrf cust2 R2 config-router neighbor If the U-bit is set to 0, the receiver needs to respond to the originator of the message with a notification message. Otherwise, the receiver should silently ignore this unknown message. Mandatory Parameters —The Mandatory Parameters field is a set of required para-meters with variable lengths that pertain to this message.

Some messages do not have mandatory parameters. Optional Parameters —The Optional Parameters field is a set of optional parameters that have variable lengths. Many messages do not have optional parameters. TLV provides a generic and extensible encoding scheme for existing and future applications that use LDP signaling.

Figure shows the common TLV encoding scheme. Like the unknown message bit, the unknown TLV bit U-bit tells the receiver whether it should send a notification message to the originator if the receiver does not understand the TLV. If the U-bit is set to 0, the receiver must respond with a notification message and discard the entire message.

Otherwise, the unknown TLV is silently ignored and the rest of the message is pro-cessed as if the unknown TLV does not exist.

If the F-bit is set to 0, the unknown TLV is not forwarded. Otherwise, it is forwarded with the containing message. The basic discovery mechanism identifies directly connected LDP peers.

The extended discovery mechanism identifies non-directly connected LDP peers. As you learned in the previous section, two types of LDP Hello messages exist. This multicast address represents all routers on this subnet. When the LSR receives an LDP Link Hello on an interface, it creates a Hello adjacency to keep track of a potential LDP peer reachable at the link level on the interface and learns the label space that the peer intends to use for the interface.

After two LSRs exchange LDP discovery Hello messages, they start the process of session establishment, which proceeds in two sequential phases:. The objective of the transport connection establishment phase is to establish a reliable TCP connection between two LDP peers. To avoid this situation, an LSR first determines whether it should play the active or passive role in session establishment by comparing its own transport address with the transport address it obtains through the exchange of LDP Hellos.

If its address has a higher value, it assumes the active role. Otherwise, it is passive. In this phase, LDP peers exchange and negotiate session parameters such as the protocol version, label distribution methods, timer values, label ranges, and so on. If the receiver finds a match and the session parameters are acceptable, it replies with an Initialization message with its own session parameters and a Keepalive message to acknow-ledge the sender's parameters.

When the sender receives an Initialization message with acceptable session parameters, it responds with a Keepalive message. When both LDP peers exchange Initialization and Keepalive messages with each other, the session initialization phase is completed successfully and the LDP session is considered operational. Label distribution and management consist of different control, retention, and advertisement modes.

Even though it is possible to use an arbitrary permutation for an MPLS application, a certain combination of control, retention, and advertisement modes is usually more preferable or appropriate for a particular MPLS application. The main focus of an MPLS application is the distribution and management of label bindings. Label bindings are always the centerpiece of information in LDP signaling. The encoding scheme of the FEC element varies depending on the FEC element type, such as address prefix and host address.

Generic Label TLV has a type of 0x This ensures that routes with a next-hop pointing to a directly attached multiaccess networks for which the next-hop adjacency information isn't readily available also receive routes.

First, we need to define and name each route target that we want to use:. Defining a pair of sequential route targets for each VRF allows for very scalable import and export control among many VRFs. For the purposes of this example though, we'll just focus on two. First we'll define our import policy for the Development VRF.

This policy matches all routes learned via BGP with at least one of the listed route targets which you'll recall are simply BGP communities. All other routes are rejected. Our export policy is configured similarly. In this example, we're exporting only directly connected routes. Two route targets are applied to each route being exported: To do so, simply configure the protocol as you normally would under the routing-instance hierarchy, like so:.

He is known for his blog and cheat sheets here at Packet Life. You can reach him by email or follow him on Twitter. I very much like the idea.

Once I'm done with Cisco I will have a look on Juniper's solutions. We've had no need for L2VPN. I'm glad you are taking the deep dive plunge into Juniper. Once I started using Junos, I found it hard to go back to Cisco without feeling like I was taking a step back. I love the flexibility of their routing policy language. The QFX's are great switches you will like them, especially once they start running kvm this June.

Then you can virtualize Junos and upgrade between versions without any downtime. I was wondering; this looks pretty much green field, is this a new data center or were you retrofitting an existing one?

MP-BGP Configuration

Leave a Reply