RIPv2 PE-CE Routing Overview, Configuration, and Verification

Static PE-CE routing can create administrative overheads for the service provider. Service providers, therefore, prefer to run dynamic PE-CE routing protocols for the following reasons:

  • To avoid maintaining multiple static routes.
  • Customer prefers to run a dynamic routing protocol.
  • Customer has a dual-homed connection to the service provider.

In an RIPv2 PE-CE routing environment, an IPv4 routing context is configured for each VRF running RIP on the PE router. The RIP parameters are specified in the VRF routing context. Global RIP parameters, if entered in the RIP router configuration, are inherited by the RIP VRF routing context. These parameters can, however, be overwritten in the routing context.

Figure 4-3 shows a typical MPLS VPN network, where PE1-AS1 uses RIPv2 as the PE-CE routing protocol with CE1-A, and PE2-AS1 can run either RIPv2, OSPF, EIGRP, BGP, or static PE-CE routing protocol with CE2-A. PE1-AS1 receives RIPv2 routes from the CE1-A router. The received RIP routes are redistributed into MP-iBGP at the PE1-AS1 router and are transported across the backbone as VPNv4 routes to the PE2-AS1 router. These VPNv4 routes are redistributed back into RIPv2, OSPF, EIGRP, and BGP routes at the PE2-AS1 router and then propagated to the CE2-A router.

Figure 4-3. MPLS VPN Network with RIPv2 PE-CE Routing

 

Configuration Flowchart to Implement RIPv2 PE-CE Routing

Figure 4-4 shows the configuration flowchart to implement RIPv2 PE-CE routing on a PE router.

Figure 4-4. Configurations Steps for RIPv2 PE-CE Routing

 

Configuring RIPv2 PE-CE Routing

The network topology in Figure 4-5 depicts an ATM-based MPLS VPN provider network providing MPLS VPN services to Customer A sites, Site 1 and Site 2. The MPLS provider network comprises PE1-AS1 and PE2-AS1 as PE routers. P1-AS1 and P2-AS1 are LS1010 switches and function as provider routers. The MPLS VPN provider network is running OSPF as the IGP routing protocol on PE1-AS1, P1-AS1, P2-AS1, and PE2-AS1. PE routers PE1-AS1 and PE2-AS1 are configured for MP-iBGP connectivity between them.

Figure 4-5. MPLS VPN Provider Implementing RIPv2 PE-CE Routing

Customer A requires connectivity between the Site 1 network (172.16.10.0/24) and Site 2 network (172.16.20.0/24). Site 1 and Site 2 belong to the same VPN, VPN-A. Site 1 and Site 2 comprise CE routers CE1-A and CE2-A, respectively. CE1-A and CE2-A are connected to PE1-AS1 and PE2-AS1, respectively. CE1-A and CE2-A are already running RIPv2 routing protocol. RIPv2 PE-CE routing protocol on PE routers PE1-AS1 and PE2-AS1 is implemented as follows.

Prior to the configuration shown in Example 4-10, ensure that the provider network is provisioned to deliver MPLS VPN services to Customer A sites. Ensure that IP addresses are preconfigured and VRFs defined on PE router. Example 4-10 provides the configuration related to defining VRF and its attributes on PE routers for RIPv2 PE-CE routing.

Example 4-10. Define VRF VRF-RIP on PE Routers PE1-AS1 and PE2-AS1

PE1-AS1(config)#ip vrf VRF-RIP

PE1-AS1(config-vrf)# rd 1:100

PE1-AS1(config-vrf)#route-target both 1:100

PE1-AS1(config-vrf)#interface FastEthernet0/0

PE1-AS1(config-if)# ip vrf forwarding VRF-RIP

PE1-AS1(config-if)# ip address 172.16.1.1 255.255.255.252

PE2-AS1(config)#ip vrf VRF-RIP

PE2-AS1(config-vrf)# rd 1:100

PE2-AS1(config-vrf)# route-target both 1:100

PE2-AS1(config-vrf)#interface Ethernet1/0

PE2-AS1(config-if)# ip vrf forwarding VRF-RIP

PE2-AS1(config-if)# ip address 172.16.2.1 255.255.255.252

The steps to configure RIPv2 PE-CE routing on PE routers are as follows:

Step 1.

Configure per VRF RIP routing context and RIP parameters on PE routers – Configure per VRF RIP routing context for VRF RIP under the RIP routing process on PE1-AS1 and PE2-AS1. Configure the per VRF RIP parameters under the address family. Example 4-11 shows this configuration step for PE1-AS1. Repeat the same steps for PE2-AS1.
 

Example 4-11. Configure per VRF RIP Routing Context on PE Routers

PE1-AS1(config)#router rip

PE1-AS1(config-router)# version 2

PE1-AS1(config-router)# address-family ipv4 vrf VRF-RIP

PE1-AS1(config-router-af)#network 172.16.0.0

PE1-AS1(config-router-af)# no auto-summary

PE1-AS1(config-router-af)# exit-address-family
 

Step 2.

Redistribute the per VRF RIP routes in BGP – Example 4-12 shows the step to redistribute the per VRF RIP routes into BGP on PE routers PE1-AS1 and PE2-AS1. This configuration step is shown in Example 4-12.
 

Example 4-12. Redistribute RIPv2 Routes in BGP on PE Routers

PE1-AS1(config)#router bgp 1

PE1-AS1(config-router)#address-family ipv4 vrf VRF-RIP

PE1-AS1(config-router-af)#redistribute rip

________________________________________________________________

PE2-AS1(config)#router bgp 1

PE2-AS1(config-router)#address-family ipv4 vrf VRF-RIP

PE2-AS1(config-router-af)#redistribute rip
 

Step 3.

Redistribute MP-iBGP VPNv4 prefixes into RIP – Redistribute the MP-iBGP VPNv4 prefixes from remote PE1-AS1 into RIP per VRF routing context on PE2-AS1 router. In RIP PE-CE routing, the RIP metric is copied into the BGP multi-exit discriminator (MED) attribute. This metric can be preserved across the CE network by configuring the metric transparent option during redistribution from BGP into RIPv2, and, by doing so, it is copied back from the BGP MED attribute into the RIP version 2 metric. The configuration step is shown in Example 4-13.
 

Example 4-13. Redistribute MP-IBGP Routes into RIP Routing Context on PE Routers

PE1-AS1(config-router-af)#router rip

PE1-AS1(config-router)#address-family ipv4 vrf VRF-RIP

PE1-AS1(config-router-af)#redistribute bgp 1 metric transparent

________________________________________________________________

PE2-AS1(config-router-af)#router rip

PE2-AS1(config-router)#address-family ipv4 vrf VRF-RIP

PE2-AS1(config-router-af)#redistribute bgp 1 metric transparent
 

RIPv2 PE-CE Routing – Customer Edge CE1-A and CE2-A Configuration

Example 4-14 shows the configuration on the CE1-A and CE2-A customer edge routers.

Example 4-14. CE1-A and CE2-A Router Configuration

hostname CE1-A

!

interface Loopback0

 ip address 172.16.10.1 255.255.255.0

!

interface FastEthernet0/0

description connected to PE1-AS1

ip address 172.16.1.2 255.255.255.252

!

router rip

 version 2

 network 172.16.0.0

 no auto-summary

__________________________________________________________________________

hostname CE2-A

!

interface Loopback0

 ip address 172.16.20.1 255.255.255.0

!

interface Ethernet0/0

description connected to PE2-AS1

 ip address 172.16.2.2 255.255.255.252

!

router rip

 version 2

 network 172.16.0.0

 no auto-summary

 

RIPv2 PE-CE Routing – Provider Edge PE1-AS1 and PE2-AS1 Configuration

Example 4-15 shows the final configuration on the CE1-RIP and CE2-RIP provider edge routers PE1-AS1 and PE2-AS1.

Example 4-15. PE1-AS1 and PE2-AS1 Router Configuration

hostname PE1-AS1

!

ip cef

!

ip vrf VRF-RIP

 rd 1:100

 route-target export 1:100

 route-target import 1:100

!

mpls label protocol ldp

mpls tdp router-id Loopback0

!

interface Loopback0

 ip address 10.10.10.101 255.255.255.255

!

interface FastEthernet0/0

description connected to CE1-A

 ip vrf forwarding VRF-RIP

 ip address 172.16.1.1 255.255.255.252

!

interface ATM2/0 no

 ip address

 no atm ilmi-keepalive

!

interface ATM2/0.1 mpls

 description Connection to A1

 ip address 10.10.10.1 255.255.255.252

mpls ip

!

router ospf 1

 network 10.0.0.0 0.255.255.255 area 0

!

router rip

 version 2

 !

 address-family ipv4 vrf VRF-RIP

 version 2

 redistribute bgp 1 metric transparent

 network 172.16.0.0

 no auto-summary

 exit-address-family

!

router bgp 1

 no synchronization

 bgp log-neighbor-changes

 neighbor 10.10.10.102 remote-as 1

 neighbor 10.10.10.102 update-source Loopback0

 no auto-summary

 !

 address-family vpnv4

 neighbor 10.10.10.102 activate

 neighbor 10.10.10.102 send-community extended

 no auto-summary

 exit-address-family

 !

 address-family ipv4 vrf VRF-RIP

 redistribute rip

 no auto-summary

 no synchronization

 exit-address-family

__________________________________________________________________________

hostname PE2-AS1

!

ip cef

!

ip vrf VRF-RIP

 rd 1:100

 route-target export 1:100

 route-target import 1:100

!

mpls label protocol ldp

mpls ldp router-id Loopback0

!

interface Loopback0

 ip address 10.10.10.102 255.255.255.255

!

interface Ethernet1/0

description connected to CE2-A

 ip vrf forwarding VRF-RIP

 ip address 172.16.2.1 255.255.255.252

!

interface ATM2/0

 no ip address

!

interface ATM2/0.1 mpls

 description connection to A2

 ip address 10.10.10.10 255.255.255.252

 mpls ip

!

router ospf 100

 network 10.10.0.0 0.0.255.255 area 0

!

router rip

 version 2

 !

 address-family ipv4 vrf VRF-RIP

 version 2

 redistribute bgp 1 metric transparent

 network 172.16.0.0

 no auto-summary

 exit-address-family

!

router bgp 1

 no synchronization

 neighbor 10.10.10.101 remote-as 1

 neighbor 10.10.10.101 update-source Loopback0

 no auto-summary

 !

 address-family vpnv4

 neighbor 10.10.10.101 activate

 neighbor 10.10.10.101 send-community extended

 no auto-summary

 exit-address-family

 !

 address-family ipv4 vrf VRF-RIP

 redistribute rip

 no auto-summary

 no synchronization

 exit-address-family

 

Verification of RIPv2 PE-CE Routing

The steps to verify RIPv2 PE-CE routing are as follows:

Step 1.

Verify BGP VPNv4 routing table on PE1-AS1 and PE2-AS1 – Check the BGP VPNv4 routing table to see if routes are received properly. Example 4-16 shows that PE1-AS1 receives 172.16.20.0/24. Repeat the same step on PE2-AS1.
 

Example 4-16. Verify BGP VPNv4 Routing Table on PE Routers

PE1-AS1#show ip bgp vpnv4 vrf VRF-RIP

BGP table version is 24, local router ID is 10.10.10.101

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal

Origin codes: i - IGP, e - EGP, ? - incomplete

 Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 1:100 (default for vrf VRF-RIP)

*> 172.16.1.0/30 0.0.0.0 0 32768 ?

*>i172.16.2.0/30 10.10.10.102 0 100 0 ?

*> 172.16.10.0/24 172.16.1.2 1 32768 ?

*>i172.16.20.0/24 10.10.10.102 1 100 0 ?
 

Step 2.

Verify VRF routing table on PE1-AS1 and PE2-AS1 – Check the VRF routing table to see if routes advertised by local and remote CE routers are seen in the VRF routing table.

Example 4-17 shows that PE1-AS1 has received the 172.16.20.0 network from the PE2-AS1 and the 172.16.10.0/24 network from CE1-A.
 

Example 4-17. Verify VRF Routing Table on PE Routers

PE1-AS1#show ip route vrf VRF-RIP



 172.16.0.0/16 is variably subnetted, 4 subnets, 2 masks

B 172.16.20.0/24 [200/1] via 10.10.10.102, 2d02h

R 172.16.10.0/24 [120/1] via 172.16.1.2, 00:00:06, FastEthernet0/0

C 172.16.1.0/30 is directly connected, FastEthernet0/0

B 172.16.2.0/30 [200/0] via 10.10.10.102, 2d02h
 

Step 3.

Verify end-to-end connectivity using ping – Verify end-to-end connectivity between the CE1-A and CE2-A by issuing a ping from CE1-A to network 172.16.20.0/24 on CE2-A and vice versa. Example 4-18 shows that the ping has been successful.
 

Example 4-18. Verify Reachability via Ping

CE1-A#ping 172.16.20.1 source 172.16.10.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.20.1, timeout is 2 seconds:

Packet sent with a source address of 172.16.10.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

____________________________________________________________________

CE2-A#ping 172.16.10.1 source 172.16.20.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.10.1, timeout is 2 seconds:

Packet sent with a source address of 172.16.20.1

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
 

Control Plane Forwarding Operation

Figure 4-6 shows the path taken by the control packet originating from CE1-A to CE2-A.

Figure 4-6. Control Plane Forwarding Between CE Routers

Step 1.

CE1-RIP sends 172.16.10.0/24 as an IPv4 update to PE1-AS1:
 

PE1-AS1#show ip route vrf VRF-RIP | include 172.16.10.0

R 172.16.10.0/24 [120/1] via 172.16.1.2, 00:00:03, FastEthernet0/0
 

Step 2.

Figure 4-6 shows that PE1-AS1 accepts and transforms the IPv4 route, 172.16.10.0/24, to a VPNv4 route by assigning an RD 1:100, SoO, and RT 1:100 based on the VRF RIP configuration on PE1-AS1. It then allocates a VPNv4 label 24 to 172.16.10.0/24 update and rewrites the next-hop attribute to the PE1-AS1 loopback0 IP address 10.10.10.101.

Now PE1-AS1, 10.10.10.101, is reachable via IGP (OSPF) and LDP. The following control plane operation shows the IGP label propagation for prefix 10.10.10.101/32 from PE1-AS1 to PE2-AS1 inside the provider network. This propagation takes place as soon as the MPLS VPN provider network is established and is always in place prior to any VPNv4 prefix being propagated across the MPLS VPN provider network. The following steps are performed in the label propagation process for prefix 10.10.10.101/32. This operation is shown for clarity:
 

Step 2A In Figure 4-6, Edge ATM LSR PE2-AS1 requests a label for the 10.10.10.101/32 prefix using the LDP label mapping request from its downstream neighbor, ATM LSR P2-AS1. P2-AS1 requests a label for the 10.10.10.101/32 prefix using the LDP label mapping request from its downstream neighbor, ATM LSR P1-AS1. P1-AS1, in turn, requests a label for the 10.10.10.101/32 prefix using the LDP label mapping request from its downstream neighbor, Edge ATM LSR PE1-AS1. Edge ATM LSR PE1-AS1 allocates a label to 10.10.10.101/32, which corresponds to its inbound VPI/VCI value 1/33, modifies the entry in the LFIB corresponding to 10.10.10.101/32, and sends it to P1-AS1 using an LDP reply. Example 4-19 shows the output of show mpls atm-ldp bindings on PE1-AS1.
 

Example 4-19. Label Allocation and Distribution Verification on PE1-AS1

PE1-AS1#show mpls atm-ldp bindings

 Destination: 10.10.10.101/32

 Tailend Router ATM2/0.1 1/33 Active, VCD=95

 Destination: 10.10.10.4/30

 Headend Router ATM2/0.1 (1 hop) 1/33 Active, VCD=95

 Destination: 10.10.10.8/30

 Headend Router ATM2/0.1 (2 hops) 1/34 Active, VCD=97

 Destination: 10.10.10.102/32

 Headend Router ATM2/0.1 (3 hops) 1/35 Active, VCD=99

 Destination: 10.10.10.200/32

 Headend Router ATM2/0.1 (1 hop) 1/36 Active, VCD=96

 Destination: 10.10.10.201/32

 Headend Router ATM2/0.1 (2 hops) 1/37 Active, VCD=98

Step 2B P1-AS1 uses the VPI/VCI, 1/33, received from PE1-AS1 as its outbound VPI/VCI label value, allocates a free VC that is mapped to the local inbound VPI/VCI 1/44, and modifies the LFIB entry for 10.10.10.101/32. P1-AS1 then sends VPI/VCI value 1/44 to P2-AS1 via an LDP reply, as shown in Figure 4-6. Example 4-20 shows the output of show mpls atm-ldp bindings on P1-AS1.
 

Example 4-20. Label Allocation and Distribution Verification on P1-AS1

P1-AS1#show mpls atm-ldp bindings

 Destination: 10.10.10.200/32

 Tailend Switch ATM4/0/0 1/35 Active -> Terminating Active, VCD=70

 Tailend Switch ATM4/0/2 1/36 Active -> Terminating Active, VCD=74

 Destination: 10.10.10.0/30

 Tailend Switch ATM4/0/0 1/33 Active -> ATM4/0/2 Terminating Active, VCD=69

 Destination: 10.10.10.101/32

 Transit ATM4/0/0 1/44 Active -> ATM4/0/2 1/33 Active

 Destination: 10.10.10.4/30

 Tailend Switch ATM4/0/2 1/33 Active -> ATM4/0/0 Terminating Active, VCD=73

 Destination: 10.10.10.8/30

 Transit ATM4/0/2 1/34 Active -> ATM4/0/0 1/33 Active

 Destination: 10.10.10.102/32

 Transit ATM4/0/2 1/35 Active -> ATM4/0/0 1/34 Active

 Destination: 10.10.10.201/32

 Transit ATM4/0/2 1/37 Active -> ATM4/0/0 1/35 Active

Step 2C P2-AS1 uses the VPI/VCI, 1/44, received from P1-AS1 as its outbound VPI/VCI value, allocates a free VC that is mapped to the local inbound VPI/VCI 1/39, and modifies the LFIB entry for 10.10.10.101/32. P2-AS1 then sends VPI/VCI value 1/39 to PE2-AS1 via an LDP reply. Example 4-21 shows the output of show mpls atm-ldp bindings on P2-AS1.
 

Example 4-21. Label Allocation and Distribution Verification on P2-AS1

P2-AS1#show mpls atm-ldp bindings

 Destination: 10.10.10.0/30

 Transit ATM4/0/1 1/33 Active -> ATM4/0/0 1/33 Active

 Destination: 10.10.10.4/30

 Tailend Switch ATM4/0/1 1/34 Active -> ATM4/0/0 Terminating Active, VCD=119

 Destination: 10.10.10.200/32

 Transit ATM4/0/1 1/36 Active -> ATM4/0/0 1/35 Active

 Destination: 10.10.10.201/32

 Tailend Switch ATM4/0/1 1/37 Active -> Terminating Active, VCD=120

 Tailend Switch ATM4/0/0 1/35 Active -> Terminating Active, VCD=126

 Destination: 10.10.10.101/32

 Transit ATM4/0/1 1/39 Active -> ATM4/0/0 1/44 Active

 Destination: 10.10.10.8/30

 Tailend Switch ATM4/0/0 1/33 Active -> ATM4/0/1 Terminating Active, VCD=125

 Destination: 10.10.10.102/32

 Transit ATM4/0/0 1/34 Active -> ATM4/0/1 1/35 Active

Edge ATM LSR PE2-AS1 then uses VPI/VCI value 1/39, received from P2-AS1, as its outbound VPI/VCI value and modifies the entry in the LFIB. This is shown in Example 4-22.
 

Example 4-22. Label Allocation and Distribution Verification on PE2-AS1

PE2-AS1#show mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

16 1/34 10.10.10.4/30 0 AT2/0.1 point2point

18 1/33 10.10.10.0/30 0 AT2/0.1 point2point

19 1/39 10.10.10.101/32 0 AT2/0.1 point2point

22 1/36 10.10.10.200/32 0 AT2/0.1 point2point

23 1/37 10.10.10.201/32 0 AT2/0.1 point2point

25 Aggregate 172.16.2.0/30[V] 0

26 Untagged 172.16.20.0/24[V] 0 Et1/0 172.16.2.2

__________________________________________________________________________

PE2-AS1#show mpls atm-ldp bindings

 Destination: 10.10.10.0/30

 Headend Router ATM2/0.1 (2 hops) 1/33 Active, VCD=72

 Destination: 10.10.10.4/30

 Headend Router ATM2/0.1 (1 hop) 1/34 Active, VCD=70

 Destination: 10.10.10.200/32

 Headend Router ATM2/0.1 (2 hops) 1/36 Active, VCD=73

 Destination: 10.10.10.201/32

 Headend Router ATM2/0.1 (1 hop) 1/37 Active, VCD=71

 Destination: 10.10.10.101/32

 Headend Router ATM2/0.1 (3 hops) 1/39 Active, VCD=76

 Destination: 10.10.10.102/32

 Tailend Router ATM2/0.1 1/35 Active, VCD=77
 

Step 3.

PE1-AS1 has VRF RIP configured to accept routes with RT 1:100 and, therefore, translates the VPNv4 update to IPv4 and inserts the route in VRF RIP. It then propagates this route to the CE2-A.
 

Data Forwarding Operation

The data forwarding path originates from 172.16.20.1, which is the source address with the traffic destined to 172.16.10.1. Figure 4-6 traces the path of the data packet from the source to the destination:

Step 1.

CE2-RIP originates a data packet with the source address of 172.16.20.1 and destination of 172.16.10.1.
 

Step 2.

PE2-AS1 receives the data packet and appends the VPN label 24 and LDP label 1/39 and forwards the packet to P2-AS1. See Example 4-23.
 

Example 4-23. Data Forwarding Verification on PE2-AS1

PE2-AS1#show ip cef vrf VRF-RIP 172.16.10.0

172.16.10.0/24, version 17, epoch 0, cached adjacency to ATM2/0.1

0 packets, 0 bytes

 tag information set

 local tag: VPN-route-head

 fast tag rewrite with AT2/0.1, point2point, tags imposed: {1/39(vcd=76) 24}

 via 10.10.10.101, 0 dependencies, recursive

 next hop 10.10.10.9, ATM2/0.1 via 10.10.10.101/32

 valid cached adjacency

 tag rewrite with AT2/0.1, point2point, tags imposed: {1/39(vcd=76) 24}
 

Step 3.

P2-AS1 receives the data packet destined to 172.16.10.1 and swaps LDP label 1/39 with 1/44. Example 4-24 shows the output of show mpls atm-ldp bindings destination-prefix mask-length on P2-AS1.
 

Example 4-24. Data Plane Verification on P2-AS1

P2-AS1#show mpls atm-ldp bindings 10.10.10.101 32

 Destination: 10.10.10.101/32

 Transit ATM4/0/1 1/39 Active -> ATM4/0/0 1/44 Active
 

Step 4.

P1-AS1 receives the data packet destined to 172.16.10.1 and swaps LDP label 1/44 with 1/33. Example 4-25 shows the output of show mpls atm-ldp bindings destination-prefix mask-length. Penultimate hop popping is not supported on ATM LSRs because the label is part of the ATM cell payload and cannot be removed by ATM switching hardware. Therefore, P1-AS1, which is an ATM device, does not perform any penultimate hop popping function.
 

Example 4-25. Data Plane Verification on P1-AS1

P1-AS1#show mpls atm-ldp bindings 10.10.10.101 32

 Destination: 10.10.10.101/32

 Transit ATM4/0/0 1/44 Active -> ATM4/0/2 1/33 Active
 

Step 5.

PE1-AS1 pops the label stack (both VPN label 24 and LDP label 1/33) and forwards the data packet to CE1-RIP where the 172.16.10.0 network is located.
 





MPLS Configuration on Cisco IOS Software
MPLS Configuration on Cisco IOS Software
ISBN: 1587051990
EAN: 2147483647
Year: 2006
Pages: 130
Simiral book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net