Monday, June 17, 2013

Inter-AS xconnect





Issue

In this example we will configure xconnect between two PE routers (R2 and R5) which are located in different ASs in order to achieve connectivity

Configuration

R1

R1#sh run int s1/0
interface Serial1/0
 ip address 192.1.16.1 255.255.255.0
 no keepalive

R2

R2#sh run int s2/0
interface Serial2/0
 no ip address
 no keepalive

R2#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.23.2 255.255.255.0
 speed 100
 duplex full
 mpls ip

R2#sh run int lo0
interface Loopback0
 ip address 2.2.2.2 255.255.255.255

R2#sh run | sec router ospf
router ospf 1
 router-id 2.2.2.2
 network 2.2.2.2 0.0.0.0 area 0
 network 192.1.23.2 0.0.0.0 area 0

R3

R3#sh run int f2/0
interface FastEthernet2/0
 ip address 192.1.23.3 255.255.255.0
 speed 100
 duplex full
 mpls ip

R3#sh run int pos1/0
interface POS1/0
 ip address 192.1.34.3 255.255.255.0
 encapsulation ppp

R3#sh run | sec router ospf
router ospf 1
 router-id 3.3.3.3
 redistribute bgp 100 subnets route-map MSSK
 network 3.3.3.3 0.0.0.0 area 0
 network 192.1.23.3 0.0.0.0 area 0

R3#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 192.1.34.4 remote-as 200
 !
 address-family ipv4
  network 2.2.2.2 mask 255.255.255.255
  network 3.3.3.3 mask 255.255.255.255
  neighbor 192.1.34.4 activate
 exit-address-family

R4

R4#sh run int pos1/0
interface POS1/0
 ip address 192.1.34.4 255.255.255.0
 encapsulation ppp

R4#sh run int f2/0
interface FastEthernet2/0
 ip address 192.1.45.4 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

router isis 1
 net 49.0001.0000.0000.0004.00
 is-type level-2-only
 redistribute bgp 200 route-map MSSK

R4#sh run | sec router bgp
router bgp 200
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 192.1.34.3 remote-as 100
 !
 address-family ipv4
  network 4.4.4.4 mask 255.255.255.255
  network 5.5.5.5 mask 255.255.255.255
  neighbor 192.1.34.3 activate
 exit-address-family

R5

R5#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.45.5 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R5#sh run int ser2/0
interface Serial2/0
 no ip address
 no keepalive
 serial restart-delay 0
 xconnect 2.2.2.2 16 encapsulation mpls

R5#sh run | sec router isis
 ip router isis 1
 ip router isis 1
router isis 1
 net 49.0001.0000.0000.0005.00
 is-type level-2-only

R6

R6#sh run int s1/0
interface Serial1/0
 ip address 192.1.16.6 255.255.255.0
 no keepalive
 serial restart-delay 0


Verification

Now, R2 (the PE in AS 100) does not know about the loopback of R5 (and vice versa) which will be used to configure the xconnect peering, and in order for MPLS to operate, LDP has to assign labels, in order for that to take place we will redistribute the routes in IGP (OSPF and ISIS in AS 100, 200 respectively) as IGP will handle label assignments

R3#sh run | sec ip pref
ip prefix-list MSSK seq 5 permit 4.4.4.4/32
ip prefix-list MSSK seq 10 permit 5.5.5.5/32

R4#sh run | sec ip pref
ip prefix-list MSSK seq 5 permit 2.2.2.2/32
ip prefix-list MSSK seq 10 permit 3.3.3.3/32

route-map MSSK permit 10
 match ip address prefix-list MSSK

R3
router ospf 1
redistribute bgp 100 subnets route-map MSSK

R4
router isis 1
redistribute bgp 200 route-map MSSK

R2#show mpls forwarding-table | inc 5.5.5.5
17         19         5.5.5.5/32       0             Fa1/0      192.1.23.3

R5#show mpls forwarding-table | inc 2.2.2.2
17         18         2.2.2.2/32       0             Fa1/0      192.1.45.4 

Now in order for the labels to be passed through the ASes , we have to configure the BGP neighbors to send the labels

R3
router bgp 100
address-family ipv4
  neighbor 192.1.34.4 send-label

R4
router bgp 200
address-family ipv4
  neighbor 192.1.34.3 send-label

Now let us check the status of our L2VPN

R2#show mpls l2transport vc 16

Local intf     Local circuit              Dest address    VC ID      Status
-------------  -------------------------- --------------- ---------- ----------
Se2/0          HDLC                       5.5.5.5         16         UP      

R5#sh mpls l2transport vc 16

Local intf     Local circuit              Dest address    VC ID      Status
-------------  -------------------------- --------------- ---------- ----------
Se2/0          HDLC                       2.2.2.2         16         UP       

R1#ping 192.1.16.6
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.6, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms

R6#ping 192.1.16.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.1.16.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms

R1#traceroute 192.1.16.6 numeric
Type escape sequence to abort.
Tracing the route to 192.1.16.6
VRF info: (vrf in name/id, vrf out name/id)
  1 192.1.16.6 20 msec *  20 msec

R6#traceroute 192.1.16.1 numeric
Type escape sequence to abort.
Tracing the route to 192.1.16.1
VRF info: (vrf in name/id, vrf out name/id)
  1 192.1.16.1 20 msec *  20 msec
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)