350-501 SPCOR Cisco CCNP Service Provider – MPLS L3 VPN – RIP-EIGRP-OSPF Part 2
June 7, 2023

3. MPLS L3 VPN – OSPF

MPs L three VPN support for OSPF. Now in this video I am going to show you if I’m using OSPF as a PTC routing protocol, how exactly we configure and what are the things we need to keep in mind when we are supporting a customer which is running OSP of routing protocol. Now in our previous sections we have seen how to configure our IP version two and also we have seen EHRP. So in both of this routing protocols almost the configurations will be similar and in fact we go with the six steps. The same six steps will be for each and every routing protocol. Now in this section we’ll be focusing on OSPF. Now let’s try to see the pre requirement for our lab here. Now in fact, we have six steps. The first step is we need to configure IGP must be running inside the service for network.

Now this is something already pre configured. So I’m going to say pre requirements. The pre requirement here is Ivgp must be running inside the service poor network and it is already pre configured in my lab here. The next thing we need to have an MPLS LDP running inside the service poor network and all the routers must have LDP membership established and they should be sending and receiving the labels. Now the entire label switch path is working from P to P. So LDP is also pre configured here. And the third step we need to look into that is the P routers, the border routers. We need to have a VRF configured. So in my scenario I have a VRFA one configured on the router one and I have a VRF A two configured on the router three. The other P router and both the routers are using Rdvalue and Rtvalue of 500 colon one on both the sites.

And then we have configured import and export 500 colon one on both the sites. Now these are something three requirements we need to have before we actually start implementing the L three VPNs. Now let’s get back to the six steps here. If you remember, we need to have an IGP running and an mPLUS LDP. And then we have a VRF assigned with a one on the site one, a two on the site two, and then both the both the VRFs are configured with respective route distinguisher and route target values. So in my example, I’m going to use 500 colon one for customer A. Now the next step will be configuring routing between P to C. So in this example I’m going to use OSPF and configuration of VPN V four peering will be exactly the same what we have done in our previous sessions and the redistribution will be similar.

Now we need to just there will be a slight change in the commands, but the entire six steps will remain the same. So let’s try to verify one by one. So I need to get into my command line here. So first we will verify one by one. So I’ll start with the first step. Now in my first step, the first thing I’ll verify the OSP of neighborship. You can see router one is forming the neighbor ship. And if you see I’m able to see all the routes coming inside my service pawn network. And also if I verify show MPLS LDP neighbors I can see both the neighborship is up and if I use show MPLS forwarding table, I can see all the all the label forwarding is there. And generally you should not see something on no label as an outgoing label.

So if you see something like no label it indicates that there is some label switch path is not working fine. So we need to troubleshoot that inside the LDP. Now here we don’t have any issues like that. So the third thing we need to have a VRF configured. So I’ll verify show IP VRF interfaces. I have the interface which is facing towards the customer f zero by zero is assigned under the VRFA one and it is up and running. And let’s verify the connectivity towards the customer interface which is using one seven to 15 1655. Under the VRF I should be able to ping to that interface. Now let’s try to verify the same thing on the router three. So show empila’s LDP neighbors and if I do show empila’s forwarding table, everything is perfect here.

And then if I go show Ipvr interfaces I have the interface which is facing towards the customer under the VRF and I should be able to ping with the name for VRF a 2172 1636. Now the initial configs till the third step, it is exactly the same what we have done in our previous examples. So it is something pre configured. Now I’m going to continue with the fourth step here. So the fourth step will be we need to configure P to C routing by using OSPF as our routing protocol. So let’s try to configure that. So if I go to my diagram, in this diagram I need to configure OSPF as a P to see on both the sides. So let us start with the router file first. On the router file I just have two interfaces facing. One is connected interface and the other one is a LAN interface. And in my scenario, five dot five dot five will be acting as my LAN interface.

So I need to configure OSPF. So on the customer router it will be a normal OSPF. I need to advertise 170 16150, which is 24 subnet mark advertising in area zero and then advertising the LAN interface which is five five in area zero. So on the router file I’m advertising the LAN interface, this one, and also the Van interface which is connecting between P to C. So the next thing I’ll go to router anywhere I can just go and configure the same thing on the router six. First. Let us configure phi one. Now, I just configured router pi, so I’m going to configure router one also. Now on the router one we need to configure OSPF. So what’s the command we need to use? Now, remember one thing, we are going to configure routing protocol towards B to C and it has to be configured under the VRF, right? So which means we need to go under, we need to get into the VRF configuration.

So to make that possible, we need to say Router OSPF One and then the VRF command comes exactly beside your OSPF command. So we don’t have any address family mentioned here. So we just need to say VRF. And what’s the name of the VRF? We need to say a hyphen One. So when I give this command, if you if you see here I got a warning message, in fact it’s an error message saying that OSPF Prosthetic One is already existing and it is attached to the default routing table. Now let’s check what exactly it is. Do show run section OSPF. Now here I have a Router ID, Process ID one is already associated to my global routing table. So if you remember, we have configured IGP inside the service for network by using OSP of one Process ID.

Now in general, you cannot use the same Process ID for different routing instances. Now, which means if I have a P router which is connecting to multiple customers and all the customers are using OSP of let’s say, so I need to use Process ID One for Customer A and Processor Two for Customer B and Process ID Three for Customer C, three VRF. So every VRF must have a unique process. ID. And at the same time, let’s say if I’m also connecting to my service port network inside and where I’m going to use a global routing table. So these three are my VRF routing tables. So VRFA is using prosperity of one, vrfp is using prosperity of two and we are f. C is using prosthetic of three. And inside my service for network again I had to use a different Prosperity. So I had to use a Prosthetic of Four, because I cannot use 123123 is already assigned to respect to VRS.

Now, the same thing is happening here as well. Here also I’m using a Process ID value of One inside the service for network for my global routing table. So which means I cannot use one again. So if I want to configure OSPF, I have to use any other number other than one, because already this router is running OSP of one for a global routing table. So what I’m going to do is I have to use a different processor, so I’ll use OSP Prowson Ten and then I’ll give VRF, I need to say VRF and then I have to say VRF. So the command is wrong. So I had to say Proud ten VRF and then I had to say a one. So now you don’t see any message, which means this procedural is not in use and it is now associated with VRF a one. Now again, you cannot use ten member ten prosperity for any other VRF or any other routing instance.

So what is the interface I need to address? I need to address this interface which is connecting between router one and router five. So I need to say 170, 216, 15 network with 24 subnet marks. So if you want you can just only one interface by giving a command called zero zero zero. So now once you finish up the configurations, now you must see router one and router file establishes a neighbor relationship. So we can see the neighbor relationship comes up between router one and router file. And if I want to verify, I can use show IP OSP of ten neighbor. Because normally what happens is when you’re running a provider edge router, on the provider edge router I might be running multiple customer routers. So if you want to be more specific, then we can use Show IP OSP of ten Neighbor.

Now, when I give that command, it is going to only display the neighbor ship for OSP of process ID ten. In our example it is for VRFA One. So if I give general OSP of Neighbor command, you will see multiple neighbor commands. And these two neighbors neighbor commands are relating to your global OSPF with a process idea of one. And this one is a neighbor for VRFs which is connecting on f zero by zero towards the customer. Now sometimes it’s really when you go with this command, it’s going to show you a lot of neighbor commands and we need to be more specific. So I recommend you to use show. Iposp of neighbor. So the neighborship is up, it confirms that your routing between P to C is perfect almost.

And one more thing I need to verify is we need to say Show IP route VRF a one route. I should see the customer land route that is firefighter fire five must be coming into my VRF routing table and then I should be able to ping to that customer land interface under the VRF. So it’s confirmed that your P to C routing between router one and router five is perfect. Now let us do the same thing on the router six. So on router six I’m going to configure router OSP of 30 I’m going to use because one is already associated with a global routing table. So I’m using a prosthetic of 30 on the router three and then VRF. What is the name of the VRF we are using? Sorry, actually it’s a customer router. So I need to configure normal OSPF.

So I need to send network six six, which is my LAN interface zero. And then I have to view area zero. And then the next thing I need to advertise the one interface which is one seven to 16360 and then zero 00:25 and then area what’s the area of area three? So on the customer router I’m analyzing my land interface and the van interface. Let’s try to do the same thing on the provider edge router. That is our router three. So I had to give out OSPF. One I cannot use because one is already used in the global routing table. So I’m going to use 30 VRF a two network, 172 dot, 16 dot, 36 dot zero, the customer facing interface 00025 and then area zero.

So on the provider edge router we just need to advertise only one interface that is the P to C interface. Now I should see the neighbor shape should come up show IPOs PF 30 neighbor. So it’s still coming up slowly. Let me just verify the connectivity and hopefully the connectivity is perfect. One set to 1636. I can see the connectivity. It is taking time for convergence so not an issue. Will wait for some time. So now you can see the neighborship is up. If I give Show IP OSP of 30 neighbor I can see the router three is forming the neighborship with router six. And if I give show IP route OS show IP VRFA two, I should see the customer land interface coming into my VRF routing table. So if you want to verify we can say ping VRF a two six six.

There is a customer line interface I can ping to that line interface. So now we are done with the fourth step p to C routing. P to C routing between on the site one and site two. Now we want to ensure that the customer routes from site one should go to customer route site two. So there are two more steps we need to configure in that. The first step is we need to configure VPN V four pairing between both the P routers. That is our fifth step and it is going to be the same. And then finally we need to redistribution of OSP up into PCP BGP to OSP. Now the same thing I need to do on both sides. Let’s finish off with the next step. What’s the next step? We need to configure VPN V four pairing.

Now I don’t have a BGP running here. If you just check Show IP protocols I’m just running OSPF. So I’m going to configure the fifth step from the basics. So I’m going to say router three, router PGP. What are the commands? So you know the commands already. If you remember, these are the commands we need to configure on the router one. The first command and we need to say no BGP, default IP for unicast disable the default BGP. And then pairing with the other P remote as updated source and then under the A family VPN V four we need to say Activate Send community and next option, let us quickly configure these commands.

4. MPLS L3 VPN – OSPF – Continued

So on the router three. So anyway I’ll start with the router one first. So router BGP 500 and I’m going to disable no Bgpt four type before unicast enable pairing with 31 and then remote as is same as 500 and then update source low back zero and outer family VPN V four or uniqueast. And I need to say activate send community extended and next option. I can just copy paste these configurations into your notepad. And on the other side I just need to replace 13 one. That is what I have typed. It should replace with 110 zero one. Right now on the router three we are going to use the same commands only the change of Iprsis. So I’m going to router three and then copy paste.

Now I should see the VPN V four neighborship between the P routers should come up. And to verify that we can use a command called show IP PGP VPN V Four all summary it’s still coming up. It’s still an active state. It will take some time to come up. If all the confirmations are perfect then it will come up anyway. I can see the neighbor is up now. It is not your normal VGP neighbor, it’s a VPN V Four neighbor. Because we have activated under that assembly VPN V four. But you can see there is no routes exchanged between this VPN through VPN. We are not exchanging any routes because we already configure import exports. But there is one more thing we need to configure.

The last step is redistribution of OSP of into BGP and BGP into OSP under the VRF it has to be under the VRF. So let’s configure redistribution of OSP of into BGP and BGP into OSP of on router one. So start with router one. It has to be under the VRS. That’s what we need to do. So I’ll go to router BGP 500 and under the family IPV four VRFA one. Sorry it has to be a two. Okay, I have to do it on router one, family IPV four VRFA one and then I say redistribute OSPF. What the OSPF processor we are using for the customer VRF it’s ten on the router one and we use 30 on the router three. And then it’s not compulsory to give VRF a Hyphen one because when I say OSP process rate ten automatically it is associated with VRF.

But if you want you can give and there are some extra options we have we have something called metric not compulsory in the BGP but there are some options called match. Now, whenever we do redistribution of OSP of routes, this is something we need to know when when you’re doing redistribution routes from OSP of into BGP. If I don’t do anything, if I just press Enter here by default it is going to redistribute all the O routes and OIA routes. It is going to only redistribute the routes which are learned through OSPO same area and inter area by default. In case if you have any routes coming from external, let’s say maybe you have some routes coming from E One or E Two routes, maybe you have some routes coming from the customer which are already even routes.

Those routes will not get redistributed. So there is a default behavior. So maybe, just to be on the safe side, what we need to do is if you want to redistribute these external routes also then we need to give a command called match. There’s something called match. Anyway, internal by default it will redistribute. So if you want, it can give again and we need to say external external type one, external type Two. In fact, you have an option called external type One and two both. Now, these commands are mandatory to give, especially if you have some routes coming from even getting redistributed from the customer side and when the P routers is actually receiving as even a two. So it’s mandatory to tell them.

So, just to be on the safe side, I always suggest you to add this command match internal external and there is an option called external One and external Two. So because we don’t know exactly it is E One or E Two. So I suggest you to give both E One as well as E Two. Now, this is one important thing we need to keep in mind when you are doing redistribution in OSPF, especially as a PE to cu routing protocol. Now let’s try to do the reverse redistribution redistribution of BGP into OSPF. So I need to say router OSP of ten, which is VRF. OK? So even if I don’t use this VRF, it automatically goes to ten because already we have associated. But I suggest you to just give this OSP of ten under the VRFA one and then redistribute BGP.

What is the BGP? We are countering 500 and then what else? Subnets yes, metric metric type whatever. So it’s up to you, but not compulsory. If you want you can use these options metric metric type one. Done. So just now we have finished the configuration of our redistribution on the site One, which means now this fire five dot fire out is already seen on the P router and I should be able to see the firefighter fire on the other ends of the P router that is on the router three. Let’s verify that. It’s always the best practice to verify show IP route VRF A Two. Now you should see five five coming into the VRF routing table as a BGP learned route with a next stop of eleven one, that is router One. But you don’t see this route on the router Six because we did not configure a distribution of BGP into OSP on the site Two.

Let’s finish off this configuration on the site Two as well. Almost, almost same configurations. Let us say router BGP 500 at this family IPV four VRF a two redistribute what is the protocol OSP of process ID? I’m using 30 on the route of three, if you remember. And then I had to say match internal I had to say match internal external one and external two types routes. And then I need to configure router OSP of 30 VR right under the OSPF I need to redistribute BGP 500 with a metric whatever the metric you want and the metric type. So actually I forgot one more command. What was that? Subnets. So I need to give a keyword called subnets mandatory. So now, once you finish this configuration, router one also should be able to see the routes of the psyche coming as VRF route.

And if I give show IP BGP VPN V four all in fact without summary, I must be able to see all the routes with the Rd value of 501 and they are listed here. Now, similarly, finally if I go and check on the customer side on the router file, I should be able to see this customer route coming here similar way fire routes should be coming on the router six and finally they should be able to access each other. So let’s go to router. And if you show IP OSPF as a normal route, I can see 6666 is coming. And if I try to ping or access six six six there is a site to route try to ping between with the source IP of five five five you can see I’m able to ping. So if I do trace almost, you’ll see look back zero or five five I can see it’s going to router one and from the router one it is label switched four four one and then going to router 310-6363, that is router three. It reaches as a label packet and then finally reaches the router bye.

Leave a Reply

How It Works

img
Step 1. Choose Exam
on ExamLabs
Download IT Exams Questions & Answers
img
Step 2. Open Exam with
Avanset Exam Simulator
Press here to download VCE Exam Simulator that simulates real exam environment
img
Step 3. Study
& Pass
IT Exams Anywhere, Anytime!