lab 2- mpls te - mpls and application lab assignments - thuan
TRANSCRIPT
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
1/27
1
EASTERN INTERNATIONAL UNIVERSITY
SCHOOL OF ENGINEERING
DEPT. OF INFORMATION TECHNOLOGY
MPLS AND APPLICATION
LAB ASSIGNMENTSBy Dinh-Thuan Do, Ph.D.
Lab 2: MPLS VPN and Traffic Engineering
BINH DUONG, 2014
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
2/27
2
CONTENTS
Lab: MPLS VPN and Traffic Engineering ........................................................................... 3
1 Overview ........................................................................................................................ 3
2
Topology ........................................................................................................................ 3
3 Configuration ................................................................................................................. 5
3.1
Router P1 ................................................................................................................ 5
3.2
Router P2 ................................................................................................................ 7
3.3
Router PE1 ............................................................................................................ 10
3.4
Router PE2 ............................................................................................................ 13
3.5
Router PE3 ............................................................................................................ 16
3.6
Router PE4 ............................................................................................................ 20
3.7 Router Cust1-CE1 ................................................................................................. 23
3.8 Router Cust2-CE1 ................................................................................................. 25
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
3/27
3
When we introduce MPLS TE tunnels in MPLS VPN network, the continuous end-to-end
LSP must be preserved even when the traffic flows across the MPLS TE tunnel. There are several
ways to ensure the continuous end-to-end LSP between PE routers.
Learning Objectives:
Review of configuration of VPN, VRF.
Review route redistribution.
Understand and configure MPLS.
Understand and configure TE.
Routers P1, P2, P3 and P4 are in the core, just running OSPF in area 0. Each router has Loopback0 with address 10.0.1.x (where x is the router number P1 = 10.0.1.1).
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
4/27
4
Provider-edge routers PE1, PE2, PE3 and PE4 run OSPF in area 0 too; they have Loopback 0
with address 10.0.2.x.Each PE routers has iBGP with P3, that is the route-reflector for AS 100.
All P and PE routers run LDP and are enabled for MPLS traffic-engineering.
Both Customer1 and Customer2 have 3 sites: 1 HQ and 2 branch offices. HQs have a /25subnet, branch offices a /26.
Customer1 needs a full-mesh logical topology, with each site connecting directly to others sites.
Customer2 needs a hub-and-spoke topology, where each branch office sends traffic through theHQ to reach the other site.
Some clouds connected to Virtual PC Simulator are used to replace CE routers in order tolower system resources needed to run the topology. The VPCS config file is in the package
(startup.vpc); you can find VPCS here:
A MPLS Traffic Engineering (TE) tunnel is configured (but administratively down)between PE1 and PE3; it has an explicit path through P1 and P2.
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
5/27
5
VPN:
VRF:
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
6/27
6
no service password-encryption
!
hostname P1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!mpls label protocol ldp
mpls traffic-eng tunnels
!
interface Loopback0
ip address 10.0.1.1 255.255.255.255
!
interface Ethernet0/0
ip address 10.0.0.2 255.255.255.254
half-duplex
mpls ipmpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/1
ip address 10.0.0.1 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/2
ip address 10.0.0.9 255.255.255.254
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
7/27
7
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/3
ip address 10.0.0.12 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none!
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 10.0.1.1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
ip http server
no ip http secure-server!
mpls ldp router-id Loopback0 force
!
control-plane
!
line con 0
exec-timeout 35791 0
line aux 0
line vty 0 4
login
!
!
End
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
8/27
8
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname P2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!ip cef
!
!
mpls label protocol ldp
mpls traffic-eng tunnels
!
interface Loopback0
ip address 10.0.1.2 255.255.255.255
!
interface Ethernet0/0ip address 10.0.0.4 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/1
ip address 10.0.0.3 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
9/27
9
!
interface Ethernet0/2
ip address 10.0.0.15 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/3
ip address 10.0.0.17 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 10.0.1.2
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0!
ip http server
no ip http secure-server
!
mpls ldp router-id Loopback0 force
!
control-plane
!
line con 0
exec-timeout 35791 0
line aux 0
line vty 0 4
login
!
!
End
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
10/27
10
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5!
!
ip cef
no ip domain lookup
!
!
ip vrf Cust1
rd 100:1
route-target export 100:1
route-target import 100:1!
ip vrf Cust2
rd 200:10
route-target export 200:0
route-target import 200:1
route-target import 200:2
!
mpls label protocol ldp
mpls traffic-eng tunnels
!
!
interface Loopback0
ip address 10.0.2.1 255.255.255.255
!
interface Tunnel1
ip unnumbered Loopback0
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
11/27
11
shutdown
tunnel destination 10.0.2.3
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 500
tunnel mpls traffic-eng path-option 1 explicit identifier 1
no routing dynamic
!
interface Ethernet0/0
ip address 10.0.0.8 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnelsip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/1
ip address 10.0.0.10 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000ip rsvp resource-provider none
!
interface Ethernet0/2
ip vrf forwarding Cust2
ip address 172.16.0.0 255.255.255.254
half-duplex
!
interface Ethernet0/3
ip vrf forwarding Cust1
ip address 192.168.1.129 255.255.255.192
half-duplex
!
router eigrp 100
no auto-summary
!
address-family ipv4 vrf Cust2
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
12/27
12
redistribute bgp 100 metric 10000 20 255 1 1500
network 172.16.0.0 0.0.0.255
network 192.168.2.0
no auto-summary
autonomous-system 200
exit-address-family
!
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 10.0.2.1
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 100no synchronization
bgp log-neighbor-changes
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.1.3 activate
neighbor 10.0.1.3 send-community both
exit-address-family!
address-family ipv4 vrf Cust2
redistribute eigrp 200 metric 10 route-map NoPTP
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 activate
default-information originate
no synchronization
exit-address-family
!
address-family ipv4 vrf Cust1
redistribute connected
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 activate
maximum-paths eibgp 2 import 2
no synchronization
exit-address-family
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
13/27
13
!
ip http server
no ip http secure-server
!
!
!
ip explicit-path identifier 1 enable
next-address 10.0.1.1
next-address 10.0.1.2
next-address 10.0.2.3
!
!
ip access-list standard NoPTP_ACL
deny 172.16.0.0 0.0.0.255
permit any!
route-map NoPTP permit 10
match ip address NoPTP_ACL
!
!
!
control-plane
!
line con 0
exec-timeout 35791 0line aux 0
line vty 0 4
login
!
!
end
version 12.4service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE2
!
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
14/27
14
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
ip vrf Cust1
rd 100:10
route-target export 100:1route-target import 100:1
!
ip vrf Cust2
rd 200:1
route-target export 200:1
route-target import 200:0
!
mpls label protocol ldp
mpls traffic-eng tunnels
!interface Loopback0
ip address 10.0.2.2 255.255.255.255
!
interface Ethernet0/0
ip address 10.0.0.13 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/1
ip address 10.0.0.14 255.255.255.254
half-duplex
mpls ip
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
15/27
15
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/2
ip vrf forwarding Cust2
ip address 192.168.2.129 255.255.255.192
half-duplex
!
interface Ethernet0/3
ip vrf forwarding Cust1
ip address 172.16.1.0 255.255.255.254
half-duplex
!router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 10.0.2.2
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 100
no synchronization
bgp log-neighbor-changesneighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.1.3 activate
neighbor 10.0.1.3 send-community both
exit-address-family
!
address-family ipv4 vrf Cust2
redistribute connected
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 activate
maximum-paths eibgp 2 import 2
no synchronization
exit-address-family
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
16/27
16
!
address-family ipv4 vrf Cust1
redistribute connected
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 activate
neighbor 172.16.1.1 remote-as 111
neighbor 172.16.1.1 activate
neighbor 172.16.1.1 route-map Cust1-SOO in
maximum-paths eibgp 2 import 2
no synchronization
exit-address-family
!
ip http server
no ip http secure-server
!!
!
!
route-map Cust1-SOO permit 10
set extcommunity soo 100:1
!
!
!
control-plane
!line con 0
exec-timeout 35791 0
line aux 0
line vty 0 4
login
!
!
End
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
17/27
17
hostname PE3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
ip vrf Cust1rd 100:20
route-target export 100:1
route-target import 100:1
!
ip vrf Cust2
rd 200:2
route-target export 200:2
route-target import 200:0
!
mpls label protocol ldpmpls traffic-eng tunnels
!
interface Loopback0
ip address 10.0.2.3 255.255.255.255
!
interface Tunnel1
ip unnumbered Loopback0
shutdown
tunnel destination 10.0.2.1
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 7 7
tunnel mpls traffic-eng bandwidth 600
tunnel mpls traffic-eng path-option 1 explicit identifier 1
no routing dynamic
!
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
18/27
18
interface Ethernet0/0
ip address 10.0.0.16 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnels
ip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/1
ip address 10.0.0.18 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
mpls traffic-eng tunnelsip rsvp bandwidth 5000
ip rsvp resource-provider none
!
interface Ethernet0/2
ip vrf forwarding Cust1
ip address 192.168.1.193 255.255.255.192
half-duplex
!
interface Ethernet0/3
ip vrf forwarding Cust2ip address 192.168.2.193 255.255.255.192
half-duplex
!
interface Ethernet1/0
ip vrf forwarding Cust1
ip address 172.16.1.3 255.255.255.254
half-duplex
!
interface Ethernet1/1
no ip address
shutdown
half-duplex
!
interface Ethernet1/2
no ip address
shutdown
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
19/27
19
half-duplex
!
interface Ethernet1/3
no ip address
shutdown
half-duplex
!
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 10.0.2.3
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 100no synchronization
bgp log-neighbor-changes
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.1.3 activate
neighbor 10.0.1.3 send-community both
exit-address-family!
address-family ipv4 vrf Cust2
redistribute connected
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 activate
maximum-paths eibgp 2 import 2
no synchronization
exit-address-family
!
address-family ipv4 vrf Cust1
redistribute connected
neighbor 10.0.1.3 remote-as 100
neighbor 10.0.1.3 activate
neighbor 172.16.1.2 remote-as 111
neighbor 172.16.1.2 activate
neighbor 172.16.1.2 route-map Cust1-SOO in
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
20/27
20
maximum-paths eibgp 2 import 2
no synchronization
exit-address-family
!
ip http server
no ip http secure-server
!
!
!
ip explicit-path identifier 1 enable
next-address 10.0.1.3
next-address 10.0.1.4
next-address 10.0.2.1
!
!route-map Cust1-SOO permit 10
set extcommunity soo 100:1
!
!
!
control-plane
!
line con 0
exec-timeout 35791 0
line aux 0line vty 0 4
login
!
!
End
version 12.4
service timestamps debug datetime msecservice timestamps log datetime msec
no service password-encryption
!
hostname PE4
!
boot-start-marker
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
21/27
21
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
no ip domain lookup
!
!
ip vrf Cust2
rd 200:20
route-target export 200:0
route-target import 200:1route-target import 200:2
!
mpls label protocol ldp
mpls traffic-eng tunnels
!
interface Loopback0
ip address 10.0.2.4 255.255.255.255
!
interface Ethernet0/0
ip address 10.0.0.22 255.255.255.254half-duplex
mpls ip
mpls mtu 1600
!
interface Ethernet0/1
ip address 10.0.0.20 255.255.255.254
half-duplex
mpls ip
mpls mtu 1600
!
interface Ethernet0/2
ip vrf forwarding Cust2
ip address 172.16.0.3 255.255.255.254
half-duplex
!
interface Ethernet0/3
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
22/27
22
no ip address
shutdown
half-duplex
!
router eigrp 100
no auto-summary
!
address-family ipv4 vrf Cust2
redistribute bgp 100 metric 10000 20 255 1 1500
network 172.16.0.0 0.0.0.255
network 192.168.2.0
no auto-summary
autonomous-system 200
exit-address-family
!router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 10.0.2.4
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
!
router bgp 100
bgp log-neighbor-changes
neighbor 10.0.1.3 remote-as 100neighbor 10.0.1.3 update-source Loopback0
!
address-family ipv4
neighbor 10.0.1.3 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 10.0.1.3 activate
neighbor 10.0.1.3 send-community both
exit-address-family
!
address-family ipv4 vrf Cust2
redistribute eigrp 200 metric 10 route-map NoPTP
default-information originate
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
23/27
23
no synchronization
exit-address-family
!
ip http server
no ip http secure-server
!
!
!
!
ip access-list standard NoPTP_ACL
deny 172.16.0.0 0.0.0.255
permit any
!
route-map NoPTP permit 10
match ip address NoPTP_ACL!
!
!
control-plane
!
line con 0
exec-timeout 35791 0
line aux 0
line vty 0 4
login!
!
end
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption!
hostname Cust1-CE1
!
boot-start-marker
boot-end-marker
!
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
24/27
24
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
interface Loopback0
ip address 192.168.1.1 255.255.255.128
!
interface Loopback1
description Internet
ip address 1.2.3.4 255.255.255.255
!
interface Ethernet0/0ip address 172.16.1.1 255.255.255.254
half-duplex
!
interface Ethernet0/1
ip address 172.16.1.2 255.255.255.254
half-duplex
!
interface Ethernet0/2
no ip address
shutdownhalf-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
router bgp 111
no synchronization
bgp log-neighbor-changes
network 0.0.0.0
network 192.168.1.0 mask 255.255.255.128
neighbor 172.16.1.0 remote-as 100
neighbor 172.16.1.3 remote-as 100
maximum-paths 2
no auto-summary
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
25/27
25
!
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 Null0
control-plane
!
line con 0
exec-timeout 35791 0
line aux 0
line vty 0 4
login
!
!
End
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname Cust2-CE1
!
boot-start-markerboot-end-marker
!
!
no aaa new-model
memory-size iomem 5
!
!
ip cef
!
!interface Loopback0
ip address 192.168.2.1 255.255.255.128
!
interface Loopback1
description Internet
ip address 1.2.3.4 255.255.255.255
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
26/27
26
!
interface Ethernet0/0
ip address 172.16.0.1 255.255.255.254
half-duplex
!
interface Ethernet0/1
ip address 172.16.0.2 255.255.255.254
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3no ip address
shutdown
half-duplex
!
router eigrp 200
network 172.16.0.0 0.0.0.255
network 192.168.2.0 0.0.0.127
network 0.0.0.0
distribute-list prefix LocalOnly out
no auto-summary!
ip http server
no ip http secure-server
ip route 0.0.0.0 0.0.0.0 Null0
!
!
!
!
ip prefix-list LocalOnly seq 5 permit 192.168.2.0/25
ip prefix-list LocalOnly seq 10 permit 172.16.0.0/31
ip prefix-list LocalOnly seq 15 permit 172.16.0.2/31
ip prefix-list LocalOnly seq 100 permit 0.0.0.0/0
!
!
!
control-plane
-
8/10/2019 Lab 2- Mpls Te - Mpls and Application Lab Assignments - Thuan
27/27
!
line con 0
exec-timeout 35791 0
line aux 0
line vty 0 4
login
!
!
end