mpls nsn training day 2 vpn pa

MPLS – VPN Configuration

Mitrabh Shukla

National IP Manager

2 © Nokia Siemens Networks MPLS / Mitrabh Shukla

For internal use

Objectives

Upon completion of this chapter you will be able to:

Describe MPLS VPN mechanisms

Use the command line interface to configure a VPN

Verify VPN functionality


For internal use

Agenda

What is a VPN?

How Do MPLS VPNs Work?

What Are Some Scaling Techniques?

How Do I Configure MPLS VPNs?


For internal use

Provider

Backbone

VPN C

VPN CVPN B

VPN B

VPN A

VPN A

What is a MPLS VPN?


For internal use

AS100

Site2Site2

AS200

MPLS-VPN Terminology

VPN A

VPN A

VPN B

Provider Network

Customer Network

CE router

Site

PE router

P router Border Router

VPN-Aware network

Site1

Site1


For internal use

Agenda

What is a VPN?

How do MPLS VPNs Work?

• Control Plane

• Forwarding Plane

What Are Some MPLS VPN Scaling Techniques?



For internal use

What Makes MPLS VPNs Work?

P P

PP

PE

PECE

CE

CE

CE

PE

PE

CE

CE

CE MP-iBGP sessionsVPN A

11.5.0.0

VPN A

10.1.0.0

VPN B

10.3.0.0

VPN B

10.2.0.0

VPN B

10.1.0.0

VPN A

11.6.0.0

VPN A

10.2.0.0

• Five keys to MPLS VPNs functionality:

• 1. MPLS Forwarding

• 2. Separation of VPN Routes (VPN Routing and Forwarding Instances (VRF))

• 3. VPN Membership Selection (Route Target)

• 4. IP Address Overlap (Route Distinguisher)

• 5. VPN Route Distribution (MP-BGP for VPN-ipv4)


For internal use

PE1 PE2P1 P2

1. MPLS Forwarding

Global routing table entries to reach

PE1 -> next-hop: P2, label: 25

P1 -> next-hop: P2, label: 35

P2 -> next-hop: interface, label: pop

Global routing table entries to reach

PE2 -> next-hop: P1, label: 50

P2 -> next-hop: P1, label: 65

P1 -> next-hop: interface, label: pop

MPLS VPN Requirement

PE to PE Label Switched Path (LSP)

VRF

VRFVRF

VRF

PE1’s perspective PE2’s perspective


For internal use

Site-1

Green

Site-1

Yellow

2. How Are VPN Routes Kept Separate?

PECE

CE

VPN Backbone IGP

(OSPF, IS-IS)

Global Routing TableVRF (VPN Routing and Forwarding)

Assigned a symbolic name

ip vrf green

VPN Routing and Forwarding Instances (VRF) provides the separation

VRF=Routing Table for VPN


For internal use

MPLS VPN Routing Requirements

Customer routers (CE-routers) have to run standard IP routing software

Provider core routers (P-routers) have no VPN routes

Provider edge routers (PE-routers) have to support MPLS VPN and Internet routing


For internal use

MPLS VPN Routing (CE- Router Perspective)

Customer routers run standard IP routing software and exchange routing updates with the PE-router

• EBGP, OSPF, RIPv2 , EIGRP or static routes are supported

PE-router appears as another router in the customer’s network

CE - Router

CE - Router

PE Router

MPLS VPN Backbone


For internal use

MPLS VPN RoutingPE-Router Perspective

PE-routers:

• Exchange VPN routes with CE-routers via per-VPN routing protocols

• Exchange core routes with P-routers and PE-routers via core IGP

• Exchange VPNv4 routes with other PE-routers via multi- protocol IBGP sessions


For internal use

MPLS VPN Support forInternet Routing

PE-routers can run standard IPv4 BGP in the global routing table

• Exchange Internet routes with other PE routers

• CE-routers do not participate in Internet routing

• P-routers do not need to participate in Internet routing


For internal use

MPLS VPN End-to-EndRouting Information Flow (1/3)

PE-routers receive IPv4 routing updates from CE-routers and install them in the appropriate Virtual Routing and Forwarding (VRF) table


For internal use

MPLS VPN End-to-EndRouting Information Flow (2/3)

PE-routers export VPN routes from VRF into MP-IBGP and propagate them as VPNv4 routes to other PE-routers

IBGP full mesh is needed between PE-routers


For internal use

VRF CE Routing

PE

EBGP, RIP, OSPF, Static

Site-1

Green

Site-1

YellowCE

CE

VPN Backbone IGP

(OSPF, IS-IS)

CE to PE Routing

1 Interface attached to VRF

PE

Site-2

Green

Site-1

Green CE

CE

VPN Backbone IGP

(OSPF, IS-IS)

Sharing

Multiple interfaces attached to VRF

(Can NOT have multiple VRFs connected to 1 interface)

and Sharing

Animated

Same VPN


For internal use

17

StaticBGP RIPPE to CE Routing

Processes

Routing

Contexts

VRF Routing

Tables

VRF Forwarding

Tables

VRF and Multiple Routing Instances

Routing processes support routing contexts(sub-processes within main process)

Populate specific VPN routing table and FIBs (VRF)

separate OSPF process for each VRF

EIGRP OSPF OSPF


For internal use

VPN B VPN CVPN A

What are MPLS VPN Extranets?

Belonging to more than one VRF

NOTE: A VRF is NOT a VPN

• Terms sometime used interchangably but the are NOT the same

• VRF is the routing table

• VPN is collection of sites that can access that table

Site2

Site4

Site3

Site1 Site5


For internal use

3. How is VPN Membership Determined?

VPN membership is based on filtering routes to be installed in VRF

• Route Target import/export filtering

Route Target (RT) is a BGP Extended Community

• Used to constrain distribution of routing information

• Identifier for VRFs that may receive set of routes tagged with given RT (route filtering)

Based on RFC 2547


For internal use

20

What is a Route Target?

Route Target (RT) is a BGP Extended Community

• Used to constrain distribution of routing information

• Identifier for VRFs that may receive set of routes tagged with given RT (route filtering)


For internal use

What is a Route Distinguisher?

Route Distinguisher:

• converts non-unique IP addresses into unique VPN-IPv4 addresses

• Not used for constrained distribution of routing information (route filtering)

VPN-IPv4 addresses

• Must be globally unique

• Route Distinguisher (RD) + IP address

– RDs are assigned by a service provider


For internal use

4. How Can MPLS VPN Addresses Overlap?

Route Distinguisher provides the separation

Same Addresses

P P

PP

PE

PECE

CE

CE

PE

PE

CE

CE

VPN A

10.1.0.0

VPN B

10.3.0.0

CEVPN A

11.5.0.0

VPN B

10.2.0.0

VPN B

10.1.0.0

VPN A

11.6.0.0

CEVPN A

10.2.0.0


For internal use

What is a Route Distinguisher?

Route Distinguisher:

• converts non-unique IP addresses into unique VPN-IPv4 addresses (overlapping Private address)

• Not used for constrained distribution of routing information (route filtering)

VPN-IPv4 addressesRoute Distinguisher (RD) 64Bits + IP address = 96 Bits

– RDs are assigned by a service provider

– RDs should be globally unique


For internal use

MP-iBGP (PE to PE)

to carry VPN-IPv4 Information

PE1 PE2

P1 P2

Why MP-iBGP?

• BGP supports large numbers of routes

• BGP is multi-protocol and scales

• BGP does not require directly connected peers

• BGP optional, transitive attributes

VPN yellow

Site-2CE2

VPN yellow

Site-1CE1

5. How are VPN Routes Distributed?


For internal use

PE1 PE2

P1 P2

What is in an MP-BGP VPNv4 Update?

MP-iBGP (PE to PE)

to carry VPN-IPv4 Information

VPN-IPv4 update:

RD1:Net1, Next-hop=PE1

SOO=Site1, RT=Yellow, Label=10

VPN-IPv4 update:

RD2:Net1, Next-hop=PE1

SOO=Site1, RT=Green, Label=12


For internal use

What is in an MP-BGP Update?

VPN-IPV4 address (96 bits)

• Route Distinguisher (RD) (64 bits)

• IPv4 address (32bits)

Extended Community

• Route target (RT) - required

• Site of Origin (SOO) - optional– (prevents routing loops in multihomed CE topologies)

Any other standard BGP attribute (Ex. VPN Labels)

A second label in the label stack


For internal use

PE1 PE2

P1 P2

Why MP-iBGP?

BGP supports large numbers of routes

BGP is multi-protocol and scales

BGP does not require directly connected peers

BGP has optional, transitive attributes

MP-iBGP session

VPN yellow

Site-2CE2

VPN yellow

Site-1 CE1


For internal use

VPN-B VRFImport routes with

route-target 1:1

VPN BVPN B

152.12.4.0/24

How Does the MPLS VPN Control Plane Work?

BGP, OSPF, RIP152.12.4.0/24,

NH=CE1

VPN-v4 update:RD:1:27:152.12.4.0/24

NH=PE1, RT=1:1,VPN Label=(29)

CE1

PE1 P1

CE2

PE2P2

BGP, OSPF, RIP152.12.4.0/24,

NH=PE2

LDP Update:Next hop=PE1

Label=(imp-null)

LDP Update:Next hop=P1Label=(41)

LDP Update:Next hop=P2Label=(32)

Animated

MPLS LSP Foundation


For internal use

VPN BVPN B

152.12.4.0/24

How Does the MPLS VPNForwarding Plane Work?

CE1

P1

CE2

PE2P2

152.12.4.6

29 152.12.4.641

152.12.4.6

Packet Forwarding Based on Stack of Labels

29 152.12.4.6

Penultimate Hop PoP

(removal of LSP Label)

Animated

VRF lookupfor 152.12.4.6

NH=PE1VPN Label=(29)

PE1

LFIB lookup for label 29= vrf VPN B

29 152.12.4.6

VPN Label

32

LSP/MPLS Label

MPLS forwarding table (LFIB)lookup for NH=PE1

VRF lookupfor 152.12.4.6

NH=CE1

Label Swap

?????


For internal use

Agenda

What is a VPN?





For internal use

Scaling MPLS-VPN

Use of Route Reflectors highly recommended

Route Reflectors may be partitioned

• Each RR store routes for a set of VPNs

• Thus, no BGP router needs to store ALL VPN information

PEs will peer to RRs according to the VPNs they directly connect

GreenRoute Reflectors

Yellow

Green

YellowGreen

Green

Yellow

Yellow

Yellow


For internal use

MPLS-VPN ScalingBGP Automatic Route Filtering (ARF)

Each VRF has an import and export policy configured

Policies use route-target attribute (extended community)

PE receives MP-iBGP updates for VPN-IPv4 routes

If route-target is equal to any of the import values configured in the PE, the update is accepted

Otherwise, it is silently discarded

PE

MP-iBGP sessions

Import RT=yellow

Import RT=green VPN-IPv4 update:RD:Net1, Next-hop=PE-X

SOO=Site1, RT=Red, Label=XYZ

VPN-IPv4 update:RD:Net1, Next-hop=PE-X

SOO=Site1, RT=Green, Label=XYZVRFs for VPNs

yellowgreen


For internal use

MPLS-VPN ScalingRoute Refresh

Policy may change in the PE if VRF modifications are done

• New VRFs, removal of VRFsHowever, the PE may not have stored routing information which become useful after a change

PE request a re-transmission of updates to neighbors

• Route-Refresh

PE

Import RT=yellow

Import RT=green

Import RT=red

1. PE doesn’t have red routes (previously filtered out)

2. PE issues a Route-Refresh to all neighbors in order to ask for

re-transmit

3. Neighbors re-send updates and “red” route-target is now accepted


SOO=Site1, RT=Green, Label=XYZ


SOO=Site1, RT=Red, Label=XYZ

34 © Nokia Siemens Networks MPLS / António Santos / 04-06-2009

For internal use

MPLS VPN Packet Forwarding


For internal use

VPN Packet Forwarding AcrossMPLS VPN Backbone

How will PE routers forward VPN packets across MPLS VPN backbone?

Just forward pure IP packets???

• P-routers do not have VPN routes, packet is dropped on IP lookup.

How about using MPLS for packet propagation across backbone?


For internal use


Label VPN packets with LDP label for egress PE-router, forward labeled packets across MPLS backbone??

• P-routers perform label switching, packet reaches egress PE-router.

• However, egress PE-router does not know which VRF to use for packet lookup—packet is dropped.

How about using a label stack?


For internal use


Label VPN packets with a label stack.

• Use LDP label for egress PE-router as the top label

• VPN label assigned by egress PE-router as the second label in the stack.

P-routers perform label switching, packet reaches egress PE-router.

Egress PE-router performs lookup on the VPN label and forwards the packet toward the CE-router.


For internal use

VPN Packet ForwardingPenultimate Hop Popping

Penultimate hop popping on the LDP label can be performed on the last P-router

Egress PE-router performs only label lookup on VPN label, resulting in faster and simpler label lookup

IP lookup is performed only once—in ingress PE router


For internal use

VPN Label Propagation

How will the ingress PE-router get the second label in the label stack from the egress PE-router?

Labels are propagated in MP-BGP VPNv4 routing updates.


For internal use



For internal use

Impacts of MPLS VPN LabelPropagation

The VPN label has to be assigned by the BGP next-hop

BGP next-hop should not be changed in MP-IBGP update propagation

• Do not use next-hop-self on confederation boundaries

PE-router has to be BGP next-hop

• Use next-hop-self on the PE-router

Label has to be re-originated if the next-hop is changed

• A new label is assigned every time the MP-BGP update crosses AS-boundary where the next-hop is changed


For internal use

Impacts of MPLS VPN PacketForwarding

VPN label is only understood by egress PE-router

End-to-end Label Switched Path is required between ingress and egress PE-router

BGP next-hops shall not be announced as BGP routes

• LDP labels are not assigned to BGP routes

BGP next-hops announced in IGP shall not be summarized in the core network

• Summarization breaks LSP


For internal use

Agenda

What is a VPN?




1. Configure VRFs

2. associate interfaces with VRFs

3. Configure MP-iBGP routing

4. Configure CE to PE routing

5. Verify VPN operation


For internal use

The extended community string you will RECEIVE and put into your vrf

Configure VRF

Number to uniquely id the prefix valueConvention is ASN:xxxx

The extended community string you will SEND with your routes

Logical name of the VPNuse something that makes sense

route-target import <community>

route-target export <community>

rd <route-distinguisher-value>

ip vrf <vrf-symbolic-name>


For internal use

Configure VRF

Create the VRFs on the

PE Router

PE

VPN blue

CE

VPN red

CE

E1/0

E2/0

PE1(config)#ip vrf red

PE1(config)#ip vrf blue

vrf symbolic name

Case sensitive


For internal use

Configure RD


PE Router

PE

VPN blue

CE

VPN red

CE

E1/0

E2/0


PE1(config-vrf)#rd 100:10



ASN:variableor

IP:variable


For internal use



PE1(config-vrf)#route-target import 100:1

PE1(config-vrf)#route-target export 100:1





Configure Route Target


PE Router

PE

VPN blue

CE

VPN red

CE

E1/0

E2/0

<both> shortcut if import and export are the same

RD to RT matching just makes it easy


For internal use


PE1(config-vrf)#description VPN for CE1




PE1(config-vrf)#maximum routes 2000 warning-only

VRF Options


PE Router

PE

VPN blue

CE

VPN red

CE

E1/0

E2/0

Online documentation

Protect your network and PE from saturation (scaling factor)


For internal use

Associate PE interfaces to VRFs

Configure interfaces to

belong to the VRF

PE1(config)#interface ethernet 2/0

PE1(config-if)#ip vrf forwarding blue

PE1(config-if)#ip address 172.11.2.2 255.255.255.252


PE1(config-if)#ip vrf forwarding red


PE

VPN blue

CE

VPN red

CE

E1/0

E2/0

match vrf symbolic name


For internal use

Common VRF Configuration Gotcha


PE1(config-if)#ip vrf forwarding red

% Interface Ethernet1/0 IP address 10.131.31.245 removed due to

enabling VRF red


Configuring an interface to the VRF: IP

address must be removed from global

routing table

Also,

can only assign 1 VRF to an interface


For internal use

Configure MP-BGP Peering between PEs

PE2

PE2

VPN BackboneIGP

PE1

PE1MP-BGP

standard BGP configuration entries apply

activate neighbor to advertise routes

send extended community to id the VRF (default entry)

Router config for VPNv4 prefixes

PE1(config)#router bgp 100

PE1(config-router)#neighbor 10.131.63.252 remote-as 100

PE1(config-router)#neighbor 10.131.63.252 desc MP-BGP to PE2

PE1(config-router)#neighbor 10.131.63.252 update-source Loopback0

PE1(config-router)#address-family vpnv4

PE1(config-router-af)#neighbor 10.131.63.252 activate

PE1(config-router-af)#neighbor 10.131.63.252 send-community extended

PE1(config-router-af)#exit-address-family


For internal use

Configure VRF Routing Contexts

PE2

PE2

VPN BackboneIGP

PE1

PE1MP-BGP

PE1(config-router)#address-family ipv4 vrf red

PE1(config-router-af)#no auto-summary

PE1(config-router-af)#no synchronization


PE1(config-router)#address-family ipv4 vrf blue

PE1(config-router-af)#no auto-summary

PE1(config-router-af)#no synchronization



For internal use

The VRF is now operational

The previous configuration creates the VRF and associated CEF and routing table

VRF Implementation Considerations

• Many commands are now VRF context sensitive

VPN Routes are not yet present

The RD and import and export policies (RT) will be used to fill the VRF routing table with routes learned by the PE via MP-BGP


For internal use

Example VRF Configuration

PE-A(config)#ip vrf VPN1

PE-A(config-vrf)#rd 100:1

PE-A(config-vrf)#route-target export 100:10

PE-A(config-vrf)#route-target import 100:10

PE-A(config)#ip vrf VPN2

PE-A(config-vrf)#rd 100:2

PE-A(config-vrf)#route-target export 100:20

PE-A(config-vrf)#route-target import 100:20

P-A lo0 200.200.0.1

MPLS Core

BGP AS100

OSPF Area 0

VPN1 RD 100:1

VPN2 RD 100:2PE-A lo0 200.200.0.11

s0 172.16.2.1/30s0/0 172.16.2.1/30

PE-B lo0 200.200.0.12

P-B lo0 200.200.0.2

s0/0 172.17.2.1/30

s1/0 172.17.2.2/30 s1/1 172.17.2.2/30

s0 172.17.2.1/30

VPN2

Site B

CE-2B

lo0 172.17.1.1/24

VPN1

Site B

CE-1B

lo0 172.17.1.1/24

s1/1 172.16.2.2/30s1/0 172.16.2.2/30

VPN2

Site A

CE-2A

lo0 172.16.1.1/24

VPN1

Site A

CE-1A

lo0 172.16.1.1/24


For internal use

Associate VRFs to Interfaces

For each interface participating in the VPN

interface Serial1/0

ip vrf forwarding VPN1

ip address 172.16.2.2 255.255.255.252

match vrf-symbolic-name


For internal use

Example VRF Interface Configuration

PE-A(config)#interface Serial1/0

PE-A(config-if)#ip vrf forwarding VPN1

PE-A(config-if)#ip address 172.16.2.2 255.255.255.252

PE-A(config)#interface Serial1/1

PE-A(config-if)#ip vrf forwarding VPN2

PE-A(config-if)#ip address 172.16.2.2 255.255.255.252

P-A lo0 200.200.0.1

MPLS Core

BGP AS100

OSPF Area 0

VPN1 RD 100:1

VPN2 RD 100:2PE-A lo0 200.200.0.11

s0 172.16.2.1/30s0/0 172.16.2.1/30

PE-B lo0 200.200.0.12

P-B lo0 200.200.0.2

s0/0 172.17.2.1/30

s1/0 172.17.2.2/30 s1/1 172.17.2.2/30

s0 172.17.2.1/30

VPN2

Site B

CE-2B

lo0 172.17.1.1/24

VPN1

Site B

CE-1B

lo0 172.17.1.1/24

s1/1 172.16.2.2/30s1/0 172.16.2.2/30

VPN2

Site A

CE-2A

lo0 172.16.1.1/24

VPN1

Site A

CE-1A

lo0 172.16.1.1/24 S1/0


For internal use

router bgp 100

address-family ipv4 vrf VPN1

no auto-summary

no synchronization

exit-address-family

address-family vpnv4

neighbor 200.200.0.12 activate

neighbor 200.200.0.12 send-community extended

neighbor 200.200.0.13 activate

neighbor 200.200.0.13 send-community extended

exit-address-family

Configure MP-BGP

AS number

Router config for standard IP Version 4 address prefixes

Router config for standard VPN Version 4 address prefixes

Advertise Routes extended community string to id the VRF


For internal use

Example MP-BGP Configuration

MPLS Core

BGP AS100

OSPF Area 0

VPN1 RD 100:1

VPN2 RD 100:2

P-A lo0 200.200.0.1

PE-A lo0 200.200.0.11

s0 172.16.2.1/30s0/0 172.16.2.1/30

PE-B lo0 200.200.0.12

P-B lo0 200.200.0.2

s0/0 172.17.2.1/30

s1/0 172.17.2.2/30 s1/1 172.17.2.2/30

s0 172.17.2.1/30

VPN2

Site B

CE-2B

lo0 172.17.1.1/24

VPN1

Site B

CE-1B

lo0 172.17.1.1/24

s1/1 172.16.2.2/30s1/0 172.16.2.2/30

VPN2

Site A

CE-2A

lo0 172.16.1.1/24

VPN1

Site A

CE-1A

lo0 172.16.1.1/24

PE-A(config)#router bgp 100

PE-A(config-router)#no synchronization

PE-A(config-router)#no bgp default ipv4-unicast

PE-A(config-router)#bgp log-neighbor-changes

PE-A(config-router)#neighbor 200.200.0.12 remote-as 100

PE-A(config-router)#neighbor 200.200.0.12 update-source Loopback0

PE-A(config-router)#no auto-summary

PE-A(config-router)#address-family ipv4 vrf VPN1

PE-A(config-router-af)#no auto-summary

PE-A(config-router-af)#no synchronization

PE-A(config-router-af)#exit-address-family


PE-A(config-router-af)#no auto-summary

PE-A(config-router-af)#no synchronization


PE-A(config-router)#address-family vpnv4

PE-A(config-router-af)#neighbor 200.200.0.12 activate

PE-A(config-router-af)#neighbor 200.200.0.12 send-community extended



For internal use

Configure Route Advertisements

CE configip route 0.0.0.0 0.0.0.0 172.16.2.2

PE configip route vrf VPN1 172.16.1.0 255.255.255.0 172.16.2.1

ip route vrf VPN2 172.16.1.0 255.255.255.0 172.16.2.1

router bgp 100

address-family ipv4 vrf VPN1

network 172.16.1.0 mask 255.255.255.0

network 172.16.2.0 mask 255.255.255.252

exit-address-family

Define static routes at CE and PE

Define BGP routes at PE


For internal use

Example Routing Configuration

P-A lo0 200.200.0.1

MPLS Core

BGP AS100

OSPF Area 0

VPN1 RD 100:1

VPN2 RD 100:2PE-A lo0 200.200.0.11

s0 172.16.2.1/30s0/0 172.16.2.1/30

PE-B lo0 200.200.0.12

P-B lo0 200.200.0.2

s0/0 172.17.2.1/30

s1/0 172.17.2.2/30 s1/1 172.17.2.2/30

s0 172.17.2.1/30

VPN2

Site B

CE-2B

lo0 172.17.1.1/24

VPN1

Site B

CE-1B

lo0 172.17.1.1/24

s1/1 172.16.2.2/30s1/0 172.16.2.2/30

VPN2

Site A

CE-2A

lo0 172.16.1.1/24

VPN1

Site A

CE-1A

lo0 172.16.1.1/24

PE-A(config)#ip route vrf VPN1 172.16.1.0 255.255.255.0 172.16.2.1

PE-A(config)#ip route vrf VPN2 172.16.1.0 255.255.255.0 172.16.2.1

PE-A(config)#router bgp 100


PE-A(config-router-af)#network 172.16.1.0 mask 255.255.255.0







CE-1A(config)#ip route 0.0.0.0 0.0.0.0 172.16.2.2


For internal use

MPLS VPN Verification Steps

Verify the VRFs • show ip vrf [{detail|interfaces}]

Verify routing Information • show ip route vrf [detail] [vrf-name] [interfaces]

• show ip bgp neighbors

• show ip bgp vpnv4 all

• show ip bgp vpnv4 vrf VRF-name

• show ip bgp vpnv4 vrf VRF-name [ip-address]

Verify Labels • show ip bgp vpnv4 all [labels/tags]

• show ip cef vrf [detail]


For internal use

Ping, Traceroute, Telnet Caveats

Ping and Traceroute in MPLS VPN network only succeed if end-to-end path is successful

Good verification if successful but NOT for troubleshooting

Ping/Traceroute Command Syntax• traceroute VRF [vrf-name] ip-address

• ping VRF [vrf-name] ip-address

Telnet Command Syntax • telnet ip-address /vrf [vrf-name]


For internal use

Chapter Summary

You should now be able to:

Describe MPLS VPN mechanisms

Use the command line interface to configure a VPN

Verify VPN functionality

mpls nsn training day 2 vpn pa

Documents

mpls vpn mechanismsuse

vpn b10

vpn a10

mpls vpn scaling techniques

exchange vpn routes

mpls vpns work

popmpls vpn requirementpe

mpls vpns functionality