Implementing Layer 3 VPN using Native MPLS Tunneling
Do the following to implement L3 VPN using Native MPLS tunneling in your network:
- Configure the VRF for the L3 VPN
- Optionally, configure MPLS label mode to allocate a unique label for each prefix route (defaults to a single label for the named VRF)
- Configure the route distinguisher for each VRF associated with a L3 VPN
- Configure one or more route targets to identify the L3 VPN routes to import and export for each VRF associated with a L3 VPN
- Optionally, specify a VPN identifier to uniquely identify this VPN to which a packet flow belongs to other network features outside of the VPN
- In global configuration mode on the global VRF, enable MPLS encapsulation for IPv4 or IPv6 routing
- Optionally, exclude MPLS encapsulation on specified next hops
- In global configuration mode on the global VRF, enable LDP as the active label distribution protocol on all MPLS enabled routers
- Optionally, change the LDP advertisement mode for LSRs to specifically request label mappings from downstream next-hop neighbors
- Optionally, filter label allocation to BGP or to host routes only
- Optionally, change the LDP retention mode to retain label mappings only if they will be used to explicitly forward packets to the next-hop
- Optionally, enable LDP graceful restart (graceful restart must also be enabled on all active routing protocols (OSPF, BGP, and IS-IS)
- In global VRF mode, configure the routed interfaces:
- A loopback interface with an IPv4 or IPv6 address
- One or more VLAN interfaces
- Enable MPLS encapsulation on each interface used by the L3 VPN
- Optionally specify next hop addresses to exclude from MPLS encapsulation
- In global VRF mode, configure an IGP (OSPF) or static routes allowing all LSRs to be reachable within the tunneled domain
- In global VRF mode, enable the propagation of TTL from IPv4 and IPv6 headers to the MPLS label for forwarded packets, local packets, or both
- In global VRF mode, configure BGP to propagate routes from the VRF routing protocol tables
- Enable the appropriate (IPv4 or IPv6) BGP L3 VPN address family
- Within the appropriate BGP L3 VPN address family, activate BGP neighbors
- In non-L3 VPN global BGP address family configuration mode, redistribute routes to the CE routers