Implementing Layer 3 VPN using L3 Tunneling
Do the following to implement L3 VPN using L3 tunneling in your network:
- Configure the VRF for the L3 VPN
- Optionally, configure MPLS label mode to allocate a unique label for each prefix route (defaults to a single label for the named VRF)
- Configure the route distinguisher for each VRF associated with a L3 VPN
- Configure one or more route targets to identify the L3 VPN routes to import and export for each VRF associated with a L3 VPN
- Optionally, specify a VPN identifier to uniquely identify this VPN to which a packet flow belongs to other network features outside of the VPN
- On the global VRF, configure the routed interfaces:
- A loopback interface with an IPv4 or IPv6 address
- One or more VLAN interfaces
- A L3 tunnel interface to each VPN edge router for each BGP peering session
- In global VRF mode, configure an IGP (OSPF) or static routes allowing all LSRs to be reachable within the tunneled domain
- In global VRF mode, configure a static route with the remote BGP address as the destination so that the remote peer loopback address prefers the tunneled interface as the next-hop and not the VLAN interfaces the tunnel uses.
- In global VRF mode, configure BGP to propagate routes from the VRF routing protocol tables
- Enable the appropriate (IPv4 or IPv6) BGP L3 VPN address family
- Within the appropriate BGP L3 VPN address family, activate BGP neighbors
- In non-L3 VPN global BGP address family configuration mode, redistribute routes to the CE routers