Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

L3VPN Configuration Example

Here is an example of a Layer 3 VPN. In this example CE1 and CE2 are in different AS. You can put them in the same AS by adding the allowas-in command.

In this example, you should be able to ping CE2 "foo1‘s" IP address from CE1.
Click to expand in new window
Layer 3 Virtual Private Network
GUID-66E4EE4D-F5E7-4DFC-B87F-C8DDDD44974F-low.png
CE1:      
configure snmp sysName "CE1"      
create vlan "lo0"   
enable loopback-mode vlan lo0   
create vlan "vl100"   
configure vlan vl100 tag 100   
enable jumbo-frame ports 1   
configure vlan vl100 add ports 1 tagged
configure vlan Mgmt ipaddress 192.168.56.111 255.255.255.0   
configure vlan lo0 ipaddress 172.16.0.1 255.255.255.255   
configure vlan vl100 ipaddress 10.1.1.1 255.255.255.252   
enable ipforwarding vlan vl100
  
configure bgp AS-number 65100   
configure bgp routerid 172.16.0.1   
create bgp neighbor 10.1.1.2 remote-AS-number 65000   
enable bgp neighbor 10.1.1.2   
enable bgp         

PE1:      
configure snmp sysName "PE1"   
create vr "vpn-a" type vpn-vrf vr "VR-Default" 
configure vr VR-Default delete ports 1 
configure vr vpn-a add ports 1 
create vlan vl100 vr vpn-a tag 100 
configure vl100 add ports 1 tagged      
create vlan "vl101"   
configure vlan vl101 tag 101   
enable jumbo-frame ports 1   
enable jumbo-frame ports 2   
configure vlan vl100 add ports 1 tagged
configure vlan vl101 add ports 2 tagged
configure vlan Mgmt ipaddress 192.168.56.102 255.255.255.0   
configure vlan lo0 ipaddress 172.16.0.2 255.255.255.255   
enable ipforwarding vlan lo0   
configure vlan vl101 ipaddress 10.1.1.5 255.255.255.252   
enable ipforwarding vlan vl101   
configure vlan vl100 ipaddress 10.1.1.2 255.255.255.252   
enable ipforwarding vlan vl100
  
configure vr vpn-a add protocol bgp   
configure vr vpn-a rd 172.16.0.2:100   
configure vr vpn-a route-target both add 65000:100
  
enable iproute mpls-next-hop
  
configure bgp AS-number 65000   
configure bgp routerid 172.16.0.2   
create bgp neighbor 172.16.0.4 remote-AS-number 65000   
configure bgp neighbor 172.16.0.4 source-interface ipaddress 172.16.0.2   
enable bgp neighbor 172.16.0.4   
configure bgp neighbor 172.16.0.4 next-hop-self   
configure bgp neighbor 172.16.0.4 address-family vpnv4 next-hop-self   
enable bgp neighbor 172.16.0.4 capability vpnv4   
enable bgp export vr vpn-a direct address-family vpnv4   
enable bgp export vr vpn-a bgp address-family vpnv4   
enable bgp 

virtual-router vpn-a   
configure bgp AS-number 65000   
configure bgp routerid 172.16.0.2   
create bgp neighbor 10.1.1.1 remote-AS-number 65100   
enable bgp neighbor 10.1.1.1   
disable bgp neighbor 10.1.1.1 capability ipv4-multicast   
enable bgp export remote-vpn address-family ipv4-unicast   
enable bgp   
virtual-router VR-Default
  
configure mpls add vlan "lo0"   
enable mpls vlan "lo0"   
enable mpls ldp vlan "lo0"   
configure mpls add vlan "vl101"   
enable mpls vlan "vl101"   
enable mpls ldp vlan "vl101"   
configure mpls lsr-id 172.16.0.2   
enable mpls protocol ldp   
enable mpls
  
configure ospf routerid 172.16.0.2   
enable ospf   
configure ospf add vlan lo0 area 0.0.0.0 passive   
configure ospf add vlan vl101 area 0.0.0.0 link-type point-to-point      

P1:  
configure snmp sysName "P1"  
 
configure vlan default delete ports 1-2   
create vlan "lo0"   
enable loopback-mode vlan lo0   
create vlan "vl101"   
configure vlan vl101 tag 101   
create vlan "vl102"   
configure vlan vl102 tag 102   
enable jumbo-frame ports 1   
enable jumbo-frame ports 2   
configure vlan vl101 add ports 1 tagged
configure vlan vl102 add ports 2 tagged
configure vlan Mgmt ipaddress 192.168.56.103 255.255.255.0   
configure vlan lo0 ipaddress 172.16.0.3 255.255.255.255   
enable ipforwarding vlan lo0   
configure vlan vl101 ipaddress 10.1.1.6 255.255.255.252   
enable ipforwarding vlan vl101   
configure vlan vl102 ipaddress 10.1.1.9 255.255.255.252   
enable ipforwarding vlan vl102   

enable iproute mpls-next-hop  
  
configure mpls add vlan "lo0"   
enable mpls vlan "lo0"   
enable mpls ldp vlan "lo0"   
configure mpls add vlan "vl101"   
enable mpls vlan "vl101"   
enable mpls ldp vlan "vl101"   
configure mpls add vlan "vl102"   
enable mpls vlan "vl102"   
enable mpls ldp vlan "vl102"   
configure mpls lsr-id 172.16.0.3   
enable mpls protocol ldp   
enable mpls
  
configure ospf routerid 172.16.0.3   
enable ospf   
configure ospf add vlan lo0 area 0.0.0.0 passive   
configure ospf add vlan vl101 area 0.0.0.0 link-type point-to-point    
configure ospf add vlan vl102 area 0.0.0.0 link-type point-to-point  

PE2:  

configure snmp sysName "PE2"  

configure vr vpn-a add ports 2
configure vr VR-Default delete ports 2   
create vr "vpn-a" type vpn-vrf vr "VR-Default"    
configure vlan default delete ports 2   
create vlan "lo0"   
enable loopback-mode vlan lo0   
create vlan "vl102"   
configure vlan vl102 tag 102   
create vlan "vl103" vr vpn-a   
configure vlan vl103 tag 103   
enable jumbo-frame ports 1   
enable jumbo-frame ports 2   
configure vlan vl102 add ports 1 tagged
configure vlan vl103 add ports 2 tagged
configure vlan Mgmt ipaddress 192.168.56.104 255.255.255.0   
configure vlan lo0 ipaddress 172.16.0.4 255.255.255.255   
enable ipforwarding vlan lo0   
configure vlan vl102 ipaddress 10.1.1.10 255.255.255.252   
enable ipforwarding vlan vl102   
configure vlan vl103 ipaddress 10.1.1.13 255.255.255.252   
enable ipforwarding vlan vl103
  
configure vr vpn-a add protocol bgp   
configure vr vpn-a rd 172.16.0.4:103   
configure vr vpn-a route-target both add 65000:100
  
enable iproute mpls-next-hop
  
configure bgp AS-number 65000   
configure bgp routerid 172.16.0.4   
create bgp neighbor 172.16.0.2 remote-AS-number 65000   
configure bgp neighbor 172.16.0.2 source-interface ipaddress 172.16.0.4   
enable bgp neighbor 172.16.0.2   
configure bgp neighbor 172.16.0.2 next-hop-self   
configure bgp neighbor 172.16.0.2 address-family vpnv4 next-hop-self   
enable bgp neighbor 172.16.0.2 capability vpnv4   
enable bgp export vr vpn-a direct address-family vpnv4   
enable bgp export vr vpn-a bgp address-family vpnv4
enable bgp  

virtual-router vpn-a   
configure bgp AS-number 65000   
configure bgp routerid 172.16.0.4   
create bgp neighbor 10.1.1.14 remote-AS-number 65101   
enable bgp neighbor 10.1.1.14   
disable bgp neighbor 10.1.1.14 capability ipv4-multicast   
enable bgp export remote-vpn address-family ipv4-unicast   
enable bgp   
virtual-router VR-Default
  
configure mpls add vlan "lo0"   
enable mpls vlan "lo0"   
enable mpls ldp vlan "lo0"   
configure mpls add vlan "vl102"   
enable mpls vlan "vl102"   
enable mpls ldp vlan "vl102"   
configure mpls lsr-id 172.16.0.4   
enable mpls protocol ldp   
enable mpls  

configure ospf routerid 172.16.0.4   
enable ospf   
configure ospf add vlan lo0 area 0.0.0.0 passive   
configure ospf add vlan vl102 area 0.0.0.0 link-type point-to-point  

CE2:  

configure snmp sysName "CE2"

configure vr vpn-a add ports 1  
configure vlan default delete ports all   
configure vr VR-Default delete ports 1   
configure vlan default delete ports 1   
create vlan "foo1"   
enable loopback-mode vlan foo1   
create vlan "lo0"   
enable loopback-mode vlan lo0   
create vlan "vl103"   
configure vlan vl103 tag 103   
enable jumbo-frame ports 1   
configure vlan vl103 add ports 1 tagged
configure vlan Mgmt ipaddress 192.168.56.105 255.255.255.0   
configure vlan lo0 ipaddress 172.16.0.5 255.255.255.255   
configure vlan vl103 ipaddress 10.1.1.14 255.255.255.252   
configure vlan foo1 ipaddress 10.2.1.1 255.255.255.0   
enable ipforwarding vlan foo1
  
configure bgp AS-number 65101   
configure bgp routerid 172.16.0.5   
configure bgp add network 10.2.1.0/24   
create bgp neighbor 10.1.1.13 remote-AS-number 65000   
enable bgp neighbor 10.1.1.13   
enable bgp
Published March 2020prev | next

Email this topicEmail this topic

Print this pagePrint this page