External BGP (EBGP) can be used to exchange routes from CE routers to PE routers.
To exchange routes, a BGP neighbor must be configured on both CE and PE routers. In the diagram shown below, the CE 1 router is configured to exchange routes with the PE 1 router and the CE 5 router is configured to exchange routes with the PE 4 router.
In the example shown in the diagram above, the network is configured to use EBGP to forward routes between the networks attached to the CE routers and the PE routers. IBGP is used to forward routes between the PE routers and an LSP tunnel is configured across the MPLS domain. The diagram above contains all of the network addresses and AS numbers required to perform this configuration. The configurations are shown for only the CE 1, CE 5, PE 1 and PE 5 routers, which demonstrates what is required to make VPN1 work. The configurations for VPN2, VPN3, and VPN 4 would essentially be the same.
This configuration example describes what is required to operate the CE 1 router in the diagram above. In this example, a static route is configured between the external network (10.1.2.0/24) and the loopback interface. EBGP is configured between CE 1 and PE 1, and the static route is redistributed through this connection.
device(config)# ip route 10.1.2.0/24 10.33.33.1 device(config)# router bgp device(config-bgp)# local-as 2 device(config-bgp)# neighbor 10.33.33.3 remote-as 1 device(config-bgp)# redistribute static device(config-bgp)# exit device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# ip address 10.33.33.2/24 device(config-if-e10000-0/1)# exit
This configuration example describes what is required to operate the CE 5 router in the diagram above. In this example, a static route is configured between the external network (10.1.3.0/24) and the loopback interface. EBGP is configured between CE 5 and PE 4, and the static route is redistributed through this connection.
device(config)# interface loopback 1 device(config-lbif-1)# ip address 10.33.36.1/32 device(config-lbif-1)# exit device(config)# ip route 10.1.3.0/24 10.33.36.1 device(config)# router bgp device(config)# local-as 3 device(config-bgp)# neighbor 10.33.36.3 remote-as 1 device(config-bgp)# redistribute static device(config-bgp)# exit device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# ip address 10.33.36.2/24 device(config-if-e10000-0/1)# exit
This configuration example describes what is required to operate the PE 1 router in the diagram above. In this example, the VRF VPN1 is created with a unique route descriptor consisting of the BGP AS number (1) and a random other number (2), and route targets are set for import and export. The VRF (VPN1) is defined on the interface that connects to CE 1. EBGP is configured between VPN1 and CE 1. IBGP with extended community attributes is configured between PE 1 and PE 4.
The OSPF area is specified as 0 and MPLS is set up for OSPF traffic engineering. In addition, MPLS is configured with a signaled LSP named "tunnel1" to PE 4.
device(config)# interface loopback 1 device(config-lbif-1)# ip address 10.2.2.1/32 device(config-lbif-1)# ip ospf area 0 device(config-lbif-1)# exit device(config)# vrf VPN1 device(config-vrf-vpn1)# rd 1:1 device(config-vrf-vpn1)# route-target export 100:1 device(config-vrf-vpn1)# route-target import 100:2 device(config-vrf-vpn1)# exit-vrf device(config)# router bgp device(config-bgp)# local-as 1 device(config-bgp)# neighbor 10.2.2.2 remote-as 1 device(config-bgp)# neighbor 10.2.2.2 update-source loopback 1 device(config-bgp)# address-family vpnv4 unicast device(config-bgp-vpnv4u)# neighbor 10.2.2.2 activate device(config-bgp-vpnv4u)# exit device(config-bgp)# address-family ipv4 unicast vrf VPN1 device(config-bgp-ipv4u-vrf)# neighbor 10.33.33.2 remote-as 2 device(config-bgp-ipv4u-vrf)# exit device(config)# router ospf device(config-ospf-router)# area 0 device(config-ospf-router)# exit device(config)# interface ethernet 0/2 device(config-if-e10000-0/2)# ip address 10.33.34.1/24 device(config-if-e10000-0/2)# ip ospf area 0 device(config-if-e10000-0/2)# exit device(config)# router mpls device(config-mpls)# policy device(config-mpls-policy)# traffic-engineering ospf device(config-mpls)# mpls-interface eth 0/2 device(config-mpls)# lsp tunnel1 device(config-mpls-lsp-tunnel1)# to 10.2.2.2 device(config-mpls-lsp-tunnel1)# enable device(config-mpls-lsp-tunnel1)# exit device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# vrf forwarding VPN1 device(config-if-e10000-0/1)# ip address 10.33.33.3/24
This configuration example describes what is required to operate the PE 2 router in the diagram above. In this example, the VRF VPN1 is created with a unique route descriptor consisting of the BGP AS number (1) and a random other number (2), and route targets are set for import and export. The VRF (VPN1) is defined on the interface that connects to CE 5. EBGP is configured between VPN1 and CE 5. IBGP with extended community attributes is configured between PE 4 and PE 1.
The OSPF area is specified as 0 and MPLS is set up for OSPF traffic engineering. In addition, MPLS is configured with a signaled LSP named "tunnel1" to PE 1.
device(config)# interface loopback 1 device(config-lbif-1)# ip address 10.2.2.2/32 device(config-lbif-1)# ip ospf area 0 device(config-lbif-1)# exit device(config)# vrf VPN1 device(config-vrf-vpn1)# rd 1:2 device(config-vrf-vpn1)# route-target export 100:2 device(config-vrf-vpn1)# route-target import 100:1 device(config-vrf-vpn1)# exit-vrf device(config)# router bgp device(config-bgp)# local-as 1 device(config-bgp)# neighbor 10.2.2.1 remote-as 1 device(config-bgp)# neighbor 10.2.2.1 update-source loopback 1 device(config-bgp)# address-family vpnv4 unicast device(config-bgp-vpnv4u)# neighbor 10.2.2.1 activate device(config-bgp)# address-family ipv4 unicast vrf VPN1 device(config-bgp-ipv4u-vrf)# neighbor 10.33.36.2 remote-as 2 device(config-bgp-ipv4u-vrf)# exit device(config)# router ospf device(config-ospf-router)# area 0 device(config-ospf-router)# exit device(config)# interface ethernet 0/2 device(config-if-e10000-0/2)# ip address 10.33.35.1/24 device(config-if-e10000-0/2)# ip ospf area 0 device(config-if-e10000-0/2)# exit device(config)# router mpls device(config-mpls)# policy device(config-mpls-policy)# traffic-engineering ospf device(config-mpls)# mpls-interface eth 0/2 device(config-mpls)# lsp tunnel1 device(config-mpls-lsp-tunnel1)# to 10.2.2.1 device(config-mpls-lsp-tunnel1)# enable device(config-mpls-lsp-tunnel1)# exit device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# vrf forwarding VPN1 device(config-if-e10000-0/1)# ip address 10.33.36.3/24 device(config-if-e10000-0/1)# exit