To exchange routes, a default static route must be configured on a CE router to its associated PE router. A static route must also be configured between the PE router and the network (or networks) that the PE wants to advertise as available through a VRF. In this task, the network shown below is configured for a default static route to forward routes between the networks attached to the CE routers and the PE routers. IBGP is used to forward routes between the PE routers and an LSP tunnel is configured across the MPLS domain. The diagram below contains all of the network addresses and AS numbers required to perform this configuration. The configurations are shown for only the CE 1, CE 5, PE 1 and PE 5 routers which demonstrates what is required to make VPN1 work. The configurations for VPN2, VPN3, and VPN 4 would essentially be the same.
This configuration example describes what is required to operate the CE 1 router in the diagram above. In this example, a default static route is configured between the CE 1 router and the attached interface of PE 1.
device(config)# ip route 0.0.0.0/0 10.33.33.3 device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# ip address 10.33.33.2
This configuration example describes what is required to operate the CE 5 router in the diagram above. In this example, a default static route is configured between the CE 5 router and the attached interface of PE 4.
device(config)# ip route 0.0.0.0/0 10.33.36.3 device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# ip address 10.33.34.2
This configuration example describes what is required to operate the PE 1 router in the diagram above. In this example, the VRF VPN1 is created with a unique route descriptor consisting of the BGP AS number (1) and a random other number (2), and route targets are set for import and export. The VRF (VPN1) is defined on the interface that connects to CE 1. A static route is configured between this router and the network connected to CE 1. IBGP with extended community attributes is configured between PE 1 and PE 4.
The OSPF area is specified as 0 and MPLS is set up for OSPF traffic engineering. In addition, MPLS is configured with a signaled LSP named "tunnel1" to PE 4.
device(config)# interface loopback 1 device(config-lbif-1)# ip address 10.2.2.1/24 device(config-lbif-1)# ip ospf area 0 device(config-lbif-1)# exit device(config)# vrf VPN1 device(config-vrf-vpn1)# rd 1:1 device(config-vrf-vpn1)# route-target export 100:1 device(config-vrf-vpn1)# route-target import 100:2 device(config-vrf-vpn1)# exit-vrf device(config)# ip route vrf VPN1 10.1.2.0/24 10.33.33.2 device(config)# router bgp device(config-bgp)# local-as 1 device(config-bgp)# neighbor 10.2.2.2 remote-as 1 device(config-bgp)# neighbor 10.2.2.2 update-source loopback 1 device(config-bgp)# address-family vpnv4 unicast device(config-bgp-vpnv4u)# neighbor 10.2.2.2 activate device(config-bgp)# address-family ipv4 unicast vrf VPN1 device(config-bgp-ipv4u-vrf)# redistribute static device(config-bgp-ipv4u-vrf)# exit device(config)# router ospf device(config-ospf-router)# area 0 device(config-ospf-router)# exit device(config)# interface ethernet 0/2 device(config-if-e10000-0/2)# ip address 10.33.34.1/24 device(config-if-e10000-0/2)# ip ospf area 0 device(config-if-e10000-0/2)# exit device(config)# router mpls device(config-mpls)# policy device(config-mpls-policy)# traffic-engineering ospf device(config-mpls)# mpls-interface eth 0/2 device(config-mpls)# lsp tunnel1 device(config-mpls-lsp-tunnel1)# to 10.2.2.2 device(config-mpls-lsp-tunnel1)# enable device(config-mpls-lsp-tunnel1)# exit device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# vrf forwarding VPN1 device(config-if-e10000-0/1)# ip address 10.33.33.3/24 device(config-if-e10000-0/1)#
This configuration example describes what is required to operate the PE 4 router in the diagram above. In this example, the VRF VPN1 is created with a unique route descriptor consisting of the BGP AS number (1) and a random other number (2), and route targets are set for import and export. The VRF (VPN1) is defined on the interface that connects to CE 5. A static route is configured between this router and the network connected to CE 5.
IBGP with extended community attributes is configured between PE 1 and PE 4. The OSPF area is specified as 0 and MPLS is set up for OSPF traffic engineering. In addition, MPLS is configured with a signalled LSP named "tunnel1" to PE 1.
device(config)# interface loopback 1 device(config-lbif-1)# ip address 10.2.2.2/32 device(config-lbif-1)# ip ospf area 0 device(config-lbif-1)# exit device(config)# vrf VPN1 device(config-vrf-vpn1)# rd 1:2 device(config-vrf-vpn1)# route-target export 100:2 device(config-vrf-vpn1)# route-target import 100:1 device(config-vrf-vpn1)# exit-vrf device(config)# ip route vrf VPN1 10.1.2.0/24 10.33.36.2 device(config)# router bgp device(config-bgp)# local-as 1 device(config-bgp)# neighbor 10.2.2.1 remote-as 1 device(config-bgp)# neighbor 10.2.2.1 update-source loopback 1 device(config-bgp)# address-family vpnv4 unicast device(config-bgp-vpnv4u)# neighbor 10.2.2.1 activate device(config-bgp)# address-family ipv4 unicast vrf VPN1 device(config-bgp-ipv4u-vrf)# redistribute static device(config-bgp-ipv4u-vrf)# exit device(config)# router ospf device(config-ospf-router)# area 0 device(config-ospf-router)# exit device(config)# interface ethernet 0/2 device(config-if-e10000-0/2)# ip address 10.33.35.1/24 device(config-if-e10000-0/2)# ip ospf area 0 device(config-if-e10000-0/2)# exit device(config)# router mpls device(config-mpls)# policy device(config-mpls-policy)# traffic-engineering ospf device(config-mpls)# mpls-interface eth 0/2 device(config-mpls)# lsp tunnel1 device(config-mpls-lsp-tunnel1)# to 10.2.2.1 device(config-mpls-lsp-tunnel1)# enable device(config-mpls-lsp-tunnel1)# exit device(config)# interface ethernet 0/1 device(config-if-e10000-0/1)# vrf forwarding VPN1 device(config-if-e10000-0/1)# ip address 10.33.36.3/24 device(config-if-e10000-0/1)# exit