Thursday, February 4, 2016

L3VPN task #6. Inter-AS L3VPN - part 1.

Topology:



Configure loopback0 interfaces and internal links between the  routers for Service Provider X and Y, according to topology diagram.
Configure loopback0 interface for Customer A as below:
R10 loopback0 ipv4 address 10.10.10.10/24
R11 loopback0 ipv4 address 10.10.11.11/24

For each service provider, configure IGP, iBGP according to topology diagram.

The following resources are allocated to provide connectivity for Customer A:

Link R1-R10: IPv4 prefix 19.0.10/24

Link R6-R11: IPv4 prefix 20.0.11/24

Link R3-R4, one physical interface, IPv4 prefix 19.0.34/24

Link R7-R9, one logical interface, dot1Q vlan 11, IPv4 prefix 20.0.79/24

Requirements: 

Configure the network to provide connectivity between Customer A sites R10 and R11 as below:

1. Service Provider (SP) X shall use route-target value of 10:10 for Customer A VRF. 
2. SP Y shall use route-target value of 11:11 for Customer A VRF.
3. Use OSPF as CE-PE routing protocol.
4. Configuration shall allow each service provider to easily apply QoS and security policies on the         Customers A traffic transiting its network.
5. Traffic from R10 to R11 shall use the link between routers R9 and R7.
6. Traffic from R11 to R10 shall use the link between routers R4 and R3.


Solution:

Highlight the text below to reveal the solution.

Requirements #1 - 4:

Requirements of independent route-target space and separation of traffic per customer imply the use of Inter-AS option 10A, also known as VRF-to-VRF or back-to-back VRF.
In Option 10A, for each transiting customer, a dedicated physical or logical link is required between the two service providers, and each service provider treats the other side of this link as regular CE.
eBGP is usually used to exchange the routing information between the service providers.

Requirements #5 and #6 - use any method to affect the BGP best route selection. Example solution uses route-policy to set higher local-preference value on the preferred exit point (this is the recommended way to signal the exit point from the AS).


R1:


!
vrf definition CUST_A
 rd 10:10
 route-target export 10:10
 route-target import 10:10
 !
 address-family ipv4
 exit-address-family
!
!
interface Ethernet1/0
 vrf forwarding CUST_A
 ip address 19.0.10.1 255.255.255.0
 ip ospf network point-to-point
 ip ospf 10 area 0
!
!
router ospf 10 vrf CUST_A
 router-id 19.0.10.1
 redistribute bgp 19 subnets
!
!
router ospf 1
 mpls ldp autoconfig
 router-id 19.0.1.1
!
router bgp 19
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 19.0.2.2 remote-as 19
 neighbor 19.0.2.2 update-source Loopback0
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor 19.0.2.2 activate
  neighbor 19.0.2.2 send-community both
 exit-address-family
 !
 address-family ipv4 vrf CUST_A
  redistribute ospf 10
 exit-address-family
!

R2:


!
router ospf 1
 mpls ldp autoconfig
 router-id 19.0.2.2
!
router bgp 19
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor CLIENTS peer-group
 neighbor CLIENTS remote-as 19
 neighbor CLIENTS update-source Loopback0
 neighbor 19.0.1.1 peer-group CLIENTS
 neighbor 19.0.3.3 peer-group CLIENTS
 neighbor 19.0.9.9 peer-group CLIENTS
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor CLIENTS send-community both
  neighbor CLIENTS route-reflector-client
  neighbor 19.0.1.1 activate
  neighbor 19.0.3.3 activate
  neighbor 19.0.9.9 activate
 exit-address-family
!


R3:


vrf CUST_A
 address-family ipv4 unicast
  import route-target
   10:10
  !
  export route-target
   10:10
  !
 !
!
!
interface GigabitEthernet0/0/0/2
 vrf CUST_A
 ipv4 address 19.0.34.3 255.255.255.0
!
route-policy ANY
  pass
end-policy
!
router ospf 1
 area 0
  interface Loopback0
   network point-to-point
  !
  interface GigabitEthernet0/0/0/0
   network point-to-point
  !
 !
!
router bgp 19
 address-family vpnv4 unicast
 !
 neighbor 19.0.2.2
  remote-as 19
  update-source Loopback0
  address-family vpnv4 unicast
  !
 !
 vrf CUST_A
  rd 10:10
  address-family ipv4 unicast
  !
  neighbor 19.0.34.4
   remote-as 20
   address-family ipv4 unicast
    route-policy ANY in
    route-policy ANY out
   !
  !
 !
!
mpls ldp
 interface GigabitEthernet0/0/0/0
 !
!


R4:


vrf CUST_A
 address-family ipv4 unicast
  import route-target
   11:11
  !
  export route-target
   11:11
  !
 !
!
!
interface GigabitEthernet0/0/0/2
 vrf CUST_A
 ipv4 address 19.0.34.4 255.255.255.0
!
route-policy ANY
  pass
end-policy
!
route-policy HIGH_LP
  set local-preference 1000
end-policy
!
router isis AS20
 is-type level-2-only
 net 49.0020.0000.0000.0004.00
 interface Loopback0
  address-family ipv4 unicast
  !
 !
 interface GigabitEthernet0/0/0/0
  address-family ipv4 unicast
  !
 !
!
router bgp 20
 address-family vpnv4 unicast
 !
 neighbor 20.0.5.5
  remote-as 20
  update-source Loopback0
  address-family vpnv4 unicast
  !
 !
 vrf CUST_A
  rd 11:11
  address-family ipv4 unicast
  !
  neighbor 19.0.34.3
   remote-as 19
   address-family ipv4 unicast
    route-policy HIGH_LP in
    route-policy ANY out
   !
  !
 !
!
mpls ldp
 interface GigabitEthernet0/0/0/0
 !
!

R5:

!
router isis AS20
 mpls ldp autoconfig
 net 49.0020.0000.0000.0005.00
 is-type level-2-only
!
router bgp 20
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor CLIENTS peer-group
 neighbor CLIENTS remote-as 20
 neighbor CLIENTS update-source Loopback0
 neighbor 20.0.4.4 peer-group CLIENTS
 neighbor 20.0.6.6 peer-group CLIENTS
 neighbor 20.0.7.7 peer-group CLIENTS
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor CLIENTS send-community both
  neighbor CLIENTS route-reflector-client
  neighbor 20.0.4.4 activate
  neighbor 20.0.6.6 activate
  neighbor 20.0.7.7 activate
 exit-address-family
!

R6:

!
vrf definition CUST_A
 rd 11:11
 route-target export 11:11
 route-target import 11:11
 !
 address-family ipv4
 exit-address-family
!
!
interface Ethernet1/0
 vrf forwarding CUST_A
 ip address 20.0.11.6 255.255.255.0
 ip ospf network point-to-point
 ip ospf 11 area 0
!
!
router ospf 11 vrf CUST_A
 router-id 20.0.11.6
 redistribute bgp 20 subnets
!
router isis AS20
 mpls ldp autoconfig
 net 49.0020.0000.0000.0006.00
 is-type level-2-only
!
router bgp 20
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 20.0.5.5 remote-as 20
 neighbor 20.0.5.5 update-source Loopback0
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor 20.0.5.5 activate
  neighbor 20.0.5.5 send-community both
 exit-address-family
 !
 address-family ipv4 vrf CUST_A
  redistribute ospf 11
 exit-address-family
!


R7:

!
vrf definition CUST_A
 rd 11:11
 route-target export 11:11
 route-target import 11:11
 !
 address-family ipv4
 exit-address-family
!
!
interface Ethernet1/0
 no ip address
!
interface Ethernet1/0.11
 encapsulation dot1Q 11
 vrf forwarding CUST_A
 ip address 20.0.79.7 255.255.255.0
!
!
router isis AS20
 mpls ldp autoconfig
 net 49.0020.0000.0000.0007.00
 is-type level-2-only
!
router bgp 20
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 20.0.5.5 remote-as 20
 neighbor 20.0.5.5 update-source Loopback0
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor 20.0.5.5 activate
  neighbor 20.0.5.5 send-community both
 exit-address-family
 !
 address-family ipv4 vrf CUST_A
  neighbor 20.0.79.9 remote-as 19
  neighbor 20.0.79.9 activate
 exit-address-family
!

R9:


!
vrf definition CUST_A
 rd 10:10
 route-target export 10:10
 route-target import 10:10
 !
 address-family ipv4
 exit-address-family
!
!
interface Ethernet1/0.11
 encapsulation dot1Q 11
 vrf forwarding CUST_A
 ip address 20.0.79.9 255.255.255.0
!
!
router ospf 1
 mpls ldp autoconfig
 router-id 19.0.9.9
!
router bgp 19
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 19.0.2.2 remote-as 19
 neighbor 19.0.2.2 update-source Loopback0
 !
 address-family ipv4
 exit-address-family
 !
 address-family vpnv4
  neighbor 19.0.2.2 activate
  neighbor 19.0.2.2 send-community both
 exit-address-family
 !
 address-family ipv4 vrf CUST_A
  neighbor 20.0.79.7 remote-as 20
  neighbor 20.0.79.7 activate
  neighbor 20.0.79.7 route-map HIGH_LP in
 exit-address-family
!
!
route-map HIGH_LP permit 100
 set local-preference 1000
!

R10:


!
interface Loopback0
 ip address 10.10.10.10 255.255.255.0
 ip ospf network point-to-point
 ip ospf 10 area 0
!
interface Ethernet0/0
 ip address 19.0.10.10 255.255.255.0
 ip ospf network point-to-point
 ip ospf 10 area 0
!
!
router ospf 10
 router-id 10.10.10.10
!


R11:

!
interface Loopback0
 ip address 10.10.11.11 255.255.255.0
 ip ospf network point-to-point
 ip ospf 1 area 0
!
interface Ethernet0/0
 ip address 20.0.11.11 255.255.255.0
 ip ospf network point-to-point
 ip ospf 1 area 0
!
!
router ospf 1
 router-id 10.10.11.11
!




Verification:

R10#traceroute 10.10.11.11 source 10.10.10.10
Type escape sequence to abort.
Tracing the route to 10.10.11.11
VRF info: (vrf in name/id, vrf out name/id)
  1 19.0.10.1 4 msec 4 msec 4 msec
  2 19.0.12.2 [MPLS: Labels 16/21 Exp 0] 3 msec 2 msec 1 msec
  3 20.0.79.9 [MPLS: Label 21 Exp 0] 4 msec 4 msec 4 msec
  4 20.0.79.7 2 msec 2 msec 2 msec
  5 20.0.57.5 [MPLS: Labels 17/21 Exp 0] 2 msec 2 msec 1 msec
  6 20.0.11.6 [MPLS: Label 21 Exp 0] 1 msec 1 msec 2 msec
  7 20.0.11.11 1 msec 1 msec 2 msec



R11#traceroute 10.10.10.10 source lo0
Type escape sequence to abort.
Tracing the route to 10.10.10.10
VRF info: (vrf in name/id, vrf out name/id)
  1 20.0.11.6 6 msec 4 msec 6 msec
  2 20.0.56.5 [MPLS: Labels 16/16005 Exp 0] 2 msec 1 msec 1 msec
  3 20.0.45.4 [MPLS: Label 16005 Exp 0] 1 msec 1 msec 2 msec
  4 19.0.34.3 2 msec 2 msec 2 msec
  5 19.0.23.2 [MPLS: Labels 18/21 Exp 0] 1 msec 1 msec 2 msec
  6 19.0.10.1 [MPLS: Label 21 Exp 0] 2 msec 2 msec 2 msec
  7 19.0.10.10 1 msec 2 msec 1 msec

R10#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C        10.10.10.0/24 is directly connected, Loopback0
L        10.10.10.10/32 is directly connected, Loopback0
O E2     10.10.11.0/24 [110/1] via 19.0.10.1, 00:53:19, Ethernet0/0
      19.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        19.0.10.0/24 is directly connected, Ethernet0/0
L        19.0.10.10/32 is directly connected, Ethernet0/0
      20.0.0.0/24 is subnetted, 1 subnets
O E2     20.0.11.0 [110/1] via 19.0.10.1, 00:53:19, Ethernet0/0

R11#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O E2     10.10.10.0/24 [110/1] via 20.0.11.6, 00:53:32, Ethernet0/0
C        10.10.11.0/24 is directly connected, Loopback0
L        10.10.11.11/32 is directly connected, Loopback0
      19.0.0.0/24 is subnetted, 1 subnets
O E2     19.0.10.0 [110/1] via 20.0.11.6, 00:53:32, Ethernet0/0
      20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        20.0.11.0/24 is directly connected, Ethernet0/0
L        20.0.11.11/32 is directly connected, Ethernet0/0

R1#show ip route vrf CUST_A

Routing Table: CUST_A
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/24 is subnetted, 2 subnets
O        10.10.10.0 [110/11] via 19.0.10.10, 01:11:26, Ethernet1/0
B        10.10.11.0 [200/0] via 19.0.9.9, 00:28:13
      19.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        19.0.10.0/24 is directly connected, Ethernet1/0
L        19.0.10.1/32 is directly connected, Ethernet1/0
      20.0.0.0/24 is subnetted, 1 subnets
B        20.0.11.0 [200/0] via 19.0.9.9, 00:28:13

R1#show bgp vpnv4 unicast all
BGP table version is 11, local router ID is 19.0.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 10:10 (default for vrf CUST_A)
 *>  10.10.10.0/24    19.0.10.10              11         32768 ?
 *>i 10.10.11.0/24    19.0.9.9                 0   1000      0 20 ?
 *>  19.0.10.0/24     0.0.0.0                  0         32768 ?
 *>i 20.0.11.0/24     19.0.9.9                 0   1000      0 20 ?

R6#        show ip route vrf CUST_A

Routing Table: CUST_A
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/24 is subnetted, 2 subnets
B        10.10.10.0 [200/0] via 20.0.4.4, 00:28:02
O        10.10.11.0 [110/11] via 20.0.11.11, 01:03:34, Ethernet1/0
      19.0.0.0/24 is subnetted, 1 subnets
B        19.0.10.0 [200/0] via 20.0.4.4, 00:28:02
      20.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        20.0.11.0/24 is directly connected, Ethernet1/0
L        20.0.11.6/32 is directly connected, Ethernet1/0



No comments:

Post a Comment