per vrf traffic flow
of 15
Transcript of per vrf traffic flow
-
8/14/2019 per vrf traffic flow
1/15
MPLS VPN for different path on
Cisco Routers
Base MPLS vpn architecture Solution for different path from each
VRF.
Contact
+886-920-891-782
-
8/14/2019 per vrf traffic flow
2/15
PHY link
R1
R2
R4 R3
R5
9.9.23.0/24
.3
.3
.2.2
.4
.4
.4
.5
.2
.1
9.9.12.0/24
9.9.34.0/24
9.9.24.0/24
9.9.45.0/24
Loopback
R1 9.9.1.1/32
R2 9.9.2.2/32
R3 9.9.3.3/32
R4 9.9.4.4/32
R5 9.9.5.5/32
-
8/14/2019 per vrf traffic flow
3/15
VRF
R1
R2
R4 R3
R5
A B
A B
!
ip vrf Ard 99:1
route-target export 99:1
route-target import 99:1
route-target import 99:3route-target import 99:5
!ip vrf B
rd 99:11
route-target export 99:11
route-target import 99:11
route-target import 99:4!
!
ip vrf Ard 99:3
route-target export 99:3
route-target import 99:3
route-target import 99:1
route-target import 99:5
!ip vrf B
rd 99:4
route-target export 99:4
route-target import 99:4
route-target import 99:11!
!
!
interface Loopback99
ip vrf forwarding Aip address 192.168.11.1 255.255.255.0
!
interface Loopback199
ip vrf forwarding B
ip address 192.168.111.1 255.255.255.0
!
!
interface Loopback99
ip vrf forwarding A
ip address 192.168.33.33 255.255.255.0
!
interface Loopback199
ip vrf forwarding B
ip address 192.168.33.3 255.255.255.0
!
-
8/14/2019 per vrf traffic flow
4/15
BGP ASN
R1
R2
R4 R3
R5
ALL router in the same AS
-
8/14/2019 per vrf traffic flow
5/15
OSPF area 0
R1
R2
R4 R3
R5
O 9.9.5.5/32 [110/4] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
O 9.9.4.4/32 [110/3] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
O 9.9.3.3/32 [110/3] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
O 9.9.2.2/32 [110/2] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
C 9.9.1.1/32 is directly connected, Loopback0
C 9.9.12.0/24 is directly connected, FastEthernet0/0.12
O 9.9.23.0/24 [110/2] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
O 9.9.24.0/24 [110/2] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
O 9.9.34.0/24 [110/3] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
O 9.9.45.0/24 [110/3] via 9.9.12.2, 16:14:12, FastEthernet0/0.12
R1(config-router-af)#
router ospf 1
log-adjacency-changes
network 9.9.0.0 0.0.255.255 area 0
!
R1(config-router-af)#do sh ip os ne
Neighbor ID Pri State Dead Time Address Interface
9.9.24.2 1 FULL/DR 00:00:33 9.9.12.2 FastEthernet0/0.12
R1(config-router-af)#
OSPF cost 200
-
8/14/2019 per vrf traffic flow
6/15
-
8/14/2019 per vrf traffic flow
7/15
MP-iBGP peer
R1
R2
R4 R3
R5
RR
R1
router bgp 9no synchronization
no bgp default route-target filter
bgp log-neighbor-changes
neighbor 9.9.0.5 remote-as 9
neighbor 9.9.3.3 remote-as 9neighbor 9.9.3.3 update-source Loopback0
neighbor 9.9.5.5 remote-as 9
neighbor 9.9.5.5 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 9.9.3.3 activate
neighbor 9.9.3.3 send-community extendedneighbor 9.9.3.3 route-reflector-client
neighbor 9.9.5.5 activate
neighbor 9.9.5.5 send-community extended
neighbor 9.9.5.5 route-reflector-client
exit-address-family
!
Show ip bgp vp all summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
9.9.3.3 4 9 1069 1110 13 0 0 14:43:11 2
9.9.5.5 4 9 1050 1095 13 0 0 14:43:10 1
R1(config-router-af)#
ASN is 9
-
8/14/2019 per vrf traffic flow
8/15
VRF traffic flow
R1
R2
R4 R3
R5
A B
A B
R1(config-router-af)#do sh ip ro vrf A
C 192.168.11.0/24 is directly connected, Loopback99
B 192.168.55.0/24 [200/0] via 9.9.5.5, 14:46:30B 192.168.33.0/24 [200/0] via 9.9.3.3, 14:46:30
R1(config-router-af)#do sh ip ro vrf B
C 192.168.111.0/24 is directly connected, Loopback199
B 192.168.33.0/24 [20/0] via 9.9.3.3, 01:23:12
R1(config-router-af)#
sh ip cef vrf A de
192.168.33.0/24, version 13, epoch 0, cached adjacency 9.9.12.2
0 packets, 0 bytes
tag information set
local tag: VPN-route-head
fast tag rewrite with Fa0/0.12, 9.9.12.2, tags imposed: {21 23}
via 9.9.3.3, 0 dependencies, recursive
next hop 9.9.12.2, FastEthernet0/0.12 via 9.9.3.3/32
valid cached adjacency
tag rewrite with Fa0/0.12, 9.9.12.2, tags imposed: {21 23}
R1(config-router-af)#do sh mpls for
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 Pop tag 9.9.24.0/24 0 Fa0/0.12 9.9.12.2
17 Pop tag 9.9.23.0/24 0 Fa0/0.12 9.9.12.2
18 Pop tag 9.9.2.2/32 0 Fa0/0.12 9.9.12.2
19 17 9.9.4.4/32 0 Fa0/0.12 9.9.12.2
20 16 9.9.34.0/24 0 Fa0/0.12 9.9.12.2
21 18 9.9.45.0/24 0 Fa0/0.12 9.9.12.2
22 20 9.9.5.5/32 0 Fa0/0.12 9.9.12.2
23 21 9.9.3.3/32 0 Fa0/0.12 9.9.12.2
R2(config-subif)#
21 Pop tag 9.9.3.3/32 287059 Fa0/0.23 9.9.23.3R2(config-subif)#
-
8/14/2019 per vrf traffic flow
9/15
We want different path for vrf
R1
R2
R4 R3
R5
A B
A B
Cisco TE is base on LDP, its IGP
For the same destination only one path.
But How ??
-
8/14/2019 per vrf traffic flow
10/15
The MP-EBGP peer from R4
R1
R2
R4 R3
R5
RR
R1
router bgp 9no synchronization
no bgp default route-target filter
bgp log-neighbor-changes
neighbor 9.9.0.5 remote-as 9
neighbor 9.9.3.3 remote-as 9neighbor 9.9.3.3 update-source Loopback0
neighbor 9.9.4.4 remote-as 65001
neighbor 9.9.4.4 ebgp-multihop 255
neighbor 9.9.4.4 update-source Loopback0
neighbor 9.9.5.5 remote-as 9
neighbor 9.9.5.5 update-source Loopback0
no auto-summary
!address-family vpnv4
neighbor 9.9.3.3 activate
neighbor 9.9.3.3 send-community extended
neighbor 9.9.3.3 route-reflector-client
neighbor 9.9.4.4 activate
neighbor 9.9.4.4 send-community extended
neighbor 9.9.4.4 weight 300
neighbor 9.9.4.4 allowas-in
neighbor 9.9.5.5 activate
neighbor 9.9.5.5 send-community extended
neighbor 9.9.5.5 route-reflector-client
exit-address-family
!
Show ip bgp vp all summary
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
9.9.3.3 4 9 1134 1175 13 0 0 15:48:40 2
9.9.4.4 4 65001 1096 1129 13 0 0 15:48:40 1
9.9.5.5 4 9 1115 1160 13 0 0 15:48:39 1
R1(config-router-af)#
AS65001
MP-EBGP
MP-iBGP
-
8/14/2019 per vrf traffic flow
11/15
Show result for VRF A on R1Route Distinguisher: 99:11 (default for vrf B)
*> 192.168.33.0 9.9.4.4 300 65001 9 ?
*> 192.168.111.0 0.0.0.0 0 32768 ?
R1(config-router-af)#
R2#sh mpls for | i 205
205 Pop tag 9.9.4.4/32 3732947 Fa0/0.24 9.9.24.4
R2#
R1#sh ip cef vrf A 192.168.33.0 de
192.168.33.0/24, version 10, epoch 0, cached adjacency 9.9.12.2
0 packets, 0 bytes
tag information set
local tag: VPN-route-head
fast tag rewrite with Fa0/0.12, 9.9.12.2, tags imposed: {205 409}
via 9.9.4.4, 0 dependencies, recursive
next hop 9.9.12.2, FastEthernet0/0.12 via 9.9.4.4/32
valid cached adjacency
tag rewrite with Fa0/0.12, 9.9.12.2, tags imposed: {205 409}R1#
R1
R2
R4 R3
R5
AB
A B
R1#sh mpls for | i 205
105 205 9.9.4.4/32 0 Fa0/0.12 9.9.12.2
R1#
R4(config-router-af)#do sh ip bgp vp all la
Network Next Hop In label/Out label
Route Distinguisher: 99:3
192.168.33.0 9.9.34.3 409/309
R3#sh mpls for | i 309
309 Aggregate 192.168.33.0/24[V] \
R3#
-
8/14/2019 per vrf traffic flow
12/15
R1#sh ip bgp vp vrf B
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 99:11 (default for vrf B)
*> 192.168.111.0 0.0.0.0 0 32768 ?
*>i192.168.133.0 9.9.3.3 0 100 0 ?*>i192.168.155.0 9.9.5.5 0 100 0 ?
R1#
R3#sh mpls for | i 310
310 Aggregate 192.168.133.0/24[V] \
R3#sh ip bgp vp vrf B 192.168.133.0BGP routing table entry for 99:33:192.168.133.0/24, version 5
Paths: (1 available, best #1, table B)
Advertised to update-groups:
2
Local
0.0.0.0 from 0.0.0.0 (9.9.3.3)
Origin incomplete, metric 0, localpref 100, weight 32768,
valid, sourced, best
Extended Community: RT:99:33
mpls labels in/out 310/aggregate(B)
R3#
R1#sh ip cef vrf B 192.168.133.0 de
192.168.133.0/24, version 17, epoch 0, cached adjacency 9.9.12.2
0 packets, 0 bytes
tag information set
local tag: VPN-route-head
fast tag rewrite with Fa0/0.12, 9.9.12.2, tags imposed: {203 310}
via 9.9.3.3, 0 dependencies, recursivenext hop 9.9.12.2, FastEthernet0/0.12 via 9.9.3.3/32
valid cached adjacency
tag rewrite with Fa0/0.12, 9.9.12.2, tags imposed: {203 310}
R1#
R1
R2
R4 R3
R5
AB
A B
R2#sh mpls for | i 203
203 Pop tag 9.9.3.3/32 3728767 Fa0/0.23 9.9.23.3
R2#
Show result for VRF B on R1
-
8/14/2019 per vrf traffic flow
13/15
Debug mpls packet
R1 to R3 (Path R1---R2-----R4-----R3)
R2(config-subif)#
*Oct 4 05:45:26.482: MPLS: Fa0/0.12: recvd: CoS=0, TTL=255, Label(s)=17/30
*Oct 4 05:45:26.482: MPLS: Fa0/0.24: xmit: CoS=0, TTL=254, Label(s)=30
R2(config-subif)#
R4(config-router)#do deb mpls pa
MPLS packet debugging is on
R4(config-router)#
*Oct 4 05:42:30.686: MPLS: Fa0/0.24: recvd: CoS=0, TTL=254, Label(s)=30
*Oct 4 05:42:30.686: MPLS: Fa0/0.34: xmit: CoS=0, TTL=253, Label(s)=24
R1
R2
R4 R3
R5
AB
A B
R3 to R1 (Path R3---R4----R2----R1)
R2(config-subif)#
*Oct 4 05:45:26.486: MPLS: Fa0/0.23: recvd: CoS=0, TTL=255, Label(s)=19/28
*Oct 4 05:45:26.486: MPLS: Fa0/0.12: xmit: CoS=0, TTL=254, Label(s)=28
R2(config-subif)#
-
8/14/2019 per vrf traffic flow
14/15
Its perfect for each VRF
R1
R2
R4 R3
R5
B A
A
B
-
8/14/2019 per vrf traffic flow
15/15
End
