Friday 31 August 2012

CE-PE Routing: Configuring Static route


CE-PE Routing: Configuring Static route

·         There are many options for CE-PE routing.

·         In this post, let me configure a basic static route for routing between CE-PE

 Let me take a basic topology to configure this:
 
VRF Configuration:
PE1:
PE1(config)#ip vrf VPN_A
PE1(config-vrf)#rd 100:1
PE1(config-vrf)#route-target both 100:1
PE1(config-vrf)#do show run int ser1/0
Building configuration...
Current configuration : 87 bytes
!
interface Serial1/0
 ip address 10.1.13.3 255.255.255.0
 serial restart-delay 0
end
PE1(config-vrf)#int ser1/0
PE1(config-if)#ip vrf forwarding VPN_A
% Interface Serial1/0 IP address 10.1.13.3 removed due to enabling VRF VPN_A
PE1(config-if)#ip address 10.1.13.3 255.255.255.0
PE1(config-if)#do ping vrf VPN_A 10.1.13.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.13.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/17/44 ms
PE1(config-if)#
CE1:
CE1(config-if)#do show run int ser1/0
Building configuration...
Current configuration : 87 bytes
!
interface Serial1/0
 ip address 10.1.13.1 255.255.255.0
 serial restart-delay 0
end
CE1(config-if)#do ping 10.1.13.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.13.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/25/44 ms
CE1(config-if)#
Observation:
·         CE1-PE1 link is up
PE1:
PE2(config-router-af)#ip vrf VPN_A
PE2(config-vrf)#rd 100:1
PE2(config-vrf)#route-target both 100:1
PE2(config-vrf)#do show run int ser1/0
Building configuration...
Current configuration : 87 bytes
!
interface Serial1/0
 ip address 10.1.24.4 255.255.255.0
 serial restart-delay 0
end
PE2(config-vrf)#int ser1/0
PE2(config-if)#do show run int ser1/0
Building configuration...
Current configuration : 87 bytes
!
interface Serial1/0
 ip address 10.1.24.4 255.255.255.0
 serial restart-delay 0
end
PE2(config-if)#ip vrf forwarding VPN_A
% Interface Serial1/0 IP address 10.1.24.4 removed due to enabling VRF VPN_A
PE2(config-if)#ip address 10.1.24.4 255.255.255.0
PE2(config-if)#do ping vrf VPN_A 10.1.24.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.24.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/16/36 ms
PE2(config-if)#
CE2:
CE2(config-if)#do show run int ser1/0
Building configuration...
Current configuration : 87 bytes
!
interface Serial1/0
 ip address 10.1.24.2 255.255.255.0
 serial restart-delay 0
end
CE2(config-if)#do ping 10.1.24.4
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.24.4, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/24/64 ms
CE2(config-if)#
Observation:
·         CE2-PE2 link is up
IGP-OSPF Configuration between PE1-PE2:
PE1(config-if)#do show run | begin router ospf
router ospf 1
 router-id 3.3.3.3
 log-adjacency-changes
 network 3.3.3.3 0.0.0.0 area 0
 network 100.1.34.3 0.0.0.0 area 0
!
PE2(config-if)#do show run | begin router ospf
router ospf 1
 router-id 4.4.4.4
 log-adjacency-changes
 network 4.4.4.4 0.0.0.0 area 0
 network 100.1.34.4 0.0.0.0 area 0
!
MP-iBGP configuration between PE1-PE2:
PE1(config)#do show run | begin router bgp
router bgp 100
 bgp router-id 3.3.3.3
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 4.4.4.4 remote-as 100
 neighbor 4.4.4.4 update-source Loopback0
 !
 address-family vpnv4
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf VPN_A
  redistribute connected
  redistribute static
  no synchronization
 exit-address-family
!
PE2(config-router-af)#do show run | begin router bgp
router bgp 100
 bgp router-id 4.4.4.4
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 100
 neighbor 3.3.3.3 update-source Loopback0
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf VPN_A
  redistribute connected
  redistribute static
  no synchronization
 exit-address-family
!
Configuring MPLS in the Core (between PE1-PE2):
PE1(config)#int ser1/1
PE1(config-if)#mpls ip
PE1(config-if)#
PE2(config)#int ser1/1
PE2(config-if)#mpls ip
PE2(config-if)#
Configuring vrf static route in PE1 to reach CE1’s loopback:
PE1(config)#ip route vrf VPN_A 1.1.1.0 255.255.255.0 ser1/0
PE1(config)#ip route vrf VPN_A 11.11.11.0 255.255.255.0 ser1/0
PE1(config)#do ping vrf VPN_A 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/24/68 ms
PE1(config)#do ping vrf VPN_A 11.11.11.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/30/104 ms
PE1(config)#
Observation:
·         PE1 can reach CE1’s loopback0 and loopback1
Configuring vrf static route in PE2 to reach CE2’s loopback:
PE2(config)#ip route vrf VPN_A 2.2.2.0 255.255.255.0 ser1/0
PE2(config)#ip route vrf VPN_A 22.22.22.0 255.255.255.0 ser1/0
PE2(config)#do ping vrf VPN_A 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/37/92 ms
PE2(config)#do ping vrf VPN_A 22.22.22.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/24/56 ms
PE2(config)#
Observation:
·         PE2 can reach CE2’s loopback0 and loopback1
 Configuring a default route in CE1 towards PE1:
CE1(config)#ip route 0.0.0.0 0.0.0.0 ser1/0
CE1(config)#
Configuring a default route in CE2 towards PE2:
CE2(config)#ip route 0.0.0.0 0.0.0.0 ser1/0
CE2(config)#
Verification:
CE1#ping 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/38/124 ms
CE1#
CE1#ping 22.22.22.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 12/44/120 ms
CE1#
PE1(config-if)#do ping vrf VPN_A 2.2.2.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 2.2.2.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/37/80 ms
PE1(config-if)#
PE1(config-if)#do ping vrf VPN_A 22.22.22.22
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/40/104 ms
PE1(config-if)#
CE2#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/46/96 ms
CE2#
CE2#ping 11.11.11.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/48/132 ms
CE2#
PE2#ping vrf VPN_A 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/46/144 ms
PE2#
PE2#ping vrf VPN_A 11.11.11.11
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 8/38/112 ms
PE2#
Observations:
·         CE1 is successfully reaching CE2’s loopback0 and loopback1 (2.2.2.2, 22.22.22.22)
·         CE2 is successfully reaching CE1’s loopback0 and loopback1 (1.1.1.1, 11.11.11.11)
BGP Table in PE1 and PE2:
PE1(config)#do show ip bgp vpnv4 all sum
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 13, main routing table version 13
6 network entries using 936 bytes of memory
6 path entries using 408 bytes of memory
3/2 BGP path/bestpath attribute entries using 504 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 1904 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 15 secs
Neighbor        V          AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
4.4.4.4         4        100      78      78       13    0    0 01:11:44        3
PE1(config)#do show ip bgp vpnv4 all
BGP table version is 13, local router ID is 3.3.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VPN_A)
*> 1.1.1.0/24       0.0.0.0                  0         32768 ?
*>i2.2.2.0/24       4.4.4.4                  0    100      0 ?
*> 10.1.13.0/24     0.0.0.0                  0         32768 ?
*>i10.1.24.0/24     4.4.4.4                  0    100      0 ?
*> 11.11.11.0/24    0.0.0.0                  0         32768 ?
*>i22.22.22.0/24    4.4.4.4                  0    100      0 ?
PE1(config)#
PE2(config)#do show ip bgp vpnv4 all sum
BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 13, main routing table version 13
6 network entries using 936 bytes of memory
6 path entries using 408 bytes of memory
3/2 BGP path/bestpath attribute entries using 504 bytes of memory
1 BGP extended community entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 1904 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 15 secs
Neighbor        V          AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
3.3.3.3         4        100      78      78       13    0    0 01:12:28        3
PE2(config)#
PE2(config)#
PE2(config)#do show ip bgp vpnv4 all
BGP table version is 13, local router ID is 4.4.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VPN_A)
*>i1.1.1.0/24       3.3.3.3                  0    100      0 ?
*> 2.2.2.0/24       0.0.0.0                  0         32768 ?
*>i10.1.13.0/24     3.3.3.3                  0    100      0 ?
*> 10.1.24.0/24     0.0.0.0                  0         32768 ?
*>i11.11.11.0/24    3.3.3.3                  0    100      0 ?
*> 22.22.22.0/24    0.0.0.0                  0         32768 ?
PE2(config)#
PE2(config)#