MPLS Lab 007 CE-PE Routing Using Redistribute RIPv2

Image requirements:
VIRL: IOSv 15.7
EVE-NG: Cisco vIOS Router vios-15.6
GNS3: vios-adventerprisek9-m.vmdk.SPA.156-2.T



Description:
Continue the series of CE-PE routing, this lab will be introducing RIPv2 as routing choice between ISP and its clients. Additionally, the third location has been opened and at PE3 site customer's router CE1-C is connected. You will be configuring the L3 MPLS VPN between all three locations, ensuring that LAN-to-LAN connectivity is operational across the entire infrastructure of the customer's network.



Topology:


Download Lab: EVE-NG | GNS3




Scenario:
Another contract has been signed, this client desires to use RIPv2 as the mechanism to exchange routes between the ISP and its private networks, there are three locations needed to be interconnected over the MPLS cloud, the same standard procedure has to be implemented, configuring the VRF, exchange routes with the client, redistribute into BGP VPNv4 tables and finally verify the proper operation of the service.



Lab tasks:
1. Configure VRF CE1 on all routers connected to the customer's locations.
2. Assign VRF CE1 to the G0/3 interfaces on the PE routers.
3. Exchange prefixes using the RIPv2 routing protocol.
4. Redistribute routes between the BGP VPNv4 and RIPv2 routing structures.
5. Verify that customers' sites able to communicate with each other.



Lab procedure:


Task1: Set up VRFs named CE1 at PE2, PE3, PE4.
Configuration:
PE2(config)#vrf definition CE1
PE2(config-vrf)#rd 1700:1700
PE2(config-vrf)#address-family ipv4 unicast
PE2(config-vrf-af)#route-target export 1700:1700
PE2(config-vrf-af)#route-target import 1700:1700
PE2(config-vrf-af)# exit
Complete the same configuration on the remaining LSRs.

Verification:
PE2# show vrf brief
PE2# show vrf detail CE1



Task2: Assign VRF CE1 to the G0/3 interfaces on the PE routers.
Configuration:
PE2(config)#interface g0/3
PE2(config-if)#vrf forwarding CE1
PE2(config-if)#ip address 10.150.0.2 255.255.255.252
PE2(config-if)#exit

Verification:
PE2#show ip route vrf CE1
Routing Table: CE1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.150.0.0/30 is directly connected, GigabitEthernet0/3
L 10.150.0.2/32 is directly connected, GigabitEthernet0/3



Task3: Exchange prefixes using the RIPv2 routing protocol. 

Configuring nodes PE2 and CE1-A:
CE1-A(config)#router rip
CE1-A(config-router)#version 2
CE1-A(config-router)#no auto-summary
CE1-A(config-router)#network 10.0.0.0
CE1-A(config-router)#end

PE2(config)#router rip
PE2(config-router)#address-family ipv4 unicast vrf CE1
PE2(config-router-af)#version 2
PE2(config-router-af)#no auto-summary
PE2(config-router-af)#network 10.0.0.0
PE2(config-router-af)#end
Complete the same configuration on the remaining LSRs and CE routers.

Verification:
PE2#show ip route vrf CE1 rip
PE2#show ip protocols



Task4: Redistribute routes between the BGP VPNv4 and RIPv2 routing structures.
Configuring node PE2:
PE2(config)#router bgp 64500
PE2(config-router)#address-family ipv4 unicast vrf CE1
PE2(config-router-af)#redistribute rip
PE2(config-router-af)# end
PE2(config)#router rip
PE2(config-router)#address-family ipv4 unicast vrf CE1
PE2(config-router-af)#redistribute bgp 64500 metric 2
PE2(config-router-af)# end
Complete the same configuration on the remaining LSRs.

Verification:
PE2#show bgp vpnv4 unicast vrf CE1
PE2#show ip route vrf CE1




Task5: Verify that customers' sites able to communicate with each other.
Verify from ISP, let's see how the redistribution worked out, jumping to the PE2 CLI run some show commands:
PE2#show bgp vpnv4 unicast vrf CE1
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1700:1700 (default for vrf CE1)
*> 10.150.0.0/30 0.0.0.0 0 32768 ?
*>i 10.150.0.4/30 10.100.0.14 0 100 0 ?
*>i 10.150.0.8/30 10.100.0.13 0 100 0 ?
*> 10.155.0.0/24 10.150.0.1 2 32768 ?
*>i 10.160.0.0/24 10.100.0.14 1 100 0 ?
*>i 10.165.0.0/24 10.100.0.13 1 100 0 ?
PE2#
We got three /30 link subnets and three /24 subnets each comes from the customer's respective location. You can derive that PE2 according to the output able to reach LAN networks off the CE1-A, CE1-B, and CE1-C routers. But further confirmation is necessary, let's now see the VRF CE1 routing table: 

PE2#show ip route vrf CE1
Routing Table: CE1
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 7 subnets, 3 masks
C 10.150.0.0/30 is directly connected, GigabitEthernet0/3
L 10.150.0.2/32 is directly connected, GigabitEthernet0/3
B 10.150.0.4/30 [200/0] via 10.100.0.14, 00:16:30
B 10.150.0.8/30 [200/0] via 10.100.0.13, 00:10:54
R 10.155.0.0/24 [120/1] via 10.150.0.1, 00:00:17, GigabitEthernet0/3
B 10.160.0.0/24 [200/1] via 10.100.0.14, 00:16:30
B 10.165.0.0/24 [200/1] via 10.100.0.13, 00:10:54
PE2#
RIB looks promising, we got the 10.155.0.0/24 network via RIPv2 which is off the CE1-A and two other networks coming over the MPLS cloud because of BGP, as well /30 link subnets are here too, everything seems fine but the ping would verify if connectivity actually occurs, lets ping IP addresses in all three LAN networks:
PE2#ping vrf CE1 10.155.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.155.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 2/2/4 ms
PE2#
PE2#ping vrf CE1 10.160.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.160.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/5 ms
PE2#
PE2#ping vrf CE1 10.165.0.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.165.0.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/5 ms
PE2#
In conclusion, obviously ISP able to reach all three customer's LAN networks and this is great but what about the client's infrastructure, will LAN-to-LAN communication work?

Verifying from the customer's site:
CE1-A#show ip route
Gateway of last resort is not set
10.0.0.0/8 is variably subnetted, 8 subnets, 3 masks
C 10.150.0.0/30 is directly connected, GigabitEthernet0/1
L 10.150.0.1/32 is directly connected, GigabitEthernet0/1
R 10.150.0.4/30 [120/2] via 10.150.0.2, 00:00:19, GigabitEthernet0/1
R 10.150.0.8/30 [120/2] via 10.150.0.2, 00:00:19, GigabitEthernet0/1
C 10.155.0.0/24 is directly connected, Loopback0
L 10.155.0.1/32 is directly connected, Loopback0
R 10.160.0.0/24 [120/2] via 10.150.0.2, 00:00:19, GigabitEthernet0/1
R 10.165.0.0/24 [120/2] via 10.150.0.2, 00:00:19, GigabitEthernet0/1

Alright, routing table looks fine as well, let's see if the ping will be successful:
CE1-A#ping 10.160.0.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.160.0.1, timeout is 2 seconds:
Packet sent with a source address of 10.155.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 6/6/7 ms
CE1-A#ping 10.165.0.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.165.0.1, timeout is 2 seconds:
Packet sent with a source address of 10.155.0.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 5/5/6 ms
CE1-A#
You can also access the rest of the client's routers and obtain confirmation there.



Summary:
Using dynamic routing protocol for CE-PE routing has many advantages, it removes manual configuration related to the static routing which prone to human errors, allows the customer's network engineers to add more prefixes without ISP awareness reducing the time spending on the technical support. But when issues arise be aware of the double redistribution at the BGP and IGP router configuration. The next lab will be similar to this but instead using EIGRP as the CE-PE routing choice.

Comments

  1. Harrah's Cherokee Casino & Hotel - Mapyro
    Get directions, reviews and information for 밀양 출장마사지 Harrah's 동두천 출장안마 Cherokee Casino 포항 출장샵 & Hotel 아산 출장안마 in Cherokee, NC. 안성 출장안마 Harrah's Cherokee Casino Hotel. Map. Address: 9300 North Carolina Highway 50.

    ReplyDelete

Post a Comment

Popular Posts