MPLS Lab 009 CE-PE Routing Using Redistribute IS-IS
Image requirements:
VIRL: IOSv 15.7
EVE-NG: Cisco vIOS Router vios-15.6
GNS3: vios-adventerprisek9-m.vmdk.SPA.156-2.T
Description:
IS-IS will be routing protocol of the choice for new service with another customer, this contract will be including the installation of L3 MPLS VPN services at the three remote locations, client expecting completion of the work as soon as possible, bring your excellent skills, obtained from the previous experience to this project, implement the configuration of VRF, CE-PE routing using IS-IS, and MP-BGP protocol.
Topology:
Download Lab: EVE-NG | GNS3
Scenario:
Another contract has been signed, this client needs to use IS-IS as the mechanism to exchange routes between the ISP and its private networks, there are three locations needed to be interconnected over the MPLS cloud, the same standard procedure has to be implemented, configuring the VRF, exchange routes with the client, redistribute into BGP VPNv4 tables and finally verify the proper operation of the service.
Lab tasks:
1. Configure VRF CE1 on all PE routers connected to the customer's locations.
2. Assign VRF CE1 to the G0/3 interfaces on the PE routers.
3. Exchange prefixes using the IS-IS routing protocol.
4. Redistribute routes between the BGP VPNv4 and IS-IS routing structures.
5. Verify that customers' sites able to communicate with each other.
Lab procedure:
Task1: Implement VRFs named CE1 at PE2, PE3, PE4.
Configuration:
PE2(config)#vrf definition CE1
PE2(config-vrf)#rd 1900:1900
PE2(config-vrf)#address-family ipv4 unicast
PE2(config-vrf-af)#route-target export 1900:1900
PE2(config-vrf-af)#route-target import 1900:1900
PE2(config-vrf-af)# exit
Complete the same configuration on the remaining LSRs.
Verification:
PE2# show vrf brief
PE2# show vrf detail CE1
Task2: Assign VRF CE1 to the G0/3 interfaces on the PE routers.
Configuration:
PE2(config)#interface g0/3
PE2(config-if)#vrf forwarding CE1
PE2(config-if)#ip address 10.150.0.2 255.255.255.252
PE2(config-if)#exit
Verification:
PE2#show ip route vrf CE1
Routing Table: CE1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.150.0.0/30 is directly connected, GigabitEthernet0/3
L 10.150.0.2/32 is directly connected, GigabitEthernet0/3
Task3: Exchange prefixes using the IS-IS routing protocol.
Configuring nodes PE2 and CE1-A:
PE2(config)#router isis
PE2(config-router)#net 49.FFFF.0000.0000.00E2.00
PE2(config-router)#is-type level-2-only
PE2(config-router)#metric-style wide
PE2(config-router)#vrf CE1
PE2(config-router)#exit
PE2(config)#interface g0/3
PE2(config-if)#ip router isis
PE2(config-if)#isis network point-to-point
PE2(config-if)#isis circuit-type level-2-only
PE2(config-if)#exit
PE2(config)#
CE1-A(config)#router isis
CE1-A(config-router)#net 49.FFFF.0000.0000.CE1A.00
CE1-A(config-router)#is-type level-2-only
CE1-A(config-router)#metric-style wide
CE1-A(config-router)#exit
CE1-A(config)#interface range g0/1, lo0
CE1-A(config-if-range)#ip router isis
CE1-A(config-if-range)#exit
CE1-A(config)#interface g0/1
CE1-A(config-if)#isis network point-to-point
CE1-A(config-if)#isis circuit-type level-2-only
CE1-A(config-if)#exit
CE1-A(config)#
Complete the same configuration on the remaining LSRs and CE routers.
Network Entity Title:
PE3: 49.EEEE.0000.0000.00E3.00
CE1-C: 49.EEEE.0000.0000.CE1C.00
PE4: 49.DDDD.0000.0000.00E4.00
CE1-B: 49.DDDD.0000.0000.CE1B.00
Verification:
PE2#show isis protocol
PE2#show isis neighbors
PE2#show isis database
PE2#show ip route vrf CE1 isis
Task4: Redistribute routes between the BGP VPNv4 and IS-IS routing structures.
Configuring node PE2:
PE2(config)#router bgp 64500
PE2(config-router)#address-family ipv4 unicast vrf CE1
PE2(config-router-af)#redistribute isis level-2
PE2(config-router-af)# end
PE2(config)#router isis
PE2(config-router)#redistribute bgp 64500
Complete the same configuration on the remaining LSRs.
Verification:
PE2#show bgp vpnv4 unicast vrf CE1
PE2#show ip route vrf CE1
Task5: Verify that customers' sites able to communicate with each other.
Check the BGP VPNv4 table on the PE routers and as well CE1 VRF routing tables:
PE2# show bgp vpnv4 unicast vrf CE1
PE2# show ip route vrf CE1
Check the IS-IS routing table and ping remote LAN networks' IP addresses from CE routers:
CE1-A#show ip route isis
CE1-A#ping 10.160.0.1 source lo0
CE1-A#ping 10.165.0.1 source lo0
Summary:
Variety of routing choice is extended, knowing how does the ISP side interact with each of routing protocol for CE-PE prefixes exchange purpose is important because being network specialist at the ISP does not give you a choice to select the routing type, it is business decision which belongs to the customer, for whatever the reason they prefer one or another routing mechanism you as network engineer could accommodate client's needs with your ability to provide solutions for every possible outcome in the L3 MPLS VPN deployment. IS-IS protocol is a great choice for many reasons, this lab has given you the opportunity to learn a new skill, there is a lot more to this protocol but for the MPLS VPN deployment you need to understand if your ISP using the IS-IS to assist LDP for label distribution and the customer wants to use it too, then you will have on the PE routers several instances of IS-IS running at the same time which can lead to the mistaken application of configurations to one or another instance and in worst case scenario you can break the MPLS backbone network causing the outages to the multiple customers.
VIRL: IOSv 15.7
EVE-NG: Cisco vIOS Router vios-15.6
GNS3: vios-adventerprisek9-m.vmdk.SPA.156-2.T
Description:
IS-IS will be routing protocol of the choice for new service with another customer, this contract will be including the installation of L3 MPLS VPN services at the three remote locations, client expecting completion of the work as soon as possible, bring your excellent skills, obtained from the previous experience to this project, implement the configuration of VRF, CE-PE routing using IS-IS, and MP-BGP protocol.
Topology:
Download Lab: EVE-NG | GNS3
Scenario:
Another contract has been signed, this client needs to use IS-IS as the mechanism to exchange routes between the ISP and its private networks, there are three locations needed to be interconnected over the MPLS cloud, the same standard procedure has to be implemented, configuring the VRF, exchange routes with the client, redistribute into BGP VPNv4 tables and finally verify the proper operation of the service.
Lab tasks:
1. Configure VRF CE1 on all PE routers connected to the customer's locations.
2. Assign VRF CE1 to the G0/3 interfaces on the PE routers.
3. Exchange prefixes using the IS-IS routing protocol.
4. Redistribute routes between the BGP VPNv4 and IS-IS routing structures.
5. Verify that customers' sites able to communicate with each other.
Lab procedure:
Task1: Implement VRFs named CE1 at PE2, PE3, PE4.
Configuration:
PE2(config)#vrf definition CE1
PE2(config-vrf)#rd 1900:1900
PE2(config-vrf)#address-family ipv4 unicast
PE2(config-vrf-af)#route-target export 1900:1900
PE2(config-vrf-af)#route-target import 1900:1900
PE2(config-vrf-af)# exit
Complete the same configuration on the remaining LSRs.
Verification:
PE2# show vrf brief
PE2# show vrf detail CE1
Task2: Assign VRF CE1 to the G0/3 interfaces on the PE routers.
Configuration:
PE2(config)#interface g0/3
PE2(config-if)#vrf forwarding CE1
PE2(config-if)#ip address 10.150.0.2 255.255.255.252
PE2(config-if)#exit
Verification:
PE2#show ip route vrf CE1
Routing Table: CE1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.150.0.0/30 is directly connected, GigabitEthernet0/3
L 10.150.0.2/32 is directly connected, GigabitEthernet0/3
Task3: Exchange prefixes using the IS-IS routing protocol.
Configuring nodes PE2 and CE1-A:
PE2(config)#router isis
PE2(config-router)#net 49.FFFF.0000.0000.00E2.00
PE2(config-router)#is-type level-2-only
PE2(config-router)#metric-style wide
PE2(config-router)#vrf CE1
PE2(config-router)#exit
PE2(config)#interface g0/3
PE2(config-if)#ip router isis
PE2(config-if)#isis network point-to-point
PE2(config-if)#isis circuit-type level-2-only
PE2(config-if)#exit
PE2(config)#
CE1-A(config)#router isis
CE1-A(config-router)#net 49.FFFF.0000.0000.CE1A.00
CE1-A(config-router)#is-type level-2-only
CE1-A(config-router)#metric-style wide
CE1-A(config-router)#exit
CE1-A(config)#interface range g0/1, lo0
CE1-A(config-if-range)#ip router isis
CE1-A(config-if-range)#exit
CE1-A(config)#interface g0/1
CE1-A(config-if)#isis network point-to-point
CE1-A(config-if)#isis circuit-type level-2-only
CE1-A(config-if)#exit
CE1-A(config)#
Complete the same configuration on the remaining LSRs and CE routers.
Network Entity Title:
PE3: 49.EEEE.0000.0000.00E3.00
CE1-C: 49.EEEE.0000.0000.CE1C.00
PE4: 49.DDDD.0000.0000.00E4.00
CE1-B: 49.DDDD.0000.0000.CE1B.00
Verification:
PE2#show isis protocol
PE2#show isis neighbors
PE2#show isis database
PE2#show ip route vrf CE1 isis
Task4: Redistribute routes between the BGP VPNv4 and IS-IS routing structures.
Configuring node PE2:
PE2(config)#router bgp 64500
PE2(config-router)#address-family ipv4 unicast vrf CE1
PE2(config-router-af)#redistribute isis level-2
PE2(config-router-af)# end
PE2(config)#router isis
PE2(config-router)#redistribute bgp 64500
Complete the same configuration on the remaining LSRs.
Verification:
PE2#show bgp vpnv4 unicast vrf CE1
PE2#show ip route vrf CE1
Task5: Verify that customers' sites able to communicate with each other.
Check the BGP VPNv4 table on the PE routers and as well CE1 VRF routing tables:
PE2# show bgp vpnv4 unicast vrf CE1
PE2# show ip route vrf CE1
Check the IS-IS routing table and ping remote LAN networks' IP addresses from CE routers:
CE1-A#show ip route isis
CE1-A#ping 10.160.0.1 source lo0
CE1-A#ping 10.165.0.1 source lo0
Summary:
Variety of routing choice is extended, knowing how does the ISP side interact with each of routing protocol for CE-PE prefixes exchange purpose is important because being network specialist at the ISP does not give you a choice to select the routing type, it is business decision which belongs to the customer, for whatever the reason they prefer one or another routing mechanism you as network engineer could accommodate client's needs with your ability to provide solutions for every possible outcome in the L3 MPLS VPN deployment. IS-IS protocol is a great choice for many reasons, this lab has given you the opportunity to learn a new skill, there is a lot more to this protocol but for the MPLS VPN deployment you need to understand if your ISP using the IS-IS to assist LDP for label distribution and the customer wants to use it too, then you will have on the PE routers several instances of IS-IS running at the same time which can lead to the mistaken application of configurations to one or another instance and in worst case scenario you can break the MPLS backbone network causing the outages to the multiple customers.
Comments
Post a Comment