Scribd
Upload
70 views

MPLS Layer 3 VPN

Uploaded by

Nguyen Vu Thanh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
70 views

MPLS Layer 3 VPN

Uploaded by

Nguyen Vu Thanh
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 106

Cisco ASR 9000 Series Aggregation

Services Router MPLS Layer 3 VPN


Configuration Guide

Americas Headquarters
Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134-1706
USA
http://www.cisco.com
Tel: 408 526-4000
800 553-NETS (6387)
Fax: 408 527-0883

Text Part Number: OL-23110-01


THE SPECIFICATIONS AND INFORMATION REGARDING THE PRODUCTS IN THIS MANUAL ARE SUBJECT TO CHANGE WITHOUT NOTICE. ALL
STATEMENTS, INFORMATION, AND RECOMMENDATIONS IN THIS MANUAL ARE BELIEVED TO BE ACCURATE BUT ARE PRESENTED WITHOUT
WARRANTY OF ANY KIND, EXPRESS OR IMPLIED. USERS MUST TAKE FULL RESPONSIBILITY FOR THEIR APPLICATION OF ANY PRODUCTS.

THE SOFTWARE LICENSE AND LIMITED WARRANTY FOR THE ACCOMPANYING PRODUCT ARE SET FORTH IN THE INFORMATION PACKET THAT
SHIPPED WITH THE PRODUCT AND ARE INCORPORATED HEREIN BY THIS REFERENCE. IF YOU ARE UNABLE TO LOCATE THE SOFTWARE LICENSE
OR LIMITED WARRANTY, CONTACT YOUR CISCO REPRESENTATIVE FOR A COPY.

The Cisco implementation of TCP header compression is an adaptation of a program developed by the University of California, Berkeley (UCB) as part of UCB’s public
domain version of the UNIX operating system. All rights reserved. Copyright © 1981, Regents of the University of California.

NOTWITHSTANDING ANY OTHER WARRANTY HEREIN, ALL DOCUMENT FILES AND SOFTWARE OF THESE SUPPLIERS ARE PROVIDED “AS IS” WITH
ALL FAULTS. CISCO AND THE ABOVE-NAMED SUPPLIERS DISCLAIM ALL WARRANTIES, EXPRESSED OR IMPLIED, INCLUDING, WITHOUT
LIMITATION, THOSE OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OR ARISING FROM A COURSE OF
DEALING, USAGE, OR TRADE PRACTICE.

IN NO EVENT SHALL CISCO OR ITS SUPPLIERS BE LIABLE FOR ANY INDIRECT, SPECIAL, CONSEQUENTIAL, OR INCIDENTAL DAMAGES, INCLUDING,
WITHOUT LIMITATION, LOST PROFITS OR LOSS OR DAMAGE TO DATA ARISING OUT OF THE USE OR INABILITY TO USE THIS MANUAL, EVEN IF CISCO
OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at
www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership
relationship between Cisco and any other company. (1005R)

Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display
output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in
illustrative content is unintentional and coincidental.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
© 2010 Cisco Systems, Inc. All rights reserved.
CONTENTS

Preface VPC-vii

Changes to This Document VPC-vii

Obtaining Documentation and Submitting a Service Request VPC-vii

Implementing MPLS Layer 3 VPNs VPC-1

Contents VPC-2

Prerequisites for Implementing MPLS L3VPN VPC-2

MPLS L3VPN Restrictions VPC-3

Information About MPLS Layer 3 VPNs VPC-3


MPLS L3VPN Overview VPC-3
MPLS L3VPN Benefits VPC-4
How MPLS L3VPN Works VPC-5
Virtual Routing and Forwarding Tables VPC-5
VPN Routing Information: Distribution VPC-5
BGP Distribution of VPN Routing Information VPC-6
MPLS Forwarding VPC-6
Automatic Route Distinguisher Assignment VPC-7
MPLS L3VPN Major Components VPC-7
Inter-AS Support for L3VPN VPC-7
Inter-AS Support: Overview VPC-8
Inter-AS and ASBRs VPC-8
Confederations VPC-9
MPLS VPN Inter-AS BGP Label Distribution VPC-10
Exchanging IPv4 Routes with MPLS labels VPC-11
BGP Routing Information VPC-12
BGP Messages and MPLS Labels VPC-12
Sending MPLS Labels with Routes VPC-13
Carrier Supporting Carrier Support for L3VPN VPC-14
CSC Prerequisites VPC-14
CSC Benefits VPC-14
Configuration Options for the Backbone and Customer Carriers VPC-15
Customer Carrier: ISP with IP Core VPC-15
Customer Carrier: MPLS Service Provider VPC-16

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 iii
Contents

How to Implement MPLS Layer 3 VPNs VPC-17


Configuring the Core Network VPC-17
Assessing the Needs of MPLS VPN Customers VPC-17
Configuring Routing Protocols in the Core VPC-18
Configuring MPLS in the Core VPC-18
Determining if FIB Is Enabled in the Core VPC-18
Configuring Multiprotocol BGP on the PE Routers and Route Reflectors VPC-19
Connecting MPLS VPN Customers VPC-20
Defining VRFs on the PE Routers to Enable Customer Connectivity VPC-21
Configuring VRF Interfaces on PE Routers for Each VPN Customer VPC-23
Configuring BGP as the Routing Protocol Between the PE and CE Routers VPC-25
Configuring RIPv2 as the Routing Protocol Between the PE and CE Routers VPC-29
Configuring Static Routes Between the PE and CE Routers VPC-32
Configuring OSPF as the Routing Protocol Between the PE and CE Routers VPC-33
Configuring EIGRP as the Routing Protocol Between the PE and CE Routers VPC-36
Configuring EIGRP Redistribution in the MPLS VPN VPC-39
Providing VPN Connectivity Across Multiple Autonomous Systems with MPLS VPN Inter-AS with
ASBRs Exchanging IPv4 Routes and MPLS Labels VPC-41
Configuring ASBRs to Exchange IPv4 Routes and MPLS Labels VPC-41
Configuring the Route Reflectors to Exchange VPN-IPv4 Routes VPC-44
Configuring the Route Reflector to Reflect Remote Routes in its AS VPC-47
Providing VPN Connectivity Across Multiple Autonomous Systems with MPLS VPN Inter-AS with
ASBRs Exchanging VPN-IPv4 Addresses VPC-50
Configuring the ASBRs to Exchange VPN-IPv4 Addresses VPC-50
Configuring EBGP Routing to Exchange VPN Routes Between Subautonomous Systems in a
Confederation VPC-54
Configuring MPLS Forwarding for ASBR Confederations VPC-56
Configuring a Static Route to an ASBR Confederation Peer VPC-58
Configuring Carrier Supporting Carrier VPC-60
Identifying the Carrier Supporting Carrier Topology VPC-60
Configuring the Backbone Carrier Core VPC-61
Configuring the CSC-PE and CSC-CE Routers VPC-61
Configuring a Static Route to a Peer VPC-68
Verifying the MPLS Layer 3 VPN Configuration VPC-70
Configuration Examples for Implementing MPLS Layer 3 VPNs VPC-74
Configuring an MPLS VPN Using BGP: Example VPC-74
Configuring the Routing Information Protocol on the PE Router: Example VPC-75
Configuring the PE Router Using EIGRP: Example VPC-75
Configuration Examples for MPLS VPN CSC VPC-76
Configuring the Backbone Carrier Core: Examples VPC-76

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
iv OL-23110-01
Contents

Configuring the Links Between CSC-PE and CSC-CE Routers: Examples VPC-76
Configuring a Static Route to a Peer: Example VPC-77
Additional References VPC-78
Related Documents VPC-78
Standards VPC-78
MIBs VPC-78
RFCs VPC-79
Technical Assistance VPC-79

Implementing IPv6 VPN Provider Edge Transport over MPLS VPC-81

Contents VPC-81

Prerequisites for Implementing 6PE/VPE VPC-82

Information About 6PE/VPE VPC-82


Overview of 6PE/VPE VPC-82
Benefits of 6PE/VPE VPC-83
Deploying IPv6 over MPLS Backbones VPC-83
IPv6 on the Provider Edge and Customer Edge Routers VPC-83
IPv6 Provider Edge Multipath VPC-84
How to Implement 6PE/VPE VPC-84
Configuring 6PE/VPE VPC-84
Configuring PE to PE Core VPC-86
Configuring PE to CE Core VPC-90
Configuration Examples for 6PE VPC-94
Configuring 6PE on a PE Router: Example VPC-94
Configuring 6VPE on a PE Router: Example VPC-94
Additional References VPC-95
Related Document VPC-95
Standards VPC-95
MIBs VPC-96
RFCs VPC-96
Technical Assistance VPC-96

Index

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 v
Contents

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
vi OL-23110-01
Preface

The preface consists of these sections:


• Changes to This Document, page VPC-vii
• Obtaining Documentation and Submitting a Service Request, page VPC-vii

Changes to This Document


Table 1 lists the technical changes made to this document since it was first printed.

Table 1 Changes to This Document

Revision Date Change Summary


OL-23110-01 September 2010 Initial release of this document.

Obtaining Documentation and Submitting a Service Request


For information on obtaining documentation, submitting a service request, and gathering additional
information, see the monthly What’s New in Cisco Product Documentation, which also lists all new and
revised Cisco technical documentation, at:
http://www.cisco.com/en/US/docs/general/whatsnew/whatsnew.html
Subscribe to the What’s New in Cisco Product Documentation as a Really Simple Syndication (RSS) feed
and set content to be delivered directly to your desktop using a reader application. The RSS feeds are a free
service and Cisco currently supports RSS version 2.0.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 vii
Preface

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
viii OL-23110-01
Implementing MPLS Layer 3 VPNs

A Multiprotocol Label Switching (MPLS) Layer 3 Virtual Private Network (VPN) consists of a set of
sites that are interconnected by means of an MPLS provider core network. At each customer site, one or
more customer edge (CE) routers attach to one or more provider edge (PE) routers.
This module provides the conceptual and configuration information for MPLS Layer 3 VPNs on
Cisco ASR 9000 Series Aggregation Services Routers.

Note You must acquire an evaluation or permanent license in order to use MPLS Layer 3 VPN functionality.
However, if you are upgrading from a previous version of the software, MPLS Layer 3 VPN functionality
will continue to work using an implicit license for 90 days (during which time, you can purchase a
permanent license). For more information about licenses, see the Software Entitlement on
Cisco ASR 9000 Series Routers module in the Cisco ASR 9000 Series Aggregation Services Router
System Management Configuration Guide.

Note For a complete description of the commands listed in this module, refer to the Cisco ASR 9000 Series
Aggregation Services Router MPLS Command Reference . To locate documentation of other commands
that appear in this chapter, use the command reference master index, or search online.

Feature History for Implementing MPLS Layer 3 VPNs on Cisco ASR 9000 Series Routers

Release Modification
Release 3.7.2 This feature was introduced.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 1
Implementing MPLS Layer 3 VPNs
Contents

Contents
• Prerequisites for Implementing MPLS L3VPN, page VPC-2
• MPLS L3VPN Restrictions, page VPC-3
• Information About MPLS Layer 3 VPNs, page VPC-3
• How to Implement MPLS Layer 3 VPNs, page VPC-17
• Configuration Examples for Implementing MPLS Layer 3 VPNs, page VPC-74
• Additional References, page VPC-78

Prerequisites for Implementing MPLS L3VPN


These prerequisites are required to configure MPLS Layer 3 VPN:
• You must be in a user group associated with a task group that includes the proper task IDs. The
command reference guides include the task IDs required for each command.
If you suspect user group assignment is preventing you from using a command, contact your AAA
administrator for assistance.
These prerequisites are required for configuring MPLS VPN Inter-AS with autonomous system
boundary routers (ASBRs) exchanging VPN-IPV4 addresses or IPv4 routes and MPLS labels:
• Before configuring external Border Gateway Protocol (eBGP) routing between autonomous systems
or subautonomous systems in an MPLS VPN, ensure that all MPLS VPN routing instances and
sessions are properly configured (see the How to Implement MPLS Layer 3 VPNs, page VPC-17 for
procedures).
• These tasks must be performed:
– Define VPN routing instances
– Configure BGP routing sessions in the MPLS core
– Configure PE-to-PE routing sessions in the MPLS core
– Configure BGP PE-to-CE routing sessions
– Configure a VPN-IPv4 eBGP session between directly connected ASBRs
To configure MPLS Layer 3 VPNs, routers must support MPLS forwarding and Forwarding Information
Base (FIB).

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
2 OL-23110-01
Implementing MPLS Layer 3 VPNs
MPLS L3VPN Restrictions

MPLS L3VPN Restrictions


These are restrictions for implementing MPLS Layer 3 VPNs:
• Multihop VPN-IPv4 eBGP is not supported for configuring eBGP routing between autonomous
systems or subautonomous systems in an MPLS VPN.
• MPLS VPN supports only IPv4 address families.
These restrictions apply when configuring MPLS VPN Inter-AS with ASBRs exchanging IPv4 routes
and MPLS labels:
• For networks configured with eBGP multihop, a label switched path (LSP) must be configured
between nonadjacent routers.
• Inter-AS supports IPv4 routes only. IPv6 is not supported.

Note The physical interfaces that connect the BGP speakers must support FIB and MPLS.

These restrictions apply to routing protocols OSPF and RIP:


• IPv6 is not supported on OSPF and RIP.

Information About MPLS Layer 3 VPNs


To implement MPLS Layer 3 VPNs, you need to understand these concepts:
• MPLS L3VPN Overview, page VPC-3
• MPLS L3VPN Benefits, page VPC-4
• How MPLS L3VPN Works, page VPC-5
• MPLS L3VPN Major Components, page VPC-7

MPLS L3VPN Overview


Before defining an MPLS VPN, VPN in general must be defined. A VPN is:
• An IP-based network delivering private network services over a public infrastructure
• A set of sites that are allowed to communicate with each other privately over the Internet or other
public or private networks
Conventional VPNs are created by configuring a full mesh of tunnels or permanent virtual circuits
(PVCs) to all sites in a VPN. This type of VPN is not easy to maintain or expand, as adding a new site
requires changing each edge device in the VPN.
MPLS-based VPNs are created in Layer 3 and are based on the peer model. The peer model enables the
service provider and the customer to exchange Layer 3 routing information. The service provider relays
the data between the customer sites without customer involvement.
MPLS VPNs are easier to manage and expand than conventional VPNs. When a new site is added to an
MPLS VPN, only the edge router of the service provider that provides services to the customer site needs
to be updated.
The components of the MPLS VPN are described as follows:

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 3
Implementing MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs

• Provider (P) router—Router in the core of the provider network. PE routers run MPLS switching
and do not attach VPN labels to routed packets. VPN labels are used to direct data packets to the
correct private network or customer edge router.
• PE router—Router that attaches the VPN label to incoming packets based on the interface or
subinterface on which they are received, and also attaches the MPLS core labels. A PE router
attaches directly to a CE router.
• Customer (C) router—Router in the Internet service provider (ISP) or enterprise network.
• Customer edge (CE) router—Edge router on the network of the ISP that connects to the PE router
on the network. A CE router must interface with a PE router.
Figure 1 shows a basic MPLS VPN topology.

Figure 1 Basic MPLS VPN Topology

MPLS Backbone

Customer Site Customer Site


Provider (P)
routers

Customer Provider Edge Provider Edge Customer


Edge (PE) router (PE) router Edge
(CE) router (CE) router
Provider (P)
routers

103875
MPLS L3VPN Benefits
MPLS L3VPN provides these benefits:
• Service providers can deploy scalable VPNs and deliver value-added services.
• Connectionless service guarantees that no prior action is necessary to establish communication
between hosts.
• Centralized Service: Building VPNs in Layer 3 permits delivery of targeted services to a group of
users represented by a VPN.
• Scalability: Create scalable VPNs using connection-oriented, point-to-point overlays, Frame Relay,
or ATM virtual connections.
• Security: Security is provided at the edge of a provider network (ensuring that packets received from
a customer are placed on the correct VPN) and in the backbone.
• Integrated Quality of Service (QoS) support: QoS provides the ability to address predictable
performance and policy implementation and support for multiple levels of service in an MPLS VPN.
• Straightforward Migration: Service providers can deploy VPN services using a straightforward
migration path.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
4 OL-23110-01
Implementing MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs

• Migration for the end customer is simplified. There is no requirement to support MPLS on the CE
router and no modifications are required for a customer intranet.

How MPLS L3VPN Works


MPLS VPN functionality is enabled at the edge of an MPLS network. The PE router performs these
tasks:
• Exchanges routing updates with the CE router
• Translates the CE routing information into VPN version 4 (VPNv4) routes
• Exchanges VPNv4 routes with other PE routers through the Multiprotocol Border Gateway Protocol
(MP-BGP)

Virtual Routing and Forwarding Tables


Each VPN is associated with one or more VPN routing and forwarding (VRF) instances. A VRF defines
the VPN membership of a customer site attached to a PE router. A VRF consists of these components:
• An IP version 4 (IPv4) unicast routing table
• A derived FIB table
• A set of interfaces that use the forwarding table
• A set of rules and routing protocol parameters that control the information that is included in the
routing table
These components are collectively called a VRF instance.
A one-to-one relationship does not necessarily exist between customer sites and VPNs. A site can be a
member of multiple VPNs. However, a site can associate with only one VRF. A VRF contains all the
routes available to the site from the VPNs of which it is a member.
Packet forwarding information is stored in the IP routing table and the FIB table for each VRF. A
separate set of routing and FIB tables is maintained for each VRF. These tables prevent information from
being forwarded outside a VPN and also prevent packets that are outside a VPN from being forwarded
to a router within the VPN.

VPN Routing Information: Distribution


The distribution of VPN routing information is controlled through the use of VPN route target
communities, implemented by BGP extended communities. VPN routing information is distributed as
follows:
• When a VPN route that is learned from a CE router is injected into a BGP, a list of VPN route target
extended community attributes is associated with it. Typically, the list of route target community
extended values is set from an export list of route targets associated with the VRF from which the
route was learned.
• An import list of route target extended communities is associated with each VRF. The import list
defines route target extended community attributes that a route must have for the route to be
imported into the VRF. For example, if the import list for a particular VRF includes route target
extended communities A, B, and C, then any VPN route that carries any of those route target
extended communities—A, B, or C—is imported into the VRF.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 5
Implementing MPLS Layer 3 VPNs
Information About MPLS Layer 3 VPNs

BGP Distribution of VPN Routing Information


A PE router can learn an IP prefix from these sources:
• A CE router by static configuration
• An eBGP session with the CE router
• A Routing Information Protocol (RIP) exchange with the CE router
• Open Shortest Path First (OSPF), Enhanced Interior Gateway Routing Protocol (EIGRP), and RIP
as Interior Gateway Protocols (IGPs)
The IP prefix is a member of the IPv4 address family. After the PE router learns the IP prefix, the PE
converts it into the VPN-IPv4 prefix by combining it with a 64-bit route distinguisher. The generated
prefix is a member of the VPN-IPv4 address family. It uniquely identifies the customer address, even if
the customer site is using globally nonunique (unregistered private) IP addresses. The route distinguisher
used to generate the VPN-IPv4 prefix is specified by the rd command associated with the VRF on the
PE router.
BGP distributes reachability information for VPN-IPv4 prefixes for each VPN. BGP communication
takes place at two levels:
• Within the IP domain, known as an autonomous system.
• Between autonomous systems.
PE to PE or PE to route reflector (RR) sessions are iBGP sessions, and PE to CE sessions are eBGP
sessions. PE to CE eBGP sessions can be directly or indirectly connected (eBGP multihop).
BGP propagates reachability information for VPN-IPv4 prefixes among PE routers by the BGP protocol
extensions (see RFC 2283, Multiprotocol Extensions for BGP-4), which define support for address
families other than IPv4. Using the extensions ensures that the routes for a given VPN are learned only
by other members of that VPN, enabling members of the VPN to communicate with each other.

MPLS Forwarding
Based on routing information stored in the VRF IP routing table and the VRF FIB table, packets are
forwarded to their destination using MPLS.
A PE router binds a label to each customer prefix learned from a CE router and includes the label in the
network reachability information for the prefix that it advertises to other PE routers. When a PE router
forwards a packet received from a CE router across the provider network, it labels the packet with the
label learned from the destination PE router. When the destination PE router receives the labeled packet,
it pops the label and uses it to direct the packet to the correct CE router. Label forwarding across the
provider backbone is based on either dynamic label switching or traffic engineered paths. A customer
data packet carries two levels of labels when traversing the backbone:
• The top label directs the packet to the correct PE router.
• The second label indicates how that PE router should forward the packet to the CE router.
More labels can be stacked if other features are enabled. For example, if traffic engineering (TE) tunnels
with fast reroute (FRR) are enabled, the total number of labels imposed in the PE is four (Layer 3 VPN,
Label Distribution Protocol (LDP), TE, and FRR).

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
6 OL-23110-01
Implementing MPLS Layer 3 VPNs
Inter-AS Support for L3VPN

Automatic Route Distinguisher Assignment


To take advantage of iBGP load balancing, every network VRF must be assigned a unique route
distinguisher. VRFs require a route distinguisher for BGP to distinguish between potentially identical
prefixes received from different VPNs.
With thousands of routers in a network each supporting multiple VRFs, configuration and management
of route distinguishers across the network can present a problem. Cisco IOS XR software simplifies this
process by assigning unique route distinguisher to VRFs using the rd auto command.
To assign a unique route distinguisher for each router, you must ensure that each router has a unique BGP
router-id. If so, the rd auto command assigns a Type 1 route distinguisher to the VRF using this format:
ip-address:number. The IP address is specified by the BGP router-id statement and the number (which
is derived as an unused index in the 0 to 65535 range) is unique across the VRFs.
Finally, route distinguisher values are checkpointed so that route distinguisher assignment to VRF is
persistent across failover or process restart. If an route distinguisher is explicitely configured for a VRF,
this value is not overridden by the autoroute distinguisher.

MPLS L3VPN Major Components


An MPLS-based VPN network has three major components:
• VPN route target communities—A VPN route target community is a list of all members of a VPN
community. VPN route targets need to be configured for each VPN community member.
• Multiprotocol BGP (MP-BGP) peering of the VPN community PE routers—MP-BGP propagates
VRF reachability information to all members of a VPN community. MP-BGP peering needs to be
configured in all PE routers within a VPN community.
• MPLS forwarding—MPLS transports all traffic between all VPN community members across a
VPN service-provider network.
A one-to-one relationship does not necessarily exist between customer sites and VPNs. A given site can
be a member of multiple VPNs. However, a site can associate with only one VRF. A customer-site VRF
contains all the routes available to the site from the VPNs of which it is a member.

Inter-AS Support for L3VPN


This section contains these topics:
• Inter-AS Support: Overview, page VPC-8
• Inter-AS and ASBRs, page VPC-8
• Confederations, page VPC-9
• MPLS VPN Inter-AS BGP Label Distribution, page VPC-10
• Exchanging IPv4 Routes with MPLS labels, page VPC-11

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 7
Implementing MPLS Layer 3 VPNs
Inter-AS Support for L3VPN

Inter-AS Support: Overview


An autonomous system (AS) is a single network or group of networks that is controlled by a common
system administration group and uses a single, clearly defined routing protocol.
As VPNs grow, their requirements expand. In some cases, VPNs need to reside on different autonomous
systems in different geographic areas. In addition, some VPNs need to extend across multiple service
providers (overlapping VPNs). Regardless of the complexity and location of the VPNs, the connection
between autonomous systems must be seamless.
An MPLS VPN Inter-AS provides these benefits:
• Allows a VPN to cross more than one service provider backbone.
Service providers, running separate autonomous systems, can jointly offer MPLS VPN services to
the same end customer. A VPN can begin at one customer site and traverse different VPN service
provider backbones before arriving at another site of the same customer. Previously, MPLS VPN
could traverse only a single BGP autonomous system service provider backbone. This feature lets
multiple autonomous systems form a continuous, seamless network between customer sites of a
service provider.
• Allows a VPN to exist in different areas.
A service provider can create a VPN in different geographic areas. Having all VPN traffic flow
through one point (between the areas) allows for better rate control of network traffic between the
areas.
• Allows confederations to optimize iBGP meshing.
Internal Border Gateway Protocol (iBGP) meshing in an autonomous system is more organized and
manageable. You can divide an autonomous system into multiple, separate subautonomous systems
and then classify them into a single confederation. This capability lets a service provider offer
MPLS VPNs across the confederation, as it supports the exchange of labeled VPN-IPv4 Network
Layer Reachability Information (NLRI) between the subautonomous systems that form the
confederation.

Inter-AS and ASBRs


Separate autonomous systems from different service providers can communicate by exchanging IPv4
NLRI in the form of VPN-IPv4 addresses. The ASBRs use eBGP to exchange that information. Then an
Interior Gateway Protocol (IGP) distributes the network layer information for VPN-IPV4 prefixes
throughout each VPN and each autonomous system. These protocols are used for sharing routing
information:
• Within an autonomous system, routing information is shared using an IGP.
• Between autonomous systems, routing information is shared using an eBGP. An eBGP lets service
providers set up an interdomain routing system that guarantees the loop-free exchange of routing
information between separate autonomous systems.
The primary function of an eBGP is to exchange network reachability information between autonomous
systems, including information about the list of autonomous system routes. The autonomous systems use
EBGP border edge routers to distribute the routes, which include label switching information. Each
border edge router rewrites the next-hop and MPLS labels.
Inter-AS configurations supported in an MPLS VPN can include:

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
8 OL-23110-01
Implementing MPLS Layer 3 VPNs
Inter-AS Support for L3VPN

• Interprovider VPN—MPLS VPNs that include two or more autonomous systems, connected by
separate border edge routers. The autonomous systems exchange routes using eBGP. No IGP or
routing information is exchanged between the autonomous systems.
• BGP Confederations—MPLS VPNs that divide a single autonomous system into multiple
subautonomous systems and classify them as a single, designated confederation. The network
recognizes the confederation as a single autonomous system. The peers in the different autonomous
systems communicate over eBGP sessions; however, they can exchange route information as if they
were iBGP peers.

Confederations
A confederation is multiple subautonomous systems grouped together. A confederation reduces the total
number of peer devices in an autonomous system. A confederation divides an autonomous system into
subautonomous systems and assigns a confederation identifier to the autonomous systems. A VPN can
span service providers running in separate autonomous systems or multiple subautonomous systems that
form a confederation.
In a confederation, each subautonomous system is fully meshed with other subautonomous systems. The
subautonomous systems communicate using an IGP, such as Open Shortest Path First (OSPF) or
Intermediate System-to-Intermediate System (IS-IS). Each subautonomous system also has an eBGP
connection to the other subautonomous systems. The confederation eBGP (CEBGP) border edge routers
forward next-hop-self addresses between the specified subautonomous systems. The next-hop-self
address forces the BGP to use a specified address as the next hop rather than letting the protocol choose
the next hop.
You can configure a confederation with separate subautonomous systems two ways:
• Configure a router to forward next-hop-self addresses between only the CEBGP border edge routers
(both directions). The subautonomous systems (iBGP peers) at the subautonomous system border
do not forward the next-hop-self address. Each subautonomous system runs as a single IGP domain.
However, the CEBGP border edge router addresses are known in the IGP domains.
• Configure a router to forward next-hop-self addresses between the CEBGP border edge routers
(both directions) and within the iBGP peers at the subautonomous system border. Each
subautonomous system runs as a single IGP domain but also forwards next-hop-self addresses
between the PE routers in the domain. The CEBGP border edge router addresses are known in the
IGP domains.
Figure 2 illustrates a typical MPLS VPN confederation configuration. In this configuration:
• The two CEBGP border edge routers exchange VPN-IPv4 addresses with labels between the two
autonomous systems.
• The distributing router changes the next-hop addresses and labels and uses a next-hop-self address.
• IGP-1 and IGP-2 know the addresses of CEBGP-1 and CEBGP-2.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 9
Implementing MPLS Layer 3 VPNs
Inter-AS Support for L3VPN

Figure 2 eBGP Connection Between Two Subautonomous Systems in a Confederation

Service Provider 1 Service Provider 1


Sub-AS1 with Sub-AS2 with
IGP-1 IGP-2
Core of P Core of P
routers routers
eBGP intraconfederation
for VPNv4 routes with label
distribution
PE-1 PE-2 PE-3

CEGBP-1 CEBGP-2

CE-1 CE-2
CE-5
VPN 1

43880
CE-3 CE-4
VPN 1

In this confederation configuration:


• CEBGP border edge routers function as neighboring peers between the subautonomous systems.
The subautonomous systems use eBGP to exchange route information.
• Each CEBGP border edge router (CEBGP-1 and CEBGP-2) assigns a label for the router before
distributing the route to the next subautonomous system. The CEBGP border edge router distributes
the route as a VPN-IPv4 address by using the multiprotocol extensions of BGP. The label and the
VPN identifier are encoded as part of the NLRI.
• Each PE and CEBGP border edge router assigns its own label to each VPN-IPv4 address prefix
before redistributing the routes. The CEBGP border edge routers exchange IPV-IPv4 addresses with
the labels. The next-hop-self address is included in the label (as the value of the eBGP next-hop
attribute). Within the subautonomous systems, the CEBGP border edge router address is distributed
throughout the iBGP neighbors, and the two CEBGP border edge routers are known to both
confederations.
For more information about how to configure confederations, see the “Configuring MPLS Forwarding
for ASBR Confederations” section on page MPC-56.

MPLS VPN Inter-AS BGP Label Distribution

Note This section is not applicable to Inter-AS over IP tunnels.

You can set up the MPLS VPN Inter-AS network so that the ASBRs exchange IPv4 routes with MPLS
labels of the provider edge (PE) routers. Route reflectors (RRs) exchange VPN-IPv4 routes by using
multihop, multiprotocol external Border Gateway Protocol (eBGP). This method of configuring the
Inter-AS system is often called MPLS VPN Inter-AS BGP Label Distribution.
Configuring the Inter-AS system so that the ASBRs exchange the IPv4 routes and MPLS labels has these
benefits:

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
10 OL-23110-01
Implementing MPLS Layer 3 VPNs
Inter-AS Support for L3VPN

• Saves the ASBRs from having to store all the VPN-IPv4 routes. Using the route reflectors to store
the VPN-IPv4 routes and forward them to the PE routers results in improved scalability compared
with configurations in which the ASBR holds all the VPN-IPv4 routes and forwards the routes based
on VPN-IPv4 labels.
• Having the route reflectors hold the VPN-IPv4 routes also simplifies the configuration at the border
of the network.
• Enables a non-VPN core network to act as a transit network for VPN traffic. You can transport IPv4
routes with MPLS labels over a non-MPLS VPN service provider.
• Eliminates the need for any other label distribution protocol between adjacent label switch routers
(LSRs). If two adjacent LSRs are also BGP peers, BGP can handle the distribution of the MPLS
labels. No other label distribution protocol is needed between the two LSRs.

Exchanging IPv4 Routes with MPLS labels

Note This section is not applicable to Inter-AS over IP tunnels.

You can set up a VPN service provider network to exchange IPv4 routes with MPLS labels. You can
configure the VPN service provider network as follows:
• Route reflectors exchange VPN-IPv4 routes by using multihop, multiprotocol eBGP. This
configuration also preserves the next-hop information and the VPN labels across the autonomous
systems.
• A local PE router (for example, PE1 in Figure 3) needs to know the routes and label information for
the remote PE router (PE2).
This information can be exchanged between the PE routers and ASBRs in one of two ways:
– Internal Gateway Protocol (IGP) and Label Distribution Protocol (LDP): The ASBR can
redistribute the IPv4 routes and MPLS labels it learned from eBGP into IGP and LDP and from
IGP and LDP into eBGP.
– Internal Border Gateway Protocol (iBGP) IPv4 label distribution: The ASBR and PE router can
use direct iBGP sessions to exchange VPN-IPv4 and IPv4 routes and MPLS labels.
Alternatively, the route reflector can reflect the IPv4 routes and MPLS labels learned from the
ASBR to the PE routers in the VPN. This reflecting of learned IPv4 routes and MPLS labels is
accomplished by enabling the ASBR to exchange IPv4 routes and MPLS labels with the route
reflector. The route reflector also reflects the VPN-IPv4 routes to the PE routers in the VPN.
For example, in VPN1, RR1 reflects to PE1 the VPN-IPv4 routes it learned and IPv4 routes and
MPLS labels learned from ASBR1. Using the route reflectors to store the VPN-IPv4 routes and
forward them through the PE routers and ASBRs allows for a scalable configuration.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 11
Implementing MPLS Layer 3 VPNs
Inter-AS Support for L3VPN

Figure 3 VPNs Using eBGP and iBGP to Distribute Routes and MPLS Labels

Multihop
RR1 Multiprotocol RR2
VPNv4

BGP IPv4 routes


and label with
multipath support

PE1 ASBR1 ASBR2 PE2

59251
CE1 CE2
VPN1 VPN2

BGP Routing Information


BGP routing information includes these items:
• Network number (prefix), which is the IP address of the destination.
• Autonomous system (AS) path, which is a list of the other ASs through which a route passes on the
way to the local router. The first AS in the list is closest to the local router; the last AS in the list is
farthest from the local router and usually the AS where the route began.
• Path attributes, which provide other information about the AS path, for example, the next hop.

BGP Messages and MPLS Labels


MPLS labels are included in the update messages that a router sends. Routers exchange these types of
BGP messages:
• Open messages—After a router establishes a TCP connection with a neighboring router, the routers
exchange open messages. This message contains the number of the autonomous system to which the
router belongs and the IP address of the router that sent the message.
• Update messages—When a router has a new, changed, or broken route, it sends an update message
to the neighboring router. This message contains the NLRI, which lists the IP addresses of the usable
routes. The update message includes any routes that are no longer usable. The update message also
includes path attributes and the lengths of both the usable and unusable paths. Labels for VPN-IPv4
routes are encoded in the update message, as specified in RFC 2858. The labels for the IPv4 routes
are encoded in the update message, as specified in RFC 3107.
• Keepalive messages—Routers exchange keepalive messages to determine if a neighboring router is
still available to exchange routing information. The router sends these messages at regular intervals.
(Sixty seconds is the default for Cisco routers.) The keepalive message does not contain routing
data; it contains only a message header.
• Notification messages—When a router detects an error, it sends a notification message.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
12 OL-23110-01
Implementing MPLS Layer 3 VPNs
Inter-AS Support for L3VPN

Sending MPLS Labels with Routes


When BGP (eBGP and iBGP) distributes a route, it can also distribute an MPLS label that is mapped to
that route. The MPLS label mapping information for the route is carried in the BGP update message that
contains the information about the route. If the next hop is not changed, the label is preserved.
When you issue the show bgp neighbors ip-address command on both BGP routers, the routers
advertise to each other that they can then send MPLS labels with the routes. If the routers successfully
negotiate their ability to send MPLS labels, the routers add MPLS labels to all outgoing BGP updates.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 13
Implementing MPLS Layer 3 VPNs
Carrier Supporting Carrier Support for L3VPN

Carrier Supporting Carrier Support for L3VPN


This section provides conceptual information about MPLS VPN Carrier Supporting Carrier (CSC)
functionality and includes these topics:
• CSC Prerequisites, page VPC-14
• CSC Benefits, page VPC-14
• Configuration Options for the Backbone and Customer Carriers, page VPC-15
Throughout this document, the following terminology is used in the context of CSC:
backbone carrier—Service provider that provides the segment of the backbone network to the other
provider. A backbone carrier offers BGP and MPLS VPN services.
customer carrier—Service provider that uses the segment of the backbone network. The customer
carrier may be an Internet service provider (ISP) or a BGP/MPLS VPN service provider.
CE router—A customer edge router is part of a customer network and interfaces to a provider edge (PE)
router. In this document, the CE router sits on the edge of the customer carrier network.
PE router—A provider edge router is part of a service provider's network connected to a customer edge
(CE) router. In this document, the PE router sits on the edge of the backbone carrier network
ASBR—An autonomous system boundary router connects one autonomous system to another.

CSC Prerequisites
These prerequisites are required to configure CSC:
• You must be able to configure MPLS VPNs with end-to-end (CE-to-CE router) pings working.
• You must be able to configure Interior Gateway Protocols (IGPs), MPLS Label Distribution Protocol
(LDP), and Multiprotocol Border Gateway Protocol (MP-BGP).
• You must ensure that CSC-PE and CSC-CE routers support BGP label distribution.

Note BGP is the only supported label distribution protocol on the link between CE and PE.

CSC Benefits
This section describes the benefits of CSC to the backbone carrier and customer carriers.

Benefits to the Backbone Carrier


• The backbone carrier can accommodate many customer carriers and give them access to its
backbone.
• The MPLS VPN carrier supporting carrier feature is scalable.
• The MPLS VPN carrier supporting carrier feature is a flexible solution.

Benefits to the Customer Carriers


• The MPLS VPN carrier supporting carrier feature removes from the customer carrier the burden of
configuring, operating, and maintaining its own backbone.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
14 OL-23110-01
Implementing MPLS Layer 3 VPNs
Carrier Supporting Carrier Support for L3VPN

• Customer carriers who use the VPN services provided by the backbone carrier receive the same level
of security that Frame Relay or ATM-based VPNs provide.
• Customer carriers can use any link layer technology to connect the CE routers to the PE routers.
• The customer carrier can use any addressing scheme and still be supported by a backbone carrier.

Benefits of Implementing MPLS VPN CSC Using BGP


The benefits of using BGP to distribute IPv4 routes and MPLS label routes are:
• BGP takes the place of an IGP and LDP in a VPN forwarding and routing instance (VRF) table.
• BGP is the preferred routing protocol for connecting two ISPs,

Configuration Options for the Backbone and Customer Carriers


To enable CSC, the backbone and customer carriers must be configured accordingly:
• The backbone carrier must offer BGP and MPLS VPN services.
• The customer carrier can take several networking forms. The customer carrier can be:
– An ISP with an IP core (see the “Customer Carrier: ISP with IP Core” section on page MPC-15).
– An MPLS service provider with or without VPN services (see “Customer Carrier: MPLS
Service Provider” section on page MPC-16).

Note An IGP in the customer carrier network is used to distribute next hops and loopbacks to the CSC-CE.
IBGP with label sessions are used in the customer carrier network to distribute next hops and loopbacks
to the CSC-CE.

Customer Carrier: ISP with IP Core


Figure 4 shows a network configuration where the customer carrier is an ISP. The customer carrier has
two sites, each of which is a point of presence (POP). The customer carrier connects these sites using a
VPN service provided by the backbone carrier. The backbone carrier uses MPLS or IP tunnels to provide
VPN services. The ISP sites use IP.

Figure 4 Network: Customer Carrier Is an ISP

ISP site 1 Backbone carrier ISP site 2


50846

IP MPLS IP

CSC-CE1 CSC-PE1 CSC-PE2 CSC-CE2

The links between the CE and PE routers use eBGP to distribute IPv4 routes and MPLS labels. Between
the links, the PE routers use multiprotocol iBGP to distribute VPNv4 routes.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 15
Implementing MPLS Layer 3 VPNs
Carrier Supporting Carrier Support for L3VPN

Customer Carrier: MPLS Service Provider


Figure 5 shows a network configuration where the backbone carrier and the customer carrier are
BGP/MPLS VPN service providers. The customer carrier has two sites. The customer carrier uses MPLS
in its network while the backbone carrier may use MPLS or IP tunnels in its network.

Figure 5 Network: Customer Carrier Is an MPLS VPN Service Provider

MP-IBGP exchanging VPNv4 prefixes

MP-IBGP exchanging VPNv4 prefixes

IPv4 + IPv4 +
labels labels

CE1 PE1 CSC-CE1 CSC-PE1 CSC-PE2 CSC-CE2 PE2 CE2

Customer carrier Backbone carrier Customer carrier

65682
MPLS VPN SP MPLS VPN SP MPLS VPN SP
In this configuration (Figure 5), the customer carrier can configure its network in one of these ways:
• The customer carrier can run an IGP and LDP in its core network. In this case, the CSC-CE1 router
in the customer carrier redistributes the eBGP routes it learns from the CSC-PE1 router of the
backbone carrier to an IGP.
• The CSC-CE1 router of the customer carrier system can run an IPv4 and labels iBGP session with
the PE1 router.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
16 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

How to Implement MPLS Layer 3 VPNs


This section contains instructions for these tasks:
• Configuring the Core Network, page VPC-17
• Connecting MPLS VPN Customers, page VPC-20
• Providing VPN Connectivity Across Multiple Autonomous Systems with MPLS VPN Inter-AS with
ASBRs Exchanging IPv4 Routes and MPLS Labels, page VPC-41 (optional)
• Providing VPN Connectivity Across Multiple Autonomous Systems with MPLS VPN Inter-AS with
ASBRs Exchanging VPN-IPv4 Addresses, page VPC-50 (optional)
• Configuring Carrier Supporting Carrier, page VPC-60 (optional)
• Verifying the MPLS Layer 3 VPN Configuration, page VPC-70

Configuring the Core Network


Configuring the core network includes these tasks:
• Assessing the Needs of MPLS VPN Customers, page VPC-17
• Configuring Routing Protocols in the Core, page VPC-18
• Configuring MPLS in the Core, page VPC-18
• Determining if FIB Is Enabled in the Core, page VPC-18
• Configuring Multiprotocol BGP on the PE Routers and Route Reflectors, page VPC-19

Assessing the Needs of MPLS VPN Customers


Before configuring an MPLS VPN, the core network topology must be identified so that it can best serve
MPLS VPN customers. Perform this task to identify the core network topology.

SUMMARY STEPS

1. Identify the size of the network.


2. Identify the routing protocols in the core.
3. Determine if MPLS High Availability support is required.
4. Determine if BGP load sharing and redundant paths are required.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 17
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

DETAILED STEPS

Command or Action Purpose


Step 1 Identify the size of the network. Identify these to determine the number of routers and ports
required:
• How many customers will be supported?
• How many VPNs are required for each customer?
• How many virtual routing and forwarding (VRF)
instances are there for each VPN?
Step 2 Identify the routing protocols in the core. Determine which routing protocols are required in the core
network.
Step 3 Determine if MPLS High Availability support is MPLS VPN nonstop forwarding and graceful restart are
required. supported on select routers and Cisco IOS XR software
releases.
Step 4 Determine if BGP load sharing and redundant paths Determine if BGP load sharing and redundant paths in the
are required. MPLS VPN core are required.

Configuring Routing Protocols in the Core


To configure a routing protocol, see the Cisco ASR 9000 Series Aggregation Services Routers Routing
Configuration Guide.

Configuring MPLS in the Core


To enable MPLS on all routers in the core, you must configure a Label Distribution Protocol (LDP). You
can use either of these as an LDP:
• MPLS LDP—See the Implementing MPLS Label Distribution Protocol on
Cisco ASR 9000 Series Routersfor configuration information.
• MPLS Traffic Engineering Resource Reservation Protocol (RSVP)—See Implementing RSVP for
MPLS-TE on Cisco ASR 9000 Series Routers module in this document for configuration
information.

Determining if FIB Is Enabled in the Core


Forwarding Information Base (FIB) must be enabled on all routers in the core, including the provider
edge (PE) routers. For information on how to determine if FIB is enabled, see the Implementing
Cisco Express Forwarding on Cisco ASR 9000 Series Routers module in the Cisco ASR 9000 Series
Aggregation Services Router IP Addresses and Services Configuration Guide.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
18 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring Multiprotocol BGP on the PE Routers and Route Reflectors


Perform this task to configure multiprotocol BGP (MP-BGP) connectivity on the PE routers and route
reflectors.

SUMMARY STEPS

1. configure
2. router bgp autonomous-system-number
3. address-family vpnv4 unicast

4. neighbor ip-address remote-as autonomous-system-number


5. address-family vpnv4 unicast
end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp autonomous-system-number Enters BGP configuration mode allowing you to configure
the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
Step 3 address-family vpnv4 unicast Enters VPNv4 address family configuration mode for the
VPNv4 address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family vpnv4 unicast
Step 4 neighbor ip-address remote-as Creates a neighbor and assigns it a remote autonomous
autonomous-system-number system number.

Example:
RP/0/RSP0/CPU0:router(config-bgp)# neighbor
172.168.40.24 remote-as 2002

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 19
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 5 address-family vpnv4 unicast Enters VPNv4 address family configuration mode for the
VPNv4 address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family vpnv4 unicast
Step 6 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting (yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# running configuration file, exits the configuration
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Connecting MPLS VPN Customers


To connect MPLS VPN customers to the VPN, perform these tasks:
• Defining VRFs on the PE Routers to Enable Customer Connectivity, page VPC-21
• Configuring VRF Interfaces on PE Routers for Each VPN Customer, page VPC-23
• Configuring BGP as the Routing Protocol Between the PE and CE Routers, page VPC-25 (optional)
• Configuring RIPv2 as the Routing Protocol Between the PE and CE Routers, page VPC-29
(optional)
• Configuring Static Routes Between the PE and CE Routers, page VPC-32 (optional)
• Configuring OSPF as the Routing Protocol Between the PE and CE Routers, page VPC-33
(optional)
• Configuring EIGRP as the Routing Protocol Between the PE and CE Routers, page VPC-36
(optional)
• Configuring EIGRP Redistribution in the MPLS VPN, page VPC-39 (optional)

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
20 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Defining VRFs on the PE Routers to Enable Customer Connectivity


Perform this task to define VPN routing and forwarding (VRF) instances.

SUMMARY STEPS

1. configure
2. vrf vrf-name
3. address-family ipv4 unicast
4. import route-policy policy-name
5. import route-target [as-number:nn | ip-address:nn]
6. export route-policy policy-name
7. export route-target [as-number:nn | ip-address:nn]
8. exit
9. exit
10. router bgp autonomous-system-number
11. vrf vrf-name
12. rd {as-number | ip-address | auto}
13. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 vrf vrf-name Configures a VRF instance and enters VRF configuration
mode.
Example:
RP/0/RSP0/CPU0:router(config)# vrf vrf_1
Step 3 address-family ipv4 unicast Enters VRF address family configuration mode for the IPv4
address family.
Example:
RP/0/RSP0/CPU0:router(config-vrf)#
address-family ipv4 unicast
Step 4 import route-policy policy-name Specifies a route policy that can be imported into the local
VPN.
Example:
RP/0/RSP0/CPU0:router(config-vrf-af)# import
route-policy policy_A

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 21
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 5 import route-target [as-number:nn | Allows exported VPN routes to be imported into the VPN if
ip-address:nn] one of the route targets of the exported route matches one of
the local VPN import route targets.
Example:
RP/0/RSP0/CPU0:router(config-vrf-af)# import
route-target 120:1
Step 6 export route-policy policy-name Specifies a route policy that can be exported from the local
VPN.
Example:
RP/0/RSP0/CPU0:router(config-vrf-af)# export
route-policy policy_B
Step 7 export route-target [as-number:nn | Associates the local VPN with a route target. When the
ip-address:nn] route is advertised to other provider edge (PE) routers, the
export route target is sent along with the route as an
Example: extended community.
RP/0/RSP0/CPU0:router(config-vrf-af)# export
route-target 120:2
Step 8 exit Exits VRF address family configuration mode and returns
the router to VRF configuration mode.
Example:
RP/0/RSP0/CPU0:router(config-vrf-af)# exit
Step 9 exit Exits VRF configuration mode and returns the router to
global configuration mode.
Example:
RP/0/RSP0/CPU0:router(config-vrf)# exit
Step 10 router bgp autonomous-system-number Enters BGP configuration mode allowing you to configure
the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
Step 11 vrf vrf-name Configures a VRF instance and enters VRF configuration
mode for BGP routing.
Example:
RP/0/RSP0/CPU0:router(config-bgp)# vrf vrf_1

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
22 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 12 rd {as-number | ip-address | auto} Automatically assigns a unique route distinguisher (RD) to
vrf_1.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf)# rd auto
Step 13 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-vrf)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-vrf)# commit running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Configuring VRF Interfaces on PE Routers for Each VPN Customer


Perform this task to associate a VPN routing and forwarding (VRF) instance with an interface or a
subinterface on the PE routers.

Note You must remove IPv4/IPv6 addresses from an interface prior to assigning, removing, or changing an
interface's VRF. If this is not done in advance, any attempt to change the VRF on an IP interface is
rejected.

SUMMARY STEPS

1. configure
2. interface type interface-path-id
3. vrf vrf-name
4. ipv4 address ipv4-address mask
5. end
or
commit

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 23
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 interface type interface-path-id Enters interface configuration mode.

Example:
RP/0/RSP0/CPU0:router(config)# interface
GigabitEthernet 0/3/0/0
Step 3 vrf vrf-name Configures a VRF instance and enters VRF configuration
mode.
Example:
RP/0/RSP0/CPU0:router(config-if)# vrf vrf_A
Step 4 ipv4 address ipv4-address mask Configures a primary IPv4 address for the specified
interface.
Example:
RP/0/RSP0/CPU0:router(config-if)# ipv4 address
192.168.1.27 255.255.255.0
Step 5 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-if)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-if)# commit running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
24 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring BGP as the Routing Protocol Between the PE and CE Routers


Perform this task to configure PE-to-CE routing sessions using BGP.

SUMMARY STEPS

1. configure
2. router bgp autonomous-system-number
3. bgp router-id {ip-address}
4. vrf vrf-name
5. label-allocation-mode per-ce
6. address-family ipv4 unicast
7. redistribute connected [metric metric-value] [route-policy route-policy-name]
or
redistribute isis process-id [level {1 | 1-inter-area | 2}] [metric metric-value] [route-policy
route-policy-name]
or
redistribute ospf process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]}] [metric
metric-value] [route-policy route-policy-name]
or
redistribute static [metric metric-value] [route-policy route-policy-name]
8. aggregate-address address/mask-length [as-set] [as-confed-set] [summary-only] [route-policy
route-policy-name]
9. network {ip-address/prefix-length | ip-address mask} [route-policy route-policy-name]
10. exit
11. neighbor ip-address
12. remote-as autonomous-system-number
13. password {clear | encrypted} password
14. ebgp-multihop [ttl-value]
15. address-family ipv4 unicast
16. allowas-in [as-occurrence-number]
17. route-policy route-policy-name in
18. route-policy route-policy-name out
19. end
or
commit

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 25
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp autonomous-system-number Enters Border Gateway Protocol (BGP) configuration mode
allowing you to configure the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
Step 3 bgp router-id {ip-address} Configures the local router with a router ID of
192.168.70.24.
Example:
RP/0/RSP0/CPU0:router(config-bgp)# bgp
router-id 192.168.70.24
Step 4 vrf vrf-name Configures a VPN routing and forwarding (VRF) instance
and enters VRF configuration mode for BGP routing.
Example:
RP/0/RSP0/CPU0:router(config-bgp)# vrf vrf_1
Step 5 label-allocation-mode per-ce Sets the MPLS VPN label allocation mode for each
customer edge (CE) label mode allowing the provider edge
(PE) router to allocate one label for every immediate
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf)#
next-hop.
label-allocation-mode per-ce
Step 6 address-family ipv4 unicast Enters VRF address family configuration mode for the IPv4
address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf)#
address-family ipv4 unicast
Step 7 redistribute connected [metric metric-value] Causes routes to be redistributed into BGP. The routes that
[route-policy route-policy-name] can be redistributed into BGP are:
or
• Connected
redistribute isis process-id [level {1 |
1-inter-area | 2}] [metric metric-value] • Intermediate System-to-Intermediate System (IS-IS)
[route-policy route-policy-name]
or • Open Shortest Path First (OSPF)
redistribute ospf process-id [match {external • Static
[1 | 2] | internal | nssa-external [1 | 2]}]
[metric metric-value] [route-policy
route-policy-name]
or
redistribute static [metric metric-value]
[route-policy route-policy-name]

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)#
redistribute connected

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
26 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 8 aggregate-address address/mask-length [as-set] Creates an aggregate address. The path advertised for this
[as-confed-set] [summary-only] [route-policy route is an autonomous system set consisting of all elements
route-policy-name]
contained in all paths that are being summarized.
• The as-set keyword generates autonomous system set
Example: path information and community information from
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)#
contributing paths.
aggregate-address 10.0.0.0/8 as-set
• The as-confed-set keyword generates autonomous
system confederation set path information from
contributing paths.
• The summary-only keyword filters all more specific
routes from updates.
• The route-policy route-policy-name keyword and
argument specify the route policy used to set the
attributes of the aggregate route.
Step 9 network {ip-address/prefix-length | ip-address Configures the local router to originate and advertise the
mask} [route-policy route-policy-name] specified network.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)#
network 172.20.0.0/16
Step 10 exit Exits VRF address family configuration mode and returns
the router to VRF configuration mode for BGP routing.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)# exit
Step 11 neighbor ip-address Places the router in VRF neighbor configuration mode for
BGP routing and configures the neighbor IP address
172.168.40.24 as a BGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf)# neighbor
172.168.40.24
Step 12 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
remote-as 2002
Step 13 password {clear | encrypted} password Configures neighbor 172.168.40.24 to use MD5
authentication with the password pswd123.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
password clear pswd123
Step 14 ebgp-multihop [ttl-value] Allows a BGP connection to neighbor 172.168.40.24.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
ebgp-multihop

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 27
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 15 address-family ipv4 unicast Enters VRF neighbor address family configuration mode
for BGP routing.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
address-family ipv4 unicast
Step 16 allowas-in [as-occurrence-number] Replaces the neighbor autonomous system number (ASN)
with the PE ASN in the AS path three times.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
allowas-in 3
Step 17 route-policy route-policy-name in Applies the In-Ipv4 policy to inbound IPv4 unicast routes.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
route-policy In-Ipv4 in
Step 18 route-policy route-policy-name out Applies the In-Ipv4 policy to outbound IPv4 unicast routes.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
route-policy In-Ipv4 in
Step 19 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)# [cancel]:
end
or – Entering yes saves configuration changes to the
running configuration file, exits the configuration
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
28 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring RIPv2 as the Routing Protocol Between the PE and CE Routers


Perform this task to configure provider edge (PE)-to-customer edge (CE) routing sessions using Routing
Information Protocol version 2 (RIPv2).

SUMMARY STEPS

1. configure
2. router rip
3. vrf vrf-name
4. interface type instance
5. site-of-origin {as-number:number | ip-address:number}
6. exit
7. redistribute bgp as-number [[external | internal | local] [route-policy name]
or
redistribute connected [route-policy name]
or
redistribute isis process-id [level-1 | level-1-2 | level-2] [route-policy name]
or
redistribute eigrp as-number [route-policy name]
or
redistribute ospf process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]}]
[route-policy name]
or
redistribute static [route-policy name]
8. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router rip Enters the Routing Information Protocol (RIP)
configuration mode allowing you to configure the RIP
routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router rip
Step 3 vrf vrf-name Configures a VPN routing and forwarding (VRF) instance
and enters VRF configuration mode for RIP routing.
Example:
RP/0/RSP0/CPU0:router(config-rip)# vrf vrf_1

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 29
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 4 interface type instance Enters VRF interface configuration mode.

Example:
RP/0/RSP0/CPU0:router(config-rip-vrf)#
interface GigabitEthernet 0/3/0/0
Step 5 site-of-origin {as-number:number | Identifies routes that have originated from a site so that the
ip-address:number} re-advertisement of that prefix back to the source site can be
prevented. Uniquely identifies the site from which a PE
Example: router has learned a route.
RP/0/RSP0/CPU0:router(config-rip-vrf-if)#
site-of-origin 200:1
Step 6 exit Exits VRF interface configuration mode, and returns the
router to VRF configuration mode for RIP routing.
Example:
RP/0/RSP0/CPU0:router(config-rip-vrf-if)# exit

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
30 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 7 redistribute bgp as-number [[external | Causes routes to be redistributed into RIP. The routes that
internal | local] [route-policy name] can be redistributed into RIP are:
or
• Border Gateway Protocol (BGP)
redistribute connected [route-policy name]
or • Connected
redistribute eigrp as-number [route-policy • Enhanced Interior Gateway Routing Protocol (EIGRP)
name]
or • Intermediate System-to-Intermediate System (IS-IS)
redistribute isis process-id [level-1 | • Open Shortest Path First (OSPF)
level-1-2 | level-2] [route-policy name]
• Static
or
redistribute ospf process-id [match {external
[1 | 2] | internal | nssa-external [1 | 2]}]
[route-policy name]
or
redistribute static [route-policy name]

Example:
RP/0/RSP0/CPU0:router(config-rip-vrf)#
redistribute connected
Step 8 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-rip-vrf)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-rip-vrf)# commit running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 31
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring Static Routes Between the PE and CE Routers


Perform this task to configure provider edge (PE)-to-customer edge (CE) routing sessions that use static
routes.

Note You must remove IPv4/IPv6 addresses from an interface prior to assigning, removing, or changing an
interface's VRF. If this is not done in advance, any attempt to change the VRF on an IP interface is
rejected.

SUMMARY STEPS

1. configure
2. router static
3. vrf vrf-name
4. address-family ipv4 unicast
5. prefix/mask [vrf vrf-name] {ip-address | type interface-path-id}
6. prefix/mask [vrf vrf-name] bfd fast-detect
7. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router static Enters static routing configuration mode allowing you to
configure the static routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router static
Step 3 vrf vrf-name Configures a VPN routing and forwarding (VRF) instance
and enters VRF configuration mode for static routing.
Example:
RP/0/RSP0/CPU0:router(config-static)# vrf vrf_1
Step 4 address-family ipv4 unicast Enters VRF address family configuration mode for the IPv4
address family.
Example:
RP/0/RSP0/CPU0:router(config-static-vrf)#
address-family ipv4 unicast

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
32 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 5 prefix/mask [vrf vrf-name] {ip-address | type Assigns the static route to vrf_1.
interface-path-id}

Example:
RP/0/RSP0/CPU0:router(config-static-vrf-afi)#
172.168.40.24/24 vrf vrf_1 10.1.1.1
Step 6 prefix/mask [vrf vrf-name] bfd fast-detect Enables bidirectional forwarding detection (BFD) to detect
failures in the path between adjacent forwarding engines.
Example: This option is available is when the forwarding router
RP/0/RSP0/CPU0:router(config-static-vrf-afi)# address is specified in Step 5.
172.168.40.24/24 vrf vrf_1 bfd fast-detect
Step 7 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-static-vrf-afi)# [cancel]:
end
or – Entering yes saves configuration changes to the
running configuration file, exits the configuration
RP/0/RSP0/CPU0:router(config-static-vrf-afi)#
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Configuring OSPF as the Routing Protocol Between the PE and CE Routers


Perform this task to configure provider edge (PE)-to-customer edge (CE) routing sessions that use Open
Shortest Path First (OSPF).

SUMMARY STEPS

1. configure
2. router ospf process-name
3. vrf vrf-name
4. router-id {router-id | type interface-path-id}
5. redistribute bgp process-id [metric metric-value] [metric-type {1 | 2}] [route-policy
policy-name] [tag tag-value]
or
redistribute connected [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name]
[tag tag-value]

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 33
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

or
redistribute ospf process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]}] [metric
metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]
or
redistribute static [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag
tag-value]
or
redistribute eigrp process-id [match {external [1 | 2] | internal | nssa-external [1 | 2]}] [metric
metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag tag-value]
or
redistribute rip [metric metric-value] [metric-type {1 | 2}] [route-policy policy-name] [tag
tag-value]
6. area area-id
7. interface type interface-path-id
8. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router ospf process-name Enters OSPF configuration mode allowing you to configure
the OSPF routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router ospf 109
Step 3 vrf vrf-name Configures a VPN routing and forwarding (VRF) instance
and enters VRF configuration mode for OSPF routing.
Example:
RP/0/RSP0/CPU0:router(config-ospf)# vrf vrf_1
Step 4 router-id {router-id | type interface-path-id} Configures the router ID for the OSPF routing process.

Example:
RP/0/RSP0/CPU0:router(config-ospf-vrf)#
router-id 172.20.10.10

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
34 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 5 redistribute bgp process-id [metric Causes routes to be redistributed into OSPF. The routes that
metric-value] [metric-type {1 | 2}] can be redistributed into OSPF are:
[route-policy policy-name] [tag tag-value]
or • Border Gateway Protocol (BGP)
redistribute connected [metric metric-value] • Connected
[metric-type {1 | 2}] [route-policy
policy-name] [tag tag-value] • Enhanced Interior Gateway Routing Protocol (EIGRP)
or • OSPF
redistribute ospf process-id [match {external
• Static
[1 | 2] | internal | nssa-external [1 | 2]}]
[metric metric-value] [metric-type {1 | 2}] • Routing Information Protocol (RIP)
[route-policy policy-name] [tag tag-value]
or
redistribute static [metric metric-value]
[metric-type {1 | 2}] [route-policy
policy-name] [tag tag-value]
or
redistribute eigrp process-id [match {external
[1 | 2] | internal | nssa-external [1 |
2]]}[metric metric-value] [metric-type {1 | 2}]
[route-policy policy-name] [tag tag-value]
or
redistribute rip [metric metric-value]
[metric-type {1 | 2}] [route-policy
policy-name] [tag tag-value]

Example:
RP/0/RSP0/CPU0:router(config-ospf-vrf)#
redistribute connected
Step 6 area area-id Configures the OSPF area as area 0.

Example:
RP/0/RSP0/CPU0:router(config-ospf-vrf)# area 0

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 35
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 7 interface type interface-path-id Associates interface GigabitEthernet 0/3/0/0 with area 0.

Example:
RP/0/RSP0/CPU0:router(config-ospf-vrf-ar)#
interface GigabitEthernet 0/3/0/0
Step 8 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-ospf-vrf-ar-if)# [cancel]:
end
or – Entering yes saves configuration changes to the
running configuration file, exits the configuration
RP/0/RSP0/CPU0:router(config-ospf-vrf-ar-if)#
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Configuring EIGRP as the Routing Protocol Between the PE and CE Routers


Perform this task to configure provider edge (PE)-to-customer edge (CE) routing sessions that use
Enhanced Interior Gateway Routing Protocol (EIGRP).
Using EIGRP between the PE and CE routers allows you to transparently connect EIGRP customer
networks through an MPLS-enable Border Gateway Protocol (BGP) core network so that EIGRP routes
are redistributed through the VPN across the BGP network as internal BGP (iBGP) routes.

Prerequisites

BGP must configured in the network. See the Implementing BGP on Cisco ASR 9000 Series Routers
module in Cisco ASR 9000 Series Aggregation Services Routers Routing Configuration Guide.

Note You must remove IPv4/IPv6 addresses from an interface prior to assigning, removing, or changing an
interface's VRF. If this is not done in advance, any attempt to change the VRF on an IP interface is
rejected.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
36 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

SUMMARY STEPS

1. configure
2. router eigrp as-number
3. vrf vrf-name
4. address-family ipv4
5. router-id router-id
6. autonomous-system as-number
7. default-metric bandwidth delay reliability loading mtu
8. redistribute {{bgp | connected | isis | ospf| rip | static} [as-number | instance-name]}
[route-policy name]
9. interface type interface-path-id
10. site-of-origin {as-number:number | ip-address:number}
11. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router eigrp as-number Enters EIGRP configuration mode allowing you to
configure the EIGRP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router eigrp 24
Step 3 vrf vrf-name Configures a VPN routing and forwarding (VRF) instance
and enters VRF configuration mode for EIGRP routing.
Example:
RP/0/RSP0/CPU0:router(config-eigrp)# vrf vrf_1
Step 4 address-family ipv4 Enters VRF address family configuration mode for the IPv4
address family.
Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf)#
address family ipv4
Step 5 router-id router-id Configures the router ID for the Enhanced Interior Gateway
Routing Protocol (EIGRP) routing process.
Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af)#
router-id 172.20.0.0

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 37
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 6 autonomous-system as-number Configures the EIGRP routing process to run within a VRF.

Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af)#
autonomous-system 6
Step 7 default-metric bandwidth delay reliability Sets the metrics for an EIGRP.
loading mtu

Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af)#
default-metric 100000 4000 200 45 4470
Step 8 redistribute {{bgp | connected | isis | ospf| Causes connected routes to be redistributed into EIGRP.
rip | static} [as-number | instance-name]}
[route-policy name]

Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af)#
redistribute connected
Step 9 interface type interface-path-id Associates interface GigabitEthernet 0/3/0/0 with the
EIGRP routing process.
Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af)#
interface GigabitEthernet 0/3/0/0
Step 10 site-of-origin {as-number:number | Configures site of origin (SoO) on interface
ip-address:number} GigabitEthernet 0/3/0/0.

Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af-if)#
site-of-origin 201:1
Step 11 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af-if)# [cancel]:
end
or – Entering yes saves configuration changes to the
running configuration file, exits the configuration
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af-if)#
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
38 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring EIGRP Redistribution in the MPLS VPN


Perform this task for every provider edge (PE) router that provides VPN services to enable Enhanced
Interior Gateway Routing Protocol (EIGRP) redistribution in the MPLS VPN.

Prerequisites

The metric can be configured in the route-policy configuring using the redistribute command (or
configured with the default-metric command). If an external route is received from another EIGRP
autonomous system or a non-EIGRP network without a configured metric, the route is not installed in
the EIGRP database. If an external route is received from another EIGRP autonomous system or a
non-EIGRP network without a configured metric, the route is not advertised to the CE router. See the
Implementing EIGRP on Cisco ASR 9000 Series Routers module in the Cisco ASR 9000 Series
Aggregation Services Routers Routing Configuration Guide.

Restrictions

Redistribution between native EIGRP VPN routing and forwarding (VRF) instances is not supported.
This behavior is designed.

SUMMARY STEPS

1. configure
2. router eigrp as-number
3. vrf vrf-name
4. address-family ipv4
5. redistribute bgp [as-number] [route-policy policy-name]
6. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router eigrp as-number Enters EIGRP configuration mode allowing you to
configure the EIGRP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router eigrp 24
Step 3 vrf vrf-name Configures a VRF instance and enters VRF configuration
mode for EIGRP routing.
Example:
RP/0/RSP0/CPU0:router(config-eigrp)# vrf vrf_1

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 39
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 4 address-family ipv4 Enters VRF address family configuration mode for the IPv4
address family.
Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf)#
address family ipv4
Step 5 redistribute bgp [as-number] [route-policy Causes Border Gateway Protocol (BGP) routes to be
policy-name] redistributed into EIGRP.

Example:
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af)#
redistribute bgp 24 route-policy policy_A
Step 6 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af-if)# [cancel]:
end
or – Entering yes saves configuration changes to the
running configuration file, exits the configuration
RP/0/RSP0/CPU0:router(config-eigrp-vrf-af-if)#
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
40 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Providing VPN Connectivity Across Multiple Autonomous Systems with MPLS


VPN Inter-AS with ASBRs Exchanging IPv4 Routes and MPLS Labels

Note This section is not applicable to Inter-AS over IP tunnels.

This section contains instructions for these tasks:


• Configuring ASBRs to Exchange IPv4 Routes and MPLS Labels, page VPC-41
• Configuring the Route Reflectors to Exchange VPN-IPv4 Routes, page VPC-44
• Configuring the Route Reflector to Reflect Remote Routes in its AS, page VPC-47

Configuring ASBRs to Exchange IPv4 Routes and MPLS Labels


Perform this task to configure the autonomous system boundary routers (ASBRs) to exchange IPv4
routes and MPLS labels.

SUMMARY STEPS

1. configure
2. router bgp autonomous-system-number
3. address-family ipv4 unicast
4. allocate-label all
5. neighbor ip-address
6. remote-as autonomous-system-number
7. address-family ipv4 labeled-unicast
8. route-policy route-policy-name in
9. route-policy route-policy-name out
10. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp autonomous-system-number Enters Border Gateway Protocol (BGP) configuration mode
allowing you to configure the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
RP/0/RSP0/CPU0:router(config-bgp)#

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 41
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 3 address-family ipv4 unicast Enters global address family configuration mode for the
IPv4 unicast address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family ipv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-af)#
Step 4 allocate-label all Allocates the MPLS labels for a specific IPv4 unicast or
VPN routing and forwarding (VRF) IPv4 unicast routes so
that the BGP router can send labels with BGP routes to a
Example:
RP/0/RSP0/CPU0:router(config-bgp-af)#
neighboring router that is configured for a labeled-unicast
allocate-label all session.
Step 5 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address
172.168.40.24 as a BGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# neighbor
172.168.40.24
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 6 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 2002
Step 7 address-family ipv4 labeled-unicast Enters neighbor address family configuration mode for the
IPv4 labeled-unicast address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family ipv4 labeled-unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)
Step 8 route-policy route-policy-name in Applies a routing policy to updates that are received from a
BGP neighbor.
Example: • Use the route-policy-name argument to define the name
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# of the of route policy. The example shows that the route
route-policy pass-all in policy name is defined as pass-all.
• Use the in keyword to define the policy for inbound
routes.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
42 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 9 route-policy route-policy-name out Applies a routing policy to updates that are sent to a BGP
neighbor.
Example: • Use the route-policy-name argument to define the name
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# of the of route policy. The example shows that the route
route-policy pass-all out policy name is defined as pass-all.
• Use the out keyword to define the policy for outbound
routes.
Step 10 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# running configuration file, exits the configuration
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 43
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring the Route Reflectors to Exchange VPN-IPv4 Routes


Perform this task to enable the route reflectors to exchange VPN-IPv4 routes by using multihop. This
task specifies that the next-hop information and the VPN label are to be preserved across the autonomous
system.

SUMMARY STEPS

1. configure
2. router bgp autonomous-system-number
3. neighbor ip-address
4. remote-as autonomous-system-number
5. ebgp-multihop [ttl-value]
6. update-source type interface-path-id
7. address-family vpnv4 unicast
8. route-policy route-policy-name in
9. route-policy route-policy-name out
10. next-hop-unchanged
11. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp autonomous-system-number Enters Border Gateway Protocol (BGP) configuration mode
allowing you to configure the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
RP/0/RSP0/CPU0:router(config-bgp)#
Step 3 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address
172.168.40.24 as a BGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp)# neighbor
172.168.40.24
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 4 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 2002

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
44 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 5 ebgp-multihop [ttl-value] Enables multihop peerings with external BGP neighbors.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
ebgp-multihop
Step 6 update-source type interface-path-id Allows BGP sessions to use the primary IP address from a
particular interface as the local address.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
update-source loopback0
Step 7 address-family vpnv4 unicast Configures VPNv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
Step 8 route-policy route-policy-name in Applies a routing policy to updates that are received from a
BGP neighbor.
Example: • Use the route-policy-name argument to define the name
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# of the of route policy. The example shows that the route
route-policy pass-all in policy name is defined as pass-all.
• Use the in keyword to define the policy for inbound
routes.
Step 9 route-policy route-policy-name out Applies a routing policy to updates that are sent to a BGP
neighbor.
Example: • Use the route-policy-name argument to define the name
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# of the of route policy. The example shows that the route
route-policy pass-all out policy name is defined as pass-all.
• Use the out keyword to define the policy for outbound
routes.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 45
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 10 next-hop-unchanged Disables overwriting of the next hop before advertising to
external Border Gateway Protocol (eBGP) peers.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
next-hop-unchanged
Step 11 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# running configuration file, exits the configuration
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
46 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring the Route Reflector to Reflect Remote Routes in its AS


Perform this task to enable the route reflector (RR) to reflect the IPv4 routes and labels learned by the
autonomous system boundary router (ASBR) to the provider edge (PE) routers in the autonomous
system. This task is accomplished by making the ASBR and PE route reflector clients of the RR.

SUMMARY STEPS

1. configure
2. router bgp autonomous-system-number
3. address-family ipv4 unicast
4. allocate-label all
5. neighbor ip-address
6. remote-as autonomous-system-number
7. update-source type interface-path-id
8. address-family ipv4 labeled-unicast
9. route-reflector-client
10. neighbor ip-address
11. remote-as autonomous-system-number
12. update-source type interface-path-id
13. address-family ipv4 labeled-unicast
14. route-reflector-client
15. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp autonomous-system-number Enters Border Gateway Protocol (BGP) configuration mode
allowing you to configure the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
Step 3 address-family ipv4 unicast Enters global address family configuration mode for the
IPv4 unicast address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family ipv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-af)#

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 47
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 4 allocate-label all Allocates the MPLS labels for a specific IPv4 unicast or
VPN routing and forwarding (VRF) IPv4 unicast routes so
that the BGP router can send labels with BGP routes to a
Example:
RP/0/RSP0/CPU0:router(config-bgp-af)#
neighboring router that is configured for a labeled-unicast
allocate-label all session.
Step 5 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address
172.168.40.24 as an ASBR eBGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# neighbor
172.168.40.24
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 6 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 2002
Step 7 update-source type interface-path-id Allows BGP sessions to use the primary IP address from a
particular interface as the local address.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
update-source loopback0
Step 8 address-family ipv4 labeled-unicast Enters neighbor address family configuration mode for the
IPv4 labeled-unicast address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family ipv4 labeled-unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
Step 9 route-reflector-client Configures the router as a BGP route reflector and neighbor
172.168.40.24 as its client.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-reflector-client
Step 10 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address 10.40.25.2
as an VPNv4 iBGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
neighbor 10.40.25.2
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 11 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 2002

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
48 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 12 update-source type interface-path-id Allows BGP sessions to use the primary IP address from a
particular interface as the local address.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
update-source loopback0
Step 13 address-family ipv4 labeled-unicast Enters neighbor address family configuration mode for the
IPv4 labeled-unicast address family.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family ipv4 labeled-unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
Step 14 route-reflector-client Configures the neighbor as a route reflector client.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-reflector-client
Step 15 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# running configuration file, exits the configuration
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 49
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Providing VPN Connectivity Across Multiple Autonomous Systems with MPLS


VPN Inter-AS with ASBRs Exchanging VPN-IPv4 Addresses
This section contains instructions for these tasks:
• Configuring the ASBRs to Exchange VPN-IPv4 Addresses, page VPC-50
• Configuring EBGP Routing to Exchange VPN Routes Between Subautonomous Systems in a
Confederation, page VPC-54
• Configuring MPLS Forwarding for ASBR Confederations, page VPC-56
• Configuring a Static Route to an ASBR Confederation Peer, page VPC-58

Configuring the ASBRs to Exchange VPN-IPv4 Addresses


Perform this task to configure an external Border Gateway Protocol (eBGP) autonomous system
boundary router (ASBR) to exchange VPN-IPv4 routes with another autonomous system.

SUMMARY STEPS

1. configure
2. router bgp autonomous-system-number
3. address-family vpnv4 unicast
4. neighbor ip-address
5. remote-as autonomous-system-number
6. address-family vpnv4 unicast
7. route-policy route-policy-name in
8. route-policy route-policy-name out
9. neighbor ip-address
10. remote-as autonomous-system-number
11. update-source type interface-path-id
12. address-family vpnv4 unicast
13. end
or
commit

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
50 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp autonomous-system-number Enters Border Gateway Protocol (BGP) configuration mode
allowing you to configure the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
RP/0/RSP0/CPU0:router(config-bgp)#
Step 3 address-family vpnv4 unicast Configures VPNv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-af)#
Step 4 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address
172.168.40.24 as an ASBR eBGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# neighbor
172.168.40.24
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 5 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 2002
Step 6 address-family vpnv4 unicast Configures VPNv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
Step 7 route-policy route-policy-name in Applies a routing policy to updates that are received from a
BGP neighbor.
Example: • Use the route-policy-name argument to define the name
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# of the of route policy. The example shows that the route
route-policy pass-all in policy name is defined as pass-all.
• Use the in keyword to define the policy for inbound
routes.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 51
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 8 route-policy route-policy-name out Applies a routing policy to updates that are sent from a BGP
neighbor.
Example: • Use the route-policy-name argument to define the name
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# of the of route policy. The example shows that the route
route-policy pass-all out policy name is defined as pass-all.
• Use the out keyword to define the policy for outbound
routes.
Step 9 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address 10.40.25.2
as an VPNv4 iBGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
neighbor 10.40.25.2
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 10 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 2002
Step 11 update-source type interface-path-id Allows BGP sessions to use the primary IP address from a
particular interface as the local address.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
update-source loopback0

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
52 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 12 address-family vpnv4 unicast Configures VPNv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
Step 13 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# running configuration file, exits the configuration
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 53
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring EBGP Routing to Exchange VPN Routes Between Subautonomous Systems in a


Confederation
Perform this task to configure external Border Gateway Protocol (eBGP) routing to exchange VPN
routes between subautonomous systems in a confederation.

Note To ensure that host routes for VPN-IPv4 eBGP neighbors are propagated (by means of the Interior
Gateway Protocol [IGP]) to other routers and PE routers, specify the redistribute connected command
in the IGP configuration portion of the confederation eBGP (CEBGP) router. If you are using Open
Shortest Path First (OSPF), make sure that the OSPF process is not enabled on the CEBGP interface in
which the “redistribute connected” subnet exists.

SUMMARY STEPS

1. configure
2. router bgp autonomous-system-number
3. bgp confederation peers peer autonomous-system-number
4. bgp confederation identifier autonomous-system-number
5. address-family vpnv4 unicast
6. neighbor ip-address
7. remote-as autonomous-system-number
8. address-family vpnv4 unicast
9. route-policy route-policy-name in
10. route-policy route-policy-name out
11. next-hop-self
12. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp autonomous-system-number Enters BGP configuration mode allowing you to configure
the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
RP/0/RSP0/CPU0:router(config-bgp)#

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
54 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 3 bgp confederation peers peer Configures the peer autonomous system number that
autonomous-system-number belongs to the confederation.

Example:
RP/0/RSP0/CPU0:router(config-bgp)# bgp
confederation peers 8
Step 4 bgp confederation identifier Specifies the autonomous system number for the
autonomous-system-number confederation ID.

Example:
RP/0/RSP0/CPU0:router(config-bgp)# bgp
confederation identifier 5
Step 5 address-family vpnv4 unicast Configures VPNv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-af)#
Step 6 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address
10.168.40.24 as a BGP peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# neighbor
10.168.40.24
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 7 remote-as autonomous-system-number Creates a neighbor and assigns it a remote autonomous
system number.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 2002
Step 8 address-family vpnv4 unicast Configures VPNv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
Step 9 route-policy route-policy-name in Applies a routing policy to updates received from a BGP
neighbor.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-policy In-Ipv4 in
Step 10 route-policy route-policy-name out Applies a routing policy to updates advertised to a BGP
neighbor.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-policy Out-Ipv4 out

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 55
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 11 next-hop-self Disables next-hop calculation and let you insert your own
address in the next-hop field of BGP updates.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
next-hop-self
Step 12 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# running configuration file, exits the configuration
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Configuring MPLS Forwarding for ASBR Confederations


Perform this task to configure MPLS forwarding for autonomous system boundary router (ASBR)
confederations (in BGP) on a specified interface.

Note This configuration adds the implicit NULL rewrite corresponding to the peer associated with the
interface, which is required to prevent BGP from automatically installing rewrites by LDP (in multihop
instances).

SUMMARY STEPS

1. configure
2. router bgp as-number
3. mpls activate
4. interface type interface-path-id
5. end
or
commit

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
56 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp as-number Enters BGP configuration mode allowing you to
configure the BGP routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 120
RP/0/RSP0/CPU0:router(config-bgp)
Step 3 mpls activate Enters BGP MPLS activate configuration mode.

Example:
RP/0/RSP0/CPU0:router(config-bgp)# mpls activate
RP/0/RSP0/CPU0:router(config-bgp-mpls)#
Step 4 interface type interface-path-id Enables MPLS on the interface.

Example:
RP/0/RSP0/CPU0:router(config-bgp-mpls)# interface
GigabitEthernet 0/3/0/0
Step 5 end Saves configuration changes.
or
• When you issue the end command, the system
commit prompts you to commit changes:
Uncommitted changes found, commit them
Example: before exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-mpls)# end [cancel]:
or
– Entering yes saves configuration changes to
RP/0/RSP0/CPU0:router(config-bgp-mpls)# commit the running configuration file, exits the
configuration session, and returns the
router to EXEC mode.
– Entering no exits the configuration session
and returns the router to EXEC mode
without committing the configuration
changes.
– Entering cancel leaves the router in the
current configuration session without
exiting or committing the configuration
changes.
• Use the commit command to save the
configuration changes to the running
configuration file and remain within the
configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 57
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring a Static Route to an ASBR Confederation Peer


Perform this task to configure a static route to an Inter-AS confederation peer. For more detailed
information, see “Configuring a Static Route to a Peer” section on page MPC-68.

SUMMARY STEPS

1. configure
2. router static
3. address-family ipv4 unicast
4. A.B.C.D/length next-hop
5. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router static Enters router static configuration mode.

Example:
RP/0/RSP0/CPU0:router(config)# router static
RP/0/RSP0/CPU0:router(config-static)#
Step 3 address-family ipv4 unicast Enables an IPv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-static)#
address-family ipv4 unicast
RP/0/RSP0/CPU0:router(config-static-afi)#

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
58 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 4 A.B.C.D/length next-hop Enters the address of the destination router (including IPv4
subnet mask).
Example:
RP/0/RSP0/CPU0:router(config-static-afi)#
10.10.10.10/32 10.9.9.9
Step 5 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-static-afi)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-static-afi)# running configuration file, exits the configuration
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 59
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring Carrier Supporting Carrier


Perform the tasks in this section to configure Carrier Supporting Carrier (CSC):
• Identifying the Carrier Supporting Carrier Topology, page VPC-60
• Configuring the Backbone Carrier Core, page VPC-61
• Configuring the CSC-PE and CSC-CE Routers, page VPC-61
• Configuring a Static Route to a Peer, page VPC-68

Identifying the Carrier Supporting Carrier Topology


Before you configure the MPLS VPN CSC with BGP, you must identify both the backbone and customer
carrier topology.

Note You can connect multiple CSC-CE routers to the same PE, or you can connect a single CSC-CE router
to multiple CSC-PEs using more than one CSC-CE interface to provide redundancy and multiple path
support in a CSC topology.

Perform this task to identify the carrier supporting carrier topology.

SUMMARY STEPS

1. Identify the type of customer carrier, ISP, or MPLS VPN service provider.
2. Identify the CE routers.
3. Identify the customer carrier core router configuration.
4. Identify the customer carrier edge (CSC-CE) routers.
5. Identify the backbone carrier router configuration.

DETAILED STEPS

Command or Action Purpose


Step 1 Identify the type of customer carrier, ISP, or MPLS Sets up requirements for configuration of carrier supporting
VPN service provider. carrier network.
Step 2 Identify the CE routers. Sets up requirements for configuration of CE to PE
connections.
Step 3 Identify the customer carrier core router configuration. Sets up requirements for configuration between core (P)
routers and between P routers and edge routers (PE and
CSC-CE routers).
Step 4 Identify the customer carrier edge (CSC-CE) routers. Sets up requirements for configuration of CSC-CE to
CSC-PE connections.
Step 5 Identify the backbone carrier router configuration. Sets up requirements for configuration between CSC core
routers and between CSC core routers and edge routers
(CSC-CE and CSC-PE routers).

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
60 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring the Backbone Carrier Core


Configuring the backbone carrier core requires setting up connectivity and routing functions for the CSC
core and the CSC-PE routers. To do so, you must complete these high-level tasks:
• Verify IP connectivity in the CSC core.
• Verify LDP configuration in the CSC core.

Note This task is not applicable to CSC over IP tunnels.

• Configure VRFs for CSC-PE routers.


• Configure multiprotocol BGP for VPN connectivity in the backbone carrier.

Configuring the CSC-PE and CSC-CE Routers


Perform these tasks to configure links between a CSC-PE router and the carrier CSC-CE router for an
MPLS VPN CSC network that uses BGP to distribute routes and MPLS labels:
• Configuring a CSC-PE
• Configuring a CSC-CE
Figure 6 shows the configuration for the peering with directly connected interfaces between CSC-PE and
CSC-CE routers. This configuration is used as the example in the tasks that follow.

Figure 6 Configuration for Peering with Directly Connected Interfaces Between CSC-PE and
CSC-CE Routers

e1/0 e1/0
121190

10.0.0.1 10.0.0.2
CSC-CE CSC-PE

Configuring a CSC-PE

Perform this task to configure a CSC-PE.

SUMMARY STEPS

1. configure
2. router bgp as-number
3. address-family vpnv4 unicast
4. neighbor A.B.C.D
5. remote-as as-number
6. update-source type interface-path-id
7. address-family vpnv4 unicast
8. vrf vrf-name
9. rd {as-number:nn | ip-address:nn | auto}

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 61
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

10. address-family ipv4 unicast


11. allocate-label all
12. neighbor A.B.C.D
13. remote-as as-number
14. address-family ipv4 labeled-unicast
15. route-policy route-policy-name in
16. route-policy route-policy-name out
17. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp as-number Configures a BGP routing process and enters router
configuration mode.
Example: • Range for 2-byte numbers is 1 to 65535. Range for
RP/0/RSP0/CPU0:router(config)# router bgp 2 4-byte numbers is 1.0 to 65535.65535.
RP/0/RSP0/CPU0:router(config-bgp)#
Step 3 address-family vpnv4 unicast Configures VPNv4 address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-af)#
Step 4 neighbor A.B.C.D Configures the IP address for the BGP neighbor.

Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# neighbor
10.10.10.0
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
Step 5 remote-as as-number Configures the AS number for the BGP neighbor.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 888
Step 6 update-source type interface-path-id Allows BGP sessions to use the primary IP address from a
particular interface as the local address.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
update-source loopback0

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
62 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 7 address-family vpnv4 unicast Configures VPNv4 unicast address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family vpnv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
Step 8 vrf vrf-name Configures a VRF instance.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# vrf
9999
RP/0/RSP0/CPU0:router(config-bgp-vrf)#
Step 9 rd {as-number:nn | ip-address:nn | auto} Configures a route distinguisher.
Note Use the auto keyword to automatically assign a
Example: unique route distinguisher.
RP/0/RSP0/CPU0:router(onfig-bgp-vrf)# rd auto
Step 10 address-family ipv4 unicast Configures IPv4 unicast address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf)#
address-family ipv4 unicast
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)#
Step 11 allocate-label all Allocate labels for all local prefixes and prefixes received
with labels.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)#
allocate-label all
Step 12 neighbor A.B.C.D Configures the IP address for the BGP neighbor.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)#
neighbor 10.10.10.0
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
Step 13 remote-as as-number Enables the exchange of information with a neighboring
BGP router.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
remote-as 888
Step 14 address-family ipv4 labeled-unicast Configures IPv4 labeled-unicast address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
address-family ipv4 labeled-unicast
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 63
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 15 route-policy route-policy-name in Applies the pass-all policy to all inbound routes.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
route-policy pass-all in
Step 16 route-policy route-policy-name out Applies the pass-all policy to all outbound routes.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
route-policy pass-all out
Step 17 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(cconfig-bgp-vrf-nbr-af)# [cancel]:
end
or – Entering yes saves configuration changes to the
running configuration file, exits the configuration
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
64 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring a CSC-CE

Perform this task to configure a CSC-CE.

SUMMARY STEPS

1. configure
2. router bgp as-number
3. address-family ipv4 unicast
4. redistribute ospf instance-number
5. allocate-label route-policy route-policy-name
6. exit
7. neighbor A.B.C.D
8. remote-as as-number
9. address-family ipv4 labeled-unicast
10. route-policy route-policy-name in
11. route-policy route-policy-name out
12. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp as-number Configures a BGP routing process and enters router
configuration mode.
Example: • Range for 2-byte numbers is 1 to 65535. Range for
RP/0/RSP0/CPU0:router(config)# router bgp 1 4-byte numbers is 1.0 to 65535.65535.
Step 3 address-family ipv4 unicast Configures IPv4 unicast address-family.

Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family ipv4 unicast
Step 4 redistribute ospf instance-number Redistributes OSPF routes into BGP.

Example:
RP/0/RSP0/CPU0:router(config-router-af)#
redistribute ospf 1

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 65
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 5 allocate-label route-policy route-policy-name Allocates labels for those routes that match the route policy.
These labeled routes are advertised to neighbors configured
with address-family ipv4 labeled-unicast.
Example:
RP/0/RSP0/CPU0:router(config-router-af)#
allocate-label route-policy internal-routes
Step 6 exit Exits the current configuration mode.

Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# exit
Step 7 neighbor A.B.C.D Configures the IP address for the BGP neighbor.

Example:
RP/0/RSP0/CPU0:router(config-bgp)# neighbor
10.0.0.1
Step 8 remote-as as-number Enables the exchange of information with a neighboring
BGP router.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 1
Step 9 address-family ipv4 labeled-unicast Configures IPv4 labeled-unicast address family.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family ipv4 labeled-unicast
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#

Step 10 route-policy route-policy-name in Applies the route-policy to all inbound routes.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-policy pass-all in

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
66 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 11 route-policy route-policy-name out Applies the route-policy to all outbound routes.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-policy pass-all out
Step 12 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp)# commit running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 67
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Configuring a Static Route to a Peer


Perform this task to configure a static route to an Inter-AS or CSC-CE peer.
When you configure an Inter-AS or CSC peer, BGP allocates a label for a /32 route to that peer and
performs a NULL label rewrite. When forwarding a labeled packet to the peer, the router removes the
top label from the label stack; however, in such an instance, BGP expects a /32 route to the peer. This
task ensures that there is, in fact, a /32 route to the peer.
Please be aware of these facts before performing this task:
• A /32 route is not required to establish BGP peering. A route using a shorter prefix length will also
work.
• A shorter prefix length route is not associated with the allocated label; even though the BGP session
comes up between the peers, without the static route, forwarding will not work.

Note To configure a static route on a CSC-PE, you must configure the router under the VRF (as noted in the
detailed steps).

SUMMARY STEPS

1. configure
2. router static
3. address-family ipv4 unicast
4. A.B.C.D/length next-hop
5. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router(config)# configure
Step 2 router static Enters router static configuration mode.

Example:
RP/0/RSP0/CPU0:router(config)# router static
Step 3 address-family ipv4 unicast Enables an IPv4 address family.
Note To configure a static route on a CSC-PE, you must
Example: first configure the VRF using the vrf command
RP/0/RSP0/CPU0:router(config-static)# before address-family.
address-family ipv4 unicast

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
68 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 4 A.B.C.D/length next-hop Enters the address of the destination router (including IPv4
subnet mask).
Example:
RP/0/RSP0/CPU0:router(config-static-afi)#
10.10.10.10/32 10.9.9.9
Step 5 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-static-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-static-af)# commit running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 69
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Verifying the MPLS Layer 3 VPN Configuration


Perform this task to verify the MPLS Layer 3 VPN configuration.

SUMMARY STEPS

1. show running-config router bgp as-number vrf vrf-name


2. show running-config routes
3. show ospf vrf vrf-name database
4. show running-config router bgp as-number vrf vrf-name neighbor ip-address
5. show bgp vrf vrf-name summary
6. show bgp vrf vrf-name neighbors ip-address
7. show bgp vrf vrf-name
8. show route vrf vrf-name ip-address
9. show bgp vpn unicast summary
10. show running-config router isis
11. show running-config mpls
12. show isis adjacency
13. show mpls ldp forwarding
14. show bgp vpnv4 unicast
show bgp vrf vrf-name
15. show bgp vrf vrf-name imported-routes
16. show route vrf vrf-name ip-address
17. show cef vrf vrf-name ip-address
18. show cef vrf vrf-name ip-address location node-id
19. show bgp vrf vrf-name ip-address
20. show ospf vrf vrf-name database

DETAILED STEPS

Command or Action Purpose


Step 1 show running-config router bgp as-number vrf Displays the specified VPN routing and forwarding (VRF)
vrf-name content of the currently running configuration.

Example:
RP/0/RSP0/CPU0:router# show running-config
router bgp 3 vrf vrf_A
Step 2 show running-config routes Displays the Open Shortest Path First (OSPF) routes table
in the currently running configuration.
Example:
RP/0/RSP0/CPU0:router# show running-config
routes

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
70 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 3 show ospf vrf vrf-name database Displays lists of information related to the OSPF database
for a specified VRF.
Example:
RP/0/RSP0/CPU0:router# show ospf vrf vrf_A
database
Step 4 show running-config router bgp as-number vrf Displays the Border Gateway Protocol (BGP) VRF
vrf-name neighbor ip-address neighbor content of the currently running configuration.

Example:
RP/0/RSP0/CPU0:router# show running-config
router bgp 3 vrf vrf_A neighbor 172.168.40.24
Step 5 show bgp vrf vrf-name summary Displays the status of the specified BGP VRF connections.

Example:
RP/0/RSP0/CPU0:router# show bgp vrf vrf_A
summary
Step 6 show bgp vrf vrf-name neighbors ip-address Displays information about BGP VRF connections to the
specified neighbors.
Example:
RP/0/RSP0/CPU0:router# show bgp vrf vrf_A
neighbors 172.168.40.24
Step 7 show bgp vrf vrf-name Displays information about a specified BGP VRF.

Example:
RP/0/RSP0/CPU0:router# show bgp vrf vrf_A
Step 8 show route vrf vrf-name ip-address Displays the current routes in the Routing Information Base
(RIB) for a specified VRF.
Example:
RP/0/RSP0/CPU0:router# show route vrf vrf_A
10.0.0.0
Step 9 show bgp vpn unicast summary Displays the status of all BGP VPN unicast connections.

Example:
RP/0/RSP0/CPU0:router# show bgp vpn unicast
summary
Step 10 show running-config router isis Displays the Intermediate System-to-Intermediate System
(IS-IS) content of the currently running configuration.
Example:
RP/0/RSP0/CPU0:router# show running-config
router isis
Step 11 show running-config mpls Displays the MPLS content of the currently
running-configuration.
Example:
RP/0/RSP0/CPU0:router# show running-config mpls

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 71
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 12 show isis adjacency Displays IS-IS adjacency information.

Example:
RP/0/RSP0/CPU0:router# show isis adjacency
Step 13 show mpls ldp forwarding Displays the Label Distribution Protocol (LDP) forwarding
state installed in MPLS forwarding.
Example:
RP/0/RSP0/CPU0:router# show mpls ldp forwarding
Step 14 show bgp vpnv4 unicast Displays entries in the BGP routing table for VPNv4 unicast
addresses.
Example:
RP/0/RSP0/CPU0:router# show bgp vpnv4 unicast
Step 15 show bgp vrf vrf-name Displays entries in the BGP routing table for VRF vrf_A.

Example:
RP/0/RSP0/CPU0:router# show bgp vrf vrf_A
Step 16 show bgp vrf vrf-name imported-routes Displays BGP information for routes imported into
specified VRF instances.
Example:
RP/0/RSP0/CPU0:router# show bgp vrf vrf_A
imported-routes
Step 17 show route vrf vrf-name ip-address Displays the current specified VRF routes in the RIB.

Example:
RP/0/RSP0/CPU0:router# show route vrf vrf_A
10.0.0.0
Step 18 show cef vrf vrf-name ip-address Displays the IPv4 Cisco Express Forwarding (CEF) table
for a specified VRF.
Example:
RP/0/RSP0/CPU0:router# show cef vrf vrf_A
10.0.0.1
Step 19 show cef vrf vrf-name ip-address location Displays the IPv4 CEF table for a specified VRF and
node-id location.

Example:
RP/0/RSP0/CPU0:router# show cef vrf vrf_A
10.0.0.1 location 0/1/cpu0

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
72 OL-23110-01
Implementing MPLS Layer 3 VPNs
How to Implement MPLS Layer 3 VPNs

Command or Action Purpose


Step 20 show bgp vrf vrf-name ip-address Displays entries in the BGP routing table for VRF vrf_A.

Example:
RP/0/RSP0/CPU0:router# show bgp vrf vrf_A
10.0.0.0
Step 21 show ospf vrf vrf-name database Displays lists of information related to the OSPF database
for a specified VRF.
Example:
RP/0/RSP0/CPU0:router# show ospf vrf vrf_A
database

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 73
Implementing MPLS Layer 3 VPNs
Configuration Examples for Implementing MPLS Layer 3 VPNs

Configuration Examples for Implementing MPLS Layer 3 VPNs


This section provides these sample configurations for MPLS L3VPN features:
• Configuring an MPLS VPN Using BGP: Example, page VPC-74
• Configuring the Routing Information Protocol on the PE Router: Example, page VPC-75
• Configuring the PE Router Using EIGRP: Example, page VPC-75
• Configuration Examples for MPLS VPN CSC, page VPC-76

Configuring an MPLS VPN Using BGP: Example


This example shows the configuration for an MPLS VPN using BGP on “vrf vpn1”:
address-family ipv4 unicast
import route-target
100:1
!
export route-target
100:1
!
!
!
route-policy pass-all
pass
end-policy
!
interface Loopback0
ipv4 address 10.0.0.1 255.255.255.255
!
interface gigabitEthernet 0/1/0/0
vrf vpn1
ipv4 address 10.0.0.2 255.0.0.0
!
interface gigabitEthernet 0/1/0/1
ipv4 address 10.0.0.1 255.0.0.0
!
router ospf 100
area 100
interface loopback0
interface gigabitEthernet 0/1/0/1
!
!
router bgp 100
address-family vpnv4 unicast
neighbor 10.0.0.3
remote-as 100
update-source Loopback0
address-family vpnv4 unicast
!
vrf vpn1
rd 100:1
address-family ipv4 unicast
redistribute connected
!
neighbor 10.0.0.1
remote-as 200
address-family ipv4 unicast
as-override
route-policy pass-all in

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
74 OL-23110-01
Implementing MPLS Layer 3 VPNs
Configuration Examples for Implementing MPLS Layer 3 VPNs

route-policy pass-all out


!
advertisement-interval 5
!
!
!
mpls ldp
route-id looback0
interface gigabitEthernet 0/1/0/1
!

Configuring the Routing Information Protocol on the PE Router: Example


This example shows the configuration for the RIP on the PE router:
vrf vpn1
address-family ipv4 unicast
import route-target
100:1
!
export route-target
100:1
!
!
!
route-policy pass-all
pass
end-policy
!

interface gigabitEthernet 0/1/0/0


vrf vpn1
ipv4 address 10.0.0.2 255.0.0.0
!

router rip
vrf vpn1
interface GigabitEthernet0/1/0/0
!
timers basic 30 90 90 120
redistribute bgp 100
default-metric 3
route-policy pass-all in
!

Configuring the PE Router Using EIGRP: Example


This example shows the configuration for the Enhanced Interior Gateway Routing Protocol (EIGRP) on
the PE router:
Router eigrp 10
vrf VRF1
address-family ipv4
router-id 10.1.1.2
default-metric 100000 2000 255 1 1500
as 62
redistribute bgp 2000
interface Loopback0
!
interface GigabitEthernet0/6/0/0

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 75
Implementing MPLS Layer 3 VPNs
Configuration Examples for Implementing MPLS Layer 3 VPNs

Configuration Examples for MPLS VPN CSC


Configuration examples for the MPLS VPN CSC include:
• Configuring the Backbone Carrier Core: Examples, page VPC-76
• Configuring the Links Between CSC-PE and CSC-CE Routers: Examples, page VPC-76
• Configuring a Static Route to a Peer: Example, page VPC-77

Configuring the Backbone Carrier Core: Examples


Configuration examples for the backbone carrier core included in this section are as follows:
• Configuring VRFs for CSC-PE Routers: Example, page VPC-76
• Configuring the Links Between CSC-PE and CSC-CE Routers: Examples, page VPC-76

Configuring VRFs for CSC-PE Routers: Example

This example shows how to configure a VPN routing and forwarding instance (VRF) for a CSC-PE
router:
config
vrf vpn1
address-family ipv4 unicast
import route-target 100:1
export route-target 100:1
end

Configuring the Links Between CSC-PE and CSC-CE Routers: Examples


This section contains these examples:
• Configuring a CSC-PE: Example, page VPC-76
• Configuring a CSC-CE: Example, page VPC-77

Configuring a CSC-PE: Example

In this example, a CSC-PE router peers with a PE router, 10.1.0.2, in its own AS. It also has a labeled
unicast peering with a CSC-CE router, 10.0.0.1.
config
router bgp 2
address-family vpnv4 unicast
neighbor 10.1.0.2
remote-as 2
update-source loopback0
address-family vpnv4 unicast
vrf customer-carrier
rd 1:100
address-family ipv4 unicast
allocate-label all
redistribute static
neighbor 10.0.0.1
remote-as 1
address-family ipv4 labeled-unicast
route-policy pass-all in
route-policy pass-all out
as-override

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
76 OL-23110-01
Implementing MPLS Layer 3 VPNs
Configuration Examples for Implementing MPLS Layer 3 VPNs

end

Configuring a CSC-CE: Example

This example shows how to configure a CSC-CE router. In this example, the CSC-CE router peers
CSC-PE router 10.0.0.2 in AS 2.
config
router bgp 1
address-family ipv4 unicast
redistribute ospf 200
allocate-label all
neighbor 10.0.0.2
remote-as 2
address-family ipv4 labeled-unicast
route-policy pass-all in
route-policy pass-all out
end

Configuring a Static Route to a Peer: Example


This example shows how to configure a static route to an Inter-AS or CSC-CE peer:
config
router static
address-family ipv4 unicast
10.0.0.2/32 40.1.1.1
end

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 77
Implementing MPLS Layer 3 VPNs
Additional References

Additional References
For additional information, refer to these documents:

Related Documents

Related Topic Document Title


Cisco ASR 9000 Series Router L2VPN commands MPLS Virtual Private Network Commands on
Cisco ASR 9000 Series Routers module in the
Cisco ASR 9000 Series Aggregation Services Router MPLS
Command Reference
Routing (BGP, EIGRP, OSPF, and RIP) commands: Cisco ASR 9000 Series Aggregation Services Router Routing
complete command syntax, command modes, Command Reference
command history, defaults, usage guidelines, and
examples
Routing (BGP, EIGRP, OSPF, and RIP) configuration Cisco ASR 9000 Series Aggregation Services Router Routing
Configuration Guide
MPLS LDP configuration: configuration concepts, Implementing MPLS Label Distribution Protocol on
task, and examples Cisco ASR 9000 Series Routers module in this document.
MPLS Traffic Engineering Resource Reservation Implementing RSVP for MPLS-TE on
Protocol configuration: configuration concepts, task, Cisco ASR 9000 Series Routers module in this document.
and examples
Getting started material Cisco ASR 9000 Series Aggregation Services Router Getting
Started Guide

Standards

Standards Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.

MIBs

MIBs MIBs Link


— To locate and download MIBs using Cisco IOS XR software, use the
Cisco MIB Locator found at this URL and choose a platform under
the Cisco Access Products menu:
http://cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
78 OL-23110-01
Implementing MPLS Layer 3 VPNs
Additional References

RFCs

RFCs Title
RFC 1700 Assigned Numbers
RFC 1918 Address Allocation for Private Internets
RFC 1966 BGP Route Reflectors: An Alternative to Full Mesh iBGP
RFC 2283 Multiprotocol Extensions for BGP-4
RFC 2547 BGP/MPLS VPNs
RFC 2842 Capabilities Advertisement with BGP-4
RFC 2858 Multiprotocol Extensions for BGP-4
RFC 3107 Carrying Label Information in BGP-4

Technical Assistance

Description Link
The Cisco Technical Support website contains http://www.cisco.com/techsupport
thousands of pages of searchable technical content,
including links to products, technologies, solutions,
technical tips, and tools. Registered Cisco.com users
can log in from this page to access even more content.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 79
Implementing MPLS Layer 3 VPNs
Additional References

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
80 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport
over MPLS

This module describes how to implement IPv6 VPN Provider Edge Transport over MPLS on
Cisco ASR 9000 Series Aggregation Services Routers.
IPv6 VPN Provider Edge (6PE/VPE) uses the existing MPLS IPv4 core infrastructure for IPv6 transport.
6PE/VPE enables IPv6 sites to communicate with each other over an MPLS IPv4 core network using
MPLS label switched paths (LSPs).
This feature relies heavily on multiprotocol Border Gateway Protocol (BGP) extensions in the IPv4
network configuration on the provider edge (PE) router to exchange IPv6 reachability information (in
addition to an MPLS label) for each IPv6 address prefix. Edge routers are configured as dual-stack,
running both IPv4 and IPv6, and use the IPv4 mapped IPv6 address for IPv6 prefix reachability
exchange.
For detailed information about the commands used to configure L2TP functionality, see the
Cisco ASR 9000 Aggregation Services Router Routing Command Reference.
Feature History for Implementing 6PE on Cisco ASR 9000 Series Routers

Release Modification
Release 3.9.1 This feature was introduced.
Release 4.0.0 Support was added for the 6PE and 6VPE features for IPv6 L3VPN on
A9K-SIP-700.
Support was added for the BGP per VRF/CE label allocation for 6PE feature.

Contents
• Prerequisites for Implementing 6PE/VPE, page VPC-82
• Information About 6PE/VPE, page VPC-82
• How to Implement 6PE/VPE, page VPC-84
• Configuration Examples for 6PE, page VPC-94
• Additional References, page VPC-95

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 81
Implementing IPv6 VPN Provider Edge Transport over MPLS
Prerequisites for Implementing 6PE/VPE

Prerequisites for Implementing 6PE/VPE


These prerequisites are required to implement 6PE:
• You must be in a user group associated with a task group that includes the proper task IDs. The
command reference guides include the task IDs required for each command.
If you suspect user group assignment is preventing you from using a command, contact your AAA
administrator for assistance.
• Familiarity with MPLS and BGP4 configuration and troubleshooting.

Information About 6PE/VPE


To configure the 6PE feature, you should understand the concepts that are described in these sections:
• Overview of 6PE/VPE, page VPC-82
• Benefits of 6PE/VPE, page VPC-83
• Deploying IPv6 over MPLS Backbones, page VPC-83
• IPv6 on the Provider Edge and Customer Edge Routers, page VPC-83
• IPv6 Provider Edge Multipath, page VPC-84

Overview of 6PE/VPE
Multiple techniques are available to integrate IPv6 services over service provider core backbones:
• Dedicated IPv6 network running over various data link layers
• Dual-stack IPv4-IPv6 backbone
• Existing MPLS backbone leverage
These solutions are deployed on service providers’ backbones when the amount of IPv6 traffic and the
revenue generated are in line with the necessary investments and the agreed-upon risks. Conditions are
favorable for the introduction of native IPv6 services, from the edge, in a scalable way, without any IPv6
addressing restrictions and without putting a well-controlled IPv4 backbone in jeopardy. Backbone
stability is essential for service providers that have recently stabilized their IPv4 infrastructure.
Service providers running an MPLS/IPv4 infrastructure follow similar trends because several integration
scenarios that offer IPv6 services on an MPLS network are possible. Cisco Systems has specially
developed Cisco 6PE or IPv6 Provider Edge Router over MPLS, to meet all those requirements.
Inter-AS support for 6PE requires support of Border Gateway Protocol (BGP) to enable address families
and to allocate and distribute PE and ASBR labels.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
82 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport over MPLS
Information About 6PE/VPE

Benefits of 6PE/VPE
Service providers who currently deploy MPLS experience these benefits of Cisco 6PE:
• Minimal operational cost and risk—No impact on existing IPv4 and MPLS services.
• Only provider edge routers upgrade—A 6PE/VPE router can be an existing PE router or a new one
dedicated to IPv6 traffic.
• No impact on IPv6 customer edge routers—The ISP can connect to any customer CE running Static,
IGP or EGP.
• Production services ready—An ISP can delegate IPv6 prefixes.
• IPv6 introduction into an existing MPLS service—6PE/VPE routers can be added at any time.

Deploying IPv6 over MPLS Backbones


Backbones enabled by 6PE (IPv6 over MPLS) allow IPv6 domains to communicate with each other over
an MPLS IPv4 core network. This implementation requires no backbone infrastructure upgrades and no
reconfiguration of core routers because forwarding is based on labels instead of the IP header itself. This
provides a very cost-effective strategy for IPv6 deployment.
Additionally, the inherent virtual private network (VPN) and traffic engineering (TE) services available
within an MPLS environment allow IPv6 networks to be combined into VPNs or extranets over an
infrastructure that supports IPv4 VPNs and MPLS-TE.

IPv6 on the Provider Edge and Customer Edge Routers


Service Provider Edge Routers

6PE is particularly applicable to service providers who currently run an MPLS network. One of its
advantages is that there is no need to upgrade the hardware, software, or configuration of the core
network, and it eliminates the impact on the operations and the revenues generated by existing IPv4
traffic. MPLS is used by many service providers to deliver services to customers. MPLS as a multiservice
infrastructure technology is able to provide layer 3 VPN, QoS, traffic engineering, fast re-routing and
integration of ATM and IP switching.

Customer Edge Routers

Using tunnels on the CE routers is the simplest way to deploy IPv6 over MPLS networks. It has no
impact on the operation or infrastructure of MPLS, and requires no changes to the P routers in the core
or to the PE routers. However, tunnel meshing is required as the number of CEs to connect increases,
and it becomes difficult to delegate a global IPv6 prefix for an ISP.
Figure 7 illustrates the network architecture using tunnels on the CE routers.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 83
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Figure 7 IPv6 Using Tunnels on the CE Routers

Dual stack Dual stack


IPv4-IPv6 IPv4-IPv6
CE routers CE routers
IPv6 over IPv4 tunnels
v6 v6

IPv6 IPv6
P P
PE
v4 v6

IPv4 PE
IPv6
OC-48/192

v6 v4

PE PE
IPv6 P P IPv4

v4

210608
IPv4

IPv6 Provider Edge Multipath


Internal and external BGP multipath for IPv6 allows the IPv6 router to balance load between several
paths (for example, the same neighboring autonomous system (AS) or sub-AS, or the same metrics) to
reach its destination. The 6PE multipath feature uses multiprotocol internal BGP (MP-IBGP) to
distribute IPv6 routes over the MPLS IPv4 core network and to attach an MPLS label to each route.
When MP-IBGP multipath is enabled on the 6PE router, all labeled paths are installed in the forwarding
table with available MPLS information (label stack). This functionality enables 6PE to perform load
balancing.

How to Implement 6PE/VPE


This section includes these implementation procedures:
• Configuring 6PE/VPE, page VPC-84
• Configuring PE to PE Core, page VPC-86
• Configuring PE to CE Core, page VPC-90

Configuring 6PE/VPE
This task describes how to configure 6PE/VPE on PE routers to transport the IPv6 prefixes across the
IPv4 cloud.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
84 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Ensure that you configure 6PE/VPE on PE routers participating in both the IPv4 cloud and IPv6 clouds.

Note For 6PE, you can use all routing protocols supported on Cisco IOS XR software such as BGP, OSPF,
IS-IS, EIGRP, RIP, and Static to learn routes from both clouds. However, for 6VPE, you can use only
the BGP, EIGRP and Static routing protocols to learn routes.

SUMMARY STEPS

1. configure
2. router bgp as-number
3. neighbor ip-address
4. address-family ipv6 labeled-unicast
5. exit
6. exit
7. address-family ipv6 unicast
8. allocate-label [all | route-policy policy_name]
9. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp as-number Enters the number that identifies the autonomous system
(AS) in which the router resides.
Example: Range for 2-byte numbers is 1 to 65535. Range for 4-byte
RP/0/RSP0/CPU0:router(config)# router bgp 1 numbers is 1.0 to 65535.65535.
Step 3 neighbor ip-address Enters neighbor configuration mode for configuring Border
Gateway Protocol (BGP) routing sessions.
Example:
RP/0/RSP0/CPU0:router(config-bgp)# neighbor
1.1.1.1
Step 4 address-family ipv6 labeled-unicast Specifies IPv6 labeled-unicast address prefixes.
Note This option is also available in IPv6 neighbor
Example: configuration mode and VRF neighbor
RP/0/RSP0/CPU0:router(config-bgp-nbr)# configuration mode.
address-family ipv6 labeled-unicast

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 85
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Command or Action Purpose


Step 5 exit Exits BGP address-family submode.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# exit
Step 6 exit Exits BGP neighbor submode.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)# exit
Step 7 address-family ipv6 unicast Specifies IPv6 unicast address prefixes.

Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family ipv6 unicast
Step 8 allocate-label [all | route-policy policy_name] Allocates MPLS labels for specified IPv4 unicast routes.
Note The route-policy keyword provides finer control to
Example: filter out certain routes from being advertised to the
RP/0/RSP0/CPU0:router(config-bgp-af)# neighbor.
allocate-label all
Step 9 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-af)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-af)# commit running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Configuring PE to PE Core
This task describes how to configure a Provider Edge (PE) to PE Core.
For information on configuring VPN Routing and Forwarding (VRF), refer to the Implementing BGP on
Cisco ASR 9000 Series Router module of the Cisco ASR 9000 Series Aggregation Services Router
Routing Configuration Guide.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
86 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

SUMMARY STEPS

1. configure
2. router bgp
3. address-family vpnv6 unicast
4. bgp dampening [ half-life [ reuse suppress max-suppress-time ] | route-policy route-policy-name ]
5. bgp client-to-client reflection { cluster-id | disable }
6. neighbor ip-address
7. remote-as as-number
8. description text
9. password { clear | encrypted } password
10. shutdown
11. timers keepalive hold-time
12. update-source type interface-id
13. address-family vpnv6 unicast
14. route-policy route-policy-name { in | out }
15. exit
16. vrf vrf-name
17. rd { as-number : nn | ip-address : nn | auto }
18. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp as-number Specifies the BGP AS number and enters the BGP
configuration mode, allowing you to configure the BGP
routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 10
Step 3 address-family vpnv6 unicast Specifies the vpnv6 address family and enters address
family configuration submode.
Example:
RP/0/RSP0/CPU0:router(config-bgp)#
address-family vpnv6 unicast

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 87
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Command or Action Purpose


Step 4 bgp dampening [ half-life [ reuse suppress Configures BGP dampening for the specified address
max-suppress-time ] | route-policy family.
route-policy-name ]

Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# bgp
dampening 30 1500 10000 120
Step 5 bgp client-to-client reflection {cluster-id | Configures client to client route reflection.
disable }

Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# bgp
client-to-client reflection disable
Step 6 exit Exits the address family configuration submode.

Example:
RP/0/RSP0/CPU0:router(config-bgp-af)# exit
Step 7 neighbor ip-address Places the router in neighbor configuration mode for BGP
routing and configures the neighbor IP address as a BGP
peer.
Example:
RP/0/RSP0/CPU0:router(config-bgp)# neighbor
10.1.1.1
Step 8 remote-as as-number Creates a neighbor and assigns a remote autonomous
system number to it.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
remote-as 100
Step 9 description text Provides a description of the neighbor. The description is
used to save comments and does not affect software
function.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
description neighbor 172.16.1.1
Step 10 password { clear | encrypted } password Enables Message Digest 5 (MD5) authentication on the
TCP connection between the two BGP neighbors.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)# password
encrypted 123abc
Step 11 shutdown Terminates any active sessions for the specified neighbor
and removes all associated routing information.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)# router
bgp 1
Step 12 timers keepalive hold-time Set the timers for the BGP neighbor.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)# timers
12000 200

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
88 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Command or Action Purpose


Step 13 update-source type interface-id Allows iBGP sessions to use the primary IP address from a
specific interface as the local address when forming an
iBGP session with a neighbor.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
update-source gigabitEthernet 0/1/5/0
Step 14 address-family vpnv6 unicast Enters VPN neighbor address family configuration mode.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr)#
address-family vpvn6 unicast
Step 15 route-policy route-policy-name { in | out } Specifies a routing policy for an inbound route. The policy
can be used to filter routes or modify route attributes.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-policy pe-pe-vpn-in in
Step 16 route-policy route-policy-name { in | out } Specifies a routing policy for an outbound route. The policy
can be used to filter routes or modify route attributes.
Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)#
route-policy pe-pe-vpn-out out
Step 17 exit Exits address family configuration and neighbor submode.

Example:
RP/0/RSP0/CPU0:router(config-bgp-nbr-af)# exit
Step 18 vrf vrf-name Configures a VRF instance.

Example:
RP/0/RSP0/CPU0:router(config-bgp)# vrf vrf-pe

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 89
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Command or Action Purpose


Step 19 rd { as-number : nn | ip-address : nn | auto } Configures the route distinguisher.
Use the auto keyword if you want the router to
Example: automatically assign a unique RD to the VRF.
RP/0/RSP0/CPU0:router(config-bgp-vrf)#
rd 345:567
Step 20 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-vrf)# end [cancel]:
or
– Entering yes saves configuration changes to the
RP/0/RSP0/CPU0:router(config-bgp-vrf)# commit running configuration file, exits the configuration
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Configuring PE to CE Core
This task describes how to configure a PE to Customer Edge (CE) core.

SUMMARY STEPS

1. configure
2. router bgp
3. vrf vrf-name
4. bgp router-id ip-address
5. label-allocation-mode { per-ce | per-vrf }
6. address-family ipv6 unicast
7. redistribute {connected | static | eigrp }
8. neighbor ip-address
9. remote-as as-number
10. ebgp-multihop { maximum hops | mpls }
11. address-family ipv6 unicast
12. site-of-origin [ as-number : nn | ip-address : nn ]

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
90 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

13. as-override
14. allowas-in [ as-occurrence-number ]
15. end
or
commit

DETAILED STEPS

Command or Action Purpose


Step 1 configure Enters global configuration mode.

Example:
RP/0/RSP0/CPU0:router# configure
Step 2 router bgp as-number Specifies the BGP AS number and enters the BGP
configuration mode, allowing you to configure the BGP
routing process.
Example:
RP/0/RSP0/CPU0:router(config)# router bgp 10
Step 3 vrf vrf-name Configures a VRF instance.

Example:
RP/0/RSP0/CPU0:router(config-bgp)# vrf vrf-pe
Step 4 bgp router-id ip-address Configures a fixed router ID for a BGP-speaking router.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf)#bgp
router-id 172.16.9.9
Step 5 label-allocation-mode { per-ce | per-vrf } Configures the per-CE label allocation mode to avoid an
extra lookup on the PE router and conserve label space
(per-prefix is the default label allocation mode). In this
Example: mode, the PE router allocates one label for every immediate
RP/0/RSP0/CPU0:router(config-bgp-vrf)# next-hop (in most cases, this would be a CE router). This
label-allocation-mode per-ce label is directly mapped to the next hop, so there is no VRF
route lookup performed during data forwarding. However,
the number of labels allocated would be one for each CE
rather than one for each VRF. Because BGP knows all the
next hops, it assigns a label for each next hop (not for each
PE-CE interface). When the outgoing interface is a
multiaccess interface and the media access control (MAC)
address of the neighbor is not known, Address Resolution
Protocol (ARP) is triggered during packet forwarding.
The per-vrf keyword configures the same label to be used
for all the routes advertised from a unique VRF.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 91
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Command or Action Purpose


Step 6 address-family ipv6 unicast Specifies an IPv6 address family unicast and enters address
family configuration submode.
To see a list of all the possible keywords and arguments for
Example: this command, use the CLI help (?).
RP/0/RSP0/CPU0:router(config-bgp-vrf)#
address-family ipv6 unicast
Step 7 redistribute {connected | static | eigrp } Causes routes from the specified instance to be redistributed
into BGP.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-af)#
Step 8 neighbor ip-address Configures a CE neighbor. The ip-address argument must
be a private address.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf)#
neighbor 10.0.0.0
Step 9 remote-as as-number Configures the remote AS for the CE neighbor.

Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
remote-as 2
Step 10 ebgp-multihop { maximum hops | mpls } Configures the CE neighbor to accept and attempt BGP
connections to external peers residing on networks that are
not directly connected.
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
ebgp-multihop 55
Step 11 address-family ipv6 unicast Specifies an IPv6 address family unicast and enters address
family configuration submode.
To see a list of all the possible keywords and arguments for
Example: this command, use the CLI help (?).
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr)#
address-family ipv6 unicast
Step 12 site-of-origin [as-number:nn | ip-address:nn ] Configures the site-of-origin (SoO) extended community.
Routes that are learned from this CE neighbor are tagged
with the SoO extended community before being advertised
Example:
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
to the rest of the PEs. SoO is frequently used to detect loops
site-of-origin 234:111 when as-override is configured on the PE router. If the
prefix is looped back to the same site, the PE detects this
and does not send the update to the CE.
Step 13 as-override Configures AS override on the PE router. This causes the PE
router to replace the CE’s ASN with its own (PE) ASN.
Example: Note This loss of information could lead to routing loops;
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)# to avoid loops caused by as-override, use it in
as-override conjunction with site-of-origin.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
92 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport over MPLS
How to Implement 6PE/VPE

Command or Action Purpose


Step 14 allowas-in [ as-occurrence-number ] Allows an AS path with the PE autonomous system number
(ASN) a specified number of times.
Example: Hub and spoke VPN networks need the looping back of
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)# routing information to the HUB PE through the HUB CE.
allowas-in 5 When this happens, due to the presence of the PE ASN, the
looped-back information is dropped by the HUB PE. To
avoid this, use the allowas-in command to allow prefixes
even if they have the PEs ASN up to the specified number
of times.
Step 15 end Saves configuration changes.
or
• When you issue the end command, the system prompts
commit you to commit changes:
Uncommitted changes found, commit them before
Example: exiting(yes/no/cancel)?
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)# [cancel]:
end
or – Entering yes saves configuration changes to the
running configuration file, exits the configuration
RP/0/RSP0/CPU0:router(config-bgp-vrf-nbr-af)#
commit
session, and returns the router to EXEC mode.
– Entering no exits the configuration session and
returns the router to EXEC mode without
committing the configuration changes.
– Entering cancel leaves the router in the current
configuration session without exiting or
committing the configuration changes.
• Use the commit command to save the configuration
changes to the running configuration file and remain
within the configuration session.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 93
Implementing IPv6 VPN Provider Edge Transport over MPLS
Configuration Examples for 6PE

Configuration Examples for 6PE


This section includes these configuration example:
• Configuring 6PE on a PE Router: Example, page VPC-94
• Configuring 6VPE on a PE Router: Example, page VPC-94

Configuring 6PE on a PE Router: Example


This sample configuration shows the configuration of 6PE on a PE router:
interface GigabitEthernet0/3/0/0
ipv6 address 2001::1/64
!
router isis ipv6-cloud
net 49.0000.0000.0001.00
address-family ipv6 unicast
single-topology
interface GigabitEthernet0/3/0/0
address-family ipv6 unicast
!
!
router bgp 55400
bgp router-id 54.6.1.1
address-family ipv4 unicast
!
address-family ipv6 unicast
network 55:5::/64
redistribute connected
redistribute isis ipv6-cloud
allocate-label all

!
neighbor 34.4.3.3
remote-as 55400
address-family ipv4 unicast
!
address-family ipv6 labeled-unicast

Configuring 6VPE on a PE Router: Example


This sample configuration shows the configuration of 6VPE on a PE router:
vrf vpn1
address-family ipv6 unicast
import route-target
200:2
!
export route-target
200:2

interface Loopback0
ipv4 address 10.0.0.1 255.255.255.255

interface GigabitEthernet0/0/0/1
vrf vpn1
ipv6 address 2001:c003:a::2/64

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
94 OL-23110-01
Implementing IPv6 VPN Provider Edge Transport over MPLS
Additional References

router bgp 1
bgp router-id 10.0.0.1
bgp redistribute-internal
bgp graceful-restart
address-family ipv4 unicast
!

address-family vpnv6 unicast


!
neighbor 10.0.0.2 >>>> Remote peer loopback address.
remote-as 1
update-source Loopback0
address-family ipv4 unicast
!
address-family vpnv6 unicast
route-policy pass-all in
route-policy pass-all out
!

vrf vpn1
rd 100:2
bgp router-id 140.140.140.140
address-family ipv6 unicast
redistribute connected
!

neighbor 2001:c003:a::1
remote-as 6502
address-family ipv6 unicast
route-policy pass-all in
route-policy pass-all out
!

Additional References
For additional information related to this feature, refer to these references:

Related Document

Related Topic Document Title


Getting started material Cisco ASR 9000 Series Aggregation Services Router Getting
Started Guide

Standards

Standards1 Title
No new or modified standards are supported by this —
feature, and support for existing standards has not been
modified by this feature.
1. Not all supported standards are listed.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 95
Implementing IPv6 VPN Provider Edge Transport over MPLS
Additional References

MIBs

MIBs MIBs Link


— To locate and download MIBs using Cisco IOS XR software, use the
Cisco MIB Locator found at this URL and choose a platform under
the Cisco Access Products menu:
http://cisco.com/public/sw-center/netmgmt/cmtk/mibs.shtml

RFCs

RFCs Title
— —

Technical Assistance

Description Link
The Cisco Technical Support website contains http://www.cisco.com/techsupport
thousands of pages of searchable technical content,
including links to products, technologies, solutions,
technical tips, and tools. Registered Cisco.com users
can log in from this page to access even more content.

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
96 OL-23110-01
INDEX

HC Cisco ASR 9000 Series Aggregation Services Router Interface


and Hardware Component Configuration Guide B
IC Cisco ASR 9000 Series Aggregation Services Router IP
Addresses and Services Configuration Guide BGP
MCC Cisco ASR 9000 Series Aggregation Services Router confederations VPC-9
Multicast Configuration Guide
BGP (border gateway protocol)
MNC Cisco ASR 9000 Series Aggregation Services Router System
Monitoring Configuration Guide distributing routes VPC-13
MPC Cisco ASR 9000 Series Aggregation Services Router MPLS messages and MPLS labels VPC-12
Configuration Guide
routing information VPC-12
QC Cisco ASR 9000 Series Aggregation Services Router Modular
Quality of Service Configuration Guide BGP4 configuration VPC-82
RC Cisco ASR 9000 Series Aggregation Services Router Routing BGP multipath
Configuration Guide
6PE/VPE VPC-84
SC Cisco ASR 9000 Series Aggregation Services Router System
Security Configuration Guide
SMC Cisco ASR 9000 Series Aggregation Services Router System
Management Configuration Guide C
LSC Cisco ASR 9000 Series Aggregation Services Router L2VPN
and Ethernet Services Configuration Guide CSC (Carrier Supporting Carrier)
configuration examples VPC-68
Numerics
configuration options for backbone and customer
carriers VPC-15
6PE/VPE
configuring a CSC-PE link VPC-61
BGP multipath VPC-84
configuring a static route to a peer VPC-68
conditions for use VPC-82
customer carrier network options VPC-15
how to configure VPC-84
identifying topology VPC-60
how to deploy VPC-83
CSC-CE link, how to configure VPC-65
overview VPC-82
CSC-PE link, how to configure VPC-61
prerequisites VPC-82
customer edge router
service provider considerations VPC-82
6PE/VPE VPC-83
supported protocols VPC-85
MPLS Layer 3 VPN VPC-4
customer edge router (CE)
A MPLS Layer 3 VPN VPC-4

automatic route distinguisher, MPLS Layer 3 VPN VPC-7


autonomous system VPC-8 E

eBGP VPC-2

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
OL-23110-01 97
Index

I P

Inter-AS configurations PE router


BGP VPC-9 MPLS Layer 3 VPN VPC-4
interprovider VPN VPC-8
supported VPC-8
S
interprovider VPN, MPLS VPN VPC-9
service provider edge routers, 6PE VPC-83
service providers, 6PE VPC-82
M
static
MPLS Layer 3 VPN router to a peer, how to configure VPC-68
automatic route distinguisher VPC-7
autonomous system VPC-8
T
components VPC-3
concepts VPC-3 tunnel types
customer edge router VPC-4 6PE VPC-83
customer router VPC-4
defined VPC-3
defining VPC-3
V
distributed routing information VPC-5 verifying IP connectivity, CSC
FIB VPC-2 MPLS Layer 3 VPN VPC-61
implementing VPC-3 VRF (virtual routing and forwarding)
major components VPC-7 configuring backbone carrier core VPC-61
MPLS forwarding VPC-6
PE router VPC-4
prerequisites VPC-2
provider router VPC-4
restrictions VPC-2
scalability VPC-4
security VPC-4
topology VPC-4
VPN routing information VPC-6
working VPC-5
MPLS VPN
Inter-AS ASBRs VPC-7
major components VPC-7

Cisco ASR 9000 Series Aggregation Services Router MPLS Layer 3 VPN Configuration Guide
98 OL-23110-01

You might also like