BitSpyder - The Culture of Knowledge

BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Rev. 11.12 - Course #: 00298194

Part Number: 00298194S1101

Student guide
HP Partner Learning
 BitSpyder - The Culture of Knowledge

 Copyright 2011 Hewlett-Packard Development Company, L.P.

The information contained herein is subject to change without notice. The only warranties for
HP products and services are set forth in the express warranty statements accompanying such
products and services. Nothing herein should be construed as constituting an additional
warranty. HP shall not be liable for technical or editorial errors or omissions contained
herein.
This is an HP copyrighted work that may not be reproduced without the written permission of
HP. You may not use these materials to deliver training to any person outside of your
organization without the written permission of HP.
Printed in United States of America
HP Enterprise Networks – v11.12
Student guide
January 2011
HP Restricted
 BitSpyder - The Culture of Knowledge

Contents

Module 1: BGP
Introduction Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Agenda . . . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
References . . . . .. . . . . . . . . . . . . . . . . . . . . . . . . . 1-1
Overview Autonomous Systems . . . . . . . . . . . . . . . . . . . . . . . 1-2
BGP Characteristics . . . . . . . . . . . . . . . . . . . . . . . . 1-3
BGP Peers Peer Relationship . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
Using Loopback Interfaces . . . . . . . . . . . . . . . . . . . 1-5
Configuring eBGP Peers . . . . . . . . . . . . . . . . . . . . . 1-6
Configuring iBGP Peers . . . . . . . . . . . . . . . . . . . . . 1-7
BGP Peer State Machine . . . . . . . . . . . . . . . . . . . . 1-10
BGP Routes Learning Sources . . . . . . . . . . . . . . . . . . . . . . . . . . 1-11
IGP and iBGP Interaction . . . . . . . . . . . . . . . . . . . . 1-14
Route Advertisement . . . . . . . . . . . . . . . . . . . . . . . 1-17
Message types . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-18
BGP Basic Configuration Example . . . . . . . . . . . . . . 1-19
Lab Activity 1.1 . . . . . . . . . . . . . . . . . . . . . . . . . . 1-22
BGP Path Attributes . . . . . . . . . . . . . . . . . . . . . . . . 1-23
Route Selection . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-29
Route Filtering . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-30
Routing Policies . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-32
Large Scale BGP Issues . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-35
Route Aggregation . . . . . . . . . . . . . . . . . . . . . . . . 1-35
iBGP Scalability Issues . . . . . . . . . . . . . . . . . . . . . . 1-36
Route Reflector . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-37
Confederation . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-38
Route Dampening . . . . . . . . . . . . . . . . . . . . . . . . . 1-39
Lab Activity 1.2 . . . . . . . . . . . . . . . . . . . . . . . . . . 1-40
BFD and GR Introduction to BFD . . . . . . . . . . . . . . . . . . . . . . . . 1-41

Rev. 11.12 i
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Introduction to GR . . . . . . . . . . . . . . . . . . . . . . . . . 1-41
Learner Activity: Look-up and Discuss . . . . . . . . . . . . 1-42
Summary ...................................... 1-45

Module 2: MPLS, L3VPNs, L2VPNs, VPLS

Introduction Objectives . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
Agenda . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-1
MPLS Basics Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-2
Benefits . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
Terminology . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-3
Label Switching Router . . . . . . . . . . . . . . . . . . . . . . 2-5
Basic Configuration Steps . . . . . . . . . . . . . . . . . . . . 2-12
MPLS L3VPNs Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-13
VPN Targets and Route Distinguishers . . . . . . . . . . . 2-14
PE and CE Equipment Roles . . . . . . . . . . . . . . . . . . 2-16
VPN-instance Route Exchange by MP-BGP . . . . . . . . 2-16
Configuration Example . . . . . . . . . . . . . . . . . . . . . . 2-21
Lab Activity 2.1 . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-23
MPLS L2 VPNs Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-24
CCC VLLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-26
Martini VLLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-28
Static VLLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-31
Kompella VLLs . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-31
Lab Activity 2.2 . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-32
VPLS Basics Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-33
VPLS Signaling . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-35
Packet Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . 2-36
Lab Activity 2.3 . . . . . . . . . . . . . . . . . . . . . . . . . . . 2-37
Summary ...................................... 2-37

ii Rev. 11.12
 BitSpyder - The Culture of Knowledge

BGP
Module 1

Introduction
Objectives
 At the end of this module you will be able to explain and implement in A-Series
switches and routers:
 BGP Peers
 BGP Routes including: learning, redistribution, IGP/BGP interaction,
attributes, selection, and filtering
 Large scale BGP including: route aggregation, route reflector,
confederation and dampening
 BGP Supplements: BFD and GR

Agenda
1. BGP Overview
2. BGP Peers
3. BGP Routes
4. Large Scale Features
5. BGP Supplements: BFD, GR

References
 A- MSR - 07 – Layer IP Routing Configuration Guide
 A- MSR - 14 - High Availability Configuration Guide

Rev. 11.12 1 -1
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

BGP Overview
Autonomous System

Figure 1.1: Autonomous Systems

To define a local AS number, assign a unique 16-bit number with the command:
bgp <as-number>
To determine what to use as a local AS number decide whether you will be using
BGP to connect to the Internet.
If you are using BGP within a single company and not connecting to the Internet (the
multinational company scenario), you can make up the AS numbers yourself, based
on the following rules:
 It must be a positive integer from 1 through 65535.
 AS numbers 64512–65535 are reserved for use as private AS numbers.

Note
Private numbers do not support multi-homed AS. You must use an assigned AS
number for multi-homing.

 All BGP routers within a single AS must use the same LocalAS number.
 The number must be unique among all the autonomous systems running BGP
with each other. (For example, you can’t have two different autonomous
systems, both with LocalAS=100).
 If, on the other hand, you are using BGP to connect to the Internet, your ISP
should provide you with an AS number to use.
 After BGP is enabled, the local router continuously monitors to see whether any
incoming BGP connection requests are received from neighboring peers.

1 -2 Rev. 11.12
 BitSpyder - The Culture of Knowledge

BGP

BGP Characteristics
 BGP is an external routing protocol, used to transmit routing information
between Autonomous Systems’ or AS’s

d.
 It focuses on the control of route advertising and the selection of optimal

ite
routes, instead of route discovery and calculation

ib
oh
 The exchange points for organisations are usually

pr
 Private Peering between ISP’s

is
n
 Government or Commercial Internet Exchange points

sio
is
 Designed to scale to Huge Networks

m
er
 Environments with complex route policy requirements

tp
BGP version 4 : RFC 1771 (1989)

ou


ith
 Runs on top of TCP

w
Path Vector Protocol:

rt


pa
 Avoids the occurrence of loops by design
i n
or
 Provides a rich set of attributes (metrics) information for the advertised routes
e

Supports CIDR
l
ho


w

 Abundant route filtering and routing strategies

in

No periodic update of routing information

n


tio

 Triggered updates for peers

c
du

 “Batch” route updates

ro
ep
.R

BGP, now in version 4 runs on top of TCP. That means that BGP peers must establish
ly
on

a TCP connection before they can exchange routing information.

se

BGP uses a Path Vector algorithm. The routing information is supplemented with a
u

vector composed of the numbers of the autonomous systems the route will go
er

through. A BGP router will check the AS path contained in any received route and if
ld
ho

its own AS number is included, it means that the path has a loops, and the route is
ke

discarded.
a
St

BGP offers the option of including many route attributes (the AS path mentioned
&L

above is an example) that can be used to optimize and fine tune; and provides an
C

extended set of route filters.

P
H

It supports CIDR, so it refers to destinations as “IP Prefixes” instead of subnets.

Rev. 11.12 1 -3
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

BGP Peers
Peer Relationship
Any router configured for BGP is called a BGP speaker.

d.


ite
BGP peer relationships run on top of a TCP connection

ib


oh
 If a peer is

pr
 In a different AS, it is called an external BGP peer or eBGP peer

is
n
 In the same AS, it is called an internal BGP peer or iBGP peer

sio
is
 eBGP peers must have a direct link

m
er
 iBGP peers may not have a direct link (they may not be neighbors)

tp
 BGP does not have a peer discovery sub-protocol like OSPF’s Hello

ou
ith
 Peers must be configured manually

w
rt
pa
i n
or
l e
ho
w
in
n
ctio
du
ro
ep
.R
ly
on
se

Figure 1.2: BGP Peer Types

u
er
ld
ho
ake
St
&L
C
P
H

1 -4 Rev. 11.12
 BitSpyder - The Culture of Knowledge

BGP

Using the Loopback Interfaces

As said above, BGP peers must be configured manually. The most important
parameter of a peer is its IP address. It is used not just to establish the relationship
but to identify the peer (peer router ID).

d.
ite
Because of that, it is important for the IP address to be stable.

ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
Figure 1.3: Loopback Interfaces

w
rt
The loopback interface is always UP, so its address provides a stable TCP

pa


connection end-point.
If there is a single path to a certain peer i n
or

e

 The routers’ interfaces to that path can be used (if the path fails, the peer is
l
ho

unreachable anyway)
w
in

 Even in this case, using the loopback interface’s address will simplify future
n

enhancements, like the addition of a second path.

ctio
du
ro
ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 1 -5
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Configuring eBGP Peers

eBGP Peers can be connected using:

d.
a. Direct link interfaces

ite
ib
b. Loopback interfaces

oh
pr
is
eBGP peer configuration using the direct link

n
io
interfaces does not require additional steps.

s
is
m
er
When using loopback interfaces, however, additional

tp
steps must be taken: Figure 1.4: eBGP Peers

ou
ith
 For the peer’s loopback interface address to be reachable: add a static route to

w
the peer´s loopback interface

rt
pa
 eBGP messages are encapsulated in IP packets with TTL=1 by default. For the IP

n
packet to reach the loopback interface, TTT must be 2: add the peer ebgp-
i
or
max-hop 2 option
l e

BGP discards update messages with a source address that is not in its own peer
ho

list: configure the loopback interface as “bgp source” by running the connect-
w
in

interface loopback 0 command

n
c tio
du

Single Link
ro
ep

Steps:
.R

 Enable BGP using the AS number (in system view)

ly

and enter BGP view

on

Configure the peer using the direct link’s IP address

se


u

(in BGP view)

er

Router A:
ld
ho

bgp 100
ake

peer 220.1.1.2 as-number 101

St

Router B:
&L
C

bgp 101
P

Figure 1.5: Single Link eBGP

H

peer 220.1.1.1 as-number 100

Note
A BGP speaker configures a peer as External when its own AS number is
different from the peer´s.

1 -6 Rev. 11.12
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
Figure 1.7: iBGP

ou
Router A

ith
w
interface loopback 0

rt
ip address 220.1.254.1 32

pa
ospf 1
i n
or
area 0
l e

. . .
ho
w

network 220.1.254.2 0.0.0.0

in

network 220.1.254.3 0.0.0.0

n
tio

bgp 200
c
du

import ospf
ro

group as200 internal

ep
.R

peer as200 as-number 200

ly

peer as200 connect-interface loopback 0

on

peer 220.1.254.2 group as200

u se

peer 220.1.254.3 group as200

er
ld
ho

In this configuration, notice the following:

ake

1. OSPF is used, among other things, to make the peers´ loopback interfaces
St

reachable
&L

2. A group is used to reduce and clarify the BGP peer configuration

C
P
H

1 -8 Rev. 11.12
 BitSpyder - The Culture of Knowledge

BGP

Displaying BGP Peers

display bgp peer 10.110.25.20 verbose
Peer: 10.110.25.20 Local: 2.2.2.2

d.
Type: EBGP link

ite
BGP version 4, remote router ID 1.1.1.1

ib
oh
BGP current state: Established, Up for 00h01m51s

pr
BGP current event: RecvKeepalive

is
n
BGP last state: OpenConfirm

sio
Port: Local - 1029 Remote - 179

is
m
Configured: Active Hold Time: 180 sec Keepalive Time: 60 sec

er
tp
Received : Active Hold Time: 180 sec

ou
Negotiated: Active Hold Time: 180 sec

ith
Peer optional capabilities:

w
rt
Peer support bgp multi-protocol extended

pa
Peer support bgp route refresh capability
i n
or
Address family IPv4 Unicast: advertised and received
l e
ho
w
in
n
c tio
du
ro
ep
.R
ly
on
se
u
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 1 -9
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Peer State Machine

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
Figure 1.8: Peer State Machine

pa
i n
or
The peer relationship goes through many states until it reaches the final phase:
l e
ho

established. The most important are:

w

Idle – Indicated that the router does not know how to reach the IP addresses listed
in

in the neighbor statement. The router is idle for one of the following reasons:
n
tio

It is waiting for a static route to that IP address or network to be configured.

c
du

It is waiting for the local routing protocol (IGP) to learn about this network through
ro

an advertisement from another router.

ep
.R
ly
on

Active – Indicated that is has found the IP address in the neighbor statement and
has created and sent out a BGP open packet but has not received a response (open
se

confirm packet) back from the neighbor.

u
er
ld
ho

Established – Indicates that both routers agree to exchange BGP updates with one
ke

another and routing has begun.

a
St
&L
C
P
H

1 -10 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

BGP Routes
Learning Sources
BGP incorporates routes to its table in three different ways: redistribution, injection

d.
ite
or from its peers.

ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
or
e

Figure 1.9: BGP Route Learning Process

l
ho
w
in

BGP, as any routing protocol, can learn routes from different sources:
n
tio

Internally:
c


du

 by route redistribution (command: import . . . )

ro
ep

 by route injection (command: network . . . )

.R

Externally:
ly


on

 updates received from BGP peers

use
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 1 -11

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Internal Route Learning Process

Full dynamic import
With this mechanism routes learned by another protocol are imported into the BGP

d.
routing table and then “redistributed” to the peers. The CLI command to configure

ite
route redistribution is “import” and its behavior is similar to the same command

ib
oh
used for OSPF, RIP, etc.

pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
Figure 1.10: Route Redistribution

1. IGP discovers route 18.0.0.1/8. i n

or
e

2. BGP dynamically imports the route discovered by the IGP into the BGP routing
l
ho

table of RTB
w
in
n
tio

Semi-dynamic import
c
du

This mechanism is triggered by the network command.

ro
ep
.R
ly
on
u se
er
ld
ho
ke

Figure 1.11: IGP Route Injection

a
St

1. IGP discovers the route 18.0.0.1/8

&L

2. BGP imports the route discovered by the IGP into the routing table of RTB
C
P
H

1 -12 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Static import

d.
ite
ib
oh
pr
is
n
Figure 1.12: Static Route Injection

sio
is
1. Manually configure the static route 18.0.0.1/8 and

m
er
2. BGP imports the static route into the BGP routing table of RTB.

tp
ou
ith
BGP Routes and the network command

w
rt
IGPs use it to enable the protocol in the subnet and start the neighbor discovery

pa


process.
i n
or
 Example: OSPF Hello protocol
l e

BGP does not use it to enable the protocol in the subnet

ho


w

 IGPs compare the subnet with the contents of the interface table
in
n

 BGP compares the subnet with the contents of the routing table
ctio
du
ro

In general, this command applies to directly connected networks and is used to

ep

enable the protocol on the corresponding interface for two purposes:

.R

1. For neighbor discovery (hello protocol)

ly
on

2. To incorporate the prefix into the protocol´s table for distribution

u se
er

In BGP, this command can be applied to any network prefix, and:

ld
ho

 If the prefix is matched completely by an entry in the IP routing table, it is

ke

entered into BGP´s own routing table.

a
St

 But BGP will not enable itself on any interface; there is no need for that because
&L

BGP does not have a peer discovery mechanism.

C
P
H

Rev. 11.12 1 -13

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

IGP and iBGP Interaction

The problem

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
Figure 1.13: IGP and iBGP Problem

ith
RTA, RTB and RTM learn a route to 10.0.x.y via BGP

w


rt
RTC does not and packets from RTM to 10.0.x.y are dropped by RTC

pa


i n
or
In many BGP transit networks, iBGP peers are not directly connected, in other
l e

words, there are nodes in the iBGP connection path that do not run BGP.
ho
w

The problem described above is generally known as iBGP black hole and must be
in

avoided, and there are several solutions for it.

n
ctio
du

Solution 1: Direct physical link

ro
ep
.R
ly
on
u se
er
ld
ho
ake
St

Figure 1.14: IGP and iBGP / Solution 1

&L
C

 The path now goes directly from RTB to RTA and all involved routers have a
P

route to 10.0.x.y
H

In this solution a direct link between the iBGP peers eliminate the black hole
completely.
1 -14 Rev. 11.12
 BitSpyder - The Culture of Knowledge

BGP

Solution 2: Enable BGP in all Intermediate Routers

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
Figure 1.15: IGP and iBGP / Solution 3

ou
This is not really a solution, but the elimination of the problem, because all routers

ith
run BGP.

w
rt
In this case, an additional parameter must be used in the iBGP peer configuration:

pa
next-hop-local (see below in the BGP Next Hop attribute section)
i n
or
e

Solution 3: Configure the IGP to Advertise a Default Route

l
ho
w
in
n
c tio
du
ro
ep
.R
ly
on
use

Figure 1.16: IGP and iBGP / Solution 2

er
ld

In RTA
ho


ke

 add a default (or static route) to 10.0.x.y with gateway= RTN

a
St

 Advertise the default route using the IGP

&L

Now RTC has a route to 10.0.x.y through RTA

C


P
H

This is the optimal solution, in terms of scalability. In some cases a small number of
static routes can solve the issue.

Rev. 11.12 1 -15

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Solution 4: Redistribute BGP into the IGP

d.
ite
ib
oh
pr
is
n
sio
is
m
er
Figure 1.17: IGP and iBGP / Solution 4

tp
ou
ith
 If it is a transit AS and one of the connected ASs (AS11) is a stub AS and the

w
number of routes is small, the IGP in RTA can redistribute (import) BGP routes

rt
pa
 In general, this is not recommended because BGP tables can be huge
i n
or
e

Another solution, only applicable when eBGP connects to a small number of routes,
l
ho

is to import BGP into the IGP.

w
in
n

Notice:
c tio
du

 Solutions 1 and 2 are not real solutions but ways to avoid the problem and not
ro

always feasible.
ep

In the case of solutions number 3 the issue is that adding one more iBGP peers
.R

only complicates the system, because it needs to establish a relationship with all
ly

the other BGP speakers in the AS (see below Large Scale BGP).
on
se

 So, the real discussion is when to use a default route, a group of static routes
u

and when to import BGP routes into the IGP.

er
ld
ho
ake
St
&L
C
P
H

1 -16 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

IGP and iBGP synchronization

 A-Series routers and switches: disabled by default
 When a BGP router receives an iBGP route, it only checks the reachability
of the route’s next hop before advertisement.

d.
ite
BGP-IGP synchronization, when enabled:

ib


oh
 The BGP router cannot advertise the route to eBGP peers unless the route is

pr
also available in the IGP routing table.

is
n
 It should be used

sio
 When the IGP redistributes BGP routes (as in Solution 4 above)

is
m
 If some routers in the BGP transit path in the AS are not running BGP (and,

er
tp
therefore, do not have a physically meshed iBGP).

ou
No need to use it in cases like Solutions 1, 2 and 3 above.

ith


w
rt
pa
Route Advertisement
i n
The BGP route advertisement process is based on the following logic:
or
e

What:
l
ho
w

1. The BGP speaker selects the best route for its own use
in

2. The BGP speaker advertises the routes used by itself to its peers, which only
n
tio

advertise what they are told to advertise

c
du

3. For the routes obtained from eBGP, the BGP speaker advertises them to all its
ro

peers (including eBGP and iBGP)

ep

4. For the routes obtained from iBGP, the BGP speaker does not advertise them to
.R

its iBGP peers

ly
on

When:
se

1. As soon as a connection is established, the BGP speaker advertises all routes to

u
er

the new peer

ld
ho

2. From then on, only changes are advertised

ake
St
&L
C
P
H

Rev. 11.12 1 -17

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Message Types
 There are four types of BGP messages:
 OPEN (greeting): Once TCP has established a connection between two

d.
BGP peers, the first message sent between both routers is an OPEN

ite
message

ib
oh
 KEEPALIVE

pr
 UPDATE: “Fresh news …”

is
n
 NOTIFICATION (error): “Disconnect because ………….”

sio
is
m
er
Update Message

tp
ou
An UPDATE message consists of a header and the following structure:

ith
w
rt
pa
i n
or
l e
ho
w
in
n

Figure 1.18: Update Message Structure

tio
c
du

“An UPDATE message is used to advertise a single feasible route to a peer or to

ro

withdraw multiple unfeasible routes from service”

ep

RFC 1771
.R
ly

The first 2 fields are used to withdraw routes that have been distributed earlier and
on

are no longer reachable.

u se
er

The next 3 fields are used to distribute a new route. The Network Layer Reachability
ld

Information (NLRI) IP prefixes. All the prefixes included in a single update message
ho

share a set of attributes: path, origin, etc.

ake
St
&L
C
P
H

1 -18 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

BGP Basic Configuration example

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
Figure 1.19: Sample Case Study

ou
ith
w
Background:

rt
pa
 eBGP Peering should be done on Physical Interface.
i n
or
 iBGP Peering should be done on Loopback 0 (L0)
l e


ho

Segment 8.1.1.0/8 should be reachable from all the routers

w

 Routers Loopback IP’s are

in
n

Router L0 IP Address
tio

B 192.168.1.1
c
du

C 192.168.1.2
ro

D 192.168.1.3
ep
.R

Configuration on Router B for IBGP & EBGP

ly
on

system-view
se

bgp 65009
u
er

# iBGP Peers: Routers C and D

ld
ho

peer 192.168.1.2 as-number 65009

ke

peer 192.168.1.2 connect-interface loopback 0

a
St

peer 192.168.1.3 as-number 65009

&L

peer 192.168.1.3 connect-interface loopback 0

C

# eBGP Peer: Router A

P
H

peer 200.1.1.2 as-number 65008

quit
quit

Rev. 11.12 1 -19

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Configuration on Router C
system-view
bgp 65009

d.
# iBGP Peers: Routers B and D

ite
peer 192.168.1.1 as-number 65009

ib
oh
peer 192.168.1.1 connect-interface loopback 0

pr
peer 192.168.1.3 as-number 65009

is
n
peer 192.168.1.3 connect-interface loopback 0

sio
quit

is
m
quit

er
tp
ou
Configuration on Router D

ith
w
system-view

rt
pa
bgp 65009

n
# iBGP Peers: Routers B and C
i
or
peer 192.168.1.1 as-number 65009
l e
ho

peer 192.168.1.1 connect-interface loopback 0

w

peer 192.168.1.2 as-number 65009

in

peer 192.168.1.2 connect-interface loopback 0

n
tio

quit
c
du

quit
ro
ep
.R

Configuration on Router A
ly
on

system-view
se

bgp 65008
u

# eBGP Peer: Router B

er
ld

router-id 1.1.1.1
ho
ke

peer 200.1.1.1 as-number 65009

a

# Advertise network 8.0.0.0/8 to the BGP routing table.

St
&L

network 8.0.0.0
C

quit
P
H

quit

1 -20 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Note
The configuration on routers B, C and D configuration shows how it can be
easier to use a peer group when there is a need to configure multiple peers,
which is usually the case with iBGP.

d.
# Router B, iBGP Peers: Routers C and D

ite
group as65009

ib
oh
peer as65009 as-number 65009

pr
peer as65009 connect-interface loopback 0

is
peer 192.168.1.2 group as65009

n
io
peer 192.168.1.3 group as65009

s
is
m
er
tp
Verifying peer relationships

ou
ith
display bgp peer

w
BGP local router ID: 192.168.2.1

rt
pa
Local AS number : 3
Total number of peers : 2 Peers in established state : 2
i n
or
Peer Vers AS MsgRcvd MsgSent OutQ PrefRcv Up/Down State
e

192.168.1.1 4 3 2 2 0 0 00:00:06 Established

l
ho

10.1.21.2 4 4 14 13 0 0 00:10:55 Established

w
in
n
tio
c
du
ro
ep
.R
ly
on
se
u
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 1 -21

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Lab Activity 1.1

Introduction
In this activity you will perform a basic BGP configuration.

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
ctio

Figure 1.20: Lab Activity 1.1 Layout

du
ro

Lab Debrief
ep
.R

Use the space below to record your Key Learning Points and Challenges from Lab
ly

Activity 1.1.
on
u se
er
ld
ho
ake
St
&L
C
P
H

1 -22 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

BGP Path Attributes

 A group of parameters encapsulated in the path attributes field of update
messages

d.
 Categories

ite
 Well-known mandatory

ib
oh
 Well-known discretionary

pr
is
 Optional transitive

n
io
 Optional non-transitive

s
is
16 types of attributes are available today

m


er
tp
Well-known Attributes

ou
Well-known mandatory:

ith


w
 Must be recognized by all BGP routers.

rt
pa
 Must be included in every Update message.
 i n
Routing information errors occur without this attribute.
or
e

Well-known discretionary:
l


ho

 Can be recognized by all BGP routers.

w
in

 Optional to be included in every Update message as needed.

n
tio

 Examples:
c
du
ro

Mandatory Discretionary
ep

ORIGIN LOCAL-PREFERENCE
.R

AS-PATH
ly

NEXT-HOP
on

Optional Attributes
use

Optional transitive:
er


ld

 Transitive attribute between ASs.

ho
ke

 A BGP router not supporting this attribute can still receive routes with this
a

attribute and advertise them to other peers.

St
&L

 Optional non-transitive:
C

 If a BGP router does not support this attribute, it will not advertise routes
P
H

with this attribute.

 Examples
Transitive Non-transitive
COMMUNITY MULTI-EXIT-DISC (MED)
Rev. 11.12 1 -23
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Origin Attribute
 Mandatory attribute
 Defines the origin of the path information

d.
 Origin values:

ite
ib
Type Description Priority

oh
pr
I = IGP Injected from IGP (network command) High
E = EGP Learned from EGP Medium

is
? = Incomplete Other Origin (example: import command) Low

n
sio
is
m
er
tp
ou
ith
w
rt
pa
Figure 1.21: Origin Attribute Values
i n
or
The origin attribute describes how BGP learned about a particular route. In a
l e

specific implementation, the origin of one route is determined in one of three ways:
ho
w

If a route is specifically redistributed into the BGP routing table, the origin attribute is
in

IGP. IGP defines a learned route as located within the AS. The value is defined
n
tio

when the network router configuration command is used to inject the router into
c

BGP.
du
ro

If a route is obtained or learned through EGP, the origin attribute is EGP. EGP is an
ep

old protocol and is no longer in use.

.R

If a router that was learned is unknown, then the route should be incomplete. If the
ly

originating router is unknown, then it is incomplete.

on

An incomplete occurs when a route is redistributed into BGP.

u se

The three origin attributes are:

er
ld

 IGP: If the bits are set to 0, then the network layer reachability exists within the
ho

same AS
ke

EGP: If the bits are set to 1, the network layer reachability was learned through
a


St

EGP.
&L

Incomplete: If the bits are set to 2, then network layer reachability was not
C

learned through interior or EGP.

P
H

1 -24 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

AS-Path Attribute

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
Figure 1.22: AS-Path Attribute

w
rt
As a route is passed through an AS, each AS number is added in a sequential

pa
order. The AS numbers help define a specific path through different autonomous
systems to a final destination. i n
or
e

In the above diagram, RTC learns two routes to the RTA (AS 200) network. RTC
l
ho

learns one path as (AS 400, AS 300, AS 200) and the other path as (AS 500, AS
w

200). Which path RTC takes is usually a policy decision. Normally, RTC chooses
in

the shortest AS path with the least AS numbers.

n
c tio

Note
du

Technically, the letters “AS” will not show up within a path. A path is a list of
ro

numbers separated by spaces.

ep
.R

Avoiding BGP Loops

ly
on
use
er
ld
ho
ake
St
&L
C
P
H

Figure 1.23: BGP Loop Avoidance

Rev. 11.12 1 -25

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

How does BGP avoid loops?

Case 1: InterAS BGP
_______________________________________________________

d.
ite
Case 2: IntraAS BGP

ib
oh
_______________________________________________________

pr
is
n
io
Nexthop Attribute

s
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
ctio
du

Figure 1.24: Nexthop Attribute Example

ro
ep

 The next hop IP address used to reach destination

.R

When advertising a self-originated route to an eBGP peer, a BGP speaker sets

ly


on

the NEXT_HOP for the route to the address of its sending interface.
se

 When sending a received route to an eBGP peer, a BGP speaker sets the
u

NEXT_HOP for the route to the address of the sending interface.

er
ld

 When sending a route received from an eBGP peer to an iBGP peer, a BGP
ho

speaker does not modify the NEXT_HOP attribute.

ake
St

Resolving eBGP Next Hops

&L
C

 By default, iBGP keeps the Nexthop value

P
H

 With the Next Hop Self policy, updates sent to iBGP peers have the next
hop value changed to the router to the loop back address of the re-sender

1 -26 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Local Preference Attribute

 Indicates which route is preferred for traffic leaving the local AS.
 Exchanged among routers in the same AS through updates

d.
 Higher value is preferred

ite
ib
 Default value is 100

oh
pr
is
n
io
s
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
c tio

Figure 1.25: Local Preference Attribute

du
ro
ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 1 -27

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

MED Attribute

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
Figure 1.26: MED Attribute

pa
Low value of a metric is preferred
n

i
or
 “MULTI_EXIT_DISC attribute
l e
ho

 It may be used on external (inter-AS) links to discriminate among multiple

w

exit or entry points to the same neighboring AS

in

 It is a four octet unsigned number (called a metric)

n
tio

 All other factors being equal, the exit or entry point with lower metric
c
du

should be preferred.
ro
ep

 If received over external links, the MULTI_EXIT_DISC attribute may be

.R

propagated over internal links to other BGP speakers within the same AS.
ly

 It is never propagated to other BGP speakers in neighboring AS's.”

on

RFC 1771
u se

Default = 0
er


ld
ho
ake
St
&L
C
P
H

1 -28 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Community Attribute
 Optional transitive attribute
 A community is a group of routes that have the same characteristic. It is not
limited to a network or an AS only. It has no physical boundary.

d.
ite
Well-known communities

ib


oh
 NO_EXPORT: Do not advertise to BGP neighbors outside the

pr
confederation/AS

is
n
 NO_ADVERTISE: Do not advertise to any BGP neighbors

sio
 NO_EXPORT_SUBCONFED: Do not advertise to BGP neighbors outside the

is
m
local AS or Sub-AS

er
tp
ou
Route Selection

ith
w
1. Discard routes with an unreachable next hop

rt
pa
2. Select the route with the highest Preferred_value
i n
or
3. Select the route with the highest LOCAL_PREF
l e

4. Select the route originated by the local router

ho
w

5. Select the route with the shortest AS-PATH

in

6. Select the route based on Origin priority

n
tio

7. Select the route with the lowest MED

c
du

Select the route learned from eBGP, confederation, or iBGP in turn

ro

8.
ep

9. Select the route with the smallest next hop metric

.R

10. Select the route with the shortest CLUSTER_LIST

ly
on

11. Select the route with the smallest ORIGINATOR_ID

u se

12. Select the route advertised by the router with the smallest Router ID
er

13. Select the route advertised by the peer with the lowest IP address
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 1 -29

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Route Filtering
 BGP supports 4 route-filter types:
 Based on ACL

d.
 Based on IP Prefix

ite
ib
 Based on AS Path (BGP Only)

oh
pr
 Based on Routing Policy

is
Filters must be

n


io
 Created

s
is
m
 Referenced

er
tp
 Routers can be referenced during

ou
 Redistribution from another protocol

ith
w
 Reception from a peer

rt
pa
 Distribution to a peer
i n
or
One of the most powerful capabilities in BGP is the variety of its route filtering tools.
l e
ho

BGP can filter routes using ACLs, IP-prefix lists, AS-path lists and Routing Policies. In
w

general a filter must be first created and the applied or “referenced”.

in
n
tio

BGP can filter routes while importing routes from another protocol, when receiving
c
du

routes from a peer or when sending routes to a peer.

ro
ep
.R

Route Filters can be simple or complex.

ly
on

 Simple filters are implemented by creating an ACL, an IP-prefix list or an AS-

se

path list and referencing it directly as a peer parameter or for route exchanges
u

with other protocols

er

Complex filters are implemented by creating and referencing Routing Policies.

ld


ho
ake

A routing policy can be used to filter traffic combining ACLs, IP-prefix-lists and/or
St

AS-path lists. But in BGP, routing policies can be used to influence the whole routing
&L

scheme by applying different actions to routes matching certain criteria, for example
C

modifying communities and other attributes.

P
H

1 -30 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

IP-Prefix-List
 Identified by name
 Can comprise multiple items.

d.
 Each item specifies a prefix range and is identified by an index number.

ite
ib
 Command

oh
pr
ip ip-prefix ip-prefix-name [ index index-number ] { deny |
permit } ip-address mask-length [ greater-equal min-mask-

is
length ] [ less-equal max-mask-length ]

n
io
Example

s


is
m
ip ip-prefix abc index 10 deny 10.1.0.0 16

er
tp
ip ip-prefix abc index 20 permit 0.0.0.0 0 less-equal 32

ou
ith
IP-Prefix only applies to exact matches; prefixes with a different mask length will be

w
ignored.

rt
pa
In the previous example 10.1.1.0 /24 and 10.2.1.0/24 will be permitted.
i n
or
e

AS-Path List
l
ho
w

 Multiple items can be defined for an AS path list that is identified by number.
in
n

 The relation between items is logical OR, that is, if a route matches one of these
tio

items, it passes the AS path list.

c
du

Command: ip as-path as-path-number { deny | permit }

ro


ep

regular-expression
.R

 Example: ip as-path 1 permit .*200.*

ly
on
se

Regular Expressions
u
er

AS-paths are analyzed by means of a regular expression. These expressions are

ld

strings of up to 256 characters, and allow you to identify AS paths based on a rich
ho

variety of criteria.
ake

Multiple items can be defined for an AS path list that is identified by number.
St


&L

 The relation between items is logical OR, that is, if a route matches one of these
items, it passes the AS path list.
C
P

Command
H

ip as-path as-path-number { deny | permit } regular-

expression
 Example

Rev. 11.12 1 -31

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

ip as-path 1 permit .*200.*

For more information on regular expressions, read the MSR Router´s Configuration
Guide -Volume 01: Fundamentals Configuration Guide (Page 2-8 to 2-10).

d.
ite
Routing Policies

ib
oh
ACLs, IP-Prefix lists and AS-path lists can be applied directly when configuring a

pr
peer to filter received or transmitted routes.

is
n
 The previous filters can be referenced

sio
 directly

is
m
 indirectly in a routing policy

er
tp
ou
ith
Routing Policy Structure

w
A routing policy is composed of one or more nodes, each node contains:

rt


pa
 if-match clauses: Define the match criteria that routing information must
i n
satisfy. The matching objects are some attributes of routing information.
or
e

 apply clauses: Specify the actions performed after specified match

l
ho

criteria are satisfied, concerning attribute settings for passed routing

w

information.
in
n

 Example:
c tio

route-policy policy01 permit node 1

du
ro

if-match . . .
ep

apply . . .
.R

route-policy policy01 deny node 2

ly
on

if-match . . .
u se
er

If a node has the permit keyword specified, routing information meeting the node’s
ld

conditions will be handled using the apply clauses of this node.

ho
ke

If a node is specified as deny, the apply clauses of the node will not be executed.
a
St

When a routing-policy is defined with more than one node, at least one node
should be configured with the permit keyword.
&L
C
P

A routing policy can comprise multiple nodes, which are in logic OR relationship.
H

Each routing policy node is a match unit, and a node with a smaller number is
matched first. Once a node is matched, the routing policy is passed and the packet
will not go to the next node.

1 -32 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

A routing policy node comprises a set of “if-match” and “apply” clauses.

 The if-match clauses define the match criteria. The matching objects are some
attributes of routing information. The if-match clauses of a routing policy node
is in logical AND relationship. That is, a route must match all the if-match

d.
clauses of the node to pass it.

ite
ib
 The apply clauses of the node specify the actions to be taken on the permitted

oh
packets, such as route attribute modification.

pr
Follow these guidelines when configuring if-match and apply clauses.

is
n
If you want to implement route filtering only, you do not need to configure

io


s
apply clauses.

is
m
If you do not configure any if-match clauses for a permit-mode node, the node

er


tp
permits all routes to pass.

ou
 Configure a permit-mode node containing no if-match or apply clauses

ith
behind multiple deny-mode nodes to allow unmatched routes to pass.

w
rt
pa
Routing Policy if-match criteria
i n
or
The following matching criteria can be used in a routing policy:
l e
ho

 AS path domain of the BGP routing information

w

Community attribute of the BGP routing information

in


n

Destination address of the routing information

tio


c

Next-hop interface of the routing information

du


ro

 Next-hop of the routing information

ep
.R

 Routing cost of the routing information

ly

Tag field of the OSPF routing information

on


use
er

Routing Policy Actions (Apply Clause)

ld
ho

The following actions can be applied to routes matching node´s criteria:

ke

Add the specified AS number before the as-path series of the BGP routing
a


St

information
&L

 Set the community attribute in the BGP routing information

C
P

 Set the next-hop address of the routing information

H

 Redistribute the route to isis level-1, level-2 or level-1-2

 Set the local preference of the BGP routing information
 Set the routing cost of the routing information
Rev. 11.12 1 -33
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

 Set the cost type of the routing information

 Set the route origin of the BGP routing information
 Set the tag field of the OSPF routing information

d.
ite
Referencing a Route Filter

ib
oh
BGP route filters can be used in two different situations:

pr
is
1. During Route Redistribution (import-export)

n
io
2. During Route Advertisement (send to peer – receive from peer)

s
is
m
Note

er
Not all filter types apply to all situations. See below.

tp
ou
ith
w
Filtering Route Redistribution

rt
pa
 Filters can be applied when exchanging routes with another protocol.
 Importation i n
or
e

filter-policy { acl-number | ip-prefix ip-prefix-name }

l
ho

import
w

 Exportation
in
n

filter-policy { acl-number | ip-prefix ip-prefix-name }

tio

export [ direct | isis process-id | ospf process-id | rip

c
du

process-id | | static ]
ro
ep

Filtering Route Advertisement

.R
ly

 ACL-based
on

peer { group-name | peer-address } filter-policy acl-number {

se

import | export }
u
er

 IP-prefix-based
ld
ho

peer { group-name | peer-address } ip-prefix prefixname {

ke

import | export }
a

Routing-policy-based
St


&L

peer { group-name | peer-address } route-policy route-policy-

C

name { import | export }

P

AS-path-based
H

peer { group-name | peer-address } as-path-acl aspath-acl-

number { import | export }

1 -34 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Large Scale BGP

Issues
The size of the BGP routing table is too large

d.


ite
ib
oh
 There are too many iBGP neighbors, which causes the logical full-mesh

pr
connection hard to realize

is
n
sio
Routes change too frequently in case of a complicated network: Route flapping

is


m
er
tp
Several tools are available in BGP to solve these common issues:

ou
Route Aggregation is used to reduce the size of routing tables..

ith


w
 Explain how CIDR helps

rt
pa
 And why a good IP address design is critical.
i n
Route Reflector and Confederation are two solutions for the full mesh
or


requirement of iBGP.
l e
ho

 Dampening solves the issue of route flapping in large networks.

w
in
n
ctio

Route Aggregation
du
ro

Advertise Aggregated Route Only

ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P

Figure 1.27: BGP Route Aggregation without Details

H

Rev. 11.12 1 -35

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Advertise Aggregated and Detailed Routes

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
Figure 1.28: BGP Route Aggregation with Details

rt
pa
iBGP Scalability Issues
i n
or
l e
ho
w
in
n

iBGP Fully Meshed

c tio

For n BGP speakers within an AS n(n-1)/2

du

unique iBGP sessions must be maintained

ro
ep
.R
ly
on
u se

Figure 1.29: iBGP Full Mesh

er
ld

 Routes learned through BGP must be distributed throughout the AS

ho
ke

 iBGP routers do not forward routes learned from other iBGP peers
a

iBGP routers must be connected by BGP Peer Sessions in a full

St

mesh
&L
C
P
H

 As we learned previously, iBGP speakers do not distribute routes they learn

from iBGP. In order for all iBGP routers to learn all routes in the network, they
must be fully meshed.

1 -36 Rev. 11.12

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

 ORIGINATOR_ID contains the ROUTER_ID of the originator of a route. An

RR will never send a route back to the router specified in the
ORIGINATOR_ID.
 CLUSTER_LIST is a sequence of CLUSTER_ID values showing the reflection

d.
path through which the route has passed. If an RR receives a route that

ite
has its CLUSTER_ID already on the CLUSTER_LIST it will discard it.

ib
oh
pr
Confederation

is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
ctio
du

Figure 1.31: Confederation

ro
ep

 Configuring a confederation can reduce iBGP connections in a large AS.

.R

Confederation = set of sub-ASs

ly


on

 The AS can be divided into several sub-ASs, and each sub-AS remains fully
se

meshed.
u

These sub-ASs form a confederation.

er


ld

Key BGP attributes of a route, such as the next hop, MED, local preference, are
ho

not discarded when crossing each sub-AS.

ake

The sub-ASs still looks like a whole from the perspective of other ASs. This can
St

ensure the integrity of the former AS, and solve the problem of too many iBGP
&L

connections in the AS.

C
P
H

Important
! The sub-AS concept is not really adequate. A confederation is a set of private
ASs. From other ASs, the confederation looks a single AS and is configured as
such.

1 -38 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Route Dampening

d.
ite
ib
oh
pr
is
n
sio
is
m
er
Figure 1.32: Dampening

tp
ou
From the WikiPedia

ith
route flapping occurs when a router alternately advertises a destination network

w
rt
via one route then another (or as unavailable, and then available again) in quick

pa
sequence.
i n
or
e

From the RFC 2439 Abstract:

l
ho
w

A usage of the BGP routing protocol is described which is capable of reducing the
in

routing traffic passed on to routing peers and therefore the load on these peers
n

without adversely affecting route convergence time for relatively stable routes. This
tio

technique has been implemented in commercial products supporting BGP. [...]

c
du

The overall goals are:

ro
ep

 to provide a mechanism capable of reducing router processing load caused by

.R

instability
ly
on

 in doing so prevent sustained routing oscillations

se

 to do so without sacrificing route convergence time for generally well behaved

u

routes.
er
ld

This must be accomplished keeping other goals of BGP in mind:

ho
ke

 pack changes into a small number of updates

a
St

 preserve consistent routing

&L

 minimal addition space and computational overhead

C
P
H

Rev. 11.12 1 -39

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Lab Activity 1.2

Introduction
In this activity you will perform advanced BGP configurations including: Route

d.
Attributes, Route Filters, Route Reflector and Confederation.

ite
ib
oh
Note

pr
See Lab Guide for changes in the lab layout.

is
n
sio
is
Lab Debrief

m
er
Use the space below to record your Key Learning Points and Challenges from Lab

tp
Activity 1.2.

ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
ctio
du
ro
ep
.R
ly
on
u se
er
ld
ho
ake
St
&L
C
P
H

1 -40 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

BFD and GR
Most, if not all, of today´s BGP implementations are mission critical. So, network
downtime is not an option.

d.
ite
ib
Two technologies have been incorporated into the routing world: BFD and Graceful

oh
Restart. They supplement routing protocols by adding faster link failure detection

pr
and recovery (BFD) and non-stop forwarding during a protocol restart and during

is
routing processor switchover (GR).

n
sio
is
m
Introduction to BFD

er
tp
 BFD: Bidirectional Forward Detection

ou
ith
 It is a supplement for (different) routing protocols

w
It replaces the keep-alive function and provides peer connectivity loss detection

rt


pa
in the order of the 50msec.
 It does not include a peer discovery mechanism i n
or
l e
ho
w
in
n
ctio

Figure 1.33: BFD support for BGP

du
ro
ep
.R

Introduction to GR
ly
on

 GR: Graceful Restart (Also known as: NSF or Non-stop forwarding )

se

 It is a high-availability mechanism for routing protocols

u
er

 GR Router Roles
ld
ho

 GR Restarter: the router that needs to reset one of its routing processes
ke

 GR Helper: a peer
a
St
&L
C
P
H

Figure 1.34: GR Roles

Rev. 11.12 1 -41

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Learner Activity: Look-up and discuss

Introduction
This activity consists of two phases:

d.
ite
 Individual phase: Each learner will use the product manuals listed above to look

ib
up the answers for the questions or the information required to fill the tables

oh
(see below)

pr
Group phase: The class as a whole will discuss and verify the answer to each

is


n
question

sio
is
m
er
Resources

tp
ou
Switch A9500 Configuration Guide

ith
11-High Availability Configuration Guide-book (Chapter 9)

w


rt


pa
GR Overview

i n
11-High Availability Configuration Guide-book (Chapter 10)
or
 BFD Configuration
l e
ho
w
in

BFD: Bidirectional Forwarding Detection

n
tio

Question 1:
c
du

Describe how BFD detects a failure:

ro
ep
.R
ly
on
u se
er
ld
ho
ake
St

Question 2:
&L
C

In which phase of a BFD session does a router operate in either Active or Passive
P

mode?
H

1 -42 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Question 3:
Describe the two BFD session modes:
Control Packet mode:

d.
ite
ib
oh
pr
is
n
Echo mode:

sio
is
m
er
tp
ou
ith
w
GR: Graceful Restart

rt
pa
Question 4:
i n
List and describe the steps of the Graceful Restart process:
or
e

1.
l
ho
w
in
n
tio
c
du

2.
ro
ep
.R
ly
on
se

3.
u
er
ld
ho
ake
St

4.
&L
C
P
H

Rev. 11.12 1 -43

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Question 5:
There are two main reasons for e GR helper to abort a GR session.
1.

d.
ite
ib
oh
pr
is
2.

n
sio
is
m
er
tp
ou
Note

ith
There is only one of these reasons described in the manual listed above, think

w
about a second one in terms of the whole network.

rt
pa
i n
or
l e

Research time: 45 minutes

ho
w
in
n
c tio
du
ro
ep
.R
ly
on
u se
er
ld
ho
ake
St
&L
C
P
H

1 -44 Rev. 11.12

 BitSpyder - The Culture of Knowledge

BGP

Summary
 In this module the following topics have been covered:
 BGP basics: message types, neighbor types and the neighbor state

d.
machine

ite
ib
 BGP routes including: advertisement, IGP/BGP synchronization,

oh
redistribution, attributes, selection, aggregation and filtering

pr
is
 Large scale BGP including: confederation, route reflector and dampening

n
io
 BGP Supplements: BFD and GR

s
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
c tio
du
ro
ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 1 -45

H
P
C
&L
St
ake
ho
ld
er
use
on
ly
.R
ep
ro
du
c tio
n
in
w
ho
le
or
i
BitSpyder - The Culture of Knowledge

n
pa
rt
w
ith
ou
tp
er
m
is
sio
n
is
pr
oh
ib
ite
d.
 BitSpyder - The Culture of Knowledge

MPLS, MPLS L3VPN, MPLS L2VPN, VPLS

Module 2

d.
Objectives

ite
ib
At the end of this module the learner will be able to

oh
pr
 Describe, explain and configure in A-Series devices:

is
 Basic MPLS

n
sio
 MPLS L3VPNs

is
m
 MPLS L2VPNs

er
tp
 Basic VPLS

ou
Describe A-Series support for MPLS, MPLS L3VPNs, MPLS L2VPNs and VPLS

ith


w
rt
pa
Agenda
i n
or
1. MPLS Basics
l e
ho

2. MPLS L3VPNs
w

3. MPLS L2VPNs
in
n

4. VPLS Basics
ctio

5. A-Series MPLS Features

du
ro
ep
.R

References
ly
on

A9500 - 08-MPLS Configuration Guide

se


u
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 2 –1
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

MPLS Basics
Introduction
MPLS stands for Multi Protocol Label Switching

d.


ite
MPLS serves as a mechanism to forward packets of data using labels

ib


oh
 MPLS is Multi-protocol because it might be applied with any Layer 3 network

pr
protocol

is
MPLS assigns a Label value to the packet to provide increased forwarding

n


io
speed and advanced route selections

s
is
m
er
tp
MPLS stands for Multi Protocol Label Switching. It was a mechanism that was

ou
pioneered by companies like Cisco to try and speed up the routing process through

ith
a network. It is multiprotocol, in the sense that it can carry any type of traffic; it

w
doesn’t just have to be IP traffic. It involves inserting a label inside the packet.

rt
pa
i n
MPLS is similar to Frame Relay but in Layer 3. It creates virtual circuits (called Label
or
Switched Paths) and guarantees that all packets between a source and a destination
l e
ho

will follow the same layer 3 path.

w

This fact is extremely important when L3 paths through a WAN require QoS and
in

Service Level Agreements. This is why MPLS is the technology over which service
n
tio

providers mount VPNs for their customers.

c
du

On top of MPLS L3 and L2 VPNs can be build. Additionally, by tying together

ro

multiple L2 VPNs VPLS simulates an Ethernet switch that spans WANs of any size.
ep
.R

The difference is that the MPLS nodes are Layer 3 routers instead of L3 WAN
switches.
ly
on
u se
er
ld
ho
ake
St
&L
C
P
H

2 –2 Rev. 11.12
 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Benefits
 MPLS was initially proposed to improve forwarding speed (CPU based routing)
 MPLS attempts to preserve the Traffic-Engineering and out-of-band control (End-

d.
to-End QoS)

ite
MPLS Benefits :

ib


oh
 Improved performance

pr
is
 Lower total cost of ownership

n
io
 Greater flexibility to accommodate new technologies

s
is
 Better security and survivability

m
er
 Lower packet loss

tp
ou
 Traffic Engineering

ith
w
Terminology

rt
pa
n
 Forwarding Equivalence Class (FEC)
i
or
 Label
l e
ho

 Label Switching Router (LSR)

w

Label Switched Path (LSP)

in


n

Label Information Base (LIB)

tio


c

Label Forwarding Information Base (LFIB)

du


ro

 Label Distribution Protocol (LDP)

ep
.R
ly

Forwarding Equivalence Class (FEC)

on
se

 FEC stands for Forwarding Equivalence Class

u

FEC is a group of data packets with similar or identical parameters which could
er


ld

be forwarded in the same way and hence are bound to the same MPLS label
ho

values.
ke

Forward Equivalence Class tends to correspond to an Label Switched Path

a


St
&L

In its simplest form a FEC is the set of all packets with the same destination from the
C

point of view of a router.

P
H

Additionally if QoS is being implemented in MPLS Packet groups with the same
destination can be conceptually divided into FEC with the same EXP value.
EXP is (today) equivalent to the 3 bit 802.1p priority value in Ethernet and that they
will see it in the header in the next slides.
Rev. 11.12 2 –3
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Label Switched Path (LSP)

d.
ite
ib
oh
pr
is
n
sio
is
m
Figure 2.1: Label Switched Path (LSP)

er
tp
LSP is an Unidirectional Path through an MPLS network often referred as an

ou


MPLS tunnel

ith
w
rt
pa
LSPs are the equivalent of FR virtual circuits. So, MPLS routes FEC by using LSPs.

i n
or

MPLS Label
l e
ho
w
in

 MPLS label is a header which is applied to a Packet

n
tio

 It can be assigned manually or by means of a MPLS Signaling Protocol

c
du

 The MPLS label between the Layer 2 and Layer 3 header of a Packet
ro
ep

 The MPLS header is called as a Shim Header

.R
ly
on

The MPLS label itself is applied between the Layer 2 and the Layer 3 header in the
se

packet.
u
er
ld
ho
ake
St
&L
C

Figure 2.2: MPLS Shim Header Structure

P
H

2 –4 Rev. 11.12
 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

The term label is used both for the whole MPLS header and for the specific virtual
circuit id within the header.
To overcome that confusion, the whole header is now called the shim header, or just
the MPLS header.

d.
The Label itself, being the equivalent of a FR DLCI, could be called the LSP-ID (this

ite
ib
name is not used, but it helps during the explanation).

oh
pr
is
Label Switching Router (LSR)

n
io
Label Switching Router (LSR) performs :

s


is
m
 Packet Forwarding Using Label-Switching

er
tp
 Setting up the LSP

ou
Operation Performed by the LSR

ith


w
 Label-PUSH

rt
pa
 Label-SWAP
 Label –POP i n
or
l e
ho

Routers running MPLS are called LSRs-.

w
in

Depending on their position within the MPLS network, they are called Edge LSR or
n

LER (Label Edge Router) and Core LSR. And from the point of view of a particular
tio

LSP (see below) Edge LSRs can be called Ingress or Egress LSRs.
c
du
ro
ep

LSRs perform the following label operations:

.R

Ingress LSR Label Push Insert the MPLS header

ly
on

Intermediate LSR Label Swap Swap the label – LSP-ID

se

Egress LSR Label Pop Remove the MPLS Header

u
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 2 –5
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

LSR Structure

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
n
Figure 2.3: LSR Structure
i
or
l e
ho

An LSR consists of two planes:

w
in

 Control plane: implements label distribution and routing, establishes the LFIB,
n
tio

and builds and tears LSPs.

c
du

 Forwarding plane: forwards packets according to the FIB or the LFIB.

ro
ep
.R

An LER forwards both labeled packets and IP packets on the forwarding plane and
ly

therefore uses both the LFIB and the FIB. An ordinary LSR only needs to forward
on

labeled packets and therefore uses only the LFIB.

u se
er
ld
ho
ake
St
&L
C
P
H

2 –6 Rev. 11.12
 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Control Plane

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
Figure 2.4: LSR LIB
or
l e

LSRs have a dual control plane: the traditional Routing Control Plane and the MPLS
ho

Control Planes.
w
in
n
ctio
du
ro
ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P

Figure 2.5: Exchange of routing information

H

Rev. 11.12 2 –7
 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Control Plane: LDP

d.
ite
ib
oh
pr
is
n
s io
is
m
er
tp
ou
ith
w
rt
pa
i n
Figure 2.6: Exchange of Labels with Label Discovery Protocol (LDP)
or
l e
ho
w

As said above, the MPLS control plane is governed (in most cases) by LDP: the Label
in

Distribution Protocol.
n
tio

LDP works “backwards” or in MPLS terms: upstream. In MPLS downstream means

c

towards the FEC’s destination and upstream means towards the FEC’s source.
du
ro
ep

1. At a possible Egress LSR it binds IP prefixes to Labels. Which IP prefixes are

.R

going to be assigned labels (bound) can be configured (lsp-trigger command).

ly
on

These bindings are stored in its LIB.

se

2. The Egress LSR transmits (distributes) these label bindings to its LDP peers.
u
er

3. From the point of view of an LSR, a binding received from an LDP peer consists
ld

of a FEC (IP Prefix) and an “outgoing label” because this is the label this LSR
ho

must use to transmit labeled packets of that FEC to its downstream peer. The LSR
ke

then assigns to each binding a new (local) label. This is going to be the
a
St

incoming label for this FEC. Now the IP Prefix, Incoming Label and Outgoing
&L

Label and Outgoing interface are stored in the LSR´s LIB and LFIB. And the LSR
C

transmits each binding to all peers except for the outgoing interface.
P
H

2 –8 Rev. 11.12
 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Public Network Label Distribution of MPLS/VPN

d.
ite
ib
oh
pr
is
n
sio
is
m
Figure 2.16: Importing MP-BGP Routes into VPN Instances

er
tp
ou
 The PE and P can reach the next hop of BGP through the backbone IGP.

ith
w
 Run IGP and LDP, assign the label, and set up the LSP to get the LSP to the next

rt
hop of BGP.

pa
The label stack is used for packet forwarding. The external label indicates how
n

i
to reach the next hop of BGP, and the internal label indicates the egress
or
interface of packet or to which VPN instance (or VPN) this packet belong.
l e
ho

The MPLS node forwarding is based on the external label, regardless of the
w

internal label.
in
n
c tio

MPLS/VPN Packet Forwarding

du
ro
ep
.R
ly
on
use
er
ld
ho
ake
St

Figure 2.17: MPLS/VPN Packet Forwarding

&L

 After the ingress PE receives the common IP packet from the CE, it adds this
C

packet to the corresponding VPN forwarding table according to the VPN

P
H

instance of the ingress interface, and searches for the next hop and label.

Rev. 11.12 2 –19

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

d.
ite
ib
oh
pr
is
Figure 2.18: MPLS/VPN Packet Forwarding (2)

n
sio
is
m
The penultimate router pops the external tunnel and sends the packet to the

er


egress PE according to the next hop.

tp
ou
 The egress PE judges to which CE this packet shall be sent according to the

ith
internal label.

w
rt
 The egress PE pops the internal label and sends the common IP packet to the

pa
destination CE.
i n
or
e

Review: CE-PE and PE-PE protocols

l
ho
w
in
n
ctio
du
ro
ep
.R
ly
on

Figure 2.19: CE-PE and PE-PE protocols

u se

CE-PE
er
ld

Each CE is connected to a VPN instance in the PE. Routing between them can
ho

be achieved in many different ways: Static, RIP, OSPF, ISIS, BGP, etc.
ake

There is no need to have the same protocol at both ends of the VPN.
St


&L
C

PE-PE
P
H

 MP-BGP is used to exchange information VPN information and labels between

PEs.
 MPLS with LDP and an IGP like OSPF or ISIS are used to build the backbone
that will transport the VPNs.
2 –20 Rev. 11.12
 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Configuration Example

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
or
Figure 2.19: Configuration Example Layout
l e
ho
w

CE1 Configuration
in
n
tio

eBGP is used in this example to transport routes between CEs and PEs
c
du

interface Ethernet1/0
ro
ep

ip address 100.0.0.2 24
.R
ly

#
on
se

interface LoopBack1
u
er

ip address 10.0.0.1 24
ld
ho

#
ake

bgp 65410
St
&L

import-route direct
C
P

undo synchronization
H

group 100 external

peer 100.0.0.1 group 100 as-number 100

Rev. 11.12 2 –21

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

PE1 Configuration
# Configure VPN Instance: RD and VPN Target
ip vpn-instance hpn

d.
route-distinguisher 100:1

ite
ib
vpn-target 100:1 export-extcommunity

oh
vpn-target 100:1 import-extcommunity

pr
is
#

n
io
interface Ethernet1/0

s
is
# Bind VPN Instance to interface

m
er
ip binding vpn-instance hpn

tp
ou
ip address 100.0.0.1 255.255.255.0

ith
#

w
interface LoopBack1

rt
pa
ip address 1.1.1.1 255.255.255.255
# i n
or
e

bgp 100
l
ho

import-route direct
w
in

undo synchronization
n
tio

group 65410 external

c
du

# PE to PE Configuration
ro

group 202 internal

ep
.R

peer 3.3.3.3 group 202

ly

peer 3.3.3.3 connect-interface LoopBack1

on
se

# PE to CE Configuration
u

ipv4-family vpn-instance 3com

er
ld

import-route direct
ho
ke

undo synchronization
a

group 65410 external

St
&L

peer 100.0.0.2 group 65410 as-number 65410

C

# PE to PE Configuration
P
H

ipv4-family vpnv4
peer 202 enable
peer 3.3.3.3 group 202

2 –22 Rev. 11.12

 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Lab Activity 2.1

Introduction
In this activity you will perform an MPLS and MPLS L3VPN configuration.

d.
ite
ib
Lab Debrief

oh
pr
Use the space below to record your Key Learning Points and Challenges from Lab

is
Activity 2-1.

n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
ctio
du
ro
ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 2 –23

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

MPLS L2VPNs
Introduction
Extended operator network functions and enhanced service capabilities

d.


ite
Higher scalability

ib


oh
 Clear definition of management responsibilities

pr
Private and secure routing

is


n
Easy configuration (solving the N-square problem mainly through tunnel reuse)

io


s
is
 Multi-protocol support

m
er
 Smooth network upgrade

tp
ou
ith
VLLs and VCs

w
rt
pa
i n
or
l e
ho
w
in
n
c tio
du
ro
ep

Figure 2.20: VCs

.R
ly
on

VLL: Virtual Leased Line

se


u

VC: Virtual Circuit

er


ld

PW: Pseudo-wire (a pair of VCs with opposite directions)

ho


ke

 In VLL L2VPN, a VC is established between two CE interfaces requiring L2

a

interoperability in the core network.

St
&L

 The VC is implemented via an MPLS label. Multiple VCs share the core
network.
C
P
H

2 –24 Rev. 11.12

 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

MPLS L2VPN: Comware v5 Implementation

 Martini
 It complies with draft-martini-l2circuit-trans-mpls and uses LDP signaling for
transmitting VC information.

d.
ite
STATIC VC

ib


oh
 It is a static implementation of Martini.

pr
Kompella

is


n


io
It conforms to draft-kompella-ppvpn-l2vpn-xx and is similar to the

s
BGP/MPLS VPN defined in RFC 2547.

is
m
CCC

er


tp
 A transparent channel is configured between two PE-CE connections and

ou
exclusively occupies a tunnel. Only one label is used.

ith
w
rt
pa
Protocol Structure
i n
or
l e
ho
w
in

Figure 2.21: VLL Protocol Structure

n
c tio
du

VC Label distribution (LDP, BGP, or manual distribution)

ro


ep

 The inner VC label can be distributed via LDP or BGP, or manually

.R

configured.
ly
on

 Different label distribution methods are used for different VLL modes.
se

 The outer tunnel can be shared by multiple VCs. In a core network, it can be an
u

MPLS tunnel or an IP tunnel (GRE), and is established between two PE routers.

er
ld

 The inner tunnel identifies a specific VC. In MPLS L2VPN, it must be an MPLS
ho

tunnel
ake

Control Word:
St


&L

The control word is optional. The outer tunnel label does not exist in CCC
mode.
C
P

 The control word contains extra information encapsulated in the packet.

H

Rev. 11.12 2 –25

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

CCC VLLs
 Circuit Cross Connect (CCC) is a method for implementing VLL via static
configuration

d.
ite
ib
oh
pr
is
n
sio
is
m
er
tp
ou
ith
w
rt
pa
Figure 2.22: CCC

i n
or
e

 The inner tunnel label is not used.

l
ho

The VC label is manually configured via static LSP.

w


in

 A static LSP tunnel is established for each VC and configuration is required on

n

each node that the VC passes.

c tio
du

 The control word is optional.

ro
ep
.R
ly
on

Local CCC
u se

Two CEs are connected to the same PE. The PE is equivalent to an L2 switch. An L2
er

transparent transmission entry is established between two interfaces and not

ld

processed via MPLS.

ho
ake
St

Remote CCC:
&L

Two CEs are connected to different PE routers. An exclusive static LSP between the
C
P

two PE routers is used as a tunnel to transmit L2 VPN information without using any
H

signaling protocol.

2 –26 Rev. 11.12

 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Differences with other VLL Technologies

 CCC employs a layer of label to transmit user data.
 It makes exclusive use of an LSP. LSPs cannot be used for other L2VPN
connections, or BGP/MPLS VPN, or for bearing common IP packets.

d.
ite
 The user must manually configure two L2VPN LSPs (one LSP in each

ib
oh
direction) for each CCC connection.

pr
 The two L2VPN LSPs shall be used to only transmit the data of the CCC

is
connection.

n
io
Static LSP configuration is also required on the P node.

s


is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
ctio
du
ro
ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 2 –27

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Martini VLLs
 RFC standards:
 RFC 4905 describes packet encapsulation

d.
 RFC 4906 describes VC label distribution

ite
ib
LDP signaling is used for transmitting VC information.

oh


pr
 A LDP remote session is established between two PE routers to allocate a label

is
to each VC. The outer tunnel is a dynamic LSP or GRE tunnel established

n
between the two PEs of the remote session.

sio
is
 Local switching function: Not supported

m
er
tp
ou
ith
w
 The LDP is used to allocate labels to VCs, and implements dynamic distribution,

rt
withdrawal or error handling. It establishes a remote session between two PE

pa
routers that are reachable to each other.
i n
or
 The outer tunnel can be shared by multiple VCs. In a core network, it is an
e

MPLS tunnel and is established between two PE routers.

l
ho

The inner tunnel identifies a specific VC. The inner tunnel label is distributed via
w

LDP.
in
n

The control word is optional.

tio


c
du
ro

LDP extension
ep
.R

 VC label distribution via an LDP remote session: The label is still placed in the
ly

Label TLV and sent in the Mapping message.

on

A new LDP FEC is defined to carry VC information: FEC element type 128 —
se

Virtual Circuit FEC Element, carried in the LDP Mapping message.

u
er

VC information is exchanged via DU, as expressly defined in RFC 4906.

ld


ho
ake
St
&L
C
P
H

2 –28 Rev. 11.12

 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

d.
ite
ib
oh
pr
is
n
sio
is
m
er
Figure 2.23: Martini VLL - Control Plane

tp
ou
1. L2 route is entered on ingress PE

ith
2. PE-1 starts remote LDP session with PE-2 (if one does not exist already)

w
rt
3. PE-1 allocates a VC label for the new interface and binds it to configure the

pa
VCID
4. i n
PE-1 sends label mapping message containing VC, FEC, TLV and VC Label TLV
or
e

5. PE-2 receives VC, FEC, TLV and VC Label TLV that matches local VCID
l
ho

6. PE-2 repeats steps 1-5 so that bidirectional label/VCID mappings (PWs) are
w
in

established
n
ctio
du

If a PE router detects a condition that affects normal service it must withdraw the
ro

corresponding VC label using LDP signaling

ep
.R
ly
on
u se
er
ld
ho
ake
St
&L
C
P

Figure 2.24: Martini VC Label withdrawal

H

 In Martini mode, due to the use of L2 tunnels, only PE routers in the operator
network need to save the mapping between VC labels and LSPs. The P routers
Rev. 11.12 2 –29
 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Static VLLs
 A simplified mode of Martini in terms of implementation.
 It simplifies the VC label distribution mode and employs manual configuration

d.
on PE routers (so the configuration is required on the two PE routers of the VC

ite
connection), thus lowering the LDP extension requirements on devices and

ib
reducing the protocol interactions between devices.

oh
pr
 The SVC mode is applicable to small-scale networks with a few VCs.

is
The outer tunnel is also an LSP or GRE tunnel.

n


io
The other aspects are almost the same as Martini.

s


is
m
er
tp
Kompella VLLs

ou
ith
 MP-BGP is used for VC label distribution and implements dynamic distribution,

w
withdrawal or error handling.

rt
pa
 The Kompella mode employs inter-domain L3VPN. The outer tunnel may a multi-
layer tunnel.
i n
or
 The outer tunnel can be shared by multiple VCs. In a core network, it may be
e

an MPLS tunnel or an IP tunnel (GRE) and is established between two PE

l
ho

routers.
w
in

 The inner tunnel identifies a specific VC. The inner tunnel label is distributed via
n

the MPBGP.
c tio

The control word is optional.

du


ro
ep
.R
ly
on
use
er
ld
ho
ake
St
&L
C
P
H

Rev. 11.12 2 –31

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Lab Activity 2.2

Introduction
In this activity you will perform an MPLS L2VPN configuration.

d.
ite
ib
Lab Debrief

oh
pr
Use the space below to record your Key Learning Points and Challenges from Lab

is
Activity 2-2.

n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
ctio
du
ro
ep
.R
ly
on
u se
er
ld
ho
ake
St
&L
C
P
H

2 –32 Rev. 11.12

 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

VPLS Basics
Introduction
VPLS Background

d.
ite
The BGP/MPLS VPN technology provides interprovincial and transnational

ib


oh
VPNs for large industrial customers, and brings substantial value-added services

pr
to operators.

is
Operators are not expected to intervene with users’ IP address planning for

n


io
VPN interconnection, so that users can more flexibly design their own networks.

s
is
Operators do not want to intervene with and do not care about users’ IP

m


er
address planning.

tp
Users hope that L2 packets can be transmitted on VPNs.

ou


ith
w
VPLS Application Architecture

rt
pa
i n
or
l e
ho
w
in
n
ctio
du
ro
ep
.R
ly
on
use
er
ld
ho
ake

Figure 2.26: VPLS Application Architecture

St
&L
C
P
H

Rev. 11.12 2 –33

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

VPLS End-to-end packet transmission

d.
ite
ib
oh
pr
is
Figure 2.27: VPLS packet transmission

n
io
For the CE, a VPLS tunnel is like an L2 switch

s


is
m
 The PE encapsulates a VC label in the user PDU according to the user’s VPN, so

er
as to distinguish different users in the MPLS network. It also encapsulates a

tp
public network label in the user PDU according to the user’s destination MAC

ou
address, so that the PDU can be transferred to the destination PE.

ith
w
 When forwarding a packet from another PE, the PE selects the VPN to which

rt
the user PDU belongs according to the VC, obtains the egress interface of this

pa
packet according to the destination MAC address in the user PDU, removes the
VC label. i n
or
e

 The PE then sends the original user PDU to the CE.

l
ho
w
in
n
ctio
du
ro
ep
.R
ly
on
u se
er
ld
ho
ake
St
&L
C
P
H

2 –34 Rev. 11.12

 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

VPLS Signaling
 VPLS signaling falls into two types: LDP signaling and MP-BGP signaling.
 LDP signaling conforms to RFC 4762. The LDP is used as the signaling for

d.
transmitting VC information.

ite
MP-BGP signaling conforms to RFC 4761. The MP-BGP is used as the signaling

ib


oh
for transmitting VC information. The MP-BGP signaling mode supports automatic

pr
topology discovery.

is
In LDP signaling mode, PE peers can only be manually and statically specified.

n


sio
is
m
er
tp
LDP signaling implementation

ou
Martini VPLS

ith


w
 Two PEs establish a neighborhood with each other via the extended LDP. They

rt
directly send LDP messages over TCP connections, maintain a remote LDP

pa
session, and exchange VPN control information via the LDP session, including
i n
PW label allocation (the PW label is equivalent to a private network label in the
or
L3 VPN).
l e
ho

 A PE and a P still need to establish a common LDP neighborhood with each

w

other so as to allow for public network MPLS label allocation.

in
n

 A PE establishes a Virtual Switch Instance (VSI) for each VPN. Each VSI has an
tio

ID.
c
du

 A pair of bi-directional Pseudo Wires (PWs) is established for each VPN

ro

between two PEs. A label is allocated to each PW via the extended LDP. This
ep

label is encapsulated in the transmitted packet so as to distinguish VPNs.

.R
ly
on

BGP signaling implementation

use

Kompella VPLS
er


ld

Two PEs establish a neighborhood with each other via the extended BGP. They
ho

are added with a VPLS family and exchange VC signaling via the extended
ke

BGP.
a
St

 A PE establishes a VSI for each VPN.

&L

The Kompella VPLS is somewhat similar to common MPLS L3 VPN. A VPN

C


P

Target and an RD need to be configured for each VSI

H

Rev. 11.12 2 –35

 BitSpyder - The Culture of Knowledge

HP Enterprise Networks

Packet forwarding
Originating PE
 Each VSI is bound to an L3 interface that connects with a CE.

d.
ite
 When forwarding a received packet, the PE selects a VSI for the packet

ib
according to the VLAN of the physical port on itself, looks up in the MAC table

oh
of the VSI according to the destination MAC address of the user packet to

pr
obtain the ID of the peer PE, finds the label of the egress PW according to the

is
obtained peer PE ID, and then encapsulates this label in the user packet and

n
io
sets the S bit to 1.

s
is
If the egress interface of the packet obtained according to the destination MAC

m


er
address of the packet is the interface of the PE that connects with a CE, the PE

tp
directly forwards the packet.

ou
If the MAC table of the VSI does not contain the destination MAC address of

ith


the user packet, this packet is sent in broadcast mode, that is, the PE sends the

w
packet to all the PE peers in the VPN. In a VPN, a user’s broadcast packet is

rt
pa
also processed in this way.
 i n
After encapsulating the PW label (a private network label) in the packet, the PE
or
looks up in the public network MPLS LSP table according to the peer PE ID, then
l e

encapsulates the public network label, and finally encapsulates the public
ho

network MAC header

w
in
n
tio

P and terminating PE
c
du

When the packet is transmitted in the MPLS backbone network, all the P devices
ro


ep

perform common public network label swapping according to the LSP table, or
.R

perform PHP.
ly

When receiving the packet, the terminating PE checks the label in the packet
on

and looks up in the label table to determine the VSI of the packet, further
se

obtains the physical egress interface from the MAC table of the VSI, pops the
u

label of the packet, and then forwards the packet via the corresponding
er
ld

physical egress interface.

ho
ake
St
&L
C
P
H

2 –36 Rev. 11.12

 BitSpyder - The Culture of Knowledge

MPLS - L3VPNs, L2VPNs, VPLS

Lab Activity 2.3

Introduction
In this activity you will perform a VPLS configuration.

d.
ite
ib
Lab Debrief

oh
pr
Use the space below to record your Key Learning Points and Challenges from Lab

is
Activity 2-2.

n
sio
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
c tio
du
ro
ep
.R

Summary
ly
on

 In this module the following topics have been covered:

use

 Basic MPLS
er
ld

 MPLS L3VPNs
ho

 MPLS L2VPNs
ake

 Basic VPLS
St
&L
C
P
H

Rev. 11.12 2 –37

 BitSpyder - The Culture of Knowledge

d.
ite
ib
oh
pr
is
n
s io
is
m
er
tp
ou
ith
w
rt
pa
i n
or
l e
ho
w
in
n
c tio
du
ro
ep
.R
ly
on
se
u
er
ld
ho
ke

To learn more about HP networking, visit

a
St

www.hp.com/networking
&L

© 2010 Hewlett-Packard Development Company, L.P. The information contained herein is

C

subject to change without notice. The only warranties for HP products and services are set forth
P

in the express warranty statements accompanying such products and services. Nothing herein
H

should be construed as constituting an additional warranty. HP shall not be liable for technical
or editorial errors or omissions contained herein.