*************************************************************************** Lab 1 - Configure Intra-AS MPLS VPN within AS-100 *************************************************************************** ======================================================= 1. Configure the Underlay IGP with the SP Core ======================================================= ----- R1 ----- router ospf 1 router-id 0.0.0.1 network 192.1.13.0 0.0.0.255 area 0 network 192.1.100.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ----- R2 ----- router ospf 1 router-id 0.0.0.2 network 192.1.23.0 0.0.0.255 area 0 network 192.1.100.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ----- R3 ----- router ospf 1 router-id 0.0.0.3 network 192.1.13.0 0.0.0.255 area 0 network 192.1.23.0 0.0.0.255 area 0 network 192.1.34.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ----- R4 ----- router ospf 1 router-id 0.0.0.4 network 192.1.34.0 0.0.0.255 area 0 network 192.1.100.0 0.0.0.255 area 0 network 10.0.0.0 0.255.255.255 area 0 ======================================================= 2. Configure LDP within the SP Core ======================================================= ----- R1 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ----- R2 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ----- R3 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ! Interface E0/2 mpls ip ----- R4 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ======================================================= 3. Configure MP-iBGP - VPNv4 & VPNv6 ======================================================= ----- R1 ----- ipv6 unicast-routing ! router bgp 100 neighbor 10.3.3.3 remote-as 100 neighbor 10.3.3.3 update-source loopback10 ! address-family vpnv4 neighbor 10.3.3.3 activate ! address-family vpnv6 neighbor 10.3.3.3 activate ----- R2 ----- ipv6 unicast-routing ! router bgp 100 neighbor 10.3.3.3 remote-as 100 neighbor 10.3.3.3 update-source loopback10 ! address-family vpnv4 neighbor 10.3.3.3 activate ! address-family vpnv6 neighbor 10.3.3.3 activate ----- R3 ----- ipv6 unicast-routing ! router bgp 100 neighbor IBGP peer-group neighbor IBGP remote-as 100 neighbor IBGP update-source loopback10 neighbor 10.1.1.1 peer-group IBGP neighbor 10.2.2.2 peer-group IBGP neighbor 10.4.4.4 peer-group IBGP ! address-family vpnv4 neighbor 10.1.1.1 activate neighbor 10.2.2.2 activate neighbor 10.4.4.4 activate neighbor IBGP route-reflector-client ! address-family vpnv6 neighbor 10.1.1.1 activate neighbor 10.2.2.2 activate neighbor 10.4.4.4 activate neighbor IBGP route-reflector-client ----- R4 ----- ipv6 unicast-routing ! router bgp 100 neighbor 10.3.3.3 remote-as 100 neighbor 10.3.3.3 update-source loopback10 ! address-family vpnv4 neighbor 10.3.3.3 activate ! address-family vpnv6 neighbor 10.3.3.3 activate ======================================================= 4. Configure the PE Routers ======================================================= ----- R1 ----- vrf definition CUST-A rd 100:1 address-family ipv4 route-target both 100:1 address-family ipv6 route-target both 100:1 ! Interface E0/2 vrf forwarding CUST-A ip address 192.168.9.1 255.255.255.0 ipv6 address fc00:192:168:9::1/64 no shut ! router bgp 100 address-family ipv4 vrf CUST-A neighbor 192.168.9.9 remote-as 65009 address-family ipv6 vrf CUST-A neighbor fc00:192:168:9::9 remote-as 65009 ----- R2 ----- vrf definition CUST-A rd 100:1 address-family ipv4 route-target both 100:1 address-family ipv6 route-target both 100:1 ! Interface E0/2 vrf forwarding CUST-A ip address 192.168.10.2 255.255.255.0 ipv6 address fc00:192:168:10::2/64 no shut ! router bgp 100 address-family ipv4 vrf CUST-A neighbor 192.168.10.10 remote-as 65010 address-family ipv6 vrf CUST-A neighbor fc00:192:168:10::10 remote-as 65010 ======================================================= 5. Configure the CE Routers ======================================================= ----- R9 ----- ipv6 unicast-routing ! Interface loopback 0 ip address 10.9.9.9 255.255.255.0 ipv6 address fc00:10:9:9::9/64 ! Interface E 0/0 ip address 192.168.9.9 255.255.255.0 ipv6 address fc00:192:168:9::9/64 no shut ! router bgp 65009 network 10.9.9.0 mask 255.255.255.0 neighbor 192.168.9.1 remote-as 100 address-family ipv6 unicast network fc00:10:9:9::/64 neighbor fc00:192:168:9::1 remote-as 100 ----- R10 ----- ipv6 unicast-routing ! Interface loopback 0 ip address 10.10.10.10 255.255.255.0 ipv6 address fc00:10:10:10::10/64 ! Interface E 0/0 ip address 192.168.10.10 255.255.255.0 ipv6 address fc00:192:168:10::10/64 no shut ! router bgp 65010 network 10.10.10.0 mask 255.255.255.0 neighbor 192.168.10.2 remote-as 100 address-family ipv6 unicast network fc00:10:10:10::/64 neighbor fc00:192:168:10::2 remote-as 100 *************************************************************************** Lab 2 - Configure Intra-AS MPLS VPN within AS-200 *************************************************************************** ======================================================= 1. Configure the Underlay IGP with the SP Core ======================================================= ----- R5 ----- router isis net 49.0000.0000.0000.0005.00 is-type level-2 metric-style wide ! Interface loopback10 ip router isis ! Interface E0/0 ip router isis ! Interface E0/1 ip router isis ----- R6 ----- router isis net 49.0000.0000.0000.0006.00 is-type level-2 metric-style wide ! Interface loopback10 ip router isis ! Interface E0/0 ip router isis ! Interface E0/1 ip router isis ----- R7 ----- router isis net 49.0000.0000.0000.0007.00 is-type level-2 metric-style wide ! Interface loopback10 ip router isis ! Interface E0/0 ip router isis ! Interface E0/1 ip router isis ! Interface E0/2 ip router isis ----- R8 ----- router isis net 49.0000.0000.0000.0008.00 is-type level-2 metric-style wide ! Interface loopback10 ip router isis ! Interface E0/0 ip router isis ! Interface E0/1 ip router isis ======================================================= 2. Configure LDP within the SP Core ======================================================= ----- R5 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ----- R6 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ----- R7 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ! Interface E0/2 mpls ip ----- R8 ----- mpls ldp router-id loopback10 ! Interface E0/0 mpls ip ! Interface E0/1 mpls ip ======================================================= 3. Configure MP-iBGP - VPNv4 & VPNv6 ======================================================= ----- R5 ----- ipv6 unicast-routing ! router bgp 200 neighbor 10.7.7.7 remote-as 200 neighbor 10.7.7.7 update-source loopback10 ! address-family vpnv4 neighbor 10.7.7.7 activate ! address-family vpnv6 neighbor 10.7.7.7 activate ----- R6 ----- ipv6 unicast-routing ! router bgp 200 neighbor 10.7.7.7 remote-as 200 neighbor 10.7.7.7 update-source loopback10 ! address-family vpnv4 neighbor 10.7.7.7 activate ! address-family vpnv6 neighbor 10.7.7.7 activate ----- R7 ----- ipv6 unicast-routing ! router bgp 200 neighbor IBGP peer-group neighbor IBGP remote-as 200 neighbor IBGP update-source loopback10 neighbor 10.5.5.5 peer-group IBGP neighbor 10.6.6.6 peer-group IBGP neighbor 10.8.8.8 peer-group IBGP ! address-family vpnv4 neighbor 10.5.5.5 activate neighbor 10.6.6.6 activate neighbor 10.8.8.8 activate neighbor IBGP route-reflector-client ! address-family vpnv6 neighbor 10.5.5.5 activate neighbor 10.6.6.6 activate neighbor 10.8.8.8 activate neighbor IBGP route-reflector-client ----- R8 ----- ipv6 unicast-routing ! router bgp 200 neighbor 10.7.7.7 remote-as 200 neighbor 10.7.7.7 update-source loopback10 ! address-family vpnv4 neighbor 10.7.7.7 activate ! address-family vpnv6 neighbor 10.7.7.7 activate ======================================================= 4. Configure the PE Routers ======================================================= ----- R5 ----- vrf definition CUST-A rd 200:1 address-family ipv4 route-target both 200:1 address-family ipv6 route-target both 200:1 ! Interface E0/2 vrf forwarding CUST-A ip address 192.168.11.5 255.255.255.0 ipv6 address fc00:192:168:11::5/64 no shut ! router bgp 200 address-family ipv4 vrf CUST-A neighbor 192.168.11.11 remote-as 65011 address-family ipv6 vrf CUST-A neighbor fc00:192:168:11::11 remote-as 65011 ----- R6 ----- vrf definition CUST-A rd 200:1 address-family ipv4 route-target both 200:1 address-family ipv6 route-target both 200:1 ! Interface E0/2 vrf forwarding CUST-A ip address 192.168.12.6 255.255.255.0 ipv6 address fc00:192:168:12::6/64 no shut ! router bgp 200 address-family ipv4 vrf CUST-A neighbor 192.168.12.12 remote-as 65012 address-family ipv6 vrf CUST-A neighbor fc00:192:168:12::12 remote-as 65012 ======================================================= 5. Configure the CE Routers ======================================================= ----- R11 ----- ipv6 unicast-routing ! Interface loopback 0 ip address 10.11.11.11 255.255.255.0 ipv6 address fc00:10:11:11::11/64 ! Interface E 0/0 ip address 192.168.11.11 255.255.255.0 ipv6 address fc00:192:168:11::11/64 no shut ! router bgp 65011 network 10.11.11.0 mask 255.255.255.0 neighbor 192.168.11.5 remote-as 200 address-family ipv6 unicast network fc00:10:11:11::/64 neighbor fc00:192:168:11::5 remote-as 200 ----- R12 ----- ipv6 unicast-routing ! Interface loopback 0 ip address 10.12.12.12 255.255.255.0 ipv6 address fc00:10:12:12::12/64 ! Interface E 0/0 ip address 192.168.12.12 255.255.255.0 ipv6 address fc00:192:168:12::12/64 no shut ! router bgp 65012 network 10.12.12.0 mask 255.255.255.0 neighbor 192.168.12.6 remote-as 200 address-family ipv6 unicast network fc00:10:12:12::/64 neighbor fc00:192:168:12::6 remote-as 200 *************************************************************************** Lab 3 - Connect AS 100 CUST-A to AS 200 CUST-A using Option A *************************************************************************** ----- R4 ----- vrf definition CUST-A rd 100:1 address-family ipv4 route-target both 100:1 address-family ipv6 route-target both 100:1 ! Interface E0/3 vrf forwarding CUST-A ip address 192.1.48.4 255.255.255.0 ipv6 address fc00:192:1:48::4/64 no shut ! router bgp 100 address-family ipv4 vrf CUST-A neighbor 192.1.48.8 remote-as 200 address-family ipv6 vrf CUST-A neighbor fc00:192:1:48::8 remote-as 200 ----- R8 ----- vrf definition CUST-A rd 200:1 address-family ipv4 route-target both 200:1 address-family ipv6 route-target both 200:1 ! Interface E0/3 vrf forwarding CUST-A ip address 192.1.48.8 255.255.255.0 ipv6 address fc00:192:1:48::8/64 no shut ! router bgp 200 address-family ipv4 vrf CUST-A neighbor 192.1.48.4 remote-as 100 address-family ipv6 vrf CUST-A neighbor fc00:192:1:48::4 remote-as 100 *************************************************************************** Lab 4 - Connect AS 100 CUST-A to AS 200 CUST-A using Option B *************************************************************************** ========================================================== 1. De-Configure Option A ========================================================== ----- R4 ----- no vrf definition CUST-A ! default interface E0/3 ----- R8 ----- no vrf definition CUST-A ! default interface E0/3 ========================================================== 2. Configure the ASBR-ASBR Link ========================================================== ----- R4 ----- Interface E0/3 ip address 192.1.48.4 255.255.255.0 no shut ----- R8 ----- Interface E0/3 ip address 192.1.48.8 255.255.255.0 no shut ========================================================== 3. Configure MP-eBGP between the ASBRs ========================================================== ----- R4 ----- router bgp 100 no bgp default route-target filter neighbor 192.1.48.8 remote-as 200 ! address-family vpnv4 neighbor 192.1.48.8 activate neighbor 10.3.3.3 next-hop-self ! address-family vpnv6 neighbor 192.1.48.8 activate neighbor 10.3.3.3 next-hop-self ----- R8 ----- router bgp 200 no bgp default route-target filter neighbor 192.1.48.4 remote-as 100 ! address-family vpnv4 neighbor 192.1.48.4 activate neighbor 10.7.7.7 next-hop-self ! address-family vpnv6 neighbor 192.1.48.4 activate neighbor 10.7.7.7 next-hop-self ========================================================== 4. Configure the PE Routers to import Remote RTs ========================================================== ----- R1 ----- vrf definition CUST-A address-family ipv4 route-target import 200:1 address-family ipv6 route-target import 200:1 ----- R2 ----- vrf definition CUST-A address-family ipv4 route-target import 200:1 address-family ipv6 route-target import 200:1 ----- R5 ----- vrf definition CUST-A address-family ipv4 route-target import 100:1 address-family ipv6 route-target import 100:1 ----- R6 ----- vrf definition CUST-A address-family ipv4 route-target import 100:1 address-family ipv6 route-target import 100:1 *************************************************************************** Lab 5 - Connect AS 100 CUST-A to AS 200 CUST-A using Option C *************************************************************************** ========================================================== 1. De-Configure Option B ========================================================== ----- R4 ----- default interface E0/3 ! router bgp 100 no neighbor 192.1.48.8 remote-as 200 ----- R8 ----- default interface E0/3 ! router bgp 200 no neighbor 192.1.48.4 remote-as 100 ========================================================== 2. Configure the ASBR-ASBR Link ========================================================== ----- R4 ----- Interface E0/3 ip address 192.1.48.4 255.255.255.0 no shut ----- R8 ----- Interface E0/3 ip address 192.1.48.8 255.255.255.0 no shut ========================================================== 3. Provide Reachability between the RR Loopbacks ========================================================== ----- R4 ----- router bgp 100 network 10.3.3.3 mask 255.255.255.255 neighbor 192.1.48.8 remote-as 200 neighbor 192.1.48.8 send-label ! router ospf 1 redistribute bgp 100 ----- R8 ----- router bgp 200 network 10.7.7.7 mask 255.255.255.255 neighbor 192.1.48.4 remote-as 100 neighbor 192.1.48.4 send-label ! router isis redistribute bgp 200 ========================================================== 4. Configure MP-eBGP between the RRs ========================================================== ----- R3 ----- router bgp 100 neighbor 10.7.7.7 remote-as 200 neighbor 10.7.7.7 update-source loopback10 neighbor 10.7.7.7 ebgp-multihop ! address-family vpnv4 neighbor 10.7.7.7 activate ! address-family vpnv6 neighbor 10.7.7.7 activate ----- R7 ----- router bgp 200 neighbor 10.3.3.3 remote-as 100 neighbor 10.3.3.3 update-source loopback10 neighbor 10.3.3.3 ebgp-multihop ! address-family vpnv4 neighbor 10.3.3.3 activate ! address-family vpnv6 neighbor 10.3.3.3 activate ========================================================== 5. Configure the PE Routers to import Remote RTs ========================================================== ----- R1 ----- vrf definition CUST-A address-family ipv4 route-target import 200:1 address-family ipv6 route-target import 200:1 ----- R2 ----- vrf definition CUST-A address-family ipv4 route-target import 200:1 address-family ipv6 route-target import 200:1 ----- R5 ----- vrf definition CUST-A address-family ipv4 route-target import 100:1 address-family ipv6 route-target import 100:1 ----- R6 ----- vrf definition CUST-A address-family ipv4 route-target import 100:1 address-family ipv6 route-target import 100:1 *************************************************************************** Lab 6 - Optimizing the Data Path in Option C *************************************************************************** ========================================================== 1. Configure the RRs not to change the Next-hop ========================================================== ----- R3 ----- ip prefix-list DENY_ALL deny 0.0.0.0/0 le 32 ! router bgp 100 neighbor 10.7.7.7 prefix-list DENY_ALL out address-family vpnv4 neighbor 10.7.7.7 next-hop-unchanged address-family vpnv6 neighbor 10.7.7.7 next-hop-unchanged ----- R7 ----- ip prefix-list DENY_ALL deny 0.0.0.0/0 le 32 ! router bgp 200 neighbor 10.3.3.3 prefix-list DENY_ALL out address-family vpnv4 neighbor 10.3.3.3 next-hop-unchanged address-family vpnv6 neighbor 10.3.3.3 next-hop-unchanged ========================================================== 2. Configure the ASBRs to leak the PE Loopbacks ========================================================== ----- R4 ----- router bgp 100 network 10.1.1.1 mask 255.255.255.255 network 10.2.2.2 mask 255.255.255.255 ----- R8 ----- router bgp 200 network 10.5.5.5 mask 255.255.255.255 network 10.6.6.6 mask 255.255.255.255 *************************************************************************** Lab 7 - Configuring Option C with a NON-VPN Transit Provider *************************************************************************** ========================================================== 1. De-Configure the link and neighbors between ASBRs ========================================================== ----- R4 ----- default interface E0/3 ! router bgp 100 no neighbor 192.1.48.8 remote-as 200 ----- R8 ----- default interface E0/3 ! router bgp 200 no neighbor 192.1.48.4 remote-as 100 ========================================================== 2. Configure AS 1000 ========================================================== ----- R13 ----- Interface Loopback10 ip address 10.13.13.13 255.255.255.255 ip router isis ! mpls ldp router-id loopback10 ! router isis net 49.0000.0000.0000.000D.00 is-type level-2 metric-style wide ! Interface E0/1 ip address 192.1.134.13 255.255.255.0 ip router isis mpls ip no shut ! router bgp 1000 neighbor 10.14.14.14 remote-as 1000 neighbor 10.14.14.14 update-source loopback10 neighbor 10.14.14.14 next-hop-self neighbor 10.14.14.14 send-label ----- R14 ----- Interface Loopback10 ip address 10.14.14.14 255.255.255.255 ip router isis ! mpls ldp router-id loopback10 ! router isis net 49.0000.0000.0000.000E.00 is-type level-2 metric-style wide ! Interface E0/1 ip address 192.1.134.14 255.255.255.0 ip router isis mpls ip no shut ! router bgp 1000 neighbor 10.13.13.13 remote-as 1000 neighbor 10.13.13.13 update-source loopback10 neighbor 10.13.13.13 next-hop-self neighbor 10.13.13.13 send-label ========================================================== 3. Configure eBGP from AS 100 & AS 200 towards AS 1000 ========================================================== ----- R4 ----- Interface E0/2 ip address 192.1.40.4 255.255.255.0 no shut ! router bgp 100 neighbor 192.1.40.13 remote-as 1000 neighbor 192.1.40.13 send-label ----- R8 ----- Interface E0/2 ip address 192.1.80.8 255.255.255.0 no shut ! router bgp 200 neighbor 192.1.80.14 remote-as 1000 neighbor 192.1.80.14 send-label ----- R13 ----- Interface E0/0 ip address 192.1.40.13 255.255.255.0 no shut ! router bgp 1000 neighbor 192.1.40.4 remote-as 100 neighbor 192.1.40.4 send-label ----- R14 ----- Interface E0/0 ip address 192.1.80.14 255.255.255.0 no shut ! router bgp 1000 neighbor 192.1.80.8 remote-as 200 neighbor 192.1.80.8 send-label