Case Study—Multi-Homed Inter-AS Provider Network
Figure 7-38 shows an Inter-AS network topology in which Service Provider 1 and Service Provider 2 are providing MPLS VPN services to geographically dispersed Customer A and B sites.
The provider network uses the RR method to reduce iBGP mesh. P1-AS1-RR and P1-AS2-RR serve as both an ASBR and a RR in the provider network. In this case study, ASBR1-AS1 and ASBR2-AS2 in the provider network use the Inter-AS redistribute connected option to distribute the next hop to devices in Provider Network 1, while P1-AS1-RR and P1-AS2-RR use the Inter-AS next-hop-self method to distribute next-hop information to devices in Provider Network 2. Provider 2, in this case study, also wants to ensure that Customer A traffic uses the Inter-AS Link A and Customer B traffic uses the Inter-AS Link B, and, in case any link goes down, both customers’ traffic should be routed across the other operational link. Example 7-31 shows the ASBR and PE router configuration. Refer to Example 7-3 and Example 7-4 for CE configurations.
Example 7-31. Multi-Homed Inter-AS Provider Network Router Configurations
hostname ASBR2-AS1 ! ip cef ! mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.10.10.102 255.255.255.255 ! interface Ethernet0/0 ip address 10.10.10.5 255.255.255.252 mpls ip ! interface Ethernet1/0 ip address 10.10.10.10 255.255.255.252 mpls ip ! interface Serial2/0 ip address 10.40.40.1 255.255.255.252 mpls bgp forwarding ! router ospf 1 redistribute connected subnets route-map adv-conn network 10.10.10.0 0.0.0.255 area 0 ! router bgp 1 no bgp default ipv4-unicast no bgp default route-target filter neighbor 10.10.10.100 remote-as 1 neighbor 10.10.10.100 update-source Loopback0 neighbor 10.40.40.2 remote-as 2 ! address-family vpnv4 neighbor 10.10.10.100 activate neighbor 10.10.10.100 send-community extended neighbor 10.40.40.2 activate neighbor 10.40.40.2 send-community extended exit-address-family ! access-list 1 permit 172.16.10.0 access-list 2 permit 192.168.10.0 access-list 10 permit 10.40.40.2 ! route-map adv-conn permit 10 match ip address 10 __________________________________________________________________________ hostname ASBR2-AS2 ! ip cef ! mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.20.20.102 255.255.255.255 ! interface Ethernet0/0 ip address 10.20.20.5 255.255.255.252 mpls ip ! interface Ethernet1/0 ip address 10.20.20.10 255.255.255.252 mpls ip ! interface Serial2/0 ip address 10.40.40.2 255.255.255.252 mpls bgp forwarding ! router ospf 2 network 10.20.20.0 0.0.0.255 area 0 ! router bgp 2 no synchronization no bgp default route-target filter neighbor 10.20.20.100 remote-as 2 neighbor 10.20.20.100 update-source Loopback0 neighbor 10.40.40.1 remote-as 1 no auto-summary ! address-family vpnv4 neighbor 10.20.20.100 activate neighbor 10.20.20.100 send-community extended neighbor 10.20.20.100 next-hop-self neighbor 10.40.40.1 activate neighbor 10.40.40.1 send-community extended neighbor 10.40.40.1 route-map pref_192 in neighbor 10.40.40.1 route-map pref_192_local out exit-address-family ! access-list 1 permit 192.168.10.0 access-list 2 permit 172.16.10.0 access-list 3 permit 192.168.20.0 access-list 4 permit 172.16.20.0 ! route-map pref_192_local permit 10 match ip address 3 ! route-map pref_192_local permit 20 match ip address 4 set as-path prepend 65501 65501 65501 ! route-map pref_192 permit 10 match ip address 1 set metric 50 ! route-map pref_192 permit 20 match ip address 2 set metric 100 __________________________________________________________________________ hostname PE1-AS1 ! ip cef ! ip vrf Cust_A rd 1:100 route-target export 1:100 route-target import 2:100 ! ip vrf Cust_B rd 1:101 route-target export 1:101 route-target import 2:101 ! mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.10.10.101 255.255.255.255 ! interface Ethernet0/0 ip address 10.10.10.1 255.255.255.252 mpls ip ! interface Ethernet1/0 ip address 10.10.10.9 255.255.255.252 mpls ip ! interface Serial2/0 description connected to Cust_A CE1-A ip vrf forwarding Cust_A ip address 172.16.1.1 255.255.255.252 ! interface Serial3/0 description connected to Cust_B CE1-B ip vrf forwarding Cust_B ip address 192.168.1.1 255.255.255.252 ! router ospf 1 network 10.10.10.0 0.0.0.255 area 0 ! router bgp 1 no bgp default ipv4-unicast neighbor 10.10.10.100 remote-as 1 neighbor 10.10.10.100 update-source Loopback0 ! address-family vpnv4 neighbor 10.10.10.100 activate neighbor 10.10.10.100 send-community extended exit-address-family ! address-family ipv4 vrf Cust_B neighbor 192.168.1.2 remote-as 65001 neighbor 192.168.1.2 activate neighbor 192.168.1.2 as-override no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf Cust_A neighbor 172.16.1.2 remote-as 65001 neighbor 172.16.1.2 activate no auto-summary no synchronization exit-address-family __________________________________________________________________________ hostname PE1-AS2 ! ip cef ! ip vrf Cust_A rd 2:100 route-target export 2:100 route-target import 1:100 ! ip vrf Cust_B rd 2:101 route-target export 2:101 route-target import 1:101 ! mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.20.20.101 255.255.255.255 ! interface Ethernet0/0 ip address 10.20.20.1 255.255.255.252 mpls ip ! interface Ethernet1/0 ip address 10.20.20.9 255.255.255.252 mpls ip ! interface Serial2/0 description coonected to Cust_A CE2-A ip vrf forwarding Cust_A ip address 172.16.2.1 255.255.255.252 ! interface Serial3/0 description coonected to Cust_B CE2-B ip vrf forwarding Cust_B ip address 192.168.2.1 255.255.255.252 ! router ospf 2 network 10.20.20.0 0.0.0.255 area 0 ! router bgp 2 no bgp default ipv4-unicast neighbor 10.20.20.100 remote-as 2 neighbor 10.20.20.100 update-source Loopback0 ! address-family vpnv4 neighbor 10.20.20.100 activate neighbor 10.20.20.100 send-community extended exit-address-family ! address-family ipv4 vrf Cust_B neighbor 192.168.2.2 remote-as 65001 neighbor 192.168.2.2 activate neighbor 192.168.2.2 as-override no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf Cust_A neighbor 172.16.2.2 remote-as 65002 neighbor 172.16.2.2 activate no auto-summary no synchronization exit-address-family __________________________________________________________________________ hostname ASBR1-AS1-RR ! ip cef ! mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.10.10.100 255.255.255.255 ! interface Ethernet0/0 ip address 10.10.10.2 255.255.255.252 mpls ip ! interface Ethernet1/0 ip address 10.10.10.6 255.255.255.252 mpls ip ! interface Serial2/0 ip address 10.30.30.1 255.255.255.252 mpls bgp forwarding ! router ospf 1 redistribute connected subnets route-map adv-conn network 10.10.10.0 0.0.0.255 area 0 ! router bgp 1 no bgp default ipv4-unicast no bgp default route-target filter neighbor 10.10.10.101 remote-as 1 neighbor 10.10.10.101 update-source Loopback0 neighbor 10.10.10.102 remote-as 1 neighbor 10.30.30.2 remote-as 2 ! address-family vpnv4 neighbor 10.10.10.101 activate neighbor 10.10.10.101 send-community extended neighbor 10.10.10.101 route-reflector-client neighbor 10.10.10.102 activate neighbor 10.10.10.102 send-community extended neighbor 10.10.10.102 route-reflector-client neighbor 10.30.30.2 activate neighbor 10.30.30.2 send-community extended exit-address-family ! access-list 10 permit 10.30.30.2 ! route-map adv-conn permit 10 match ip address 10 __________________________________________________________________________ hostname ASBR1-AS2-RR ! ip cef ! mpls ldp router-id Loopback0 ! interface Loopback0 ip address 10.20.20.100 255.255.255.255 ! interface Ethernet0/0 ip address 10.20.20.2 255.255.255.252 mpls ip ! interface Ethernet1/0 ip address 10.20.20.6 255.255.255.252 mpls ip ! interface Serial2/0 ip address 10.30.30.2 255.255.255.252 mpls bgp forwarding ! router ospf 2 network 10.20.20.0 0.0.0.255 area 0 ! router bgp 2 no synchronization no bgp default route-target filter neighbor 10.20.20.101 remote-as 2 neighbor 10.20.20.101 update-source Loopback0 neighbor 10.20.20.102 remote-as 2 neighbor 10.20.20.102 update-source Loopback0 neighbor 10.30.30.1 remote-as 1 no auto-summary ! address-family vpnv4 neighbor 10.20.20.101 activate neighbor 10.20.20.101 send-community extended neighbor 10.20.20.101 route-reflector-client neighbor 10.20.20.101 next-hop-self neighbor 10.20.20.102 activate neighbor 10.20.20.102 send-community extended neighbor 10.20.20.102 route-reflector-client neighbor 10.20.20.102 next-hop-self neighbor 10.30.30.1 activate neighbor 10.30.30.1 send-community extended neighbor 10.30.30.1 route-map pref_172 in neighbor 10.30.30.1 route-map pref_172_local out exit-address-family ! access-list 1 permit 172.16.10.0 access-list 2 permit 192.168.10.0 access-list 3 permit 172.16.20.0 access-list 4 permit 192.168.20.0 ! route-map pref_172_local permit 10 match ip address 3 ! route-map pref_172_local permit 20 match ip address 4 set as-path prepend 65501 65501 65501 ! route-map pref_172 permit 10 match ip address 1 set metric 50 ! route-map pref_172 permit 20 match ip address 2 set metric 100 |
Example 7-32 shows that, on PE1-AS1, 172.16.20.0/24 is reachable via Inter-AS Link A, and 192.168.20.0/24 is reachable via Inter-AS Link B. Based on the output shown in Example 7-32, traffic between Customer A sites take Inter-AS Link A and traffic between Customer B sites take Inter-AS Link B.
Example 7-32. Verifying End-to-End Connectivity
PE1-AS1#show ip bgp vpnv4 all <truncated> *>i172.16.20.0/24 10.30.30.2 0 100 0 2 65002 i *>i192.168.20.0 10.40.40.2 0 100 0 2 65001 i __________________________________________________________________________ PE1-AS2#show ip bgp vpnv4 all <truncated> *>i172.16.10.0/24 10.20.20.100 50 100 0 1 65001 i *>i192.168.10.0 10.20.20.102 50 100 0 1 65001 i |
Example 7-33 shows the result of the ping operation.
Example 7-33. Verify End-to-End Connectivity
CE1-A#ping 172.16.20.1 source 172.16.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 172.16.20.1, timeout is 2 seconds: Packet sent with a source address of 172.16.10.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 60/60/60 ms __________________________________________________________________________ CE1-B#ping 192.168.20.1 source 192.168.10.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.20.1, timeout is 2 seconds: Packet sent with a source address of 192.168.10.1 !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 60/60/60 ms |
..................Content has been hidden....................
You can't read the all page of ebook, please click here login for view all page.