Beruflich Dokumente
Kultur Dokumente
WELCOME ABOUT ME RESUME CCIE R&S CCIE SP CCIE SEC CCIE DC REACH ME
Hey Folks, here we will discuss the interesting LAB of MPLS for implementation of BGP on the Your email:
Customer Site, or simple running BGP Protocol on customer site.
Enter email address...
Here we will see how BGP works on top of MP-BGP, and the Service Provider providing the
Connectivity for the Di erent Customers which are all running BGP.
Subscribe Unsubscribe
We know that BGP version 4 (BGP4) is the current de facto Internet standard for inter-domain (AS)
exterior routing. In MPLS VPN networks, MP-BGP is used and plays a pivotal role in the transportation
of VPNv4 pre xes across the service provider network. In traditional environments, customer TAGS
networks prefer to use BGP in their networks and, therefore, use BGP as a PE-CE routing protocol
when migrating from a non-MPLS based to an MPLS VPN based network.
IPV6IP CELL-MODE MPLS #ASA SP SOUCE-
This helps the customer establish a consistent end-to-end routing policy. In an MPLS VPN network,
ACTIVE CCIE SECURITY #STANDBY NETWORK
BGP attributes for a VPN site are transparently transported across the service provider backbone to
another site in the same VPN. Because there is a single routing protocol used across the VPN between INTERLEAVING LDP VIRTUAL VPN VIRL
service provider core and customer sites, the concept of redistribution does not apply.
MSDP SECURITY IPV6 MULTILINK
BGP PE-CE peering in an MPLS VPN environment can be performed in two di erent ways: DATA CENTER TYPES OF DELAY NEXUS BGP #ISAKMP
BGP PE-CE VPN Sites implementing same AS numbers #SECURITY #CCIESEC #CISCO
#NETWORK #SECURITY #VPN
Let’s assume the following topology:
#IPSEC #ENCRYPTION EXTENDED
COMMUNITY SP STUDY APPROACH #EZVPN CCIEDC
SWITCH TUNNEL QUEUING HEADERS #IKV2 BGP
ARCHIVES
July 2017 (1)
March 2017 (1)
December 2016 (1)
November 2016 (1)
May 2016 (2)
January 2016 (1)
December 2015 (1)
September 2015 (1)
June 2014 (1)
May 2014 (1)
March 2014 (1)
January 2014 (4)
In the MPLS VPN network shown above, an MPLS VPN service provider plans to provision BGP PE-CE November 2013 (1)
routing protocol for two customers, Customers A and B. CE1-A and CE2-A are CE devices belonging to
Customer A located at Site 1 and Site 2, respectively. They are part of the same VPN, VPN-A. These CE October 2013 (1)
devices are connected to provider edge devices PE1-AS1 and PE2-AS1 in the service provider network.
September 2013 (4)
CE1-A belongs to AS 65001 and CE2-A belongs to AS 65002. For Customer B network, CE1-A and CE2-A
are the CE devices located at Site 1 and Site 2, respectively, and are part of the VPN, VPN-B. CE1-A and August 2013 (11)
CE2-A belong to AS 65001 and are connected to PE1-AS1 and PE2-AS1, respectively.
Implementing BGP PE-CE routing for the Customer A network is not an issue because the VPN sites
use unique AS numbers. However, Customer B plans on using the same AS number on its sites. This
causes an issue when migrating from a traditional non-MPLS based network topology, where the
customer might use the same AS numbers at all his sites, to an MPLS VPN-based infrastructure due to
the BGP loop prevention mechanism. The BGP loop prevention mechanism disallows customer sites
having identical AS numbers to be linked by another AS number. In other words, if such a case occurs,
routing updates from one site would be dropped when the other site receives them; therefore,
connectivity cannot be established between the sites without additional con guration on the SP PE
routers.
To resolve the loop from the same AS between sites we use AS Override command, the AS Override
functionality when identical AS numbers are used at customer sites. The AS Override function causes
all leading occurrences of the AS number of the receiving BGP router to be replaced with the AS
number of the sending BGP router. When AS Override is used, AS 65001 in the AS-PATH is replaced
with the AS number of the sending BGP router PE2-AS1, which is 1. Any other occurrences (further
down the AS-PATH) of the receiving router’s AS number are not replaced because they indicate a real
routing information loop. In addition, an extra copy of the sending router’s AS number is prepended to
the AS-PATH (standard AS number prepending procedure that occurs on every eBGP update) to
maintain proper AS hop count for proper BGP route selection. PE2-AS1 prepends AS 1 to BGP update.
==
( You can see above as soon as we enable the EIGRP Routing process the Neighborship is established )
==
—–
==
( Above you can see that the MPLS neighbor between the PE1-AS1 and P1-AS1 is established )
==
Con gure per VRF BGP routing contexts for Cust_A and Cust_B under the BGP routing process on PE1-
AS1 and PE2-AS1. below demonstrates the per VRF BGP con guration on PE1-AS1. Repeat the steps on
PE2-AS1. Note that the address-family IPv4 VRF contexts are seen by default in a router’s con guration
when relevant con gurations for forming MP-iBGP sessions are con gured on PE routers. In that case,
address-family ipv4 vrf vrf-name command under the BGP routing process is keyed in to enter a
particular VRF’s IPv4 address-family context so that further con gurations can be performed.
In this step, under the BGP VRF routing context created in Step 1, the remote BGP CE neighbors are
de ned on the PE routers and activated. below shows the con guration to de ne BGP CE neighbors
on the PE routers.
Now let’s see the CE part of the con gurations as below:
Now you can verify with the following commands:
Finally you can Ping end to end from CA-1 towards CA-2 and CB-1 towards CB-2:
Note: Don’t forget to rst established the BGP Process in between the PE1-AS1 and PE2-AS1, which
also requires the enabling of the VPNv4 Routing Context.
Cheers,
Follow
POSTS FOLLOW ME