Tuesday, November 13, 2007

MPLS CSC [Cisco Config Sample]

MPLS CSC - IPFlow Netflow Collector


MPLS Carrier Supporting Carrier Example


This is a simple example of MPLS CSC configuration on Cisco routers (using Dynamips and GNS3).


Author: Christophe Fillot - 01-Nov-2007


Table of contents


1 Topology


2 Description


3 Configuring CSC


4 IOS configurations


5 Output of some commands


6 PCAP captures


7 Dynamips/Dynagen/GNS3 configuration


[edit]


Topology


Image:MPLS_CSC_topo.png


[edit]


Description


A client ISP wants to connect two entities (represented by CLI_PE1 and CLI_PE2/CLI_PE3 respectively) of its MPLS/VPN network through another MPLS/VPN backbone (CSC routers).



  • The client ISP is seen as a VPN from the CSC backbone (VRF "VPN1" in CSC routers)

  • The client ISP has its own VPNs, independently of the CSC backbone (VRF "VPNA" in CLI routers)

  • The client ISP is 6PE-enabled, to show that it perfectly works through a CSC backbone.


[edit]


Configuring CSC


This is very easy: on VRF interfaces going to CLI routers, just add "mpls ip":



CSC_PE1#sh run int fa1/0
Building configuration...

Current configuration : 141 bytes
!
interface FastEthernet1/0
 description To CLI_PE1
 ip vrf forwarding VPN1
 ip address 100.0.1.1 255.255.255.252
 duplex half
 mpls ip
end


Then, check that the LDP adjacency is established:



CSC_PE1#sh mpls ldp nei vrf VPN1
    Peer LDP Ident: 100.100.0.1:0; Local LDP Ident 100.0.1.1:0
        TCP connection: 100.100.0.1.40052 - 100.0.1.1.646
        State: Oper; Msgs sent/rcvd: 152/151; Downstream
        Up time: 02:05:35
        LDP discovery sources:
          FastEthernet1/0, Src IP addr: 100.0.1.2
        Addresses bound to peer LDP Ident:
          100.0.1.2       100.100.0.1


To exchange routes between CSC_PE1 and CLI_PE1, and between CSC_PE2 and CLI_PE2, OSPF is used:



CSC_PE1#sh run  begin ^router ospf 200
router ospf 200 vrf VPN1
 log-adjacency-changes
 redistribute bgp 65000 metric-type 1 subnets
 network 100.0.0.0 0.255.255.255 area 0
!


[edit]




IOS configurations



IOS configurations for CSC backbone:





  • CSC_P (http://www.ipflow.utc.fr/configs/MPLS_CSC/CSC_P.cfg)

  • CSC_PE1 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CSC_PE1.cfg)

  • CSC_PE2 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CSC_PE2.cfg)



IOS configurations for Client backbone:





  • CLI_PE1 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CLI_PE1.cfg)

  • CLI_PE2 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CLI_PE2.cfg)

  • CLI_PE3 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CLI_PE3.cfg)



[edit]




Output of some commands



On CLI_PE1 (initiating the pings to CLI_PE3):



CLI_PE1#sh ip ro vrf VPNA
     200.0.0.0/32 is subnetted, 3 subnets
C       200.0.0.1 is directly connected, Loopback100
B       200.0.0.2 [200/0] via 100.100.0.2, 01:19:24
B       200.0.0.3 [200/0] via 100.100.0.3, 01:06:39

CLI_PE1#sh ip cef vrf VPNA 200.0.0.3
200.0.0.3/32, version 8, epoch 0, cached adjacency 100.0.1.1
0 packets, 0 bytes
  tag information set
    local tag: VPN-route-head
    fast tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24 20}
  via 100.100.0.3, 0 dependencies, recursive
    next hop 100.0.1.1, FastEthernet0/0 via 100.100.0.3/32
    valid cached adjacency
    tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24 20}

CLI_PE1#sh ipv6 route
LC  FEC0:1000::1/128 [0/0]
     via ::, Loopback0
B   FEC0:1000::2/128 [200/0]
     via ::FFFF:100.100.0.2, IPv6-mpls
B   FEC0:1000::3/128 [200/0]
     via ::FFFF:100.100.0.3, IPv6-mpls
L   FF00::/8 [0/0]
     via ::, Null0

CLI_PE1#sh ipv6 cef FEC0:1000::3
FEC0:1000::3/128
     nexthop ::FFFF:100.100.0.3
    fast tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24 21}


The first label (24) is used to reach 100.100.0.3 (Loopback0 of CLI_PE3):



CLI_PE1#sh ip cef 100.100.0.3
100.100.0.3/32, version 14, epoch 0, cached adjacency 100.0.1.1
0 packets, 0 bytes
  tag information set, shared
    local tag: 19
    fast tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24}
  via 100.0.1.1, FastEthernet0/0, 1 dependency
    next hop 100.0.1.1, FastEthernet0/0
    valid cached adjacency
    tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24}


We can see below how labels 20 and 21 are handled by CLI_PE3:



CLI_PE3#sh mpls for
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   
tag    tag or VC   or Tunnel Id      switched   interface             
16     Pop tag     100.100.0.2/32    0          Fa0/0      100.0.23.1  
17     Pop tag     100.0.2.0/30      0          Fa0/0      100.0.23.1  
18     18          100.0.1.0/30      0          Fa0/0      100.0.23.1  
19     19          100.100.0.1/32    0          Fa0/0      100.0.23.1  
20     Aggregate   200.0.0.3/32[V]   5288                              
21     Aggregate   FEC0:1000::3/128  1040


On CSC_PE1, we have the following MPLS forwarding table:



CSC_PE1#sh mpls for
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   
tag    tag or VC   or Tunnel Id      switched   interface             
16     Pop tag     10.10.0.0/32      0          Fa0/0      10.0.1.1    
17     Pop tag     10.0.2.0/30       0          Fa0/0      10.0.1.1    
18     17          10.10.0.2/32      0          Fa0/0      10.0.1.1    
19     Aggregate   100.0.1.0/30[V]   3756                              
20     Pop tag     100.100.0.1/32[V] 17404      Fa1/0      100.0.1.2   
21     19          100.0.2.0/30[V]   0          Fa0/0      10.0.1.1    
22     20          100.0.23.0/30[V]  0          Fa0/0      10.0.1.1    
23     21          100.100.0.2/32[V] 7703       Fa0/0      10.0.1.1    
24     22          100.100.0.3/32[V] 4666       Fa0/0      10.0.1.1


Let's take a look on how label 24 is handled:



CSC_PE1#sh mpls for lab 24 det
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop   
tag    tag or VC   or Tunnel Id      switched   interface             
24     22          100.100.0.3/32[V] 4666       Fa0/0      10.0.1.1    
        MAC/Encaps=14/22, MRU=1496, Tag Stack{17 22}
        CA1368530000CA12685300008847 0001100000016000
        VPN route: VPN1
        No output feature configured
    Per-packet load-sharing


We can see that label 24 is popped and replaced by 2 labels (17 and 22), corresponding to 100.100.0.3 in VRF "VPN1". On CLI_PE1, we saw that the labels used to reach 200.0.0.3 in vrf VPNA are "{24 20}", and that the labels used to reach FEC0:1000::3 are "{24 21}".


It means that when the packets leave CSC_PE1, there are 3 labels in the stack:





  • {17 22 20} for 200.0.0.3 in vrf VPNA

  • {17 22 21} for FEC0:1000::3



You can observe this in the PCAP file (to be used with Wireshark).


Traceroute Example:



CLI_PE1#trace vrf VPNA 200.0.0.3   

Type escape sequence to abort.
Tracing the route to 200.0.0.3

  1 10.0.1.2 [MPLS: Labels 24/20 Exp 0] 12 msec 32 msec 28 msec
  2 10.0.1.1 [MPLS: Labels 17/22/20 Exp 0] 20 msec 68 msec 4 msec
  3 100.0.2.1 [MPLS: Labels 22/20 Exp 0] 72 msec 12 msec 24 msec
  4 100.0.2.2 [MPLS: Labels 16/20 Exp 0] 24 msec 28 msec 24 msec
  5 200.0.0.3 28 msec *  40 msec


[edit]




PCAP captures



This PCAP capture (http://www.ipflow.utc.fr/configs/MPLS_CSC/mpls_csc.cap) shows the label stack in packets received by CSC_P, when pinging from CLI_PE1 to CLI_PE3.


Here are the screenshots from Wireshark:





  • IPv4 ping (http://www.ipflow.utc.fr/configs/MPLS_CSC/wireshark_ping_v4.png)

  • IPv6 ping (http://www.ipflow.utc.fr/configs/MPLS_CSC/wireshark_ping_v6.png)



[edit]




Dynamips/Dynagen/GNS3 configuration



You can use this configuration file (http://www.ipflow.utc.fr/configs/MPLS_CSC/mpls_csc.net) directly with Dynagen or GNS3. Change the working directory and Cisco IOS image path to match your needs.


Retrieved from "http://www.ipflow.utc.fr/index.php/MPLS_CSC"

Posted by at
Labels: ,