CISCO EXPERT – CCIE#23373

Ricardo Martins

Posts Tagged ‘MPLS’

Cisco Expert – MPLS and BGP – Part 2

Posted by Ricardo Martins on March 7, 2009

Alright, we have our network configured with OSPF in the transit links and we have a BGP peer session between R1 and R3. There’s only one little problem we must solve. R2 is not running BGP, therefore does not know about R1 and R3 LAN’s so is dropping any traffic for those destinations.

The solution will be enabling MPLS on the transit links between R1-R2-R3.

MPLS runs in 2 flavors, TDP and LDP. We can also use RSVP bandwidth reservations for MPLS Traffic Engineering Tunnels but that is for another day.
TDP is Cisco proprietary and stands for Tag Distribution Protocol which really is the old format for MPLS. Now, instead of tags it is called Labels.
LDP is a industry standard and stands for Lable Distribution protocol. Apart from this, they do pretty much similar.

Configuration wise, we are talking here about 2 or 3 commands, so no big deal but the concepts my friends are the problem. You have to understand the concept very well because later on when you get into MPLS VPN’s and QOS…well…Another day I will explain those topics

mpls

For now, we are going to enable MPLS.
In some IOS versions, TDP is the default, some other LDP, so check it!!!!
We are running LDP for sake of being the Industry Standard but again there’s no difference. Also be aware that some IOS versions take the command tag-switching ip, some other mpls ip. Also IP CEF is a must here.
Another very important aspect is that by default your MPLS adjacency router-id will be formed based on the highest loopback in the router and that loopback must be advertised into OSPF. So we have a problem here :). My LANs are Loppback 1, are not being advertised into OSPF and they are the highest ip. The solution is the optional command “mpls ldp router-id loopback 0 (force)”. If you are having problems, shut down the interfaces and use “force” keyword and bring them back up.

Rack1R1(config)#mpls label protocol ?
ldp Use LDP
tdp Use TDP (default)

R1 has TDP enabled my default, so I am going to change it to LDP.

R1(config)#ip cef
R1(config)#mpls ldp router-id loopback 0
R1(config)#mpls label protocol ldp
R1(config)#int e0/0
R1(config-if)#mpls ip

That’s it! Now I will enable it in all the transit links.

Verification
R2#sh mpls ldp neighbor
Peer LDP Ident: 3.3.3.3:0; Local LDP Ident 2.2.2.2:0
TCP connection: 3.3.3.3.63264 – 2.2.2.2.646
State: Oper; Msgs sent/rcvd: 10/11; Downstream
Up time: 00:01:21
LDP discovery sources:
FastEthernet0/1, Src IP addr: 172.16.23.3
Addresses bound to peer LDP Ident:
172.16.23.3 124.1.23.3 3.3.3.3 10.10.3.3
Peer LDP Ident: 1.1.1.1:0; Local LDP Ident 2.2.2.2:0
TCP connection: 1.1.1.1.646 – 2.2.2.2.20480
State: Oper; Msgs sent/rcvd: 10/10; Downstream
Up time: 00:01:15
LDP discovery sources:
FastEthernet0/0, Src IP addr: 172.16.12.1
Addresses bound to peer LDP Ident:
1.1.1.1 10.10.1.1 172.16.12.1

The process:
Now when R3 sends traffic from it’s LAN to R1’s LAN, it will sure work. Let’s check how do the routers route the traffic.

R3#sh ip route bgp
10.0.0.0/24 is subnetted, 2 subnets
B 10.10.1.0 [200/0] via 1.1.1.1, 00:03:43

R3 has 10.10.1.0 via 1.1.1.1(R1) so it will make a lookup in the MPLS table for network 1.1.1.1.

R3#sh mpls forwarding-table 1.1.1.1
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
16 32 1.1.1.1/32 0 Et0/1 172.16.23.2

It says to get to 1.1.1.1 PUSH a label 32 and send the traffic to the next hop address towards R2

R2 receives the traffic and checks the topmost Label of the packet which will be 32

R2#sh mpls forwarding-table 1.1.1.1
Local Outgoing Prefix Bytes tag Outgoing Next Hop
tag tag or VC or Tunnel Id switched interface
32 Pop tag 1.1.1.1/32 3296 Fa0/0 172.16.12.1

R2 now will POP the Label 32 and send the traffic towards R1.

R1 receives the traffic for 10.10.1.1 and knows that is directly connected.

Because this is a small topology we did not see one important step in MPLS. Imagine that between R2 and R3 we would have another router. That router would just SWAP the topmost label with another label and send the traffic to R2. Basically, labels are formed like this 16-17 17-18 18-19 19-20 and so on, so when a router sends a label, the other router is expecting that label.

In conclusion, there are 3 processes for MPLS, PUSH – SWAP – POP.

Final test, ping from R3’s LAN to R1’s LAN

R3#ping 10.10.1.1 source lo1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.10.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Now we have reachability!!

The MPLS routers on the core of the network they will not run BGP and have not routes for BGP networks, they will route the traffic based on LABELS only.  P->PE, Provider to Provider Edge, will always POP the label. Likewise, PE->P will always PUSH a Label. P->P will only SWAP a Label

This makes a lot of sense, If a ISP has 400 P routers and 100 PE routers, they only need to run BGP in 100 routers, COOL HA?

Posted in BGP, MPLS | Tagged: , | 7 Comments »

Cisco Expert – MPLS and BGP – Part 1

Posted by Ricardo Martins on March 7, 2009

When I decided to start studying for CCIE SP, I was a lilttle bit nervous because I thought MPLS would be very difficult and complex. I am not saying that it is easy but if you understand the basic concept, you problably can solve more complex scenarios.

In simple words, MPLS was designed to avoid running BGP everywhere in a network. These days, the internet is composed by over 250k routes, so it would not be very scalable to run BGP in everywhere in your AS. Basically, MPLS will provide transport end-to-end for BGP routes.

In R&S world there are 3 ways you can do this:

1 – Run BGP everywhere
2 – Redistribute BGP into IGP
3 – Run a GRE tunnel from PE to PE

Obviously, none of these solutions are very scaleable for any big network, so the option here would be

4 – Run a MPLS free BGP core

First of all, we are going to enable OSPF in the links and advertise the loopbacks into OSPF and then enable BGP on R1 and R3 and advertise the LAN’s into BGP. Assume that all loopbacks are in the format 1.1.1.1, 2.2.2.2, etc. At this point, forget MPLS. We just want to build our network and test ip reachability. Just as a side note, if you are using OSPF in the network, you must always use a single area.

The network:

mpls

After we have enabled OSPF we should have reachability from R3 loopback to R1 loopback, let’s test it

R3#ping 1.1.1.1 source lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 3.3.3.3
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms

Now, we can safely enable BGP on R1 and R3 and advertise the LAN’s

R1
router bgp 10
no synchronization
bgp log-neighbor-changes
network 10.10.1.0 mask 255.255.255.0
neighbor 3.3.3.3 remote-as 10
neighbor 3.3.3.3 update-source Loopback0
no auto-summary

R1#sh ip bgp
BGP table version is 3, local router ID is 10.10.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

Network Next Hop Metric LocPrf Weight Path
*> 10.10.1.0/24 0.0.0.0 0 32768 i
*>i10.10.3.0/24 3.3.3.3 0 100 0 i

R3
router bgp 10
no synchronization
bgp log-neighbor-changes
network 10.10.3.0 mask 255.255.255.0
neighbor 1.1.1.1 remote-as 10
neighbor 1.1.1.1 update-source Loopback0
no auto-summary

R3#sh ip bgp
BGP table version is 3, local router ID is 10.10.3.3
Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,
r RIB-failure, S Stale
Origin codes: i – IGP, e – EGP, ? – incomplete

Network Next Hop Metric LocPrf Weight Path
*>i10.10.1.0/24 1.1.1.1 0 100 0 i
*> 10.10.3.0/24 0.0.0.0 0 32768 i

Now the problem that we run into here, is that for example R3 will not have ip reachability to R1’s LAN 10.10.1.0/24 (Remember that we need to source traffic from R3’s LAN, otherwise R1 will not have a route back)

Rack1R3#ping 10.10.1.1 source lo1

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.1.1, timeout is 2 seconds:
Packet sent with a source address of 10.10.3.3
…..
Success rate is 0 percent (0/5)

The reason we cannot ping is that, R2 will not have a route installed for R1 and R3’s LAN, let’s check

R2#sh ip route ospf
1.0.0.0/32 is subnetted, 1 subnets
O 1.1.1.1 [110/2] via 172.16.12.1, 00:13:51, FastEthernet0/0
3.0.0.0/32 is subnetted, 1 subnets
O 3.3.3.3 [110/2] via 172.16.23.3, 00:13:51, FastEthernet0/1

R2 only provides transport for R1 and R3 to be able to peer via BGP

In part 2, we will see how can we solve this problem implementing the option “4-Run a MPLS free BGP core”, being R2 the core of the network. We will also take a closer look of the MPLS labeling process.

Posted in BGP, MPLS | Tagged: , | 12 Comments »