[nsp] Locally terminate traffic into a TE tunnel (act as PE andCEin a single router)

Jack.W.Parks at alltel.com Jack.W.Parks at alltel.com
Fri May 7 14:16:57 EDT 2004


I just typed this from memory with a quick sanity check using 12.0 docs
(We use another vendor for MPLS deployments).  Use at your own risk, but
it should get you close for the config required on the PE.  

ip vrf test-vrf	
rd 100:1
route-target both 100:1 	
!
interface Ethernet5/0/1 		! Interface plugged into your
Catalyst
ip vrf forwarding test-vrf
ip address 192.168.0.1 255.255.255.0
!
router bgp 100 				! Configure BGP sessions
no synchronization
no bgp default ipv4-activate 		
neighbor 10.0.0.1 remote-as 100	! This is for your PE-PE
neighbor 10.0.0.1 update-source lo0
!
address-family vpnv4 unicast 		! Activate PE exchange of VPNv4
NLRI
neighbor 10.0.0.1 activate
exit-address-family
!
address-family ipv4 unicast vrf test-vrf 	
redistribute static
redistribute connected			! This should readvertise the
local _
no auto-summary				! subnet into MP-BGP
exit-address-family
!
ip route vrf test-vrf 12.0.0.0 255.0.0.0 e5/0/1 192.168.0.2	!
CE1/Host1
ip route vrf test-vrf 13.0.0.0 255.0.0.0 e5/0/1 192.168.0.3	!
CE2/Host2
ip route vrf test-vrf 14.0.0.0 255.0.0.0 e5/0/1 192.168.0.4	!
CE3/Host3



-----Original Message-----
From: Temkin, David [mailto:temkin at sig.com] 
Sent: Friday, May 07, 2004 12:47 PM
To: Parks, Jack W; cisco-nsp at puck.nether.net
Subject: RE: [nsp] Locally terminate traffic into a TE tunnel (act as PE
andCEin a single router)


Yes, layer 3 in this case...  The hosts that were there were just for
illustration (it's a much more complex network).

Does anyone have any sample configs that could illustrate what Jack is
talking about?

Appreciate it!
-Dave

> -----Original Message-----
> From: Jack.W.Parks at alltel.com [mailto:Jack.W.Parks at alltel.com]
> Sent: Friday, May 07, 2004 1:44 PM
> To: temkin at sig.com; cisco-nsp at puck.nether.net
> Subject: RE: [nsp] Locally terminate traffic into a TE tunnel 
> (act as PE andCEin a single router)
> 
> The Host workstations could be considered your CEs.  Are you
> trying use a Layer2 VPN or a Layer3 VPN?
> 
> For a Layer3 VPN, import the Layer3 IP Subnet that the hosts
> are connected to into the MP-BGP advertisement.  The Hosts 
> would point their default gateway to the VRF interface.
> 
> Layer2 VPNs are a little more complicated unless you want to
> look into VPLS solution.
> 
> Jack
> 
> -----Original Message-----
> From: cisco-nsp-bounces at puck.nether.net 
> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Temkin, David
> Sent: Friday, May 07, 2004 11:53 AM
> To: cisco-nsp at puck.nether.net
> Subject: RE: [nsp] Locally terminate traffic into a TE tunnel
> (act as PE andCEin a single router)
> 
> 
> Sorry all, Oli pointed out that the ASCII diagram didn't do
> it any justice.  I've attached a .gif of what I'm trying to 
> do.  Basically, the switches are not MPLS aware and I'm not 
> looking to do EoMPLS, I'm just looking to route traffic 
> towards the router and shove it into a TE tunnel.  Possible?
> 
> (for those of you who don't accept attachments, here's a link: 
> http://www.ciscogeek.net/~dave/mpls.gif )
> 
> 
> Thanks,
> 
> -Dave
> 
> > -----Original Message-----
> > From: cisco-nsp-bounces at puck.nether.net
> > [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of 
> Temkin, David
> > Sent: Friday, May 07, 2004 10:35 AM
> > To: cisco-nsp at puck.nether.net
> > Subject: [nsp] Locally terminate traffic into a TE tunnel
> (act as PE
> > and CEin a single router)
> > 
> > Does anyone know if it's possible to act as both a MPLS CE
> and PE in
> > the same router in the following way:
> > 
> > 		       		       PtP MPLS Link
> > Local IP Traffic---------------> Router
> > --------------------------------> 
> Router--------------------->Local IP
> > traffic
> > 	|		       |	           TE Tunnel	   |
> > 	|		       |				   |
> > 	|		       |	 	Redundant link	   |
> > 	
> > |------------------------------|-Router-----------------------
> > ------->Ro
> > uter------------------->Local IP Traffic
> > 				
> > 
> > 
> > I apologize for the horrible ASCII, but basically I want IP traffic
> > that's actually routed to the router to get mapped into a 
> tunnel that
> > terminates on the far side and gets mapped out of the
> tunnel, with no
> > real MPLS network in between (just router to router links).  Any
> > sample configs would be appreciated.
> > 
> > -Dave
> > 
> 
> IMPORTANT: The information contained in this email and/or its
> attachments is confidential. If you are not the intended 
> recipient, please notify the sender immediately by reply and 
> immediately delete this message and all its attachments.  Any 
> review, use, reproduction, disclosure or dissemination of 
> this message or any attachment by an unintended recipient is 
> strictly prohibited.  Neither this message nor any attachment 
> is intended as or should be construed as an offer, 
> solicitation or recommendation to buy or sell any security or 
> other financial instrument.  Neither the sender, his or her 
> employer nor any of their respective affiliates makes any 
> warranties as to the completeness or accuracy of any of the 
> information contained herein or that this message or any of 
> its attachments is free of viruses.
> 
> **************************************************************
> ****************************
> The information contained in this message, including
> attachments, may contain privileged or confidential 
> information that is intended to be delivered only to the 
> person identified above. If you are not the intended 
> recipient, or the person responsible for delivering this 
> message to the intended recipient, ALLTEL requests that you 
> immediately notify the sender and asks that you do not read 
> the message or its attachments, and that you delete them 
> without copying or sending them to anyone else. 
> 
> 
> 
******************************************************************************************
The information contained in this message, including attachments, may contain 
privileged or confidential information that is intended to be delivered only to the 
person identified above. If you are not the intended recipient, or the person 
responsible for delivering this message to the intended recipient, ALLTEL requests 
that you immediately notify the sender and asks that you do not read the message or its 
attachments, and that you delete them without copying or sending them to anyone else. 




More information about the cisco-nsp mailing list