[c-nsp] MPLS Overlapping VPN problem (lab simulation)

Marco hazzarola at hotmail.com
Fri Jan 16 14:53:07 EST 2009 

HI, 
I'm studyng for MPLS exam and I wanted to create a small lab to recreate a scenario with overlapping MPLS-VPN to make some practice. 
I took this example from the e-course I'm studying(Knowledgenet), but I'm not able to recreate it.


I created the following physical topology: 

ACentral-\        /---BCentral 
SiteB2---Pe1--P--Pe2--SiteA2 
SiteA1---/        \---SiteB1


The traffic flow should be like this: 

SiteA1---\            /----SiteB1 
  |    ACentral--BCentral     | 
SiteA2---/            \----SiteB2

Notes: 
-Customer A should see all network of customer B and viceversa
-Each customer site cannot communicate directly with the other customers sites. This means that all traffic between customers must pass through Central sites(A and B) for security reason. 
-There are no restrictions for the intranet traffic. 

To accomplish those requirements, I created these VRFs on Pe1 (configuration on Pe2 is specular): 

ip vrf A 
rd 1:1 
route-target export 1:1 
route-target import 1:1 
! 
ip vrf AC                 !ip vrf BC (on Pe2) 
rd 1:123                  ! rd 2:123 (on Pe2) 
route-target export 1:1   ! 2:2 on Pe2 
route-target export 3:100 ! same on Pe2 
route-target import 1:1   ! 2:2 on Pe2 
route-target import 3:100 ! same on Pe2 
! 
ip vrf B 
rd 2:2 
route-target export 2:2 
route-target import 2:2 

I expected that both PE's VRF (AC and BC) were able to reach every network of the other customer but probably something is missing in the configuration. 
The problem is that VRF B on Pe2 exports his routes to VRF BC and B1, but VRF BC does not export (with RT 3:100) the received routes to VRF AC and viceversa.
 
 
Do you think is possible to meet the data flow requirements using this topology?
Have you ever see something like this implemented?
 
In my opinion it is not possibible.

Hope to receive your comments. 

Thanks in advance. 
 
Marco
 
PS
 
_________________________________________________________________
Vai oltre le parole, scarica Messenger 2009!
http://download.live.com/?mkt=it-it

More information about the cisco-nsp mailing list