Chapter 1 About Cisco IP Solution Center

About MPLS VPNs

The MPLS VPN backbone relies on the appropriate Interior Gateway Protocol (IGP) that is configured for MPLS, for example, EIGRP, or OSPF. When you issue a show ip route command on a PE, you see the IGP-derived routes connecting the PEs together. Contrast that with the show ip route vrf VRF_name command, which displays routes connecting customer sites in a particular VPN.

Creating a VRF Instance

The configuration commands to create a VRF instance are as follows:

 

Command

Description

Step 1

 

 

Router# configure terminal

Enter global configuration mode.

 

Router(config)#

 

Step 2

 

 

Router(config)# ip vrf vrf_name

For example, ip vrf CustomerA initiates a VPN routing table

 

 

and an associated CEF table named CustomerA. The command

 

 

enters VRF configuration submode to configure the variables

 

 

associated with the VRF.

Step 3

 

 

Router(config-vrf)# rd RD_value

Enter the eight-byte route descriptor (RD) or IP address. The PE

 

 

prepends the RD to the IPv4 routes prior to redistributing the

 

 

route into the MPLS VPN backbone.

Step 4

 

 

Router(config-vrf)#route-target import

Enter the route-target information for the VRF.

 

export both community

 

 

 

 

Route Distinguishers and Route Targets

MPLS-based VPNs employ BGP to communicate between PEs to facilitate customer routes. This is made possible through extensions to BGP that carry addresses other than IPv4 addresses. A notable extension is called the route distinguisher (RD).

The purpose of the route distinguisher (RD) is to make the prefix value unique across the backbone. Prefixes should use the same RD if they are associated with the same set of route targets (RTs) and anything else that is used to select routing policy. The community of interest association is based on the route target (RT) extended community attributes distributed with the Network Layer Reachability Information (NLRI).The RD value must be a globally unique value to avoid conflict with other prefixes.

The MPLS label is part of a BGP routing update. The routing update also carries the addressing and reachability information. When the RD is unique across the MPLS VPN network, proper connectivity is established even if different customers use non-unique IP addresses.

For the RD, every CE that has the same overall role should use a VRF with the same name, same RD, and same RT values. The RDs and RTs are only for route exchange between the PEs running BGP. That is, for the PEs to do MPLS VPN work, they have to exchange routing information with more fields than usual for IPv4 routes; that extra information includes (but is not limited to) the RDs and RTs.

The route distinguisher values are chosen by the ISC software.

CEs with hub connectivity use bgp_AS:value.

CEs with spoke connectivity use bgp_AS:value + 1

Each spoke uses its own RD value for proper hub and spoke connectivity between CEs; therefore, the ISC software implements a new RD for each spoke that is provisioned.

Cisco IP Solution Center, 3.0: MPLS VPN Management User Guide, 3.0

1-18

OL-4344-01

 

 

Page 18
Image 18
Cisco Systems OL-4344-01 manual Creating a VRF Instance, Route Distinguishers and Route Targets