MPLS Traffic Engineering per VRF

Written by Rene Molenaar on 01 August 2011. Posted in MPLS

Scenario:

You are the senior network engineer for a large MPLS provider based in the United Kingdom. 2 of your customers called "Toy" and "Arcade" would like to use your MPLS services to connect their HQ and branch offices. Your MPLS backbone has multiple routers and one of the problems you encounter is that there is no load-sharing within the MPLS cloud. You need to make sure you can offer your customers L3 services and that your MPLS backbone has traffic engineering so you can share the load on all routers...time for some tagging & tunneling!

Goal:

All IP addresses have been preconfigured for you.

Every router has a loopback0 interfaced configured.
Configure OSPF Area 0 at the provider side (Router PE1,PE2,P1,P2 and P3).
Advertise the loopback interfaces as well in OSPF.
Make sure you advertise the loopback0 interfaces as /24 instead of the default /32 or you will run into trouble.
Ensure you have full reachability in the OSPF domain.
Configure MPLS on all physical interfaces in the service provider domain, do not configure MPLS on physical interfaces pointing towards the customer.
Configure VRF "Toy" on PE1 and PE2 as following:
RD 100:1
Route-target both 1:100
Configure VRF "Arcade" on PE1 and PE2 as following:
RD 200:1
Route-target both 1:200
On router PE1 and PE2 add the interfaces pointing towards the customers to the VRFs you just created.
Ensure you can ping from within the VRF, try this as following on PE1:
ping vrf Toy 192.168.12.1
Configure OSPF Area 0 on router ToyHQ and ToyBranch. Advertise the loopbacks as well.
Configure EIGRP AS 2 on router ArcadeHQ and ArcadeBranch. Advertise the loopbacks as well.
Configure OSPF and EIGRP on router PE1 and PE2 for the correct VRFs.
Ensure you receive prefixes from the customer routers on your PE routers.
Configure BGP AS 1 between Router PE1 and PE2.
Configure the correct BGP address families and make sure communities are sent between neighbors.
Redistribute OSPF and EIGRP into BGP, use the correct address-family for the VRFs.
Ensure you have full connectivity for the customer networks. ToyHQ and ToyBranch should exchange OSPF prefixes and ArcadeHQ and ArcadeBranch should exchange EIGRP information.
At this moment you should have a working MPLS network but all traffic is being sent through P3. We are going to use MPLS traffic engineering to use P1 and P2 as well.
Configure the loopback10 interfaces on router PE1 and PE2 as the BGP next-hop for VRF Toy.
Configure the loopback11 interfaces on router PE1 and PE2 as the BGP next-hop for VRF Arcade.
Configure a tunnel10 interface on router PE1 and PE2 for VRF Toy. Make sure the tunnel is in MPLS traffic engineer mode.
Configure the hold and setup priority to 1 for the tunnel 10 interface, set the bandwidth to 2000.
Configure a tunnel11 interface on router PE1 and PE2 for VRF Arcade. Make sure the tunnel is in MPLS traffic engineer mode.
Configure the hold and setup priority to 1 for the tunnel 11 interface, set the bandwidth to 2000.
Configure the RSVP bandwidth to 2000 for all links interconnecting the P and PE routers.
Configure MPLS traffic engineering tunnel support for all links interconnecting the P and PE routers.
Finish your configuration so traffic for customer Toy is sent from PE1 through P1 and P2.
Finish your configuration so traffic for customer Arcade is sent from PE1 through P3 and P2.

IOS:

c3725-adventerprisek9_ivs-mz.124-15.T13

Topology:

MPLS Traffic Engineering per VRF

You need to register to be able to download the GNS3 Topology File. (Registration is Free!)

Related Articles: Frame Mode MPLS
Basic MPLS VPN
EIGRP Variance Traffic Engineering
MPLS Labs coming soon
Advanced MPLS VPN

Only registered users can write comments!

Comments (26)

JasonM
2011-09-02 19:06:19

Hey,
Would it be possible to get a video solution to this Lab?

ReneMolenaar
2011-09-06 12:37:45

Hi Jason,

Probably this week I'll upload the solution.

Rene

JasonM
2011-09-06 16:24:26

Thanks,

I'm stuck on the BGP section, I'm just starting to learn BGP.

ReneMolenaar
2011-09-06 17:19:33

Hi Jason,

If you want to learn MPLS it's a good idea to start with BGP. If you don't understand the basics of BGP you'll run into serious trouble with MPLS ;D

Start with some of the BGP labs to upgrade your BGP knowledge and then come back for MPLS, it'll be much easier:

http://gns3vault.com/Table/BGP/

Good luck!

Rene

JasonM
2011-09-06 17:39:42

Thanks,

In the BGP labs, any advice on where to start.

ReneMolenaar
2011-09-06 18:36:10

I wrote a small article to introduce you to BGP:

http://gns3vault.com/MyBlog/bgp-for-beginners.html

Then do some labs:

- External BGP
- Internal BGP
- BGP Transit AS
- All the BGP Attribute Labs
- Basic & Advanced BGP labs

You can also take a look at my eBook. That's where I explain BGP in detail including all the show/debug commands and such:

http://gns3vault.com/item/how-to-master-ccnp-route.html?category_id=3

Good luck!

Rene

JasonM
2011-09-16 17:36:12

Rene,

I was wondering in what lab do you explain how to configure MPLS tunnels?
I've finished the BGP labs as you suggested but I'm stuck on the tunnel configurations.

PS. I going to buy your CCNP and CCNA books and write my exams.

ReneMolenaar
2011-09-19 17:34:51

Hello Jason,

This is the only lab where you will encounter the MPLS tunnels. You only need tunnels for traffic engineering. I don't have the solution yet. I created this lab but didn't spend my time to record it since MPLS traffic engineering isn't on CCNP nor CCIE R&S ;D

Is BGP all clear to you? If you want to start with MPLS try the labs in this order:

- VRF Lite
- VRF Routing
- MPLS LDP
- MPLS Label Filtering
- Frame Mode MPLS
- Basic MPLS VPN
- Both MPLS VPN PE-CE labs
- Advanced MPLS is the 'grande finale' ;D

Traffic engineering is the last step in understanding MPLS but unless you plan on doing the MPLS exam from the CCIP track I wouldn't spend much time at it.

Great to hear you want to buy my books!

Rene

JasonM
2011-09-21 03:30:27

Rene,

Thanks for the advice. I've finished most of the MPLS labs except the advanced lab. I'm going to take a break from BGP and MPLS for a while, my head is about to explode.
I've purchased both books and I'm now going to spend some time brushing up on my CCNA skills and write my exam next month. CCNP route will be some time after that.
Thanks again for all your advice.

PS. I was thinking of submitting a lab on GET VPN for cisco. Is that something you or anyone else would be interested in?

ReneMolenaar
2011-09-21 14:59:59

Hi Jason,

Good idea to take a break. BGP you'll need for your CCNP ROUTE but you won't find MPLS there. Nevertheless it's good to understand it since it's so popular nowadays.

If you have a nice lab for GET VPN i'd like to have it. If you want you can mail it to me and i'll add it to the site.

Good luck with your exam!

Rene

saler011
2011-09-21 20:45:04

This is the one im waiting for the solution.

ReneMolenaar
2011-09-22 11:23:20

Hi Salvador,

It will take a while before I have the solution for this one. I'm working on new labs first and then recording everything.

Rene

saler011
2011-09-30 20:24:37

Hi Rene
Can this lab be done with the IOS image of the 3640? im having issues to get the one for 3725, not sure if there are some features required not available for 3640
thanks
Sal

ReneMolenaar
2011-10-01 15:44:04

Hi Sal,

I think the 3640 will be fine, it accepts the MPLS LDP commands and it accepts MPLS tunneling commands.

Rene

matun
2011-11-15 10:19:06

Hi Rene.
I hope you can help me.
I have a problem, I don't ping customer branch from HQ then apply command in tunnel interfaces:
tunnel mpls traffic-eng autoroute announce
Without it command - ok, but traffic going through P3.

My some part listing:
ip vrf XXX
rd 100:1
route-target export 1:100
route-target import 1:100
bgp next-hop Loopback10
!
interface Loopback10
ip address 20.20.20.20 255.255.255.255
!
!
interface Tunnel10
bandwidth 2000
ip unnumbered Loopback10
tunnel destination 7.7.7.7
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng path-option 1 dynamic
no routing dynamic
ip rsvp bandwidth 2000
!
!
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 2.2.2.2
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
!
address-family ipv4 vrf XXX
redistribute ospf 100 vrf XXX metric 10
neighbor 70.70.70.70 remote-as 1
neighbor 70.70.70.70 update-source Loopback10
neighbor 70.70.70.70 activate
neighbor 70.70.70.70 next-hop-self
no synchronization
network 20.20.20.20 mask 255.255.255.255
exit-address-family
!
ip route 20.20.20.20 255.255.255.255 Tunnel10

Can you tall me that is problem?
Thx

saler011
2011-11-15 12:25:22

Hi Alexander

That static route is wrong.
It should be pointing to the Loopback of the egress PE (BGP nexthop of the other PE), not the same Loopback10 of the ingress PE as you have here

ip route 20.20.20.20 255.255.255.255 Tunnel10 >>>>

interface Loopback10
ip address 20.20.20.20 255.255.255.255 >>>>>>

leroywong
2011-11-23 22:54:52

Hi Rene, great site!

Would you be able to provide the final configs for this lab?

It would be MUCH appreciated.

Thanks!
George

ReneMolenaar
2011-11-24 20:59:32

Hi Guys,

In the next weeks I'm going to add the solution, I haven't configured this one yet before since traffic engineering is not on the R&S track

Rene

matun
2011-11-25 14:35:28

Hi all!
If anyone is interested, here is my config one PE, it's work good:

hostname PE1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
ip cef
!
!
!
!
ip vrf XXX
rd 100:1
route-target export 1:100
route-target import 1:100
bgp next-hop Loopback10
!
ip vrf ZZZ
rd 200:1
route-target export 1:200
route-target import 1:200
bgp next-hop Loopback11
!
no ip domain lookup
!
mpls traffic-eng tunnels
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.0
ip ospf network point-to-point
!
interface Loopback10
ip address 20.20.20.20 255.255.255.255
!
interface Loopback11
ip address 21.21.21.21 255.255.255.255
!
interface Tunnel10
bandwidth 2000
ip unnumbered Loopback0
mpls ip
tunnel destination 7.7.7.7
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng path-option 1 dynamic
no routing dynamic
ip rsvp bandwidth 2000
!
interface Tunnel11
bandwidth 2000
ip unnumbered Loopback0
mpls ip
tunnel destination 7.7.7.7
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng path-option 1 dynamic
no routing dynamic
ip rsvp bandwidth 2000
!
interface FastEthernet0/0
ip vrf forwarding XXX
ip address 192.168.12.2 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet0/1
ip vrf forwarding ZZZ
ip address 192.168.23.2 255.255.255.0
speed 100
full-duplex
!
interface FastEthernet1/0
ip address 192.168.34.3 255.255.255.0
speed 100
full-duplex
mpls traffic-eng tunnels
ip rsvp bandwidth 2000
ip rsvp resource-provider none
!
interface FastEthernet2/0
ip address 192.168.36.3 255.255.255.0
speed 100
full-duplex
mpls ip
!
router eigrp 2
no auto-summary
!
address-family ipv4 vrf ZZZ
redistribute bgp 1 metric 100000 100 255 255 1500
network 192.168.23.0
no auto-summary
autonomous-system 2
exit-address-family
!
router ospf 100 vrf XXX
log-adjacency-changes
redistribute bgp 1 metric 10 subnets
network 192.168.12.0 0.0.0.255 area 0
!
router ospf 1
mpls traffic-eng router-id Loopback0
mpls traffic-eng area 0
router-id 2.2.2.2
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 7.7.7.7 remote-as 1
neighbor 7.7.7.7 ebgp-multihop 255
neighbor 7.7.7.7 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 send-community both
exit-address-family
!
address-family ipv4 vrf ZZZ
redistribute eigrp 2 metric 10
no synchronization
exit-address-family
!
address-family ipv4 vrf XXX
redistribute ospf 100 vrf XXX metric 10
no synchronization
exit-address-family
!
ip forward-protocol nd
ip route 70.70.70.70 255.255.255.255 Tunnel10
ip route 71.71.71.71 255.255.255.255 Tunnel11
!
!

leroywong
2011-11-25 23:59:13

thank you!

melpower79
2011-12-02 05:00:33

Hey Rene,
Can you please post the solutions here please

Thanks
kishore

ReneMolenaar
2011-12-09 20:49:35

Hi Guys,

I'll add the config/video once i'm done with all the other stuff. I think this is a good lab but it's not on the R&S track...I need to put my R&S stuff in the priority queue ;D

Haven't checked the config of Alexander, might be something to try in the meantime

Rene

ersanka
2012-01-23 01:05:06

Hi Rene,

Looking forward to solution

Thank you.
Ersan

kappsi
2012-03-13 07:18:38

when can we expect a solution to this lab..

Regards
KD

nickbridgeman
2012-03-19 19:55:49

For anyone still waiting a solution, here is an addition to Alexander's configuration. In order for traffic from the 'Toy' customer to take the link PE1 -> P1 -> P2 -> P2, I added an explicit path-option to tunnel 10 with a backup dynamic path-option.

PE1#
interface Tunnel10
bandwidth 2000
ip unnumbered Loopback0
mpls ip
tunnel destination 7.7.7.7
tunnel mode mpls traffic-eng
tunnel mpls traffic-eng autoroute announce
tunnel mpls traffic-eng priority 1 1
tunnel mpls traffic-eng bandwidth 2000
tunnel mpls traffic-eng path-option 1 explicit name TOP-LINK
tunnel mpls traffic-eng path-option 2 dynamic
no routing dynamic
end

ip explicit-path name TOP-LINK enable
next-address 192.168.34.4
next-address 192.168.45.5
next-address 192.168.57.7

Cheers,

Nick.

ReneMolenaar
2012-04-02 09:41:56

Thanks for sharing this Nick!

Master CCNA

Master CCNP SWITCH

Master CCNP ROUTE

MPLS Traffic Engineering per VRF

Scenario:

Goal:

IOS:

Topology:

Comments (26)