
In this phase L3VPN is configured for CUSTOMER2. It is same for CUSTOMER1 but only difference is that between PE router R1 and CE router C2S1 protocol will be OSPF.
PHASE 3: Configure L3 VPN for CUSTOMER2
1. Create Separate VRF for CUSTOMER1
R1(config)#ip vrf CUSTOMER2
R1(config-vrf)#rd 500:2
R1(config-vrf)#route-target export 500:2
R1(config-vrf)#route-target import 500:2
2. MP-BGP with R4, actiavte VPNv4 and redistribute OSPF route to BGP
2.A Configurer MP-BGP/Activate VPNv4
As MP-BGP in place with R1 and R4 (configured in phase 2) do not need configure anything new.
2.B Redistribute CUSTOMER2 VRF OSPF route to BGP
R1(config-router-af)#address-family ipv4 vrf CUSTOMER2
R1(config-router-af)#redistribute ospf 102 match internal
R1(config-router-af)#no auto-summary
3. Create OSPF with R1 and C2S1 and redistribute BGP to OSPF
R1(config)#router ospf 102 vrf CUSTOMER2
R1(config-router)#network 192.168.100.0 0.0.0.3 area 0
R1(config-router)#redistribute bgp 500 subnets
4. Put interface or R1 & R4 in related VRF.
R1(config)#interface FastEthernet2/0
R1(config-if)#ip vrf forwarding CUSTOMER2
PE router R4 configuration will be similar to R1. Bellow is the configuration of R4
R4:
ip vrf CUSTOMER2
rd 500:2
route-target export 500:2
route-target import 500:2
!
interface FastEthernet2/0
ip vrf forwarding CUSTOMER2
!
router ospf 102 vrf CUSTOMER2
log-adjacency-changes
redistribute bgp 500 subnets
network 192.168.110.0 0.0.0.3 area 0
!
router bgp 500
no synchronization
bgp log-neighbor-changes
neighbor 10.10.10.1 remote-as 500
neighbor 10.10.10.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.10.10.1 activate
neighbor 10.10.10.1 next-hop-self
neighbor 10.10.10.1 send-community extended
exit-address-family
!
address-family ipv4 vrf CUSTOMER2
redistribute ospf 102 match internal
no auto-summary
no synchronization
exit-address-family
!
Check the VRF table for CUSTOMER2
R4#show ip route vrf CUSTOMER2
Routing Table: CUSTOMER2
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route
Gateway of last resort is not set
192.168.110.0/30 is subnetted, 1 subnets
C 192.168.110.0 is directly connected, FastEthernet2/0
172.173.0.0/32 is subnetted, 2 subnets
B 172.173.1.1 [200/2] via 10.10.10.1, 02:03:24
O 172.173.2.1 [110/2] via 192.168.110.2, 01:58:20, FastEthernet2/0
192.168.100.0/30 is subnetted, 1 subnets
B 192.168.100.0 [200/0] via 10.10.10.1, 02:03:24
R4 is receiving 172.173.1.0/24 as BGP route via 10.10.10.1. This route is coming via OSPF from C2S1 to R1; R1 is announcing this via MP-BGP to R4. R4 remove MPLS and VPN tag and install it CUSTOMER1 VRF table.
If you check carefully, there is no related route (172.173.1.0/.24 or 172.173.2.0/24) in provider core router(R2,R3 or R5). These routers are not aware about these routes.
C2S1#traceroute
Protocol [ip]:
Target IP address: 172.173.2.1
Source address: 172.173.1.1
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to 172.173.2.1
1 192.168.100.1 56 msec 76 msec 4 msec
2 192.168.12.2 [MPLS: Labels 22/27 Exp 0] 140 msec 132 msec 160 msec
3 192.168.23.2 [MPLS: Labels 20/27 Exp 0] 168 msec 112 msec 140 msec
4 192.168.110.1 [MPLS: Label 27 Exp 0] 100 msec 356 msec 108 msec
5 192.168.110.2 132 msec * 100 msec