www.routermonkey.org | August 2009
search
calendar
« August 2009 »
Su Mo Tu We Th Fr Sa
            1
2 3 4 5 6 7 8
9 10 11 12 13 14 15
16 17 18 19 20 21 22
23 24 25 26 27 28 29
30 31          
recently...
Categories
Links
archives
Syndicate
Credits
LifeType IE7 XHTML CSS Firefox

MPLS PIP With 2 Customer Networks

2009-08-31 @ 14:40 in Routing & Switching:

MPLS PIP With 2 Customer Networks

I put this MPLS Lab together to simulate Verizons PIP product (PIP is trademarked I'm sure).  I wanted to illustrated the flexibility of MPLS and this seemed like a good model for that.

The basic foundation for my lab is VPN MPLS over ATM much like my previous MPLS lab, but instead of the PE routers running "Multi-protocol" I chose to use BGP all the way out to the CE.  To do this, you must create an "address-family" for each CE's BGP AS that also includes what vrf instance the address-family is tied to.  This is created in the PE's BGP process.  The address family contains the neighbor information and must use the activate statement to pass updates.  You will also need to use the "redistribute connected" statement within the address-family so that the IGP routes will be known otherwise forwarding through the Provider core will not occure.

Also, you need to add "address-family vpnv4" to you BGP AS on the PE using the adjacent Provider Core as the peer to build VPN Tunnels across the core which carry the labled traffic.

Note that a given vrf instance is also applied to the interface connecting the PE to the CE for that private network. 

The following equipment was used in this lab:

1 x Cisco 2900

1 x Cisco 3550

1 x Cisco 4003 w/L3 Module

1 x Cisco 6509

1 x Cisc LS1010 

1 x Cisco 1760 

3 x Cisco 3640

3 x Cisco 3620 

 

In the illustration below you see the device roles in the MPLS cloude and the BGP AS layout. 

 

I the next diagram, the logical separation of networks is shown. 

 

The next illustration shows the logical view of Customer A's network. 

 

 

The following are the actual configurations from the routers and switchgear used in this lab.  There may be some things that don't fit as I don't always wip these routers and switches between labs.

 

Router Configs:

Customer A (Site 1) Core Switch

version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
service counters max age 10
!
hostname lab_6509
!
boot system flash sup-bootflash:s72033-pk9sv-mz.122-18.SXD7b.bin
enable password cisco
!
no aaa new-model
ip subnet-zero
!
!
!
mls ip multicast flow-stat-timer 9
no mls flow ip
no mls flow ipv6
mls cef error action freeze
!
!
!
!
spanning-tree mode pvst
no spanning-tree optimize bpdu transmission
diagnostic cns publish cisco.cns.device.diag_results
diagnostic cns subscribe cisco.cns.device.diag_commands
!
redundancy
 mode sso
 main-cpu
  auto-sync running-config
!
vlan internal allocation policy ascending
vlan access-log ratelimit 2000
!
!
interface Loopback0
 bandwidth 100000
 ip address 172.18.0.1 255.255.255.0
 ip directed-broadcast
 ip ospf network point-to-point
!
interface Loopback1
 bandwidth 100000
 ip address 172.18.1.1 255.255.255.0
 ip directed-broadcast
 ip ospf network point-to-point
!
interface Loopback2
 bandwidth 100000
 ip address 172.18.2.1 255.255.255.0
 ip directed-broadcast
 ip ospf network point-to-point
!
interface Loopback3
 bandwidth 100000
 ip address 172.18.3.1 255.255.255.0
 ip directed-broadcast
 ip ospf network point-to-point
!
interface Loopback4
 bandwidth 100000
 ip address 172.18.4.1 255.255.255.0
 ip directed-broadcast
 ip ospf network point-to-point
!
interface Loopback5
 bandwidth 100000
 ip address 172.18.5.1 255.255.255.0
 ip directed-broadcast
 ip ospf network point-to-point
!
interface GigabitEthernet1/1
 no ip address
 shutdown
!
interface GigabitEthernet1/2
 no ip address
 shutdown
!
interface GigabitEthernet1/3
 no ip address
 shutdown
!
interface GigabitEthernet1/4
 no ip address
 shutdown
!
interface GigabitEthernet1/5
 no ip address
 switchport
!
interface GigabitEthernet1/6
 no ip address
 switchport
!
interface GigabitEthernet1/7
 no ip address
 switchport
!
interface GigabitEthernet1/8
 no ip address
 switchport
!
interface GigabitEthernet1/9
 no ip address
 switchport
!
interface GigabitEthernet1/10
 no ip address
 switchport
!
interface GigabitEthernet1/11
 no ip address
 switchport
!
interface GigabitEthernet1/12
 no ip address
 switchport
!
interface GigabitEthernet1/13
 no ip address
 switchport
!
interface GigabitEthernet1/14
 no ip address
 switchport
!
interface GigabitEthernet1/15
 no ip address
 switchport
!
interface GigabitEthernet1/16
 no ip address
 switchport
!
interface FastEthernet2/1
 no ip address
 switchport
 switchport mode access
!
interface FastEthernet2/2
 no ip address
 switchport
 switchport mode access
!
interface FastEthernet2/3
 no ip address
 switchport
 switchport mode access
!
interface FastEthernet2/4
 no ip address
 switchport
 switchport mode access
!
interface FastEthernet2/5
 no ip address
 switchport
 switchport mode access
!
interface FastEthernet2/6
 no ip address
 switchport
!
interface FastEthernet2/7
 no ip address
 switchport
!
interface FastEthernet2/8
 no ip address
 switchport
!
interface FastEthernet2/9
 no ip address
 switchport
!
interface FastEthernet2/10
 no ip address
 switchport
!
interface FastEthernet2/11
 no ip address
 switchport
!
interface FastEthernet2/12
 no ip address
 switchport
!
interface FastEthernet2/13
 no ip address
 switchport
!
interface FastEthernet2/14
 no ip address
 switchport
!
interface FastEthernet2/15
 no ip address
 switchport
!
interface FastEthernet2/16
 no ip address
 switchport
!
interface FastEthernet2/17
 no ip address
 switchport
!
interface FastEthernet2/18
 no ip address
 switchport
 switchport mode access
!
interface FastEthernet2/19
 no ip address
 switchport
!
interface FastEthernet2/20
 no ip address
 switchport
!
interface FastEthernet2/21
 no ip address
 switchport
!
interface FastEthernet2/22
 no ip address
 switchport
!
interface FastEthernet2/23
 no ip address
 switchport
!
interface FastEthernet2/24
 no ip address
 switchport
!
interface FastEthernet2/25
 no ip address
 switchport
!
interface FastEthernet2/26
 no ip address
 switchport
!
interface FastEthernet2/27
 no ip address
 switchport
!
interface FastEthernet2/28
 no ip address
 switchport
!
interface FastEthernet2/29
 no ip address
 switchport
!
interface FastEthernet2/30
 no ip address
 switchport
!
interface FastEthernet2/31
 no ip address
 switchport
!
interface FastEthernet2/32
 no ip address
 switchport
!
interface FastEthernet2/33
 no ip address
 switchport
!
interface FastEthernet2/34
 no ip address
 switchport
!
interface FastEthernet2/35
 no ip address
 switchport
!
interface FastEthernet2/36
 no ip address
 switchport
!
interface FastEthernet2/37
 no ip address
 switchport
!
interface FastEthernet2/38
 no ip address
 duplex full
 switchport
 switchport mode access
!
interface FastEthernet2/39
 no ip address
 switchport
!
interface FastEthernet2/40
 no ip address
 switchport
!
interface FastEthernet2/41
 no ip address
 switchport
!
interface FastEthernet2/42
 no ip address
 switchport
!
interface FastEthernet2/43
 description .....to wan router
 ip address 10.21.100.1 255.255.255.252
 ip ospf priority 15
 speed 100
 duplex full
!
interface FastEthernet2/44
 no ip address
 switchport
!
interface FastEthernet2/45
 no ip address
 switchport
!
interface FastEthernet2/46
 no ip address
 switchport
!
interface FastEthernet2/47
 no ip address
 switchport
!
interface FastEthernet2/48
 ip address 192.168.1.3 255.255.255.0
!
interface GigabitEthernet5/1
 no ip address
 shutdown
!
interface GigabitEthernet5/2
 no ip address
 switchport
 switchport trunk encapsulation dot1q
 switchport mode trunk
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 no ip address
 shutdown
!
interface Vlan4
 no ip address
 shutdown
!
interface Vlan12
 no ip address
 shutdown
!
interface Vlan203
 no ip address
 shutdown
!
router ospf 100
 log-adjacency-changes
 passive-interface default
 no passive-interface FastEthernet2/43
 network 10.21.100.0 0.0.0.3 area 0
 network 172.18.0.0 0.0.0.255 area 0
 network 172.18.1.0 0.0.0.255 area 0
 network 172.18.2.0 0.0.0.255 area 0
 network 172.18.3.0 0.0.0.255 area 0
 network 172.18.4.0 0.0.0.255 area 0
 network 172.18.5.0 0.0.0.255 area 0
!
ip classless
no ip http server
!
!
control-plane
!
!
!
line con 0
line vty 0 4
 exec-timeout 0 0
 password cisco
 login
line vty 5 15
 login
!
end

 

Customer A CE1

version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-3640C
!
enable password cisco
!
ip subnet-zero
!
!
!
call rsvp-sync
!
interface Ethernet0/0
 ip address 192.168.3.2 255.255.255.0
 half-duplex
!
interface FastEthernet1/0
 ip address 10.21.100.2 255.255.255.252
 speed 100
 full-duplex
!
interface ATM3/0
 no ip address
 shutdown
 no atm ilmi-keepalive
!
router ospf 100
 log-adjacency-changes
 redistribute bgp 64590 subnets
 passive-interface default
 no passive-interface FastEthernet1/0
 network 10.21.100.0 0.0.0.3 area 0
!
router bgp 64590
 no synchronization
 bgp log-neighbor-changes
 network 10.21.100.0 mask 255.255.255.252
 network 172.18.0.0 mask 255.255.255.0
 network 172.18.1.0 mask 255.255.255.0
 network 172.18.2.0 mask 255.255.255.0
 network 172.18.3.0 mask 255.255.255.0
 network 172.18.4.0 mask 255.255.255.0
 network 172.18.5.0 mask 255.255.255.0
 neighbor 192.168.3.1 remote-as 200
 no auto-summary
!
ip classless
ip http server
!
!
dial-peer cor custom
!
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

MPLS PE (lab-3640b)

 

version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-3640b
!
boot-start-marker
boot system flash:c3640-jk9o3s-mz.124-1a.bin
boot-end-marker
!
enable password cisco
!
no aaa new-model
!
resource policy
!
memory-size iomem 10
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip vrf lab-01
 rd 200:1
 route-target export 200:1
 route-target import 200:1
!
ip vrf lab-02
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
no ip ips deny-action ips-interface
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip vrf forwarding lab-02
 ip address 192.168.2.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip vrf forwarding lab-01
 ip address 192.168.3.1 255.255.255.0
 duplex auto
 speed auto
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface ATM3/0
 mtu 1500
 no ip address
 atm ilmi-keepalive
!
interface ATM3/0.10 mpls
 ip unnumbered Loopback0
 mpls ip
!
router ospf 100
 no log-adjacency-changes
 network 2.0.0.0 0.255.255.255 area 0
!
router bgp 200
 synchronization
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 200
 neighbor 1.1.1.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 1.1.1.1 activate
 neighbor 1.1.1.1 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf lab-02
 redistribute connected
 neighbor 192.168.2.2 remote-as 64510
 neighbor 192.168.2.2 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf lab-01
 redistribute connected
 neighbor 192.168.3.2 remote-as 64590
 neighbor 192.168.3.2 activate
 no auto-summary
 no synchronization
 exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

MPLS Provider Core

Current configuration : 1303 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-ls1010
!
boot system flash:ls1010-wpk2-mz.121-27b.E3.bin
boot bootldr bootflash:ls1010-11-2-8.boot
enable password cisco
!
sdm ipqos zero
sdm policy 0
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
mpls label protocol ldp
!
atm address 47.0091.8100.0000.0010.073e.0301.0010.073e.0301.00
atm router pnni
 no aesa embedded-number left-justified
 node 1 level 56 lowest
  redistribute atm-static
!
!
!
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface ATM1/0/0
 mtu 1500
 ip unnumbered Loopback0
 ip ospf mtu-ignore
 tag-switching ip
!
interface ATM1/0/1
 mtu 1500
 ip unnumbered Loopback0
 tag-switching ip
!
interface ATM1/0/2
 no ip address
!
interface ATM1/0/3
 mtu 1500
 ip unnumbered Loopback0
 shutdown
 tag-switching ip
!
interface CBR1/1/0
 no ip address
!
interface CBR1/1/1
 no ip address
!
interface CBR1/1/2
 no ip address
!
interface CBR1/1/3
 no ip address
!
interface ATM0
 no ip address
!
interface Ethernet0
 no ip address
!
router ospf 100
 log-adjacency-changes
 network 3.0.0.0 0.255.255.255 area 0
!
ip classless
no ip http server
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

MPLS PE (lab-3640a)

Current configuration : 2200 bytes
!
version 12.4
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname lab-3640a
!
boot-start-marker
boot system flash:c3640-jk9o3s-mz.124-1a.bin
boot-end-marker
!
enable password 7 0822455D0A16
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip vrf lab-01
 rd 200:1
 route-target export 200:1
 route-target import 200:1
!
ip vrf lab-02
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
no ip ips deny-action ips-interface
!
mpls ip default-route
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
 ip vrf forwarding lab-02
 ip address 172.16.1.1 255.255.255.0
 half-duplex
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface FastEthernet2/0
 ip vrf forwarding lab-01
 ip address 172.17.1.1 255.255.255.0
 duplex auto
 speed auto
!
interface ATM3/0
 mtu 1500
 no ip address
 no atm ilmi-keepalive
!
interface ATM3/0.1 mpls
 ip unnumbered Loopback0
 mpls ip
!
router ospf 100
 log-adjacency-changes
 network 1.0.0.0 0.255.255.255 area 0
!
router bgp 200
 no synchronization
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 200
 neighbor 2.2.2.2 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 2.2.2.2 activate
 neighbor 2.2.2.2 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf lab-02
 redistribute connected
 neighbor 172.16.1.2 remote-as 64512
 neighbor 172.16.1.2 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf lab-01
 redistribute connected
 neighbor 172.17.1.2 remote-as 64580
 neighbor 172.17.1.2 activate
 no auto-summary
 no synchronization
 exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
dial-peer cor custom
!
line con 0
line aux 0
line vty 0 4
 password 7 094F471A1A0A
 login
!
!
end

MPLS CE2

version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname lab-3620b
!
boot-start-marker
boot-end-marker
!
enable password cisco
!
no aaa new-model
ip subnet-zero
!
!
ip cef
!
ip audit po max-events 100
!
!
interface Ethernet0/0
 ip address 172.17.1.2 255.255.255.252
 half-duplex
!
interface Serial0/0
 no ip address
 shutdown
!
interface FastEthernet1/0
 ip address 172.20.0.2 255.255.255.0
 duplex auto
 speed auto
!
router ospf 1
 log-adjacency-changes
 redistribute bgp 64580 subnets
 network 172.20.0.0 0.0.0.255 area 0
!
router bgp 64580
 no synchronization
 bgp log-neighbor-changes
 network 172.20.0.0 mask 255.255.255.0
 network 172.20.1.0 mask 255.255.255.0
 network 172.20.2.0 mask 255.255.255.0
 network 172.20.3.0 mask 255.255.255.0
 neighbor 172.17.1.1 remote-as 200
 no auto-summary
!
ip http server
no ip http secure-server
ip classless
!
!
line con 0
line aux 0
 modem InOut
 transport input all
 flowcontrol hardware
line vty 0 4
 password cisco
 login
!
!
end

Customer A (Site 2) Core

This Core Segment is "router on a stick" configuration:

Router:

version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname lab-voice01
!
boot-start-marker
boot-end-marker
!
logging buffered 4096 debugging
enable password cisco
!
voice-card 2
!
no aaa new-model
ip subnet-zero
!
!
ip dhcp excluded-address 172.20.0.1 172.20.0.20
!
ip dhcp pool vlan2
   network 172.20.0.0 255.255.255.0
   default-router 172.20.0.1
   domain-name routermonkey.org
   dns-server 172.20.0.1
!
ip cef
!
!
interface FastEthernet0/0
 no ip address
 speed 100
 full-duplex
!
interface FastEthernet0/0.1
 encapsulation dot1Q 1
 shutdown
!
interface FastEthernet0/0.2
 encapsulation dot1Q 2 native
 ip address 172.20.0.1 255.255.255.0
 ip helper-address 172.20.0.1
 ip directed-broadcast
!
interface FastEthernet0/0.3
 encapsulation dot1Q 3
 ip address 172.20.1.1 255.255.255.0
!
interface FastEthernet0/0.4
 encapsulation dot1Q 4
 ip address 172.20.2.1 255.255.255.0
!
interface FastEthernet0/0.5
 encapsulation dot1Q 5
 ip address 172.20.3.1 255.255.255.0
!
router ospf 1
 log-adjacency-changes
 passive-interface default
 no passive-interface FastEthernet0/0.2
 network 172.20.0.0 0.0.0.255 area 0
 network 172.20.1.0 0.0.0.255 area 0
 network 172.20.2.0 0.0.0.255 area 0
 network 172.20.3.0 0.0.0.255 area 0
!
ip classless
no ip http server
!
voice-port 2/0
!
voice-port 2/1
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end
 

Switch:

version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname cat2900-1
!
enable password cisco
!
ip subnet-zero
!
interface FastEthernet0/1
 duplex full
 speed 100
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 2
 switchport mode trunk
!
interface FastEthernet0/2
 switchport access vlan 2
!
interface FastEthernet0/3
 switchport access vlan 3
!
interface FastEthernet0/4
 switchport access vlan 4
!
interface FastEthernet0/5
 switchport access vlan 5
!
interface FastEthernet0/6
!
interface FastEthernet0/7
!
interface FastEthernet0/8
!
interface FastEthernet0/9
!
interface FastEthernet0/10
!
interface FastEthernet0/11
!
interface FastEthernet0/12
!
interface FastEthernet0/13
!
interface FastEthernet0/14
!
interface FastEthernet0/15
!
interface FastEthernet0/16
 switchport access vlan 2
 spanning-tree portfast
!
interface FastEthernet0/17
!
interface FastEthernet0/18
!
interface FastEthernet0/19
!
interface FastEthernet0/20
!
interface FastEthernet0/21
!
interface FastEthernet0/22
 switchport access vlan 2
!
interface FastEthernet0/23
!
interface FastEthernet0/24
!
interface VLAN1
 no ip address
 no ip directed-broadcast
 no ip route-cache
 shutdown
!
interface VLAN2
 ip address 172.20.0.10 255.255.255.0
 ip helper-address 172.20.0.1
 no ip directed-broadcast
 no ip route-cache
!
ip default-gateway 172.20.0.1
!
line con 0
 transport input none
 stopbits 1
line vty 0 4
 password cisco
 login
line vty 5 15
 login
!
end

 

The next illustration shows the logical view of Customer B's network.

Customer B (Site 1) Core

version 12.0
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab_4232_L3
!
enable password cisco
!
ip subnet-zero
!
!
!
interface Loopback0
 ip address 10.100.2.1 255.255.255.0
 ip directed-broadcast
!
interface Loopback1
 ip address 10.100.100.1 255.255.255.0
 ip directed-broadcast
!
interface Loopback2
 ip address 10.100.101.1 255.255.255.0
 ip directed-broadcast
!
interface Loopback3
 ip address 10.100.102.1 255.255.255.0
 ip directed-broadcast
!
interface Loopback4
 ip address 10.100.200.1 255.255.255.0
 ip directed-broadcast
!
interface Port-channel1
 no ip address
 ip directed-broadcast
 hold-queue 300 in
!
interface Port-channel1.201
 encapsulation dot1Q 201
 ip address 192.168.91.1 255.255.255.0
 ip directed-broadcast
!
interface Port-channel2
 no ip address
 no ip directed-broadcast
 shutdown
 hold-queue 300 in
!
interface FastEthernet1
 no ip address
 no ip directed-broadcast
 shutdown
!
interface GigabitEthernet1
 no ip address
 no ip directed-broadcast
 channel-group 2
!
interface GigabitEthernet2
 no ip address
 no ip directed-broadcast
 channel-group 2
!
interface GigabitEthernet3
 no ip address
 no ip directed-broadcast
 no negotiation auto
 channel-group 1
!
interface GigabitEthernet4
 no ip address
 no ip directed-broadcast
 no negotiation auto
 channel-group 1
!
router rip
 version 2
 network 10.0.0.0
 network 192.168.91.0
 no auto-summary
!
ip classless
!
snmp-server community public RO
!
line con 0
 transport input none
line aux 0
line vty 0 4
 password cisco
 login
!
end

Customer B  CE1

version 12.2
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-3620c
!
boot system flash:c3620-ik9s-mz.122-46a.bin
enable password cisco
!
ip subnet-zero
ip cef
!
!
!
!
call rsvp-sync
!
!
interface Ethernet0/0
 ip address 172.16.1.2 255.255.255.0
 half-duplex
!
interface Ethernet0/1
 ip address 192.168.91.2 255.255.255.0
 half-duplex
!
router rip
 version 2
 redistribute bgp 64512 metric 2
 network 10.0.0.0
 network 172.16.0.0
 network 192.168.91.0
 default-metric 2
 no auto-summary
!
router bgp 64512
 no synchronization
 bgp log-neighbor-changes
 network 10.100.2.0 mask 255.255.255.0
 network 10.100.100.0 mask 255.255.255.0
 network 10.100.101.0 mask 255.255.255.0
 network 10.100.102.0 mask 255.255.255.0
 network 10.100.200.0 mask 255.255.255.0
 network 192.168.91.0
 neighbor 172.16.1.1 remote-as 200
 no auto-summary
!
ip classless
ip http server
!
!
dial-peer cor custom
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

MPLS PE (lab-3640a)

Current configuration : 2200 bytes
!
version 12.4
service timestamps debug uptime
service timestamps log uptime
service password-encryption
!
hostname lab-3640a
!
boot-start-marker
boot system flash:c3640-jk9o3s-mz.124-1a.bin
boot-end-marker
!
enable password 7 0822455D0A16
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip vrf lab-01
 rd 200:1
 route-target export 200:1
 route-target import 200:1
!
ip vrf lab-02
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
no ip ips deny-action ips-interface
!
mpls ip default-route
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface Ethernet0/0
 ip vrf forwarding lab-02
 ip address 172.16.1.1 255.255.255.0
 half-duplex
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface FastEthernet2/0
 ip vrf forwarding lab-01
 ip address 172.17.1.1 255.255.255.0
 duplex auto
 speed auto
!
interface ATM3/0
 mtu 1500
 no ip address
 no atm ilmi-keepalive
!
interface ATM3/0.1 mpls
 ip unnumbered Loopback0
 mpls ip
!
router ospf 100
 log-adjacency-changes
 network 1.0.0.0 0.255.255.255 area 0
!
router bgp 200
 no synchronization
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 200
 neighbor 2.2.2.2 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 2.2.2.2 activate
 neighbor 2.2.2.2 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf lab-02
 redistribute connected
 neighbor 172.16.1.2 remote-as 64512
 neighbor 172.16.1.2 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf lab-01
 redistribute connected
 neighbor 172.17.1.2 remote-as 64580
 neighbor 172.17.1.2 activate
 no auto-summary
 no synchronization
 exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
control-plane
!
dial-peer cor custom
!
line con 0
line aux 0
line vty 0 4
 password 7 094F471A1A0A
 login
!
!
end

MPLS Provider Core

Current configuration : 1303 bytes
!
version 12.1
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-ls1010
!
boot system flash:ls1010-wpk2-mz.121-27b.E3.bin
boot bootldr bootflash:ls1010-11-2-8.boot
enable password cisco
!
sdm ipqos zero
sdm policy 0
ip subnet-zero
!
ip ssh time-out 120
ip ssh authentication-retries 3
mpls label protocol ldp
!
atm address 47.0091.8100.0000.0010.073e.0301.0010.073e.0301.00
atm router pnni
 no aesa embedded-number left-justified
 node 1 level 56 lowest
  redistribute atm-static
!
!
!
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface ATM1/0/0
 mtu 1500
 ip unnumbered Loopback0
 ip ospf mtu-ignore
 tag-switching ip
!
interface ATM1/0/1
 mtu 1500
 ip unnumbered Loopback0
 tag-switching ip
!
interface ATM1/0/2
 no ip address
!
interface ATM1/0/3
 mtu 1500
 ip unnumbered Loopback0
 shutdown
 tag-switching ip
!
interface CBR1/1/0
 no ip address
!
interface CBR1/1/1
 no ip address
!
interface CBR1/1/2
 no ip address
!
interface CBR1/1/3
 no ip address
!
interface ATM0
 no ip address
!
interface Ethernet0
 no ip address
!
router ospf 100
 log-adjacency-changes
 network 3.0.0.0 0.255.255.255 area 0
!
ip classless
no ip http server
!
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

MPLS PE (lab-3640b)

 

version 12.4
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-3640b
!
boot-start-marker
boot system flash:c3640-jk9o3s-mz.124-1a.bin
boot-end-marker
!
enable password cisco
!
no aaa new-model
!
resource policy
!
memory-size iomem 10
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip vrf lab-01
 rd 200:1
 route-target export 200:1
 route-target import 200:1
!
ip vrf lab-02
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
no ip ips deny-action ips-interface
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip vrf forwarding lab-02
 ip address 192.168.2.1 255.255.255.0
 duplex auto
 speed auto
!
interface FastEthernet0/1
 ip vrf forwarding lab-01
 ip address 192.168.3.1 255.255.255.0
 duplex auto
 speed auto
!
interface Serial1/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial1/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface ATM3/0
 mtu 1500
 no ip address
 atm ilmi-keepalive
!
interface ATM3/0.10 mpls
 ip unnumbered Loopback0
 mpls ip
!
router ospf 100
 no log-adjacency-changes
 network 2.0.0.0 0.255.255.255 area 0
!
router bgp 200
 synchronization
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 200
 neighbor 1.1.1.1 update-source Loopback0
 no auto-summary
 !
 address-family vpnv4
 neighbor 1.1.1.1 activate
 neighbor 1.1.1.1 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf lab-02
 redistribute connected
 neighbor 192.168.2.2 remote-as 64510
 neighbor 192.168.2.2 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family ipv4 vrf lab-01
 redistribute connected
 neighbor 192.168.3.2 remote-as 64590
 neighbor 192.168.3.2 activate
 no auto-summary
 no synchronization
 exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
!
end

Customer A CE2

version 12.1
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-3620d
!
enable password cisco
!
ip subnet-zero
!
interface Ethernet0/0
 ip address 192.168.2.2 255.255.255.0
!
interface Ethernet0/1
 ip address 192.168.90.2 255.255.255.252
!
router eigrp 100
 redistribute bgp 64510 metric 10000 100 255 10 1500
 passive-interface default
 no passive-interface Ethernet0/1
 network 192.168.2.0
 network 192.168.90.0 0.0.0.3
 no auto-summary
 no eigrp log-neighbor-changes
!
router bgp 64510
 no synchronization
 bgp log-neighbor-changes
 network 10.200.1.0 mask 255.255.255.0
 network 10.200.2.0 mask 255.255.255.0
 network 10.200.3.0 mask 255.255.255.0
 network 10.200.4.0 mask 255.255.255.0
 network 10.200.5.0 mask 255.255.255.0
 network 10.200.107.0 mask 255.255.255.0
 network 192.168.90.0 mask 255.255.255.252
 neighbor 192.168.2.1 remote-as 200
 no auto-summary
!
ip classless
ip http server
!
!
map-list lab-atm
!
line con 0
line aux 0
line vty 0 4
 password cisco
 login
!
end

Customer B (Site 2) Core

version 12.2
no service pad
service timestamps debug uptime
service timestamps log uptime
no service password-encryption
!
hostname lab-3550
!
enable password cisco
!
no aaa new-model
ip subnet-zero
ip routing
ip dhcp excluded-address 10.200.107.1 10.200.107.20
!
ip dhcp pool vlan7
   network 10.200.107.0 255.255.255.0
   default-router 10.200.107.1
   domain-name routermonkey.org
   dns-server 10.200.107.1
!
vtp domain lab-monkey
vtp mode transparent
!
!
!
!
!
no file verify auto
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
vlan 2
 name VLAN2
!
vlan 3
 name VLAN3
!
vlan 4
 name VLAN4
!
vlan 5
 name VLAN5
!
vlan 6
 name VLAN6
!
vlan 7
 name VLAN7
!
!
interface Loopback0
 ip address 10.200.1.1 255.255.255.0
!
interface Loopback1
 ip address 10.200.2.1 255.255.255.0
!
interface Loopback2
 ip address 10.200.3.1 255.255.255.0
!
interface Loopback3
 ip address 10.200.4.1 255.255.255.0
!
interface Loopback4
 ip address 10.200.5.1 255.255.255.0
!
interface Port-channel1
 no switchport
 no ip address
 shutdown
!
interface FastEthernet0/1
 no switchport
 ip address 192.168.1.8 255.255.255.0
!
interface FastEthernet0/2
 switchport access vlan 7
 switchport mode access
 spanning-tree portfast
!
interface FastEthernet0/3
 switchport access vlan 3
 switchport mode access
!
interface FastEthernet0/4
 switchport access vlan 4
 switchport mode access
!
interface FastEthernet0/5
 switchport access vlan 5
 switchport mode access
!
interface FastEthernet0/6
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/7
 switchport mode dynamic desirable
!
interface FastEthernet0/8
 switchport mode dynamic desirable
!
interface FastEthernet0/9
 switchport access vlan 3
 switchport mode dynamic desirable
!
interface FastEthernet0/10
 switchport access vlan 3
 switchport mode dynamic desirable
!
interface FastEthernet0/11
 switchport access vlan 3
 switchport mode dynamic desirable
!
interface FastEthernet0/12
 switchport access vlan 3
 switchport mode dynamic desirable
!
interface FastEthernet0/13
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/14
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/15
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/16
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/17
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/18
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/19
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/20
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/21
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/22
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/23
 switchport access vlan 2
 switchport mode dynamic desirable
!
interface FastEthernet0/24
 no switchport
 ip address 192.168.90.1 255.255.255.252
!
interface GigabitEthernet0/1
 no switchport
 no ip address
 shutdown
 channel-group 1 mode on
!
interface GigabitEthernet0/2
 no switchport
 no ip address
 shutdown
 channel-group 1 mode on
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan2
 no ip address
!
interface Vlan3
 no ip address
!
interface Vlan4
 no ip address
!
interface Vlan5
 no ip address
!
interface Vlan6
 no ip address
!
interface Vlan7
 ip address 10.200.107.1 255.255.255.0
 ip directed-broadcast
!
router eigrp 100
 passive-interface default
 no passive-interface FastEthernet0/24
 network 10.200.0.0 0.0.255.255
 network 192.168.90.0 0.0.0.3
 no auto-summary
!
ip classless
ip http server
ip http secure-server
!
!
logging 10.200.0.100
access-list 10 deny   0.0.0.0
access-list 10 permit any
access-list 90 permit any log
!
control-plane
!
!
line con 0
line vty 0 4
 access-class 90 in
 password cisco
 login
line vty 5 15
 no login
!
end

 

Posted by bgaumer | Trackback (0) | Permalink