Scribd
Upload
266 views

Cisco IOS MPLS VPN Inter-AS Option AB

This document compares and contrasts Option AB with Options A and B for implementing Virtual Private LAN Service (VPLS) across multiple autonomous systems. With Option AB, each customer is assigned a separate VRF domain, similar to Option A, providing traffic isolation. A single VPNv4 session exists between ASBRs, similar to Option B, improving scalability. PE configuration remains unchanged. ASBR configuration requires major changes, including separate inter-AS links per VRF, modifications to BGP to support inter-AS hybrid mode, and changes to VRF configuration to control attribute propagation between ASBRs and PEs.

Uploaded by

newagequanta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
266 views

Cisco IOS MPLS VPN Inter-AS Option AB

This document compares and contrasts Option AB with Options A and B for implementing Virtual Private LAN Service (VPLS) across multiple autonomous systems. With Option AB, each customer is assigned a separate VRF domain, similar to Option A, providing traffic isolation. A single VPNv4 session exists between ASBRs, similar to Option B, improving scalability. PE configuration remains unchanged. ASBR configuration requires major changes, including separate inter-AS links per VRF, modifications to BGP to support inter-AS hybrid mode, and changes to VRF configuration to control attribute propagation between ASBRs and PEs.

Uploaded by

newagequanta
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 4

NETWORKING NOTES 1 IOS-XE VPLS

_____ _ _ __ ___ _ _ _ ___


\_ \_ __ | |_ ___ _ __ /_\ / _\ /___\_ __ | |_(_) ___ _ __ /_\ / __\
/ /\/ '_ \| __/ _ \ '__|____ //_\\ \ \ // // '_ \| __| |/ _ \| '_ \ //_\\ /__\//
/\/ /_ | | | | || __/ | |_____/ _ \_\ \ / \_//| |_) | |_| | (_) | | | | / _ \/ \/ \
\____/ |_| |_|\__\___|_| \_/ \_/\__/ \___/ | .__/ \__|_|\___/|_| |_| \_/ \_/\_____/
|_|

Comparison and Contrast with Options A and B .......................................... 2


> One VRF Per Customer ............................................................................. 2
> Single VPNv4 Session Between ASBRs ............................................................... 2
PE Configuration ...................................................................... 2
> Inter-AS Agnostic = No Changes ................................................................... 2
ASBR Configuration .................................................................... 2
> Major Changes in Configuration ................................................................... 2
> Inter-AS Links ................................................................................... 2
> Changes to BGP ................................................................................... 3
> Changes to VRF Configuration ..................................................................... 4

2018 N E W A G E Q U A N T A
NETWORKING NOTES 2 IOS-XE VPLS

Comparison and Contrast with Options A and B


> One VRF Per Customer
>> This is similar to Option A
>> Allows for greater security by providing traffic isolation at the dataplane
>> Allows for the maintenance of IP QoS functions between the ASBRs for customer SLAs
> Single VPNv4 Session Between ASBRs
>> This is similar to Option B
>> Provides enhanced scalability (session maintenance, CPU utilization etc.) over Option A (one BGP session per VRF)
PE Configuration
> Inter-AS Agnostic = No Changes
>> No changes as all
>> Example snipped skipped as the PE VPNv4 and VRF are configured normally
ASBR Configuration
> Major Changes in Configuration
>> Changes to both BGP as well as VRF configuration
> Inter-AS Links
>> There will be separate links or each customer VRF
>>> This is similar to Option A style peering
>>> Can be physical interfaces or sub-interfaces
>>> The Inter-AS customer traffic will flow over these links
>>> This traffic will be pure IP traffic and not MPLS traffic
>>> Thus, at the data plane level, Option AB behaves as Option A
>> But there must be at least one interface in the global routing table
>>> The eBGP VPNv4 peering will be over this interface
>>> Supports MPLS traffic
>>> Maybe used for global traffic or traffic for non-Option AB Inter-AS customers

2018 N E W A G E Q U A N T A
NETWORKING NOTES 3 IOS-XE VPLS

interface GigabitEthernet2
description Physical ASBR Interface
no ip address
!
interface GigabitEthernet2.30
description VRF 30 Sub-Interface
encapsulation dot1Q 30
vrf forwarding 30
ip address 30.1.19.19 255.255.255.0
!
interface GigabitEthernet2.40
description VRF 30 Sub-Interface
encapsulation dot1Q 40
vrf forwarding 40
ip address 40.1.19.19 255.255.255.0
!
interface GigabitEthernet2.119
description Global Interface
encapsulation dot1Q 119
ip address 12.1.19.19 255.255.255.0

> Changes to BGP


>> Single VPNv4 session
>> But the neighbor is configured explicitly for Hybrid AB option under AFI VPNv4

router bgp 200


no bgp default ipv4-unicast
neighbor 12.1.19.1 remote-as 100
!
address-family vpnv4
neighbor 12.1.19.1 activate
neighbor 12.1.19.1 send-community extended
neighbor 12.1.19.1 inter-as-hybrid
exit-address-family

>> This ensures two major things


>>> The NLRIs advertised over this peering are strictly treated as Option AB NLRIs

2018 N E W A G E Q U A N T A
NETWORKING NOTES 4 IOS-XE VPLS

>>> NLRIs are only accepted for any VRFs that are explicitly configured
>>> This means that the RT for the NLRI must match a local VRF
>>> There are other implications that are discussed below
>>> NOTE: Regular Option B NLRIs will no longer be accepted on this peering
>>> I.e. the existence of a VRF with a proper import RT is a must for an NLRI to be accepted
> Changes to VRF Configuration
>> A VRF must exist for each customer
>> A VRF interface between the two ASBRs must also exist
>> Configuration of the VRF will determine the NLRI that is re-advertised to local PEs and remote ASBRs
>>> This "attribute massage" is bi-directional - From ASBR to PE and from PE to ASBR
>> RD advertised will be that of the VRF, not the one received with the NLRI
>> RT advertised will be that configured as an export RT on the VRF, not the RTs received with the NLRI
>> Finally the NH of the NLRI will be adjusted based on the "inter-as-hybrid next-hop" command
>>> This should ideally be the peer address associated on the VRF link

vrf definition 30
rd 200:30
!
address-family ipv4
route-target export 30:30
route-target import 3030:3030
route-target import 30:30
inter-as-hybrid next-hop 30.1.19.1
exit-address-family
!
!

2018 N E W A G E Q U A N T A

You might also like