Rob Riker/ Simplified Networking: CCIE SPv4 - MPLS L3 VPN - Initial L3 VPN setup - RD - RT - VRF

Software versions:
IOS XE 15.5
IOS XR 5.3

The topology for this demo:

This post will focus on getting the base configuration in place that is needed to get MPLS L3 VPN up and running. You'll notice that it is significantly more involved than L2VPN in almost any aspect. L2 VPN doesn't require VRFs, MP-BGP RT/RD for the most part, only the advanced configuration, all of those features are required for L3 VPN.

We are going to focus on getting the infrastructure up and running in this post, then we'll be able to test out a variety of scenarios. This foundation setup will be in place likely the remainder of the Intra AS testing of technologies. We'll be able to test all the L3 VPN scenarios around Intra AS design, MPLS TE, Multicast, QoS. We'll be adding to this design once we get into the Inter AS and CSC designs later on.

For those of you not familiar with MPLS L3 VPN there are a few things we need to cover before you start looking over the configuration. The components used to make L3 VPN work; VRF (RD/RT) MP-BGP, IGP/LDP are the minimum required configurations.

IGP and LDP: IGP is used to build a loop free topology, we'll use OSPF and IS-IS but can test with EIGRP or RIPv2 if needed. the DV IGPs don't have the flexibility that OSPF/IS-IS do. LDP relies on IGP to build a loop free topology. LDP can not operation without IGP. LDP requires that every PE advertise a /32 loopback into IGP used to terminate LSPs or Label Switch Paths.

VRFs: Virtual Routing and Forwarding: This is the same concept as a "VLAN" on a switch but unique to a router. They can be configured on a switch. VRF are to a Router what VLANs are to a switch. you can virtualize a router's routing table with VRFs. Each VRF gets a RD or Route Distinguisher and a RT or Route Target. The RD is prepended or added to the front of a customer prefix to make it globally unique. The Rt determines what routes/prefixes can be imported to or exported from the VRF. Import takes routes from MP-BGP and injects them into the VRF RIB. Export take routes from the VRF RIB and injects them into the MP-BGP RIB.

MP-BGP: Multi Protocol BGP - used to advertise VPNv4 and VPNv6 prefixes learned from customer to other PEs. Every PE needs to be peered in a full mesh with all the other PEs it needs to send routing information to or to peer with a Route Reflector (our design). The MP-BGP learned routes are what allocate the "VPN" label to a prefix learned from the customer. LDP is used to allocate "Transport" labels that the PE will use to reach the remote PE that connects to the CE the received traffic needs to reach.

I will give detailed breakdowns of how this works as we progress through the difference scenarios. For now, focus on the SP core and edge configuration.

We'll begin with enabling IGP/LDP, in this case it's OSPFv2 and LDP. We actually have this going, I enable OSPFv2 globally on all interfaces and use mpls ldp autoconfig to get everything up.

IOS

router ospf 1

network 0.0.0.0 255.255.255.255 area 0

mpls ldp autoconfig

mpls ldp label

allocate global host-routes

XR1

router ospf 1

area 0

interface Loopback0

interface GigabitEthernet0/0/0/0.111

interface GigabitEthernet0/0/0/0.1114

mpls ldp

address-family ipv4

label

local

allocate for host-routes

XR2

router ospf 1

area 0

mpls ldp auto-config

interface Loopback0

interface GigabitEthernet0/0/0/0.112

interface GigabitEthernet0/0/0/0.1213

interface GigabitEthernet0/0/0/0.1216

mpls ldp

address-family ipv4

label

local

allocate for host-routes

XR3

router ospf 1

area 0

mpls ldp auto-config

interface Loopback0

interface GigabitEthernet0/0/0/0.132

interface GigabitEthernet0/0/0/0.1213

mpls ldp

address-family ipv4

label

local

allocate for host-routes

XR4

router ospf 1

area 0

interface Loopback0

interface GigabitEthernet0/0/0/0.143

interface GigabitEthernet0/0/0/0.1114

interface GigabitEthernet0/0/0/0.1415

mpls ldp

address-family ipv4

label

local

allocate for host-routes

XR5

router ospf 1

area 0

mpls ldp auto-config

interface Loopback0

interface GigabitEthernet0/0/0/0.115

interface GigabitEthernet0/0/0/0.154

interface GigabitEthernet0/0/0/0.1415

interface GigabitEthernet0/0/0/0.1516

mpls ldp

address-family ipv4

label

local

allocate for host-routes

XR6

router ospf 1

area 0

mpls ldp auto-config

interface Loopback0

interface GigabitEthernet0/0/0/0.162

interface GigabitEthernet0/0/0/0.165

interface GigabitEthernet0/0/0/0.1216

interface GigabitEthernet0/0/0/0.1516

mpls ldp

address-family ipv4

label

local

allocate for host-routes

IGP and LDP should be fully converged in a few minutes, likely faster than that but it will take you longer to copy and paste the config's in that it will take OSPF to converge.

Now we need to configure the VRFs on IOS and IOS XR. Overall pretty straight forward. This is only done on the PEs for IOS and XR. I create 7 different VRFs, one for each IGP, one for BGP, one for Static routes and the last for PBR. I enable both IPv4 and IPv6 for each VRF. The RD is the AD value for BGP, IGP and Static routes, PBR just received 10 for simplicity. The RT or Route Target, which determines flood/learn policies for each VRF, also follows the RD format.

IOS

vrf definition BGP

rd 20:50693

address-family ipv4

route-target export 20:50693

route-target import 20:50693

exit-address-family

address-family ipv6

route-target export 20:50693

route-target import 20:50693

exit-address-family

vrf definition EIGRP

rd 90:50693

address-family ipv4

route-target export 90:50693

route-target import 90:50693

exit-address-family

address-family ipv6

route-target export 90:50693

route-target import 90:50693

exit-address-family

vrf definition IS-IS

rd 115:50693

address-family ipv4

route-target export 115:50693

route-target import 115:50693

exit-address-family

address-family ipv6

route-target export 115:50693

route-target import 115:50693

exit-address-family

vrf definition OSPF

rd 110:50693

address-family ipv4

route-target export 110:50693

route-target import 110:50693

exit-address-family

address-family ipv6

route-target export 110:50693

route-target import 110:50693

exit-address-family

vrf definition PBR

rd 10:50693

address-family ipv4

route-target export 10:50693

route-target import 10:50693

exit-address-family

address-family ipv6

route-target export 10:50693

route-target import 10:50693

exit-address-family

vrf definition RIPv2

rd 120:50693

address-family ipv4

route-target export 120:50693

route-target import 120:50693

exit-address-family

address-family ipv6

route-target export 120:50693

route-target import 120:50693

exit-address-family

vrf definition STATIC

rd 1:50693

address-family ipv4

route-target export 1:50693

route-target import 1:50693

exit-address-family

address-family ipv6

route-target export 1:50693

route-target import 1:50693

exit-address-family

IOS XR

vrf BGP

address-family ipv4 unicast

import route-target 20:50693

export route-target 20:50693

address-family ipv6 unicast

export route-target 20:50693

import route-target 20:50693

vrf OSPF

address-family ipv4 unicast

import route-target 110:50693

export route-target 110:50693

address-family ipv6 unicast

export route-target 110:50693

import route-target 110:50693

vrf EIGRP

address-family ipv4 unicast

import route-target 90:50693

export route-target 90:50693

address-family ipv6 unicast

export route-target 90:50693

import route-target 90:50693

vrf RIPv2

address-family ipv4 unicast

import route-target 120:50693

export route-target 120:50693

address-family ipv6 unicast

export route-target 120:50693

import route-target 120:50693

vrf IS-IS

address-family ipv4 unicast

import route-target 115:50693

export route-target 115:50693

address-family ipv6 unicast

export route-target 115:50693

import route-target 115:50693

vrf STATIC

address-family ipv4 unicast

import route-target 1:50693

export route-target 1:50693

address-family ipv6 unicast

export route-target 1:50693

import route-target 1:50693

vrf PBR

address-family ipv4 unicast

import route-target 10:50693

export route-target 10:50693

address-family ipv6 unicast

export route-target 10:50693

import route-target 10:50693

Now we have to apply the VRF to the appropriate interfaces. I am not applying IPv4/IPv6 addressing yet for the simple reason, each PE would have unique address spaces. I will show you the technique I use for IOS and XR for R1 and XR1 each. I use the CE router number and the PE router number, R13 (CE) and R1 (PE) for instance would get 131.0.0.0/24 and 2131:CC1E::/64 for all VRF defined interfaces. You can follow that stanza and address as we go or at one time.

IOS

interface GigabitEthernet1.1001

encapsulation dot1Q 1001

vrf forwarding STATIC

interface GigabitEthernet1.1010

encapsulation dot1Q 1010

vrf forwarding PBR

interface GigabitEthernet1.1020

encapsulation dot1Q 1020

vrf forwarding BGP

interface GigabitEthernet1.1090

encapsulation dot1Q 1090

vrf forwarding EIGRP

interface GigabitEthernet1.1110

encapsulation dot1Q 1110

vrf forwarding OSPF

interface GigabitEthernet1.1115

encapsulation dot1Q 1115

vrf forwarding IS-IS

interface GigabitEthernet1.1120

encapsulation dot1Q 1120

vrf forwarding RIPv2

IOS XR

interface GigabitEthernet0/0/0/0.1001

vrf STATIC

encapsulation dot1q 1001

interface GigabitEthernet0/0/0/0.1010

vrf PBR

encapsulation dot1q 1010

interface GigabitEthernet0/0/0/0.1020

vrf BGP

encapsulation dot1q 1020

interface GigabitEthernet0/0/0/0.1090

vrf EIGRP

encapsulation dot1q 1090

interface GigabitEthernet0/0/0/0.1110

vrf OSPF

encapsulation dot1q 1110

interface GigabitEthernet0/0/0/0.1115

vrf IS-IS

encapsulation dot1q 1115

interface GigabitEthernet0/0/0/0.1120

vrf RIPv2

encapsulation dot1q 1120

Onto the addressing piece.

IOS

interface GigabitEthernet1.1001

encapsulation dot1Q 1001

vrf forwarding STATIC