MPLS VPN OSPF PE and CE Support

The MPLS VPN OSPF PE and CE Support feature allows service providers to configure Open Shortest Path First (OSPF) between provider edge (PE) and customer edge (CE) devices in a Multiprotocol Label Switching (MPLS) virtual private network ( VPN). This feature increases flexibility when devices exchange routing information among sites because a separate router ID for each interface or subinterface is configured on a PE device attached to multiple CE devices within a VPN. An MPLS VPN consists of a set of sites that are interconnected by means of an MPLS provider core network. At each customer site, one or more CE devices attach to one or more PE devices.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table at the end of this module.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Prerequisites for MPLS VPN OSPF PE and CE Support

  • Configure MPLS Layer 3 VPNs.

  • Configure the Border Gateway Protocol (BGP) in the core.

Information About MPLS VPN OSPF PE and CE Support

Overview of MPLS VPN OSPF PE and CE Support

This feature allows service providers to configure Open Shortest Path First (OSPF) between provider edge (PE) and customer edge (CE) devices in an MPLS VPN network.

This feature increases flexibility when devices exchange routing information among sites because a separate router ID for each interface or subinterface is configured on a PE device attached to multiple CE devices within a VPN.

How to Configure MPLS VPN OSPF PE and CE Support

Configuring OSPF as the Routing Protocol Between the PE and CE Devices

Perform this task to configure PE-to-CE routing sessions that use Open Shortest Path First (OSPF).


Note

The Cisco implementation of OSPF in an MPLS VPN PE-CE environment is compliant with RFC 4576.

Before you begin

Configure the PE device with the same routing protocol that the CE device uses.

SUMMARY STEPS

  1. enable
  2. configure terminal
  3. router ospf process-id [vrf vpn-name]
  4. network ip-address wildcard-mask area area-id
  5. address-family ipv4 [multicast | unicast | vrf vrf-name]
  6. redistribute protocol | [process-id] | {level-1 | level-1-2 | level-2} [as-number] [metric metric-value] [metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag] [subnets]
  7. exit-address-family
  8. end

DETAILED STEPS

  Command or Action Purpose
Step 1

enable

Example:


Device> enable

Enables privileged EXEC mode.

  • Enter your password if prompted.

Step 2

configure terminal

Example:


Device# configure terminal

Enters global configuration mode.

Step 3

router ospf process-id [vrf vpn-name]

Example:


Device(config)# router ospf 1 vrf grc

Enables OSPF routing and enters router configuration mode.

  • The process-id argument identifies the OSPF process.

  • The vrf vpn-name keyword and argument identify a virtual private network (VPN). Create a separate OSPF process for each virtual routing and forwarding (VRF) instance that will receive VPN routes.

Step 4

network ip-address wildcard-mask area area-id

Example:


Device(config-router)# network 10.0.0.1 0.0.0.3 area 20

Defines the interfaces on which OSPF runs and to defines the area ID for those interfaces.

  • The ip-address argument identifies the IP address.

  • The wildcard-mask argument identifies the IP-address-type mask that includes “don’t care” bits.

  • The area-id argument identifies the area that is to be associated with the OSPF address range. It can be specified as either a decimal value or an IP address. To associate areas with IP subnets, specify a subnet address as the value of the area-id argument.

Step 5

address-family ipv4 [multicast | unicast | vrf vrf-name]

Example:


Device(config-router)# address-family ipv4 vrf vpn1

Specifies the IPv4 address family type and enters address family configuration mode.

  • The multicast keyword specifies IPv4 multicast address prefixes.

  • The unicast keyword specifies IPv4 unicast address prefixes.

  • The vrf vrf-name keyword and argument specify the name of the VRF to associate with subsequent IPv4 address family configuration mode commands.

Step 6

redistribute protocol | [process-id] | {level-1 | level-1-2 | level-2} [as-number] [metric metric-value] [metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag] [subnets]

Example:


Device(config-router-af)#  redistribute rip metric 1 subnets

Redistributes routes from one routing domain into another routing domain.

You may need to include several protocols to ensure that all interior Border Gateway Protocol (IBGP) routes are distributed into the VRF.

Step 7

exit-address-family

Example:


Device(config-router-af)# exit-address-family

Exits address family configuration mode.

Step 8

end

Example:


Device(config-router)# end

(Optional) Exits to privileged EXEC mode.

Verifying Connectivity Between MPLS Virtual Private Network Sites

To verify that the local and remote customer edge (CE) devices can communicate across the Multiprotocol Label Switching (MPLS) core, perform the following tasks:

Verifying IP Connectivity from CE Device to CE Device Across the MPLS Core

SUMMARY STEPS

  1. enable
  2. ping [protocol] {host-name | system-address}
  3. trace [protocol] [destination]
  4. show ip route [ip-address [mask] [longer-prefixes]] | protocol [process-id]] | [list [access-list-name | access-list-number]

DETAILED STEPS

Step 1

enable

Enables privileged EXEC mode.

Step 2

ping [protocol] {host-name | system-address}

Diagnoses basic network connectivity on AppleTalk, Connectionless-mode Network Service (CLNS), IP, Novell, Apollo, Virtual Integrated Network Service (VINES), DECnet, or Xerox Network Service (XNS) networks. Use the ping command to verify the connectivity from one CE device to another.

Step 3

trace [protocol] [destination]

Discovers the routes that packets take when traveling to their destination. The trace command can help isolate a trouble spot if two devices cannot communicate.

Step 4

show ip route [ip-address [mask] [longer-prefixes]] | protocol [process-id]] | [list [access-list-name | access-list-number]

Displays the current state of the routing table. Use the ip-address argument to verify that CE1 has a route to CE2. Verify the routes learned by CE1. Make sure that the route for CE2 is listed.

Verifying That the Local and Remote CE Devices Are in the PE Routing Table

SUMMARY STEPS

  1. enable
  2. show ip route vrf vrf-name [prefix]
  3. show ip cef vrf vrf-name [ip-prefix]

DETAILED STEPS

Step 1

enable

Enables privileged EXEC mode.

Step 2

show ip route vrf vrf-name [prefix]

Displays the IP routing table associated with a virtual routing and forwarding (VRF) instance. Check that the loopback addresses of the local and remote customer edge (CE) devices are in the routing table of the provider edge (PE) devices.

Step 3

show ip cef vrf vrf-name [ip-prefix]

Displays the Cisco Express Forwarding forwarding table associated with a VRF. Check that the prefix of the remote CE device is in the Cisco Express Forwarding table.

Configuration Examples for MPLS VPN OSPF PE and CE Support

Example: Configuring an MPLS VPN Using OSPF

PE Configuration

CE Configuration 


ip vrf vpn1
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
ip cef
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
interface Loopback0
 ip address 10.0.0.1 255.255.255.255
!
interface FastEthernet0/0/0
 ip vrf forwarding vpn1
 ip address 34.0.0.2 255.0.0.0
 no cdp enable
!
router ospf 1000 vrf vpn1
 log-adjacency-changes
 redistribute bgp 100 metric-type 1 subnets
 network 10.0.0.13 0.0.0.0 area 10000
 network 34.0.0.0 0.255.255.255 area 10000
! 
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
 !        
address-family vpnv4
 neighbor 10.0.0.3 activate
 neighbor 10.0.0.3 send-community extended
 bgp scan-time import 5
 exit-address-family
 !        
address-family ipv4 vrf vpn1
redistribute connected
redistribute ospf 1000 match internal external 1 external 2
no auto-summary
no synchronization
exit-address-family
 

ip cef
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
interface Loopback0
 ip address 10.0.0.9 255.255.255.255
!
interface FastEthernet0/0/0
 ip address 34.0.0.1 255.0.0.0
 no cdp enable
!
router ospf 1000
log-adjacency-changes
auto-cost reference-bandwidth 1000
redistribute connected subnets
network 34.0.0.0 0.255.255.255 area 1000
network 10.0.0.0 0.0.0.0 area 1000

Additional References

Related Documents

Related Topic

Document Title

Cisco IOS commands

Cisco Master Command List, All Releases

MPLS and MPLS applications commands

Cisco IOS Multiprotocol Label Switching Command Reference

Standards and RFCs

Standard/RFC

Title

RFC 4576

Using a Link State Advertisement (LSA) Options Bit to Prevent Looping in BGP/MPLS IP Virtual Private Networks (VPNs)

Technical Assistance

Description

Link

The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

http://www.cisco.com/cisco/web/support/index.html

Feature Information for MPLS VPN OSPF PE and CE Support

The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.
Table 1. Feature Information for MPLS VPN OSPF PE and CE Support

Feature Name

Releases

Feature Information

MPLS VPN OSPF PE and CE Support

12.0(5)T

12.0(11)ST

12.0(21)ST

12.2(17b)SXA

12.2(28)SB

Cisco IOS XE Release 2.1

The MPLS VPN OSPF PE and CE Support feature allows service providers to configure Open Shortest Path First (OSPF) between provider edge (PE) and customer edge (CE) devices in a Multiprotocol Label Switching (MPLS) virtual private network (VPN).

In Cisco IOS Release 12.0(5)T, this feature was introduced.

In Cisco IOS Release 12.0(11)ST, 12.0(21)ST, 12.2(17b)SXA, and 12.2(28)SB, this feature was integrated.

In Cisco IOS XE Release 2.1, this feature was implemented on Cisco ASR 1000 Series Routers.

No commands were introduced or modified.