You are on page 1of 44

CCIE R&S Techtorial MPLS

Ing. Tom Kelemen


Partner Systems Engineer CCIE #24395

Ing. Peter Mesjar


Systems Engineer CCIE #17428

2011 Cisco Systems, Inc. All rights reserved.

Agenda
Introduction to MPLS
What is MPLS? Why it was developed?

How MPLS works


What are priciples of MPLS?

What are uses of MPLS?

MPLS in action
Basic MPLS L3 VPN config

MPLS L3 VPN verification

Q&A
2011 Cisco Systems, Inc. All rights reserved.

Introduction to MPLS

2011 Cisco Systems, Inc. All rights reserved.

What Is MPLS? Multi Protocol Label Switching is a technology to


deliver IP services - MPLS enables network services such as VPN and traffic engineering

Forwarding of data packets is via labels


MPLS enabled routers do not look into IP header to forward packets

MPLS is known as OSI layer 2.5


Label info is inserted between Data link and Network layer and this is sometimes called shim header
Ethernet MPLS IP Data

MPLS works over most Layer 2 technologies such as ATM, FR, PPP, POS, Ethernet
2011 Cisco Systems, Inc. All rights reserved.

Why it was developed?


Network infrastructure convergence
MPLS enabled network allows to carry different kind of traffic (IPv4, IPv6, Layer2 frames) across single network infrastructure

No need to have BGP enabled on all routers


Very important for scaling lare networks because MPLS forwarding is done via labels, we do not need to keep all destination IP addresses in routing tables
PE
CE MPLS network BGP session P P CE

PE

PE
CE
2011 Cisco Systems, Inc. All rights reserved.

PE
P P CE
5

BGP session

Why it was developed?


New approach to VPN technologies
Allows use of overlapping IPv4 address space Allows optimal traffic flow
CE CE
routing peering

PE

ATM/FR VC

PE

PE

routing peering CE CE CE CE MPLS VPN

routing peering

Traditional ATM/FR VPN


2011 Cisco Systems, Inc. All rights reserved.

Why it was developed?


Traffic engineering
Preffered path is least cost path determined by IGP Basic idea is to use links in network infrastructure efficiently MPLS needs to be able to provide mechanism to divert traffic to other links beside preffered path
Preffered, least cost path

MPLS network with TE enabled

2011 Cisco Systems, Inc. All rights reserved.

Traffic engineered path

How MPLS works

2011 Cisco Systems, Inc. All rights reserved.

What are principles of MPLS?


Main building stones of MPLS:
Label 32bit value inserted between Layer 2 and Layer 3
0 1 2 3 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1 2 3 4 5 6 7 8 9 0 1

Label 20bits

EXP S

TTL-8bits

COS/EXP = Class of Service: 3 Bits; S = Bottom of Stack; TTL = Time to Live

LSR Label Switch Router (eg. PE, P) LSP Label Switched Path IGP Interior Gateway Protocol LDP Label Distribution Protocol LIB, LFIB Label Information Base, Label Forwarding Information Base MP-BGP, RSVP Protocols for MPLS VPN and MPLS TE
2011 Cisco Systems, Inc. All rights reserved.

What are principles of MPLS?


Life of a packet in MPLS network:
2. Core LSR label swapping 1. Ingress LSR label imposition
P PE

LSP P PE

3. Egress LSR label disposition

CE
P P

CE

Egress LSR not always performs label disposition


- PHP (Penultimate Hop Popping) signaled via implicit null label (LDP advertising MPLS label of value three)
2011 Cisco Systems, Inc. All rights reserved.

10

What are principles of MPLS?


Assigning and distributing MPLS labels
Each LSR needs to run IGP to learn IP prefixes (eg. neighbor loopbacks, BGP next hops) Each LSR then forms LDP neighborship between its directly connected LSR Once LDP neighborship is formed, each LSR uses LDP to assign labels to IP prefixes it knows about each LSR does this independently and advertises its labels to its LDP neighbors

LDP is standards based RFC 3035 and RFC 3036


LDP uses UDP for session discovery (port 646 and destination IP 224.0.0.2) LDP uses TCP (port 646 and destination IP of its LDP peer) for rest of the messages (label advertisement, label withdrawal, session maintenance, session teardown)
2011 Cisco Systems, Inc. All rights reserved.

11

What are principles of MPLS?


Forwarding MPLS packets which label to use?
RIB stores IP prefixes, LIB stores MPLS labels LFIB is created from both RIB and LIB and used to forward MPLS tagged packets

Example for LSR in bottom picture:


- RIB has 1.1.1.1/32 learned via IGP over e0/0 interface - LIB has label L for prefix 1.1.1.1/32 learned from its LDP peer

- LFIB has: to forward packet to 1.1.1.1/32, use label L and send packet using peer LDP nexthop over e0/0 interface
1.1.1.1/32

e0/0
LSR

2011 Cisco Systems, Inc. All rights reserved.

12

What are uses of MPLS?


Label stacking
Labeling does not make forwarding of packets faster Label stacking is the primary use of MPLS that enables use of MPLS L2 and L3 VPNs, traffic engineering and other services

Most used examples of label stacking:


- 2 labels for MPLS VPN bottom label indicates which VPN this packet belongs to, outer is used by core LSRs for packet forwarding

- 3 labels for MPLS TE the most upper label is used to indicate Outer Label which TE tunnel to forward this packet
TE Label
LDP Label VPN Label Inner Label
2011 Cisco Systems, Inc. All rights reserved.

IP Header
13

What are uses of MPLS?


Use of MPLS to build Layer 3 VPN
MPLS VPN is set of sites that communicate with each other these sites can be connected to MPLS infrastructure at various PE routers PE LSR acts as aggregation router in MPLS VPN each site is identified by its own VRF (Virtual Routing and Forwarding) instance, which is logically separated and by default communication between VRF is not allowed Each PE router assigns distinct MPLS label for each VRF it communicates with other PE routers this label is not assigned by LDP, but by MP-BGP, and is used to know which VRF site remote PE needs to send packet to
2011 Cisco Systems, Inc. All rights reserved.

PE

VPN RED
PE

VPN GREEN
PE

MPLS network VPN BLUE

PE

PE

14

What are uses of MPLS?


Use of MPLS to build Layer 3 VPN
RD (Route Distinguisher) is attached to each IP prefix exchanged in VPN to make them unique RD + prefix = VPN prefix RD allows to use overlapping IP addresses among VPNs

RD length is 64 bits and is in formant X:Y, where X is usually Autonomous System Number or IP address usually one RD is assigned per one customer
RT (Route Target) governs which VPN prefixes are allowed to be imported or exported out of particular VPN Using RT you create intranet or extranet - Intranet different sites of same VPN can communicate

- Extranet different sites of different VPNs can communicate


In order to bring L3 VPN into life, you need to exchange both RD and RT this is done by MP-BGP
2011 Cisco Systems, Inc. All rights reserved.

15

What are uses of MPLS?


MPLS Layer 3 VPN Intranet for customer in VPN RED
ip vrf RED rd 100:1 route-target export 1:1 route-target import 1:1 ip vrf RED rd 100:1 route-target export 1:1 route-target import 1:1

PE VPN RED PE VPN GREEN PE

MPLS network VPN BLUE

PE

PE

ip vrf RED rd 100:1 route-target export 1:1 route-target import 1:1


2011 Cisco Systems, Inc. All rights reserved.

16

What are uses of MPLS?


MPLS Layer 3 VPN Intranet for customer in VPN GREEN
ip vrf GREEN rd 100:2 route-target export 2:1 route-target import 2:1 ip vrf GREEN rd 100:2 route-target export 2:1 route-target import 2:1

PE VPN RED PE VPN GREEN PE

MPLS network VPN BLUE

PE

PE

ip vrf GREEN rd 100:2 route-target export 2:1 route-target import 2:1


2011 Cisco Systems, Inc. All rights reserved.

17

What are uses of MPLS?


MPLS Layer 3 VPN Intranet for customer in VPN BLUE

ip vrf BLUE rd 100:3 route-target export 3:1 route-target import 3:1

PE VPN RED PE VPN GREEN PE

MPLS network VPN BLUE

PE

PE

ip vrf BLUE rd 100:3 route-target export 3:1 route-target import 3:1


2011 Cisco Systems, Inc. All rights reserved.

ip vrf BLUE rd 100:3 route-target export 3:1 route-target import 3:1 18

What are uses of MPLS?


MPLS Layer 3 VPN Extranet between customer VPN RED and VPN BLUE ip vrf RED
rd 100:1 route-target export 1:1 route-target import 1:1 route-target import 3:1

PE VPN RED PE VPN GREEN PE

MPLS network VPN BLUE

PE

PE

ip vrf BLUE rd 100:3 route-target export 3:1 route-target import 3:1 route-target import 1:1
2011 Cisco Systems, Inc. All rights reserved.

19

What are uses of MPLS?


Exchanging RD, RT and VPN label over MPLS network
Each PE router forms iBGP session with other PE router Over this iBGP sessions, PE routers exchange VPN prefixes Each VPN prefix is exchanged with its associated RT and VPN label RT is for importing routes into VRF RIB, VPN label is for actual packet forwarding

PE

MPLS network
PE

2011 Cisco Systems, Inc. All rights reserved.

20

What are uses of MPLS?


Packet forwarding with MPLS Layer 3 VPN
IGP label is assigned by LDP VPN label is assigned by MP-BGP
IGP VPN IP IGP VPN IP
VPN IP

IP

IP

Site 1 of VPN BLUE

PE1

P1

P2

PE2

Site 2 of VPN BLUE

1.) PE1 receives IP packet on VRF interface assigned to site 1 of VPN BLUE. 2.) PE1 looks up VPN and IGP label, imposes this label stack to IP packet and forwards it to MPLS network. IGP label is known based on iBGP next hop, which is IP address of PE2. 3.) P1 router swaps IGP label based on its LFIB table. 4.) P2 removes IGP label due to PHP, but does not touch VPN label. 5.) PE2 router receives IP packet with VPN label, which it uses to select correct outgoing VPN site 6.) PE2 then strips off VPN label, makes lookup in its VRF RIB for particular VPN site to get the outgoing interface to 21 send received packet to. reserved. 2011 Cisco Systems, Inc. All rights

What are uses of MPLS?


Exchanging routing information between CE and PE routers
Static routing RIP EIGRP

OSPF
IS-IS eBGP

2011 Cisco Systems, Inc. All rights reserved.

22

MPLS in action

2011 Cisco Systems, Inc. All rights reserved.

23

MPLS demo lab topology


Site 1 of VPN RED s2/0 s2/0 s3/0 s3/0 Site 1 of VPN BLUE
- VPN Red site 1
s2/0: 10.1.1.2/30 lo0: 192.168.1.1/24

Site 2 of VPN RED s2/0 s2/0 e0/0 e0/0 PE1 P1 e1/0 e1/0 P2 e0/0 e0/0 PE2 s3/0 s3/0 Site 2 of VPN BLUE

- PE1
s2/0: 10.1.1.1/30 s3/0: 10.3.1.1/30 e0/0: 10.0.12.1/24

- P1
e0/0: 10.0.12.2/24 e1/0: 10.0.23.2/24 lo0: 10.0.0.2/32

- PE2
s2/0: 10.1.2.1/30 s3/0: 10.3.2.1/30 e0/0: 10.0.34.4/24 lo0: 10.0.0.4/32

- VPN Red site 2


s2/0: 10.1.2.2/30 lo0: 192.168.2.1/24

- VPN Blue site 1 s3/0: 10.3.1.2/30 lo0: 172.16.1.1/24

lo0: 10.0.0.1/32 - P2 e0/0: 10.0.34.3/24 e1/0: 10.0.23.3/24 lo0: 10.0.0.3/32

- VPN Blue site 1 s3/0: 10.3.2.2/30 lo0: 172.16.2.1/24

2011 Cisco Systems, Inc. All rights reserved.

24

Basic MPLS L3 VPN config

2011 Cisco Systems, Inc. All rights reserved.

25

Basic MPLS L3 VPN config


1.) Configuring core LSR for MPLS switching
P1(config)#mpls ldp router-id loop0 P1(config)#int e0/0 P1(config-if)#mpls ip P1(config-if)#int e1/0 P1(config-if)#mpls ip P1(config-if)#router ospf 100 P1(config-router)#network 10.0.0.2 0.0.0.0 area 0 P1(config-router)#network 10.0.12.2 0.0.0.0 area 0 P1(config-router)#network 10.0.23.2 0.0.0.0 area 0 P2(config)#mpls ldp router-id loop0 P2(config)#int e0/0 P2(config-if)#mpls ip P2(config-if)#int e1/0 P2(config-if)#mpls ip P2(config-if)#router ospf 100 P2(config-router)#network 10.0.0.3 0.0.0.0 area 0 P2(config-router)#network 10.0.23.3 0.0.0.0 area 0 P2(config-router)#network 10.0.34.3 0.0.0.0 area 0 Loopback interface must be routable for LDP to form adjacencies

2011 Cisco Systems, Inc. All rights reserved.

26

Basic MPLS L3 VPN config


2.) Configuring edge LSR for MPLS switching
PE1(config)#mpls ldp router-id loop0 PE1(config)#int e0/0 PE1(config-if)#mpls ip PE1(config-if)#router ospf 100 PE1(router)#network 10.0.0.1 0.0.0.0 area 0 PE1(router)#network 10.0.12.1 0.0.0.0 area 0 PE2(config)#mpls ldp router-id loop0 PE2(config)#int e0/0 PE2(config-if)#mpls ip PE2(config-if)#router ospf 100 PE2(router)#network 10.0.0.4 0.0.0.0 area 0 PE2(router)#network 10.0.34.4 0.0.0.0 area 0 Loopback interface must be routable for LDP to form adjacencies

2011 Cisco Systems, Inc. All rights reserved.

27

Basic MPLS L3 VPN config


3a.) Configuring edge LSR PE1 for MPLS L3 VPN
ip vrf blue rd 100:3 route-target export 3:1 route-target import 3:1 ! ip vrf red rd 100:1 route-target export 1:1 route-target import 1:1 ! interface Serial2/0 ip vrf forwarding red ! interface Serial3/0 ip vrf forwarding blue

2011 Cisco Systems, Inc. All rights reserved.

28

Basic MPLS L3 VPN config


3b.) Configuring edge LSR PE1 for MPLS L3 VPN
router bgp 100 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 10.0.0.4 remote-as 100 neighbor 10.0.0.4 update-source Loopback0 ! address-family ipv4 no synchronization no auto-summary exit-address-family ! address-family vpnv4 neighbor 10.0.0.4 activate neighbor 10.0.0.4 send-community extended exit-address-family ! address-family ipv4 vrf blue no synchronization redistribute static exit-address-family ! address-family ipv4 vrf red no synchronization redistribute static exit-address-family ! ip route vrf red 192.168.1.0 255.255.255.0 Serial2/0 ip route vrf blue 172.16.1.0 255.255.255.0 Serial3/0
2011 Cisco Systems, Inc. All rights reserved.

VPNv4 for exchange of VPNv4 prefixes that includes RD and RT PE to CE connectivity

29

Basic MPLS L3 VPN config


4a.) Configuring edge LSR PE2 for MPLS L3 VPN
ip vrf blue rd 100:3 route-target export 3:1 route-target import 3:1 ! ip vrf red rd 100:1 route-target export 1:1 route-target import 1:1 ! interface Serial2/0 ip vrf forwarding red ! interface Serial3/0 ip vrf forwarding blue

2011 Cisco Systems, Inc. All rights reserved.

30

Basic MPLS L3 VPN config


4b.) Configuring edge LSR PE2 for MPLS L3 VPN
router bgp 100 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 10.0.0.1 remote-as 100 neighbor 10.0.0.1 update-source Loopback0 ! address-family ipv4 no synchronization no auto-summary exit-address-family ! address-family vpnv4 neighbor 10.0.0.1 activate neighbor 10.0.0.1 send-community extended exit-address-family ! address-family ipv4 vrf blue no synchronization redistribute static exit-address-family ! address-family ipv4 vrf red no synchronization redistribute static exit-address-family ! ip route vrf red 192.168.2.0 255.255.255.0 Serial2/0 ip route vrf blue 172.16.2.0 255.255.255.0 Serial3/0
2011 Cisco Systems, Inc. All rights reserved.

VPNv4 for exchange of VPNv4 prefixes that includes RD and RT PE to CE connectivity

31

Basic MPLS L3 VPN config


5.) Configuring CE-PE connectivity on CE1 and CE2
site_1_vpn_blue(config)#ip route 172.16.2.0 255.255.255.0 Serial3/0 site_2_vpn_blue(config)#ip route 172.16.1.0 255.255.255.0 Serial3/0 site_1_vpn_red(config)#ip route 192.168.2.0 255.255.255.0 Serial2/0 site_2_vpn_red(config)#ip route 192.168.1.0 255.255.255.0 Serial2/0

2011 Cisco Systems, Inc. All rights reserved.

32

MPLS verification

2011 Cisco Systems, Inc. All rights reserved.

33

MPLS L3 VPN verification


1.) IGP peerings formed in core
P1#show ip ospf neighbor Neighbor ID 10.0.0.3 10.0.0.1 Pri 1 1 State FULL/BDR FULL/DR Dead Time 00:00:37 00:00:32 Address 10.0.23.3 10.0.12.1 Interface Ethernet1/0 Ethernet0/0

P2#show ip ospf neighbor Neighbor ID 10.0.0.2 10.0.0.4 Pri 1 1 State FULL/DR FULL/DR Dead Time 00:00:38 00:00:31 Address 10.0.23.2 10.0.34.4 Interface Ethernet1/0 Ethernet0/0

2011 Cisco Systems, Inc. All rights reserved.

34

MPLS L3 VPN verification


2.) MPLS LDP peerings formed in core
P1#show mpls ldp discovery Local LDP Identifier: 10.0.0.2:0 Discovery Sources: Interfaces: Ethernet0/0 (ldp): xmit/recv LDP Id: 10.0.0.1:0 Ethernet1/0 (ldp): xmit/recv LDP Id: 10.0.0.3:0 P2#show mpls ldp discovery Local LDP Identifier: 10.0.0.3:0 Discovery Sources: Interfaces: Ethernet0/0 (ldp): xmit/recv LDP Id: 10.0.0.4:0 Ethernet1/0 (ldp): xmit/recv LDP Id: 10.0.0.2:0

2011 Cisco Systems, Inc. All rights reserved.

35

MPLS L3 VPN verification


3.) VRF tables and interfaces defined on PE routers
PE1#show ip vrf Name Default RD blue 100:3 red 100:1 PE1#show ip vrf interfaces Interface IP-Address Se3/0 10.3.1.1 Se2/0 10.1.1.1 PE2#show ip vrf Name Default RD blue 100:3 red 100:1 PE2#show ip vrf interfaces Interface IP-Address Se3/0 10.3.2.1 Se2/0 10.1.2.1

Interfaces Se3/0 Se2/0


VRF blue red Interfaces Se3/0 Se2/0 VRF blue red Protocol up up Protocol up up

2011 Cisco Systems, Inc. All rights reserved.

36

MPLS L3 VPN verification


4.) iBGP session formed between PE routers
PE1#show bgp vpnv4 unicast all summary BGP router identifier 10.0.0.1, local AS number 100 BGP table version is 9, main routing table version 9 4 network entries using 564 bytes of memory 4 path entries using 272 bytes of memory 5/4 BGP path/bestpath attribute entries using 380 bytes of memory 2 BGP extended community entries using 48 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 1264 total bytes of memory BGP activity 4/0 prefixes, 4/0 paths, scan interval 15 secs Neighbor 10.0.0.4 V 4 AS 100 MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 36 36 9 0 0 00:27:58 2

2011 Cisco Systems, Inc. All rights reserved.

37

MPLS L3 VPN verification


5a.) IGP labels assigned by LDP path from PE1 to PE2
PE1#traceroute 10.0.0.4 Type escape sequence to abort. Tracing the route to 10.0.0.4 1 10.0.12.2 [MPLS: Label 19 Exp 0] 8 msec 0 msec 0 msec 2 10.0.23.3 [MPLS: Label 16 Exp 0] 4 msec 0 msec 0 msec 3 10.0.34.4 4 msec * 4 msec PE1#show mpls forwarding 10.0.0.4 Local Outgoing Prefix Label Label or VC or Tunnel Id 21 19 10.0.0.4/32 Bytes Label Switched 0 Bytes Label Switched 542879 Outgoing interface Et0/0 Outgoing interface Et1/0 Outgoing interface Et0/0 Next Hop 10.0.12.2 Next Hop 10.0.23.3 Next Hop 10.0.34.4
38

P1#sh mpls forwarding-table 10.0.0.4 Local Outgoing Prefix Label Label or VC or Tunnel Id 19 16 10.0.0.4/32

P2#show mpls forwarding-table 10.0.0.4 Local Outgoing Prefix Bytes Label Label Label or VC or Tunnel Id Switched 16 Pop Label 10.0.0.4/32 583785
2011 Cisco Systems, Inc. All rights reserved.

MPLS L3 VPN verification


5b.) IGP labels assigned by LDP path from PE2 to PE1
PE2#traceroute 10.0.0.1 Type escape sequence to abort. Tracing the route to 10.0.0.1 1 10.0.34.3 [MPLS: Label 18 Exp 0] 4 msec 4 msec 0 msec 2 10.0.23.2 [MPLS: Label 16 Exp 0] 0 msec 4 msec 0 msec 3 10.0.12.1 0 msec * 0 msec PE2#show mpls forwarding-table 10.0.0.1 Local Outgoing Prefix Bytes Label Label Label or VC or Tunnel Id Switched 18 18 10.0.0.1/32 0 Outgoing interface Et0/0 Outgoing interface Et1/0 Outgoing interface Et0/0 Next Hop 10.0.34.3 Next Hop 10.0.23.2 Next Hop 10.0.12.1
39

P2#show mpls forwarding-table 10.0.0.1 Local Outgoing Prefix Bytes Label Label Label or VC or Tunnel Id Switched 18 16 10.0.0.1/32 875801
P1#show mpls forwarding-table 10.0.0.1 Local Outgoing Prefix Bytes Label Label Label or VC or Tunnel Id Switched 16 Pop Label 10.0.0.1/32 940813
2011 Cisco Systems, Inc. All rights reserved.

MPLS L3 VPN verification


6.) VPN labels assigned by BGP
PE1#show bgp vpnv4 unicast vrf red labels Network Next Hop In label/Out label Route Distinguisher: 100:1 (red) 192.168.1.0 0.0.0.0 17/nolabel 192.168.2.0 10.0.0.4 nolabel/21 PE1#show bgp vpnv4 unicast vrf blue labels Network Next Hop In label/Out label Route Distinguisher: 100:3 (blue) 172.16.1.0/24 0.0.0.0 24/nolabel 172.16.2.0/24 10.0.0.4 nolabel/22 PE2#show bgp vpnv4 unicast vrf red labels Network Next Hop In label/Out label Route Distinguisher: 100:1 (red) 192.168.1.0 10.0.0.1 nolabel/17 192.168.2.0 0.0.0.0 21/nolabel PE2#show bgp vpnv4 unicast vrf blue labels Network Next Hop In label/Out label Route Distinguisher: 100:3 (blue) 172.16.1.0/24 10.0.0.1 nolabel/24 172.16.2.0/24 0.0.0.0 22/nolabel

2011 Cisco Systems, Inc. All rights reserved.

40

MPLS L3 VPN verification


7a.) End-to-end connectivity between VPN RED sites
site_1_vpn_red#traceroute 192.168.2.1 source 192.168.1.1 Type escape sequence to abort. Tracing the route to 192.168.2.1 1 2 3 4 5 10.1.1.1 20 msec 10.0.12.2 [MPLS: 10.0.23.3 [MPLS: 10.1.2.1 20 msec 10.1.2.2 40 msec 20 msec 20 msec Labels 19/21 Exp 0] 40 msec 40 msec 40 msec Labels 16/21 Exp 0] 40 msec 40 msec 40 msec 20 msec 20 msec * 40 msec

site_2_vpn_red#traceroute 192.168.1.1 source 192.168.2.1 Type escape sequence to abort. Tracing the route to 192.168.1.1 1 2 3 4 5 10.1.2.1 20 msec 10.0.34.3 [MPLS: 10.0.23.2 [MPLS: 10.1.1.1 20 msec 10.1.1.2 36 msec 20 msec 20 msec Labels 18/17 Exp 0] 40 msec 36 msec 40 msec Labels 16/17 Exp 0] 40 msec 40 msec 40 msec 20 msec 16 msec * 40 msec

2011 Cisco Systems, Inc. All rights reserved.

41

MPLS L3 VPN verification


7b.) End-to-end connectivity between VPN BLUE sites
site_1_vpn_blue#traceroute 172.16.2.1 source 172.16.1.1 Type escape sequence to abort. Tracing the route to 172.16.2.1 1 2 3 4 5 10.3.1.1 20 msec 10.0.12.2 [MPLS: 10.0.23.3 [MPLS: 10.3.2.1 20 msec 10.3.2.2 28 msec 12 msec 20 msec Labels 19/22 Exp 0] 40 msec 40 msec 40 msec Labels 16/22 Exp 0] 40 msec 40 msec 40 msec 20 msec 20 msec * 40 msec

site_2_vpn_blue#traceroute 172.16.1.1 source 172.16.2.1 Type escape sequence to abort. Tracing the route to 172.16.1.1 1 2 3 4 5 10.3.2.1 24 msec 10.0.34.3 [MPLS: 10.0.23.2 [MPLS: 10.3.1.1 20 msec 10.3.1.2 20 msec 12 msec 20 msec Labels 18/24 Exp 0] 40 msec 40 msec 40 msec Labels 16/24 Exp 0] 40 msec 40 msec 40 msec 20 msec 20 msec * 28 msec

2011 Cisco Systems, Inc. All rights reserved.

42

Q and A MPLS

2011 Cisco Systems, Inc. All rights reserved.

43

2011 Cisco Systems, Inc. All rights reserved.

44