Professional Documents
Culture Documents
BRKCRT-2601 - VRF, MPLS and MP-BGP Fundamentals - Barcelona - 2020
BRKCRT-2601 - VRF, MPLS and MP-BGP Fundamentals - Barcelona - 2020
Fundamentals
BRKCRT-2601
Cisco Webex Teams
Questions?
Use Cisco Webex Teams to chat
with the speaker after the session
How
1 Find this session in the Cisco Events Mobile App
2 Click “Join the Discussion”
3 Install Webex Teams or go directly to the team space
4 Enter messages/questions in the team space
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 3
Agenda
• Introduction to Virtualization
• VRF-Lite
• MPLS & BGP Free Core
• Multiprotocol BGP (MP-BGP)
• Conclusion
• Q&A
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 4
3 Networks Walk into a…
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 5
What is a VRF?
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 6
Enterprise Network Virtualization
Key Building Blocks
Si
VRF
VRF
Global
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 7
Device Partitioning
Layer 2 vs. Layer 3 Virtualization
VRF VRF
VRF
Global
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 8
Path Isolation
Functional Components
Per VRF:
Device Virtualization Virtual Routing Table
Virtual Forwarding Table
Control plane Virtualization
MPLS-VPN 802.1q
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 9
VRF-Lite
What is VRF-Lite? Per VRF:
Functional Components Virtual Routing Table
Virtual Forwarding Table
WAN/Campus
VRF VRF
VRF VRF
VRF VRF
A VRF supports it’s own Routing Information Base (RIB) and Forwarding Information Base (FIB)
Leverages “Virtual” encapsulation for separation:
Ethernet/802.1Q, GRE, Frame Relay
Routing protocols are “VRF aware”
RIP/v2, EIGRP, OSPF, BGP, static (per VRF)
Layer 3 interfaces can only belong to a single VRF
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 11
VRF-Lite
Things to Remember
VLAN 10
VLAN 20
number of VRFs
VLAN 16
VLAN 15 VLAN 26
VLAN 25
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 12
VRF-Lite Per VRF:
Sub-interface Example Virtual Routing Table
Virtual Forwarding Table
Locally Significant
Lo1 R1 R2 Lo1
.1 .2
VLAN 12
VRF-R VRF-R
1.1.1.1 Lo2
VRF-E
VLAN 112
VRF-E
Lo2 2.2.2.2
VLAN 212
VRF-O VRF-O
Lo3 .1 .2 Lo3
F0/0.X IGPs:
VLAN X
VRF-R = RIP
VLAN 114
VLAN 214
VLAN 223
VLAN 123
10.1.X.0/24
VLAN 14
VLAN 23
VRF-E = EIGRP
Sub-interface/VLAN/VRF Mapping
VRF-O = OSPF
.4 .3
Lo1 Lo1
VLAN 34
4.4.4.4 Lo2
VRF-R
VRF-E
VLAN 134
VRF-R
VRF-E Lo2 3.3.3.3
VLAN 234
VRF-O VRF-O
.4 .3
Lo3 R4 R3 Lo3
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 13
VRF-Lite Sub-interface Configuration
Command Line Interface (CLI) Review
ip vrf VRF-R
interface FastEthernet0/0.12
ip vrf forwarding VRF-R
interface Loopback1
ip vrf forwarding VRF-R
ip vrf VRF-E
interface FastEthernet0/0.112
ip vrf forwarding VRF-E
interface Loopback3
ip vrf forwarding VRF-O
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 14
VRF-Lite Sub-interface Configuration
Command Line Interface (CLI) Review – VRF Definition Example
vrf definition VRF-R
address-family ipv4
interface FastEthernet0/0.12
vrf forwarding VRF-R
interface Loopback1
vrf forwarding VRF-R
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 15
Multiprotocol VRF Conversion Configuration
Command Line Interface (CLI) Review
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 16
VRF Aware RIP Configuration
Command Line Interface (CLI) Review
Leverage what you already know!
router rip
version 2
network 1.0.0.0
network 10.0.0.0
no auto-summary
router rip
!
address-family ipv4 vrf VRF-R
network 1.0.0.0
network 10.0.0.0
no auto-summary
version 2
exit-address-family
VRF
RIP leverages address-family ipv4 vrf ______
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 17
VRF Aware EIGRP Configuration
Command Line Interface (CLI) Review
Leverage what you already know!
router eigrp 10
network 1.1.1.1 0.0.0.0
network 10.1.112.0 0.0.0.255
no auto-summary
router eigrp 10 (AS can be the same or different as one of the VRFs!!!)
auto-summary
!
address-family ipv4 vrf VRF-E
network 1.1.1.1 0.0.0.0
network 10.1.112.0 0.0.0.255
no auto-summary
autonomous-system 10
exit-address-family
VRF
EIGRP leverages address-family ipv4 vrf ______
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 18
VRF Aware OSPF Configuration
Command Line Interface (CLI) Review
Leverage what you already know!
router ospf 1
log-adjacency-changes
network 1.1.1.1 0.0.0.0 area 1
network 10.1.212.0 0.0.0.255 area 0
VRF
OSPF leverages vrf ______ after the unique
process number
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 19
Live Exploration
No Sub-interface Support? No Problem!
GRE Example
VRF-Lite can also leverage GRE tunnels
Lo11 R1 R2 as a segmentation technology Lo1
.1 .2
Tunnel 12
Each VRF uses a unique GRE tunnel
VRF-R VRF-R
1.1.1.1 Lo12
VRF-E
Tunnel 112
VRF-E
VRF-O
Tunnel 212
VRF-O GRE tunnel interface is “VRF aware”
Lo13 .1 .2 Lo13
Tunnel X
Tunnel 114 10.1.X.0/24
Tunnel 214
Tunnel 223
Tunnel 123
Tunnel 14
Tunnel 23
Tunnel/VRF Mapping
.4 .3
Lo11 Lo11
Tunnel 34
4.4.4.4 Lo12
VRF-R
VRF-E
Tunnel 134
VRF-R
VRF-E Lo12 3.3.3.3
Tunnel 234
VRF-O VRF-O
.4 .3
Lo13 R4 R3 Lo13
Configuration Note: Each GRE Tunnel Could Require Unique Source/Destination IP (Platform Dependent)
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 21
VRF-Lite Tunnel Configuration
Command Line Interface (CLI) Review
ip vrf VRF-S
Leverage what you already know!
rd 11:11
interface Tunnel12
ip vrf forwarding VRF-S
ip address 10.1.12.1 255.255.255.0
tunnel source Loopback101
tunnel destination 22.22.22.22
ip vrf VRF-S
rd 22:22
VRF
interface Loopback102
ip address 22.22.22.22 255.255.255.255 (Global Routing Table)
interface Tunnel12
ip vrf forwarding VRF-S ip route vrf VRF-S 1.1.1.1 255.255.255.255 10.1.12.1
ip address 10.1.12.2 255.255.255.0
tunnel source Loopback102
tunnel destination 11.11.11.11
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 22
Layer 2 Serial Link? No Problem?
Back-to-Back Frame Relay Example
VRF-Lite can also leverage Frame Relay
Lo111 R1 R2 Sub-interfaces
Lo1
as a segmentation
.1 .2 technology
Serial1/0.12
1.1.1.1 Lo112
VRF-R
VRF-E
Serial1/0.112
VRF-R
VRF-E
Each VRF uses a unique Frame-Relay
Serial1/0.212
VRF-O VRF-O
sub-interface and DLCI
Lo113 .1 .2 Lo3
Serial1/0.X
Serial1/1.114 Serial1/1.X Frame Relay sub-interface is “VRF aware”
Serial1/1.214
Serial1/1.223
Serial1/1.123
Serial1/1.14
Serial1/1.23
10.1.X.0/24
FR VC/VRF Mapping
.4 .3
Lo111 Lo111
Serial1/0.34
4.4.4.4 Lo112
VRF-R
VRF-E
Serial1/0.134
VRF-R
VRF-E Lo112 3.3.3.3
Serial1/0.234
VRF-O VRF-O
.4 .3
Lo113 R4 R3 Lo113
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 23
VRF-Lite Back-to-Back Frame Relay Configuration
Command Line Interface (CLI) Review
ip vrf VRF-B
Leverage what you already know!
rd 111:111 router bgp 1
address-family ipv4 vrf VRF-B
interface Serial1/0 neighbor 10.1.12.2 remote-as 2
encapsulation frame-relay neighbor 10.1.12.2 activate
no keepalive no synchronization
network 1.1.1.1 mask 255.255.255.255
Interface Serial1/0.12 point-to-point exit-address-family
ip vrf forwarding VRF-B
ip address 10.1.12.1 255.255.255.0
frame-relay interface-dlci 201
ip vrf VRF-B
rd 222:222
interface Serial1/0
encapsulation frame-relay VRF
no keepalive
router bgp 2
Interface Serial1/0.12 point-to-point address-family ipv4 vrf VRF-B
ip vrf forwarding VRF-B neighbor 10.1.12.1 remote-as 1
ip address 10.1.12.2 255.255.255.0 neighbor 10.1.12.1 activate
frame-relay interface-dlci 201 no synchronization
network 2.2.2.2 mask 255.255.255.255
exit-address-family
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 24
Live Exploration
VRF-Lite
Summary
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 26
MPLS
& BGP Free Core
What Is MPLS?
Most
Painful
Learn
Study
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 28
What Is MPLS?
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 29
MPLS
Component Overview
• SP advertises CE routes to other CEs * Labels are not exchanged with the SP
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 30
IP Routing
IGP vs. BGP
IGP transport
F0/0 10.2.1.1
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 31
MPLS Label Switched Path (LSP) Setup with LDP
Assignment of Remote Labels
• Local label mappings are sent to Forwarding Table Forwarding Table Forwarding Table
connected nodes In Address Out Out
Label Prefix I’faceLabel
In Address Out Out In Address Out Out
Label Prefix I’faceLabel Label Prefix I’faceLabel
- 2.2.2.2 F0/0 20 20 2.2.2.2 F0/0 30 30 10.2.1.1 F0/0 -
• Receiving nodes update forwarding - … … … … … … …
table … … … … … … … … … … … …
• Out label
F0/0 10.2.1.1
VRF
• LDP label advertisement happens in F0/0 F0/0
PE2
parallel (downstream unsolicited) PE1
P
Label Distribution
Protocol (LDP) BGP Update:
(Downstream You Can Reach 10.2.1.1 Thru Me
Allocation) By routing towards 2.2.2.2
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 32
Control Plane for VPN Routes
Assignment of VPN Labels
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 33
MPLS Traffic Forwarding with LDP
Hop-by-hop Traffic Forwarding Using Labels
• Ingress PE node adds labels to Forwarding Table Forwarding Table Forwarding Table
packet (push) In Address Out Out
Label Prefix I’faceLabel
In Address Out Out In Address Out Out
Label Prefix I’faceLabel Label Prefix I’faceLabel
• Via MPLS forwarding table - 2.2.2.2 F0/0 20 20 2.2.2.2 F0/0 30 30 10.2.1.1 F0/0 -
- … … … - … … …
• Transport label … … … … … … … … … … … …
P
• Outgoing interface 10.2.1.1 Data 20 V 2.2.2.2 Data 30 V 2.2.2.2 Data 10.2.1.1 Data
• Out label
Forwarding based on Label towards BGP
• Egress PE removes label and Next-Hop (Loopback of far end router) BGP Update:
forwards original packet (pop) You Can Reach 10.2.1.1 Thru Me
By routing towards 2.2.2.2
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 34
BGP Free Core
Component Overview
Site 1
VPNv4 iBGP Relationship Site 2
10.1.1.0/24 10.2.1.0/24
CE1 CE2
P1 P2
PE1 PE2
P3 P4
OSPF Area 0
Redistribute Redistribute
IGP/Static Into BGP IGP/Static Into BGP
End-to-End BGP and redistribution of routes into OSPF core not necessary!
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 35
Multiprotocol BGP
(MP-BGP)
Multiprotocol BGP (MP-BGP)
Bringing It All Together
10.1.1.0/24 10.2.1.0/24
Site 1 Next-Hop=CE1
VPNv4 iBGP Relationship
Next-Hop=CE2 Site 2
10.1.1.0/24 10.2.1.0/24
CE1 CE2
VRF VRF
10.2.1.0/24 P1 P2 10.1.1.0/24
Next-Hop=PE1 PE1 PE2 Next-Hop=PE2
P3 P4
OSPF Area 0
Redistribute Redistribute
IGP/Static Into BGP IGP/Static Into BGP
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 37
What is a VPNv4 Address?
Use Case VPNv4 iBGP Relationship
VRF A P1 P2 VRF A
PE1
Cust B Site 1 VRF B PE2
VRF B Cust B Site 2
10.1.1.0/24 P3 P4 10.2.1.0/24
CE1 OSPF Area 0 222:1:10.1.1.0/24 CE2
10.1.1.0/24 10.2.1.0/24
222:1:10.2.1.0/24
VPNv4 prefixes are the combination of a 64-bit RD and a 32-bit IPv4 prefix. VPNv4 prefixes are 96-bits in length
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 38
To Import or Not to Import? That IS the Question!
Use Case VPNv4 iBGP Relationship
VRF A
VRF B
Cust A Site 1 Import 222:1 Cust A Site 2
Import 333:1 Import 111:1
10.1.1.0/24 Export 222:1 10.1.2.0/24
CE1 Import 444:1 CE1
Export 111:1
VRF A P1 P2 VRF B
PE1
Cust A Site 3 VRF C PE2
VRF D Cust A Site 4
10.1.3.0/24 VRF C P3 P4 10.1.4.0/24
VRF D
CE1
Import 111:1 OSPF Area 0 CE1
Import 111:1
Export 333:1
Export 444:1
Route Targets are a 64-bit value and are carried in BGP as an extended community
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 39
MPLS VPN and MP-BGP
Command Line Interface (CLI) Review
CE
Customer 1 VRF VRF-1 P P VRF VRF-1
PE PE CE
EIGRP, OSPF, RIPv2, BGP, Static
VPN Backbone IGP
CE P CE
Customer 2 P
VRF VRF-2
VRF VRF-2
VRF Configuration (PE)
! PE Router – Multiple VRFs MP-iBGP – VPNv4
ip vrf VRF-1 MP-iBGP Configuration (PE) Label Exchange
! PE router
rd 65100:10
router bgp 65102
route-target import 65102:10
no bgp default ipv4-unicast
route-target export 65102:10
ip vrf VRF-2 neighbor 2.2.2.2 remote-as 65102
rd 65100:20 !
route-target import 65102:20 address-family vpnv4
route-target export 65102:20 neighbor 2.2.2.2 activate
! neighbor 2.2.2.2 send-community extended
Interface FastEthernet0/1.10 exit-address-family
ip vrf forwarding VRF-1 !
Interface FastEthernet0/1.20 address-family ipv4 vrf VRF-1
ip vrf forwarding VRF-2 redistribute rip
exit-address-family
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 40
Live Exploration
MPLS VPN Technology Summary
MPLS VPN Connection Model
Global Address Space
CE P P
VPN 2 VRF Green PE
EIGRP, OSPF, RIPv2, BGP,
PE
Static VPN Backbone IGP
VPN 1 P P
VRF Blue
CE
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 43
What Is MPLS?
Master
Share Practice
Learn
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 44
LinkedIn: http://www.linkedin.com/in/jgooley
Twitter: @Jason_Gooley | @MetalDevOps
YouTube: @MetalDevOps
http://www.MetalDevOps.com
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 45
Q&A
Complete your
online session
survey • Please complete your session survey
after each session. Your feedback
is very important.
• Complete a minimum of 4 session
surveys and the Overall Conference
survey (starting on Thursday) to
receive your Cisco Live t-shirt.
• All surveys can be taken in the Cisco Events
Mobile App or by logging in to the Content
Catalog on ciscolive.com/emea.
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 47
Continue your education
BRKCRT-2601 © 2020 Cisco and/or its affiliates. All rights reserved. Cisco Public 48
Thank you