MPLS: Layer 3 VPNs - Chap13 MPLS VPN per Customer Edge (CE) Label

Configuration Guides（IOS XE Everest 16.6）

Multiprotocol Label Switching (MPLS)
MPLS: Layer 3 VPNs Configuration Guide,
Chap13 MPLS VPN per Customer Edge (CE) Label

■ 1 ■ Configuration Guides

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16-6/mp-l3-vpns-xe-16-6-book/mpls-vpn-per-customer-edge-ce-label.html

■ 2 ■ 雑に言うと．．．
”PEだけでなくCEにもlabelつける”

■ 3 ■ config
----- CE_A1 -------------------------------------

router ospf 1
network 10.1.1.0 0.0.0.255 area 0
network 192.168.1.0 0.0.0.255 area 0

----- CE_A2 -------------------------------------

router ospf 1
network 10.10.1.0 0.0.0.255 area 0
network 172.16.1.0 0.0.0.255 area 0

----- CE_B1 -------------------------------------

router ospf 2
network 10.2.1.0 0.0.0.255 area 0
network 192.168.10.0 0.0.0.255 area 0

----- CE_B2 -------------------------------------

router ospf 2
network 10.20.1.0 0.0.0.255 area 0
network 172.16.2.0 0.0.0.255 area 0

----- PE1(PE2) ----------------------------------
============================
vrf ALPHA (int g1)
============================
ip vrf ALPHA
rd 100:100
route-targe both 100:100
!
interface GigabitEthernet1
ip vrf forwarding ALPHA
ip address 10.1.1.2 255.255.255.0
!
router ospf 1 vrf ALPHA
redistribute bgp 100
network 10.1.1.0 0.0.0.255 area 0

============================
vrf BETA (int g2)
============================
ip vrf BETA
rd 100:200
route-target both 100:200
!
interface GigabitEthernet2
ip vrf forwarding BETA
ip address 10.2.1.2 255.255.255.0
!
router ospf 2 vrf BETA
redistribute bgp 100
network 10.2.1.0 0.0.0.255 area 0

============================
MP-BGP
============================
router bgp 100
bgp router-id 10.10.10.101
neighbor 10.250.1.2 remote-as 100
!
address-family vpnv4
neighbor 10.250.1.2 activate
neighbor 10.250.1.2 send-community extended
exit-address-family
!
address-family ipv4 vrf ALPHA
redistribute ospf 1
exit-address-family
!
address-family ipv4 vrf BETA
redistribute ospf 2
exit-address-family

============================
MPLS
============================
interface GigabitEthernet3
ip address 10.250.1.1 255.255.255.0
mpls ip
!
mpls label mode all-vrfs protocol bgp-vpnv4 per-ce

■ 3 ■ 確認
----- CE_A1 Routing --------------------------

CE_A1#sh ip rou ospf | b Gate
Gateway of last resort is 192.168.2.1 to network 0.0.0.0

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.10.1.0/24 [110/2] via 10.1.1.2, 00:50:23, GigabitEthernet1
172.16.0.0/32 is subnetted, 1 subnets
O IA 172.16.1.1 [110/3] via 10.1.1.2, 00:50:23, GigabitEthernet1
CE_A1#
CE_A1#traceroute 172.16.1.1
Type escape sequence to abort.
Tracing the route to 172.16.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.1.2 1 msec 1 msec 1 msec
2 10.10.1.2 [MPLS: Label 18 Exp 0] 1 msec 2 msec 2 msec
3 10.10.1.1 4 msec * 3 msec
CE_A1#

----- CE_A2 Routing --------------------------

CE_A2#sh ip rou ospf | b Ga
Gateway of last resort is 192.168.2.1 to network 0.0.0.0

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.1.1.0/24 [110/2] via 10.10.1.2, 01:18:11, GigabitEthernet1
192.168.1.0/32 is subnetted, 1 subnets
O IA 192.168.1.1 [110/3] via 10.10.1.2, 01:11:10, GigabitEthernet1
CE_A2#
CE_A2#traceroute 192.168.1.1
Type escape sequence to abort.
Tracing the route to 192.168.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.10.1.2 12 msec 0 msec 1 msec
2 10.1.1.2 [MPLS: Label 21 Exp 0] 2 msec 1 msec 1 msec
3 10.1.1.1 1 msec * 1 msec
CE_A2#

----- CE_B1 Routing --------------------------

CE_B1#sh ip rou ospf | b Ga
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.20.1.0/24 [110/2] via 10.2.1.2, 01:19:33, GigabitEthernet2
172.16.0.0/32 is subnetted, 1 subnets
O IA 172.16.2.1 [110/3] via 10.2.1.2, 01:19:33, GigabitEthernet2
CE_B1#
CE_B1#traceroute 172.16.2.1
Type escape sequence to abort.
Tracing the route to 172.16.2.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.2.1.2 1 msec 1 msec 1 msec
2 10.20.1.2 [MPLS: Label 20 Exp 0] 1 msec 1 msec 1 msec
3 10.20.1.1 1 msec * 1 msec
CE_B1#

----- CE_B2 Routing --------------------------

CE_B2#sh ip rou ospf | b Gate
Gateway of last resort is 192.168.2.1 to network 0.0.0.0

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
O IA 10.2.1.0/24 [110/2] via 10.20.1.2, 01:31:27, GigabitEthernet2
192.168.10.0/32 is subnetted, 1 subnets
O IA 192.168.10.1 [110/3] via 10.20.1.2, 00:00:11, GigabitEthernet2
CE_B2#
CE_B2#traceroute 192.168.10.1
Type escape sequence to abort.
Tracing the route to 192.168.10.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.20.1.2 1 msec 1 msec 1 msec
2 10.2.1.2 [MPLS: Label 19 Exp 0] 1 msec 1 msec 0 msec
3 10.2.1.1 1 msec * 2 msec
CE_B2#

----- PE1 Routing ----------------------------

PE1#sh ip rou vrf ALPHA | b Gate
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.1.1.0/24 is directly connected, GigabitEthernet1
L 10.1.1.2/32 is directly connected, GigabitEthernet1
B 10.10.1.0/24 [200/0] via 10.250.1.2, 00:01:25
172.16.0.0/32 is subnetted, 1 subnets
B 172.16.1.1 [200/2] via 10.250.1.2, 00:01:25
192.168.1.0/32 is subnetted, 1 subnets
O 192.168.1.1 [110/2] via 10.1.1.1, 01:30:20, GigabitEthernet1
PE1#
PE1#sh ip rou vrf BETA | b Gate
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
C 10.2.1.0/24 is directly connected, GigabitEthernet2
L 10.2.1.2/32 is directly connected, GigabitEthernet2
B 10.20.1.0/24 [200/0] via 10.250.1.2, 00:01:31
172.16.0.0/32 is subnetted, 1 subnets
B 172.16.2.1 [200/2] via 10.250.1.2, 00:01:31
192.168.10.0/32 is subnetted, 1 subnets
O 192.168.10.1 [110/2] via 10.2.1.1, 00:06:11, GigabitEthernet2
PE1#
PE1#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.168.2.1/32 0 Gi6 192.168.2.1
17 No Label 10.1.1.0/24[V] 570 aggregate/ALPHA
18 No Label 10.2.1.0/24[V] 570 aggregate/BETA
20 No Label nh-id(6) 570 Gi1 10.1.1.1
23 No Label nh-id(7) 0 Gi2 10.2.1.1
PE1#

----- PE2 Routing ----------------------------

PE2#sh ip rou vrf ALPHA | b Ga
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.1.1.0/24 [200/0] via 10.250.1.1, 00:02:23
C 10.10.1.0/24 is directly connected, GigabitEthernet1
L 10.10.1.2/32 is directly connected, GigabitEthernet1
172.16.0.0/32 is subnetted, 1 subnets
O 172.16.1.1 [110/2] via 10.10.1.1, 04:27:18, GigabitEthernet1
192.168.1.0/32 is subnetted, 1 subnets
B 192.168.1.1 [200/2] via 10.250.1.1, 00:02:23
PE2#
PE2#sh ip rou vrf BETA | b Ga
Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
B 10.2.1.0/24 [200/0] via 10.250.1.1, 00:02:32
C 10.20.1.0/24 is directly connected, GigabitEthernet2
L 10.20.1.2/32 is directly connected, GigabitEthernet2
172.16.0.0/32 is subnetted, 1 subnets
O 172.16.2.1 [110/2] via 10.20.1.1, 04:28:07, GigabitEthernet2
192.168.10.0/32 is subnetted, 1 subnets
B 192.168.10.1 [200/2] via 10.250.1.1, 00:02:32
PE2#
PE2#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.168.2.1/32 0 Gi6 192.168.2.1
17 No Label 10.10.1.0/24[V] 113742020 aggregate/ALPHA
18 No Label nh-id(5) 126 Gi1 10.10.1.1
19 No Label 10.20.1.0/24[V] 1036 aggregate/BETA
20 No Label nh-id(6) 126 Gi2 10.20.1.1
PE2#

■ 4 ■ Command References
mpls label mode
https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mpls/command/mp-cr-book/mp-m1.html#wp1097534916

PE Global configuration (config)
mpls label mode all-vrfs protocol bgp-vpnv4 per-ce
-----------------------------------------------
MP-BGP vnpv4 で今回は、ce向けのlabelなので、pre-ce
bgp-vpnv4
Specifies the IPv4 VRF address-family protocol for the label mode configuration.

per-ce
Specifies per-CE label mode.
-----------------------------------------------

-----------------------------------------------

CE_A1#traceroute 172.16.1.1
Type escape sequence to abort.
Tracing the route to 172.16.1.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.1.1.2 2 msec 6 msec 4 msec
2 10.10.1.2 [MPLS: Label 18 Exp 0] 7 msec 5 msec 6 msec
3 10.10.1.1 2 msec * 2 msec
CE_A1#

2 10.10.1.2 [MPLS: Label 18 Exp 0] 7 msec 5 msec 6 msec
この”Lable 18 ”は、

　PE2#sh mpls forwarding-table
　Local Outgoing Prefix Bytes Label Outgoing Next Hop
　Label Label or Tunnel Id Switched interface
　16 No Label 192.168.2.1/32 0 Gi6 192.168.2.1
　17 No Label 10.10.1.0/24[V] 113742590 aggregate/ALPHA
★18 No Label nh-id(5) 822 Gi1 10.10.1.1
　19 No Label 10.20.1.0/24[V] 1606 aggregate/BETA
　20 No Label nh-id(6) 696 Gi2 10.20.1.1
　
★の行のLabel 18のことである
-----------------------------------------------
CE_B2#traceroute 192.168.10.1
Type escape sequence to abort.
Tracing the route to 192.168.10.1
VRF info: (vrf in name/id, vrf out name/id)
1 10.20.1.2 1 msec 0 msec 1 msec
2 10.2.1.2 [MPLS: Label 23 Exp 0] 1 msec 1 msec 1 msec
3 10.2.1.1 2 msec * 1 msec
CE_B2#

-----------------------------------------------
一旦つけたlabelを剥がすのは少し時間がかかる

no mpls label mode all-vrfs protocol bgp-vpnv4 per-ce
で消せるが、LFIBテーブルはすぐには消えない。
色々試したが、待つ以外分からんかった。

clear mpls counter
clear mpls ldp neighbpr *
clear ip bgp * <------------- 余計にダメ

しばらく待てば、LFIBテーブルから消える

PE1#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.168.2.1/32 0 Gi6 192.168.2.1
17 No Label 10.1.1.0/24[V] 0 aggregate/ALPHA
18 No Label 10.2.1.0/24[V] 0 aggregate/BETA
19 No Label nh-id(5) 0 drop
20 No Label nh-id(6) 0 Gi1 10.1.1.1
21 No Label nh-id(3) 0 drop
23 No Label nh-id(7) 0 Gi2 10.2.1.1
PE1#
PE1#
PE1#
PE1#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
16 No Label 192.168.2.1/32 0 Gi6 192.168.2.1
17 No Label 10.1.1.0/24[V] 570 aggregate/ALPHA
18 No Label 10.2.1.0/24[V] 570 aggregate/BETA
20 No Label nh-id(6) 570 Gi1 10.1.1.1
23 No Label nh-id(7) 0 Gi2 10.2.1.1
PE1#