MPLS CSC

From IPFlow Netflow Collector

MPLS Carrier Supporting Carrier Example

This is a simple example of MPLS CSC configuration on Cisco routers (using Dynamips and GNS3).

Author: Christophe Fillot - 01-Nov-2007


Table of contents
1 Topology
2 Description
3 Configuring CSC
4 IOS configurations
5 Output of some commands
6 PCAP captures
7 Dynamips/Dynagen/GNS3 configuration
[edit]

Topology

Image:MPLS_CSC_topo.png


[edit]

Description

A client ISP wants to connect two entities (represented by CLI_PE1 and CLI_PE2/CLI_PE3 respectively) of its MPLS/VPN network through another MPLS/VPN backbone (CSC routers).

  • The client ISP is seen as a VPN from the CSC backbone (VRF "VPN1" in CSC routers)
  • The client ISP has its own VPNs, independently of the CSC backbone (VRF "VPNA" in CLI routers)
  • The client ISP is 6PE-enabled, to show that it perfectly works through a CSC backbone.


[edit]

Configuring CSC

This is very easy: on VRF interfaces going to CLI routers, just add "mpls ip": 

CSC_PE1#sh run int fa1/0
Building configuration...

Current configuration : 141 bytes
!
interface FastEthernet1/0
 description To CLI_PE1
 ip vrf forwarding VPN1
 ip address 100.0.1.1 255.255.255.252
 duplex half
 mpls ip
end

Then, check that the LDP adjacency is established: 

CSC_PE1#sh mpls ldp nei vrf VPN1
    Peer LDP Ident: 100.100.0.1:0; Local LDP Ident 100.0.1.1:0
        TCP connection: 100.100.0.1.40052 - 100.0.1.1.646
        State: Oper; Msgs sent/rcvd: 152/151; Downstream
        Up time: 02:05:35
        LDP discovery sources:
          FastEthernet1/0, Src IP addr: 100.0.1.2
        Addresses bound to peer LDP Ident:
          100.0.1.2       100.100.0.1


To exchange routes between CSC_PE1 and CLI_PE1, and between CSC_PE2 and CLI_PE2, OSPF is used: 

CSC_PE1#sh run | begin ^router ospf 200
router ospf 200 vrf VPN1
 log-adjacency-changes
 redistribute bgp 65000 metric-type 1 subnets
 network 100.0.0.0 0.255.255.255 area 0
!


[edit]

IOS configurations

IOS configurations for CSC backbone:

  • CSC_P (http://www.ipflow.utc.fr/configs/MPLS_CSC/CSC_P.cfg)
  • CSC_PE1 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CSC_PE1.cfg)
  • CSC_PE2 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CSC_PE2.cfg)


IOS configurations for Client backbone:

  • CLI_PE1 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CLI_PE1.cfg)
  • CLI_PE2 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CLI_PE2.cfg)
  • CLI_PE3 (http://www.ipflow.utc.fr/configs/MPLS_CSC/CLI_PE3.cfg)


[edit]

Output of some commands

On CLI_PE1 (initiating the pings to CLI_PE3): 

CLI_PE1#sh ip ro vrf VPNA 
     200.0.0.0/32 is subnetted, 3 subnets
C       200.0.0.1 is directly connected, Loopback100
B       200.0.0.2 [200/0] via 100.100.0.2, 01:19:24
B       200.0.0.3 [200/0] via 100.100.0.3, 01:06:39

CLI_PE1#sh ip cef vrf VPNA 200.0.0.3
200.0.0.3/32, version 8, epoch 0, cached adjacency 100.0.1.1
0 packets, 0 bytes
  tag information set
    local tag: VPN-route-head
    fast tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24 20}
  via 100.100.0.3, 0 dependencies, recursive
    next hop 100.0.1.1, FastEthernet0/0 via 100.100.0.3/32
    valid cached adjacency
    tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24 20}

CLI_PE1#sh ipv6 route
LC  FEC0:1000::1/128 [0/0]
     via ::, Loopback0
B   FEC0:1000::2/128 [200/0]
     via ::FFFF:100.100.0.2, IPv6-mpls
B   FEC0:1000::3/128 [200/0]
     via ::FFFF:100.100.0.3, IPv6-mpls
L   FF00::/8 [0/0]
     via ::, Null0

CLI_PE1#sh ipv6 cef FEC0:1000::3
FEC0:1000::3/128
     nexthop ::FFFF:100.100.0.3
    fast tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24 21}

The first label (24) is used to reach 100.100.0.3 (Loopback0 of CLI_PE3): 

CLI_PE1#sh ip cef 100.100.0.3
100.100.0.3/32, version 14, epoch 0, cached adjacency 100.0.1.1
0 packets, 0 bytes
  tag information set, shared
    local tag: 19
    fast tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24}
  via 100.0.1.1, FastEthernet0/0, 1 dependency
    next hop 100.0.1.1, FastEthernet0/0
    valid cached adjacency
    tag rewrite with Fa0/0, 100.0.1.1, tags imposed: {24}


We can see below how labels 20 and 21 are handled by CLI_PE3: 

CLI_PE3#sh mpls for
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
16     Pop tag     100.100.0.2/32    0          Fa0/0      100.0.23.1   
17     Pop tag     100.0.2.0/30      0          Fa0/0      100.0.23.1   
18     18          100.0.1.0/30      0          Fa0/0      100.0.23.1   
19     19          100.100.0.1/32    0          Fa0/0      100.0.23.1   
20     Aggregate   200.0.0.3/32[V]   5288                               
21     Aggregate   FEC0:1000::3/128  1040


On CSC_PE1, we have the following MPLS forwarding table: 

CSC_PE1#sh mpls for
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
16     Pop tag     10.10.0.0/32      0          Fa0/0      10.0.1.1     
17     Pop tag     10.0.2.0/30       0          Fa0/0      10.0.1.1     
18     17          10.10.0.2/32      0          Fa0/0      10.0.1.1     
19     Aggregate   100.0.1.0/30[V]   3756                               
20     Pop tag     100.100.0.1/32[V] 17404      Fa1/0      100.0.1.2    
21     19          100.0.2.0/30[V]   0          Fa0/0      10.0.1.1     
22     20          100.0.23.0/30[V]  0          Fa0/0      10.0.1.1     
23     21          100.100.0.2/32[V] 7703       Fa0/0      10.0.1.1     
24     22          100.100.0.3/32[V] 4666       Fa0/0      10.0.1.1

Let's take a look on how label 24 is handled: 

CSC_PE1#sh mpls for lab 24 det
Local  Outgoing    Prefix            Bytes tag  Outgoing   Next Hop    
tag    tag or VC   or Tunnel Id      switched   interface              
24     22          100.100.0.3/32[V] 4666       Fa0/0      10.0.1.1     
        MAC/Encaps=14/22, MRU=1496, Tag Stack{17 22}
        CA1368530000CA12685300008847 0001100000016000
        VPN route: VPN1
        No output feature configured
    Per-packet load-sharing

We can see that label 24 is popped and replaced by 2 labels (17 and 22), corresponding to 100.100.0.3 in VRF "VPN1". On CLI_PE1, we saw that the labels used to reach 200.0.0.3 in vrf VPNA are "{24 20}", and that the labels used to reach FEC0:1000::3 are "{24 21}".

It means that when the packets leave CSC_PE1, there are 3 labels in the stack:

  • {17 22 20} for 200.0.0.3 in vrf VPNA
  • {17 22 21} for FEC0:1000::3

You can observe this in the PCAP file (to be used with Wireshark).

Traceroute Example: 

CLI_PE1#trace vrf VPNA 200.0.0.3    

Type escape sequence to abort.
Tracing the route to 200.0.0.3

  1 10.0.1.2 [MPLS: Labels 24/20 Exp 0] 12 msec 32 msec 28 msec
  2 10.0.1.1 [MPLS: Labels 17/22/20 Exp 0] 20 msec 68 msec 4 msec
  3 100.0.2.1 [MPLS: Labels 22/20 Exp 0] 72 msec 12 msec 24 msec
  4 100.0.2.2 [MPLS: Labels 16/20 Exp 0] 24 msec 28 msec 24 msec
  5 200.0.0.3 28 msec *  40 msec


[edit]

PCAP captures

This PCAP capture (http://www.ipflow.utc.fr/configs/MPLS_CSC/mpls_csc.cap) shows the label stack in packets received by CSC_P, when pinging from CLI_PE1 to CLI_PE3.

Here are the screenshots from Wireshark:

  • IPv4 ping (http://www.ipflow.utc.fr/configs/MPLS_CSC/wireshark_ping_v4.png)
  • IPv6 ping (http://www.ipflow.utc.fr/configs/MPLS_CSC/wireshark_ping_v6.png)


[edit]

Dynamips/Dynagen/GNS3 configuration

You can use this configuration file (http://www.ipflow.utc.fr/configs/MPLS_CSC/mpls_csc.net) directly with Dynagen or GNS3. Change the working directory and Cisco IOS image path to match your needs.

Retrieved from "http://www.ipflow.utc.fr/index.php/MPLS_CSC"