SG

SG

Jumat, 09 Desember 2011

Troubleshoot MPLS VPN

there is a question about MPLS VPN, how to connect CE-R22 and CE-R15.
i share u the config of router that involve between R22 and R15

R22
ip cef
no ip domain lookup
key chain cisco
 key 1
  key-string cisco

interface Loopback0
 ip address 22.22.22.22 255.255.255.255
!
interface Ethernet0/0
 ip address 171.234.234.2 255.255.255.0
 ip authentication mode eigrp 100 md5
 ip authentication key-chain eigrp 100 cisco
 full-duplex
interface Serial1/0
 ip address 171.3.22.22 255.255.255.0
 encapsulation ppp
 serial restart-delay 0
 no fair-queue
 ppp chap hostname cisco
 ppp chap password 0 cisco
router eigrp 100
 network 22.0.0.0
 network 171.3.0.0
 network 171.234.0.0
 no auto-summary
!
ip http server
no ip http secure-server
clock set 15:50:00 mar 26 2010


R1

ip cef
no ip domain lookup
mpls label protocol ldp
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
 no clns route-cache
!
interface Ethernet0/0
 ip address 171.15.15.1 255.255.255.0
 half-duplex
 no clns route-cache
!
interface Ethernet0/1
 ip address 171.14.14.1 255.255.255.0
 ip access-group 101 in
 rate-limit input 8000 1500 2000 conform-action transmit exceed-action drop
 rate-limit input access-group 101 8000 1500 2000 conform-action transmit exceed-action drop
 half-duplex
 no clns route-cache
!
interface Ethernet0/2
 ip address 171.13.13.1 255.255.255.0
 half-duplex
 no clns route-cache
!
interface Ethernet0/3
 ip address 171.16.16.1 255.255.255.0
 half-duplex
 no clns route-cache
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0
!
no ip http server
no ip http secure-server
access-list 101 deny   icmp any any
access-list 101 permit ip any any
mpls ldp router-id Loopback0



R3
ip cef
no ip domain lookup
!
!
ip vrf site-b
 rd 34:22
 route-target export 34:22
 route-target import 56:22
mpls label protocol ldp
username Rack30R1 password 0 cisco
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
 no clns route-cache
!
interface Ethernet0/0
 ip address 171.23.23.3 255.255.255.0
 half-duplex
 mpls ip
 no clns route-cache
interface Ethernet0/2
 ip address 171.13.13.3 255.255.255.0
 half-duplex
 mpls ip
 no clns route-cache
interface Serial1/0
 ip vrf forwarding site-b
 ip address 171.3.22.3 255.255.255.0
 encapsulation ppp
 serial restart-delay 0
 clock rate 64000
 no fair-queue
 ppp authentication chap
 no clns route-cache
router eigrp 100
 no auto-summary
 !
 address-family ipv4 vrf site-b
 redistribute bgp 10 metric 100000 100 255 1 1500
 network 171.3.22.3 0.0.0.0
 no auto-summary
 autonomous-system 100
 exit-address-family
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0
!
router bgp 10
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 4.4.4.4 remote-as 10
 neighbor 4.4.4.4 update-source Ethernet0/3
 neighbor 5.5.5.5 remote-as 10
 neighbor 5.5.5.5 update-source Ethernet0/3
 neighbor 6.6.6.6 remote-as 10
 neighbor 6.6.6.6 update-source Ethernet0/3
 !
 address-family ipv4
 neighbor 4.4.4.4 activate
 neighbor 5.5.5.5 activate
 neighbor 6.6.6.6 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family vpnv4
 neighbor 4.4.4.4 activate
 neighbor 4.4.4.4 send-community extended
 neighbor 5.5.5.5 activate
 neighbor 5.5.5.5 send-community extended
 neighbor 6.6.6.6 activate
 neighbor 6.6.6.6 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf site-b
 redistribute eigrp 100 metric 10
 no synchronization
 exit-address-family
mpls ldp router-id Loopback0




R4
ip cef
no ip domain lookup
!
!
ip vrf site-b
 rd 34:22
 route-target export 34:22
mpls label protocol ldp
interface Loopback0
 ip address 4.4.4.4 255.255.255.255
 no clns route-cache
interface Ethernet0/1
 ip address 171.14.14.4 255.255.255.0
 half-duplex
 mpls ip
 no clns route-cache
!
interface Ethernet0/2
 ip address 171.24.24.4 255.255.255.0
 half-duplex
 mpls ip
 no clns route-cache
!
interface Ethernet0/3
 ip vrf forwarding site-b
 ip address 171.4.15.4 255.255.255.0
 half-duplex
 mpls ip
 no clns route-cache
!
router ospf 101 vrf site-b
 log-adjacency-changes
 redistribute bgp 10 subnets
 network 0.0.0.0 255.255.255.255 area 0
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0
!
router bgp 10
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 10
 neighbor 3.3.3.3 update-source Loopback0
 neighbor 5.5.5.5 remote-as 10
 neighbor 5.5.5.5 update-source Loopback0
 neighbor 6.6.6.6 remote-as 10
 neighbor 6.6.6.6 update-source Loopback0
 !
 address-family ipv4
 neighbor 3.3.3.3 activate
 neighbor 5.5.5.5 activate
 neighbor 6.6.6.6 activate
 no auto-summary
 no synchronization
 exit-address-family
 !
 address-family vpnv4
 neighbor 3.3.3.3 activate
 neighbor 3.3.3.3 send-community extended
 neighbor 5.5.5.5 activate
 neighbor 5.5.5.5 send-community extended
 neighbor 6.6.6.6 activate
 neighbor 6.6.6.6 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf site-b
 redistribute ospf 101 vrf site-b
 no synchronization
 exit-address-family
mpls ldp router-id Loopback0



R15
ip cef
interface Loopback0
 ip address 15.15.15.15 255.255.255.255
!
interface Ethernet0/0
 ip address 171.15.17.15 255.255.255.0
 half-duplex
interface Ethernet0/3
 ip address 171.4.15.15 255.255.255.0
 half-duplex
!
interface Serial0/0
 ip address 171.15.16.15 255.255.255.0
 encapsulation frame-relay
 ip ospf message-digest-key 1 md5 cisco
 ip ospf network point-to-point
 serial restart-delay 0
 frame-relay map ip 171.15.16.16 112 broadcast
 frame-relay lmi-type cisco
router ospf 100
 log-adjacency-changes
 area 1 authentication message-digest
 network 15.15.15.15 0.0.0.0 area 0
 network 171.4.15.15 0.0.0.0 area 0
 network 171.15.16.15 0.0.0.0 area 1
 network 171.15.17.15 0.0.0.0 area 0


how to solve this issue...





Diposting oleh di

Tidak ada komentar:

Posting Komentar

Langganan: Posting Komentar (Atom)