MPLS Configuration Guide

introduction introduction the multiprotocol label switching (mpls) protocol is used on internet protocol (ip) backbone networks mpls uses connection oriented label switching on connectionless ip networks by combining layer 3 routing technologies and layer 2 switching technologies, mpls leverages the flexibility of ip routing and the simplicity of layer 2 switching mpls is based on internet protocol version 4 (ipv4) the core mpls technology can be extended to multiple network protocols, such as internet protocol version 6 (ipv6), internet packet exchange (ipx), and connectionless network protocol (clnp) "multiprotocol" in mpls means that multiple network protocols are supported mpls is used for tunneling but not a service or an application mpls supports multiple protocols and services moreover, it ensures security of data transmission m m pls configuration pls configuration static lsp static lsp operation command description configure ipv4 route forwarding with mpls labeling ip route a b c d/m|a b c d gw label number number mpls label id to be marked, configuration range 16 to 1048575 configure ipv6 route forwarding with mpls labeling ipv6 route x\ x x\ x/m gw label number configure mpls static label processing policy mpls lsp number {a b c d|x\ x x\ x} {number|explicit null|implicit null} explicit null the mpls label in the neighbor notification message will be set to explicit null (0) upon receiving the message, the neighbor will automatically drop this mpls label implicit null inform the neighbor that it is currently the second to last hop in the mpls path and pop the mpls label here dynamic ldp dynamic ldp operation command description enter mpls ldp view mpls ldp configure the router id of mpls ldp router id ip address ip address name the router id in the format of an ipv4 address enter ipv4/ipv6 address family address family ipv4|ipv6 configure the ipv4/ipv6 addresses advertised by the ldp address family discovery transport address ip address establish a neighbor relationship with a remote ldp neighbor neighbor ip address targeted l2vpn l2vpn operation command description configure static pw pseudowire static name configure the local and remote labels for static pseudowires mpls label local number remote number number value range 16–1048575 enter ipv4/ipv6 address family address family ipv4|ipv6 configure the static remote neighbor address for the static pw neighbor {a b c d|x\ x x\ x} configure dynamic pw pseudowire name configure the dynamic pw's pw id pw id id the pw id configured on pe devices connected to adjacent ends must be consistent for the pw state to be up configure dynamic pw lsr id neighbor lsr id a b c d configure different l2vpn types—vpls and vpws—based on specific usage scenarios l2vpn name type {vpls|vpws} vpls virtual private lan service (vpls) is a point to multipoint layer 2 virtual private network (l2vpn) vpws virtual private network service is a point to point l2vpn add pw members to the existing l2vpn member pseudowire name add an ac interface to the existing l2vpn member interface {ethernet|vlan|link aggregation} vpls only supports vlan interfaces, while vpws only supports physical interfaces and lag interfaces l3vpn l3vpn operation command description enter bgp configuration view router bgp id enter ipv4/ipv6 mpls vpn view address family {ipv4|ipv6} vpn activate the mpls vpn neighbor neighbor {a b c d|x\ x x\ x} activate enter ipv4/ipv6 address family address family {ipv4|ipv6} unicast configure mpls vpn label assignment method label vpn export {auto|allocation mode {per vrf|per nexthop}| label number } auto automatically assign mpls labels to routes allocation mode per vrf routes are assigned labels based on the vrf; routes within the same vrf are assigned the same label allocation mode per nexthop assign labels based on the next hop of the route; routes with the same next hop are assigned the same label label number manually set the mpls label assigned to the route configuring rd parameters for an mpls vpn rd vpn export { as number\ number|ip address\ number } rd parameters are designed to resolve conflicts where internal networks at both ends of a vpn share the same route segment rd is combined with the vpn prefix (vpnv4 address) to form a unique vpnv4 address this combination of rd and vpn prefix creates a new routing entry, enabling each vpn route to be uniquely identified configuring the rt parameters for an mpls vpn rt vpn {import|export|both} {a b c d\ mn|ef\ opqr|ghjk\ mn} import configure rt parameters for receiving vpn routes export configure rt parameters for sending vpn routes rt parameters control the identifiers used for exporting and importing vpn routes, ensuring that vpn routes are correctly sent and received between different vpns export/import vpn routes {export|import} vpn display and maintenance display and maintenance operation command view mpls label information show mpls table view mpls ldp neighbor relationships show mpls ldp neighbor \[detail] view mpls ldp label information show mpls ldp binding view mpls l2vpn information show mpls l2vpn view mpls pw information show mpls pseudowires \[detail] view the routing and mpls label information for all vrfs currently configured on the device show {ipv4|ipv6} route vrf all example of reflect acl configuration example of reflect acl configuration network requirements the network topology is simple and stable, and the three router devices are mpls backbone network devices it is required to create a stable public network tunnel on the backbone network to carry mpls tunnel services procedure dveice 1 sonic(config)# interface ethernet 7 sonic(config if 7)# ip address 80 0 0 1/24 sonic(config)# interface ethernet 15 sonic(config if 15)# ip address 10 1 1 2/24 sonic(config if 15)# mpls enable sonic(config)# ip route 90 0 0 0/24 10 1 1 1 label 16 dveice 2 sonic(config)# interface ethernet 1 sonic(config if 1)# ip address 10 1 1 1/24 sonic(config if 1)# mpls enable sonic(config)# interface ethernet 3 sonic(config if 3)# ip address 20 1 1 1/24 sonic(config if 3)# mpls enable sonic(config)# mpls lsp 16 90 0 0 100 implicit null sonic(config)# mpls lsp 17 80 0 0 100 implicit null dveice 3 sonic(config)# interface ethernet 1 sonic(config if 1)# ip address 90 0 0 1/24 sonic(config)# interface ethernet 3 sonic(config if 3)# ip address 20 1 1 2/24 sonic(config if 3)# mpls enable sonic(config)# ip route 80 0 0 0/24 20 1 1 1 label 17 example of mpls l2vpn vpls configuration example of mpls l2vpn vpls configuration network requirements device1, device2, and device3 are pe devices of the ip/mpls backbone network mpls l2vpn services need to be deployed on device1, device2, and device3 to interconnect vpn sites therefore, local ldp sessions need to be configured between lsrs to establish ldp lsps to carry vpn services procedure device 1 sonic(config)#interface ethernet 7 sonic(config if 7)# switchport access vlan 100 sonic(config)#interface ethernet 16 sonic(config if 16)# ip address 10 1 1 2/24 sonic(config if 16)# mpls ldp sonic(config if 16)# ip ospf area 1 sonic(config if 16)# mpls enable sonic(config)#interface loopback 0 sonic(config loif 0)# ip address 1 1 1 1/32 sonic(config)# vlan 100 sonic(config)# l2vpn test type vpls sonic(config l2vpn)# member interface vlan 100 sonic(config l2vpn)# member pseudowire 219 sonic(config l2vpn)# member pseudowire 220 sonic(config)#router ospf sonic(config router)# redistribute connected sonic(config)# mpls ldp sonic(config ldp)# router id 1 1 1 1 sonic(config ldp)# address family ipv4 sonic(config ldp af)# discovery transport address 1 1 1 1 sonic(config ldp af)# neighbor 3 3 3 3 targeted sonic(config ldp af)# neighbor 4 4 4 4 targeted sonic(config)# pseudowire 219 sonic(config pw)# neighbor lsr id 3 3 3 3 sonic(config pw)# neighbor address 3 3 3 3 sonic(config pw)# pw id 1 sonic(config)# pseudowire 220 sonic(config pw)# neighbor lsr id 4 4 4 4 sonic(config pw)# neighbor address 4 4 4 4 sonic(config pw)# pw id 2 dveice 2 sonic(config)# interface ethernet 13 sonic(config if 13)# switchport access vlan 100 sonic(config)# interface ethernet 16 sonic(config if 16)# ip address 20 1 1 2/24 sonic(config if 16)# mpls ldp sonic(config if 16)# ip ospf area 1 sonic(config if 16)# mpls enable sonic(config)# interface loopback 0 sonic(config loif 0)# ip address 3 3 3 3/32 sonic(config)# vlan 100 sonic(config)# l2vpn test type vpls sonic(config l2vpn)# member interface vlan 100 sonic(config l2vpn)# member pseudowire 217 sonic(config l2vpn)# member pseudowire 220 sonic(config)# router ospf sonic(config router)# redistribute connected sonic(config)# mpls ldp sonic(config ldp)# router id 3 3 3 3 sonic(config ldp)# address family ipv4 sonic(config ldp af)# discovery transport address 3 3 3 3 sonic(config ldp af)# neighbor 1 1 1 1 targeted sonic(config ldp af)# neighbor 4 4 4 4 targeted sonic(config)# pseudowire 217 sonic(config pw)# neighbor lsr id 1 1 1 1 sonic(config pw)# neighbor address 1 1 1 1 sonic(config pw)# pw id 1 sonic(config)# pseudowire 220 sonic(config pw)# neighbor lsr id 4 4 4 4 sonic(config pw)# neighbor address 4 4 4 4 sonic(config pw)# pw id 3 dveice 3 sonic(config)# interface ethernet 3 sonic(config if 13)# switchport access vlan 100 sonic(config)# interface ethernet 16 sonic(config if 16)# ip address 30 1 1 2/24 sonic(config if 16)# mpls ldp sonic(config if 16)# ip ospf area 1 sonic(config if 16)# mpls enable sonic(config)# interface loopback 0 sonic(config loif 0)# ip address 4 4 4 4/32 sonic(config)# vlan 100 sonic(config)# l2vpn test type vpls sonic(config l2vpn)# member interface vlan 100 sonic(config l2vpn)# member pseudowire 217 sonic(config l2vpn)# member pseudowire 219 sonic(config)# router ospf sonic(config router)# redistribute connected sonic(config)# mpls ldp sonic(config ldp)# router id 4 4 4 4 sonic(config ldp)# address family ipv4 sonic(config ldp af)# discovery transport address 4 4 4 4 sonic(config ldp af)# neighbor 1 1 1 1 targeted sonic(config ldp af)# neighbor 3 3 3 3 targeted sonic(config)# pseudowire 217 sonic(config pw)# neighbor lsr id 1 1 1 1 sonic(config pw)# neighbor address 1 1 1 1 sonic(config pw)# pw id 2 sonic(config)# pseudowire 219 sonic(config pw)# neighbor lsr id 3 3 3 3 sonic(config pw)# neighbor address 3 3 3 3 sonic(config pw)# pw id 3 transer device sonic(config)# interface ethernet 1 sonic(config if 1)# ip address 10 1 1 1/24 sonic(config if 1)# mpls ldp sonic(config if 1)# ip ospf area 1 sonic(config if 1)# mpls enable sonic(config)# interface ethernet 2 sonic(config if 2)# ip address 20 1 1 1/24 sonic(config if 2)# mpls ldp sonic(config if 2)# ip ospf area 1 sonic(config if 2)# mpls enable sonic(config)# interface ethernet 3 sonic(config if 3)# ip address 30 1 1 1/24 sonic(config if 3)# mpls ldp sonic(config if 3)# ip ospf area 1 sonic(config if 3)# mpls enable sonic(config)# interface loopback 0 sonic(config loif 0)# ip address 2 2 2 2/32 sonic(config)# router ospf sonic(config router)# redistribute connected sonic(config)# mpls ldp sonic(config ldp)# router id 2 2 2 2 sonic(config ldp)# address family ipv4 sonic(config ldp af)# discovery transport address 2 2 2 2 example of mpls l2vpn vpls configuration example of mpls l2vpn vpls configuration network requirements pe1, pe2, and pe3 are pe devices of the ip/mpls backbone network mpls l3vpn services need to be deployed on pe1, pe2, and pe3 to interconnect vpn sites therefore, local ldp sessions need to be configured between lsrs to establish ldp lsps and carry vpn services device device interface interface ip adderss ip adderss ce1 port1 80 0 0 100/24 pe1 loopback0 1 1 1 1/32 port1 80 0 0 1/24 port2 80 0 1 1/24 port3 10 1 1 2/24 ce2 port1 80 0 1 100/24 p loopback0 2 2 2 2/32 port1 10 1 1 1/24 port2 20 1 1 1/24 ce3 port1 90 0 0 100/24 pe2 loopback0 3 3 3 3/32 port1 90 0 0 1/24 port2 90 0 1 1/24 port3 20 1 1 1/24 ce4 port1 90 0 1 100/24 procedure device 1 sonic(config)# vrf l3vpn sonic(config)# vrf l3vpn1 sonic(config)# interface ethernet 13 sonic(config if 13)# ip address 80 0 0 1/24 sonic(config if 13)# vrf l3vpn sonic(config)# interface ethernet 14 sonic(config if 14)# ip address 110 0 0 1/24 sonic(config if 14)# vrf l3vpn1 sonic(config)# interface ethernet 16 sonic(config if 16)# ip address 10 1 1 2/24 sonic(config if 16)# mpls ldp sonic(config if 16)# ip ospf area 1 sonic(config if 16)# mpls enable sonic(config)# interface loopback 0 sonic(config loif 0)# ip address 1 1 1 1/32 sonic(config)# router bgp 1 sonic(config router)# bgp router id 1 1 1 1 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 3 3 3 3 remote as 1 sonic(config router)# neighbor 3 3 3 3 update source 1 1 1 1 sonic(config router)# address family ipv4 vpn sonic(config router af)# neighbor 3 3 3 3 activate sonic(config)# router bgp 1 vrf l3vpn sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 80 0 0 100 remote as 220 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connected sonic(config router af)# label vpn export auto sonic(config router af)# rd vpn export 1 1 1 1 1 sonic(config router af)# rt vpn import 3 3 3 3 2 sonic(config router af)# rt vpn export 1 1 1 1 1 sonic(config router af)# export vpn sonic(config router af)# import vpn sonic(config)# router bgp 1 vrf l3vpn1 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 110 0 0 100 remote as 221 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connectd sonic(config router af)# label vpn export auto sonic(config router af)# rd vpn export 110 0 0 1 3 sonic(config router af)# rt vpn import 100 0 0 1 4 sonic(config router af)# rt vpn export 110 0 0 1 3 sonic(config router af)# export vpn sonic(config router af)# import vpn sonic(config)# router ospf sonic(config router)# redistribute connected sonic(config)# mpls ldp sonic(config ldp)# router id 1 1 1 1 sonic(config ldp)# address family ipv4 sonic(config ldp)# discovery transport address 1 1 1 1 p sonic(config)# interface ethernet 1 sonic(config if 1)# ip address 10 1 1 1/24 sonic(config if 1)# mpls ldp sonic(config if 1)# ip ospf area 1 sonic(config if 1)# mpls enable sonic(config)# interface ethernet 2 sonic(config if 2)# ip address 20 1 1 1/24 sonic(config if 2)# mpls ldp sonic(config if 2)# ip ospf area 1 sonic(config if 2)# mpls enable sonic(config)# interface loopback 0 sonic(config loif 0)# ip address 2 2 2 2/32 sonic(config)#router ospf sonic(config router)# redistribute connected sonic(config)# mpls ldp sonic(config ldp)# router id 2 2 2 2 sonic(config ldp)# address family ipv4 sonic(config ldp af)# discovery transport address 2 2 2 2 pe2 sonic(config)# vrf l3vpn sonic(config)# vrf l3vpn1 sonic(config)# interface ethernet 10 sonic(config if 10)# ip address 90 0 0 1/24 sonic(config if 10)# vrf l3vpn sonic(config)# interface ethernet 12 sonic(config if 12)# ip address 100 0 0 1/24 sonic(config if 12)# vrf l3vpn1 sonic(config)# interface ethernet 16 sonic(config if 16)# ip address 20 1 1 2/24 sonic(config if 16)# mpls ldp sonic(config if 16)# ip ospf area 1 sonic(config if 16)# mpls enable sonic(config)# interface loopback 0 sonic(config loif 0)# ip address 3 3 3 3/32 sonic(config)# router bgp 1 sonic(config router)# bgp router id 3 3 3 3 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 1 1 1 1 remote as 1 sonic(config router)# neighbor 1 1 1 1 update source 3 3 3 3 sonic(config router)# address family ipv4 vpn sonic(config router af)# neighbor 1 1 1 1 activate sonic(config)# router bgp 1 vrf l3vpn sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 90 0 0 100 remote as 101 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connected sonic(config router af)# label vpn export auto sonic(config router af)# rd vpn export 3 3 3 3 2 sonic(config router af)# rt vpn import 1 1 1 1 1 sonic(config router af)# rt vpn export 3 3 3 3 2 sonic(config router af)# export vpn sonic(config router af)# import vpn sonic(config)# router bgp 1 vrf l3vpn1 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 100 0 0 100 remote as 100 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connected sonic(config router af)# label vpn export auto sonic(config router af)# rd vpn export 100 0 0 1 4 sonic(config router af)# rt vpn import 110 0 0 1 3 sonic(config router af)# rt vpn export 100 0 0 1 4 sonic(config router af)# export vpn sonic(config router af)# import vpn sonic(config)# router ospf sonic(config router)# redistribute connected sonic(config)# mpls ldp sonic(config ldp)# router id 3 3 3 3 sonic(config ldp)# address family ipv4 sonic(config ldp af)# discovery transport address 3 3 3 3 ce1 sonic(config)# interface ethernet 11 sonic(config if 11)# ip address 80 0 0 100/24 sonic(config)# router bgp 220 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 80 0 0 1 remote as 1 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connected ce2 sonic(config)# interface ethernet 13 sonic(config if 13)# ip address 90 0 0 100/24 sonic(config)# router bgp 101 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 90 0 0 1 remote as 1 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connected ce3 sonic(config)# interface ethernet 2 sonic(config if 2)# ip address 110 0 0 100/24 sonic(config)# router bgp 221 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 110 0 0 1 remote as 1 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connected ce4 sonic(config)# interface ethernet 12 sonic(config if 12)# ip address 100 0 0 100/24 sonic(config)# router bgp 100 sonic(config router)# no bgp ebgp requires policy sonic(config router)# neighbor 100 0 0 1 remote as 1 sonic(config router)# address family ipv4 unicast sonic(config router af)# redistribute connected