Back To Back Vrf Inter-AS Option A

Monday, October 4, 2010

Back To Back Vrf Inter-AS Option A

Carrier Support Carrier is also known as Inter-AS communication some times (but both are different) and it is well defined in three options. Out of three I am working on option A which is back to back vrf model.

Inter-AS communication is required when the same customer is having the few location in one service provider cloud and few locations in another service provider cloud. Customer’s objective is to access all the location in MPLS cloud, no matter where there are. To achieve the objective, both service provider need to do a mutual contract to serve the customer. In the depicted figure, PE-2 and PE-3 are the edge routers of both service provider cloud and are connected over fast Ethernet link.

In this scenario, I am using different VRFs name and with different RD values. One is VRF BLUE with RD 1:1 and another is vrf MPLSVPN with RD 2:1.

CE-1 access CE-2 20.20.20.2 network which travels from AS-1 to AS-2. But for customer it is end to end a single MPLS network.

Back to back vrf is created on PE-2 and PE-2 with name BLUE and MPLSVPN.

PE-2 Vrf Configuration

ip vrf BLUE

rd 1:1

route-target export 1:1

route-target import 1:1

PE-3 Vrf Configuration

ip vrf MPLSVPN

rd 2:1

route-target export 2:1

route-target import 2:1

Interface Configuration of PE-2 and PE-3 Over IPv4 Link (Back to back vrf is created)

PE-2 Configuration

interface FastEthernet1/1

ip vrf forwarding BLUE

ip address 23.23.23.2 255.255.255.0

duplex auto

speed auto

no clns route-cache

PE-3 Configuration

interface FastEthernet1/0

ip vrf forwarding MPLSVPN

ip address 23.23.23.3 255.255.255.0

duplex auto

speed auto

no clns route-cache

Reverse Routes for the remote lan of different service providers by point next hop of back to back vrf interface ip address.

PE-2

ip route vrf BLUE 20.20.20.0 255.255.255.0 23.23.23.3

PE-3

ip route vrf MPLSVPN 10.10.10.0 255.255.255.0 23.23.23.2

Now see how the labels forwarding will work in back to back vrf model.

CE1 sends a packet with destination 20.20.20.2 towards PE-1. Given is the output on PE1.

The above figure depicts that 20.20.20.2 is part of vrf BLUE and reachable by ip address 2.2.2.2 which is the ip address of PE-2. This will add label 21 as vpnv4 label and for 2.2.2.2 it will append the label 16. See the below image to verify the labels:-

PE1 will forward the packet to P1/RR1 router with the above labels and P1/RR1 will perform the penultimate hop popping for PE-2 loopback address. This will forward the packet with only VPNv4 label which is 21. See the below output to verify:-

Now PE-2 will receive the packet with only VPNv4 label and perform the no label on it. After that it will send the packet to PE-3.

PE-3 will receive the pure IPv4 packet and put that packet in MPLVPN vrf. Then it creates a label stack with VPNv4 label of 20.20.20.2 along its next hop IGP address.

Label 17 is for IGP next hop i.e. 4.4.4.4 and label 20 is VPNv4 label. It will forward the packet to P2 with the label stack 17 and 20. P2 will perform the penultimate hop popping for 4.4.4.4 and forwards the packet to PE-4 with only VPNv4 label i.e.20.