Home||Table of Contents||2008 Back Issues||2009 Back Issues||Contact the Editor||Contact the Webmaster||

CCIE SP – MPLS VPN Carrier Supporting Carrier

by Shafagh Zandi
Bookmark and Share

The carrier supporting carrier feature enables one MPLS VPN-based service provider to allow other service providers (Tier2) to use its backbone network for connectivity of their POPs. It is also called a carrier-of-carriers VPN. It is a two-tiered relationship between a provider carrier and a customer carrier. In a carrier-of-carriers VPN, the provider carrier provides a VPN backbone network for the customer carrier. The customer carrier, in turn, provides layer 3 VPN or Internet services to its end customers.

You may say that: “so what’s the difference between MPLS VPN and CSC? in MPLS VPN we do the same thing for customers!” well, It is true with one exception, in CSC, the provider carrier does not like to have all routing information for it’s customer carriers, the provider only delivers customers tag regardless of the final destination. In this case customer (Tier 2 ISP) sends labeled traffic to carrier (Tier 1 ISP) just to deliver it to the next-hop on the other side of the network.

Example 1:

In our example, R1 and R2 are CSC_PE while R3 and R4 are CSC_CE, acting like CE routers for the provider carrier’s PE routers and the only difference is that customer carrier speaks in label language. So whenever we run a label protocol on a VRF port – then it is CSC.

In our example, R1 and R2 are CSC_PE while R3 and R4 are CSC_CE, acting like CE routers for the provider carrier’s PE routers and the only difference  is that customer carrier speaks in label language. So whenever we run a label protocol on a VRF port – then it is CSC.

Note: To the customer carrier, the router it uses to connect to the provider carrier’s VPN is a PE router. However, the provider carrier views this device as a CE router (http://www.juniper.net/techpubs/software/erx/junose53/swconfig-routing-vol2/html/bgp-mpls-vpns-config12.html)

Configuration

R1:
ip vrf A
rd 10.10.1.1:1
route-target export 666:1
route-target import 666:1
!
interface Loopback0
ip address 10.10.1.1 255.255.255.255
ip router isis
!
interface FastEthernet0/0
ip address 10.10.12.1 255.255.255.0
ip router isis

mpls

label protocol ldp
mpls ip
!
interface ATM2/0
ip vrf forwarding A
ip address 10.10.13.1 255.255.255.0
ip ospf network point-to-point
mpls ip
pvc 100/0
protocol ip 10.10.13.3 broadcast
!
!
router ospf 10 vrf A
redistribute bgp 666 subnets
network 10.10.13.1 0.0.0.0 area 0
area 0 sham-link 10.10.134.1 10.10.134.2
!
router isis
net 69.0000.0000.0001.00
is-type level-2-only
!
router bgp 666
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.2.2 remote-as 666
neighbor 10.10.2.2 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.2.2 activate
neighbor 10.10.2.2 send-community extended
exit-address-family
! address-family ipv4 vrf A
redistribute ospf 10 vrf A
no auto-summary
no synchronization
exit-address-family
!

R2:
ip vrf A
rd 10.10.2.2:1
route-target export 666:1
route-target import 666:1
!
interface Loopback0
ip address 10.10.2.2 255.255.255.255
ip router isis
!
interface Ethernet0/0
ip address 10.10.12.2 255.255.255.0
ip router isis
mpls label protocol ldp
mpls ip
!
interface Serial1/0
ip vrf forwarding A
ip address 10.10.24.2 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-point
mpls ip
frame-relay map ip 10.10.24.2 204
frame-relay map ip 10.10.24.4 204 broadcast
no frame-relay inverse-arp
!
router ospf 10 vrf A
redistribute bgp 666 subnets
network 10.10.24.2 0.0.0.0 area 0
area 0 sham-link 10.10.134.2 10.10.134.1
!
router isis
net 69.0000.0000.0002.00
is-type level-2-only
!
router bgp 666
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.1.1 remote-as 666
neighbor 10.10.1.1 update-source Loopback0
!
address-family ipv4
neighbor 10.10.1.1 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 10.10.1.1 activate
neighbor 10.10.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf A
redistribute ospf 10 vrf A
no synchronization
exit-address-family
!

R3:
interface ATM2/0
ip address 10.10.13.3 255.255.255.0
ip ospf network point-to-point
mpls ip
pvc 100/0
protocol ip 10.10.13.1 broadcast
!
!
router ospf 10
network 10.10.3.3 0.0.0.0 area 0
network 10.10.13.3 0.0.0.0 area 0
network 10.10.35.3 0.0.0.0 area 0
!
router bgp 3456
no synchronization
neighbor 10.10.4.4 remote-as 3456
neighbor 10.10.4.4 update-source Loopback0
neighbor 10.10.35.5 remote-as 3456
neighbor 10.10.35.5 route-reflector-client
no auto-summary
!

R4:
interface Serial1/0
ip address 10.10.24.4 255.255.255.0
encapsulation frame-relay
ip ospf network point-to-point
mpls ip
frame-relay map ip 10.10.24.2 402 broadcast
frame-relay map ip 10.10.24.4 402
no frame-relay inverse-arp
!
router ospf 10
network 10.10.4.4 0.0.0.0 area 0
network 10.10.24.4 0.0.0.0 area 0
network 10.10.46.4 0.0.0.0 area 0
!
router bgp 3456
no synchronization
bgp log-neighbor-changes
neighbor 10.10.3.3 remote-as 3456
neighbor 10.10.3.3 update-source Loopback0
neighbor 10.10.46.6 remote-as 3456
neighbor 10.10.46.6 route-reflector-client
no auto-summary
!

R5:
router ospf 10
network 10.10.35.5 0.0.0.0 area 0
!
router rip
version 2
redistribute bgp 3456 metric transparent
passive-interface default
no passive-interface Ethernet0/2
no passive-interface Ethernet0/3
network 10.0.0.0
no auto-summary
!
router bgp 3456
no synchronization
bgp log-neighbor-changes
bgp redistribute-internal
network 10.10.7.7 mask 255.255.255.255
network 10.10.9.9 mask 255.255.255.255
neighbor 10.10.35.3 remote-as 3456
neighbor 10.10.35.3 next-hop-self
no auto-summary
!

R6:
router ospf 10
network 10.10.46.6 0.0.0.0 area 0
!
router rip
version 2
redistribute bgp 3456 metric transparent
passive-interface default
no passive-interface Ethernet0/2
no passive-interface Ethernet0/3
network 10.0.0.0
no auto-summary
!
router bgp 3456
no synchronization
bgp log-neighbor-changes
bgp redistribute-internal
network 10.10.8.8 mask 255.255.255.255
network 10.10.10.10 mask 255.255.255.255
neighbor 10.10.46.4 remote-as 3456
neighbor 10.10.46.4 next-hop-self
no auto-summary
!

CE:
R7#trace 10.10.8.8 source 10.10.7.7
1 10.10.57.5
2 10.10.35.3
3 10.10.13.1 [MPLS: Label 22 Exp 0]
4 10.10.24.2 [MPLS: Label 21 Exp 0]
5 10.10.24.4
6 10.10.46.6
7 10.10.68.8
R8#trace 10.10.7.7 source 10.10.8.8
1 10.10.68.6
2 10.10.46.4
3 10.10.12.2 [MPLS: Label 20 Exp 0]
4 * * *
5 10.10.13.3
6 10.10.35.5
7 10.10.57.7

What if the customer carrier wants to run MPLS VPN, it’s same as previous example with minor adjustments.

In our second example, MP-iBGP is used between customer carrier and OSPF as IGP. LSP is end to end from PE to PE.

R1:

ip vrf A
rd 10.10.1.1:1
route-target export 666:1
route-target import 666:1
!
interface Loopback0
ip address 10.10.1.1 255.255.255.255
ip router isis
!
interface Loopback2
ip vrf forwarding A
ip address 10.10.134.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.10.12.1 255.255.255.0
ip router isis
mpls label protocol ldp
mpls ip
!
interface ATM2/0
ip vrf forwarding A
ip address 10.10.13.1 255.255.255.0
ip ospf network point-to-point
mpls ip
pvc 100/0
protocol ip 10.10.13.3 broadcast
!
!
router ospf 10 vrf A
log-adjacency-changes
area 0 sham-link 10.10.134.1 10.10.134.2
redistribute bgp 666 subnets
network 10.10.13.1 0.0.0.0 area 0
!
router isis
net 69.0000.0000.0001.00
is-type level-2-only
!
router bgp 666
no bgp default ipv4-unicast
neighbor 10.10.2.2 remote-as 666
neighbor 10.10.2.2 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.2.2 activate
neighbor 10.10.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf A
redistribute ospf 10 vrf A
no auto-summary
no synchronization
network 10.10.134.1 mask 255.255.255.255
exit-address-family
!


R3:
interface ATM2/0
ip address 10.10.13.3 255.255.255.0
ip ospf network point-to-point
mpls ip
pvc 100/0
protocol ip 10.10.13.1 broadcast
!
!
router ospf 10
network 10.10.3.3 0.0.0.0 area 0
network 10.10.13.3 0.0.0.0 area 0
network 10.10.35.3 0.0.0.0 area 0
!


R5: ip vrf A
rd 10.10.5.5:1
route-target export 56:1
route-target import 56:1
!
ip vrf B
rd 10.10.5.5:2
route-target export 56:2
route-target import 56:2
!
router ospf 10
network 10.10.5.5 0.0.0.0 area 0
network 10.10.35.5 0.0.0.0 area 0
!
router rip
version 2
no auto-summary
!
address-family ipv4 vrf B
redistribute bgp 56 metric transparent
network 10.0.0.0
no auto-summary
exit-address-family
!
address-family ipv4 vrf A
redistribute bgp 56 metric transparent
network 10.0.0.0
no auto-summary
exit-address-family
!
router bgp 56
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 10.10.6.6 remote-as 56
neighbor 10.10.6.6 update-source Loopback0
!
address-family vpnv4
neighbor 10.10.6.6 activate
neighbor 10.10.6.6 send-community extended
exit-address-family
!
address-family ipv4 vrf B
redistribute rip
no synchronization
exit-address-family
!
address-family ipv4 vrf A
redistribute rip
no synchronization
exit-address-family
!


CE:
R7#traceroute 10.10.8.8 source 10.10.7.7
1 10.10.57.5
2 10.10.35.3 [MPLS: Labels 19/22 Exp 0]
3 10.10.13.1 [MPLS: Labels 23/22 Exp 0]
4 10.10.24.2 [MPLS: Labels 23/22 Exp 0]
5 10.10.24.4 [MPLS: Labels 19/22 Exp 0]
6 10.10.68.6 [MPLS: Label 22 Exp 0]
7 10.10.68.8
In this case as we have only two routers at provider’s core, we do not see a third label in the label stack.

Return to the top of 'CCIE SP – MPLS VPN Carrier Supporting Carrier'.
Send Feedback

Home||Table of Contents||2008 Back Issues||2009 Back Issues||Contact the Editor||Contact the Webmaster||
All rights reserved CCIE Agent, Ltd. |          | A Dan-n-Eman Publication