Friday, March 24, 2006

MULTIHOMING ENVIRONMENT IN MPLS NETWORK


PE AAA

!
ip vrf V322:POCIP
rd 12345:1304
route-target export 12345:1295
route-target export 12345:102
route-target import 12345:1295
route-target import 12345:1296
!
interface Serial8/0/1.1/1/6/3:0
description ***LEASED LINE TO CE1***
ip vrf forwarding V322:POCIP
ip address 59.139.19.33 255.255.255.252
no fair-queue
service-policy input apply_no_qos
!
address-family ipv4 vrf V322:POCIP
redistribute connected
redistribute static
neighbor 59.139.19.34 remote-as 10
neighbor 59.139.19.34 activate
neighbor 59.139.19.34 as-override
neighbor 59.139.19.34 allowas-in 10
maximum-paths eibgp 4
default-information originate
no auto-summary
no synchronization
exit-address-family
!
ip access-list extended V322:POCIP_VPNSC_GREY_MGMT_ACL
permit ip 59.139.19.32 0.0.0.3 any
!
route-map grey_mgmt_vpn_TMIPVPN_V322:POCIP permit 10
match ip address V322:POCIP_VPNSC_GREY_MGMT_ACL
set extcommunity rt 12345:1001 additive
!

PE BBB

!
ip vrf V368:POCIP
rd 12345:1349
export map grey_mgmt_vpn_TMIPVPN_V368:POCIP
route-target export 12345:1295
route-target export 12345:102
route-target import 12345:1000
route-target import 12345:1295
route-target import 12345:1296
!
!
interface Serial8/0/1.1/1/1/2:0
description ***LEASED LINE TO CE2***
ip vrf forwarding V368:POCIP
ip address 59.139.19.37 255.255.255.252
no fair-queue
service-policy input apply_no_qos
!
!
address-family ipv4 vrf V368:POCIP
redistribute connected
redistribute static
neighbor 59.139.19.38 remote-as 10
neighbor 59.139.19.38 activate
neighbor 59.139.19.38 as-override
neighbor 59.139.19.38 allowas-in 10
maximum-paths eibgp 4
no auto-summary
no synchronization
exit-address-family
!
ip access-list extended V368:POCIP_VPNSC_GREY_MGMT_ACL
permit ip 59.139.19.36 0.0.0.3 any
!
route-map grey_mgmt_vpn_TMIPVPN_V368:POCIP permit 10
match ip address V368:POCIP_VPNSC_GREY_MGMT_ACL
set extcommunity rt 12345:1001 additive
!




ROUTER CE1


CE1-AAA#sh run
!
version 12.2
!
ip subnet-zero
!
controller E1 6/0
channel-group 0 timeslots 1-30
!
interface FastEthernet0/0
ip address 200.10.10.1 255.255.255.0
duplex auto
speed 100
!
interface Serial6/0:0
description ***LEASED LINE TO PE AAA***
ip address 59.139.19.34 255.255.255.252
no fair-queue
!
router ospf 9191
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
redistribute bgp 10 subnets
network 200.10.10.0 0.0.0.255 area 0
!
router bgp 10
no synchronization
bgp log-neighbor-changes
redistribute static metric 1
redistribute ospf 9191 metric 1 match internal external 1 external 2
neighbor 59.139.19.33 remote-as 12345
neighbor 59.139.19.33 allowas-in 10
neighbor 200.10.10.2 remote-as 10
default-information originate
no auto-summary
!
ip classless
!
!
end


ROUTER CE2


CE2-BBB#sh run
Building configuration...
!
version 12.2
!
ip subnet-zero
!
controller E1 1/0
channel-group 0 timeslots 1-31
!
interface GigabitEthernet0/1
ip address 200.10.10.2 255.255.255.0
duplex auto
speed 100
media-type rj45
no negotiation auto
!
interface Serial1/0:0
description ***LEASED LINE TO PE BBB***
ip address 59.139.19.38 255.255.255.252
no fair-queue
!
router ospf 9191
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
redistribute bgp 10 subnets
network 200.10.10.0 0.0.0.255 area 0
!
router bgp 10
no synchronization
bgp log-neighbor-changes
redistribute static metric 1
redistribute ospf 9191 metric 1 match internal external 1 external 2
neighbor 59.139.19.37 remote-as 12345
neighbor 59.139.19.37 allowas-in 10
neighbor 200.10.10.5 remote-as 10
default-information originate
no auto-summary
!
ip classless
!
end

19 comments:

Anonymous said...

Great configuration. Working in ISP?

mzulk said...

Thanks. Yup, I'm working with ISP. Any details you need, you may email mail at mzulk@yahoo.com

adios

Anonymous said...

Yes. Me too working at ISP. Almost 2 years of designing, implementing, troubleshooting MPLS VPN. Great to hear that you're doing the configuration. Can reach me mahertac@gmail.com

See ya!

mzulk said...

Welcome welcome

I'm with ISP for almost 10 years, mainly focus in performing POC for various of technologies.

Hopefully, we may share our experiences.

adios

Anonymous said...

Thanks for the welcoming. I do appreciate. Mostly on my deployment, we do manually on troubleshooting except for the provisioning I'm using VPNSC - nothing much can be done via that software. Cisco mention to migrate to use ISC.

Sometimes during the hard days become complicated to troubleshoot. Have you ever tried to use ISC?

buzzinhornets said...

Yeah, can share-share our experience... :-)

mzulk said...

Hi

I hate using either VPNSC or ISC, because Cisco is not good in these areas, I think.
However, we are using ISC hehehehe plus normal command line for customer provisioning. Looks like ISC is not matured yet.
I prefer to use command line, and easy for troubleshooting.

adios

Anonymous said...

Yes. I absolutely agreeeeee 100%. Manually being done but for the management, it become tedius to manage and control...for managing route-target, should be okay...hahahahaha...

mzulk said...

Hi buzzinhornets

Come and join us hehehe

Anonymous said...

Hi mzulk,

Have you ever tried to setup or configure MPLS QoS DiffServ in PE routers? I'm trying to use DSCP/IP Precedence but seems not to be promissing. Suck doug! :)

mahertac

mzulk said...

Hi Mahertac

Nop. Not yet. Might test and needed in future.

Our IPVPN is quite new. Before this, we are the Frame Relay provider. So, we are in the phase of getting POC on IPVPN.

adios

Anonymous said...

Hi mzulk.

Yeap. From the configuration I see that you're on FR technologies. Mine, we a using full blast of pure IP networks :) FR makes me headache :) Even nowdays as well, especially Cisco.com still promoting using FR on example on WAN technologies.

Anyway, glad to hear that.

mahertac

mzulk said...

Hi Mahertac

Hehehe we r expert in FR rather than IPVPN. Most of our customers running FR since 1997. We are happy with FR, but we are using Nortel switches as FR nodes, not Cisco hehheeh. Cisco used just for CPE.

adios

Anonymous said...

Can anyone recommend the top performing Remote Management program for a small IT service company like mine? Does anyone use Kaseya.com or GFI.com? How do they compare to these guys I found recently: [url=http://www.n-able.com] N-able N-central remote pc software
[/url] ? What is your best take in cost vs performance among those three? I need a good advice please... Thanks in advance!

Anonymous said...

Sandwich Generation and Health Care: CCH Revіeωs Tax
Ramifications foг Caring for Agіng Parents and
Young Adult Children, CCH. You should choose a sum insured which сould cover all medical cost emerged during hospitalizatіon ѕo
that you don. Looming changes in health сare
regulations are ϳust one of the more significant oneѕ and coulԁ be catastrophic for the unprepared small business оwner.


Feel freе to ѕurf to my web ѕite; Health Insurance Benefits

Anonymous said...

Thе history of pгoviԁing medіcal care and
other сharitiеs fοr the pоor in
Cаnаdа is olԁeг than Сanada itself.
9,10 Тhе entry of ѕo many ѕuch cοmpaniеs
has аԁԁed toωardѕ coгpoгatizаtion of the hеаlthcare іndustry wіth а focuѕ оn high
pгofit-margin, suрer specіaltу anԁ diagnostіc
care. Οuг acсuracy and data precision pгovеѕ bеnefiсial in tеrms of pricing аnd time managеment that
assіst the intending сonsultаnts in meеting theіг obϳеctiveѕ in a сost-effеctiѵe and tіmely manneг.


mу website - Private Health Insurance Benefits Uk

Anonymous said...

This is a topic that is near to my heart.
.. Cheers! Where are your contact details though?

my blog - ジョーダンバッシュ

Anonymous said...

Hi, I check your blog like every week. Your story-telling style is witty, keep it
up!

Stop by my website: ルイビトン 格安

Anonymous said...

Hey there! Someone in my Myspace group shared this site with us so I came to give
it a look. I'm definitely enjoying the information. I'm book-marking and will be tweeting this to my followers!
Terrific blog and fantastic style and design.

Here is my webpage - nike スニーカー