MPLS Layer 3 VPN Configuration

Hi,
I have a question if PE2 has both routing information on it’s table so why PE1 has only one prefix.

Hello Dinesh

Looking at the lesson, I see that at some point eBGP is configured between PE1 and CE1. Once that is done, we can see that PE1 receives one prefix as shown below:

Now at this point only one prefix is shown because eBGP configuration is not complete for PE2 and CE2. CE2 has already been configured, but not PE2. You can see in the above image that the very next step is to configure PE2. Once this is configured, then PE1 will also see the 5.5.5.5/32 network.

I hope this has been helpful!

Laz

Hi there,

I have an issue with the topology, at this web-site I’ve seen the the topology: https://networklessons.com/mpls/mpls-layer-3-vpn-configuration
But that topology is without redundant line and without RR on the router, and I am struggling with that. Because I would like to do a VPN sie-to-site connection.

Hello Robert

Your topology looks very ambitious! That’s great! Is there something more specific that we can help you with?

Laz

Hello Lazaros,

Thank you for compliment, I do not know how but I am trying to do a VPN over the AS1 (as SP), site-to-site (AS2-AS3-AS4-AS5), and I am strugling with several things. VRF MPLS, and now with NAT on site. because I have subinterfaces (Vlans) on each site without gateway for physical interface just default-gateway for each Vlans.

Rob

Hello Robert

I have a feeling that maybe you bit off a little more than you can chew? Looking at such a topology and attempting to implement these concepts can be a daunting task. The most important thing is to first gain a solid understanding of the technologies involved, and then to begin implementing the. I would suggest you go through some of the related lessons first, do the labs there, invest the time to gain the understanding, and then you will be in a position to tackle these bigger problems.

A good starting point is to go over Unit 3 of the MPLS course which focuses on MPLS VPN and VRFs. A good starting point is the following lesson, from which you can continue on with all the lessons in Unit 3.:

You can also take a look at the series of lessons on NAT, starting with the following, and going through the various other involved configurations.

As you go through these, and the tackle your large topology, we’ll be here to respond to your specific questions and queries.

I hope this has been helpful!

Laz

Hi Rene,

I’m confused between RT and RD…

Can you please help me to understand, whether we can configure different RD values on different PE for same customer or it should be same always ?

And, can we configure export/import RT values for the same customer for two-way communication ?

Just like below :-

PE1# >>>
ip vrf CUSTOMER
 rd 1:1
 route-target export 1:1 (traffic from PE1 to PE2)
 route-target import 1:2

PE2 >>>>
ip vrf CUSTOMER
 rd 1:1
 route-target export 1:2 (Traffic from PE2 to PE1)
 route-target import 1:1

Please help to make me understand …

Regards
Mukul Jain

Hello Mukul

The short answer is yes, you can configure different RD values on different PEs for the same customer. Remember that the RD values are used in order to make a particular prefix of a particular customer unique. They are not unique to the customer, they are unique to the prefix. Therefore if you have prefix A on customer 1 off of PE2 and prefix B on customer 1 off of PE1, you can indeed have different RDs. The prefixes at each customer site, along with the RD do indeed remain unique.

I hope this has been helpful!

Laz

I have a successful MPLS-VPN with R1 to R5/R6 communication. R10 is my route reflector. I need to do some additional testing where R1 tags it’s loopback with community 100:100 when sending it to R2. R2 receives the community but it does not get sent to R4.

#####
R1
router bgp 1
 bgp log-neighbor-changes
 network 1.1.1.1 mask 255.255.255.255
 neighbor 10.0.12.2 remote-as 100
 neighbor 10.0.12.2 send-community
 neighbor 10.0.12.2 route-map set-community out

ip prefix-list set-community seq 5 permit 1.1.1.1/32
!
route-map set-community permit 10
 match ip address prefix-list set-community
 set community 0:100 100:100 64984:0 65100:100
####
R2 
r2#show ip bgp vpnv4 vrf CUSTOMER-A 1.1.1.1
BGP routing table entry for 1:1:1.1.1.1/32, version 10
Paths: (1 available, best #1, table CUSTOMER-A)
  Advertised to update-groups:
     14        
  Refresh Epoch 1
  1
    10.0.12.1 (via vrf CUSTOMER-A) from 10.0.12.1 (1.1.1.1)
      Origin IGP, metric 0, localpref 100, valid, external, best
      Community: 0:100 100:100 64984:0 65100:100
      Extended Community: RT:1:1
      mpls labels in/out 30/nolabel
      rx pathid: 0, tx pathid: 0x0
####
R4
r4#show ip bgp vpnv4 vrf CUSTOMER-A 1.1.1.1
BGP routing table entry for 1:1:1.1.1.1/32, version 37
Paths: (1 available, best #1, table CUSTOMER-A)
  Advertised to update-groups:
     6         
  Refresh Epoch 2
  1
    2.2.2.2 (metric 3) (via default) from 10.10.10.10 (10.10.10.10)
      Origin IGP, metric 0, localpref 100, valid, internal, best
      Extended Community: RT:1:1
      Originator: 2.2.2.2, Cluster list: 10.10.10.10
      mpls labels in/out nolabel/30
      rx pathid: 0, tx pathid: 0x0

Hello Jeremy

Nothing out of the ordinary pops out from the configs and the topology you shared. Now you have configured R1 to send the community attribute to its neighbor. Have you made the same configuration to R2 (neighbor ip-address send-community) so that it too will send the community attribute to its neighbor, namely R4? You shouldn’t need a route map in this case since the attribute is already set.

Also, you might want to do some BGP debugging on R2 and R4 to see if the attribute is being sent correctly and if it is being received correctly as well…

The following links may also be helpful:

Hopefully this gives you some insight on how to proceed with troubleshooting.

I hope this has been helpful!

Laz

This works now. My original lab that I had issues with was using vIOS for PE. When I switched that to CSRs, everything works great. Thanks for the response!

1 Like

Please See attachment.

Multiple VRFs configured under the sub-interface for the VLAN-to-VRF mapping on Customer A, and Customer B.

All switches configured with VLANs matching to respective Customer router. For example, VLAN 50 maps to GigabitEthernet0/0/0/2.50.

Desktop default-gateways is the sub-interface (GigabitEthernet0/0/0/2.50) IP address for respective Customer.

The core is complete were PEs established vpnv4, and ipv4 peering between each other. Labels are flowing through the core when trace command was on PE and P routers.

Need assistance with completing the configuration on the PEs. Please see below:

I’m stuck at configuring the PEs where the VLAN/VRFs mappings on the Customer are transported by the PEs into the core.

The PEs and Customer router has a /30 IP address configured between them.

I’ve searched the web for documentation but was unsuccessful in finding anything useful. I have been at this for several weeks, so I decided to reach out to someone for assistance.
I cannot provide specific configuration since I’m reproducing my work environment.

Thanks
Tim

Hello Timothy

The best suggestion I can give you at this point is to take a look at the following lesson that details the configuration of MPLS Layer 3 VPN including the configuration at the PEs that incorporates VRFs, BGP, as well as the IGP that you may have configured.


In addition to this, there are a whole series of lessons you can see below this one in the Course Contents on the right that further describe configurations specific to the use of other protocols, as seen below:

Take a look and see if those can help you in your troubleshooting process. If you find yourself stuck on something specific, please don’t hesitate to reach out and ask further questions.

I hope this has been helpful!

Laz

Hi Rene,

My goal is to access Internet (viz google.com/cisco.com e.t.c.) over MPLS VPN Network.

I had a below scenario copied from you.

Final target is to access Internet on AS3 by Windows10 PC on AS1 over MPLS VPN Network.

  1. I configured eBGP between PE-CE
  2. Configured ospf as IGP
  3. Created a VRF “Internet”
  4. Configured iBGP between PE1-PE2
  5. Created a static route on CE1 for accessing internet
  6. Advertised L0 : 5.5.5.5/32 & 192.168.184.0/24 into BGP on CE2 Router

Verification
==========

PE1#sh ip route vrf Internet

Routing Table: Internet
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

**C    192.168.12.0/24 is directly connected, FastEthernet0/0**
**     5.0.0.0/32 is subnetted, 1 subnets**
**B       5.5.5.5 [200/0] via 4.4.4.4, 00:00:56**
**B    192.168.184.0/24 [200/0] via 4.4.4.4, 00:00:56**

CE1#sh ip bgp
BGP table version is 4, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   **Network          Next Hop            Metric LocPrf Weight Path**
***> 5.5.5.5/32       192.168.12.2                           0 2 3 i**
**r> 192.168.184.0    192.168.12.2                           0 2 3 i**

CE1#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

**C    192.168.12.0/24 is directly connected, FastEthernet0/0**
**     1.0.0.0/32 is subnetted, 1 subnets**
**C       1.1.1.1 is directly connected, Loopback0**
**     5.0.0.0/32 is subnetted, 1 subnets**
**B       5.5.5.5 [20/0] via 192.168.12.2, 00:03:20**
**S    192.168.184.0/24 [1/0] via 192.168.12.2**
CE1#

CE1#ping 5.5.5.5 source loopback 0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 5.5.5.5, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
.....
Success rate is 0 percent (0/5)

CE1#ping 192.168.184.131 source loopback 0

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.184.131, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
.....
Success rate is 0 percent (0/5)
CE1#



***CE1#sho running-config***
Building configuration...

Current configuration : 2311 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface Loopback0
 ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
 ip address 192.168.12.1 255.255.255.0
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/2
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/3
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/4
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/5
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet1/0
!
interface FastEthernet1/1
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Serial2/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Vlan1
 no ip address
!
router bgp 1
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.12.2 remote-as 2
 no auto-summary
!
ip forward-protocol nd
ip route 192.168.184.0 255.255.255.0 192.168.12.2
!
!
no ip http server
no ip http secure-server
!
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
end

CE1#


***PE1#sho running-config***
Building configuration...

Current configuration : 2886 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
ip vrf Internet
 rd 100:100
 route-target export 100:100
 route-target import 100:100
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface Loopback0
 ip address 2.2.2.2 255.255.255.255
!
interface FastEthernet0/0
 ip vrf forwarding Internet
 ip address 192.168.12.2 255.255.255.0
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/2
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/3
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/4
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/5
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet1/0
!
interface FastEthernet1/1
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Serial2/0
 ip address 192.168.23.2 255.255.255.0
 mpls ip
 serial restart-delay 0
!
interface Serial2/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/2
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Vlan1
 no ip address
!
router ospf 1
 log-adjacency-changes
 network 2.2.2.2 0.0.0.0 area 0
 network 192.168.23.0 0.0.0.255 area 0
!
router bgp 2
 bgp log-neighbor-changes
 neighbor 4.4.4.4 remote-as 2
 neighbor 4.4.4.4 update-source Loopback0
 !
 address-family ipv4
  no neighbor 4.4.4.4 activate
  no auto-summary
  no synchronization
 exit-address-family
 !
 address-family vpnv4
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community both
 exit-address-family
 !
 address-family ipv4 vrf Internet
  neighbor 192.168.12.1 remote-as 1
  neighbor 192.168.12.1 activate
  no synchronization
 exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
end



***P#sho running-config***
Building configuration...

Current configuration : 2758 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname P
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface Loopback0
 ip address 3.3.3.3 255.255.255.255
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/2
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/3
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/4
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/5
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet1/0
!
interface FastEthernet1/1
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Serial2/0
 ip address 192.168.23.3 255.255.255.0
 mpls ip
 serial restart-delay 0
!
interface Serial2/1
 ip address 192.168.34.3 255.255.255.0
 mpls ip
 serial restart-delay 0
!
interface Serial2/2
 no ip address
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Vlan1
 no ip address
!
router ospf 1
 log-adjacency-changes
 network 0.0.0.0 255.255.255.255 area 0
!
router bgp 2
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 2
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 4.4.4.4 remote-as 2
 neighbor 4.4.4.4 update-source Loopback0
 !
 address-family ipv4
  no neighbor 2.2.2.2 activate
  no neighbor 4.4.4.4 activate
  no auto-summary
  no synchronization
 exit-address-family
 !
 address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community both
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community both
 exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
end


***PE2#sho running-config***
Building configuration...

Current configuration : 2884 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PE2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
ip vrf Internet
 rd 100:100
 route-target export 100:100
 route-target import 100:100
!
no ip domain lookup
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface Loopback0
 ip address 4.4.4.4 255.255.255.0
!
interface FastEthernet0/0
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/2
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/3
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/4
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/5
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet1/0
!
interface FastEthernet1/1
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Serial2/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/1
 ip address 192.168.34.4 255.255.255.0
 mpls ip
 serial restart-delay 0
!
interface Serial2/2
 ip vrf forwarding Internet
 ip address 192.168.45.4 255.255.255.0
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Vlan1
 no ip address
!
router ospf 1
 log-adjacency-changes
 network 4.4.4.4 0.0.0.0 area 0
 network 192.168.34.0 0.0.0.255 area 0
!
router bgp 2
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 2
 neighbor 2.2.2.2 update-source Loopback0
 !
 address-family ipv4
  no neighbor 2.2.2.2 activate
  no auto-summary
  no synchronization
 exit-address-family
 !
 address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community both
 exit-address-family
 !
 address-family ipv4 vrf Internet
  neighbor 192.168.45.5 remote-as 3
  neighbor 192.168.45.5 activate
  no synchronization
 exit-address-family
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
end



***CE2#sho running-config***
Building configuration...

Current configuration : 2317 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname CE2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 5
no ip icmp rate-limit unreachable
ip cef
!
!
!
!
ip name-server 8.8.8.8
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
 log config
  hidekeys
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface Loopback0
 ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
 ip address dhcp
 duplex auto
 speed auto
!
interface Serial0/0
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet0/1
 no ip address
 shutdown
 duplex auto
 speed auto
!
interface Serial0/1
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/2
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/3
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/4
 no ip address
 shutdown
 clock rate 2000000
!
interface Serial0/5
 no ip address
 shutdown
 clock rate 2000000
!
interface FastEthernet1/0
!
interface FastEthernet1/1
!
interface FastEthernet1/2
!
interface FastEthernet1/3
!
interface FastEthernet1/4
!
interface FastEthernet1/5
!
interface FastEthernet1/6
!
interface FastEthernet1/7
!
interface FastEthernet1/8
!
interface FastEthernet1/9
!
interface FastEthernet1/10
!
interface FastEthernet1/11
!
interface FastEthernet1/12
!
interface FastEthernet1/13
!
interface FastEthernet1/14
!
interface FastEthernet1/15
!
interface Serial2/0
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/1
 no ip address
 shutdown
 serial restart-delay 0
!
interface Serial2/2
 ip address 192.168.45.5 255.255.255.0
 serial restart-delay 0
!
interface Serial2/3
 no ip address
 shutdown
 serial restart-delay 0
!
interface Vlan1
 no ip address
!
router bgp 3
 no synchronization
 bgp log-neighbor-changes
 network 5.5.5.5 mask 255.255.255.255
 network 192.168.184.0
 neighbor 192.168.45.4 remote-as 2
 no auto-summary
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
no cdp log mismatch duplex
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
end

Thanks in advance
Manami

Hello Manami

As mentioned in a previous post, it’s difficult to verify or troubleshoot a topology simply by examining the configurations of multiple devices without the benefit of implementing show and other test commands. As mentioned before, it’s a good idea to take it step by step. The steps you created are great, you’ll just have to examine the network after each one to see that all is working as expected.

The following lesson may be helpful in identifying and resolving specific issues found in a network:


I hope this has been helpful!

Laz

Hi Laz,

If you at least can help me to know if I need any extra setup for Internet to access over MPLS in GNS3 that will also be great help.

Thanks
Manami

Hello Manami

There’s nothing special that you need to do for an MPLS topology in GNS3 to connect it to the real Internet. You simply follow the same steps that are necessary as described in this previous post:

I hope this has been helpful!

Laz

Hello Laga !
How we can configure to hide label MPLS when we traceroute ?
Example:
When we traceroute: it will show : 2 192.168.23.3 [MPLS: Labels 17/19 Exp 0] 0 msec 0 msec 4 msec
So how to show just only same: 2 192.168.23.3 0 msec 0 msec 4 msec
It’s posible ?
Thank a lot ?

Hello Tung

Traceroute on a Cisco device will always include any MPLS labels that appear within the path. It’s part of the way that Cisco devices operate, and how traceroute is employed on the Cisco IOS. However, if you put a PC on one of the ends of the communication and use tracert from the command prompt, it won’t show the MPLS labels. This is simply due to the way the tracert function is implemented.

I hope this has been helpful!

Laz

1 Like

Thank you so much Laga !

1 Like