Configuring MPLS L3VPN carrier's carrier in the same AS

Network requirements

Configure carrier's carrier for the scenario shown in Figure 77. In this scenario:

PE 1 and PE 2 are the provider carrier's PE routers. They provide VPN services for the customer carrier.
CE 1 and CE 2 are the customer carrier's routers. They are connected to the provider carrier's backbone as CE routers.
PE 3 and PE 4 are the customer carrier's PE routers. They provide MPLS L3VPN services for the end customers.
CE 3 and CE 4 are customers of the customer carrier.
The customer carrier and the provider carrier reside in the same AS.

The key to carrier's carrier deployment is to configure exchange of two kinds of routes:

Exchange of the customer carrier's internal routes on the provider carrier's backbone.
Exchange of the end customers' VPN routes between PE 3 and PE 4, the PEs of the customer carrier. In this process, an MP-IBGP peer relationship must be established between PE 3 and PE 4.

Figure 77: Network diagram

Table 19: Interface and IP address assignment

Device	Interface	IP address	Device	Interface	IP address
CE 3	GE2/1/1	100.1.1.1/24	CE 4	GE2/1/1	120.1.1.1/24
PE 3	Loop0	1.1.1.9/32	PE 4	Loop0	6.6.6.9/32
	GE2/1/1	100.1.1.2/24		GE2/1/1	120.1.1.2/24
	POS2/1/1	10.1.1.1/24		POS2/1/1	20.1.1.2/24
CE 1	Loop0	2.2.2.9/32	CE 2	Loop0	5.5.5.9/32
	POS2/1/0	10.1.1.2/24		POS2/1/0	21.1.1.2/24
	POS2/1/1	11.1.1.1/24		POS2/1/1	20.1.1.1/24
PE 1	Loop0	3.3.3.9/32	PE 2	Loop0	4.4.4.9/32
	POS2/1/0	11.1.1.2/24		POS2/1/0	30.1.1.2/24
	POS2/1/1	30.1.1.1/24		POS2/1/1	21.1.1.1/24

Configuration procedure

Configure MPLS L3VPN on the provider carrier backbone. Enable IS-IS as the IGP, enable LDP between PE 1 and PE 2, and establish an MP-IBGP peer relationship between the PEs:

# Configure PE 1.

<PE1> system-view
[PE1] interface loopback 0
[PE1-LoopBack0] ip address 3.3.3.9 32
[PE1-LoopBack0] quit
[PE1] mpls lsr-id 3.3.3.9
[PE1] mpls ldp
[PE1-ldp] quit
[PE1] isis 1
[PE1-isis-1] network-entity 10.0000.0000.0000.0004.00
[PE1-isis-1] quit
[PE1] interface loopback 0
[PE1-LoopBack0] isis enable 1
[PE1-LoopBack0] quit
[PE1] interface pos 2/1/1
[PE1-Pos2/1/1] ip address 30.1.1.1 24
[PE1-Pos2/1/1] isis enable 1
[PE1-Pos2/1/1] mpls enable
[PE1-Pos2/1/1] mpls ldp enable
[PE1-Pos2/1/1] mpls ldp transport-address interface
[PE1-Pos2/1/1] quit
[PE1] bgp 100
[PE1-bgp-default] peer 4.4.4.9 as-number 100
[PE1-bgp-default] peer 4.4.4.9 connect-interface loopback 0
[PE1-bgp-default] address-family vpnv4
[PE1-bgp-default-vpnv4] peer 4.4.4.9 enable
[PE1-bgp-default-vpnv4] quit
[PE1-bgp-default] quit

# Configure PE 2 in the same way that PE 1 is configured. (Details not shown.)

# On PE 1 or PE 2, execute the following commands:

Execute the display mpls ldp peer command to verify that an LDP session in Operational state has been established between PE 1 and PE 2. (Details not shown.)
Execute the display bgp peer vpnv4 command to verify that a BGP peer relationship in Established state has been established between PE 1 and PE 2. (Details not shown.)
Execute the display isis peer command to verify that the IS-IS neighbor relationship has been established between PE 1 and PE 2. (Details not shown.)

Configure the customer carrier network. Enable IS-IS as the IGP, and enable LDP between PE 3 and CE 1, and between PE 4 and CE 2:

# Configure PE 3.

<PE3> system-view
[PE3] interface loopback 0
[PE3-LoopBack0] ip address 1.1.1.9 32
[PE3-LoopBack0] quit
[PE3] mpls lsr-id 1.1.1.9
[PE3] mpls ldp
[PE3-ldp] quit
[PE3] isis 2
[PE3-isis-2] network-entity 10.0000.0000.0000.0001.00
[PE3-isis-2] quit
[PE3] interface loopback 0
[PE3-LoopBack0] isis enable 2
[PE3-LoopBack0] quit
[PE3] interface pos 2/1/1
[PE3-Pos2/1/1] ip address 10.1.1.1 24
[PE3-Pos2/1/1] isis enable 2
[PE3-Pos2/1/1] mpls enable
[PE3-Pos2/1/1] mpls ldp enable
[PE3-Pos2/1/1] mpls ldp transport-address interface
[PE3-Pos2/1/1] quit

# Configure CE 1.

<CE1> system-view
[CE1] interface loopback 0
[CE1-LoopBack0] ip address 2.2.2.9 32
[CE1-LoopBack0] quit
[CE1] mpls lsr-id 2.2.2.9
[CE1] mpls ldp
[CE1-ldp] quit
[CE1] isis 2
[CE1-isis-2] network-entity 10.0000.0000.0000.0002.00
[CE1-isis-2] quit
[CE1] interface loopback 0
[CE1-LoopBack0] isis enable 2
[CE1-LoopBack0] quit
[CE1] interface pos 2/1/0
[CE1-Pos2/1/0] ip address 10.1.1.2 24
[CE1-Pos2/1/0] isis enable 2
[CE1-Pos2/1/0] mpls enable
[CE1-Pos2/1/0] mpls ldp enable
[CE1-Pos2/1/0] mpls ldp transport-address interface
[CE1-Pos2/1/0] quit

PE 3 and CE 1 can establish an LDP session and IS-IS neighbor relationship between them.

# Configure PE 4 and CE 2 in the same way that PE 3 and CE 1 are configured. (Details not shown.)

Allow CEs of the customer carrier to access PEs of the provider carrier, and redistribute IS-IS routes to BGP and BGP routes to IS-IS on the PEs:

# Configure PE 1.

[PE1] ip vpn-instance vpn1
[PE1-vpn-instance-vpn1] route-distinguisher 200:1
[PE1-vpn-instance-vpn1] vpn-target 1:1
[PE1-vpn-instance-vpn1] quit
[PE1] mpls ldp
[PE1-ldp] vpn-instance vpn1
[PE1-ldp-vpn-instance-vpn1] quit
[PE1-ldp] quit
[PE1] isis 2 vpn-instance vpn1
[PE1-isis-2] network-entity 10.0000.0000.0000.0003.00
[PE1-isis-2] address-family ipv4
[PE1-isis-2-ipv4] import-route bgp
[PE1-isis-2-ipv4] quit
[PE1-isis-2] quit
[PE1] interface pos 2/1/0
[PE1-Pos2/1/0] ip binding vpn-instance vpn1
[PE1-Pos2/1/0] ip address 11.1.1.2 24
[PE1-Pos2/1/0] isis enable 2
[PE1-Pos2/1/0] mpls enable
[PE1-Pos2/1/0] mpls ldp enable
[PE1-Pos2/1/0] mpls ldp transport-address interface
[PE1-Pos2/1/0] quit
[PE1] bgp 100
[PE1-bgp-default] ip vpn-instance vpn1
[PE1-bgp-default-vpn1] address-family ipv4 unicast
[PE1-bgp-default-ipv4-vpn1] import isis 2
[PE1-bgp-default-ipv4-vpn1] quit
[PE1-bgp-default-vpn1] quit
[PE1-bgp-default] quit

# Configure CE 1.

[CE1] interface pos 2/1/1
[CE1-Pos2/1/1] ip address 11.1.1.1 24
[CE1-Pos2/1/1] isis enable 2
[CE1-Pos2/1/1] mpls enable
[CE1-Pos2/1/1] mpls ldp enable
[CE1-Pos2/1/1] mpls ldp transport-address interface
[CE1-Pos2/1/1] quit

PE 1 and CE 1 can establish an LDP session and IS-IS neighbor relationship between them.

# Configure PE 2 and CE 2 in the same way that PE 1 and CE 1 are configured. (Details not shown.)

Connect CEs of the end customers and the PEs of the customer carrier:

# Configure CE 3.

<CE3> system-view
[CE3] interface gigabitethernet 2/1/1
[CE3-GigabitEthernet2/1/1] ip address 100.1.1.1 24
[CE3-GigabitEthernet2/1/1] quit
[CE3] bgp 65410
[CE3-bgp-default] peer 100.1.1.2 as-number 100
[CE3-bgp-default] address-family ipv4 unicast
[CE3-bgp-default-ipv4] peer 100.1.1.2 enable
[CE3-bgp-default-ipv4] import-route direct
[CE3-bgp-default-ipv4] quit
[CE3-bgp-default] quit

# Configure PE 3.

[PE3] ip vpn-instance vpn1
[PE3-vpn-instance-vpn1] route-distinguisher 100:1
[PE3-vpn-instance-vpn1] vpn-target 1:1
[PE3-vpn-instance-vpn1] quit
[PE3] interface gigabitethernet 2/1/1
[PE3-GigabitEthernet2/1/1] ip binding vpn-instance vpn1
[PE3-GigabitEthernet2/1/1] ip address 100.1.1.2 24
[PE3-GigabitEthernet2/1/1] quit
[PE3] bgp 100
[PE3-bgp-default] ip vpn-instance vpn1
[PE3-bgp-default-vpn1] peer 100.1.1.1 as-number 65410
[PE3-bgp-default-vpn1] address-family ipv4 unicast
[PE3-bgp-default-ipv4-vpn1] peer 100.1.1.1 enable
[PE3-bgp-default-ipv4-vpn1] quit
[PE3-bgp-default-vpn1] quit
[PE3-bgp-default] quit

# Configure PE 4 and CE 4 in the same way that PE 3 and CE 3 are configured. (Details not shown.)

Configure an MP-IBGP peer relationship between the PEs of the customer carrier to exchange the VPN routes of the end customers:

# Configure PE 3.

[PE3] bgp 100
[PE3-bgp-default] peer 6.6.6.9 as-number 100
[PE3-bgp-default] peer 6.6.6.9 connect-interface loopback 0
[PE3-bgp-default] address-family vpnv4
[PE3-bgp-default-vpnv4] peer 6.6.6.9 enable
[PE3-bgp-default-vpnv4] quit
[PE3-bgp-default] quit

# Configure PE 4 in the same way that PE 3 is configured. (Details not shown.)

Verifying the configuration

Display the public network routing table and VPN routing table on the provider carrier PEs, for example, on PE 1:

# Verify that the public network routing table contains only routes of the provider carrier network.

[PE1] display ip routing-table

Destinations : 14        Routes : 14

Destination/Mask   Proto   Pre Cost        NextHop         Interface
0.0.0.0/32         Direct  0   0           127.0.0.1       InLoop0
3.3.3.9/32         Direct  0   0           127.0.0.1       InLoop0
4.4.4.9/32         IS_L1   15  10          30.1.1.2        POS2/1/1
30.1.1.0/24        Direct  0   0           30.1.1.1        POS2/1/1
30.1.1.0/32        Direct  0   0           30.1.1.1        POS2/1/1
30.1.1.1/32        Direct  0   0           127.0.0.1       InLoop0
30.1.1.255/32      Direct  0   0           30.1.1.1        POS2/1/1
127.0.0.0/8        Direct  0   0           127.0.0.1       InLoop0
127.0.0.0/32       Direct  0   0           127.0.0.1       InLoop0
127.0.0.1/32       Direct  0   0           127.0.0.1       InLoop0
127.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0
224.0.0.0/4        Direct  0   0           0.0.0.0         NULL0
224.0.0.0/24       Direct  0   0           0.0.0.0         NULL0
255.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0

# Verify that the VPN routing table contains the internal routes of the customer carrier, but it does not contain the VPN routes that the customer carrier maintains.

[PE1] display ip routing-table vpn-instance vpn1

Destinations : 18        Routes : 18

Destination/Mask   Proto   Pre Cost        NextHop         Interface
0.0.0.0/32         Direct  0   0           127.0.0.1       InLoop0
1.1.1.9/32         IS_L1   15  20          11.1.1.1        POS2/1/0
2.2.2.9/32         IS_L1   15  10          11.1.1.1        POS2/1/0
5.5.5.9/32         BGP     255 10          4.4.4.9         POS2/1/1
6.6.6.9/32         BGP     255 20          4.4.4.9         POS2/1/1
10.1.1.0/24        IS_L1   15  20          11.1.1.1        POS2/1/0
11.1.1.0/24        Direct  0   0           11.1.1.2        POS2/1/0
11.1.1.0/32        Direct  0   0           11.1.1.2        POS2/1/0
11.1.1.2/32        Direct  0   0           127.0.0.1       InLoop0
11.1.1.255/32      Direct  0   0           11.1.1.2        POS2/1/0
20.1.1.0/24        BGP     255 20          4.4.4.9         POS2/1/1
127.0.0.0/8        Direct  0   0           127.0.0.1       InLoop0
127.0.0.0/32       Direct  0   0           127.0.0.1       InLoop0
127.0.0.1/32       Direct  0   0           127.0.0.1       InLoop0
127.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0
224.0.0.0/4        Direct  0   0           0.0.0.0         NULL0
224.0.0.0/24       Direct  0   0           0.0.0.0         NULL0
255.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0

Display the routing table on the customer carrier CEs, for example, on CE 1:

# Verify that the routing table contains the internal routes of the customer carrier network, but it does not contain the VPN routes that the customer carrier maintains.

[CE1] display ip routing-table

Destinations : 21        Routes : 21

Destination/Mask   Proto   Pre Cost        NextHop         Interface
0.0.0.0/32         Direct  0   0           127.0.0.1       InLoop0
1.1.1.9/32         IS_L1   15  10          10.1.1.1        POS2/1/0
2.2.2.9/32         Direct  0   0           127.0.0.1       InLoop0
5.5.5.9/32         IS_L2   15  74          11.1.1.2        POS2/1/1
6.6.6.9/32         IS_L2   15  74          11.1.1.2        POS2/1/1
10.1.1.0/24        Direct  0   0           10.1.1.2        POS2/1/0
10.1.1.0/32        Direct  0   0           10.1.1.2        POS2/1/0
10.1.1.2/32        Direct  0   0           127.0.0.1       InLoop0
10.1.1.255/32      Direct  0   0           10.1.1.2        POS2/1/0
11.1.1.0/24        Direct  0   0           11.1.1.1        POS2/1/1
11.1.1.0/32        Direct  0   0           11.1.1.1        POS2/1/1
11.1.1.1/32        Direct  0   0           127.0.0.1       InLoop0
11.1.1.255/32      Direct  0   0           11.1.1.1        POS2/1/1
20.1.1.0/24        IS_L2   15  74          11.1.1.2        POS2/1/1
127.0.0.0/8        Direct  0   0           127.0.0.1       InLoop0
127.0.0.0/32       Direct  0   0           127.0.0.1       InLoop0
127.0.0.1/32       Direct  0   0           127.0.0.1       InLoop0
127.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0
224.0.0.0/4        Direct  0   0           0.0.0.0         NULL0
224.0.0.0/24       Direct  0   0           0.0.0.0         NULL0
255.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0

Display the public network routing table and VPN routing table on the customer carrier PEs, for example, on PE 3:

# Verify that the public network routing table contains the internal routes of the customer carrier network.

[PE3] display ip routing-table

Destinations : 18        Routes : 18

Destination/Mask   Proto   Pre Cost        NextHop         Interface
0.0.0.0/32         Direct  0   0           127.0.0.1       InLoop0
1.1.1.9/32         Direct  0   0           127.0.0.1       InLoop0
2.2.2.9/32         IS_L1   15  10          10.1.1.2        POS2/1/1
5.5.5.9/32         IS_L2   15  84          10.1.1.2        POS2/1/1
6.6.6.9/32         IS_L2   15  84          10.1.1.2        POS2/1/1
10.1.1.0/24        Direct  0   0           10.1.1.1        POS2/1/1
10.1.1.0/32        Direct  0   0           10.1.1.1        POS2/1/1
10.1.1.1/32        Direct  0   0           127.0.0.1       InLoop0
10.1.1.255/32      Direct  0   0           10.1.1.1        POS2/1/1
11.1.1.0/24        IS_L1   15  20          10.1.1.2        POS2/1/1
20.1.1.0/24        IS_L2   15  84          10.1.1.2        POS2/1/1
127.0.0.0/8        Direct  0   0           127.0.0.1       InLoop0
127.0.0.0/32       Direct  0   0           127.0.0.1       InLoop0
127.0.0.1/32       Direct  0   0           127.0.0.1       InLoop0
127.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0
224.0.0.0/4        Direct  0   0           0.0.0.0         NULL0
224.0.0.0/24       Direct  0   0           0.0.0.0         NULL0
255.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0

# Verify that the VPN routing table contains the route to the remote VPN customer.

[PE3] display ip routing-table vpn-instance vpn1

Destinations : 13        Routes : 13

Destination/Mask   Proto   Pre Cost        NextHop         Interface
0.0.0.0/32         Direct  0   0           127.0.0.1       InLoop0
100.1.1.0/24       Direct  0   0           100.1.1.2       GE2/1/1
100.1.1.0/32       Direct  0   0           100.1.1.2       GE2/1/1
100.1.1.2/32       Direct  0   0           127.0.0.1       InLoop0
100.1.1.255/32     Direct  0   0           100.1.1.2       GE2/1/1
127.0.0.0/8        Direct  0   0           127.0.0.1       InLoop0
127.0.0.0/32       Direct  0   0           127.0.0.1       InLoop0
127.0.0.1/32       Direct  0   0           127.0.0.1       InLoop0
127.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0
120.1.1.0/24       BGP     255 0           6.6.6.9         POS2/1/1
224.0.0.0/4        Direct  0   0           0.0.0.0         NULL0
224.0.0.0/24       Direct  0   0           0.0.0.0         NULL0
255.255.255.255/32 Direct  0   0           127.0.0.1       InLoop0

Verify that PE 3 and PE 4 can ping each other. (Details not shown.)
Verify that CE 3 and CE 4 can ping each other. (Details not shown.)

prev	up	next
Configuring MPLS L3VPN inter-AS option C	home	Configuring MPLS L3VPN carrier's carrier in different ASs