RIP, EIGRP, OSPF, IS-IS, BGP, MPLS, VTP, STP.
eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Hub-and-spoke MPLS/VPN

Wed Nov 03, 2010 2:11 pm

Hi,

I'm having some troubles configuring this kind of topology.

Here is the topology:
Image

And here are the routers configs:

OBIWANP1:


version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname OWI-P1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
mpls ldp router-id Loopback0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.99.99.99 255.255.255.0
ip ospf network point-to-point
!
interface FastEthernet0/0
ip address 10.0.0.13 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
ip address 10.0.0.25 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet1/0
ip address 10.0.0.5 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet1/1
ip address 10.0.0.9 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet2/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet2/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 99
log-adjacency-changes
network 10.0.0.0 0.0.0.3 area 0
network 10.0.0.4 0.0.0.3 area 0
network 10.0.0.8 0.0.0.3 area 0
network 10.0.0.12 0.0.0.3 area 0
network 10.0.0.16 0.0.0.3 area 0
network 10.0.0.20 0.0.0.3 area 0
network 10.0.0.24 0.0.0.3 area 0
network 10.99.99.0 0.0.0.255 area 0
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
alias exec crs copy run start
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end



POPPAR1:

version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname POP-PAR1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
ip vrf PADAWAN_HUB
rd 1200:1
route-target export 1200:1001
!
ip vrf PADAWAN_SPOKE
route-target import 1200:1000
route-target import 1200:999
!
mpls ldp router-id Loopback0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.1.1.1 255.255.255.0
ip ospf network point-to-point
!
interface FastEthernet0/0
ip address 10.0.0.26 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet0/1
ip vrf forwarding PADAWAN_HUB
ip address 192.168.255.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet1/0
ip vrf forwarding PADAWAN_SPOKE
ip address 192.168.247.1 255.255.255.0
duplex full
!
router ospf 99
log-adjacency-changes
network 10.0.0.24 0.0.0.3 area 0
network 10.1.1.0 0.0.0.255 area 0
!
router rip
version 2
!
address-family ipv4 vrf PADAWAN_SPOKE
redistribute bgp 1 metric 1
network 192.168.247.0
no auto-summary
exit-address-family
!
address-family ipv4 vrf PADAWAN_HUB
redistribute bgp 1 metric 1
network 192.168.255.0
no auto-summary
exit-address-family
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 10.2.2.2 remote-as 1
neighbor 10.2.2.2 update-source Loopback0
neighbor 10.7.7.7 remote-as 1
neighbor 10.7.7.7 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.2.2.2 activate
neighbor 10.2.2.2 send-community extended
neighbor 10.7.7.7 activate
neighbor 10.7.7.7 send-community extended
exit-address-family
!
address-family ipv4 vrf PADAWAN_SPOKE
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf PADAWAN_HUB
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
alias exec crs copy run start
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end



PADAPAR1:


version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PADA-PAR1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.0.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.255.2 255.255.255.0
duplex full
!
interface FastEthernet1/0
ip address 192.168.247.2 255.255.255.0
duplex full
!
router rip
version 2
network 192.168.0.0
network 192.168.247.0
network 192.168.255.0
no auto-summary
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
alias exec crs copy run start
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end



POPTOU1:


version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname POP-TOU1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
ip vrf PADAWAN
rd 1200:1
route-target export 1200:999
route-target import 1200:1001
!
mpls ldp router-id Loopback0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.2.2.2 255.255.255.0
ip ospf network point-to-point
!
interface FastEthernet0/0
ip vrf forwarding PADAWAN
ip address 192.168.254.1 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet1/0
ip address 10.0.0.10 255.255.255.252
duplex auto
speed auto
mpls ip
!
interface FastEthernet1/1
no ip address
shutdown
duplex auto
speed auto
!
router ospf 99
log-adjacency-changes
network 10.0.0.8 0.0.0.3 area 0
network 10.2.2.0 0.0.0.255 area 0
!
router rip
version 2
!
address-family ipv4 vrf PADAWAN
redistribute bgp 1 metric 1
network 192.168.254.0
no auto-summary
exit-address-family
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 1
neighbor 10.1.1.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf PADAWAN
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
alias exec crs copy run start
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end



PADATOU1:


version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PADA-TOU1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.1.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.254.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router rip
version 2
network 192.168.1.0
network 192.168.254.0
no auto-summary
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
alias exec crs copy run start
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end



POPLYO1:



version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname POP-LYO1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
ip vrf PADAWAN
rd 1200:1
route-target export 1200:1000
route-target import 1200:1001
!
mpls ldp router-id Loopback0
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 10.7.7.7 255.255.255.0
ip ospf network point-to-point
!
interface FastEthernet0/0
ip address 10.0.0.6 255.255.255.252
duplex full
mpls ip
!
interface FastEthernet1/0
ip vrf forwarding PADAWAN
ip address 192.168.248.1 255.255.255.0
duplex full
!
router ospf 99
log-adjacency-changes
network 10.0.0.4 0.0.0.3 area 0
network 10.7.7.0 0.0.0.255 area 0
!
router rip
version 2
!
address-family ipv4 vrf PADAWAN
redistribute bgp 1 metric 1
network 192.168.248.0
no auto-summary
exit-address-family
!
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 10.1.1.1 remote-as 1
neighbor 10.1.1.1 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.1.1.1 activate
neighbor 10.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf PADAWAN
redistribute rip
no auto-summary
no synchronization
exit-address-family
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
alias exec crs copy run start
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end



PADALYO1:


version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname PADA-LYO1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
ip subnet-zero
!
!
ip cef
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
ip address 192.168.7.1 255.255.255.0
!
interface FastEthernet0/0
ip address 192.168.248.2 255.255.255.0
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
router rip
version 2
network 192.168.7.0
network 192.168.248.0
no auto-summary
!
ip classless
!
no ip http server
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
gatekeeper
shutdown
!
alias exec crs copy run start
!
line con 0
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
!
end



The backbone and MPLS network work fine.
It seems that there is a probleme with the PE-CE routers at the Hub. The routing tables seems to change everytime, and even replace/delete routes.

POPPAR1 routes at different times:


POP-PAR1#sho ip route vrf PADAWAN_HUB

Routing Table: PADAWAN_HUB
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

R 192.168.247.0/24 [120/1] via 192.168.255.2, 00:00:04, FastEthernet0/1
R 192.168.248.0/24 [120/2] via 192.168.255.2, 00:00:00, FastEthernet0/1
R 192.168.7.0/24 [120/2] via 192.168.255.2, 00:00:00, FastEthernet0/1
C 192.168.255.0/24 is directly connected, FastEthernet0/1
R 192.168.0.0/24 [120/1] via 192.168.255.2, 00:00:04, FastEthernet0/1
R 192.168.254.0/24 [120/2] via 192.168.255.2, 00:00:00, FastEthernet0/1
R 192.168.1.0/24 [120/2] via 192.168.255.2, 00:00:00, FastEthernet0/1



POP-PAR1#sho ip route vrf PADAWAN_HUB

Routing Table: PADAWAN_HUB
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

R 192.168.247.0/24 [120/1] via 192.168.255.2, 00:00:02, FastEthernet0/1
B 192.168.248.0/24 [200/0] via 10.7.7.7, 00:00:00
B 192.168.7.0/24 [200/1] via 10.7.7.7, 00:00:00
C 192.168.255.0/24 is directly connected, FastEthernet0/1
R 192.168.0.0/24 [120/1] via 192.168.255.2, 00:00:02, FastEthernet0/1
B 192.168.254.0/24 [200/0] via 10.2.2.2, 00:00:00
B 192.168.1.0/24 [200/1] via 10.2.2.2, 00:00:00





POP-PAR1#sho ip route vrf PADAWAN_HUB

Routing Table: PADAWAN_HUB
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

R 192.168.247.0/24 [120/1] via 192.168.255.2, 00:00:11, FastEthernet0/1
C 192.168.255.0/24 is directly connected, FastEthernet0/1
R 192.168.0.0/24 [120/1] via 192.168.255.2, 00:00:11, FastEthernet0/1



Same things happen in the vrf PADAWAN_SPOKE.
And on the CE-Router PADAPAR1:


PADA-PAR1#sho ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C 192.168.247.0/24 is directly connected, FastEthernet1/0
C 192.168.255.0/24 is directly connected, FastEthernet0/0
C 192.168.0.0/24 is directly connected, Loopback0


----------------------------------------------

PADA-PAR1#sho ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

C 192.168.247.0/24 is directly connected, FastEthernet1/0
R 192.168.248.0/24 [120/1] via 192.168.247.1, 00:00:00, FastEthernet1/0
R 192.168.7.0/24 [120/1] via 192.168.247.1, 00:00:00, FastEthernet1/0
C 192.168.255.0/24 is directly connected, FastEthernet0/0
C 192.168.0.0/24 is directly connected, Loopback0
R 192.168.254.0/24 [120/1] via 192.168.247.1, 00:00:00, FastEthernet1/0
R 192.168.1.0/24 [120/1] via 192.168.247.1, 00:00:00, FastEthernet1/0



Then, at the start of the PE-Router POPPAR1, I'am able to ping a spoke from an other spoke, but after, the routes are misfunctionning and change all the time, so i can't ping a spoke from an other spoke or even the hub.

So if someone can help me on those troubles, it could be great :)
Thanks for your time.

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Hub-and-spoke MPLS/VPN

Wed Nov 03, 2010 3:13 pm

Change your MPLS router's loopbacks to /32's

eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Re: Hub-and-spoke MPLS/VPN

Wed Nov 03, 2010 3:33 pm

Just did it, and it doesn't solve the issue :(
Removed ip ospf network point-to-point, same thing.

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Hub-and-spoke MPLS/VPN

Wed Nov 03, 2010 4:14 pm

It's late my side so I'll take another look tomorrow if no-one else has answered by then

eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 2:57 am

Ok thanks.

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 4:06 am

I wanted to copy and paste your config into mine, but yours is wrong. For example, in the diagram you say OBIWANP1's hostname is OWI-P1.

Also in the diagram you say it has connections out fa0/1; fa1/0 and fa1/1 - But the config shows different.


Did you do this up in GNS3 or dynamips? If so, can you post the topology files? what routers/IOS are you using?

eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 4:19 am

Hi,

I'm using GNS3, I attached the topology file.

The name of OBIWAN1 router is just misstyped ^^ but it's the good config file.
Attachments
MPLS-GNS3.zip
(5.85 KiB) Downloaded 80 times

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 4:36 am

Thanks, Loading it up now and will let you know

eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 4:37 am

Thanks a lot =)

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 4:59 am

Why have you configured PADAPAR1 like you have? I don't quite see the logic of creating 2 separate vrf's to the same single router like you have.

Let's take a step back here, what is the intended goal of the topology first? What exactly are you trying to accomplish?

eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 5:08 am

I'm trying to make an Hub-and-spoke MPLS/VPN.

Traffic comming from a spoke ( PADATOU1, or PADALYO1 ) have to pass throught the hub ( PADAPAR1), even if they want to communicate with each other. That's what I have understood about Hub-and-spoke topology.
About the two VRFs, that's what I saw on many tutorials, I have to use one VRF to import routes from the spokes, and an other VRF to export the route from the HUB.

I don't want to make a full mesh VPN.


See pages 60-61-62 here: http://docstore.mik.ua/cisco/pdf/other/KnowledgeNet%20Advanced%20MPLS%20VPN%20Solutions%20%28AMVS%29%201.0%20Student%20Guide%20Volume%202.pdf

eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 5:09 am

It's for a project at school btw. =)

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 5:42 am

I gotta say, that almost defeats the purpose of MPLS. Which is to move away from hub and spoke and into a full mesh.

When I have free moments at work I'll take a look, but I'm pretty swamped today

markom
Member
Posts:
125
Joined:
Thu Jul 15, 2010 8:13 pm
Certs:
CCIE #18427 (SP, R&S)

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 6:33 am

Hub and spoke VRF is actually pretty common in a case of a managed/central firewall, for example. However, most of the solutions these days use "half-duplex VRF" feature to solve it, instead of using inside and outside VRF.
Marko Milivojevic - CCIE #18427 (SP R&S)
Senior Technical Instructor - IPexpert
http://www.ipexpert.com/

eZork
New Member
Posts:
15
Joined:
Wed Nov 03, 2010 2:08 pm
Certs:
CCNP R&S

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 6:40 am

Ok.
So, I have to make and Half-Duplex VRF on the PE Hub router? what about the CE Hub router and the PE Spoke routers? Anything to change?

User avatar
mellowd
CCIE #38070
Posts:
13814
Joined:
Wed Jun 18, 2008 7:49 am
Certs:
CCIE (RS,SP), JNCIE-SP, BC-/SPNE/NP

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 6:46 am

markom wrote:Hub and spoke VRF is actually pretty common in a case of a managed/central firewall, for example. However, most of the solutions these days use "half-duplex VRF" feature to solve it, instead of using inside and outside VRF.


All my central firewall MPLS solutions thus far have simple used a hosted firewall connected to VPLS like all other sites. Much easier

markom
Member
Posts:
125
Joined:
Thu Jul 15, 2010 8:13 pm
Certs:
CCIE #18427 (SP, R&S)

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 9:58 am

VPLS is not L3VPN so it's quite a different thing... :-)
Marko Milivojevic - CCIE #18427 (SP R&S)
Senior Technical Instructor - IPexpert
http://www.ipexpert.com/

User avatar
wirerat
Post Whore
Posts:
5340
Joined:
Tue Mar 31, 2009 4:15 pm
Certs:
More than none

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 10:02 am

The attached configs are working the way you want. Do a comparison between them and what you had and then try to fix yours.
Attachments
mpls_hub_spoke.zip
(4.92 KiB) Downloaded 306 times
"See packet, be packet, you are packet. Ignore all else!" -The Networker
packetsdropped.wordpress.com

User avatar
ibarrere
Cisco Inferno
Posts:
10283
Joined:
Mon Jul 10, 2006 12:58 am

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 10:09 am

Hej, Marke, odakle si?

User avatar
networker050184
Ultimate Member
Posts:
912
Joined:
Sat Feb 16, 2008 9:22 am
Certs:
CCNP, CCIP, JNCIA-JUNOS

Re: Hub-and-spoke MPLS/VPN

Thu Nov 04, 2010 10:13 am

Just set it up as a normal MPLS VPN and make sure the spokes only have a default to the hub. No need for multiple VRFs.

Next

Return to Cisco Routing and Switching

Who is online

Users browsing this forum: Google [Bot] and 119 guests