Configure EoMPLS on Cisco routers
Many of those who constantly work with the Internet, probably heard about such a wonderful technology like MPLS.
MPLS offers us such new features as AToM (Any Transport over Mpls), Traffic Engineering, etc.
AToM allows IP / MPLS traffic over second-level protocols such as ATM, Frame Relay, Ethernet, PPP, and HDLC.
In this article I would like to dwell on the EoMPLS technology.
MPLS - (English Multiprotocol Label Switching) - multiprotocol label switching.
In the OSI model it is theoretically possible to arrange between the second and third levels.
')
In accordance with MPLS technology, packets are tagged for transmission over the network. Tags are included in the MPLS header inserted into the data packet.
These fixed-length short tags carry information that shows each switching node (router) how to process and transfer packets from the source to the destination. They are only relevant in the local connection between two nodes. As each node transmits a packet, it replaces the current label with a corresponding label to ensure that the packet is routed to the next node. This mechanism provides very high-speed packet switching over an MPLS core network.
MPLS combines all the best from Layer 3 IP routing and Layer 2 switching.
While routers need network-level intelligence to determine where to send traffic, switches need only transfer data to the next hop, and this is naturally simpler, faster, and cheaper. MPLS relies on traditional IP routing protocols to declare and establish a network topology. MPLS is then superimposed on top of this topology. MPLS predetermines the path of data distribution over the network and encodes this information in the form of a label that is understood by the network routers.
Because route planning happens at the starting point in time and at the edge of the network (where the consumer and service provider networks dock), MPLS-labeled data requires less computational power from routers to traverse the core of the service provider network.
AToM
To create a VPN Layer 2 according to the point-to-point scheme, the Any Transport Over MPLS (AToM) technology has been developed that provides Layer 2 frame transmission via the MPLS network. AToM is an integrated technology that includes Frame Relay over MPLS, ATM over MPLS, Ethernet over MPLS.
EoMPLS encapsulates Ethernet frames in MPLS packets and uses a label stack to advance through the MPLS network.
The channel built on the EoMPLS technology looks to the consumer of the service provider as a virtual patchcord.
Imagine that we have a very important client that needs to combine two branches (Moscow and Vladivostok) into one network segment, with a single pass-through IP addressing. This is where AToM comes to the rescue.
Setting it up is much easier than it seems at first glance (we are talking about the minimal basic setting).
The basic MPLS setting is over.
Here I presented the configuration of only one router. At the very end of the article you can see the configs of all routers.
All configuration is reduced to the creation of sub-interfaces on both routers.
One side:
On the other hand:
Some moments in more detail:
encapsulation dot1Q 100 - we specify the dot1Q tag. If it is simpler, the VLAN number through which the client traffic will go from the router to its port on the switch. On a different router, this value may differ. That allows us to combine two completely different VLAN.
xconnect 1.1.1.3 - create an xkonnekt to the required router. Where the second point of our client is included.
123456789 - The value of the virtual circuit. Must be the same on both routers. This value identifies our channel. Values ​​of VC can range from 1 to 4294967295.
And detailed information:
It must be remembered that during MPLS operation, 12 bytes are additionally added to the Ethernet packet.
To avoid packet fragmentation, you can specify “mpls mtu 1512” on the interfaces. But in this case, all devices on the way should support the transmission of packets with an MTU size greater than 1500.
PS Configs of all routers as promised.
It is impossible to describe absolutely all aspects in one article. I tried to tell as briefly as possible the minimum necessary for work.
MPLS offers us such new features as AToM (Any Transport over Mpls), Traffic Engineering, etc.
AToM allows IP / MPLS traffic over second-level protocols such as ATM, Frame Relay, Ethernet, PPP, and HDLC.
In this article I would like to dwell on the EoMPLS technology.
A bit of theory
MPLS - (English Multiprotocol Label Switching) - multiprotocol label switching.
In the OSI model it is theoretically possible to arrange between the second and third levels.
')
In accordance with MPLS technology, packets are tagged for transmission over the network. Tags are included in the MPLS header inserted into the data packet.
These fixed-length short tags carry information that shows each switching node (router) how to process and transfer packets from the source to the destination. They are only relevant in the local connection between two nodes. As each node transmits a packet, it replaces the current label with a corresponding label to ensure that the packet is routed to the next node. This mechanism provides very high-speed packet switching over an MPLS core network.
MPLS combines all the best from Layer 3 IP routing and Layer 2 switching.
While routers need network-level intelligence to determine where to send traffic, switches need only transfer data to the next hop, and this is naturally simpler, faster, and cheaper. MPLS relies on traditional IP routing protocols to declare and establish a network topology. MPLS is then superimposed on top of this topology. MPLS predetermines the path of data distribution over the network and encodes this information in the form of a label that is understood by the network routers.
Because route planning happens at the starting point in time and at the edge of the network (where the consumer and service provider networks dock), MPLS-labeled data requires less computational power from routers to traverse the core of the service provider network.
AToM
To create a VPN Layer 2 according to the point-to-point scheme, the Any Transport Over MPLS (AToM) technology has been developed that provides Layer 2 frame transmission via the MPLS network. AToM is an integrated technology that includes Frame Relay over MPLS, ATM over MPLS, Ethernet over MPLS.
EoMPLS encapsulates Ethernet frames in MPLS packets and uses a label stack to advance through the MPLS network.
The channel built on the EoMPLS technology looks to the consumer of the service provider as a virtual patchcord.
So let's go ... How do I create a VPN Layer 2 using EoMPLS?
Imagine that we have a very important client that needs to combine two branches (Moscow and Vladivostok) into one network segment, with a single pass-through IP addressing. This is where AToM comes to the rescue.
How the customer sees it
How the provider sees it
Before you directly configure the VPN, you must ensure that MPLS is working.
Setting it up is much easier than it seems at first glance (we are talking about the minimal basic setting).
- First, enable IP CEF and MPLS in the global configuration of our router.
MSK-1#conf t
MSK-1(config)#ip cef
MSK-1(config)#mpls ip
If the router refuses to understand this command, then either the current IOS version or the hardware itself does not support MPLS. - Create a loopback interface through which our MPLS will work.
MSK-1#conf t
MSK-1(config)#int lo1
MSK-1(config-if)#ip address 1.1.1.1 255.255.255.255
Technically, it can work directly on the interfaces that provide communication between two routers. But such a scheme creates only additional difficulties. For example, changing IP addressing between routers. - We configure routing to provide routers communication through loopback interfaces.
You can use either static routes or dynamic routing protocols. Take for example OSPF.MSK-1#conf t
MSK-1(config)#router ospf 100
MSK-1(config-router)#log-adjacency-changes
MSK-1(config-router)#network 1.1.1.1 0.0.0.0 area 0
MSK-1(config-router)#network 1.0.0.0 0.0.0.3 area 0
MSK-1(config-router)#
The network is the loopback interface and the network of interfaces for communication between routers.
We check with the ping command that everything works.MSK-1#ping 1.1.1.3
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.3, timeout is 2 seconds:
! ! ! ! !
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/3/4 ms
MSK-1# - We indicate to our router that the loopback interface will be used as the “router-id”.
MSK-1#conf t
MSK-1(config)#mpls ldp router-id Loopback1 force - We enable MPLS on the interfaces that connect routers to each other.
MSK-1#conf t
MSK-1(config)#int gi0/2
MSK-1(config-if)#mpls ip - We look that communication on MPLS is established.
MSK-1 # sh mpls ldp neighbor Peer LDP Ident: 1.1.1.2; Local LDP Ident 1.1.1.1 TCP connection: 1.1.1.2.12817 - 1.1.1.1.646 State: Oper; Msgs sent / rcvd: 36243/37084; Downstream Up time: 01:39:49 LDP discovery sources: Targeted Hello 1.1.1.1 -> 1.1.1.2, active, passive GigabitEthernet0 / 2, Src IP addr: 1.0.0.2 Addresses bound to peer LDP Ident: 1.1.1.2 1.0.0.2 1.1.1.6 Peer LDP Ident: 1.1.1.3; Local LDP Ident 1.1.1.1 TCP connection: 1.1.1.3.48545 - 1.1.1.1.646 State: Oper; Msgs sent / rcvd: 347/127; Downstream Up time: 01:39:49 LDP discovery sources: Targeted Hello 1.1.1.1 -> 1.1.1.3, active, passive Addresses bound to peer LDP Ident: 1.0.0.5 1.1.1.3 MSK-1 #
The basic MPLS setting is over.
Here I presented the configuration of only one router. At the very end of the article you can see the configs of all routers.
Moving on to setting up the EoMPLS channel for our imaginary client.
All configuration is reduced to the creation of sub-interfaces on both routers.
One side:
MSK-1#conf t
MSK-1(config)int gi0/1.100
MSK-1(config-subif)#encapsulation dot1Q 100
MSK-1(config-subif)#xconnect 1.1.1.3 123456789 encapsulation mplsOn the other hand:
Vladi-1#conf t
Vladi-1(config)int gi0/1.40
Vladi-1(config-subif)#encapsulation dot1Q 40
Vladi-1(config-subif)#xconnect 1.1.1.1 123456789 encapsulation mplsSome moments in more detail:
encapsulation dot1Q 100 - we specify the dot1Q tag. If it is simpler, the VLAN number through which the client traffic will go from the router to its port on the switch. On a different router, this value may differ. That allows us to combine two completely different VLAN.
xconnect 1.1.1.3 - create an xkonnekt to the required router. Where the second point of our client is included.
123456789 - The value of the virtual circuit. Must be the same on both routers. This value identifies our channel. Values ​​of VC can range from 1 to 4294967295.
Now it only remains to check that our channel has earned, and enjoy life.
MSK-1 # sh mpls l2transport vc 123456789 Local intf Local circuit Dest address VC ID Status Gi0 / 1.100 Eth VLAN 100 1.1.1.3 123456789 UP MSK-1 #
And detailed information:
MSK-1 # sh mpls l2transport vc 123456789 detail
Local interface: Gi0 / 1.100 up, line protocol up, Eth VLAN 100 up
Destination address: 1.1.1.3, VC ID: 123456789, VC status: up
Next hop: 1.0.0.2
Output interface: Gi0 / 2, imposed label stack {599 17}
Create time: 02:33:18, last status change time: 02:33:14
Signaling protocol: LDP, peer 1.1.1.3
MPLS VC labels: local 140, remote 17
Group ID: local 0, remote 0
MTU: local 1500, remote 1500
Remote interface description:
Sequencing: receive disabled, send disabled
VC statistics:
packet totals: receive 1391338893, send 1676515662
byte totals: receive 2765021070, send 3317727319
packet drops: receive 0, send 0
MSK-1 # MTU issues
It must be remembered that during MPLS operation, 12 bytes are additionally added to the Ethernet packet.
To avoid packet fragmentation, you can specify “mpls mtu 1512” on the interfaces. But in this case, all devices on the way should support the transmission of packets with an MTU size greater than 1500.
PS Configs of all routers as promised.
| Moscow |
|---|
| #mpls ip #router ospf 100 log-adjacency-changes network 1.1.1.1 0.0.0.0 area 0 network 1.0.0.0 0.0.0.3 area 0 #interface GigabitEthernet0 / 2 ip address 1.0.0.1 255.255.255.252 mpls ip #interface Loopback1 ip address 1.1.1.1 255.255.255.255 #interface GigabitEthernet0 / 1.100 encapsulation dot1Q 100 xconnect 1.1.1.3 123456789 encapsulation mpls |
| Samara |
|---|
| #mpls ip #router ospf 100 log-adjacency-changes network 1.1.1.2 0.0.0.0 area 0 network 1.0.0.0 0.0.0.3 area 0 network 1.0.0.4 0.0.0.3 area 0 #interface GigabitEthernet0 / 1 ip address 1.0.0.6 255.255.255.252 mpls ip #interface GigabitEthernet0 / 2 ip address 1.0.0.2 255.255.255.252 mpls ip #interface Loopback2 ip address 1.1.1.2 255.255.255.255 |
| Vladivostok |
|---|
| #mpls ip #router ospf 100 log-adjacency-changes network 1.1.1.3 0.0.0.0 area 0 network 1.0.0.6 0.0.0.3 area 0 #interface GigabitEthernet0 / 2 ip address 1.0.0.5 255.255.255.252 mpls ip #interface Loopback3 ip address 1.1.1.3 255.255.255.255 #interface GigabitEthernet0 / 1.40 encapsulation dot1Q 40 xconnect 1.1.1.1 123456789 encapsulation mpls |
It is impossible to describe absolutely all aspects in one article. I tried to tell as briefly as possible the minimum necessary for work.
Source: https://habr.com/ru/post/64073/
All Articles