MPLS VPN Implementation Configuring VRF Tables 2006 Cisco

Outline • Overview • What Are the VRF Configuration Tasks? • Creating VRF Tables and Assigning RDs • Specifying Export and Import RTs • Using VPN IDs • Assigning an Interface to a VRF Table • Typical Configuration to Enable VRFs • Summary © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -2

VRF Configuration Tasks VRF configuration tasks: • Create a VRF table • Assign RD to the VRF • Specify export and import route targets • (Optional) Configure a VPN ID • Assign interfaces to VRFs © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -3

Creating VRF Tables and Assigning RDs Router(config)# ip vrf name • This command creates a new VRF or enters configuration of an existing VRF. • VRF names are case-sensitive. • VRF is not operational unless you configure RD. • VRF names have only local significance. Router(config-vrf)# rd route-distinguisher • This command assigns a route distinguisher to a VRF. • You can use ASN: nn or A. B. C. D: nn format for RD. • Each VRF in a PE router has to have a unique RD. © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -4

Specifying Export and Import RTs Router(config-vrf)# route-target export RT • Specifies an RT to be attached to every route exported from this VRF to Multiprotocol Border Gateway Protocol • Allows specification of many export RTs—all to be attached to every exported route Router(config-vrf)# route-target import RT • Specifies an RT to be used as an import filter (Only routes matching the RT are imported into the VRF. ) • Allows specification of many import RTs (any route where at least one RT attached to the route matches any import RT is imported into the VRF. ) Because of implementation issues, at least one export route target must also be an import route target of the same VRF in Cisco IOS Release 12. 4(T) and earlier. © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -5

Specifying Export and Import RTs (Cont. ) Router(config-vrf)# route-target both RT • In cases where the export RT matches the import RT, use this form of the route-target command. Sample router configuration for simple customer VPN: ip vrf Customer_ABC rd 65173: 15 route-target export 65173: 15 route-target import 65173: 15 © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -6

What Is a VPN ID? • A VPN identifier (VPN ID) allows you to identify VPNs by an ID number. – Not used to control distribution of routing information – Not used to associate IP addresses with VPN IDs in routing updates – Is stored on the VRF structure for a VPN • Has the following elements: – OUI (three-octet hex number) – A VPN index (four-octet hex number identifying VPN within the company) • Configure all PE routers that belong to the same VPN with the same VPN ID • Make the VPN ID unique to the service provider network © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -7

Configuring VPN IDs Router(config)# ip vrf-name • This command creates a VRF routing table and a CEF forwarding table and enters VRF configuration mode. Router(config-vrf)# vpn id oui: vpn-index • This command assigns the VPN ID to the VRF. © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -8

Assigning an Interface to a VRF Table Router(config-if)# ip vrf forwarding vrf-name • This command associates an interface with the specified VRF. • The existing IP address is removed from the interface when the interface is put into VRF—the IP address must be reconfigured. • CEF switching must be enabled on the interface. Sample router configuration: ip cef ! interface serial 0/0 ip vrf forwarding Customer_ABC ip address 10. 0. 0. 1 255. 252 © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -9

MPLS VPN Network Example • The network supports two VPN customers. • Customer A runs RIP and BGP with the service provider; customer B uses only RIP. • Both customers use network 10. 0. © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -10

MPLS VPN Network Example (Cont. ) © 2006 Cisco Systems, Inc. All rights reserved.

Summary There are four required VRF configuration tasks: • Create a VRF table: – Use the ip vrf command • Assign RD to the VRF: – Use the rd command • Specify export and import RTs: – Use the route-target command • Assign interfaces to VRFs. – Use the ip vrf forwarding command reconfigure the IP address Configuring a numeric VPN ID is optional. – Use the vpn id command © 2006 Cisco Systems, Inc. All rights reserved. MPLS v 2. 2— 5 -12