In this example, R6 will be an IPv4 only router (MPLS P Router) that with R5 and R7 acting as IPv6 PEs (though for the base routing instance, not IPv6 VPNs)
Topology Description
R4========R5========R6========R7=========R8
Layer 2 Ethernet Ethernet Ethernet HDLC
Layer 2.5 MPLS MPLS
Layer 3 IPv6 IPv4 IPv4 IPv6
Routing Protocol OSPFv3 MP-BGP MP-BGP IPv6EIGRP
Router Configurations
Routers are 3725s emulated in dynamips
R8#sh ver | I IOS
Cisco IOS Software, 3700 Software (C3725-ADVENTERPRISEK9-M), Version 12.4(15)T14, RELEASE SOFTWARE (fc2)
R4 is running OSPFv3 process 1 and has Loopback0 directly in OSPF process 1 (if instead of this Loopback 0 was redistributed into OSPF and therefore was shown as an external route to OSPF, when R5 redistributes OSPF into the BGP IPv6 Unicast address-family, you would need to specific the "external" keyword)
I prefer to manualy set the link-local IP addresses on external interfaces
R4
hostname R4
ipv6 unicast-routing
ipv6 cef
interface Loopback0
no ip address
ipv6 address FEC0::4/128
ipv6 ospf 1 area 0
!
interface FastEthernet0/0
description R5 Fa0/1
no ip address
ipv6 address FE80::4 link-local
ipv6 address FEC0:45::4/64
ipv6 ospf 1 area 0
!
ipv6 router ospf 1
router-id 4.4.4.4
log-adjacency-changes
passive-interface Loopback0
R5 is running OSPFv3 with R4 and OSPFv2 with R6. MPLS is enabled between R5 and R6 with R5 a route-reflector client of R6
R5
hostname R5
ipv6 unicast-routing
ipv6 cef
interface Loopback0
ip address 5.5.5.5 255.255.255.255
!
interface FastEthernet0/0
description R6 Fa0/1
ip address 192.168.56.5 255.255.255.0
mpls ip
!
interface FastEthernet0/1
description R4 Fa0/0
no ip address
ipv6 address FE80::5 link-local
ipv6 address FEC0:45::5/64
ipv6 ospf 1 area 0
!
router ospf 1 log-adjacency-changes
network 5.5.5.5 0.0.0.0 area 0
network 192.168.56.5 0.0.0.0 area 0
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 6.6.6.6 remote-as 64512
neighbor 6.6.6.6 password secret
neighbor 6.6.6.6 update-source Loopback0
!
address-family ipv6
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-label
redistribute ospf 1 metric 100 include-connected
no synchronization
exit-address-family
!
ipv6 router ospf 1
log-adjacency-changes
redistribute bgp 64512 metric 100
!
R6 is running OSPFv2 with R5 and R7. MPLS is enabled on R5 and R7 facing interfaces and R6 is a route-reflector and using peer-group configuration. There is no IPv6 link configuration on R6, only the MP-BGP IPv6 unicast address family definition (which requires us to enable ipv6 unicast-routing to be able to configure)
R6
hostname R6
ip cef
ipv6 unicast-routing
interface Loopback0
ip address 6.6.6.6 255.255.255.255
!
interface FastEthernet0/0
description R7 Fa01/0
ip address 192.168.67.6 255.255.255.0
mpls ip
!
interface FastEthernet0/1
ip address 192.168.56.6 255.255.255.0
mpls ip
!
router ospf 1
log-adjacency-changes
network 6.6.6.6 0.0.0.0 area 0
network 192.168.56.6 0.0.0.0 area 0
network 192.168.67.6 0.0.0.0 area 0
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor RR-client peer-group
neighbor RR-client remote-as 64512
neighbor RR-client password secret
neighbor RR-client update-source Loopback0
neighbor 5.5.5.5 peer-group RR-client
neighbor 7.7.7.7 peer-group RR-client
!
address-family ipv6
neighbor RR-client route-reflector-client
neighbor RR-client send-label
neighbor 5.5.5.5 activate
neighbor 7.7.7.7 activate
exit-address-family
!
R7 is running IPv6 EIGRP with R8 and OSPFv2 with R6. MPLS is enabled between R7 and R6 with R7 a route-reflector client of R6
R7
hostname R7
ipv6 unicast-routing
ipv6 cef
interface Loopback0
ip address 7.7.7.7 255.255.255.255
!
interface FastEthernet0/1
description R6 Fa0/0
ip address 192.168.67.7 255.255.255.0
mpls ip
!
interface Serial1/0
description R8 S1/0
no ip address
ipv6 address FE80::7 link-local
ipv6 address FEC0:78::7/64
ipv6 eigrp 100
clock rate 2016000
!
router ospf 1
log-adjacency-changes
network 7.7.7.7 0.0.0.0 area 0
network 192.168.67.7 0.0.0.0 area 0
!
router bgp 64512
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 6.6.6.6 remote-as 64512
neighbor 6.6.6.6 password secret
neighbor 6.6.6.6 update-source Loopback0
!
address-family ipv6
neighbor 6.6.6.6 activate
neighbor 6.6.6.6 send-label
redistribute connected metric 100
redistribute eigrp 100 metric 100
no synchronization
exit-address-family
!
ipv6 router eigrp 100
no shutdown
redistribute bgp 64512 metric 100000 1 1 1 1500
!
R8 is running IPv6 EIGRP and has Loopback0 redistributed into it
R8
hostname R8
ipv6 unicast-routing
ipv6 cef
interface Loopback0
no ip address
ipv6 address FEC0::8/128
!
interface Serial1/0
description R7 S1/0
no ip address
ipv6 address FE80::8 link-local
ipv6 address FEC0:78::8/64
ipv6 eigrp 100
!
ipv6 router eigrp 100
eigrp router-id 8.8.8.8
no shutdown
redistribute connected
Lets look on our IPv6 routers and see if the routes to the other side can be seen:
R4#sh ipv6 route ospf
IPv6 Routing Table - Default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
OE2 FEC0::8/128 [110/100]
via FE80::5, FastEthernet0/0
OE2 FEC0:78::/64 [110/100]
via FE80::5, FastEthernet0/0
R8#sh ipv6 route eigrp
IPv6 Routing Table - Default - 6 entries
Codes: C - Connected, L - Local, S - Static, U - Per-user Static route
B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1
I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP
EX - EIGRP external
O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2
ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2
EX FEC0::4/128 [170/2170112]
via FE80::7, Serial1/0
EX FEC0:45::/64 [170/2170112]
via FE80::7, Serial1/0
Okay, very promising - Lets see if R4 Lo0 can reach R8 Lo0
R4#ping fec0::8 source fec0::4 repeat 20
Type escape sequence to abort.
Sending 20, 100-byte ICMP Echos to FEC0::8, timeout is 2 seconds:
Packet sent with a source address of FEC0::4
!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (20/20), round-trip min/avg/max = 16/21/36 ms
No problem here. So how does this work?
Lets see if we see the IPv6 routes on the route-reflector
R6#sh ip bgp ipv6 unicast summary
BGP router identifier 6.6.6.6, local AS number 64512
BGP table version is 9, main routing table version 9
4 network entries using 624 bytes of memory
4 path entries using 304 bytes of memory
2/1 BGP path/bestpath attribute entries using 336 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
Bitfield cache entries: current 1 (at peak 1) using 32 bytes of memory
BGP using 1296 total bytes of memory
BGP activity 15/11 prefixes, 18/14 paths, scan interval 60 secs
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
5.5.5.5 4 64512 127 127 9 0 0 00:00:20 2
7.7.7.7 4 64512 114 119 9 0 0 00:00:08 2
Well we can see that we've learnt 2 prefixes from each of the PEs
R6#sh ip bgp ipv6 unicast | begin Network
*>iFEC0::4/128 ::FFFF:5.5.5.5 100 100 0 ?*>iFEC0::8/128 ::FFFF:7.7.7.7 100 100 0 ?
*>iFEC0:45::/64 ::FFFF:5.5.5.5 100 100 0 ?
*>iFEC0:78::/64 ::FFFF:7.7.7.7 100 100 0 ?
Lets look at R6's MPLS label table to see if we can see anything related to IPv6
R6#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next HopLabel Label or VC or Tunnel Id Switched interface
16 Pop Label 7.7.7.7/32 0 Fa0/0 192.168.67.7
17 Pop Label 5.5.5.5/32 0 Fa0/1 192.168.56.5
Not directly in the forwarding path, however there are labels associated with the IPv6 routes themselves used by the PEs to identify routes:
R6#sh ip bgp ipv6 unicast labels
Network Next Hop In label/Out label
FEC0::4/128 ::FFFF:5.5.5.5 nolabel/20
FEC0::8/128 ::FFFF:7.7.7.7 nolabel/21
FEC0:45::/64 ::FFFF:5.5.5.5 nolabel/19
FEC0:78::/64 ::FFFF:7.7.7.7 nolabel/19
Okay, Lets lets go to each of the PEs and see the associated Labels
R5#sh mpls forwarding-table
Network Next Hop In label/Out labelFEC0::4/128 ::FFFF:5.5.5.5 nolabel/20
FEC0::8/128 ::FFFF:7.7.7.7 nolabel/21
FEC0:45::/64 ::FFFF:5.5.5.5 nolabel/19
FEC0:78::/64 ::FFFF:7.7.7.7 nolabel/19
R7#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next HopLabel Label or VC or Tunnel Id Switched interface
16 16 7.7.7.7/32 0 Fa0/0 192.168.56.6
17 Pop Label 6.6.6.6/32 0 Fa0/0 192.168.56.6
18 Pop Label 192.168.67.0/24 0 Fa0/0 192.168.56.6
19 No Label FEC0:45::/64 0 aggregate
20 No Label FEC0::4/128 2280 Fa0/1 FE80::4
We'll clear the MPLS related counters and send 1000 packets between the two endpoints to see which MPLS paths we're using - first we'll clear the associated counters.
R5#clear mpls counters
Clear "show mpls forwarding-table" counters [confirm]
R6#clear mpls counters
Clear "show mpls forwarding-table" counters [confirm]
R6#clear mpls counters
Clear "show mpls forwarding-table" counters [confirm]
R4#ping fec0::8 source fec0::4 repeat 1000
Type escape sequence to abort.
Sending 1000, 100-byte ICMP Echos to FEC0::8, timeout is 2 seconds:
Packet sent with a source address of FEC0::4
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (1000/1000), round-trip min/avg/max = 4/25/72 ms
Lets look at the forwarding-tables again to see the bytes switched values...
R5#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 16 7.7.7.7/32 0 Fa0/0 192.168.56.6
17 Pop Label 6.6.6.6/32 0 Fa0/0 192.168.56.6
18 Pop Label 192.168.67.0/24 0 Fa0/0 192.168.56.6
19 No Label FEC0:45::/64 0 aggregate
20 No Label FEC0::4/128 114000 Fa0/1 FE80::4
Ok, so traffic coming into R5 with a label of 20 is going through to FE80::4 (R4 Lo0)
R6#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 7.7.7.7/32 118000 Fa0/0 192.168.67.7
17 Pop Label 5.5.5.5/32 118000 Fa0/1 192.168.56.5
We can see traffic destined to each of the PEs
R7#sh mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or VC or Tunnel Id Switched interface
16 Pop Label 6.6.6.6/32 0 Fa0/1 192.168.67.6
17 Pop Label 192.168.56.0/24 0 Fa0/1 192.168.67.6
18 17 5.5.5.5/32 0 Fa0/1 192.168.67.6
19 No Label FEC0:78::/64 0 aggregate
21 No Label FEC0::8/128 104000 Se1/0 point2point
We can see traffic coming into R7 with a label of 21 is destined to FE80::8 (R8 Lo)
So if we trace the path from R4 to R8:
R4#trace
Protocol [ip]: ipv6
Target IPv6 address: fec0::8
Source address: fec0::4
Insert source routing header? [no]:
Numeric display? [no]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Priority [0]:
Port Number [0]:
Type escape sequence to abort.
Tracing the route to FEC0::8
1 FEC0:45::5 28 msec 32 msec 16 msec
2 ::FFFF:192.168.56.6 [MPLS: Labels 16/21 Exp 0] 20 msec 28 msec 28 msec
3 FEC0:78::7 [MPLS: Label 21 Exp 0] 32 msec 28 msec 16 msec
4 FEC0:78::8 28 msec 32 msec 16 msec
We can see on entry #2 that R6 is using label 16 to get to R7 and inner label 21 will be used to tell R7 this is destined for FEC0::8/128
On entry #3 we can see that R7 is using label 21 to determine we send traffic out S1/0 to reach R8
Tracing in the reverse direction?
R8#trace
Protocol [ip]: ipv6
Target IPv6 address: fec0::4
Source address: fec0::8
Insert source routing header? [no]:
Numeric display? [no]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Priority [0]:
Port Number [0]:
Type escape sequence to abort.
Tracing the route to FEC0::4
1 FEC0:78::7 76 msec 136 msec 28 msec
2 ::FFFF:192.168.67.6 [MPLS: Labels 17/20 Exp 0] 88 msec 120 msec 72 msec
3 FEC0:45::5 [MPLS: Label 20 Exp 0] 116 msec 100 msec 116 msec
4 FEC0:45::4 88 msec 116 msec 96 msec
We can see on entry #2 that R6 is using label 17 to get to R5 and inner label 20 will be used to tell R5 this is destined for FEC0::4/128
On entry #3 we can see that R5 is using label 20 to determine we send traffic out Fa0/1 to reach R4
This post's good, mates! I can see two of difficult things here, mpls and IPv6.
ReplyDeleteAre you CCIE SP? gussing from you experience,,,
I'm studying for SP myself nowdays.
I think I can learn lots of knowledge from this blog. Ta!
Hi Logan - I'm working my way to get a CCIE in the Routing and Switching track although Service Provider is more of my background - this specific example may not be directly relevant to R&S but was fun to set up and see how it works. Glad to be of some help.
ReplyDelete