MPLS LAB Gns3 Configuring MPLS Cloud Providers with VPN, BGP

MPLS Service Providers Configuration with BGP and EIGRP Route redistribution

This article is about MPLS (Multi-Protocol Label Switching, which  is commonly used by telecom operators (ISP) as connectivity solution of long distance. Before going to technical discussion, a first important observation is that the configuration of this technology in the corporate environment or enterprise is totally different from the setting the MPLS in the cloud service provider (ISP).

Learn about “what is a vpn client

Why MPLS Is Used

MPLS is lable-base fast switching, which forward the packets on basis of labels. Normally routing devices use the process-switching in which whenever they received a packet, they checks it’s IP address and forward ti after matching with routing table, this process may involved “send ARP request for MAC address”. Imagine, when there is hign traffic like in case of VOIP , this Process become a little slow. For Example a IP Phone call may using 100packets/S then router have to performed the processor for every 100 packets. Unlike other Layer 2 technologies i.e. HDLC, ATM and Frame-Relay that were traditionally used in the long-distance, MPLS s uses a label base Layer technology also called labels base routing. So Solution is the MPLS, where router assign a label to each packet for fast switching.

Following is the MPLS cloud diagram for our lab which is created in GNS3. Where you can see that we have a service provider network which is tagged as “ISP MPLS backbone” and there are two customer Edge. 

MPLS Cloud diagram

Before going into configuration, there are several fundamental concepts that the reader must keep in mind to understand the role of the elements involved in the scenario

The customer Edge (CE) is the equipment installed in remote units of the company that will receive the connectivity solution provided by the provider.

The Provider Edge (PE) is the operator’s router connected to one (or more) client router, PEs are connected with P router. The P (Provider) s will the other routers distributed by cloud MPLS representing the network infrastructure operator.

 

Another key concept is the technology VRF ( Virtual Routing and Forwarding ) that brings two other equally important elements: the RD ( Route Distinguish er ) and RT ( Route Target ) .Through VRF you can create multiple instances of the routing table,  to exist in a router and work simultaneously. This increases functionality by allowing network paths to be segmented without using multiple devices. No individual VRFs traffic between subnets of all customers of the operator would compose a single routing table, which it would be bad from a security point of view. Another common benefit is that it makes it possible for customers to use the same address networks.
However, at some point it is necessary that the routes between the router d the company ( C E) and carrier router (PE) are redistribute to a BGP process in PE.
Here comes a problem: It is clear that it is possible to have duplicate addresses across VRFs because they represent different routing tables, This is only possible through the addition of a identifies pain on the routes to make them unique is called RD ( Route Distinguisher ).

In the scenario presented in this article we have two VRFs named Client1 and Client 2 to be identified as follows:

– VRF Client 1 , R D 65001: 1 11 RT 6500 1 : 1 
– VRF Client 2, RD 65002: 222 , RT 65002 : 2 

For easy understanding, I am dividing the configuration process in the following steps:

  1. IP addresses Configuration
  2. EIGRP configuration in the Carrier Cloud (AS 200)
  3. Creation and Association of VRF and RD Configuration / RT
  4. EIGRP routing configuration on PE and CE
  5. EIGRP and BGP Route Redistribution Configuration
  6. MP-BGP configuration in (s) PE

Steps 1 and 2 do not concern with the MPLS configuration itself, but these are the prerequisites for this lab. I have configured this lab in GNS3 with router IOS “c3660-telcoentk9-mz.124-13b.bin”, you can use any other router with MPLS support.
1) Basic Interfaces Configuration and IP Addresses 

Following are the IP setting but notice that the interfaces that connect to the CE routers do not have this setting, since the traffic to the PE is pure IP.

PE1 (config) # int loopback 1 
PE1 (config-if) # ip address 1.1.1.1 255.255.255.255 
PE1 (config-if) # int f0 / 0 
PE1 (config-if) # ip address 172.16.5.2 255.255.255.252 
PE1 (config-if) # mpls ip
PE1 (config-if) # int s1 / 0 
PE1 (config-if) # clock rate 64000 
PE1 (config-if ) # ip address 172.16.1.1 255.255.255.252 
PE1 (config-if) # no shut 
PE1 (config-if) # int s2 / 0 
PE1 (config-if) # clock rate 64000 
PE1 (config-if) # ip address 172.16 .2.1 255.255.255.252 
PE1 (config-if) # no shut 

PE 2 (config) # int loopback 1 
PE 2 (config-if) # ip address 2.2.2.2 255.255.255.255 
PE 2 (config-if) # int f0 / 0 
PE 2 (config-if) # ip address 172.16. 6 .2 255.255.255.252 
PE 2 (config-if) # mpls ip
PE 2 (config-if) # int s1 / 0 
PE 2 (config-if) # clock rate 64000 
PE 2 (config-if) # ip address 172.16. 3 .1 255.255.255.252 
PE 2 (config-if) # no shut 
PE 2 (config-if) # int s2 / 0 
PE 2 (config-if) # clock rate 64000 
PE 2 (config-if) # ip address 172.16. 4 .1 255.255.255.252 
PE 2 (config-if) # no shut 

P (config) # int loopback 1 
P(config-if) # ip address 3.3.3.3 255.255.255.255 
P(config-if) # int f0 / 0 
P (config-if) # ip address 172.16. 5. 1 255 255 255 252 
P(config-if) # mpls ip
P(config-if) # int f1 / 0 
P (config-if) # ip address 172.16. 6 .1 255.255.255.252 
P (config – if ) # mpls ip
P(Config-if) # no shut

2) IGP routing (EIGRP) in the Carrier Cloud (AS 200)

This second stage is also very basic, consisting only in the configuration of an IGP routing protocol which either in the cloud service provider.

PE1 (config) # router eigrp 200 
PE1 (config-router) # network 172.16.0.0 
PE1 (config-router) # network 1.1.1.1 
PE1 (config -router) # no auto-summary 

PE2 (config) # router eigrp 200 
PE2 (config-router) # network 172.16.0.0 
PE2 (config-router) # network 2.2.2.2   
PE2 (config-router) # no auto-summry 

P (config) # router eigrp 200 
P (config-router) # network 172.16. 0.0 
P (config-router) # network 3.3.3.3  
P (config – router) # no auto-summary  

3) Creation and Association of VRF and RD configuration / RT 

the following configuration is required only at edge routers (PE) , since the routers of the company (EC) did not have knowledge of MPLS. Notice that in each edge router create two VRFs and RD / RT values ​​previously defined. Finally, associated each VRF with its respective interface (client).

PE1 (config) #ip vrf Client1 
PE1 (config-vrf ) #rd 65001: 111 
PE1 (config-vrf) # route-target BOTH 65001: 1 
PE1 (config-vrf) #exit 
PE1 (config) #ip vrf Client2 
PE1 (config-vrf) #rd 65002: 222 
PE1 (config -vrf) # route-target BOTH 65002: 2 
​​PE1 (config-vrf) #exit 
PE1 (config) #int s2 / 0 
PE1 (config-if) #ip vrf forwarding Client1 
PE1 (config-if) #ip address 172.16.1.1 255.255.255.252 
PE1 (config-if) #exit 
PE1 (config) #int s2 / 1 
PE1 (config-if) #ip vrf forwarding Client2 
PE1 (config-if) #ip address 172.16.2.1 255.255.255.252 
PE1 (config-if) #exit 

PE2 (config) #ip vrf Client1 
PE2 (config-vrf ) #rd 65001: 111 
PE2 (config-vrf) # route-target BOTH 65001: 1 
PE2 (config-vrf) #exit 
PE2 (config) #ip vrf Client2 
PE2 (config-vrf) #rd 65002: 222 
PE2 (config -vrf) # route-target BOTH 65002: 2 
​​PE2 (config-vrf) #exit 
PE2 (config) #int s2 / 0 
PE2 (config-if) #ip vrf forwarding Client1 
\PE2 (config-if) #ip address 172.16.3.1 255.255.255.252 
PE2 (config-if) #int s2 / 1 
PE2 (config-if) #ip vrf forwarding Client2 
PE2 (config-if) #ip address 172.16.4.1 255.255.255.252 
PE2 (config-if) #exit

Ignore the message “% Serial Interface / 1 IP address 172.16 .x.x removed due to enabling VRF Client2 ” during above configurations.
4) EIGRP routing configuration on PE and CE

The next step is the configuration of a routing protocol between the companies so that the provider can know the routes advertised by the company. This configuration process is quite simple.

CE1A (config) #router eigrp 65001 
CE1A (config-router) #network 192.168.1.0 
CE1A (config-router) #network 172.16.0.0 
CE1A (config-router) #no auto-summary 

CE2A (config) #router eigrp 65002 
CE2A (config-router) #network 192.168.1.0 
CE2A (config-router) #network 172.16.0.0 
CE2A (config-router) #no auto-summary   

PE1 (config) #router eigrp 1 
PE1 (config-router) # address-family ipv4 vrf Client1 
PE1 (config-router-af) # autonomous-system 65001 
PE1 (config-router-af) #network 172.16.0.0 
PE1 (config-router-af) #no auto-summary 
PE1 (config-router-af) # 
PE1 (config-router-af) # address-family ipv4 vrf Client2 
PE1 (config-router-af) # autonomous-system 65002 
PE1 (config-router-af) #network 172.16.0.0 
PE1 (config-router-af) #no auto-summary

*** 

CE1B (config) #router eigrp 65001 
CE1B (config-router) #network 192.168. 2 .0 
CE1B (config-router) #network 172.16.0.0 
CE1B (config-router) #no auto-summary 

CE2B (config) #router eigrp 65002 
CE2B (config-router) # network 192.168. 2 .0 
CE2B (config-router) #network 172.16.0.0 
CE2B (config-router) #no auto-summary   

PE2 (config) #router eigrp 1 
PE2 (config-router) # address-family ipv4 vrf Client1 
PE2 (config-router-af) # autonomous-system 65001 
PE2 (config-router-af) #network 172.16.0.0 
PE2 (config-router-af) #no auto-summary 
PE2 (config-router-af) # 
PE2 (config -router-af) # address-family ipv4 vrf Client2 
PE2 (config-router-af) # autonomous-system 65002 
PE2 (config-router-af) #network 172.16.0.0 
PE2 (config-router-af) #no self summary 

(*) Note .: in the EIGRP process of PE routers that will establish neighborly relations with the CE routers use the AS 1 not to mix customer routes EIGRP 200 process we use in the early stages to exchange internal routes between routers the MPLS cloud.  

5) Redistribution of EIGRP routes into BGP

So far there is no connection between the remote units of the clients because the PE1 is not directly connected to PE2. The next step we will set up the i BGP between PE1 and PE2 to create the abstraction of the VPN / MPLS tunnel.
PE1 (config) # router bgp 200 
PE1 (config-router) # address-family ipv4 vrf Client1 
PE1 (config-router-af) # redistribute eigrp 65001 
PE1 (config-router-af) # exit 
PE1 (config-router) # address-family ipv4 vrf Client2 
PE1 (config-router-af) # redistribute eigrp 65002 
PE1 (config-router-af) # exit 
PE1 (config-router) # exit 
PE1 (config) # router eigrp 1 
PE1 (config-router) # address-family ipv4 vrf Client1 
PE1 (config-router-af) # redistribute bgp 200 metric 10000 1000 255 1 1500 
PE1 (config-router-af) # exit 
PE1 (config-router) # address-family ipv4 vrf Client2 
PE1 (config-router-af) # redistribute bgp 200 metric 10000 1000 255 1 1500 

PE2 (config ) # router bgp 200 
PE2 (config-router) # address-family ipv4 vrf Client1 
PE2 (config-router-af) # redistribute eigrp 65001 
PE2 (config-router-af) # exit 
PE2 (config-router) # address-family ipv4 vrf Client2 
PE2 (config-router-af) # redistribute eigrp 65002 
PE2 (config-router-af) # exit 
PE2 (config-router) # exit 
PE2 (config) # router eigrp 1 
PE2 (config-router) # address- family ipv4 vrf Client1 
PE2 (config-router-af) # redistribute bgp 200 metric 10000 1000 255 1 1500 
PE2 (config-router-af) # exit 
PE2 (config-router) # address-family ipv4 vrf Client2 
PE2 (config-router -AF) # redistribute bgp 200 metric 10000 1000 255 1 1500 

6) MP-BGP configuration in (s) PE | VPN Tonnel Creation

The last step consists in the VPN tunnel establishment between the remote units d the company to provide the client abstraction that there is a private connection of long distance (WAN) between units . So this setting is made, the CE1A and CE1B routers will know the routes each other and the company will have connectivity remote!

PE1 (config) #router bgp 200 
PE1 (config-router) #neighbor 2.2.2.2 remote-200 
PE1 (config-router) #neighbor 2.2.2.2 update-source LO1 
PE1 (config-router) # address-family vpnv4 
PE1 (config-router-af) #neighbor 2.2.2.2 activate 
PE1 (config-router-af) #neighbor 2.2 .2.2 send-community 

PE2 (config) #router bgp 200 
PE2 (config-router) #neighbor 1.1.1.1 remote-200 
PE2 (config-router) #neighbor 1.1.1.1 update-source LO1 
PE2 (config-router) # address-family vpnv4 
PE2 (config-router-af) #neighbor 1.1.1.1 activate 
PE2 (config-router-af) #neighbor 1.1.1.1 send-community

Verification:

After MANY command lines already have a basic implementation of VPN / MPLS working between two client companies, each with only two remote units.  To view the routing table VRFClient1 in the PE1 router you can see that the route 192.168.2.0/ 24 of the remote unit is learned via BGP.

PE1 # show ip route vrf Client1 

Output must include the following Route:

B 192.168.2.0/24 [200/2172416] via 2.2.2.2, 00:02:37

we will also take advantage of all this work we had to observe the PE1 BGP table
PE1 # show ip bgp vpnv4 all

Now let’s look at the routing table of the router CE1A installed in the company. Note that he only knows the route remote as if the units were directly connected to each other . Ess to is the great advantage of VPN MPLS implementation, after the customer does not see the MPLS cloud.

CE1A # show ip route 

Output must include the following Route:

D 192.168.2.0/24 [90/2684416] via 172.16.1.1, 0:08:34, Serial2 / 0

Some other verification commands are as under:

PE1 # show ip route 
PE1 # show ip route vrf Client1 
PE1 # show ip route vrf Client2 
PE1 # show ip bgp  
PE 1 # show ip bgp s ummary 
PE1 # show ip bgp vpnv4 all   
PE1 # show ip eigrp vrf Client1 neighbors 
PE1 # show ip eigrp vrf Client2 neighbors 
PE 1 # show ip eigrp vrf Client1 top logy 
PE1 # show ip eigrp vrf Client2 topology 

Layer 3 Switching vs Routing | End the Confusion! L3 vs Router

What is difference between layer-3 Switching and Routing?

To understand the difference between L3 Switching and routing, it is better to understand basic definition of switch and router.

Remember the following in case of switch and router:

  • Switch is considered as Layer-2 device that performs circuit switch or forwarding decisions based on layer 2 table and Switch performed packet forwarding with hardware switching which is faster than a router.
  • According to basic definition of a router, it is a device which performs packet switching or Layer-3 forwarding and this layer-3 routing forwarding were typically performed in software or by means of programing algorithms. If you have clear understanding of packet vs circuit switching then you can understand this concept easily.

Layer-3 Switching vs Routing

In modern world there are most of routers those can perform Layer-3 forwarding using hardware as well. Therefore, both Layer 3 switch and Layer-3 router can perform nearly identical functions with same performance. But there are still some differences in operations of Layer-3 switches and routers as following:

 

  1. Layer-3 switches are enhanced for Ethernet, and are mainly used for inter-VLAN routing. These Layer-3 switches can also perform their basic Layer-2 forwarding for intra-VLAN traffic.
  2. A layer-3 Switches generally have higher number of ports as compare to routers, and are consider as a cheaper device in term of per port cast as compare to routers
  3. Routers are specially build for routing therefore they support a large number of WAN technologies as compare to Layer-3 switches, L3 switches normally do not have WAN interfaces & do not support the advance routing or WAN technologies.
  4. Layer 3 switches are frequently installed at the top of LAN in building or in campus networks. Routers are predominantly used for connecting to WAN, therefore they are deployed at core layer or in main data Center.
  5. Router perform routing lookup, by introducing fast switching and CEF, packets are also now switched on a router.Switches doesn’t support some QoS features.

MikroTik ROS how to reset router to factory default configuration

how to restore factory setting of Mikrotik Router:

Resetting a Mikrotik router is almost similar to other routers. You simply need to press the reset button with pin or with some niddle. Following are some easy steps for resetting a Mikrotik router.

1. Use a ballpoint pen to gently press and hold the res key, do not let go

press the reset button router factory setting

2. Then turn the power on.

power on while resetting router
3. After the device is powered, power light and ACT lights light up; continuing to hold the reset button do not let go , after the ACT LED flashes, immediately release the res key. (Note:  for 750GL reset: After the device is powered, power light and ACT lights light up; continuing to hold the res do not let go until the ACT lights off on the release of a key res.)

reset light factory reset
4. Release the res key device automatically restart the device to issue a “drop” “bit” sound after the success indicates that the device is up and reset.

DTE and DCE Data Terminal Equipment vs data communications equipment

DTE and DCE are the devices/technology which are used to connect the two end of a network or two network device with serial link.

What is DTE?

DTE “Data Terminal Equipment ( DTE ), “the acronym, with some data processing and data transmission capability of the device.
DTE is used to provide or receive data, normally connected to the network client machine, mainly computer and terminal equipment . DTE to provide or receive data, is connected to the modem on the computer is a DTE. V.24 serial port (pin 25) is generally specified by the first two DTE pin as the TXD (transmit data line), the first pin 3 is RXD (receive data lines), (the remainder of pin: 7 is signal ground, 4 is DTS, 5 is the RTS, 6 is DTR, 8 is DCD, and includes a transmit clock, receive clock and so on, have set specific pins).

What is DCE?

Opposite side of DTE is DCE, DCE is the service end use of equipment, but the configuration clock and bandwidth. DTE and DCE distinction in fact only for the serial port , the router is usually connected to a wide area network via the serial port.

 

Difference between Modular Router Vs Non-modular router

What is Non-modular router?

Non-modular router are low-end router and have fixed interfaces/Cards, we cannot able to add ports/interfaces latter on. This class of routers used to connect a home or small business ISP users. Non-modular router not only provides SLIP or PPP connection, also supports other protocols such as virtual private network protocols PPTP and IPSec, etc. Technologies such as ADSL will soon enhance the family available for each broadband , which will further increase the access router afford. Because of these trends, Non-modular router in the future will support many heterogeneous and high-speed ports, and the ability to run multiple protocols on each port.

Compared with modular router

The term Modular router describing a router that you can extend with certain components, such as interfaces, encryption accelerators, sound processing modules, etc. Modular router mainly refers to the interface type of the router and some extensions are based on the actual needs of the user router can be configured at the factory these routers generally provide the basic routing functions, users can be connected to the type of network to Select the appropriate module, different modules can provide different connectivity and management capabilities. For example, most modular router allows users to select a network interface type, some modular routers can provide VPN and other functional modules, some modular router also provides firewall functions, and so on. Most current routers are modular router.

ISR routers are a particular line of Cisco routers, namely, 800, 1800, 2800, and 3800 series are modular routers.