4000 Router Series MPLS Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

191

192

193

194

195

196

197

198

199

200

188

Destination/Mask Proto Pre Cost NextHop Interface

1.1.1.9/32 Direct 0 0 127.0.0.1 InLoop0

2.2.2.9/32 ISIS 15 10 10.1.1.2 POS5/1

5.5.5.9/32 ISIS 15 84 10.1.1.2 POS5/1

6.6.6.9/32 ISIS 15 84 10.1.1.2 POS5/1

10.1.1.0/24 Direct 0 0 10.1.1.1 POS5/1

10.1.1.1/32 Direct 0 0 127.0.0.1 InLoop0

10.1.1.2/32 Direct 0 0 10.1.1.2 POS5/1

11.1.1.0/24 ISIS 15 20 10.1.1.2 POS5/1

20.1.1.0/24 ISIS 15 84 10.1.1.2 POS5/1

21.1.1.0/24 ISIS 15 84 10.1.1.2 POS5/1

21.1.1.2/32 ISIS 15 84 10.1.1.2 POS5/1

127.0.0.0/8 Direct 0 0 127.0.0.1 InLoop0

127.0.0.1/32 Direct 0 0 127.0.0.1 InLoop0

# Execute the display ip routing-table vpn-instance command on PE 3 and PE 4. The output shows that

the routes of the remote VPN customers are present in the VPN routing tables. Take PE 3 as an example:

[PE3] display ip routing-table vpn-instance vpn1

Routing Tables: vpn1

Destinations : 3 Routes : 3

Destination/Mask Proto Pre Cost NextHop Interface

100.1.1.0/24 Direct 0 0 100.1.1.2 Eth1/1

100.1.1.2/32 Direct 0 0 127.0.0.1 InLoop0

120.1.1.0/24 BGP 255 0 6.6.6.9 NULL0

# PE 3 and PE 4 can ping each other.

# CE 3 and CE 4 can ping each other.

Configuring nested VPN

Network requirements

The service provider provides nested VPN services for users, as shown in Figure 55.

• PE 1 and PE 2 are PE devices on the service provider backbone. Both of them support the nested

VPN function.

• CE 1 and CE 2 are provider CEs connected to the service provider backbone. Both of them support

VPNv4 routes.

• PE 3 and PE 4 are PE devices of the customer VPN. Both of them support MPLS L3VPN.

• CE 3 through CE 6 are CE devices of sub-VPNs in the customer VPN.

The key of nested VPN configuration is to understand the processing of routes of sub-VPNs on the service

provider PEs:

• When receiving a VPNv4 route from a provider CE (CE 1 or CE 2, in this example), a provider PE

replaces the RD of the VPNv4 route with the RD of the MPLS VPN on the service provider network,

adds the export target attribute of the MPLS VPN on the service provider network to the extended

community attribute list, and then forwards the VPNv4 route.

• To implement exchange of sub-VPN routes between customer PEs and service provider PEs,

MP-EBGP peers must be established between provider PEs and provider CEs.