This VPN lab will test intranet and extranet MPLS VPN’s.
The diagram is the same as my last VPN Lab. Also it uses my MPLs topology found over here: http://mellowd.co.uk/ccie/?p=522
This is the lab topology again:
- CPE1 and CPE5 belong to Customer1
- CPE2 and CPE6 belong to Customer2
- Both customers are running OSPF as their IGP’s
- The loopbacks as shown in the topology must be advertised into OSPF. Cutomer1 should be able to ping all loopbacks in their networks and Customer2 should be able to ping everything in theirs.
- Both customers are now running a project together, and need 2 of their offices connected. CPE1 from Customer1 should be able to communicate with CPE6 from Customer2 and vice-versa
- It’s essential that CPE2 and CPE5 are NOT able to get to all loopbacks. ONLY CPE1 and CPE6 should be able to communicate with each other. This new configuration should not break the previous VPN’s in place
- Do this without using any ACL’s, Prefix-lists, Route-maps or the like
Hopefully this will be my final tweak. This time I’ve added base configs to the CPE devices. It just gives them a hostname and ensures there is no timeout. This prevents you from having to keep logging back in.
Image-wise, it’s the same. Click for the larger image:
This is the .net file contents:
#MPLS 1.1 created 23/02/10 #MPLS 1.2 created 24/02/10 #MPLS 2.0 created 29/03/11 - Changed routers to 3725s and moved idlepc to the 3725 box at the top #www.mellowd.co.uk/ccie #Feel free to use and change as you see fit. However if you do use please leave my details here at the top [localhost:7200] workingdir = /data/dynamips/working [[3725]] image = /data/dynamips/IOS_Images/3725/c3725-adventerprisek9-mz.124-15.T14.UNCOMPRESSED.bin ram = 142 disk0 = 16 disk1 = 0 ghostios = true sparsemem = true idlepc = 0x6026be14 ########################### # # # Mpls Topology 1.2 # # # ########################### [[Router CR1]] model = 3725 console = 2001 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR1 s1/0 s1/2 = AR3 s1/2 Fa0/0 = CR3 Fa0/0 Fa2/0 = CR2 Fa2/0 cnfg = /data/dynamips/Topology/mpls/CR1.cfg [[Router CR2]] model = 3725 console = 2002 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR2 s1/0 s1/2 = AR1 s1/2 Fa0/0 = CR4 Fa0/0 cnfg = /data/dynamips/Topology/mpls/CR2.cfg [[Router CR3]] model = 3725 console = 2003 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa2/0 = CR4 Fa2/0 s1/0 = AR3 s1/0 s1/1 = GR1 s1/1 s1/2 = AR4 s1/2 cnfg = /data/dynamips/Topology/mpls/CR3.cfg [[Router CR4]] model = 3725 console = 2004 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR4 s1/0 [[Router AR1]] model = 3725 console = 2005 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE1 Fa0/0 Fa2/0 = CPE2 Fa0/0 #cnfg = /data/dynamips/Topology/mpls/AR1.cfg [[Router AR2]] model = 3725 console = 2006 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE4 Fa0/0 Fa2/0 = CPE3 Fa0/0 #cnfg = /data/dynamips/Topology/mpls/AR2.cfg [[Router AR3]] model = 3725 console = 2007 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE5 Fa0/0 Fa2/0 = CPE6 Fa0/0 #cnfg = /data/dynamips/Topology/mpls/AR3.cfg [[Router AR4]] model = 3725 console = 2008 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE8 Fa0/0 Fa2/0 = CPE7 Fa0/0 #cnfg = /data/dynamips/Topology/mpls/AR4.cfg [[Router CPE1]] model = 3725 console = 2009 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE1.cfg [[Router CPE2]] model = 3725 console = 2010 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE2.cfg [[Router CPE3]] model = 3725 console = 2011 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE3.cfg [[Router CPE4]] model = 3725 console = 2012 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE4.cfg [[Router CPE5]] model = 3725 console = 2013 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE5.cfg [[Router CPE6]] model = 3725 console = 2014 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE6.cfg [[Router CPE7]] model = 3725 console = 2021 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE7.cfg [[Router CPE8]] model = 3725 console = 2022 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/CPE8.cfg [[Router GR1]] model = 3725 console = 2023 autostart = true #slot3 = NM-1FE-TX slot1 = NM-4T Fa0/0 = ISP2 Fa0/0 #cnfg = /data/dynamips/Topology/mpls/GR1.cfg [[Router ISP2]] model = 3725 console = 2024 autostart = false #slot3 = NM-1FE-TX #cnfg = /data/dynamips/Topology/mpls/ISP2.cfg
And here are the updated config files: http://mellowd.co.uk/ccie/wp-content/uploads/2010/02/mpls.tar2.gz
This is my first lab to use my MPLS topology found over here: http://mellowd.co.uk/ccie/?p=522 (Click the link as you’ll need the core ISP set up to run this lab)
This is the lab topology – click for a larger image:
- Use RIP as the routing protocol on CPE devices
- CPE1 and CPE5 belong to Company_A
- CPE2 and CPE6 belong to Company_B
- Each site has a /24 that is advertised via the loopback
- CPE1 should be able to ping CPE5′s loopback and vice-versa
- CPE2 should be able to ping CPE6′s loopback and vice-versa
- Different companies should NOT be able to ping each other. They must stay completely separate
- Now remove RIP and configure it so that both companies are using OSPF
- Once complete, remove the OSPF config and use EIGRP
Solution is now here: http://mellowd.co.uk/ccie/?p=570
There was a big error in the topology I put up yesterday. Even though it looked like ldp was running, the actual ldp neighbour relationships were not up. This is why when I later tested, no customer traffic went across the core.
I’ve now given each of the core routers and the access routers a loopback address in the 10.255.255.0/24 range (Each has a /32 in this range) This is advertised into OSPF. This ensures all routers have a route to all loopbacks. I then forced MPLS to use the loopback address for the ldp neighbour relationship.
Image-wise, it’s the same. Click for the larger image:
This is the.net file contents:
#MPLS 1.0 Topology created by Darren O'Connor 22/02/10 #MPLS 1.1 Topology created by Darren O'Connor 23/02/10 #www.mellowd.co.uk/ccie #Feel free to use and change as you see fit. However if you do use please leave my details here at the top [localhost:7200] workingdir = /data/dynamips/working [[3640]] image = /data/dynamips/IOS_Images/3640/c3640-jk9o3s-mz.124-5a.UNCOMPRESSED.bin ram = 128 disk0 = 0 disk1 = 0 mmap = true ghostios = true ########################### # # # Mpls Topology # # # ########################### [[Router CR1]] model = 3640 console = 2001 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR1 s1/0 s1/2 = AR3 s1/2 Fa0/0 = CR3 Fa0/0 Fa2/0 = CR2 Fa2/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR1.cfg [[Router CR2]] model = 3640 console = 2002 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR2 s1/0 s1/2 = AR1 s1/2 Fa0/0 = CR4 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR2.cfg [[Router CR3]] model = 3640 console = 2003 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa2/0 = CR4 Fa2/0 s1/0 = AR3 s1/0 s1/1 = GR1 s1/1 s1/2 = AR4 s1/2 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR3.cfg [[Router CR4]] model = 3640 console = 2004 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR4 s1/0 s1/2 = AR2 s1/2 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR4.cfg [[Router AR1]] model = 3640 console = 2005 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE1 Fa0/0 Fa2/0 = CPE2 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR1.cfg [[Router AR2]] model = 3640 console = 2006 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE4 Fa0/0 Fa2/0 = CPE3 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR2.cfg [[Router AR3]] model = 3640 console = 2007 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE5 Fa0/0 Fa2/0 = CPE6 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR3.cfg [[Router AR4]] model = 3640 console = 2008 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE8 Fa0/0 Fa2/0 = CPE7 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR4.cfg [[Router CPE1]] model = 3640 console = 2009 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE2]] model = 3640 console = 2010 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE3]] model = 3640 console = 2011 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE4]] model = 3640 console = 2012 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE5]] model = 3640 console = 2013 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE6]] model = 3640 console = 2014 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE7]] model = 3640 console = 2021 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE8]] model = 3640 console = 2022 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router GR1]] model = 3640 console = 2023 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T Fa0/0 = ISP2 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/GR1.cfg [[Router ISP2]] model = 3640 console = 2024 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX cnfg = /data/dynamips/Topology/Topology_Config/mpls/ISP2.cfg
And most importantly, this is the updated configuration files:
I’m writing my MPLs exam soon and so I wanted to create lots of labs which run over an MPLS core. I was going to using my original ‘mad’ topology but it’s going to be a hassle to have to create the core each. I’ve instead decided to create a separate MPLS core that contains everything I’ll need.
There are 4 core routers, and 2 access routers. Customer routers are connected to the access routers. There is also a gateway router running BGP with ISP2 that will be for BGP and internet access testing. Note that although there is currently a BGP session between ISP2 and GR1, there are no other sessions yet.
The topology is designed so that when you start running it in dynamips, the core is already set up. i.e. MPLS and OSPF are already running. This is because it’s very easy to configure an MPLS core and 90% of your MPLS configuration work will be done on the access routers themselves. The core routers are just switching packets, that’s it.
This is the topology (click for the larger image):
This is the .net file contents:
#MPLS 1.0 Topology created by Darren O'Connor 22/02/10 #www.mellowd.co.uk/ccie #Feel free to use and change as you see fit. However if you do use please leave my details here at the top [localhost:7200] workingdir = /data/dynamips/working [[3640]] image = /data/dynamips/IOS_Images/3640/c3640-jk9o3s-mz.124-5a.UNCOMPRESSED.bin ram = 128 disk0 = 0 disk1 = 0 mmap = true ghostios = true ########################### # # # Mpls Topology # # # ########################### [[Router CR1]] model = 3640 console = 2001 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR1 s1/0 s1/2 = AR3 s1/2 Fa0/0 = CR3 Fa0/0 Fa2/0 = CR2 Fa2/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR1.cfg [[Router CR2]] model = 3640 console = 2002 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR2 s1/0 s1/2 = AR1 s1/2 Fa0/0 = CR4 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR2.cfg [[Router CR3]] model = 3640 console = 2003 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa2/0 = CR4 Fa2/0 s1/0 = AR3 s1/0 s1/1 = GR1 s1/1 s1/2 = AR4 s1/2 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR3.cfg [[Router CR4]] model = 3640 console = 2004 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX s1/0 = AR4 s1/0 s1/2 = AR2 s1/2 cnfg = /data/dynamips/Topology/Topology_Config/mpls/CR4.cfg [[Router AR1]] model = 3640 console = 2005 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE1 Fa0/0 Fa2/0 = CPE2 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR1.cfg [[Router AR2]] model = 3640 console = 2006 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE4 Fa0/0 Fa2/0 = CPE3 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR2.cfg [[Router AR3]] model = 3640 console = 2007 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE5 Fa0/0 Fa2/0 = CPE6 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR3.cfg [[Router AR4]] model = 3640 console = 2008 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T slot2 = NM-1FE-TX Fa0/0 = CPE8 Fa0/0 Fa2/0 = CPE7 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/AR4.cfg [[Router CPE1]] model = 3640 console = 2009 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE2]] model = 3640 console = 2010 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE3]] model = 3640 console = 2011 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE4]] model = 3640 console = 2012 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE5]] model = 3640 console = 2013 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE6]] model = 3640 console = 2014 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE7]] model = 3640 console = 2021 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router CPE8]] model = 3640 console = 2022 autostart = false idlepc = 0x60610428 slot0 = NM-1FE-TX [[Router GR1]] model = 3640 console = 2023 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX slot1 = NM-4T Fa0/0 = ISP2 Fa0/0 cnfg = /data/dynamips/Topology/Topology_Config/mpls/GR1.cfg [[Router ISP2]] model = 3640 console = 2024 autostart = true idlepc = 0x60610428 slot0 = NM-1FE-TX cnfg = /data/dynamips/Topology/Topology_Config/mpls/ISP2.cfg
You can pick up the config files I’ve done over here: http://mellowd.co.uk/ccie/wp-content/uploads/2010/02/mpls.tar.gz
All my future MPLS labs will be done using this topology. Most config will be done on the access routers and the customer routers themselves.
Comments