It's pretty easy. You make the 2 edge routers that connect each others AS a PE device. Then you take the link between the routers (for example Ethernet) and make a sub-interface (802.1Q tagged) for each VPN. Put that interface in the VRF of the VPN on both ends. Then run a dynamic protocol in each VRF to exchange the routes to the other end (could be anything, just PE-CE stuff, but now used as PE-PE).
Our Workbook 1 has a lab about it, actually all 3 ways of doing Inter-AS VPNs are explained there. Also the Workbook 2 labs include every way of doing it in at least 1 lab (5 of the 10 are really focused on Inter-AS communications, so is the real SP lab). This page (they copied a chapter from MPLS Configuration on Cisco IOS, so technically it's illegal :-), explains every method in detail with configs and diagrams. http://mpls-configuration-on-cisco-ios-software.org.ua/1587051990/ch07lev1sec2.html -- Regards, Rick Mur CCIE2 #21946 (R&S / Service Provider) Sr. Support Engineer – IPexpert, Inc. URL: http://www.IPexpert.com On 23 dec 2009, at 17:22, srinivas pv wrote: > Hi, > > In Cisco online documentation, I saw config steps/examples for other inter-AS > scenarios except back-to-back VRF (even though it was mentioned in other > books etc, and is straight forward) > > Any idea, where can I find config steps/examples for back-to-back vrf on CCO. > > Also following topics: > LC-ATM > VPN internet access. > > Thanks, > Srinivas > > On Wed, Dec 23, 2009 at 9:34 PM, Rick Mur <[email protected]> wrote: > Indeed, redistributing eBGP prefixes in the IGP would definitely work when > send-label is specified by the 2 ASBR eBGP routers. Than you should have an > end-to-end LSP between the PE's in both AS's. > > Then you configure multi-hop eBGP VPNv4 between the PE's and that way > distribute the VPN prefixes between the AS's, this is RFC2547bis Option C. > > The only way of doing Inter-AS VPN's WITHOUT any VPNv4 communication is with > Option A, which is a back-to-back VRF-lite configuration on ethernet > sub-interfaces or multiple FR DLCI or ATM VC sub-interfaces. > > -- > Regards, > > Rick Mur > CCIE2 #21946 (R&S / Service Provider) > Sr. Support Engineer – IPexpert, Inc. > URL: http://www.IPexpert.com > > On 23 dec 2009, at 16:43, matt reath wrote: > >> I've run into lab scenarios where an InterAS VPN needed to be established >> w/o using the VPNv4 family between the eBGP neighbors. To get it to work >> properly I configured send-labels on the eBGP neighbors and made sure that >> each AS knew about the other AS's loopback addresses via BGP<->IGP >> redistribution. That way there is a label defined via LDP/IGP in each AS >> for the other ASs loopack addresses. I used next-hop-self on the iBGP >> neighbors but it still wouldn't build a complete LSP unless the other AS's >> loopbacks were redistributed. >> >> On Mon, Dec 21, 2009 at 6:21 PM, Rick Mur <[email protected]> wrote: >> Try and convince yourself why you would need to add the send-label. See what >> you are doing and if you know that the next-hop prefixes already have a >> label through IGP/LDP or do you need to allocate labels for the EBGP >> prefixes, it really depends on your implementation just like Bryan said. If >> next-hop-self is used for EBGP prefixes than the next-hop address already >> has a label allocated through the IGP and LDP, so no then you don't need >> send-label. >> >> Really convince yourself of doing something, rather than doing a 'best >> practice'. See how the LSP works and how things are allocated. >> >> -- >> Regards, >> >> Rick Mur >> CCIE2 #21946 (R&S / Service Provider) >> Sr. Support Engineer – IPexpert, Inc. >> URL: http://www.IPexpert.com >> >> On 21 dec 2009, at 21:35, Bryan Bartik wrote: >> >>> Srinivas, >>> >>> If you are doing MP-EBGP between the ASBRs and using next-hop-self from the >>> ASBRs to the internal peers, then you shouldn't need send-label at all. In >>> this lab, NHS is configured in the PG so I think send-label is unnecessary. >>> >>> If you didn't use next-hop-self then you need to get that ASBR link into >>> BGP and use send-label from ASBR to IBGP peers. >>> >>> On Mon, Dec 21, 2009 at 1:08 PM, srinivas pv <[email protected]> >>> wrote: >>> Hi Team, >>> >>> I am doing this lab and I have the following query. Please do the needful. >>> >>> This is inter-AS scenario, and the restriction is not to allow LDP on any >>> interconnecting links between networks. >>> >>> So we need to use send-label on the links between AS 100 and 200. Why do we >>> need to configure send-label for iBGP neighbors also? >>> Is interconnecting links means, here iBGP also? >>> >>> >>> Thanks, >>> Srinivas >>> >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, please >>> visit www.ipexpert.com >>> >>> >>> >>> >>> -- >>> Bryan Bartik >>> CCIE #23707 (R&S, SP), CCNP >>> Sr. Support Engineer - IPexpert, Inc. >>> URL: http://www.IPexpert.com >>> _______________________________________________ >>> For more information regarding industry leading CCIE Lab training, please >>> visit www.ipexpert.com >> >> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> > > > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > >
_______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com
