Technical Documentation

Configuring Carrier-of-Carriers VPNs for Customers That Provide Internet Service

You can configure a carrier-of-carriers VPN service for customers who want to provide basic Internet service. The carrier-of-carriers VPN service provider must configure MPLS in its network, although this configuration is optional for the carrier service customer. Carrier-of-Carriers VPNs shows how the routers in this type of service interconnect.

To configure a carrier-of-carriers VPN, perform the tasks described in the following sections:

Configuring the Carrier-of-Carriers VPN Service Customer’s CE Router

The carrier-of-carriers VPN service customer’s router acts as a CE router with respect to the service provider’s PE router. The following sections describe how to configure the carrier-of-carriers VPN service customer’s CE router:

Configuring MPLS

To configure MPLS on the customer’s CE router, include the mpls statement:

mpls {traffic-engineering bgp-igp;interface interface-name;}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

Configuring BGP

To configure a group to collate the customer’s internal routes, include the bgp statement:

bgp {group group-name {type internal;local-address address;neighbor address;}}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

The customer’s CE router must be able to send labels to the VPN service provider’s router. Enable this by including the labeled-unicast statement in the configuration for the BGP group:

bgp {group group-name {export internal;peer-as as-number;neighbor address {family inet {labeled-unicast;}}}}

You can include the bgp statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

Configuring OSPF

To configure OSPF on the customer’s CE router, include the ospf statement:

ospf {area area-id {interface interface-name {passive;}interface interface-name;}}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

Configuring Policy Options

To configure policy options on the customer’s CE router, include the policy-statement statement:

policy-statement statement-name {term term-name {from protocol [ospf direct ldp];then accept;}term term-name {then reject;}}

You can include this statement at the following hierarchy levels:

  • [edit policy-options]
  • [edit logical-systems logical-system-name policy-options]

Configuring the Carrier-of-Carriers VPN Service Provider’s PE Routers

The service provider’s PE routers connect to the customer’s CE routers and forward the customer’s VPN traffic across the provider’s network.

The following sections describe how to configure the carrier-of-carriers VPN service provider’s PE routers:

Configuring MPLS

To configure MPLS on the provider’s PE routers, include the mpls statement:

mpls {interface interface-name;interface interface-name;}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

Configuring BGP

To configure a BGP session with the provider PE router at the other end of the provider’s network, include the bgp statement:

bgp {group group-name {type internal;local-address address;family inet-vpn {any;}neighbor address;}}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

Configuring IS-IS

To configure IS-IS on the provider’s PE routers, include the isis statement:

isis {interface interface-name;interface interface-name {passive;}}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

Configuring LDP

To configure LDP on the provider’s PE routers, include the ldp statement:

ldp {interface interface-name;}

You can include this statement at the following hierarchy levels:

  • [edit protocols]
  • [edit logical-systems logical-system-name protocols]

Configuring a Routing Instance

To configure Layer 3 VPN service with the customer’s CE router, include the labeled-unicast statement in the configuration for the routing instance so the PE router can send labels to the customer’s CE router:

routing-instance-name {instance-type vrf;interface interface-name;route-distinguisher address;vrf-import policy-name;vrf-export policy-name;protocols {bgp {group group-name {peer-as as-number;neighbor address {family inet {labeled-unicast;}}}}}}

You can include these statements at the following hierarchy levels:

  • [edit routing-instances]
  • [edit logical-systems logical-system-name routing-instances]

Configuring Policy Options

To configure a policy statement to import routes from the customer’s CE router, include the policy-statement statement:

policy-statement policy-name {term term-name {from {protocol bgp;community community-name;}then accept;}term term-name {then reject;}}

You can include this statement at the following hierarchy levels:

  • [edit policy-options]
  • [edit logical-systems logical-system-name policy-options]

To configure a policy statement to export routes to the customer’s CE router, include the policy-statement and community statements:

policy-statement policy-name {term term-name {from protocol bgp;then {community add community-name;accept;}}term term-name {then reject;}}community community-name members value;

You can include these statements at the following hierarchy levels:

  • [edit policy-options]
  • [edit logical-systems logical-system-name policy-options]

Related Topics

Published: 2010-07-16

Help
|
My Account
|
Log Out