Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: Configuring Multiple-Instance LDP

 

The primary LDP instance is configured at the [edit protocols] hierarchy level.

You can configure a specific instance of LDP by using the ldp statement at the [edit routing-instances routing-instance-name protocols] hierarchy level. This creates an instance of LDP for the particular VRF routing instance. You must specify all the required VRF statements and apply export and import policies to your LDP instance for the configuration to commit properly.

Most of the LDP hierarchy levels available in a primary instance are also available for specific instances of LDP. However, the no-forwarding option does not work in a VRF-based instance of LDP.

Figure 1: Multiple-Instance LDP Topology Diagram
Multiple-Instance LDP Topology Diagram

Figure 1 shows an example of a carrier-of-carriers network. CE3 and CE4 are end customer CE routers residing in AS 100. The VPN provider in AS 200 has three types of routers: PE3 and PE4 are PE routers that connect to the end customer, CE1 and CE2 act as the intermediate carrier CE routers, and P2 and P3 are internal transit routers. PE1 and PE2 in AS 300 are PE routers servicing the intermediate VPN provider, and P0 and P1 are transit routers for the top-tier carrier.

To make this configuration work, you must complete three major tasks:

  1. Configure external BGP between the VPN customer CE and the VPN provider PE.

  2. Configure internal BGP using the VPN family between both pairs of PE routers (one IBGP connection between PE1 and PE2 and a second IBGP connection between Router PE3 and Router PE4).

  3. Establish LDP and Interior Gateway Protocol (IGP) connections on all remaining links. This example uses OSPF as the IGP, but you can use the IGP of your choice.

Information supporting this carrier-of-carriers multiple-instance LDP example is summarized in Table 1 and Table 2.

Table 1: Multiple-Instance LDP Example—Routing Protocol Summary

Connection

Protocols

CE3 - PE3

EBGP family inet

PE3 - P2 - CE1

OSPF and LDP

CE1 - PE1

OSPF and LDP

PE1 - P0 - P1 - PE2

OSPF and LDP

PE1 - PE2

IBGP family inet-vpn

PE2 - CE2

OSPF and LDP

CE2 - P3 - PE4

OSPF and LDP

PE4 - CE4

EBGP family inet

PE3 - PE4

IBGP family inet-vpn

Table 2: Multiple-Instance LDP Example—Loopback Addresses

Router

Loopback Address

PE1

10.255.255.171

PE2

10.255.255.172

P0

10.255.255.173

P1

10.255.255.174

P2

10.255.255.175

P3

10.255.255.176

PE3

10.255.255.177

PE4

10.255.255.178

CE1

10.255.255.179

CE2

10.255.255.180

CE3

10.255.255.181

10.49.100.1

CE4

10.255.255.182

10.49.200.1

Your configuration tasks start at Router CE3 and move router by router through the first part of the VPN provider network, into the carrier AS, through the second VPN provider cluster of AS 200, and end at the second VPN customer Router CE4.

Since Router CE3 is the first customer router, configure EBGP between Router CE3 and the connected VPN provider Router PE3. You must also advertise your loopback address into BGP with a routing policy to allow IP reachability with Router CE4.

Router CE3

On Router PE3, the configuration tasks are more involved. You need to complete the EBGP connection to Router CE3 in a VRF instance, enable MPLS and LDP on the interface pointing toward the VPN provider Router CE1, and configure a primary instance of IBGP to reach Router PE4 at the far edge of AS 200.

Finally, set up an outbound VRF policy that places all BGP traffic and directly connected interfaces into a BGP community and an inbound VRF policy that accepts similar BGP community traffic from Router PE4.

Router PE3

On Router P2, enable LDP and the IGP used for transporting labels (in this case, OSPF). You will repeat these tasks on all transit core routers, both in the VPN provider network and the core carrier network.

Router P2

For Router CE1, configure LDP and OSPF in the same manner that you configured Router P2.

Router CE1

On core carrier Router PE1, configure a primary instance for OSPF, LDP, MPLS, and IBGP (with the family inet-vpn option) to connect the router to neighbor Router PE2. Next, implement multiple-instance LDP by establishing a secondary instance. Enable LDP and OSPF in this instance for Router PE1 to communicate with Router CE1. MPLS is not required in the secondary instance.

Finally, set up an outbound VRF policy that places all LDP traffic coming from Router CE1 into a BGP community, an export policy that sends this community traffic to Router PE2, and an inbound VRF policy that accepts similar BGP community traffic from Router PE2. This step tunnels the VPN provider’s LDP traffic into the carrier’s BGP session.

Router PE1

On Router P0, enable LDP and OSPF in the same manner that you configured these protocols on Router P2. You will repeat these tasks on Router P1 and Router P3.

Router P0

On Router P1, enable LDP and the IGP used for transporting labels (OSPF in this case).

Router P1

Core carrier Router PE2 is a mirror image of Router PE1. First, configure a primary instance for OSPF, LDP, MPLS, and IBGP (with the family inet-vpn option) to connect Router PE2 to neighbor Router PE1. Next, implement multiple-instance LDP by establishing a secondary instance. Enable LDP and OSPF in this instance for Router PE2 to communicate with Router CE2. MPLS is not required in the secondary instance.

Finally, set up an outbound VRF policy that places all LDP traffic coming from Router CE2 into a BGP community, an export policy that sends this community traffic to Router PE1, and an inbound VRF policy that accepts similar BGP community traffic from Router PE1. This step tunnels the VPN provider’s LDP traffic into the carrier’s BGP session.

Router PE2

For Router CE2, configure LDP and OSPF as you did on Router CE1 and the transit P routers.

Router CE2

Since Router P3 is another core provider router, enable LDP and OSPF on all transit interfaces.

Router P3

On Router PE4, complete the IBGP connection initiated on Router PE3 to connect the edge routers in AS 200. Also, enable LDP and MPLS on the t1-0/0/1 interface pointing toward the VPN provider Router CE2 and establish an EBGP connection to Router CE4 through use of a VRF instance.

Finally, set up an outbound VRF policy that places all BGP traffic and directly connected interfaces into a BGP community and an inbound VRF policy that accepts similar BGP community traffic from Router PE3.

Router PE4

Router CE4 is the destination VPN customer router. Configure EBGP between Router CE4 and the connected VPN provider Router PE4 to complete the configuration. Remember to advertise the loopback address into BGP by using a routing policy to allow IP reachability with Router CE3.

Router CE4

Verifying Your Work

To verify the proper operation of your multiple-instance LDP configuration, use the following commands:

  • show ldp database

  • show ldp interface

  • show ldp neighbor

  • show ldp path

  • show ldp route

  • show ldp session

  • show ldp statistics

The display output for these commands is the same as in previous Junos OS Releases, except for one difference. An instance name can now be used as an argument.

If you include an instance name with these commands, you display information for the specified LDP instance. For example, the command show ldp neighbor instance crockett shows all the LDP neighbors for a VRF instance named crockett. Conversely, show ldp neighbor without an instance name displays the LDP neighbors associated with the primary instance.

The following sections show the output of these commands used with the configuration example:

Router CE3 Status

user@CE3> show bgp summary

Router PE3 Status

user@PE3> show bgp summary

Router CE1 Status

user@CE1> show ldp neighbor

Router PE1 Status

user@PE1> show ldp neighbor instance vpn-provider

Router PE2 Status

user@PE2> show ldp neighbor instance vpn-provider

Router CE2 Status

user@CE2> show ldp neighbor

Router PE4 Status

user@PE4> show bgp summary

Router CE4 Status

user@CE4> show route protocol bgp