Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Example: Nonforwarding Instances Configuration

 
Figure 1: Nonforwarding Instances Topology Diagram
Nonforwarding Instances Topology Diagram

In Figure 1, routers CE1, CE2, CE3, and CE4 are CE routers, PE0 and PE2 are PE routers, and Router P is the provider core transit router. CE1 and CE3 are part of a “community of interest” group called data, whereas CE2 and CE4 belong to a group called voice. Your goal is to connect the members of each group to each other by using a nonforwarding instance at the PE routers.

Note that routers PE0, CE1, and CE2 mirror the configurations on PE2, CE3, and CE4, respectively. Therefore, the latter routers are not shown in this example. The loopback addressing scheme for this network is shown in Table 1.

Table 1: Nonforwarding Instances—Loopback Addresses

Router

Loopback Address

CE1

10.255.255.172

CE2

10.255.255.180

PE0

10.255.255.176

P

10.255.255.178

PE2

10.255.255.174

CE3

10.255.255.182

CE4

10.255.255.181

Routers CE1, CE2, CE3, and CE4 only need basic connectivity to their directly connected PE router. You enable OSPF on the interface that connects the CE routers to the PE routers. Since the configurations for all the CE routers are almost identical, only CE3 and CE4 are shown.

Router CE3

Router CE4

PE router configuration is next. Because the configuration for Router PE0 and Router PE2 mirror each other, only Router PE2 is displayed.

You must enable the auto-export statement at the edit-routing-options hierarchy level for both the main configuration and the nonforwarding instances, establish policies that set tags on packets arriving from the CE routers, and accept packets into a specific instance that matches the corresponding outbound tags. Specifically, you configure the router to attach adata tag to all packets coming from Router CE3 and avoicetag to all packets arriving from Router CE4. Also, forward any OSPF traffic coming from the core with adata tag to Router CE3: send OSPF core traffic with avoicetag to Router CE4.

Router PE2

On Router P, the provider core router configuration is simple. Include the interfaces that connect to the two PE routers (PE0 and PE2) in the OSPF process.

Router P

If all the configurations are correct, routers CE1 and CE3 (the routers tagged with thedatatag ) can send traffic to one another and routers CE2 and CE4 (the routers tagged with thevoice tag ) can communicate bidirectionally, but routers with different tag types cannot reach each other.

Verifying Your Work

To verify that the nonforwarding instances configuration is functioning properly, you can use the following commands:

  • show ospf database

  • show route detail

  • ping

The following sections show the output of these commands used with the configuration example:

Router PE2 Status

user@PE2> show ospf database

Router CE3 Status

user@CE3> ping 10.255.255.172