MPLS VPN OSPF PE and CE Support

The MPLS VPN OSPF PE and CE Support feature allows service providers to configure Open Shortest Path
First (OSPF) between provider edge (PE) and customer edge (CE) devices in a Multiprotocol Label Switching
(MPLS) virtual private network ( VPN). This feature increases flexibility when devices exchange routing
information among sites because a separate router ID for each interface or subinterface is configured on a
PE device attached to multiple CE devices within a VPN. An MPLS VPN consists of a set of sites that are
interconnected by means of an MPLS provider core network. At each customer site, one or more CE devices
attach to one or more PE devices.

• Finding Feature Information, page 1

• Prerequisites for MPLS VPN OSPF PE and CE Support, page 1
• Information About MPLS VPN OSPF PE and CE Support, page 2
• How to Configure MPLS VPN OSPF PE and CE Support, page 2
• Configuration Examples for MPLS VPN OSPF PE and CE Support, page 6
• Additional References, page 7
• Feature Information for MPLS VPN OSPF PE and CE Support, page 7

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and
feature information, see Bug Search Tool and the release notes for your platform and software release. To
find information about the features documented in this module, and to see a list of the releases in which each
feature is supported, see the feature information table at the end of this module.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

Prerequisites for MPLS VPN OSPF PE and CE Support

• Configure MPLS Layer 3 VPNs.
• Configure the Border Gateway Protocol (BGP) in the core.

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

1
 MPLS VPN OSPF PE and CE Support
Information About MPLS VPN OSPF PE and CE Support

Information About MPLS VPN OSPF PE and CE Support

Overview of MPLS VPN OSPF PE and CE Support

This feature allows service providers to configure Open Shortest Path First (OSPF) between provider edge
(PE) and customer edge (CE) devices in an MPLS VPN network.
This feature increases flexibility when devices exchange routing information among sites because a separate
router ID for each interface or subinterface is configured on a PE device attached to multiple CE devices
within a VPN.

How to Configure MPLS VPN OSPF PE and CE Support

Configuring OSPF as the Routing Protocol Between the PE and CE Devices

Perform this task to configure PE-to-CE routing sessions that use Open Shortest Path First (OSPF).

Note The Cisco implementation of OSPF in an MPLS VPN PE-CE environment is compliant with RFC 4576.

Before You Begin

Configure the PE device with the same routing protocol that the CE device uses.

SUMMARY STEPS

1. enable
2. configure terminal
3. router ospf process-id [vrf vpn-name]
4. network ip-address wildcard-mask area area-id
5. address-family ipv4 [multicast | unicast | vrf vrf-name]
6. redistribute protocol | [process-id] | {level-1 | level-1-2 | level-2} [as-number] [metric metric-value]
[metric-type type-value] [match {internal | external 1 | external 2}] [tag tag-value] [route-map map-tag]
[subnets]
7. exit-address-family
8. end

DETAILED STEPS

Command or Action Purpose

Step 1 enable Enables privileged EXEC mode.

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

2
 MPLS VPN OSPF PE and CE Support
Configuring OSPF as the Routing Protocol Between the PE and CE Devices

Command or Action Purpose

• Enter your password if prompted.
Example:
Device> enable

Step 2 configure terminal Enters global configuration mode.

Example:
Device# configure terminal

Step 3 router ospf process-id [vrf vpn-name] Enables OSPF routing and enters router configuration mode.
• The process-id argument identifies the OSPF process.
Example:
• The vrf vpn-name keyword and argument identify a virtual
Device(config)# router ospf 1 vrf grc
private network (VPN). Create a separate OSPF process for each
virtual routing and forwarding (VRF) instance that will receive
VPN routes.

Step 4 network ip-address wildcard-mask area area-id Defines the interfaces on which OSPF runs and to defines the area ID
for those interfaces.
Example: • The ip-address argument identifies the IP address.
Device(config-router)# network 10.0.0.1
0.0.0.3 area 20 • The wildcard-mask argument identifies the IP-address-type mask
that includes “don’t care” bits.
• The area-id argument identifies the area that is to be associated
with the OSPF address range. It can be specified as either a
decimal value or an IP address. To associate areas with IP
subnets, specify a subnet address as the value of the area-id
argument.

Step 5 address-family ipv4 [multicast | unicast | vrf Specifies the IPv4 address family type and enters address family
vrf-name] configuration mode.
• The multicast keyword specifies IPv4 multicast address prefixes.
Example:
• The unicast keyword specifies IPv4 unicast address prefixes.
Device(config-router)# address-family
ipv4 vrf vpn1 • The vrf vrf-name keyword and argument specify the name of
the VRF to associate with subsequent IPv4 address family
configuration mode commands.

Step 6 redistribute protocol | [process-id] | {level-1 | Redistributes routes from one routing domain into another routing
level-1-2 | level-2} [as-number] [metric domain.
metric-value] [metric-type type-value] [match You may need to include several protocols to ensure that all interior
{internal | external 1 | external 2}] [tag Border Gateway Protocol (IBGP) routes are distributed into the VRF.
tag-value] [route-map map-tag] [subnets]

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

3
 MPLS VPN OSPF PE and CE Support
Verifying Connectivity Between MPLS Virtual Private Network Sites

Command or Action Purpose

Example:
Device(config-router-af)# redistribute
rip metric 1 subnets

Step 7 exit-address-family Exits address family configuration mode.

Example:
Device(config-router-af)#
exit-address-family

Step 8 end (Optional) Exits to privileged EXEC mode.

Example:
Device(config-router)# end

Verifying Connectivity Between MPLS Virtual Private Network Sites

To verify that the local and remote customer edge (CE) devices can communicate across the Multiprotocol
Label Switching (MPLS) core, perform the following tasks:

Verifying IP Connectivity from CE Device to CE Device Across the MPLS Core

SUMMARY STEPS

1. enable
2. ping [protocol] {host-name | system-address}
3. trace [protocol] [destination]
4. show ip route [ip-address [mask] [longer-prefixes]] | protocol [process-id]] | [list [access-list-name |
access-list-number]

DETAILED STEPS

Step 1 enable
Enables privileged EXEC mode.

Step 2 ping [protocol] {host-name | system-address}

Diagnoses basic network connectivity on AppleTalk, Connectionless-mode Network Service (CLNS), IP, Novell, Apollo,
Virtual Integrated Network Service (VINES), DECnet, or Xerox Network Service (XNS) networks. Use the ping command
to verify the connectivity from one CE device to another.

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

4
 MPLS VPN OSPF PE and CE Support
Verifying Connectivity Between MPLS Virtual Private Network Sites

Step 3 trace [protocol] [destination]

Discovers the routes that packets take when traveling to their destination. The trace command can help isolate a trouble
spot if two devices cannot communicate.

Step 4 show ip route [ip-address [mask] [longer-prefixes]] | protocol [process-id]] | [list [access-list-name | access-list-number]
Displays the current state of the routing table. Use the ip-address argument to verify that CE1 has a route to CE2. Verify
the routes learned by CE1. Make sure that the route for CE2 is listed.

Verifying That the Local and Remote CE Devices Are in the PE Routing Table

SUMMARY STEPS

1. enable
2. show ip route vrf vrf-name [prefix]
3. show ip cef vrf vrf-name [ip-prefix]

DETAILED STEPS

Step 1 enable
Enables privileged EXEC mode.

Step 2 show ip route vrf vrf-name [prefix]

Displays the IP routing table associated with a virtual routing and forwarding (VRF) instance. Check that the loopback
addresses of the local and remote customer edge (CE) devices are in the routing table of the provider edge (PE) devices.

Step 3 show ip cef vrf vrf-name [ip-prefix]

Displays the Cisco Express Forwarding forwarding table associated with a VRF. Check that the prefix of the remote CE
device is in the Cisco Express Forwarding table.

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

5
 MPLS VPN OSPF PE and CE Support
Configuration Examples for MPLS VPN OSPF PE and CE Support

Configuration Examples for MPLS VPN OSPF PE and CE Support

Example: Configuring an MPLS VPN Using OSPF

PE Configuration CE Configuration

ip vrf vpn1 ip cef

rd 100:1 mpls ldp router-id Loopback0 force
route-target export 100:1 mpls label protocol ldp
route-target import 100:1 !
! interface Loopback0
ip cef ip address 10.0.0.9 255.255.255.255
mpls ldp router-id Loopback0 force !
mpls label protocol ldp interface FastEthernet0/0/0
! ip address 34.0.0.1 255.0.0.0
interface Loopback0 no cdp enable
ip address 10.0.0.1 255.255.255.255 !
! router ospf 1000
interface FastEthernet0/0/0 log-adjacency-changes
ip vrf forwarding vpn1 auto-cost reference-bandwidth 1000
ip address 34.0.0.2 255.0.0.0 redistribute connected subnets
no cdp enable network 34.0.0.0 0.255.255.255 area 1000
! network 10.0.0.0 0.0.0.0 area 1000
router ospf 1000 vrf vpn1
log-adjacency-changes
redistribute bgp 100 metric-type 1 subnets
network 10.0.0.13 0.0.0.0 area 10000
network 34.0.0.0 0.255.255.255 area 10000
!
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
redistribute ospf 1000 match internal
external 1 external 2
no auto-summary
no synchronization
exit-address-family

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

6
 MPLS VPN OSPF PE and CE Support
Additional References

Additional References
Related Documents

Related Topic Document Title

Cisco IOS commands Cisco Master Command List, All Releases

MPLS and MPLS applications commands Cisco IOS Multiprotocol Label Switching Command
Reference

Standards and RFCs

Standard/RFC Title
RFC 4576 Using a Link State Advertisement (LSA) Options Bit
to Prevent Looping in BGP/MPLS IP Virtual Private
Networks (VPNs)

Technical Assistance

Description Link
The Cisco Support and Documentation website http://www.cisco.com/cisco/web/support/index.html
provides online resources to download documentation,
software, and tools. Use these resources to install and
configure the software and to troubleshoot and resolve
technical issues with Cisco products and technologies.
Access to most tools on the Cisco Support and
Documentation website requires a Cisco.com user ID
and password.

Feature Information for MPLS VPN OSPF PE and CE Support

The following table provides release information about the feature or features described in this module. This
table lists only the software release that introduced support for a given feature in a given software release
train. Unless noted otherwise, subsequent releases of that software release train also support that feature.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support.
To access Cisco Feature Navigator, go to www.cisco.com/go/cfn. An account on Cisco.com is not required.

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

7
 MPLS VPN OSPF PE and CE Support
Feature Information for MPLS VPN OSPF PE and CE Support

Table 1: Feature Information for MPLS VPN OSPF PE and CE Support

Feature Name Releases Feature Information

MPLS VPN OSPF PE and CE 12.0(5)T The MPLS VPN OSPF PE and CE
Support Support feature allows service
12.0(11)ST
providers to configure Open
12.0(21)ST Shortest Path First (OSPF) between
12.2(17b)SXA provider edge (PE) and customer
edge (CE) devices in a
12.2(28)SB Multiprotocol Label Switching
Cisco IOS XE Release 2.1 (MPLS) virtual private network
(VPN).
In Cisco IOS Release 12.0(5)T, this
feature was introduced.
In Cisco IOS Release 12.0(11)ST,
12.0(21)ST, 12.2(17b)SXA, and
12.2(28)SB, this feature was
integrated.
In Cisco IOS XE Release 2.1, this
feature was implemented on Cisco
ASR 1000 Series Routers.
No commands were introduced or
modified.

MPLS: Layer 3 VPNs Configuration Guide, Cisco IOS Release 15M&T

8