Your Cart

Configuring MPLS L3VPN on IP Infusion OcNOS

Blog | By |

In this hands-on article, we will explore the configuration of MPLS L3VPN on the IP Infusion OcNOS Network Operating System tested on GNS3.

What is MPLS?

Multiprotocol Label Switching (MPLS) is a switching mechanism used in wide-area networks (WANs). MPLS uses labels instead of network addresses to route traffic optimally via shorter pathways. Multiprotocol Label Switching (MPLS) is now a key technology in modern networks, widely used by various organizations like Internet Service Providers, mobile operators, and big enterprises. By assigning labels to packets, MPLS allows routers to forward packets based on labels rather than having to perform time-consuming IP lookups for each packet. By optimizing traffic, MPLS reduces downtime and improves speed and quality of service (QoS).

Why is MPLS Needed?

Traditional methods, such as IP switching and tag switching, require each router to independently determine a packet’s next hop by inspecting its destination IP address before consulting its routing table. This slow process involves hardware resources and introduces the potential of degraded performance for real-time applications, such as voice and video. Traditional routers needed to scale more effectively to meet the bandwidth needs of the modern internet and avoid slow speeds, jitter, and packet loss.

Several Protocols are available for label distribution in MPLS networks. But the widely used protocols are given below:

  1. LDP (Label Distribution Protocol): LDP is the most widely used protocol for label distribution in MPLS networks. LDP is a protocol that automatically generates and exchanges labels between routers. Each router will locally generate labels for its prefixes and will then advertise the label values to its neighbors.
  2. RSVP-TE (Resource Reservation Protocol – Traffic Engineering): RSVP-TE is a signaling protocol and an extension of RSVP. It is typically used for MPLS traffic engineering. RSVP-TE is used in the network to reserve bandwidth along Label Switched Paths (LSPs).

In above topology, the status of each device is given below:

Steps to configure MPLS L3VPN

  • Configure OSPF
  • Enable LDP on routers
  • Create VRFs
  • Configure BGP VPNv4

We start by allocating IP addresses to the network interfaces of the routers. Subsequently, OSPF is activated on the routers (we’ll operate within a single OSPF area).

Following this, each router must share information about its networks with other routers. This is achieved using the “network” command, specifying the IP address, subnet mask of the network, and the OSPF area to which the network belongs.

Configuration on OcNOS-1:

OcNOS1(config)#router ospf 1
OcNOS1(config-router)#router-id 1.1.1.1.84
OcNOS1(config-router)#network 192.168.10.0/24 area
OcNOS1(config-router)#network 192.168.12.0/24 area
OcNOS1(config-router)#network 1.1.1.1/32 area
OcNOS1(config-router)#commit

Configuration on OcNOS-2:

OcNOS2(config)#router ospf 1
OcNOS2(config-router)#router-id 2.2.2.2
OcNOS2(config-router)#network 192.168.10.0/24 area
OcNOS2(config-router)#network 192.168.11.0/24 area
OcNOS2(config-router)#network 2.2.2.2/32 area
OcNOS2(config-router)#commit

Configuration on OcNOS-3:

OcNOS3(config)#router ospf 1
OcNOS3(config-router)#router-id 3.3.3.3
OcNOS3(config-router)#network 192.168.12.0/24 area
OcNOS3(config-router)#network 192.168.13.0/24 area
OcNOS3(config-router)#network 3.3.3.3/32 area
OcNOS3(config-router)#commit

Configuration on OcNOS-4:

OcNOS4(config)#router ospf 1
OcNOS4(config-router)#router-id 4.4.4.4
OcNOS4(config-router)#network 192.168.11.0/24 area
OcNOS4(config-router)#network 192.168.13.0/24 area
OcNOS4(config-router)#network 4.4.4.4/32 area
OcNOS4(config-router)#commit

After configuring OSPF, verify its status. The figure below is of OcNOS-1 and clearly depicts that OSPF is successfully configured.

Since OSPF is running properly, it’s time to move on to the next step and configure LDP for the topology.

To configure LDP, we first need to enable LDP on the router, configure the router ID, configure the LDP transport address and enable label switching on the interfaces.

It is common practice to use a loopback interface as the router ID. The transport address is the IP address used for creating the TCP session between neighboring routers. It is important that the transport-address is reachable by other routers.

Configuration on OcNOS-1:

OcNOS1(config)#router ldp
OcNOS1(config-router)#router-id 1.1.1.1
OcNOS1(config-router)#transport-address ipv4 1.1.1.1
OcNOS1(config-router)#exit

OcNOS1(config)#interface eth1
OcNOS1(config-if)#label-switching
OcNOS1(config-if)#enable-ldp ipv4
OcNOS1(config-if)#exit

OcNOS1(config)#interface eth2
OcNOS1(config-if)#label-switching
OcNOS1(config-if)#enable-ldp ipv4
OcNOS1(config-if)#commit

Configuration on OcNOS-2:

OcNOS2(config)#router ldp
OcNOS2(config-router)#router-id 2.2.2.2
OcNOS2(config-router)#transport-address ipv4 2.2.2.2
OcNOS2(config-router)#exit

OcNOS2(config)#interface eth1
OcNOS2(config-if)#label-switching
OcNOS2(config-if)#enable-ldp ipv4
OcNOS2(config-if)#exit

OcNOS2(config)#interface eth2
OcNOS2(config-if)#label-switching
OcNOS2(config-if)#enable-ldp ipv4
OcNOS2(config-if)#commit

Configuration on OcNOS-3:

OcNOS3(config)#router ldp
OcNOS3(config-router)#router-id 3.3.3.3
OcNOS3(config-router)#transport-address ipv4 3.3.3.3
OcNOS3(config-router)#exit

OcNOS3(config)#interface eth1
OcNOS3(config-if)#label-switching
OcNOS3(config-if)#enable-ldp ipv4
OcNOS3(config-if)#exit

OcNOS3(config)#interface eth2
OcNOS3(config-if)#label-switching
OcNOS3(config-if)#enable-ldp ipv4
OcNOS3(config-if)#commit

Configuration on OcNOS-4:

OcNOS4(config)#router ldp
OcNOS4(config-router)#router-id 4.4.4.4
OcNOS4(config-router)#transport-address ipv4 4.4.4.4
OcNOS4(config-router)#exit

OcNOS4(config)#interface eth1
OcNOS4(config-if)#label-switching
OcNOS4(config-if)#enable-ldp ipv4
OcNOS4(config-if)#exit

OcNOS4(config)#interface eth2
OcNOS4(config-if)#label-switching
OcNOS4(config-if)#enable-ldp ipv4
OcNOS4(config-if)#commit

LDP configurations can be verified by using the following commands:

show mpls ldp neighbor – Displays the list of LDP neighbors that the router has established adjacency with.

show mpls forwarding-table display the MPLS forwarding table. It shows the mapping between MPLS labels and network prefixes, as well as the outgoing label and interface and the next hop.

After completing MPLS LDP, now move towards the L3VPN configuration.

Layer 3 Virtual Private Network (L3VPN) is a solution allowing companies to securely link distant sites through a common IP framework. It’s commonly employed by enterprises spanning various locations, like service providers, data centers, branch offices, and remote employees, ensuring secure and effective access to corporate assets.

In topology, the status of each device is given below:

Now create the VRFs and associate interfaces to those VRFs. Each PE router in the MPLS-VPN backbone is attached to a site that receives routes from a specific VPN, so the PE router must have the relevant VRF configuration for that VPN.

Configuration on OcNOS-1:

OcNOS1(config)#ip vrf red
OcNOS1(config-vrf)#rd 1.1.1.1:4
OcNOS1(config-vrf)#route-target both 100:4
OcNOS1(config-vrf)#exit

OcNOS1(config)#interface eth3
OcNOS1(config-if)#ip vrf forwarding red
OcNOS1(config-if)#ip address 192.168.14.1/24
OcNOS1(config-if)#commit

Configuration on OcNOS-4:

OcNOS4(config)#ip vrf blue
OcNOS4(config-vrf)#rd 4.4.4.4:4
OcNOS4(config-vrf)#route-target both 100:4
OcNOS4(config-vrf)#exit

OcNOS4(config)#interface eth3
OcNOS4(config-if)#ip vrf forwarding blue
OcNOS4(config-if)#ip address 192.168.15.1/24
OcNOS4(config-if)#commit

Next, we need to configure BGP VPNv4 between the two PEs.

BGP enables the exchange of routing information between networks, allowing the PE routers to share information about customer routes and VPN labels. This information exchange is necessary for the proper routing of customer traffic across the VPN.

Configuration on OcNOS-1:

OcNOS1(config)#router bgp 65000
OcNOS1(config-router)#neighbor 4.4.4.4 remote-as 65000
OcNOS1(config-router)#neighbor 4.4.4.4 update-source 1.1.1.1

OcNOS1(config-router)#address-family vpnv4 unicast
OcNOS1(config-router-af)#neighbor 4.4.4.4 activate
OcNOS1(config-router-af)#exit

OcNOS1(config-router)#address-family ipv4 vrf red
OcNOS1(config-router-af)#redistribute connected
OcNOS1(config-router-af)#commit

Configuration on OcNOS-4:

OcNOS4(config)#router bgp 65000
OcNOS4(config-router)#neighbor 1.1.1.1 remote-as 65000
OcNOS4(config-router)#neighbor 1.1.1.1 update-source 4.4.4.4

OcNOS4(config-router)#address-family vpnv4 unicast
OcNOS4(config-router-af)#neighbor 1.1.1.1 activate
OcNOS4(config-router-af)#exit

OcNOS4(config-router)#address-family ipv4 vrf blue
OcNOS4(config-router-af)#redistribute connected
OcNOS4(config-router-af)#commit

Since all the steps have been completed, now verify L3VPN configuration by using the following commands:

show ip bgp vpnv4 all – Displays the BGP routing table for VPNv4 address family, which shows the learned VPNv4 routes and associated BGP next-hops.

Show mpls vrf-forwarding-table vrf red – display the MPLS VPN forwarding table for the VRF instance “red”.

The figure below shows the successful ping from PC1 to PC2

Successful ping from PC2 to PC1

I hope you found this article engaging, and if you have any queries or feedback, feel free to share them with us.

About Hardware Nation:

Hardware Nation is a professional services company that accelerates network transformation through a disaggregated, open approach, enabling freedom of choice, flexibility, and cost efficiency. Our seasoned experts have worked on projects for some of the world’s leading organizations, leveraging a hybrid cloud-first and AI-enabled approach. We help our customers navigate the ecosystem, drawing on decades of experience. Our deployments are powered by leading white box and OEM network, compute, and storage vendors. Our expertise encompasses a wide range of industries and use cases, including enterprise, cloud, data center, AI, 5G/ISP infrastructure, and edge IT.

About IP Infusion OcNOS:

IP Infusion OcNOS, also known as Open Compute Network Operating System, is an open network operating system designed to run on white box/bare metal network infrastructure. Widely deployed in access, aggregation, transport, and data center use cases, OcNOS-based solutions streamline operations and enable automation. The platform boasts extensive programmability, facilitating end-to-end network management and orchestration. With a single software image compatible with the entire range of Open Compute platforms from top-tier vendors, OcNOS ensures uniform operations, automated workflows, and high availability, all while substantially cutting operational costs.

Humza Atlaf

Network Engineer

Humza is a network engineer at Hardware Nation Labs, where his enthusiasm for Open Networking drives his work. With a blend of deep expertise and innovative approaches, he designs robust, scalable networks of the future. His practical experience includes configuring and deploying a range of protocols such as LACP, VLANs, MPLS, and VRRP. At his previous role, he was part of a SONiC testing team, further honing his skills in network setup and troubleshooting. Humza is also adept at network analysis with tools like Wireshark, enhancing his ability to manage complex network environments.

Learn more about our approach to IP Infusion.