6VPE Configuration with Cisco IOS

Posted by

6VPE is a network technology that allows IPv6 routes to be included in L3VPN VRFs.  A new address family, vpnv6 has been added to MP-BGP to support these operations.  An existing IPv4+MPLS L3VPN core is used and this technology functions without IPv6 running on the P routers in the core. VPNv6 address-family neighbors are peered via IPv4 addresses just like vpnv4 address families.

The primary reason for this solution is as of this writing LDP does not support IPv6 prefixes. You can not create a fully functional label switched core using IPv6.  This requires making use of an existing IPv4 label switched core in order to distribute IPv6 labels properly.  6VPE is a solution for using IPv6 inside of L3VPNs, while 6PE is a technology for using IPv6 in the global table on a label switched core.

Here is the network we will be using for this example:

GNS3 6VPE Lab Diagram

Basic core configuration

The first step in setting up a network like this is to get the core configured with LDP and OSPF.  The idea here is to give R1 the ability to ping R3 Loopback0 from R1 Loopback0, while making use of label switching.  This will be the base that we build the L3VPN MP-BGP peering on later.

We will walk through the configuration of R1. Full router configs are included at the end of the article.

Configure loopback interface:

interface Loopback0 
 ip address 123.123.123.1 255.255.255.255
end

Enable MPLS and IP:

mpls ip
mpls label protocol ldp
mpls ldp router-id Loopback0

Enable OSPF:

router ospf 123 
 router-id 123.123.123.1 
 log-adjacency-changes 
 network 123.123.12.1 0.0.0.0 area 0 
 network 123.123.123.1 0.0.0.0 area 0

Provision PE-P link:

interface FastEthernet1/0 
 description ** Connection to R2 f1/0 ** 
 ip address 123.123.12.1 255.255.255.0 
 speed auto 
 duplex auto 
 mpls ip
end

This should give you a good idea of how we are configuring the core.  Basically repeat this process on the other routers to get a complete end-to-end LSP (label switched path) between R1 and R3.  You can verify this by reviewing a few pieces of information. Examples are below.

R3 routing table:

R3#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP
+ - replicated route, % - next hop override
Gateway of last resort is not set
123.0.0.0/8 is variably subnetted, 6 subnets, 2 masks
O        123.123.12.0/24 [110/2] via 123.123.23.2, 00:00:57, FastEthernet1/0
C        123.123.23.0/24 is directly connected, FastEthernet1/0
L        123.123.23.3/32 is directly connected, FastEthernet1/0
O        123.123.123.1/32 [110/3] via 123.123.23.2, 00:00:57, FastEthernet1/0
O        123.123.123.2/32 [110/2] via 123.123.23.2, 00:00:57, FastEthernet1/0
C        123.123.123.3/32 is directly connected, Loopback0
R3 mpls forwarding table
R3#sh mpls forwarding-table
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
16         Pop Label  123.123.12.0/24  0             Fa1/0      123.123.23.2
17         16         123.123.123.1/32 0             Fa1/0      123.123.23.2
18         Pop Label  123.123.123.2/32 0             Fa1/0      123.123.23.2

Finally a traceroute to R1 Loopback0 from R3:

R3#trace 123.123.123.1 so lo0
Type escape sequence to abort.
Tracing the route to 123.123.123.1
1 123.123.23.2 [MPLS: Label 16 Exp 0] 64 msec 84 msec 64 msec
2 123.123.12.1 120 msec 80 msec *

Based on the output from the verification commands we can see we have routes and labels between R1 and R3.  This is necessary to be able to do MP-BGP peering between R1 and R3 for L3VPN label distribution. With proper connectivity now established we’ll move onto getting VPNv6 peering configured and verified.

MP-BGP VPNv6 Peering

Now that we have our IPv4+MPLS core configured we can layer on the L3VPN configuration to support IPv6 transport.

Our configuration example will focus on R1. Full config files for the other routers are available at the end of this article.

Enable IPv6 on R1

ipv6 unicast-routing
ipv6 cef

Configure VRF that will have IPv6 in it:

vrf definition 6vpe
rd 123:1
route-target export 123:1
route-target import 123:3
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family

Configure CE facing interface with IPv6 and VRF defined

interface FastEthernet1/1
 description ** Connection to R4 (VRF 6vpe) **
 vrf forwarding 6vpe
 no ip address
 speed 10
 duplex half
 ipv6 address FEC0::1/64
end

Configure MP-BGP peering for VPNv6 between R1 and R3

router bgp 123
 no bgp default ipv4-unicast
 bgp log-neighbor-changes
 neighbor 123.123.123.3 remote-as 123
 neighbor 123.123.123.3 update-source Loopback0
!
address-family ipv4
 no synchronization
 no auto-summary
 exit-address-family
!
address-family vpnv6
 neighbor 123.123.123.3 activate
 neighbor 123.123.123.3 send-community both
exit-address-family
!
address-family ipv6 vrf 6vpe
 redistribute connected
 redistribute static
 no synchronization
exit-address-family

Create static route on R1 to get to Loopback0 on R4

ipv6 route vrf 6vpe FEC0:0:0:1::/64 FEC0::2

This configuration is basically mirrored onto R3. Once the configs are complete the verification process can begin.

Verify mpls forwarding table on R1:

R1#sh mpls forwarding-table
Local      Outgoing   Prefix           Bytes Label   Outgoing   Next Hop
Label      Label      or Tunnel Id     Switched      interface
16         Pop Label  123.123.123.2/32 0             Fa1/0      123.123.12.2
17         Pop Label  123.123.23.0/24  0             Fa1/0      123.123.12.2
18         19         123.123.123.3/32 0             Fa1/0      123.123.12.2
19         No Label   FEC0::/64[V]     3108          aggregate/6vpe
20         No Label   FEC0:0:0:1::/64[V]   3762          Fa1/1      FEC0::2

Traceroute from R1 to R3 on 6VPE vrf

R1#trace vrf 6vpe ipv6 fec0:0:0:3::1
Type escape sequence to abort.
Tracing the route to FEC0:0:0:3::1
1 ::FFFF:123.123.12.2 [MPLS: Labels 19/20 Exp 0] 116 msec 104 msec 84 msec
2 FEC0:0:0:2::1 [MPLS: Label 20 Exp 0] 80 msec 68 msec 48 msec
3 FEC0:0:0:3::1 104 msec 56 msec 68 msec

Traceroute from R4 to R5 over the 6VPE L3VPN

R4#trace ipv6 fec0:0:0:3::1
Type escape sequence to abort.
Tracing the route to FEC0:0:0:3::1
1 FEC0::1 56 msec 16 msec 12 msec
2 ::FFFF:123.123.12.2 40 msec 28 msec 16 msec
3 FEC0:0:0:2::1 48 msec 20 msec 32 msec
4 FEC0:0:0:3::1 48 msec 20 msec 24 msec

Summary

6VPE, at the moment, is the best solution for establishing IPv6 connectivity inside of existing IPv4 L3VPNs, or for creating IPv6-only L3VPNs. From a configuration stand-point its basically adding an IPv6 address family to the VRF,  VPNv6 and IPv6 address family to BGP, and placing an IPv6 address on a VRF enabled interface.  IPv6 traffic is labeled and transmitted across an IPv4+MPLS network using label switching.

6VPE Example Configs

Advertisements

2 comments

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s