Date created: 03/23/15 10:31:22. Last modified: 03/28/18 17:23:07

CSC (Squashed) with MP-BGP

Carrier Supporting Carrier (MPLS backbone carrier supporting an MPLS customer carrier)

This example is a typical CSC scenario however the customer carrier and backbone carrier are the same carrier. This is a method of achieving MPLS down to the customer end site whilst also increasing the MPLS label stack such that if a customer site is compromised they can't break out of the label stack into the backbone carrier’s global routing table transport label range. Any traffic that comes into the CSC-PE1 device will go into the ISP200 VRF which simply links the CPEs at other end sites. It keeps the backbone carrier protected from label popping/jumping.

When this is all one carrier the CSC-CE's LAN interface is the customer LAN interface and WAN interface becomes the GRT of a standard MPLS carrier. The CSC-CE's form VPNv4 peerings with each other to exchange labels. They don't form IPv4 Unicast peerings with each other though, just the backbone carrier CSC-PE devices. The backbone carrier acts as the customer carrier IGP. The backbone carrier takes in the customer carrier GRT as a customer (VRF) and transports routes across it's own backbone inside a transport label.

In the example wireshark capture below ping between end customer VRFs on the CSC-CE's explicit NULL is enabled on the backbone carrier PE's so that the label stack shows the full stack, as these two neighbour CSC-PEs would be using PHP.

 

For LDP 'mpls ldp discovery transport-address interface' will be required at the Interface level to set the LDP Router-ID to the outgoing interface ID rather than the router Loopback ID.

 

 

 

CSC-CE1: This is effectively the customer CPE on a typical MPLS WAN. The LAN side of this CE device is the customer LAN, the WAN side of it becomes a customer carrier PE.

hostname CSC-CE1

vrf definition CUST1
 rd 10.0.0.1:1

 address-family ipv4
  route-target export 200:1
  route-target import 200:1
 exit-address-family

interface Loopback0
 ip address 10.0.0.1 255.255.255.255

interface Loopback2
 vrf forwarding CUST1
 ip address 192.0.2.253 255.255.255.255

interface FastEthernet0/0
 description Link to Cust1
 vrf forwarding CUST1
 ip address 192.0.2.1 255.255.255.252

interface FastEthernet0/1
 description Link to CSC-PE1
 mtu 1530
 ip address 172.16.0.2 255.255.255.252
 mpls bgp forwarding

router bgp 200
 bgp router-id 10.0.0.1
 bgp log-neighbor-changes
 neighbor 10.0.0.2 remote-as 200
 neighbor 10.0.0.2 update-source Loopback0
 neighbor 172.16.0.1 remote-as 100

 address-family ipv4
  redistribute connected
  no neighbor 10.0.0.2 activate
  neighbor 172.16.0.1 activate
  neighbor 172.16.0.1 next-hop-self
  neighbor 172.16.0.1 allowas-in 1
  neighbor 172.16.0.1 send-label
 exit-address-family

 address-family vpnv4
  neighbor 10.0.0.2 activate
  neighbor 10.0.0.2 send-community extended
  neighbor 10.0.0.2 next-hop-self
 exit-address-family

 address-family ipv4 vrf CUST1
  redistribute connected
 exit-address-family

CSC-PE1

hostname CSC-PE1

vrf definition ISP200
 rd 1.1.1.1:200

 address-family ipv4
  route-target export 100:200
  route-target import 100:200
 exit-address-family

mpls label protocol ldp
mpls ldp explicit-null
no mpls ip propagate-ttl forwarded
mpls ldp router-id Loopback0 force

interface Loopback0
 ip address 1.1.1.1 255.255.255.255

interface FastEthernet0/1
 description Link to CSC-CE1
 mtu 1530
 vrf forwarding ISP200
 ip address 172.16.0.1 255.255.255.252
 mpls bgp forwarding

interface FastEthernet1/0
 description Link to CSC-PE2
 mtu 1530
 ip address 1.0.0.1 255.255.255.252
 ip ospf 100 area 0
 mpls ip

router ospf 100
 router-id 1.1.1.1
 passive-interface default
 no passive-interface FastEthernet1/0
 network 1.1.1.1 0.0.0.0 area 0

router bgp 100
 bgp router-id 1.1.1.1
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 100
 neighbor 2.2.2.2 update-source Loopback0
 !
 address-family ipv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 next-hop-self
 exit-address-family
 !
 address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community extended
  neighbor 2.2.2.2 next-hop-self
 exit-address-family
 !
 address-family ipv4 vrf ISP200
  redistribute connected
  neighbor 172.16.0.2 remote-as 200
  neighbor 172.16.0.2 activate
  neighbor 172.16.0.2 send-community extended
  neighbor 172.16.0.2 next-hop-self
  neighbor 172.16.0.2 send-label
 exit-address-family

CSC-PE2

hostname CSC-PE2

vrf definition ISP200
 rd 2.2.2.2:200

 address-family ipv4
  route-target export 100:200
  route-target import 100:200
 exit-address-family

mpls label protocol ldp
mpls ldp explicit-null
no mpls ip propagate-ttl forwarded
mpls ldp router-id Loopback0 force

interface Loopback0
 ip address 2.2.2.2 255.255.255.255

interface FastEthernet0/1
 description Link to CSC-CE2
 mtu 1530
 vrf forwarding ISP200
 ip address 172.16.0.5 255.255.255.252
 mpls bgp forwarding

interface FastEthernet1/0
 description Link to CSC-PE1
 mtu 1530
 ip address 1.0.0.2 255.255.255.252
 ip ospf 100 area 0
 mpls ip

router ospf 100
 router-id 2.2.2.2
 passive-interface default
 no passive-interface FastEthernet1/0
 network 2.2.2.2 0.0.0.0 area 0

router bgp 100
 bgp router-id 2.2.2.2
 bgp log-neighbor-changes
 neighbor 1.1.1.1 remote-as 100
 neighbor 1.1.1.1 update-source Loopback0

 address-family ipv4
  neighbor 1.1.1.1 activate
  neighbor 1.1.1.1 next-hop-self
 exit-address-family

 address-family vpnv4
  neighbor 1.1.1.1 activate
  neighbor 1.1.1.1 send-community extended
  neighbor 1.1.1.1 next-hop-self
 exit-address-family

 address-family ipv4 vrf ISP200
  redistribute connected
  neighbor 172.16.0.6 remote-as 200
  neighbor 172.16.0.6 activate
  neighbor 172.16.0.6 send-community extended
  neighbor 172.16.0.6 next-hop-self
  neighbor 172.16.0.6 send-label
 exit-address-family

CSC-CE2

hostname CSC-CE2

vrf definition CUST1
 rd 10.0.0.2:1

 address-family ipv4
  route-target export 200:1
  route-target import 200:1
 exit-address-family

interface Loopback0
 ip address 10.0.0.2 255.255.255.255

interface Loopback2
 vrf forwarding CUST1
 ip address 192.0.2.254 255.255.255.255

interface FastEthernet0/0
 description Link to Cust1
 vrf forwarding CUST1
 ip address 192.0.2.5 255.255.255.252

interface FastEthernet0/1
 description Link to CSC-PE2
 ip address 172.16.0.6 255.255.255.252
 mpls bgp forwarding

router bgp 200
 bgp router-id 10.0.0.2
 bgp log-neighbor-changes
 neighbor 10.0.0.1 remote-as 200
 neighbor 10.0.0.1 update-source Loopback0
 neighbor 172.16.0.5 remote-as 100

 address-family ipv4
  redistribute connected
  no neighbor 10.0.0.1 activate
  neighbor 172.16.0.5 activate
  neighbor 172.16.0.5 next-hop-self
  neighbor 172.16.0.5 allowas-in 1
  neighbor 172.16.0.5 send-label
 exit-address-family

 address-family vpnv4
  neighbor 10.0.0.1 activate
  neighbor 10.0.0.1 send-community extended
  neighbor 10.0.0.1 next-hop-self
 exit-address-family

 address-family ipv4 vrf CUST1
  redistribute connected
 exit-address-family