Table of Contents
Advertisement
On host 1, VR PE 1:
On host 2, VR CE 1:
You must also configure either fallback global or a default route to a manually created
shared interface in the VRF. See "Configuring a Fallback Global Option" on page 463
or "Configuring a Default Route to a Shared Interface" on page 462 for details.
You can use the BGP session between the CE router and the parent VR to enable the
CE router to advertise prefixes within the VPN site that can be reachable from the
global Internet. An alternative configuration is to use a global export map as described
in "Setting Import and Export Maps for a VRF" on page 426.
Enabling Traffic Flow from the Internet to the VPN
When traffic flows from the Internet to a VPN, the traffic arrives at the PE router on
an interface in the global context. BGP performs a lookup in the global IP routing
table, which normally does not contain VPN routes. You can use one of the following
methods to advertise public VPN routes to the Internet (get the routes into the global
routing table) and thus enable traffic flow from the Internet to those VPNS.
Static Routes to a Shared IP Interface
You can introduce routes to VPN sites into the global routing table by placing static
routes to the VPN sites into the global table. The static routes must point to shared
IP interfaces that are shares of the PE-CE interface for each particular VPN site. The
static routes must then be injected into BGP (possibly as part of an aggregate) so that
they can be reached from the Internet. Figure 105 on page 468 illustrates this approach:
host1(config)#virtual-router pe1
host1:pe1(config)#router bgp 100
host1:pe1(config-router)#neighbor 10.4.4.4 remote-as 200
host1:pe1(config-router)# neighbor 10.4.4.4 ebgp-multihop
host1:pe1(config-router)#neighbor 10.4.4.4 update-source loopback1
host1:pe1(config-router)#exit
host2(config)#virtual-router ce1
host2:ce1(config)#interface loopback 1
host2:ce1(config-if)#ip address 10.4.4.4 255.255.255.255
host2:ce1(config-if)#exit
host2:ce1(config)#ip route 10.2.2.2 255.255.255.255 atm2/1.1
host2:ce1(config)#router bgp 200
host2:ce1(config-router)#neighbor 10.2.2.2 remote-as 100
host2:ce1(config-router)#neighbor 10.2.2.2 ebgp-multihop
host2:ce1(config-router)#neighbor 10.2.2.2 update-source loopback1
host2:ce1(config-router)#exit
Manually create shared interfaces in the parent VR and manually add static routes
to those shared interfaces. See "Enabling VRF–to–VR Peering" on page 454 for
more information.
Export VPN routes to the global BGP RIB. See "Setting Import and Export Maps
for a VRF" on page 426.
Chapter 5: Configuring BGP-MPLS Applications
Providing Internet Access to and from VPNs
467
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
