CE Management

Often, the service provider, not the customer, owns and manages the CE router. In that situation, the service provider wants management access to the CE router from a central management server. You can do this by having the PE router advertise one prefix from the managed CE router with one RT that is imported into the management VRF by the PE router connected to the management VRF.

You can limit the number of prefixes advertised with this management RT by configuring an export map on each VRF that assigns this management RT to only one prefix on the CE router. You can also advertise the regular VRF RTs used by the VPN with this prefix if the other CE routers need to be able to reach it. Figure 7-33 is an overview of the management setup. The management VRF has a management station. The PE router with the management VRF is importing all routes with the RT 9000:100. The PE router sydney sets the RT of one prefix on the CE router (here prefix; the loopback prefix on the CE router) to 9000:100.

Figure 7-33 Example of Management Access

Figure 7-33 Example of Management Access

The configuration of a PE router that provides management access to the CE is shown in Example 7-43.

Example 7-43 Configuration of a PE Router Providing Management Access hostname sydney

ip vrf cust-one rd 1:1

export map management route-target export 1:1 route-target import 1:1

ip prefix-list CE-management-loopback seq 5 permit

route-map management permit 10

Example 7-43 Configuration of a PE Router Providing Management Access (Continued)

match ip address prefix-list CE-management-loopback set extcommunity rt 9000:100

The configuration of the PE router with the management VRF attached is shown in Example 7-44. Example 7-44 Management PE Router Configuration hostname london

ip vrf management rd 9000:1

route-target export 9000:100 route-target import 9000:100

london#show ip bgp vpnv4 rd 9000:1

BGP routing table entry for 9000:1:, version 121 Paths: (1 available, best #1, table management) Advertised to update-groups: 4

65002, imported path from 1:1: (metric 3) from ( Origin IGP, metric 0, localpref 100, valid, internal, best Extended Community: RT:9000:100

Originator:, Cluster list:, mpls labels in/out 45/41

More and more service providers interconnect their MPLS VPN backbones. They can do this in two ways:

■ Inter-Autonomous MPLS VPN

With Inter-Autonomous MPLS VPN, the MPLS VPN networks peer with each other and exchange the prefixes of customers that have sites connected to each of the service providers. The service providers must then offer the connectivity between the sites of the customers, even when they are not connected to only one MPLS VPN backbone.

CsC is a solution whereby a larger carrier provides MPLS VPN services to other carriers or service providers. The service is hierarchical in nature, whereas Inter-Autonomous MPLS VPN is merely an interconnection between MPLS VPN backbones that are exchanging customer prefixes.

For more information on Inter-Autonomous MPLS VPN and CsC, refer to http:// www.ciscopress.com/1587051974.

Micro Expression Master

Micro Expression Master

If You Could Read Everyone Life A Book You Can Have Better Career, Great Relationships And Become Successful. This Book Is One Of The Most Valuable Resources In The World When It Comes To Reading the smallest and tiniest body Language and know what people are thinking about.

Get My Free Ebook

Post a comment