IPv6 MPLS-VPN

Here is the network topology i'm gone use in my next few labs:

R1 to R4 are comprise the SP backbone where R4 is P router and acts as route-reflector while R1 to R3 are all PE routers.

R5 to R9 are all CE routers with different roles through my labs.

First let's build the core foundations for MPLS-VPN with the following 4 steps:
1. Basic configuration (IP address, Loopback interface, CEF etc.)
2. IGP (ISIS)
3. MPLS (LDP)
4. BGP (and MP-BGP)

While skipping on the obvious step 1 let's jump to step 2 - configuring IGP
MPLS, in his current version, doesn't support native IPv6 so running IPv6 on our core seems to be unnecessary.

ISIS configuration (R1-R4):

interface Loopback0  ip address 4.4.4.4 255.255.255.255 ! interface FastEthernet1/0  ip address 10.1.14.4 255.255.255.0  ip router isis  duplex full  speed 100 ! router isis  net 49.0004.0004.0004.0004.00  is-type level-2-only  metric-style wide  passive-interface Loopback0  bfd all-interfaces

in the following example i showed the output from R4 so IP and NET addresses should be changed accordingly.

 Next step configure MPLS LDP protocol:

mpls label protocol ldp mpls ldp router-id Loopback0 force ! interface FastEthernet1/0  mpls ip

 And last the BGP/MP-BP:

router bgp 65000  no synchronization  bgp log-neighbor-changes  neighbor 1.1.1.1 remote-as 65000  neighbor 1.1.1.1 update-source Loopback0  neighbor 1.1.1.1 soft-reconfiguration inbound  neighbor 2.2.2.2 remote-as 65000  neighbor 2.2.2.2 update-source Loopback0  neighbor 2.2.2.2 soft-reconfiguration inbound  neighbor 3.3.3.3 remote-as 65000  neighbor 3.3.3.3 update-source Loopback0  neighbor 3.3.3.3 soft-reconfiguration inbound  no auto-summary  !  address-family vpnv6   neighbor 1.1.1.1 activate   neighbor 1.1.1.1 send-community both   neighbor 1.1.1.1 route-reflector-client   neighbor 2.2.2.2 activate   neighbor 2.2.2.2 send-community both   neighbor 2.2.2.2 route-reflector-client   neighbor 3.3.3.3 activate   neighbor 3.3.3.3 send-community both   neighbor 3.3.3.3 route-reflector-client  exit-address-family  !  address-family ipv6   neighbor 1.1.1.1 activate   neighbor 1.1.1.1 send-community both   neighbor 1.1.1.1 route-reflector-client   neighbor 2.2.2.2 activate   neighbor 2.2.2.2 send-community both   neighbor 2.2.2.2 route-reflector-client   neighbor 3.3.3.3 activate   neighbor 3.3.3.3 send-community both   neighbor 3.3.3.3 route-reflector-client  exit-address-family

Note that i have activated two address families: IPv6 and VPNv6 and for each router i have configured route-reflector-client under each address family.

If we don't need to run BGP for global routing table there is no need for IPv4 address family. 

Now Let's configure customer VPN, named BLUE, between two sites: R6 and R8

On the PE routers (in this example R1), first configure VRF definition:

vrf definition BLUE  rd 1:16  !  address-family ipv6  route-target export 110:110  route-target import 110:110  route-target import 120:120  exit-address-family !

ip vrf command is aimed to be depricated since it supports only single protocol IPv4, so for a VRF that supports multi-protocol (IPv4 and IPv6) we will need the new command vrf definition.

While trying to configure it I got this message:

R3(config)#vrf definition BLUE % Use 'ip vrf BLUE' command

In order to upgrade the configuration and to allow VRF to support IPv6 family we will have to run the VRF upgrade command:

R3(config)#vrf upgrade-cli multi-af-mode common-policies % No VRF configured. No action to perform

After that we can configure VRF definition which supports multi-protocol families.

More information on that issue can be found in the link below:

http://www.cisco.com/en/US/docs/ios/mpls/configuration/guide/mp_vpn_ipv4_ipv6.html

After that we need to configure the MP-BGP:

router bgp 65000  address-family ipv6 vrf BLUE   redistribute connected   redistribute static   no synchronization  exit-address-family

 and last the interface toward the CE router:

interface FastEthernet1/1  vrf forwarding BLUE  no ip address  duplex auto  speed auto  ipv6 address 2002:16::1/64

Note that also the interface command ip vrf forwarding has changed to vrf forwarding.

On CE routers i have configured only IPv6 address:

interface FastEthernet0/0  no ip address  speed 100  full-duplex  ipv6 address 2002:16::6/64 end

 in the following example R6 output.

the same has been configured to R3 and R8, the results:

R1#sh ipv6 route vrf BLUE IPv6 Routing Table - BLUE - 4 entries Codes: C - Connected, L - Local, S - Static, U - Per-user Static route        B - BGP, M - MIPv6, R - RIP, I1 - ISIS L1        I2 - ISIS L2, IA - ISIS interarea, IS - ISIS summary, D - EIGRP        EX - EIGRP external        O - OSPF Intra, OI - OSPF Inter, OE1 - OSPF ext 1, OE2 - OSPF ext 2        ON1 - OSPF NSSA ext 1, ON2 - OSPF NSSA ext 2 C   2002:16::/64 [0/0]      via FastEthernet1/1, directly connected L   2002:16::1/128 [0/0]      via FastEthernet1/1, receive B   2002:38::/64 [200/0]      via 3.3.3.3%Default-IP-Routing-Table, indirectly connected L   FF00::/8 [0/0]      via Null0, receive

and CE to CE ping:

R6#  ping ipv6 2002:0038::8 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 2002:38::8, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 36/65/112 ms