Sunteți pe pagina 1din 292

BSR 64000 BGP/

MPLS VPN
Configuration and
Management Guide
Compass ID: 391459945 Version 2
Release 6.3.1
Notice
EXCEPT AS INDICATED IN THE APPLICABLE SYSTEM PURCHASE AGREEMENT, THE SYSTEM,
DOCUMENTATION AND SERVICES ARE PROVIDED "AS IS", AS AVAILABLE, WITHOUT WARRANTY OF
ANY KIND. MOTOROLA MOBILITY, INC. DOES NOT WARRANT THAT THE SYSTEM WILL MEET
CUSTOMER'S REQUIREMENTS, OR THAT THEIR OPERATION WILL BE UNINTERRUPTED OR
ERROR-FREE, OR THAT ANY ERRORS CAN OR WILL BE FIXED. MOTOROLA MOBILITY, INC. HEREBY
DISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, ORAL OR WRITTEN, WITH RESPECT
TO THE SYSTEM AND SERVICES INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OF
TITLE, NON-INFRINGEMENT, INTEGRATION, MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR
PURPOSE AND ALL WARRANTIES ARISING FROM ANY COURSE OF DEALING OR PERFORMANCE OR
USAGE OF TRADE.
EXCEPT AS INDICATED IN THE APPLICABLE SYSTEM PURCHASE AGREEMENT, MOTOROLA
MOBILITY, INC. SHALL NOT BE LIABLE CONCERNING THE SYSTEM OR SUBJECT MATTER OF THIS
DOCUMENTATION, REGARDLESS OF THE FORM OF ANY CLAIM OR ACTION (WHETHER IN
CONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE), FOR ANY (A) MATTER BEYOND ITS
REASONABLE CONTROL, (B) LOSS OR INACCURACY OF DATA, LOSS OR INTERRUPTION OF USE, OR
COST OF PROCURING SUBSTITUTE TECHNOLOGY, GOODS OR SERVICES, (C) INDIRECT, PUNITIVE,
INCIDENTAL, RELIANCE, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING, BUT
NOT LIMITED TO, LOSS OF BUSINESS, REVENUES, PROFITS OR GOODWILL, OR (D) DIRECT
DAMAGES, IN THE AGGREGATE, IN EXCESS OF THE FEES PAID TO IT HEREUNDER FOR THE SYSTEM
OR SERVICE GIVING RISE TO SUCH DAMAGES DURING THE 12-MONTH PERIOD PRIOR TO THE DATE
THE CAUSE OF ACTION AROSE, EVEN IF COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OF
SUCH DAMAGES. THESE LIMITATIONS ARE INDEPENDENT FROM ALL OTHER PROVISIONS OF THIS
AGREEMENT AND SHALL APPLY NOTWITHSTANDING THE FAILURE OF ANY REMEDY PROVIDED
HEREIN.
All Motorola Mobility, Inc. products are furnished under a license agreement included with the product. If you are
unable to locate a copy of the license agreement, please contact Motorola Mobility, Inc.
No part of this publication may be reproduced in any form or by any means or used to make any derivative work (such
as translation, transformation, or adaptation) without written permission from Motorola Mobility, Inc.
Motorola Mobility reserves the right to revise this publication and to make changes in content from time to time
without obligation on the part of Motorola Mobility to provide notification of such revision or change. Motorola
Mobility provides this guide without warranty of any kind, implied or expressed, including, but not limited to, the
implied warranties of merchantability and fitness for a particular purpose. Motorola Mobility may make
improvements or changes in the product(s) described in this manual at any time.
MOTOROLA and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings,
LLC. All other trademarks are the property of their respective owners.
2012 Motorola Mobility, Inc. All rights reserved.
Compass ID: 391459945 Version 2
Release 6.3.1
Published: 1/12
Compass ID: 391459945 Version 2 iii
Contents
Contents
Preface
Scope ............................................................................................................................................. xi
Audience........................................................................................................................................ xi
Documentation Set ........................................................................................................................ xi
Conventions................................................................................................................................. xiv
Notes, Cautions, Warnings ........................................................................................................... xv
If You Need Help.......................................................................................................................... xv
Motorola BSR Customer Website................................................................... i-xvi
1 Configuring BGP/MPLS VPNs
Overview.....................................................................................................................................1-1
Terminology ................................................................................................................................1-2
Introduction to the BGP/MPLS VPN..........................................................................................1-5
BGP/MPLS VPN Overview.............................................................................................1-5
Customer Edge to Provider Edge.......................................................................1-7
Provider Edge to Provider Core.........................................................................1-7
Provider Edge to Provider Edge.........................................................................1-9
Provisioning BGP/MPLS VPNs for VoIP and Data.......................................................1-10
Before You Begin......................................................................................................................1-12
Customer Network Prerequisites....................................................................................1-12
Provider Network Prerequisites......................................................................................1-13
Cable Modem Configuration File Configuration Prerequisites .......................1-13
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
iv Compass ID: 391459945 Version 2
VPN Configuration Rules...............................................................................................1-14
VPN Task Summary..................................................................................................................1-15
Provider Network Configuration Tasks..........................................................................1-15
Customer Network Configuration for VPNs..................................................................1-16
VPN Configuration ...................................................................................................................1-16
Creating a VRF...............................................................................................................1-17
Enabling MPLS ..............................................................................................................1-19
Configuring the PE Network Interface...........................................................................1-19
Configure a Loopback Interface for PE to PE Interoperability......................................1-21
Configuring a Cable Interface for a VPN.......................................................................1-22
Configuration Scenarios for CM, eMTA Provisioning and Voice Traffic in Multiple VPNs
1-25
Creating a Virtual Cable Bundle for Global CMs Option 1.............................1-26
Creating a Virtual Cable Bundle for Global CMs Option 2.............................1-29
Creating a Virtual Cable Bundle for Global eMTAs........................................1-32
Creating a Virtual Cable Bundle for a CM in Provisioning VPN....................1-35
Creating a Virtual Cable Bundle for an eMTA Provisioning VPN..................1-40
Creating a Virtual Cable Bundle for a Data or Voice VPN..............................1-43
Configuring IGP or Static Routes for VPNs ..................................................................1-48
Configuring BGP and MP-BGP for VPNs.....................................................................1-49
Configuring the BGP AS and Neighbor Sessions............................................1-49
Redistribute Connected or Static VRF Networks into MP-BGP .....................1-50
Configuring MP-BGP to Advertise VPNv4 Routes ........................................1-53
Redistributing Routes Between Different VRFs ............................................................1-54
Redistribute Connected, Static or BGP Routes Between VRFs ......................1-56
Configuring Internet Access for a VPN.........................................................................1-56
Configuring Policy Decision Point Access for a VoIP VPN..........................................1-57
Optional Configuration Task Summary ....................................................................................1-58
Creating a DHCP Provisioning VPN .............................................................................1-59
Bundling Cable Subinterfaces ........................................................................................1-61
Configuring a VPN ID....................................................................................................1-63
Configuring Static Routes for VRF CEs and Hosts .......................................................1-65
Managing the Number of Routes per VRF Instance ......................................................1-66
Assigning a Service Class to a VPN Subinterface .........................................................1-67
Release 6.3.1 Contents
Compass ID: 391459945 Version 2 v
Configuring CM Subnets on a Cable Interface ..............................................................1-68
Configuring CM Subnets on a Cable Interface for VPNs................................1-68
Configuring CM Subnets on a Cable Interface for Non-VPNs .......................1-71
Interworking VPNs and Multi-ISPs ...............................................................................1-74
Assigning a VRF to a Cable Subinterface......................................................................1-75
Deleting a VRF...............................................................................................................1-78
Removing VRF Associations from Interfaces................................................................1-79
Removing a VRF from a Cable Subinterface ..................................................1-79
Removing a VRF from a Loopback Interface..................................................1-80
Configuring BGP to Advertise IPv4 Routes ..................................................................1-81
BGP/MPLS VPN Commands ...................................................................................................1-82
address-family ................................................................................................................1-83
arp...................................................................................................................................1-85
cable service-class default ..............................................................................................1-87
cable helper-address .......................................................................................................1-88
cable host authorization range........................................................................................1-90
clear arp-cache................................................................................................................1-91
clear counters..................................................................................................................1-92
clear ip route...................................................................................................................1-93
clear ip traffic .................................................................................................................1-94
debug arp ........................................................................................................................1-95
debug cable reg...............................................................................................................1-96
debug ip bgp ...................................................................................................................1-97
debug ip icmp .................................................................................................................1-99
debug ip packet.............................................................................................................1-100
debug ip policy .............................................................................................................1-102
debug mpls forwarding.................................................................................................1-103
description ....................................................................................................................1-104
dhcp leasequery authorization on .................................................................................1-105
host authorization on ....................................................................................................1-106
interface ........................................................................................................................1-108
ip access-group ............................................................................................................. 1-110
ip address...................................................................................................................... 1-111
ip extcommunity-list..................................................................................................... 1-113
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
vi Compass ID: 391459945 Version 2
ip helper-address........................................................................................................... 1-115
ip route.......................................................................................................................... 1-116
ip unreachables ............................................................................................................. 1-118
ip vrf forwarding........................................................................................................... 1-119
ip vrf .............................................................................................................................1-120
ip policy route-map.......................................................................................................1-121
maximum-prefixes........................................................................................................1-122
neighbor activate ..........................................................................................................1-123
neighbor confed-segment .............................................................................................1-124
neighbor send-community extended.............................................................................1-125
ping...............................................................................................................................1-126
rd...................................................................................................................................1-128
redistribute....................................................................................................................1-130
route-target ...................................................................................................................1-131
show cable modem.......................................................................................................1-133
show host authorization................................................................................................1-135
show host unauthorized cpe..........................................................................................1-137
show interfaces .............................................................................................................1-138
show ip arp ...................................................................................................................1-140
show ip dhcp stats.........................................................................................................1-142
show ip extcommunity-list ...........................................................................................1-143
show ip filters ...............................................................................................................1-144
show ip filters summary ...............................................................................................1-147
show ip forwarding-table..............................................................................................1-148
show ip forwarding-table mpls.....................................................................................1-150
show ip forwarding-table summary..............................................................................1-152
show ip forwarding-table tunnel...................................................................................1-153
show ip forwarding-table vrf ........................................................................................1-155
show ip interface...........................................................................................................1-157
show ip protocols..........................................................................................................1-158
show ip redistribute ......................................................................................................1-160
show ip route vrf...........................................................................................................1-161
show ip traffic...............................................................................................................1-162
show ip vrf....................................................................................................................1-163
Release 6.3.1 Contents
Compass ID: 391459945 Version 2 vii
show l2-cam..................................................................................................................1-165
show mpls forwarding-table.........................................................................................1-168
show mpls traffic ..........................................................................................................1-170
shutdown.......................................................................................................................1-172
show stats cmts.............................................................................................................1-173
telnet .............................................................................................................................1-175
traceroute ......................................................................................................................1-176
vpn id............................................................................................................................1-177
vrf selection source.......................................................................................................1-178
2 BGP/MPLS VPN
Configuration Examples
Overview.....................................................................................................................................2-1
Building an BGP/MPLS VPN.....................................................................................................2-1
Create a VRF for each BGP/MPLS VPN.........................................................................2-5
PE 1....................................................................................................................2-5
PE 2....................................................................................................................2-6
PE 3....................................................................................................................2-6
PE 4....................................................................................................................2-6
Enable MPLS....................................................................................................................2-6
Configure the PE network interface .................................................................................2-6
PE 1....................................................................................................................2-7
PE 2....................................................................................................................2-7
PE 3....................................................................................................................2-7
PE 4....................................................................................................................2-7
Configure a cable interface for both VPNs and Non-VPNs.............................................2-7
PE 1....................................................................................................................2-8
PE 2....................................................................................................................2-8
PE 3....................................................................................................................2-8
PE 4....................................................................................................................2-8
Configure a loopback interface for Provider Edge (PE) to PE connectivity....................2-9
PE 1....................................................................................................................2-9
PE 2....................................................................................................................2-9
PE 3....................................................................................................................2-9
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
viii Compass ID: 391459945 Version 2
PE 4..................................................................................................................2-10
Configure a virtual cable bundle for VPN CMs, and non-VPN CMs and CPEs ...........2-10
PE 1..................................................................................................................2-10
PE 2.................................................................................................................. 2-11
PE 3.................................................................................................................. 2-11
PE 4.................................................................................................................. 2-11
Configure virtual cable bundles for VPN CPEs.............................................................2-12
PE 1..................................................................................................................2-12
PE 2..................................................................................................................2-12
PE 3..................................................................................................................2-13
PE 4..................................................................................................................2-13
Assign a cable bundle to a cable subinterface................................................................2-14
PE 1..................................................................................................................2-14
PE 2..................................................................................................................2-14
PE 3..................................................................................................................2-14
PE 4..................................................................................................................2-15
Provision both VPN and Non-VPN CMs.......................................................................2-15
Configure IGP routes......................................................................................................2-15
PE 1..................................................................................................................2-15
PE 2..................................................................................................................2-15
PE 3..................................................................................................................2-16
PE 4..................................................................................................................2-16
Configure the BGP AS and neighbor sessions...............................................................2-16
PE 1..................................................................................................................2-16
PE 2..................................................................................................................2-16
PE 3..................................................................................................................2-17
PE 4..................................................................................................................2-17
Redistribute connected VRF networks into MP-BGP....................................................2-17
PE 1..................................................................................................................2-17
PE 2..................................................................................................................2-17
PE 3..................................................................................................................2-18
PE 4..................................................................................................................2-18
Configure MP-BGP to advertise VPNv4 Routes ...........................................................2-19
PE 1..................................................................................................................2-19
Release 6.3.1 Contents
Compass ID: 391459945 Version 2 ix
PE 2..................................................................................................................2-19
PE 3..................................................................................................................2-20
PE 4..................................................................................................................2-20
Configuration Examples for CM, eMTA Provisioning and Voice Traffic in Multiple VPNs...2-20
Configuring VPNs for Data Only...................................................................................2-21
Configuring Multiple Data VPNs and VoIP VPNs ........................................................2-22
Configuring Multiple VPNs Using a CM Provisioning VPN........................................2-23
Configuring a Single VPN for both VoIP and VoIP Provisioning Functions.................2-26
3 Configuring LDP
Overview.....................................................................................................................................3-1
LDP Implementation in the BSR ................................................................................................3-2
LDP Message Support ......................................................................................................3-2
Enabling LDP on an Interface.....................................................................................................3-3
Managing LDP............................................................................................................................3-4
Specifying an LDP Router ID..........................................................................................3-4
Changing the Transport Address for LDP Discovery ......................................................3-6
Controlling LDP Label Advertisements...........................................................................3-8
Configuring LDP Advertise Labels ...................................................................3-9
Configuring LDP Accept Labels....................................................................................3-10
Managing the LDP Session ............................................................................................3-12
Adjusting the LDP Session Hold Time............................................................3-12
Encrypting a Session with a Neighbor LDP Router ........................................3-13
Changing the LDP Session Backoff Setting ....................................................3-13
Changing LDP Discovery Hello Message Parameters ....................................3-14
Changing LDP Discovery Targeted Hello Message Parameters......................3-14
Accepting Discovery Messages from Neighbors.............................................3-15
LDP Network Configuration Example......................................................................................3-15
BSR 1 Configuration......................................................................................................3-16
Checking the BSR 1 Configuration .................................................................3-17
BSR 2 Configuration......................................................................................................3-19
Checking the BSR 2 Configuration .................................................................3-20
BSR 3 Configuration......................................................................................................3-22
Checking the BSR 3 Configuration .................................................................3-24
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
x Compass ID: 391459945 Version 2
Monitoring the Start of an LDP Session.........................................................................3-25
LDP Commands ........................................................................................................................3-27
mpls label protocol ldp ...................................................................................................3-28
mpls ldp accept-labels ....................................................................................................3-29
mpls ldp advertise-labels ................................................................................................3-30
mpls ldp backoff .............................................................................................................3-32
mpls ldp discovery hello.................................................................................................3-33
mpls ldp discovery targeted-hello ..................................................................................3-34
mpls ldp discovery targeted-hello accept .......................................................................3-35
mpls ldp discovery transport-address .............................................................................3-36
mpls ldp holdtime...........................................................................................................3-37
mpls ldp loop-detection..................................................................................................3-38
mpls ldp maxhops...........................................................................................................3-39
mpls ldp neighbor ...........................................................................................................3-40
mpls ldp router-id ...........................................................................................................3-41
show mpls ldp backoff....................................................................................................3-43
show mpls ldp bindings..................................................................................................3-44
show mpls ldp discovery ................................................................................................3-46
show mpls ldp interface..................................................................................................3-48
show mpls ldp neighbor..................................................................................................3-50
show mpls ldp parameters ..............................................................................................3-53
show mpls ldp statistics ..................................................................................................3-55
debug mpls ldp advertisements ......................................................................................3-57
debug mpls ldp bindings.................................................................................................3-58
debug mpls ldp messages ...............................................................................................3-59
debug mpls ldp session state-machine............................................................................3-61
debug mpls ldp session io...............................................................................................3-62
debug mpls ldp targeted-neighbors ................................................................................3-63
debug mpls ldp transport connections ............................................................................3-64
Index
Compass ID: 391459945 Version 2 xi
Preface
Scope
This document describes the Motorola implementation of the Border Gateway
Protocol/Multiprotocol Label Switching Virtual Private Networks (BGP/MPLS
VPNs) and Label Distribution Protocol (LDP) features of the BSR 64000 product. It
contains software configuration procedures and command descriptions for these
features.
Audience
This document is used by Network Administrators who configure the BSR 64000 to
use BGP/MPLS VPNs.
Documentation Set
The following documents comprise the BSR 64000 documentation set:
n BSR 64000 Quick Start Guide
The quick start guide provides a "roadmap" to the tasks involved in physically
installing the BSR 64000 product, physically connecting it to your network/HFC
infrastructure, and performing configuration tasks to enable the BSR 64000 to
operate in your networking environment.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
xii Compass ID: 391459945 Version 2
n BSR 64000 Chassis Installation Guide
This guide provides detailed instructions for physically installing the BSR 64000
product including: procedures for rack mounting, making physical network cable
connections, connecting DC power, and for determining the status of the BSR
64000 after applying power to it. This document also provides a description of the
BSR 64000 chassis, its hardware components and modules.
n BSR 64000 Module Installation Guide
This guide contains procedures for installing additional and replacement
Resource and I/O Modules in a BSR 64000 chassis and for making physical cable
connections to the modules.
n BSR 64000 Command Line Interface Users Guide
For users, this guide describes the structure of the BSR 64000 Command Line
Interface (CLI) and its various command modes. It also provides rules and
guidelines for navigating through the CLI.
n BSR 64000 Command Reference Guide
This guide contains individual descriptions of the entire set of commands that
comprise the BSR 64000 Command Line Interface (CLI). These commands are
used to interface with, configure, manage, and maintain the BSR 64000.
n BSR 64000 System Administration Guide
For system administrators, this guide provides detailed procedures for performing
initial configuration tasks including setting up: user accounts and passwords;
telnet and console access; system logging; and associated servers such as DHCP,
DNS, etc.
n BSR 64000 CMTS Configuration and Management Guide
This guide provides the instructions and procedures for configuring and
managing BSR 64000 CMTS operation.
n BSR 64000 Routing Configuration and Management Guide
This guide contains the instructions and procedures for configuring and managing
BSR 64000 routing operation, including RIP, OSPF, and BGP.
Release 6.3.1 Preface
Compass ID: 391459945 Version 2 xiii
n BSR 64000 SNMP Configuration and Management Guide
This guide provides the instructions and procedures for configuring and
managing BSR 64000 Simple Network Management Protocol (SNMP) operation.
It also describes SNMP MIBs; provides information that describes standard and
proprietary MIB support; describes how to walk MIBs; and how to compile and
load SNMP MIBs.
n BSR 64000 BGP/MPLS VPN Configuration Guide
This guide provides the instructions and procedures for configuring and
managing the BSR 64000 to support and implement Border Gateway Protocol/
MultiProtocol Label Switching Virtual Private Networks (BGP/MPLS VPNs).
n BSR 64000 Troubleshooting Guide
This guide contains instructions and procedures for troubleshooting typical
configuration problems that might be encountered using the BSR 64000. It also
offers suggestions for information to record, and have available should the need
arise to call Motorola support for assistance with BSR 64000 operational
problems.
n BSR 64000 Release Notes
These documents are specific to each release of the BSR 64000 product (software
and hardware). Release notes provide information about features not documented
or incorrectly documented in the main documentation set; known problems and
anomalies; product limitations; and problem resolutions.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
xiv Compass ID: 391459945 Version 2
Conventions
This document uses the conventions in the following table:
Convention Example Explanation
angle brackets < > ping <ip-address>
ping 54.89.145.71
Arguments in italic and enclosed by angle
brackets must be replaced by the text the
argument represents. In the example,
54.89.145.71 replaces <ip-address>. When
entering the argument, do not type the angle
brackets.
bar brackets [ ] disable [level] Bar brackets enclose optional arguments. The
example indicates you can use the disable
command with or without specifying a level.
Some commands accept more than one
optional argument. When entering the
argument, do not type the bar brackets.
bold text cable relay-agent-option Boldface text must be typed exactly as it
appears.
brace brackets {} page {on | off} Brace brackets enclose required text. The
example indicates you must enter either on or
off after page. The system accepts the
command with only one of the parameters.
When entering the text, do not type the brace
brackets.
italic text boot system <filename> Italic type indicates variables for which you
supply values in command syntax descriptions.
It also indicates file names, directory names,
document titles, or emphasized text.
screen display Wed May 6 17:01:03
2000
This font indicates system output.
vertical bar | page {on | off} A vertical bar separates the choices when a
parameter is required. The example indicates
you can enter either command:
page on or page off
When entering the parameter, do not type the
vertical bar or the brace brackets.
Release 6.3.1 Preface
Compass ID: 391459945 Version 2 xv
Notes, Cautions, Warnings
The following icons and associated text may appear in this document.
If You Need Help
Support for your BSR 64000 hardware and software is available via telephone and the
Internet.
Telephone Support
If you need assistance while working with the BSR 64000, contact the Motorola
Technical Response Center (TRC):
The Motorola TRC is on call 24 hours a day, 7 days a week.
When calling for technical support, please have the following information available:
n Your customer information, including location, main contact, and telephone
number
n BSR product and modules
Note: A note contains tips, suggestions, and other helpful information, such
as references to material not contained in the document, that can help you
complete a task or understand the subject matter.
Caution: The exclamation point, within an equilateral triangle, is intended to
alert the user to the presence of important installation, servicing, and
operating instructions in the documents accompanying the equipment.
Warning: This symbol indicates that dangerous voltage levels are present
within the equipment. These voltages are not insulated and may be of
sufficient strength to cause serious bodily injury when touched. The symbol
may also appear on schematics.
U.S. 1-888-944-HELP (1-888-944-4357)
International +215-323-0044
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
xvi Compass ID: 391459945 Version 2
n Detailed description of the issue
n Specific information to assist with resolving the problem, including:
BSR hostname
BSR error messages and logs
Output of BSR show tech command
Cable modem information
n List of troubleshooting steps you have performed before calling the TRC.
n Current state of your BSR 64000 product
n Severity of the issue you are reporting
When calling for repair or Advanced Component Exchange (ACE) replacement,
please provide the following additional information:
n Output of BSR show version command, with part numbers and serial numbers of
BSR components
n Shipping information for the replacement, including contact name, company
name, address, phone number, and email address
Online Support
Motorola BSR Customer Website
The BSR customer website, http://bsr.motorola.com, is available for BSR customers
with active service contracts to access the latest product information, software
updates, troubleshooting information, and technical publications for the BSR 64000,
BSR 2000, and BSR 1000 product line.
You may request access to the site by emailing the BSR product support team at
bsrsupportonline@motorola.com with the following information:
n Company name
n Contact name, phone number, and email address
n Motorola Support contact
n BSR product under service contract
The BSR product support team will email an invitation to you with further
instructions on how to set up an account on the BSR customer information website.
Compass ID: 391459945 Version 2 1-1
1
Configuring BGP/MPLS VPNs
Overview
Border Gateway Protocol/Multiprotocol Label Switching Virtual Private Networks
(BGP/MPLS VPNs) are shared networks that allow traffic to be transported securely
among different locations, and can be configured for data, Voice over Internet
Protocol (VoIP), and other applications. Defined user groups at these different
physical locations can belong to the same VPN. Network traffic belonging to one
VPN is isolated from that of other VPNs to ensure that users associated with one VPN
do not have access to data or VoIP traffic of another VPN implemented over the same
physical network.
Note: BGP/MPLS VPNs are also referred to as VPNs throughout this book.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-2 Compass ID: 391459945 Version 2
This chapter discusses the following topics:
Terminology
Introduction to the BGP/MPLS VPN
Before You Begin
VPN Task Summary
VPN Configuration
Optional Configuration Task Summary
BGP/MPLS VPN Commands
Terminology
Table 1-1 provides a list of VPN related terms that are used in the BSR 64000 BGP/
MPLS VPN Configuration Guide:
Table 1-1 VPN related Terms
Term Acronym Definition
Autonomous System AS A group of networks under mutual administration that share the
same routing methodology. An AS uses an internal gateway
protocol and common metrics to route packets within the AS
and uses an external gateway protocol to route packets to other
ASs.
Border Gateway
Protocol
BGP A protocol that establishes a routing system that automatically
guarantees the loop-free exchange of routing information
between Autonomous Systems (ASs).
Cable Modem CM A modem that uses part of the capacity of the local cable
system to transmit data downstream to a home and upstream to
a Cable Modem Termination System (CMTS).
Call Management Server CMS A server that maintains and manages PacketCable Network
Call Signaling (NCS) based VoIP calls.
Cable Modem
Termination System
CMTS The cable interface on the BSR.
Common Open Policy
Service
COPS A protocol used to communicate a Quality-of-Service-related
decision message to and from a Policy Decision Point (Policy
Server and CMS) and Policy Enforcement Point (BSR).
Customer Edge CE Devices at a Customer Network site, such as switches, routers,
and hosts that are connected to a Provider Network CM.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-3
Customer Premises
Equipment
CPE A subscriber device such as a PC or router connected to a CM.
Dynamic Host
Configuration Protocol
DHCP A protocol for automatic TCP/IP configuration that provides
static and dynamic address allocation and management.
Domain Name Server DNS Matches the URL of a website with its proper numeric IP
address.
Hybrid Fiber-coax HFC Networks that combine both optical-fiber and coaxial cable
lines. Optical fiber runs from the cable head end to
neighborhoods of 500 to 2,000 subscribers. Coaxial cable runs
from the optical-fiber feeders to each subscriber.
Interior Gateway
Protocol
IGP A protocol for exchanging routing information between
gateways (hosts with routers) within an autonomous network.
Label Distribution
Protocol
LDP LDP enables an LSR to inform other LSRs of the label bindings
it has made, thereby distributing label binding information to
peer devices for the purpose of supporting hop-by-hop
forwarding along normally routed paths.
Label Edge Router LER Applies MPLS labels to packets. An LER is also referred to as
an Edge LSR.
Label Switch Path LSP A path on which routed traffic, labeled by LDP, is forwarded
across an MPLS backbone to a specified destination.
Label Switch Router LSR A router that exchanges MPLS labels in the Provider (P) core
network.
Multi-Protocol Label
Switching
MPLS A protocol that provides a mechanism for engineering network
traffic patterns that are independent of routing tables and
supports other routing protocols by creating end-to-end links
across a network.
Multimedia Terminal
Adapter (MTA)
MTA A device that provides an interface for a subscribers telephone
service. A Terminal Adapter (TA) that is embedded into a CM
becomes an eMTA.
Multiprotocol Border
Gateway Protocol
MP-BGP Enhanced BGP protocol that distributes the VPN routing
information using VPN-IPv4 address family.
Network Address
Translation
NAT A server that can connect multiple subscribers on a VPN to the
Internet using one IP address.
Network Layer
Reachability Information
NLRI Keywords used for unicast and multicast database forwarding.
Table 1-1 VPN related Terms
Term Acronym Definition
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-4 Compass ID: 391459945 Version 2
Open Shortest Path First OSPF An interior gateway routing protocol developed for IP networks
based on the shortest path first or link-state algorithm to send
routing information to all nodes in a network. This is done by
calculating the shortest path to each node based on a
topography of the network constructed by each node.
Policy Based Routing PBR Routes network traffic by establishing protocol-independent
data paths.
Policy Server PS The Policy Server applies a policy and manages the
relationships between an Application Manager (AM) and
CMTS(s). Also referred to as the Policy Decision Point (PDP).
Provider Core Router P A router that resides in the Provider Networks core.
Provider Edge PE The portion of the Provider Network that interfaces with the
Customer Network, e.g. LER.
Routing Information
Protocol
RIP An interior gateway protocol that specifies how routers
exchange routing table information. With RIP, routers
periodically exchange entire tables.
Trivial File Transport
Protocol
TFTP Simple form of the File Transfer Protocol (FTP). TFTP uses the
User Datagram Protocol (UDP) and provides no security
features. It is often used by servers to boot diskless
workstations, X-terminals, and routers.
Time of Day TOD A server that allows CMs and other CPE devices connected to
cable interfaces to get the current date and time to accurately
time-stamp its Simple Network Management Protocol (SNMP)
messages and error log entries.
Virtual Private Network VPN Shared exclusive network that can be accessed across
geographically distributed areas.
Voice over Internet
Protocol
VoIP Supports voice communication over packet networks such as
VPNs or the Internet.
VPN Routing and
Forwarding table
VRF A VPN routing forwarding table used to route VPN traffic.
Table 1-1 VPN related Terms
Term Acronym Definition
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-5
Introduction to the BGP/MPLS VPN
The Provider Network administrator configures individual VPNs that connect to the
BSR 64000 through the HFC network infrastructure. VPNs share the Provider
Networks BSR HFC network resources with other subscribers who do not belong to
a VPN. However, a VPNs traffic is isolated and its subscribers can only access traffic
that belongs to their VPN. The Provider Network uses BGP/MPLS on the BSR 64000
and other edge routers to connect the different user groups belonging to the same
VPN.
BGP/MPLS VPN Overview
A BGP/MPLS VPN consists of three major parts:
Customer Edge (CE) has devices such as switches, routers, and hosts at a
Customer Network site. These devices belong to a VPN that are connected to a
Provider Network CM or eMTA.
Provider Edge (PE) is the portion of the Provider Network that interfaces with the
Customer Network CE devices.
Provider (P) core contains one or more core routers that reside in the Provider
Networks core.
All CE devices are connected through cable (CMTS) subinterfaces and all Provider
Network equipment (P and PE routers) are connected through network interfaces.
VPN routes originate or terminate on PE routers. The PE router communicates with
CE devices through IP and communicates with P core routers through MPLS. From
an MPLS perspective, PE routers are referred to as LERs and P routers are referred to
as LSRs.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-6 Compass ID: 391459945 Version 2
Figure 1-1 displays a typical example of a BGP/MPLS VPN.
Figure 1-1 BGP/MPLS VPN
The remainder of this section describes the interoperability between these parts of a
BGP/MPLS VPN:
Customer Edge to Provider Edge
Provider Edge to Provider Core
Provider Edge to Provider Edge
LSR
LSR
LSR
LSR
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
1 2 3 4 5 6 7 8 9 1 0 0 11 12 13 14 15
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
1 2 3 4 5 6 7 8 9 10 0 11 12 13 14 15
BSR
64000
VPN A
20.10.3.0
VPN A
20.10.1.0
VPN B
100.10.1.0
VPN B
100.10.2.0
VPNG001
VPN A
20.10.2.0
VPN B
100.10.3.0
CM CM
CM
CM
CM
CM
VPN A MPLS LSPs
VPN B MPLS LSPs
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
1 2 3 4 5 6 7 8 9 10 0 11 12 13 14 15
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-7
Customer Edge to Provider Edge
A CM links the Customer Network and the Provider Network. CE devices specified
for a specific VPN include the CPE behind the CM on the Customer Network.
Figure 1-2 displays the CE to PE portion of the VPN:
Figure 1-2 CE to PE portion of a VPN
Once a VPN Routing and Forwarding table (VRF) is configured on the PE router for a
VPN, the following VRF information is used to learn CE routes:
VRF subinterfaces or VRF loopback interfaces (Virtual Cable Bundling)
Static routes
Connected routes
Provider Edge to Provider Core
PE routers are linked to P routers, as described below:
An IGP such as OSPF or RIP dynamically exchanges routing information within
the AS to help establish MP-BGP sessions on the PE routers.
Label Distribution Protocol (LDP) is enabled on PE and P routers to provide a
signalling function on the Provider Network to establish LSPs with MPLS labels.
Static routes can also be configured to link PE routers to core P routers.
PE
CE
LER
VPNG002
CM
MTA
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-8 Compass ID: 391459945 Version 2
Figure 1-3 displays the PE to P portion of the VPN:
Figure 1-3 PE to P portion of a VPN
LER
LSR
LSR
P
P
PE
VPNG003
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-9
Provider Edge to Provider Edge
MP-BGP is used between the PE routers to distribute VPN route information.
Customer Network data traffic is transported transparently through the MPLS core,
which is the PE to PE section of the VPN.
Figure 1-4 displays the PE to PE portion of a VPN:
Figure 1-4 PE to PE portion of a VPN
LER LER
LSR
LSR
LSR
LSR
P P
P
P
PE
PE
VPNG004
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-10 Compass ID: 391459945 Version 2
Provisioning BGP/MPLS VPNs for VoIP and Data
The Provider Network administrator can provision BGP/MPLS VPNs for data and
VoIP by using the following provisioning scenarios:
The Global VPN can be used to forward provisioning traffic from CMs and
eMTAs and traffic from non-VRF CPEs, which is the default.
A BGP/MPLS VPN can be used for VoIP or data traffic and provisioning traffic.
Figure 1-5 shows a BGP/MPLS network that shows both VoIP traffic and VoIP
provisioning traffic forwarded within the same VPN (VPN B):
Figure 1-5 VoIP Provisioning in the same VPN
Note: Stand-alone MTAs must use the Global VPN.
LSR
LSR
LSR
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
1 2 3 4 5 6 7 8 9 1 0 0 11 12 13 14 15
2 1
BSR 64000
VPN A
20.10.3.0
VPN A
20.10.1.0
VPN B
100.10.1.0
VPN B
100.10.2.0
VPN A
20.10.2.0
B VPN
100.10.3.0
CM
Provisioning
VPN A MPLS LSPs
VPN B MPLS LSPs
CPE
CM
MTA
VoIP
CPE
CM
MTA
VoIP
CPE
CPE
LER
LSR
(LER)
LER
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-11
A provisioning VPN can be used to separate all provisioning traffic from CMs,
CPEs and eMTAs from the backbone network traffic and the VoIP or data traffic
from different customer VPNs. Figure 1-6 displays a example of a BGP/MPLS
VPN that separates VoIP (VPN B) and data (VPN A) traffic from the
provisioning VPN (VPN C).
Figure 1-6 VoIP Service and VoIP Provisioning implemented in separate VPNs
LSR
LSR
LSR
0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
1 2 3 4 5 6 7 8 9 1 0 0 11 12 13 14 15
2 1
BSR 64000
VPN A
20.10.3.0
VPN A
20.10.1.0
VPN B
100.10.1.0
VPN C
10.10.2.0
VPN A
20.10.2.0
B VPN
100.10.3.0
CM
Provisioning CPE
CM
MTA
VoIP
CPE
CM
MTA
VoIP
CPE
CPE
LER
LSR
(LER)
LER
VPN A MPLS LSPs
VPN B MPLS LSPs
VPN C
VPN C
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-12 Compass ID: 391459945 Version 2
Before You Begin
The following sections describe the prerequisites for both the Provider Network and
Customer Network:
Customer Network Prerequisites
Provider Network Prerequisites
VPN Configuration Rules
Customer Network Prerequisites
Perform the following tasks before configuring the Customer Network for VPNs:
Determine if the Operational Support System (OSS), which consists of the
DHCP, TOD, TFTP and NAT server is to be installed and administered by a VPN
administrator or a Provider network administrator on their respective networks.
Configure any other applicable servers that are used exclusively on the Customer
Network.
Contact the Provider Network administrator to define the number and what type
of VPNs that you need and discuss the naming convention for your VPN(s).
Plan the IP addressing scheme for routing interfaces, networks, and server
applications.
Note: The number of Customer Network sites per VPN depends on the
number of VRF and static routes that the BSR 64000 maintains for the VPN.
This includes local routes for directly connected CEs and routes of other sites
learned through MP-BGP notifications from peer PEs. The limit for VRF
routes is 127 and the limit for static routes is 4000.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-13
Provider Network Prerequisites
Perform the following tasks before configuring the Provider Network for VPNs:
Ensure that HFC network(s) maintain reliable data transmission and that the
required CMTS parameters are configured correctly for the HFC networks.
Install the required Provider (P) and PE routers (which may include the BSR and
other vendor routers) necessary to support VPNs.
Plan the IP addressing scheme for routing interfaces, networks, and server
applications.
Contact the Customer Network administrator for each Customer Network to
define the number of VPNs and discuss their naming convention.
Plan for the routing protocols involved in creating VPNs. For example, know the
BGP AS numbers that are being used.
Determine if the Operational Support System (OSS), which may consist of the
CMS, DHCP, TOD, TFTP and NAT server are installed and operational.
Decide how CMs, eMTAs, and CPEs are provisioned for VPNs.
Cable Modem Configuration File Configuration Prerequisites
Make sure that DHCP and CM configuration files are set up correctly to ensure that
CMs can transmit a DHCP request, receive an IP address, obtain TFTP and ToD
server addresses, and download the CM configuration file.
For VoIP applications, the CM must place VoIP, signalling, eMTA provisioning, and
eMTA management traffic into the correct flows to map the VoIP traffic and VoIP
signalling traffic only. VoIP traffic flows are created dynamically, but the flows for
the VoIP signalling, eMTA provisioning, and eMTA management traffic need to be
specified in the CM configuration file, as follows:
An upstream flow (which is not the primary flow) for VoIP signalling and
DOCSIS MAC messages (to prevent delay).
eMTA provisioning and management traffic for the primary upstream flow.
Note: If PacketCable or PacketCable Multimedia is implemented on a BSR
with BGP/MPLS VPNs, the configuration must be implemented on the Global
VPN.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-14 Compass ID: 391459945 Version 2
VPN Configuration Rules
Follow these VPN configuration rules for both data and VoIP VPNs:
One VRF is created for one VPN only.
A CM can be specified for one subinterface only.
A subinterface can be specified for one VPN only.
CPE or eMTA IP addresses configured for one VPN can be used again (overlap)
for the CPE or eMTA IP addresses of another VPN. This helps conserve IP
addresses on the Provider Network.
All the CMs of a cable interface can be associated with either a Provisioning VPN
or a Global VPN.
CM IP addresses must be unique across all interfaces.
CPEs that are not associated with any VPN are in the Global VPN by default.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-15
VPN Task Summary
The following sections provide a summary of the configuration tasks for the Provider
Network and a Customer Network for data, VoIP, or combined data and VoIP VPN
applications:
Provider Network Configuration Tasks
Customer Network Configuration for VPNs
Provider Network Configuration Tasks
Table 1-2 provides a VPN configuration task summary:
Table 1-2 VPN Configuration Task Summary
Task Refer to:
1. Create a VRF for each VPN. Creating a VRF on page 1-17
2. Enable MPLS on the PE router. Enabling MPLS on page 1-19
3. Configure the PE network interface and
Enable LDP on this (MPLS) interface.
Configuring the PE Network Interface on page 1-19
4. Assign a loopback interface for PE to PE
interoperability for MP-BGP.
Configure a Loopback Interface for PE to PE
Interoperability on page 1-21
5. Configure the cable interface(s) on the BSR
that are used by data and VoIP VPNs and
non-VPNs.
Configuring a Cable Interface for a VPN on page 1-22
6. Provision VPNs. Configuration Scenarios for CM, eMTA Provisioning and
Voice Traffic in Multiple VPNs on page 1-25
7. Enable and configure IGP or static routes for
VPNs.
Configuring IGP or Static Routes for VPNs on page 1-48
8. Configure the MP-BGP AS and neighbor
sessions.
Configuring the BGP AS and Neighbor Sessions on page
1-49
9. Redistribute BGP, connected, or static VRF
networks into MP-BGP.
Redistribute Connected or Static VRF Networks into
MP-BGP on page 1-50
10. Configure the MP-BGP to advertise VPN
Version 4 routes between PE routers.
Configuring MP-BGP to Advertise VPNv4 Routes on
page 1-53
11. Optionally redistribute routes between
different VRFs.
Redistributing Routes Between Different VRFs on page
1-54
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-16 Compass ID: 391459945 Version 2
Customer Network Configuration for VPNs
Host devices in the Customer Network that are directly connected to a CM or eMTAs
can get their IP addresses either from a DHCP server on the Provider Network or from
a DHCP server within a VPN.
VPN Configuration
You must create a VPN Routing and Forwarding table (VRF) and specify a Route
Distinguisher (RD), Import Route Target, and Export Route Target for it.
The RD is added to a VPN Customer Network's IP address to create a Globally unique
VPN Internet Protocol Version 4 (VPN-IPv4) address.
The BSR distributes VPN-IPv4 routes with an export Route Target Extended
Community (RTEC). The RTEC format can be either an AS number and an arbitrary
number, or an IP address and an arbitrary number.
12. Configure Internet access for VPN Customer
Networks.
Configuring Internet Access for a VPN on page 1-56
13. Configure access between the BSR and
CMS over the Common Open Policy Service
(COPS) interface for a VoIP VPN.
Configuring Policy Decision Point Access for a VoIP
VPN on page 1-57
Table 1-2 VPN Configuration Task Summary
Task Refer to:
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-17
Creating a VRF
VRF names can be created depending on your application of BGP/MPLS VPNs. For
example, the following VRFs can be created for a mixed VoIP and data application:
ISP1_CPE_VPN
ISP2_CPE_VPN
VOIP_Prov_VPN
VOIP_Voice_VPN
Follow these steps to create a VRF:
1. Use the ip vrf command in Global Configuration mode to create a VRF:
MOT:7A(config)#ip vrf <WORD>
where:
WORD is the VRF name.
2. Use the rd command in VRF Configuration mode to specify the Route
Distinguisher (RD) for the VRF that you created:
MOT:7A(config-vrf)#rd [<A.B.C.D:EF> | <A:BC>]
where:
A.B.C.D: is the IP address.
EF is a 16 bit arbitrary number.
For example, 10.200.12.15:1
A is an AS number
BC is a 32 bit arbitrary number.
For example, 2:7
Note: An RD cannot be deleted or changed. Delete the VRF to change the
RD. To do this, issue the exit command to enter Global Configuration mode
and issue the no ip vrf <WORD> command, and repeat Step 1 and Step 2.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-18 Compass ID: 391459945 Version 2
3. Use the route-target import command to specify the import route target.
If the import target is not the same, issue the route-target import command:
MOT:7A(config-vrf)#route-target import [<A.B.C.D:EF> | <A:BC>]
where:
A.B.C.D: EF is a 32-bit IP address followed by a colon and a 16-bit arbitrary
number. For example: 152.10.2.1:3
A:BC is a 16-bit AS number followed by a colon and a 32-bit arbitrary
number. For example: 200:10
4. Use the route-target export command to specify the export route target for the
VPN:
MOT:7A(config-vrf)#route-target export [<A.B.C.D:EF> | <A:BC>]
where:
A.B.C.D: EF is a 32-bit IP address followed by a colon and a 16-bit arbitrary
number. For example: 152.10.2.1:4
A:BC is a 16-bit AS number followed by a colon and a 32-bit arbitrary
number. For example: 200:11
5. Repeat Step 1 through Step 4 to create a VRF for each VPN that you configure.
When you are finished proceed to Step 6.
6. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
7. Use the exit command to enter Global Configuration mode.
Note: If the import and export route target are the same, the keyword both
argument can be used. For example:
MOT:7A(config-vrf)#route-target both [<A.B.C.D:EF> | <A:BC>]
Note: Local routes in one VRF instance can be imported into another VRF
instance using export and import route targets. This is when the export route
target of one VRF matches with a route import target of another.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-19
Enabling MPLS
Follow these steps to enable MPLS globally:
1. Use the mpls ip command in Global Configuration mode to enable the MPLS
Protocol on the BSR so it can function as a PE router:
MOT:7A(config)#mpls ip
2. Check to see that MPLS is running with the show running-config command, in
Global Configuration mode, as follows:
MOT:7A(config)#show running-config | begin mpls
"mpls ip" should appear as an entry in the running configuration file
Configuring the PE Network Interface
Follow these steps to configure the PE network interface:
1. Select the network interface on BSR to be used for the PE network interface, by
issuing the interface command in Global Configuration mode:
MOT:7A(config)#interface {pos <X/Y> | ethernet <X/Y> | gigaether <X/Y>}
where:
pos is the Packet over SONET interface.
ethernet is any 10 or 10/100 Ethernet interface.
gigaether is the Gigabit Ethernet interface.
X is the slot number.
Y is the port number.
Note: If you need more information on MPLS, please refer to Chapter 16 of
the BSR 64000 Configuration and Management Guide.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-20 Compass ID: 391459945 Version 2
2. Use the ip address command in Interface Configuration mode to define an IP
address for the PE interface:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D>
where:
A.B.C.D is the IP address of the BSR interface for the PE network interface.
A.B.C.D is the subnetwork mask of the IP network on which the interface is
associated.
3. Use the no shutdown command to enable the PE interface.
4. Use the mpls label protocol ldp command in Interface Configuration mode to
enable LDP on the interface for label advertising and distribution of labels for
each LDP peer on the BGP/MPLS VPN. This allows label exchange with
configured LDP peers:
MOT:7A(config-if)#mpls label protocol ldp
5. If the PE interface IP address must be advertised in LDP Discovery Hello
messages sent on this interface, then issue the mpls ldp discovery
transport-address command in Interface Configuration mode:
MOT:7A(config-if)#mpls ldp discovery transport-address [interface |
<A.B.C.D>]
where:
interface uses its IP address for the LDP transport address.
A.B.C.D defines an IP address other than the interface IP address for the LDP
transport address.
6. Use the show mpls ldp interface command to verify that the interface is
configured to enable LDP:
MOT:7A(config-if)#show mpls ldp interface
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-21
Figure 1-7 shows an example of interfaces on the BSR that are configured to use
LDP.
Figure 1-7 show mpls ldp interface Command Output
7. Use the show mpls ldp neighbor command to verify the MPLS LDP neighbor
relationships:
MOT:7A(config-if)#show mpls ldp neighbor
Configure a Loopback Interface for PE to PE Interoperability
Follow these steps to specify a loopback interface to enable PE to PE interoperability
for MP-BGP sessions:
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface.
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface number.
Note: If you need more information on LDP, please refer to Chapter 3.
Note: Using a loopback interface eliminates operational status and
negotiated address dependencies that result from using the IP address of a
physical interface on the router to configure BGP. Refer to Configuring
MP-BGP to Advertise VPNv4 Routes on page 1-53 for more information.
BSR:7A(config-if)#show mpls ldp interface
Interface Ldp ID NbrCount Next Hello(sec)
ethernet 12/1 20.20.1.1:0 1 5
ethernet 12/2 20.20.1.1:0 0 4
ethernet 12/7 20.20.1.1:0 0 3
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-22 Compass ID: 391459945 Version 2
2. Use the ip address command in Interface Configuration mode to define an IP
address for the loopback interface. This IP address is used for all Global CMs on
the BSR.
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D>
where:
A.B.C.D is the IP address of the BSR interface designated for the loopback
interface.
A.B.C.D is the subnetwork mask of the IP network on which the interface is
associated.
Configuring a Cable Interface for a VPN
Follow these steps to configure basic cable interface parameters and VPN-specific
parameters.
1. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
2. Use the ip vrf forwarding command in Interface Configuration mode to specify
a VRF for this cable interface:
MOT:7A(config-if)#ip vrf forwarding <WORD>
where:
WORD is the VRF name.
3. Use the no shutdown command to enable this interface.
Note: Refer to Chapter 6 in the BSR 64000 Configuration and Management
Guide for additional information on configuring the cable interface.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-23
4. Use the cable bundle command in Interface Configuration mode to specify this
(slave) cable interface with the same cable bundle number that is configured for
the master loopback interface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
5. Use the no cable downstream 0 shutdown command to enable the cable
interfaces downstream port.
6. The upstream ports are in a shutdown state by default. Use the no cable
upstream shutdown command in Interface Configuration mode to enable the
upstream ports:
MOT:7A(config-if)#no cable upstream <NUM> shutdown
where:
NUM is the upstream port number.
7. Repeat Step 6 to enable another upstream port.
Note: This (slave) cable bundle number must be consistent with the master
cable bundle number. In section Configuration Scenarios for CM, eMTA
Provisioning and Voice Traffic in Multiple VPNs on page 1-25, a master
loopback interface, which uses a master cable bundle number, is configured
in each provisioning scenario.
Cable bundling is not required in BGP/MPLS VPN Configurations, but it is
most commonly used to simplify them.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-24 Compass ID: 391459945 Version 2
8. The upstream logical channels are in a shutdown state by default. Use the no
cable upstream shutdown command in Interface Configuration mode to enable
an upstream logical channel:
MOT:7A(config-if)#no cable upstream <X/Y> shutdown
where:
X/Y is the upstream port number and logical channel.
9. Repeat Step 8 to enable another logical channel on an upstream port.
10. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
11. Use the show interface cable command to ensure that this cable interface and its
upstream and downstream ports are enabled:
MOT:7A(config-if)#show interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
12. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration.
13. Use the exit command to exit Interface Configuration mode.
Note: Refer to the BSR 64000 Configuration and Management Guide for
more information on logical channels.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-25
Configuration Scenarios for CM, eMTA Provisioning and
Voice Traffic in Multiple VPNs
Table 1-3 lists the tasks needed to configure Virtual Cable Bundling on the BSR for
different data and VoIP VPN provisioning schemes:
Table 1-3 Configuring Virtual Cable Bundling for Data and VoIP VPN Provisioning
Schemes
If Then refer to:
Configuring VPNs for data only. Provisioning CMs
and CPEs is accomplished on the Global VPN.
1. Creating a Virtual Cable Bundle for Global CMs
Option 1 on page 1-26
2. Creating a Virtual Cable Bundle for a Data or
Voice VPN on page 1-43
3. Refer to Configuring VPNs for Data Only on
page 2-21 for a configuration example.
Configuring multiple data VPNs and VoIP VPNs.
Provisioning of CMs and eMTAs is accomplished on
the Global VPN.
1. Creating a Virtual Cable Bundle for Global CMs
Option 2 on page 1-29
2. Creating a Virtual Cable Bundle for a Data or
Voice VPN on page 1-43
3. Refer to Configuring Multiple Data VPNs and
VoIP VPNs on page 2-22 for a configuration
example.
Configuring multiple data VPNs and VoIP VPNs.
Provisioning of CMs and eMTAs is accomplished on a
CM Provisioning VPN.
1. Creating a Virtual Cable Bundle for a CM in
Provisioning VPN on page 1-35
2. Creating a Virtual Cable Bundle for a Data or
Voice VPN on page 1-43
3. Refer to Configuring Multiple VPNs Using a CM
Provisioning VPN on page 2-23 for a
configuration example.
Configuring a Single VPN for both VoIP and VoIP
Provisioning Functions
1. Creating a Virtual Cable Bundle for an eMTA
Provisioning VPN on page 1-40
2. Refer to Configuring a Single VPN for both VoIP
and VoIP Provisioning Functions on page 2-26
for a configuration example.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-26 Compass ID: 391459945 Version 2
Creating a Virtual Cable Bundle for Global CMs Option 1
A virtual cable bundle for CMs and Global CPEs is implemented in a data VPN only.
Follow these steps to specify Global CMs and CPEs, the CMs belonging to multiple
VPNs, and its virtual cable bundle to a specified loopback interface:
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface.
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface number.
2. Use the ip address command in Interface Configuration mode to define an IP
address on the loopback interface for all Global CMs:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D>
where:
A.B.C.D is the IP address of the BSR interface designated for the loopback
interface.
A.B.C.D is the subnetwork mask of the IP network on which the interface is
associated.
3. Use the ip address command in Interface Configuration mode to specify a
secondary IP address on this loopback interface:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary host
where:
A.B.C.D is the secondary IP address of the BSR interface.
A.B.C.D is the subnetwork mask of the IP network on which the interface is
associated.
secondary host designates the IP address as a secondary IP address for
Global CPE hosts.
Note: A 32-bit mask (255.255.255.255) is permitted for a loopback IP
address.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-27
4. Repeat Step 3 to configure additional VRF subnets on this loopback interface and
proceed to Step 5.
5. Use the cable helper-address command to forward DHCP requests from CMs to
the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> cable-modem
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs.
6. Use the cable helper-address command to forward DHCP requests from MTA
devices to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> mta
where
A.B.C.D is the IP address of the destination DHCP server.
mta forwards DHCP requests from MTA devices.
7. Use the cable helper-address command to forward DHCP requests from CPE
hosts to the IP address of the DHCP server. This command helps CPEs get an IP
address from the DHCP server and successfully register with the BSR.
MOT:7A(config-if)#cable helper-address <A.B.C.D> host
where
A.B.C.D is the IP address of the destination DHCP server.
host forwards DHCP requests from CPE host devices.
8. Use the cable bundle master command to specify the loopback interface as the
master cable interface and specify the bundle a number:
MOT:7A(config-if)#cable bundle <1-255> master
where:
1-255 is the number of the cable bundle identifier.
9. Use the exit command to exit Interface Configuration mode.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-28 Compass ID: 391459945 Version 2
10. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
11. Use the cable bundle command in Interface Configuration mode to specify this
(slave) cable interface with the same cable bundle number that was configured for
the master loopback interface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
12. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
13. Use the exit command to exit Interface Configuration mode.
14. Use the interface cable command in Global Configuration mode to enter the
cable subinterface:
MOT:7A(config)#interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127 used for configuring a VPN on a
cable interface.
Note: This (slave) cable bundle number must be consistent with the master
cable bundle number.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-29
15. Use the ip address command in Subinterface Configuration mode to specify a
primary network IP address and subnet address for this subinterface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the subinterface.
A.B.C.D is the network mask of the IP network on which the subinterface is
associated.
16. Use the end command to return to Global Configuration mode.
Creating a Virtual Cable Bundle for Global CMs Option 2
Follow these steps to specify a virtual cable bundle for Global CMs whose hosts
belong to multiple VPNs. In this instance, data VPNs, eMTAs, and VoIP VPNs have
their respective provisioning functions on the Global VPN.
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface.
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-30 Compass ID: 391459945 Version 2
2. Use the ip address command in Interface Configuration mode to define an IP
address on the loopback interface for the Global CMs and eMTAs. The
host-sub-interface, mta-sub-interface, and voice-sub-interface arguments can
be used to specify the forwarding of CPE, eMTA provisioning, and VoIP traffic:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> [host-sub-interface
<NUM> | mta-sub-interface <NUM> | voice-sub-interface <NUM>]
where:
A.B.C.D is the IP address of the BSR interface designated for the loopback
interface.
A.B.C.D is the subnetwork mask of the IP network on which the interface is
associated.
host-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for CPEs behind the CM.
mta-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for forwarding eMTA provisioning traffic.
voice-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for forwarding VoIP traffic.
3. Use the cable helper-address cable-modem command to forward DHCP
requests from CMs to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> cable-modem
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs and eMTAs.
Note: A 32-bit mask (255.255.255.255) is permitted for a loopback IP
address.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-31
4. Use the cable bundle master command to specify the loopback interface as the
master cable interface and specify the bundle a number:
MOT:7A(config-if)#cable bundle <1-255> master
where:
1-255 is the number of the cable bundle identifier.
5. Use the exit command to exit Interface Configuration mode.
6. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
7. Use the cable bundle command in Interface Configuration mode to specify this
(slave) cable interface with the same cable bundle number that was configured for
the master loopback interface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
8. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
9. Use the end command to return to Global Configuration mode.
Note: This (slave) cable bundle number must be consistent with the master
cable bundle number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-32 Compass ID: 391459945 Version 2
Creating a Virtual Cable Bundle for Global eMTAs
Follow these steps to specify a virtual cable bundle on a specified loopback interface
for eMTAs, which are provisioned on the Global VPN. This procedure is used in a
VPN configuration that can include both data and VoIP applications.
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface.
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface number.
2. Use the ip address command to specify an IP address and subnet address to the
loopback interface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the interface.
A.B.C.D is the network mask of the IP network on which the interface is
associated.
3. Use the ip address secondary mta command to enter a secondary network IP
address on the loopback interface for the eMTA gateway IP address (giaddr):
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary mta
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
mta designates an MTA for this secondary IP address.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-33
4. Use the cable helper-address cable-modem command to forward DHCP
requests from CMs to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> cable-modem
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs.
5. Use the cable helper-address mta command to forward DHCP requests from
eMTAs to the IP address of the DHCP server on the Global VPN. This command
helps eMTAs get an IP address from the DHCP server and successfully register
with the BSR.
MOT:7A(config-if)#cable helper-address <A.B.C.D> mta
where
A.B.C.D is the IP address of the destination DHCP server.
mta forwards DHCP requests from eMTA devices only.
6. Use the cable helper-address host command to forward DHCP requests from
CPE hosts to the IP address of the DHCP server. This command helps CPEs get
an IP address from the DHCP server and successfully register with the BSR.
MOT:7A(config-if)#cable helper-address <A.B.C.D> host
where
A.B.C.D is the IP address of the destination DHCP server.
host forwards DHCP requests from CPE host devices.
7. Use the cable bundle master command to specify the loopback interface as the
master cable interface and specify the bundle a number:
MOT:7A(config-if)#cable bundle <1-255> master
where:
1-255 is the number of the cable bundle identifier.
8. Use the end command to return to Global Configuration mode.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-34 Compass ID: 391459945 Version 2
9. Use the show ip interface loopback command to verify the status and
configuration of the VRF:
MOT:7A(config)#show ip interface loopback <1-255>
where:
1-255 is the loopback interface number.
10. Repeat Step 1 through Step 7 to specify another VRF to a loopback interface.
11. Use the exit command to exit Interface Configuration mode.
12. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
13. Use the cable bundle command in Interface Configuration mode to specify this
(slave) cable interface with the same cable bundle number that was configured for
the master loopback interface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
14. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
15. Use the exit command to exit Interface Configuration mode.
Note: This (slave) cable bundle number must be consistent with the master
cable bundle number.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-35
Creating a Virtual Cable Bundle for a CM in Provisioning VPN
Follow these steps to create a virtual cable bundle for a CM in a provisioning VPN for
connected CPEs and eMTAs. All CMs and eMTAs belonging to this virtual cable
bundle are managed from the same VPN. This procedure is used in a VPN
configuration that can include both data and VoIP applications.
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface.
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface number.
2. Use the ip vrf forwarding command to specify a VRF to this loopback interface:
MOT:7A(config-if)#ip vrf forwarding <WORD>
where:
WORD is the VRF name.
Note: When a CM provisioning VPN is created, this VPN acts as the Global
VPN.
Note: The VRF name must match the VRF name entered in the section:
Creating a VRF on page 1-17. If the ip vrf forwarding command is not
entered on the loopback interface, then this loopback interface is a non-VPN
loopback interface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-36 Compass ID: 391459945 Version 2
3. Use the ip address command in Interface Configuration mode to define an IP
address on the loopback interface for the CM Provisioning VRF. The
host-sub-interface, mta-sub-interface, and voice-sub-interface arguments can
be used to specify the forwarding of CPE, eMTA provisioning, and VoIP traffic:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> [host-sub-interface
<NUM> | mta-sub-interface <NUM> | voice-sub-interface <NUM>]
where:
A.B.C.D is the IP address of the BSR interface designated for the loopback
interface.
A.B.C.D is the subnetwork mask of the IP network on which the interface is
associated.
host-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for CPEs behind the CM.
mta-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for forwarding eMTA provisioning traffic.
voice-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for forwarding VoIP traffic.
Note: A 32-bit mask (255.255.255.255) is permitted for a loopback IP
address.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-37
4. Use the ip address secondary command in Interface Configuration mode to
specify a secondary IP address on this loopback interface for provisioned CMs,
which includes the host-sub-interface, mta-sub-interface, and
voice-sub-interface arguments:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary
[host-sub-interface <NUM> | mta-sub-interface <NUM> | voice-sub-interface
<NUM>]
where:
A.B.C.D is the secondary IP address of the BSR interface.
A.B.C.D is the subnetwork mask of the IP network on which the interface is
associated.
secondary designates the IP address as a secondary IP address for
provisioning CMs.
host-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for CPEs behind the CM.
mta-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for forwarding eMTA provisioning traffic.
voice-sub-interface <NUM> is the specified cable subinterface with or
without VRF association for forwarding eMTA VoIP traffic.
5. Use the cable helper-address cable-modem command to forward DHCP
requests from CMs to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> cable-modem
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-38 Compass ID: 391459945 Version 2
6. Use the cable helper-address hosts command to forward DHCP requests from
CPE hosts to the IP address of the DHCP server. This command helps CPEs get
an IP address from the DHCP server and successfully register with the BSR.
MOT:7A(config-if)#cable helper-address <A.B.C.D> hosts
where
A.B.C.D is the IP address of the destination DHCP server.
hosts forwards DHCP requests from CPE host devices.
7. Use the cable helper-address mta command to forward DHCP requests from
eMTAs to the IP address of the DHCP server. This command helps eMTAs get an
IP address from the DHCP server and successfully register with the BSR.
MOT:7A(config-if)#cable helper-address <A.B.C.D> mta
where
A.B.C.D is the IP address of the destination DHCP server.
mta forwards DHCP requests from eMTA host devices.
8. Use the cable bundle master command to specify the loopback interface as the
master cable interface and specify the bundle a number:
MOT:7A(config-if)#cable bundle <1-255> master
where:
1-255 is the number of the cable bundle identifier.
9. Use the exit command to exit Interface Configuration mode.
10. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-39
11. Use the cable bundle command in Interface Configuration mode to specify this
(slave) cable interface with the same cable bundle number that was configured for
the master loopback interface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
12. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
13. Use the exit command to exit Interface Configuration mode.
14. Use the interface cable command in Global Configuration mode to enter the
cable subinterface:
MOT:7A(config)#interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127 used for configuring a VPN on a
cable interface.
15. Use the ip address command in Subinterface Configuration mode to specify a
primary network IP address and subnet address for this subinterface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the subinterface.
A.B.C.D is the network mask of the IP network on which the subinterface is
associated.
Note: This (slave) cable bundle number must be consistent with the master
cable bundle number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-40 Compass ID: 391459945 Version 2
16. Use the end command to return to Global Configuration mode.
Creating a Virtual Cable Bundle for an eMTA Provisioning VPN
Follow these steps to specify a virtual cable bundle for an eMTA provisioning VPN
on a specified loopback interface. This procedure is used in a VPN configuration that
can include both data and VoIP applications.
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface.
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface number.
2. Use the ip vrf forwarding command to specify a VRF to this loopback interface:
MOT:7A(config-if)#ip vrf forwarding <WORD>
where:
WORD is the VRF name.
3. Use the ip address command to specify an IP address and subnet address to the
loopback interface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the interface.
A.B.C.D is the network mask of the IP network on which the interface is
associated.
Note: The VRF name must match the VRF name entered in the section:
Creating a VRF on page 1-17. If the ip vrf forwarding command is not
entered on the loopback interface, then this loopback interface is a non-VPN
loopback interface.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-41
4. Use the ip address secondary mta command to enter a secondary network IP
address on the cable interface for the eMTA gateway IP address (giaddr):
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary mta
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
mta designates an MTA for this secondary IP address.
5. Use the cable helper-address cable-modem command to forward DHCP
requests from CMs to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> cable-modem
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs.
6. Use the cable helper-address mta command to forward DHCP requests from
eMTAs to the IP address of the DHCP server. This command helps eMTAs get an
IP address from the DHCP server and successfully register with the BSR.
MOT:7A(config-if)#cable helper-address <A.B.C.D> mta
where
A.B.C.D is the IP address of the destination DHCP server.
mta forwards DHCP requests from eMTA devices only.
7. Use the cable bundle master command to specify the loopback interface as the
master cable interface and specify the bundle a number:
MOT:7A(config-if)#cable bundle <1-255> master
where:
1-255 is the number of the cable bundle identifier.
8. Use the end command to return to Global Configuration mode.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-42 Compass ID: 391459945 Version 2
9. Use the show ip interface loopback command to verify the status and
configuration of the VRF:
MOT:7A(config)#show ip interface loopback <1-255>
where:
1-255 is the loopback interface number.
10. Repeat Step 1 through Step 7 to specify another VRF to a loopback interface.
11. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
12. Use the cable bundle command in Interface Configuration mode to specify this
(slave) cable interface with the same cable bundle number that was configured for
the master loopback interface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
13. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
14. Use the exit command to exit Interface Configuration mode.
Note: This (slave) cable bundle number must be consistent with the master
cable bundle number.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-43
Creating a Virtual Cable Bundle for a Data or Voice VPN
Follow these steps to specify a virtual cable bundle for a VPN that can include both
data and VoIP applications.
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface.
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface number.
2. Use the ip vrf forwarding command to specify a VRF to this loopback interface:
MOT:7A(config-if)#ip vrf forwarding <WORD>
where:
WORD is the VRF name.
3. Use the ip address command to specify an IP address and subnet address to the
loopback interface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the interface.
A.B.C.D is the network mask of the IP network on which the interface is
associated.
Note: The VRF name must match the VRF name entered in the section:
Creating a VRF on page 1-17. If the ip vrf forwarding command is not
entered on the loopback interface, then this loopback interface is a non-VPN
loopback interface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-44 Compass ID: 391459945 Version 2
4. Use the cable helper-address command to forward DHCP requests from CPE
hosts to the IP address of the DHCP server. This command helps CPEs get an IP
address from the DHCP server and successfully register with the BSR.
MOT:7A(config-if)#cable helper-address <A.B.C.D> host global
where
A.B.C.D is the IP address of the destination DHCP server.
host forwards DHCP requests from CPE host devices only.
global specifies that the helper address is on the Global network.
5. Use the cable bundle master command to specify the loopback interface as the
master cable interface and specify the bundle a number:
MOT:7A(config-if)#cable bundle <1-255> master
where:
1-255 is the number of the cable bundle identifier.
6. Use the end command to return to Global Configuration mode.
7. Use the show ip interface loopback command to verify the status and
configuration of the VRF:
MOT:7A(config)#show ip interface loopback <1-255>
where:
1-255 is the loopback interface number.
8. Repeat Step 1 through Step 7 to specify another VRF to a loopback interface.
9. Use the interface cable command in Global Configuration mode to enter the
cable subinterface:
MOT:7A(config)#interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127 used for configuring a VPN on a
cable interface.
10. Use the no shutdown command to enable the cable subinterface.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-45
11. Use the cable bundle command in Interface Configuration mode to specify this
slave cable subinterface with the same cable bundle number that was configured
for the master loopback interface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
12. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
13. Use the end command to return to Global Configuration mode.
Apply the Data VPN Cable Bundle Configuration to the Cable Interface
Follow these steps to apply the Data VPN cable bundle configuration to the physical
cable interface:
1. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
2. Use the no shutdown command to enable the cable interface.
Note: This (slave) cable bundle number is designated for a VPNs CPEs and
must be consistent with the master cable bundle number. Refer to Creating a
Virtual Cable Bundle for a Data or Voice VPN on page 1-43 for more
information on configuring the master cable bundle number on the specified
loopback interface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-46 Compass ID: 391459945 Version 2
3. Use the ip address command to specify a primary network IP address and subnet
address for this interface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the subinterface.
A.B.C.D is the network mask of the IP network on which the subinterface is
associated.
4. Use the ip address secondary cm vrf command to enter a secondary network IP
address on the cable interface for a specified VRF:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary cm vrf
<WORD>
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary makes this IP address the secondary IP address.
WORD is the VRF name.
- or -
Use the ip address secondary host-sub-interface command to enter a secondary
network IP address on the cable interface for a specified cable subinterface with
or without VRF association for forwarding traffic from CPEs behind the CM:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary
host-sub-interface <NUM>
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
host-sub-interface <NUM> is the cable subinterface number.
5. Use the end command to return to Global Configuration mode.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-47
Apply the Voice VPN Cable Bundle Configuration to the Cable Interface
Follow these steps to apply the Voice VPN cable bundle configuration to the physical
cable interface:
1. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
2. Use the no shutdown command to enable the cable interface.
3. Use the ip address command to specify a primary network IP address and subnet
address for this interface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the subinterface.
A.B.C.D is the network mask of the IP network on which the subinterface is
associated.
4. Use the ip address secondary voice-sub-interface command to enter a
secondary network IP address on the cable interface for a specified cable
subinterface for forwarding VoIP traffic:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary
voice-sub-interface <NUM>
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
voice-sub-interface <NUM> the specified cable subinterface with or
without VRF association for forwarding VoIP traffic.
5. Use the end command to return to Global Configuration mode.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-48 Compass ID: 391459945 Version 2
Configuring IGP or Static Routes for VPNs
Follow these steps to enable an IGP such as OSPF, RIP or static routes and configure
them within the AS so that routing information can be dynamically exchanged to help
establish BGP and LDP routing sessions on the PE routers:
1. Use the router ospf command in Global Configuration mode to enter Router
Configuration mode for OSPF:
MOT:7A(config)#router ospf
2. Use the network area command in Router Configuration mode to add an OSPF
network, wildcard mask and specify its Area ID number:
MOT:7A(config-ospf)#network {<A.B.C.D> <A.B.C.D>} area
<0-4294967295>
where:
A.B.C.D is the IP address of the OSPF network.
A.B.C.D is the IP address type mask with dont care bits (wildcard bit mask).
0-4294967295 is the Area ID number.
3. Repeat Step 2 to enter more network entries.
Note: In the configuration steps below, OSPF is used as the IGP. Refer to
Configuring Static Routes for VRF CEs and Hosts on page 1-65 for more
information on configuring static routes. Also refer to the BSR Configuration
and Management Guide for more information on OSPF.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-49
Configuring BGP and MP-BGP for VPNs
The following section describe how to configure BGP and MP-BGP for VPNs:
Configuring the BGP AS and Neighbor Sessions
Redistribute Connected or Static VRF Networks into MP-BGP
Configuring MP-BGP to Advertise VPNv4 Routes
Configuring the BGP AS and Neighbor Sessions
Follow these steps to configure the BGP AS and neighbor sessions:
1. Use the router bgp command in Global Configuration mode to enter Router
Configuration mode for BGP:
MOT:7A(config)#router bgp <1-65535>
where:
1-65535 is the AS to which the BSR belongs.
2. Use the neighbor remote-as command in Router Configuration mode to add an
entry to the BGP neighbor table. The BGP neighbor table identifies a router as a
BGP peer and maps its IP address to a specific AS.
MOT:7A(config-bgp)#neighbor <A.B.C.D> remote-as <1-65535>
where:
A.B.C.D is the neighbor IP address.
1-65535 is the AS to which the neighbor belongs.
3. Use the neighbor update-source loopback command in Router Configuration
mode to specify the loopback interface to the BGP session to establish TCP
connections between internal BGP peers as shown below. You must configure
this loopback interface before you issue this command. Refer to Configure a
Loopback Interface for PE to PE Interoperability on page 1-21 for more
information.
MOT(config-bgp)#neighbor <A.B.C.D> update-source loopback <1-255>
where:
A.B.C.D is the IP address of the BGP neighbor.
1-255 is the loopback number.
4. Repeat Step 2 and Step 3 to specify additional entries to the BGP neighbor table.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-50 Compass ID: 391459945 Version 2
Redistribute Connected or Static VRF Networks into MP-BGP
Follow these steps to establish VPN routes between a PE and another PE device by
redistributing connected, or statically configured VRF networks into MP-BGP.
1. Use the address-family ipv4 vrf to specify IPv4 Unicast routing exchanges for a
VRF. All subsequent commands are executed for the VRF:
MOT:7A(config-bgp)#address-family ipv4 vrf <WORD>
where:
WORD is the VRF name.
2. If connected routes are configured, issue the redistribute connected command to
redistribute connected routes into MP-BGP:
MOT:7A(config-bgp-af-ipv4-WORD)#redistribute connected
-or-
If static routes are configured, issue the redistribute static command in to
redistribute static routes into MP-BGP:
MOT:7A(config-bgp-af-ipv4-WORD)#redistribute static
3. Repeat Step 1 and Step 2 to redistribute additional VRF networks into MP-BGP.
4. Use the no auto-summary command to disable automatic network
summarization of routes, use the no auto-summary command in Router
Configuration mode:
MOT:7A(config-bgp-af-ipv4-WORD)#no auto-summary
5. Use the exit-address-family to return to return to (BGP) Router Configuration
mode.
6. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-51
7. Use the show ip route vrf to view both static and connected VRF routes:
MOT:7A(config-bgp)#show ip route vrf <WORD>
where:
WORD is the VRF name.
Figure 1-8 show ip route vrf Command Output
BSR64K-2:7A(config)#show ip route vrf VPN_A
Codes: C - connected, S - static, R - RIP, B - BGP
i - IS-IS derived L1- IS-IS level-1 route, L2- IS-IS level 2 route
O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1
E2 - OSPF external type 2, * - candidate default
U - per-user static route, P - periodic downloaded static route
T - traffic engineered route
Gateway of last resort is not set

C 8.8.8.0/24 is directly connected, ethernet 13/6
B 45.0.0.0/8 [200/0] via 59.59.59.2 (global), ethernet 13/5
C 46.46.46.0/24 is directly connected, loopback 2
B 192.168.20.0/24 [200/0] via 59.59.59.2 (global), ethernet 13/5
C 192.168.24.0/24 is directly connected, cable 2/0.2
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-52 Compass ID: 391459945 Version 2
8. Use the show ip traffic vrf to view VRF statistics for IP protocol traffic statistics:
MOT:7A(config-bgp)#show ip traffic vrf <WORD>
where:
WORD is the VRF name.
Figure 1-9 show ip traffic vrf Command Output
BSR64K-2:7A(config)#show ip traffic vrf VPN_A

IP statistics:
Rcvd: 5551 total, 5528 local destination
0 format errors, 0 checksum errors, 0 bad hop count
0 unknown protocol, 0 not a gateway
0 security failures, 0 bad options, 20 with options
Opts: 0 end, 0 nop, 0 basic security, 0 loose source route
0 timestamp, 0 extended security, 0 record route
0 streamID, 0 strict source route, 20 alert, 0 cipso
0 policy-based routing forward, 0 other
Frags: 0 reassembled, 0 timeouts, 0 couldnt reassemble
0 fragmented, 0 couldnt reassemble
Bcast: 21 received, 0 sent
Mcast: 20 control pkt received, 16 control pkt sent
0 data pkt received, 0 data pkt sent
Sent: 112 generated, 7 forwarded
Drop: 0 encapsulation failed, 0 unresolved, 0 no adjacency
0 Mcast In Drop, 0 Mcast Out Drop
18 no route, 0 unicast RPF, 0 forced drop
0 access-list inbound, 0 access-list outbound
0 policy-based routing drop
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-53
Configuring MP-BGP to Advertise VPNv4 Routes
Follow these steps to configure MP-BGP to establish sessions with BGP VPN-IP
Version 4 routes:
1. Use address-family vpnv4 command in Router Configuration mode to specify
BGP to advertise VPN-IP Version 4 (VPNv4) Unicast Layer 3 routing exchanges
that include the NLRI between PE and CE devices for the VRF that you specify.
Once the address-family vpnv4 command is issued, VPN-IP Version 4
Configuration mode is entered.
MOT:7A(config-bgp)#address-family vpnv4
2. Use the neighbor activate command in VPN-IP Version 4 Configuration mode
to enable the address family for this BGP neighbor.
MOT:7A(config-bgp-af-vpnv4)#neighbor <A.B.C.D> activate
where:
A.B.C.D is the neighbor IP address.
3. Use the neighbor send-community extended command to advertise the
extended community attribute to this neighbor:
MOT:7A(config-bgp-af-vpnv4)#neighbor <A.B.C.D> send-community
extended
where:
A.B.C.D is the neighbor IP address.
4. Repeat Step 2 and Step 3 to enable the IP-VPNv4 address family for additional
BGP neighbors.
5. Use the show ip bgp vpnv4 all-vrfs command to display VPNv4 NLRI
information between PE and CE devices for all VRFs.
When BGP peering is established with a remote PE router, the BSR advertises
VPN-IPv4 routes for all VRFs local CE routes.
Note: Ensure that the neighbor PE router supports the VPN-IPv4 address
family, if the negotiation fails with another PE router because it does not
support the VPN-IPv4 address family, the BSR closes the IPv4 BGP
connection with that PE.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-54 Compass ID: 391459945 Version 2
6. Use the exit-address-family to return to return to (BGP) Router Configuration
mode.
Redistributing Routes Between Different VRFs
Routes can be redistributed between different VRFs. VPN-IPv4 routes can be
imported from one non-Global VRF into another non-Global VRF based on the
configuration of route targets. One common way for redistributing routes between
different VRFs is the hub and spoke model. In the hub and spoke model, the hub VRF
imports routes from all spokes, while each spoke imports routes from the hub only.
Follow these steps to redistribute routes between different VRFs:
1. Use the ip vrf command in Global Configuration mode to enter the specified
VRF:
MOT:7A(config)#ip vrf <WORD>
where:
WORD is the VRF name.
2. Use the route-target export command in VRF Configuration mode to specify
the export route target for the VPN:
MOT:7A(config-vrf)#route-target export [<A.B.C.D:EF> | <A:BC>]
where:
A.B.C.D: EF is a 32-bit IP address followed by a colon and a 16-bit arbitrary
number. For example: 152.10.2.1:3
A:BC is a 16-bit AS number followed by a colon and a 32-bit arbitrary
number. For example: 200:10
3. Use the exit command to enter Global Configuration mode.
Note: Any kind of CE route (connected, static, BGP, etc.) is eligible to be
imported from one VRF to another if BGP is enabled and configured on the
local PE router.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-55
4. Use the ip vrf command in Global Configuration mode to enter another VRF:
MOT:7A(config)#ip vrf <WORD>
where:
WORD is the VRF name.
MOT:7A(config)#ip vrf VOIP_Voice_VPN
5. Use the route-target import command in VRF Configuration mode to specify
the import route target.
MOT:7A(config-vrf)#route-target import [<A.B.C.D:EF> | <A:BC>]
where:
A.B.C.D: EF is a 32-bit IP address followed by a colon and a 16-bit arbitrary
number (152.10.2.1:8)
A:BC is a 16-bit AS number followed by a colon and a 32-bit arbitrary
number (200:12)
6. Repeat Step 4 through Step 5 to create more VRF import route targets for each
VPN that you configure. When you are finished proceed to Step 7.
7. Use the exit command to enter Global Configuration mode.
Note: Local routes in one VRF instance can be imported into another VRF
instance using export and import route targets. This is when the route target
of one VRF matches with the import route export target of another.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-56 Compass ID: 391459945 Version 2
Redistribute Connected, Static or BGP Routes Between VRFs
1. Use the router bgp command in Global Configuration mode to enter Router
Configuration mode for BGP:
MOT:7A(config)#router bgp <1-65535>
where:
1-65535 is the AS to which the BSR belongs.
2. Use the address-family ipv4 vrf command to enter Address Family IPv4
Configuration mode to specify IPv4 BGP routes for the specified VRF:
MOT:7A(config-bgp)#address-family ipv4 vrf <WORD>
where:
WORD is the VRF name.
3. If static routes are configured, issue the redistribute static command in Address
Family IPv4 Configuration mode to redistribute static routes into BGP:
MOT:7A(config-bgp-af-ipv4)#redistribute static
4. If connected routes are configured, issue the redistribute connected command to
redistribute connected routes into BGP:
MOT:7A(config-bgp-af-ipv4)#redistribute connected
5. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
Configuring Internet Access for a VPN
A default route must be configured from within the VPN to an Internet Gateway on
the Provider Network to allow VPN members Internet access.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-57
Configuring Policy Decision Point Access for a VoIP VPN
The BSR accepts Common Open Policy Service (COPS) connections from any Policy
Decision Point (PDP) IP address through a TCP connection by default. A PDP is
either the CMS in the PacketCable architecture or the Policy Server (PS) in the
PacketCable Multimedia architecture where a Client/MTA policy request is either
serviced or rejected.
If the cops pdp-ip address is configured to restrict COPS connections to a specific
PDP, then COPS traffic to and from this PDP can be accepted in a specified VoIP
VPN if the no dqos shutdown vrf is configured.
Follow these steps to configure PDP access for a specified VoIP VPN:
1. Use the packet-cable command in Global Configuration mode to enter
PacketCable Configuration mode:
MOT:7A(config)#packet-cable
2. Use the cops pdp-ip command in PacketCable Configuration mode to restrict
COPS connections to a specific PDP for specified VoIP VPNs:
MOT:7A(config-pktcable)#cops pdp-ip <A.B.C.D>
where:
A.B.C.D is the PDP IP address.
3. Use the no dqos shutdown vrf command to enable traffic between the BSR and
PDP so that this traffic can be forwarded within a specified VoIP VPN:
MOT:7A(config-pktcable)#no dqos shudown vrf <WORD>
where:
WORD is the VRF name.
Note: If the no dqos shutdown vrf command is not configured, the Global
VPN is used to forward COPS traffic to and from the PDP.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-58 Compass ID: 391459945 Version 2
Optional Configuration Task Summary
Table 1-4 provides a summary of optional tasks that can be used to configure VPNs
and where to find the information for these tasks either in this document or in the
BSR 64000 Documentation Set:
Note: The tasks referenced in Table 1-4 do not need to be completed in any
particular order. Use the tasks that apply to your VPN application.
Table 1-4 Optional Configuration Task Summary
Task Refer to:
Configure a VPN for DHCP provisioning. Creating a DHCP Provisioning VPN on page 1-59
Configure cable subinterface bundles. Bundling Cable Subinterfaces on page 1-61.
Configure a numerical ID for a VPN that is used
by Provider Network administrator to configure
VPNs with DHCP servers.
Configuring a VPN ID on page 1-63.
Configure a Static Route for a VRF. Configuring Static Routes for VRF CEs and Hosts on
page 1-65
Change the maximum number of routes per
VRF instance.
Managing the Number of Routes per VRF Instance on
page 1-66
Assign an existing DOCSIS QoS Service Class
to a VPN Subinterface
Assigning a Service Class to a VPN Subinterface on
page 1-67
Use an extended community access list to filter
VRF Routes on PE routers.
The ip extcommunity-list command in the BGP/MPLS
VPN Commands section
Set ARP parameters for VPNs. Chapter 5 of the BSR 64000 Configuration and
Management Guide
Refer to the BGP/MPLS VPN Commands section
Configure the Host Authorization feature on a
cable subinterface for a VPN to deny hackers
from stealing service from users.
Chapter 6 of the BSR 64000 Configuration and
Management Guide
Refer to BGP/MPLS VPN Commands on page 1-82
Configure CM Subnets on the cable interface. Configuring CM Subnets on a Cable Interface on page
1-68
Configure VPNs and Multi-ISPs on the same
cable interface.
Interworking VPNs and Multi-ISPs on page 1-74
Assign a VRF to a cable subinterface. Assigning a VRF to a Cable Subinterface
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-59
Creating a DHCP Provisioning VPN
Follow these steps to configure a cable interface for a DHCP provisioning VPN:
1. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
2. Use the ip vrf forwarding command in Interface Configuration mode to specify
a VRF for a cable interface:
MOT:7A(config-if)#ip vrf forwarding <WORD>
where:
WORD is the VRF name.
3. Use the ip address command to enter a primary network IP address on the cable
interface:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D>
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
Delete a VRF for a VPN. Deleting a VRF on page 1-78
Remove a VRF from a subinterface or loopback
interface.
Refer to Removing VRF Associations from Interfaces on
page 1-79
Configure the BGP routing protocol to advertise
IP Version 4 routes between PE routers and
redistribute directly connected networks.
Refer to Configuring BGP to Advertise IPv4 Routes on
page 1-81
Table 1-4 Optional Configuration Task Summary
Task Refer to:
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-60 Compass ID: 391459945 Version 2
4. Use the ip address secondary command to enter a secondary network IP address
on the cable interface:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
5. Use the ip address secondary command to enter a secondary network IP address
on the cable interface for the CPE host IP address:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary host
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
host designates a CPE host for this secondary IP address.
6. Use the ip address secondary command to enter a secondary network IP address
on the cable interface for the eMTA gateway IP address (giaddr):
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary mta
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
mta designates an MTA for this secondary IP address.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-61
7. Use the cable helper-address command to separate DHCP traffic between the
CM/CPEs/eMTAs and DHCP server into a DHCP VPN.
MOT:7A(config-if)#cable helper-address <A.B.C.D> cable-modem vrf
<WORD>
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs.
vrf <WORD> is the VRF name for the DHCP VPN.
Bundling Cable Subinterfaces
The subinterface bundling feature eliminates the need for an IP subnet for each cable
subinterface. Subinterfaces belonging to the same VPN can be bundled (shared)
across more than one cable interface. Cable subinterface bundling simplifies network
configuration and conserves IP addresses by grouping multiple cable subinterfaces
belonging to the same VPN into a single IP subnet.
A cable subinterface bundle comprises two or more cable subinterfaces that belong to
the same VPN: one cable subinterface is configured as the master, while the
remaining subinterfaces on other cable interfaces are configured as slaves to the
master. The master cable subinterface is specified an IP address and other parameters,
and the slaves share the same IP address and parameters with the master. The slaves
only require a subinterface bundle ID number to make them unique.
Note: Subinterface bundling can co-exist and work independently with the
existing cable bundling feature for non-VPNs. Also, if a cable bundle
associated with a VRF is changed, the policies and access-groups that apply
to this cable bundle must be reconfigured.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-62 Compass ID: 391459945 Version 2
Follow these steps to configure a master and slave cable subinterface:
1. Use the interface cable command in Global Configuration mode to select the
cable interface on which the master cable subinterface is located:
interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127.
2. Use the cable bundle master command in Subinterface Configuration mode to
designate this cable subinterface as the master cable subinterface, and specify the
bundle ID number:
MOT:7A(config-if)#cable bundle <1-255> master
where:
1-255 is the number of the cable bundle identifier.
3. Use the exit command to exit both the cable interface and subinterface and enter
Global Configuration mode.
4. Use the interface cable command in Global Configuration mode to select the
cable interface on which the slave cable subinterface is located:
interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127.
5. Use the cable bundle command in Subinterface Configuration mode to specify
this cable subinterface as the slave cable subinterface and specify the bundle the
same number as the master cable subinterface:
MOT:7A(config-if)#cable bundle <1-255>
where:
1-255 is the number of the cable bundle identifier.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-63
6. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
7. Use the show interface cable command to view and verify the operation of the
configured master and slave subinterfaces:
MOT:7A(config-if)#show interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127.
Configuring a VPN ID
A VPN Identification (ID) number can be configured for a VRF. This VPN ID is used
by a DHCP server on the Provider Network to specify IP addresses to VPN clients in
the following way:
1. A VPN DHCP client forwards an IP address request to the PE router from a VRF.
2. The PE router determines the VPN ID associated with that VRF.
3. The PE router sends a request to the DHCP server, which contains the VPN ID.
The VPN ID includes the Organizational Unique Identifier (OUI).
4. The DHCP server uses the OUI to specify the VPN DHCP client and IP address.
5. The DHCP server processes the request and sends a response to the PE router,
which authorizes the VPN DHCP client to access the VPN.
Follow these steps to specify a VPN ID on the BSR:
1. Use the ip vrf command in Global Configuration mode to enter the VRF:
MOT:7A(config)#ip vrf <WORD>
where:
WORD is the VRF name.
The same VPN ID is specified for all PE routers in the Provider Network that services
the specific VPN. A VPN ID consists of the following:
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-64 Compass ID: 391459945 Version 2
The OUI is the BSR 64000 chassis MAC address, which is a hexidecimal number
that is assigned by the IEEE Registration Authority to equipment manufacturers
to generate universal LAN MAC addresses and protocol identifiers for use in
network applications. For example, the OUI for Motorola BCS is 00-04-BD.
VPN Index ID number.
2. Use the vpn id command in Router Configuration mode to specify a VPN ID for
the VPN:
MOT:7A(config-vrf)#vpn id <OUI:VPN-Index>
where:
OUI is the PE routers (BSR 64000 chassis) MAC address.
VPN-Index is the 4-octet ID number specified for this VPN by the administrator
for the VPN customer.
3. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
4. Use the show ip vrf command to display information about the VRFs on the PE
router:
MOT:7A(config-vrf)#show ip vrf
5. Use the show ip vrf id command to ensure that the PE router contains the VPN
ID specified in Step 2:
MOT:7A(config-vrf)#show ip vrf id
The show ip vrf id command displays all the VPN IDs that are configured on the
BSR, their associated VRF names, and VRF Route Distinguishers (RDs). If a
VRF has not been specified with a VPN ID, the VRF entry is not included in the
output.
The following example updates the VPN ID specified for the VRF called "vpn9":
MOT:7A(config)#ip vrf vpn9
MOT:7A(config-vrf)#vpn id a8:4f7c
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-65
Configuring Static Routes for VRF CEs and Hosts
Follow these steps to configure static routes for VRF CEs and hosts:
1. If the BSR cannot dynamically build a route to the specific destination or if the
route must be permanent, issue the ip route vrf command in Global
Configuration mode to specify a static IP route for attached CEs and hosts.
MOT:7A(config)#ip route vrf <WORD> <A.B.C.D> <A.B.C.D> <A.B.C.D>
where:
WORD is the VRF name.
A.B.C.D is the static route destination prefix.
A.B.C.D is the static route destination prefix mask.
A.B.C.D is the forwarding router's (next hop) IP address.
2. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
3. Use the show ip route vrf to view both static and connected VRF routes:
MOT:7A(config)#show ip route vrf <WORD>
where:
WORD is the VRF name.
Note: Static routes can also be added to a VRF with the next hop reachable
through another VRF.
Note: The BSR supports a maximum of 512 static routes per VRF.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-66 Compass ID: 391459945 Version 2
Managing the Number of Routes per VRF Instance
The default number of routes per VRF instance is 4096. When this limit is exceeded, a
log message is generated and any additional route is rejected.
Follow these steps to allow more or less routes per VRF instance:
1. Use the ip vrf command in Global Configuration mode to create a VRF:
MOT:7A(config)#ip vrf <WORD>
where:
WORD is the VRF name.
2. Use the maximum-prefixes command in VRF Configuration mode to change the
number of routes for this VRF:
MOT:7A(config-vrf)#maximum-prefixes <NUM>
where:
NUM is the maximum number of routes from 16 to 16384.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-67
Assigning a Service Class to a VPN Subinterface
Each VPN cable subinterface can have a different user-defined default service class
that is based on existing DOCSIS QoS service classes. If a service class is not
specified for the cable subinterface VPN, the existing system level default service
class is used instead.
Service classes can be created using the existing service-class commands available in
Service Class Configuration mode. Refer to the BSR 64000 Command Reference
Guide or BSR 64000 Configuration and Management Guide for more information.
Follow these steps to configure a service class for a VPN cable subinterface:
1. Use the interface cable command in Global Configuration mode to enter the
cable subinterface:
MOT:7A(config)#interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127 used for configuring a VPN on a
cable interface.
2. Use the cable service-class default command, in Subinterface Configuration
mode to specify a service class for a VPN subinterface or non-VPN subinterface
that overrides the existing system level default service class:
cable service-class default <WORD> <WORD>
where:
WORD is the default service class name specified for this VPN.
WORD is the user-specified service class.
Note: The user-defined default service class can also be specified for a
non-VPN subinterface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-68 Compass ID: 391459945 Version 2
Configuring CM Subnets on a Cable Interface
The following sections describe how to configure subnets for VPN and non-VPN
CMs on the cable interface:
Configuring CM Subnets on a Cable Interface for VPNs
Configuring CM Subnets on a Cable Interface for Non-VPNs
Configuring CM Subnets on a Cable Interface for VPNs
Follow these steps to configure CM Subnets on a Cable interface for VPNs:
1. Use the interface cable command in Global Configuration mode to enter the
desired cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
2. Use the no shutdown command to enable this interface.
Note: The Primary IP address must be configured before configuring
secondary IP addresses. A primary IP address cannot be deleted unless all
secondary IP addresses are deleted.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-69
3. Use the ip address cm vrf command in Interface Configuration mode to enter a
primary network IP address on the cable interface for a VRF:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> cm vrf <WORD>
where:
A.B.C.D is the primary IP address.
A.B.C.D is the subnetwork mask.
WORD is the VRF name.
4. Use the ip address secondary cm vrf command to enter a secondary network IP
address on the cable interface for an additional VRF:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary cm vrf
<WORD>
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary makes this IP address the secondary IP address.
WORD is the VRF name.
5. Repeat Step 4 to specify more VRFs on this cable interface.
6. Use the cable helper-address command to forward DHCP requests from all or
specified CMs, CPE hosts, or eMTAs to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> [cable-modem | host
| mta]
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs only.
host forwards DHCP requests from CPE host devices only.
Note: A VRF name must be configured before completing this step. Refer to
Creating a VRF on page 1-17 for more information.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-70 Compass ID: 391459945 Version 2
mta forwards DHCP requests from MTA devices only.
7. Use the ip dhcp relay information option command to enable the DHCP relay
agent.
MOT:7A(config-if)#ip dhcp relay information option
8. Use the no cable downstream 0 shutdown command to enable the cable
interfaces downstream port.
9. The upstream ports are in a shutdown state by default. Use the no cable
upstream shutdown command in Interface Configuration mode to enable the
upstream ports:
MOT:7A(config-if)#no cable upstream <NUM> shutdown
where:
NUM is the upstream port number.
10. Repeat Step 9 to enable another upstream port.
11. The upstream logical channels are in a shutdown state by default. Use the no
cable upstream shutdown command in Interface Configuration mode to enable
the upstream logical channels:
MOT:7A(config-if)#no cable upstream <X/Y> shutdown
where:
X/Y is the upstream port number and logical channel.
12. Repeat Step 11 to enable another logical channel on an upstream port.Use the
show interface cable command to ensure that this cable interface and its
upstream and downstream ports are enabled:
MOT:7A(config-if)#show interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
Note: Refer to the BSR 64000 Configuration and Management Guide for
more information on logical channels.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-71
13. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
14. Use the exit command to exit Interface Configuration mode.
Configuring CM Subnets on a Cable Interface for Non-VPNs
Follow these steps to configure CM Subnets on a Cable interface for non-VPNs:
1. Use the interface cable command in Global Configuration mode to enter the
cable interface:
MOT:7A(config)#interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
2. Use the ip address command in Interface Configuration mode to enter a primary
network IP address on the cable interface for non-VRF CMs:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D>
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
Note: The Primary IP address must be configured before configuring
secondary IP addresses. A primary IP address cannot be deleted unless all
secondary IP addresses are deleted.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-72 Compass ID: 391459945 Version 2
3. Use the ip address secondary command to enter a secondary network IP address
on the cable interface for non-VRF CMs:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary [host |
mta]
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
host designates a CPE host for this secondary IP address.
mta designates an MTA for this secondary IP address.
4. Use the cable helper-address command to forward DHCP requests from CMs,
and CPE hosts to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> [cable-modem | host
| mta]
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs only.
host forwards DHCP requests from CPE host devices only.
mta forwards DHCP requests from MTA devices only.
5. Use the ip dhcp relay information option command in to enable the DHCP
relay agent.
MOT:7A(config-if)#ip dhcp relay information option
6. If the cable interface is not enabled, its subinterfaces are not enabled. Use the no
shutdown command to enable this interface if it is not enabled already.
Note: A secondary IP address can be used in some applications as the CPE
host or MTA gateway IP address (giaddr). There are special options for
configuring a secondary IP address on the cable interface. Refer to
Subneting DHCP Clients on the Cable Interface in Chapter 6 of the BSR
64000 Configuration and Management Guide for more information.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-73
7. Use the no cable downstream 0 shutdown command to enable the cable
interfaces downstream port.
8. Use the no cable upstream shutdown command to enable the cable interfaces
upstream port:
MOT:7A(config-if)#no cable upstream <NUM> shutdown
where:
NUM is the upstream port number.
9. Repeat Step 8 to enable more upstream ports on this cable interface.
10. The upstream logical channels are in a shutdown state by default. Use the no
cable upstream shutdown command in Interface Configuration mode to enable
an upstream logical channel:
MOT:7A(config-if)#no cable upstream <X/Y> shutdown
where:
X/Y is the upstream port number and logical channel.
11. Repeat Step 8 to enable another logical channel on an upstream port.
12. Use the show interface cable command to ensure that this cable interface and its
upstream and downstream ports are enabled:
MOT:7A(config-if)#show interface cable <X/Y>
where:
X is the slot number.
Y is the port number.
13. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
14. Use the exit command to exit Interface Configuration mode.
Note: Refer to the BSR 64000 Configuration and Management Guide for
more information on logical channels.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-74 Compass ID: 391459945 Version 2
Interworking VPNs and Multi-ISPs
The ip address command must be configured in Interface Configuration mode for
VPNs and Multiple Internet Service Providers (ISPs) to operate in different subnets
on the same cable interface. The cable helper address command must also be
configured for both VPNs and Multiple ISPs to address their different IP subnets.
The following example describes the configuration of IP subnets for VPNs and
Multiple ISPs on the same cable interface:
interface cable 1/0
ip address 50.50.50.1 255.255.255.0
ip address 10.10.10.1 255.255.255.0 secondary host-sub-interface 1
mta-sub-interface 3 voice-sub-interface 4
ip address 20.20.20.1 255.255.255.0 secondary host isp-bind
50.50.50.1
ip address 30.30.30.1 255.255.255.0 secondary mta isp-bind
50.50.50.1
cable helper-address 100.100.100.2 host
cable helper-address 200.200.200.2 host isp-bind 50.50.50.1
cable helper-address 200.200.200.2 mta isp-bind 50.50.50.1
Note: VPNs and Multiple ISPs cannot be in the same IP subnetwork.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-75
Assigning a VRF to a Cable Subinterface
A VRF can be associated with a cable subinterface. Follow these steps to specify a
VRF for a cable subinterface:
1. Use the interface cable command in Global Configuration mode to create a cable
subinterface:
MOT:7A(config)#interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127.
For example:
MOT:7A(config)#interface cable 5/0.4
MOT:7A(config-if)#
2. Use the ip vrf forwarding command in Subinterface Configuration mode to
specify a VRF for a cable subinterface:
MOT:7A(config-if)#ip vrf forwarding <WORD>
where:
WORD is the VRF name.
Note: Any cable subinterface that is not associated with a VRF cannot
participate in any VPN.
Note: The VRF name must match the VRF name entered in the section:
Creating a VRF on page 1-17. If the ip vrf forwarding command is not
entered on the subinterface, then this subinterface is treated as a non-VPN
subinterface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-76 Compass ID: 391459945 Version 2
3. Use the ip address command in Subinterface Configuration mode to specify a
primary CPE network IP address and subnet address for this subinterface:
MOT:7A(config-if)#ip address {<A.B.C.D> <A.B.C.D>}
where:
A.B.C.D is the IP address of the subinterface.
A.B.C.D is the network mask of the IP network on which the subinterface is
associated.
4. Use the ip address secondary command to enter a secondary CPE network IP
address on this subinterface:
MOT:7A(config-if)#ip address <A.B.C.D> <A.B.C.D> secondary [host |
mta]
where:
A.B.C.D is the IP address.
A.B.C.D is the subnetwork mask.
secondary designates the specified IP address as a secondary IP address.
host designates a CPE host for this secondary IP address.
mta designates an MTA for this secondary IP address.
Note: A secondary IP address can be used in some applications as the CPE
host or MTA gateway IP address (giaddr). There are special options for
configuring a secondary IP address on the cable interface. Refer to
Subneting DHCP Clients on the Cable Interface in Chapter 6 of the BSR
64000 Configuration and Management Guide for more information.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-77
5. Use the cable helper-address command to forward DHCP requests from CMs,
MTA devices, and CPE hosts to the IP address of the DHCP server.
MOT:7A(config-if)#cable helper-address <A.B.C.D> {cable-modem |
host | mta} [global]
where
A.B.C.D is the IP address of the destination DHCP server.
cable-modem forwards DHCP requests from CMs only.
host forwards DHCP requests from CPE host devices only.
mta forwards DHCP requests from MTA devices only.
global specifies that the IP address is on the Global network (not in a VPN),
which is the default.
The BSR associates CMs to subinterfaces based on their IP addresses after they
successfully register. Once a CM is associated with a subinterface, all the CE
devices and/or CPE hosts that are connected to the CM are associated with the
same subinterface.
6. Use the no shutdown command to enable the subinterface.
7. Use the show ip vrf command to verify that the VPN is enabled and configured
correctly:
MOT:7A(config-if)#show ip vrf [<WORD>]
Where:
WORD is the VRF name.
For example, the following command output verifies that the VPN is configured
and enabled:
BSR64K-2:7A#show ip vrf
Name Idx RD Interfaces
------------------------------- --- ------------------ ----------
VPN_A 1 100:1 loopback 2
ethernet 13/6
cable 2/0.2
VPN_B 2 41.41.41.1:1
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-78 Compass ID: 391459945 Version 2
8. Use the show ip interface cable command to verify the status and configuration
of the VRF subinterface:
MOT:7A(config-if)#show ip interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127.
9. Repeat Step 1 through Step 8 to specify another VRF for a cable subinterface.
10. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
Deleting a VRF
Follow these steps to delete a VRF:
1. Use the no ip vrf command in Global Configuration mode if you need to delete a
VRF for a VPN:
MOT:7A(config)#no ip vrf <WORD>
where:
WORD is the VRF name.
Once a VRF is deleted, the following actions occur:
The VRF routes (including static routes) and all associated MPLS forwarding
entries are deleted.
MP-BGP UNREACH-NLRI routing updates are sent from the BSR to
withdraw all local CE routes that are associated with the VRF.
Records of all associated CMs and ARP entries for all related CMs, CEs, and
hosts are deleted.
All traffic to and from CMs for the VRF is discarded.
All configurations associated with the VRF are deleted from the BSR, which
includes the cable subinterface or loopback interface configuration of the ip
vrf forwarding, ip address, and ip policy route-map commands.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-79
All IP subnets are removed and all other configurations associated with the
VRF are removed, such as static route, ARP, or host authorization.
2. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
Removing VRF Associations from Interfaces
When a VRF association is removed from a cable subinterface, loopback interface, or
a network interface the following occurs:
All IP addresses on the subinterface are deleted.
All the routes (including static routes) reachable through the subinterface are
deleted in their respective VRFs.
All the associated MPLS forwarding entries (of the deleted routes) are deleted.
Routing updates (MP-BGP UNREACH-NLRIs) are sent to withdraw all deleted
routes.
Records of all associated CMs, CPEs, and/or MTAs and their respective ARP
entries are deleted.
All the traffic to and from the CMs, CPEs, and/or MTAs is discarded.
Removing a VRF from a Cable Subinterface
Follow these steps to remove a subinterface VRF:
1. Use the interface cable command in Global Configuration mode to create a cable
subinterface:
MOT:7A(config)#interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the number from 1 to 127 of the VRF subinterface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-80 Compass ID: 391459945 Version 2
2. Use the no ip vrf forwarding command in Subinterface Configuration mode to
remove the VRF from the subinterface:
MOT:7A(config-if)#no ip vrf forwarding <WORD>
where:
WORD is the VRF name.
3. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
4. Use the show ip interface cable command to verify the status and configuration
of the cable subinterface:
MOT:7A(config-if)#show ip interface cable <X/Y.N>
where:
X is the slot number.
Y is the port number.
.N is the subinterface number from 1 to 127.
Removing a VRF from a Loopback Interface
Follow these steps to remove a loopback interface VRF:
1. Use the interface loopback command in Global Configuration mode to enter a
loopback interface VRF:
MOT:7A(config)#interface loopback <1-255>
where:
1-255 is the loopback interface VRF number.
2. Use the no ip vrf forwarding command in Interface Configuration mode to
remove the VRF from the loopback interface:
MOT:7A(config-if)#no ip vrf forwarding <WORD>
where:
WORD is the VRF name.
3. Use the copy running-config startup-config command to copy the current
system configuration to the system startup configuration, which saves these
configuration changes.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-81
4. Use the show ip interface loopback to verify the status and configuration of the
loopback interface:
MOT:7A(config-if)#show ip interface loopback <1-255>
where:
1-255 is the loopback interface number.
Configuring BGP to Advertise IPv4 Routes
Follow these steps to configure the BGP to advertise IP Version 4 routes between PE
routers and redistribute directly connected networks:
1. Use the address-family ipv4 command to enter Address Family IPv4
Configuration mode to specify IPv4 Unicast BGP routes:
MOT:7A(config-bgp)#address-family ipv4
Address Family IPv4 Configuration mode appears:
MOT:7A(config-bgp-af-ipv4)#
2. If static routes are configured, issue the redistribute static command to
redistribute static routes into BGP:
MOT:7A(config-bgp-af-ipv4)#redistribute static
3. If connected routes are configured, issue the redistribute connected command to
redistribute connected routes into BGP:
MOT:7A(config-bgp-af-ipv4)#redistribute connected
4. Use the no auto-summary command to disable automatic network
summarization of routes:
MOT:7A(config-bgp-af-ipv4)#no auto-summary
5. Use the no synchronization command to disable synchronization, and allows the
BGP router to advertise a network route without waiting to learn it through the
IGP.
MOT:7A(config-bgp-af-ipv4)#no synchronization
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-82 Compass ID: 391459945 Version 2
6. Use the neighbor activate command in IP Version 4 Configuration mode to
enable the address family for this BGP neighbor.
MOT:7A(config-bgp-af-ipv4)#neighbor <A.B.C.D> activate
where:
A.B.C.D is the neighbor IP address.
7. Repeat Step 6 to enable the IPv4 address family for additional BGP neighbors.
8. Use the exit-address-family to return to return to (BGP) Router Configuration
mode.
BGP/MPLS VPN Commands
The commands in this chapter are implemented to configure and control the operation
of the BGP/MPLS VPN, display VPN parameters, and debug VPNs. While some
commands in the 4.0 release are new, others are present in earlier releases and have
been modified to accommodate 4.0 features.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-83
address-family
Use the address-family command while configuring BGP on the BSR to advertise
either VPN-IP Version 4 (VPNv4) or IP Version 4 (IPv4) Layer 3 address families.
Network Layer Reachability Information (NLRI) is advertised to do the following:
Configure advertisement of IPv4 NLRIs of VPN Routing and Forwarding table
(VRF)s or the Global VRF.
Configure advertisement of VPNv4 NLRIs to a PE BGP peer.
Enter the BGP routing parameters that apply to a VRF or address family.
Group Access
All
Command Mode
Router Configuration (used in BGP routing only)
Command Line Usage
Use the following command line for VPN-IPv4 Unicast routes:
address-family vpnv4
no address-family vpnv4
Once the address-family vpnv4 is entered, Address Family VPN IPv4 Configuration
mode appears. For example:
MOT:7A(config-bgp)#address-family vpnv4
MOT:7A(config-bgp-af-vpnv4)#
Use the following command line for IPv4 Unicast routes:
address-family ipv4 [unicast]
no address-family ipv4 [unicast]
Once the address-family ipv4 is entered, Address Family IPv4 Configuration mode
is appears. For example:
MOT:7A(config-bgp)#address-family ipv4
MOT:7A(config-bgp-af-ipv4)#
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-84 Compass ID: 391459945 Version 2
Use the following command line to specify IPv4 Unicast routing exchanges between
PE and a CE device for routes belonging to a VRF. All subsequent commands are
executed for the VRF:
address-family ipv4 vrf <WORD>
no address-family ipv4 vrf <WORD>
Once the address-family ipv4 vrf <WORD> command is entered, Address Family
IPv4 VRF Configuration mode appears. For example:
MOT:7A(config-bgp)#address-family ipv4 vrf VPN_A
MOT:7A(config-bgp-af-ipv4-VPN_A)#
Command Syntax
Command Default
The capability of exchanging routing information for the IPv4 address family is
advertised by default when a BGP session is configured using the neighbor
remote-as command unless the no bgp default ipv4-unicast command is entered.
vpnv4 configures sessions that carry Customer
Network VPN VPNv4 prefixes, each of
which has been made Globally unique by
adding an 8-byte route distinguisher
ipv4 configures sessions that carry standard IPv4
address prefixes
unicast (optional) Specifies unicast prefixes, which is
the default
vrf WORD the VRF name
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-85
arp
The arp command adds a permanent entry in the ARP cache. The no arp command
removes the entry in the ARP cache. The arp command can also specify the type of
ARP packet that is used, whether to use an alias if proxy arp is enabled, and to specify
a cable bundle interface if cable bundling is being used.
Group Access
ISP
Command Mode
Global Configuration
Command Line Usage
arp [vrf <WORD>] <A.B.C.D> <H.H.H> {arpa | snap} [alias | cablebundle cable
<X/Y> | cm-hardware-address <H.H.H>]
no arp {vrf <WORD> | <A.B.C.D>}
Command Syntax
(
Note: Proxy ARP is not enabled by default. ARP cache entries translate
32-bit addresses into 48-bit hardware addresses. If the host supports
dynamic resolution, static entries are usually not needed. Use the clear
arp-cache command to remove all dynamically learned entries.
vrf <WORD> the VRF name
A.B.C.D four-part dotted-decimal format matching the
local data link
H.H.H 48-bit hardware address of ARP entry
arpa standard Ethernet-style ARP, RFC 826
snap IEEE 802.3 usage of ARP packets
conforming to RFC 1042
alias responds to ARP as if it owns the specified
address, if proxy arp is enabled
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-86 Compass ID: 391459945 Version 2
Command Default
no entries in table
arpa (Ethernet ARP)
cablebundle cable specify the cable bundle physical interface to
which the device is attached
X/Y BSR cable slot and port number
cm-hardware-address specifies the CM that is connected to this host
H.H.H CM MAC address
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-87
cable service-class default
The cable service-class default command is used to specify a default service class for
a VPN subinterface or non-VPN subinterface and override the existing system level
default service class. Each VPN can have different default service class. If a service
class is not specified for the VPN subinterface or non-VPN subinterface, the existing
system level default service class is used instead.
Service classes can be created using the existing service-class commands available in
Service Class Configuration mode. Refer to the BSR 64000 Command Reference
Guide or BSR 64000 Configuration and Management Guide for more information.
Group Access
ISP
Command Mode
Subinterface Configuration (which is entered through a cable interface only)
Command Line Usage
cable service-class default <WORD> <WORD>
no cable service-class default <WORD>
Command Syntax
WORD is the default service class name specified for
this VPN
WORD is the user-specified service class
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-88 Compass ID: 391459945 Version 2
cable helper-address
The cable helper-address command enables broadcast forwarding for User
Datagram Protocol (UDP) packets for DHCP only. This command should be used in
conjunction with the ip dhcp relay information option command. The cable helper
address function disassembles a CMs DHCP broadcast packet, and reassembles it
into a unicast packet so that the packet can traverse the router and communicate with
the DHCP server.
Group Access
ISP
Command Mode
Interface Configuration (cable and loopback interfaces only) and Subinterface
Configuration
Command Line Usage
When the cable helper-address command is used in Interface Configuration mode,
the following syntax applies:
cable helper-address <A.B.C.D> {cable-modem [vrf <WORD> | global] | host [vrf
<WORD> | global] | mta [vrf <WORD>] | global}
When the cable helper-address command is used in Cable Subinterface
Configuration mode, the following syntax applies:
Command Syntax
A.B.C.D the IP address of the destination DHCP server
cable-modem specifies that DHCP requests are forwarded
from CMs only
host specifies that DHCP requests are forwarded
from CPE hosts only
mta specifies that DHCP requests are forwarded
from eMTA devices only
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-89
vrf <WORD> specifies that DHCP requests are forwarded
from the CMs, CPEs, or eMTAs from within
the specified VRF
global specifies that the helper address is on the
Global network (not in a VPN), which is the
default
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-90 Compass ID: 391459945 Version 2
cable host authorization range
The cable host authorization range command defines a range of CPE IP addresses
that are allowed to be added to the host authorization table (static IP table) and VRF.
Any CPE IP address within the specified start and end IP address range is added to the
host authorization table when a CPE joins the network.
CPEs can be added automatically to the network by specifying a start and end range
of IP addresses. This function allows you to specify a partial subnet by allowing CPEs
on different cable interfaces to automatically connect to a network. This feature is
enabled when Host Authorization is enabled and the CPEs within the configured start
and end range of IP addresses are authorized to pass data.
Group Access
MSO
Command Mode
Global Configuration
Command Line Usage
cable host authorization range <prefix> <prefix> [vrf <vrf-name>]
no cable host authorization range <prefix> <prefix> [vrf <vrf-name>]
Command Syntax
Note: Up to 32 CPE IP address ranges can be defined for the BSR.
prefix start of the IP address range
prefix end of the IP address range
vrf vrf-name the VPN Routing Forwarding (VRF) name
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-91
clear arp-cache
The clear arp-cache command clears dynamic entries from ARP cache or the ARP
cache in the VRF name.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
clear arp-cache [<A.B.C.D> | vrf <WORD> [<A.B.C.D>]]
Command Syntax
A.B.C.D IP address for ARP table entry to be cleared
vrf WORD the VRF name
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-92 Compass ID: 391459945 Version 2
clear counters
The clear counters command is used to clear all interface counters on the BSR,
specific interface counters or subinterface counters.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
clear counters [ethernet <X/Y.N> | cable <X/Y.N> | ipsec | loopback <1-255> | pos
<X/Y> | gigaether <X/Y.N> | tunnel <0-255>]
Command Syntax
cable X/Y clears the cable counters for the specified slot
and port
.N specifies the cable subinterface number to
clear from 1 to 127
ethernet X/Y.N clears the counters for the specified Ethernet
slot and port, and optional subinterface
number from 1 to 255
gigaether X/Y clears the counters for the specified Gigabit
Ethernet slot and port, and optional
subinterface number from 1 to 255
ipsec clears IPSEC counters
loopback 1-255 clears the loopback for the specified loopback
interface number
pos X/Y clears the Packet over SONET (POS)
counters for the specified slot and port
tunnel 0-255 clears the tunnel interface counters for the
specified tunnel interface number
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-93
clear ip route
The clear ip route command deletes dynamically learnt Global route table entries or
VPN Routing and Forwarding table (VRF) entries.
Use the no ip route command to delete a statically configured route.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
clear ip route [vrf <WORD>] {* | <A.B.C.D> [<A.B.C.D>]}
Command Syntax
Note: Dynamic routing protocols, such as OSPF or RIP, run a recalculation
process after which routes are added to the Route Table.
vrf WORD deletes entries for the VRF name
* deletes all route table entries
A.B.C.D destination network IP address
A.B.C.D destination network subnet mask
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-94 Compass ID: 391459945 Version 2
clear ip traffic
The clear ip traffic command resets the IP traffic statistic counters to zero for the
Global VRF or for a specified VRF.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
clear ip traffic [vrf <WORD> | all-vrfs]
Command Syntax
vrf WORD reset IP traffic statistic counters for the VRF
name
all-vrfs resets IP traffic statistic counters for all VRFs
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-95
debug arp
The debug arp command displays Address Resolution Protocol (ARP) information
exchanges between the network side of the BSR and other devices on the network.
The debug arp vrf command displays ARP information exchanges for the VPN. The
no debug arp command turns off ARP debugging.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
debug arp [vrf <WORD>]
no debug arp [vrf <WORD>]
Command Syntax
Command Default
Disabled
Note: This command does not display ARP exchanges between the BSR
and a CM and/or CPE.
vrf WORD the VRF name
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-96 Compass ID: 391459945 Version 2
debug cable reg
The debug cable reg command displays registration messages exchanged between
CMs and the CMTS. The no debug cable reg command turns off this debugging
operation.
Group Access
MSO
Command Mode
All modes except User EXEC
Command Line Usage
From Interface Configuration mode:
debug cable reg
no debug cable reg
From Privileged EXEC mode:
debug cable {<X/Y>} reg
no debug cable {<X/Y} reg
Command Syntax
X/Y BSR chassis slot number and port number of
the cable module
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-97
debug ip bgp
The debug ip bgp command displays BGP transactions. The no debug ip bgp
command turns off this debugging operation.
Use the debug ip bgp command to:
Show events that change the state of the BGP session with any peer
Show open messages sent and received between peers
Show keepalive messages sent and received between peers
Show update messages sent and received between peers including advertised
routes and withdrawn routes
Show notification messages sent and received between peers
Show refresh messages sent and received between peers
Troubleshoot BGP peer sessions and route exchanges
Show details of messages exchanged between peers
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
debug ip bgp {dampening | events | soft-reconfiguration-inbound} [global | vrf
<WORD>]
debug ip bgp {dampening | events | soft-reconfiguration-inbound} [vrf <WORD>]
debug ip bgp inbound-connection [access list {<1-199> | <1300-2699>}]
debug ip bgp {keepalives | updates | notifies | rules | {message-dump [open |
update | notify | keepalive | refresh | others]}} [in | out] [global | vrf <WORD>]
debug ip bgp <A.B.C.D> {keepalives | updates | notifies | rules | {message-dump
[open | update | notify | keepalive | refresh | others]}} [in | out] [vrf <WORD>]
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-98 Compass ID: 391459945 Version 2
Command Syntax
A.B.C.D neighbor IP address to debug
access-list 1-199 access list number
access-list 1300-2699 access list number (expanded)
dampening BGP dampening of Global routes
events enables logging of BGP neighbor state
transitions
keepalives BGP keepalives
message dump displays contents of BGP messages
refresh displays refresh messages sent and received
between peers
notifies BGP notification messages
rules gives an explanation for how update
messages and routes within them are treated
updates BGP update messages with routes (advertised
and withdrawn) within them
in specifies incoming information
out specifies outgoing information
soft-reconfiguration-i
nbound
provides information about an inbound BGP
neighbor router whose BGP session was
refreshed by using the clear ip bgp command
inbound-connection provides information about peers connecting
to the BSR
vrf <WORD> the VRF name
global the Global VRF, which is the default
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-99
debug ip icmp
The debug ip icmp command displays Internet Control Message Protocol (ICMP)
information exchanges between the BSR and other devices on the network. The no
debug ip icmp turns off ICMP debugging.
Use the debug ip icmp command to determine whether the BSR is sending or
receiving ICMP messages.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
debug ip icmp [vrf <WORD>]
no debug ip icmp [vrf <WORD>]
Command Syntax
Command Default
Disabled
vrf <WORD> the VRF name
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-100 Compass ID: 391459945 Version 2
debug ip packet
The debug ip packet command displays general IP debugging information including
packets received, generated, and forwarded when it is enabled for operation.
The no debug ip packet command turns off IP debugging operations.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
debug ip packet [vrf <WORD>] [<1-199> | <1300-2699> | detail]
no debug ip packet [vrf <WORD>] [<1-199> | <1300-2699> | detail]
Command Syntax
Note: The debug ip packet command displays only the IP packets that are
received in the slow path (SRM module).
Note: An optional access list number can be specified, in which case
debugging information is displayed only if the IP packet matches this access
list. Also, the optional detail keyword displays more detailed information,
including Open Systems Interconnection (OSI) layer 4 packet contents. The
vrf option displays debugging information of the specified VRF only,
otherwise it displays the information corresponding to the global VRF, which
is the default.
vrf <WORD> specifies packets from the specified VRF
1-199 access list number
1300-2699 extended access list number
detail display detailed IP packet debug information
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-101
Command Default
Disabled
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-102 Compass ID: 391459945 Version 2
debug ip policy
The debug ip policy command displays IP policy routing information. This command
can be used by an administrator to verify or troubleshoot IP policy routing
configuration, and if packets match the set criteria. Use the no debug ip policy
command to disable the debugging output.
The administrator defines a routing policy for VRFs on the BSR that is programmed
into certain VPN packet fields for the BSR to process and route properly.
Group Access
ISP
Command Mode
All modes except User EXEC
Command Line Usage
debug ip policy
no debug ip policy
Command Default
Disabled
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-103
debug mpls forwarding
The debug mpls forwarding command enables debugging for MPLS forwarding.
The no debug mpls forwarding disables debugging for MPLS forwarding.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls forwarding
no debug mpls forwarding
Command Default
Disabled
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-104 Compass ID: 391459945 Version 2
description
The description command is used to specify descriptive information for any interface
on the BSR. This information is limited to 80 characters and spaces cannot be used.
For example, if a particular cable interface served a certain section of a city, the
network administrator could specify the following description:
MOT:7A(config-if)#description charlestown_1
For example, if you want to define a VPN subinterface, the following description
could be specified:
MOT:7A(config-if)#description VPN1
Command Mode
Interface Configuration (all interface types) and Subinterface Configuration (which is
entered through a cable interface only)
Command Line Usage
description <LINE>
Command Syntax
Note: The entered description can be seen in the running configuration, and
in the command output of show commands such as the show ip interface
and show running-config commands.
LINE is the text that describes this interface
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-105
dhcp leasequery authorization on
The dhcp leasequery authorization on command enables the exchange of DHCP
lease query messages between the CMTS and a DHCP server. The no dhcp
leasequery authorization on command disables this exchange.
When an IP packet is either received from or destined to a Host/CPE which does not
have an entry in the BSRs DHCP Lease table, the DHCP Lease Query feature will
attempt to identify the Host/CPE. If the DHCP Lease Query attempt fails, packets
associated with this Host/CPE are discarded.
Group Access
System Administrator
Command Mode
Interface Configuration (cable interface only) and Subinterface Configuration (which
is entered through a cable interface only)
Command Line Usage
dhcp leasequery authorization on
no dhcp leasequery authorization on
Command Syntax
authorization authorization configuration
on turn on the authorization (Disables Proxy
ARP)
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-106 Compass ID: 391459945 Version 2
host authorization on
The host authorization on command is used to enforce the bind of the CM and CPE
and/or CPR MAC addresses to the IP address specified for them statically or through
DHCP once this command is enabled. The no host authorization on command
disables host authorization on the cable interface or cable subinterface.
The host authorization cpe on command creates a static entry for a specific CM and
CPE and the host authorization cpr on command creates a static entry for a specific
CM and CPR. The no host authorization cpe on command deletes a static host
authorization entry for a CPE and the no host authorization cpr on command deletes
a static host authorization entry for a CPR.
When enabled, host authorization secures the CMTS network by denying access to
any hacker who tries to take or spoof an IP address from any legitimate user on the
same CMTS network to steal their data service. The hacker accomplishes this by
changing the IP address on their PC to the IP address that the DHCP server specified
for a legitimate users CPE.
Group Access
ISP
Command Mode
Interface Configuration (cable and loopback interfaces only) and Subinterface
Configuration (which is entered through a cable interface only)
Command Line Usage
The following syntax can be used in Interface Configuration mode only:
host authorization [<mac> {cpe | cpr}] on
no host authorization [<mac> {cpe | cpr}] on
The following syntax can be used in Subinterface Configuration mode only:
host authorization on
no host authorization on
Command Syntax
Command Default
Disabled. This feature is enabled when Host Authorization is enabled.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-107
mac specifies the MAC address of the CM
cpe specifies a static entry for a specific CM and
CPE
mac specifies the MAC address of the CPE
cpr specifies a static entry for a specific CM and
Customer Premises Router (CPR)
mac specifies the MAC address of the CPR
on turn on the authorization (Disables Proxy
ARP)
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-108 Compass ID: 391459945 Version 2
interface
The interface command lets you select an interface or subinterface for configuration
purposes. Once selected, Interface Configuration mode or Subinterface Configuration
mode is accessed.
Subinterfaces can be used for both VPN Customer Networks and non-VPN Customer
Networks. Subinterfaces provide isolated IP-level network connections over the
physical cable interface on which it is associated.
Group Access
ISP
Command Mode
Global Configuration
Command Line Usage
interface {cable <X/Y.N> | ethernet <X/Y.N> | gigaether <X/Y.N> | loopback
<1-255> | pos <X/Y> | tunnel <0-255>}
Command Syntax
Note: When a subinterface is created on a cable interface, it inherits the
configuration parameter values of this cable interface.
cable <X/Y.N> specifies the cable interface slot and port
number and specifies a cable subinterface
number from 1 to 127
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-109
ethernet <X/Y.N> Ethernet slot and port, and optional
subinterface number from 1 to 255
On the SRM module, Ethernet interface 0 is a
10 Mbps management interface that does not
support the negotiation feature and is
associated with its corresponding port on the
SRM I/O module. Ethernet ports 1 and 2 are
typically used to support an external T1/E1
BITS clock and are associated with their
corresponding ports on the SRM I/O module.
gigaether <X/Y.N> specifies Gigabit Ethernet slot and port, and
optional subinterface number from 1 to 255
loopback 1-255 loopback interfaces are used to act as inbound
logical interfaces when physical interfaces go
down
pos <X/Y> provides two high speed OC3/OC12 SONET
interfaces
tunnel 0-255 a tunnel interface that is logical and used to
make point-to-point links between two
devices
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-110 Compass ID: 391459945 Version 2
ip access-group
The ip access-group command is used to apply an access list to an interface or
subinterface.
The no ip access-group command is used to remove an access-list from the interface
or subinterface.
Group Access
ISP
Command Mode
Interface Configuration and Subinterface Configuration (which is entered through a
cable interface only)
Command Line Usage
ip access-group {<1-199> <1300-2699> {in | out}
no ip access-group {<1-199> <1300-2699> {in | out}
Command Syntax
Command Default
No access groups defined.
Note: A packet may be discarded as the result of applying an access list.
1-199 standard number range from 1 to 199
1300-2699 extended number range from 1300 to 2699
in the access-list is applied to incoming packets
out the access-list is applied to the outgoing
packets
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-111
ip address
The ip address command is used to configure a primary or secondary IP address for
an interface on the BSR. The cm vrf argument is used with the ip address command
to configure the cable interfaces primary and secondary IP address that correctly
forwards cable interface traffic. The host-sub-interface, mta-sub-interface, and
voice-sub-interface arguments are used to correctly forward CPE, eMTA
provisioning, and VoIP traffic.
Secondary IP addresses can be configured after a primary IP address is configured.
The no ip address command deletes IP addresses from the interface. A primary IP
address cannot be deleted or changed unless all secondary IP addresses related to the
primary IP address are deleted.
Group Access
System Administrator
Command Modes
Interface Configuration
Command Line Usage
ip address <A.B.C.D> <A.B.C.D> [secondary] [mta] [host] [cm vrf <WORD>]
[host-sub-interface <NUM> | mta-sub-interface <NUM> | voice-sub-interface
<NUM>]
Note: The BSR supports up to a 30-bit subnetwork IP address mask on a
physical interface (32-bit subnetwork IP address mask on a loopback
interface) and supports a maximum of 4096 IP addresses across all
interfaces and subinterfaces. The BSR discards addresses beyond 4096 and
logs a message. The total number of IP addresses permitted for a cable
interface and all its subinterfaces is limited to 256. The BSR discards
addresses beyond 256 and logs a message.
A secondary IP address can be used in some applications as the CPE host or
MTA gateway IP address (giaddr). There are special options for configuring a
secondary IP address on the cable interface. Refer to Subneting DHCP
Clients on the Cable Interface in Chapter 6 of the BSR 64000 Configuration
and Management Guide for more information.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-112 Compass ID: 391459945 Version 2
no ip address <A.B.C.D> <A.B.C.D> [secondary] [mta] [host] [cm vrf <WORD>]
[host-sub-interface <NUM> | mta-sub-interface <NUM> | voice-sub-interface
<NUM>]
Command Syntax
A.B.C.D the IP address
A.B.C.D the subnet mask
secondary make this IP address the secondary IP address
mta designates an MTA for this secondary IP
address that provides VoIP services
host designates the specified secondary IP address
for a CPE device such as a PC
cm vrf VRF association of the cable interfaces
primary or secondary IP address to a range of
CPEs identification behind the CM
WORD is the VRF name
host-sub-interface
<NUM>
specified cable subinterface with or without
VRF association for forwarding traffic from
CPEs behind a CM.
mta-sub-interface
<NUM>
specified cable subinterface with or without
VRF association for forwarding eMTA
provisioning traffic.
voice-sub-interface
<NUM>
the specified cable subinterface with or
without VRF association for forwarding VoIP
traffic
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-113
ip extcommunity-list
The ip extcommunity-list command is used to filter routes based on the Extended
Communities Attribute in the path attribute associated with the routes. Extended
Community lists can be used with any types of BGP advertisement, but they are
usually used with VPN routes.
The no ip extcommunity-list command deletes the extended community list.
Group Access
System Administrator
Command Modes
Global Configuration
Command Line Usage
ip extcommunity-list <1-99> {permit | deny} [<REG>] [...{rt | soo}
{<AS-number:nn> | <IP-address:nn>}]
ip extcommunity-list <100-199> {permit | deny} <REG>
no ip extcommunity-list {<1-99> | <100-199>}
Command Syntax
1-99 standard list number that identifies one or
more permit or deny groups of extended
communities
100-199 expanded list number that identifies one or
more permit or deny groups of extended
communities
permit permits access for a matching condition
deny denies access for a matching condition
REG an ordered list as a regular expression, which
is an input string pattern to match against
rt specifies the Route Target (RT) extended
community attribute
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-114 Compass ID: 391459945 Version 2
Command Default
The community list defaults to an implicit deny for everything that fails to match
against any entry.
soo specifies the Site Of Origin (SOO) extended
community attribute
AS-number:nn/
IP-address:nn
specifies the extended community value for
the route target or site of origin. The value
can be one of the following combinations:
AS number:network number
IP address:network number
The colon separates the AS number and
network number or IP address and network
number.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-115
ip helper-address
The ip helper-address command determines the destination IP address where
specifically defined broadcast packets are forwarded when received on the configured
interface or subinterface. Specify the global argument when a DHCP server used by
the VPN subinterface is on a Global routing address space that is outside the
subinterface VPN. Specify the vrf argument when a DHCP server used by the VPN
subinterface is on a specific VPN.
The no ip helper-address command removes the IP address where broadcast packets
are forwarded.
Use the ip-helper address command to forward specific types of broadcast packets
received on an interface.
Group Access
ISP
Command Mode
Subinterface Configuration (which is entered through a cable interface only)
Command Line Usage
ip helper-address <A.B.C.D> [global]
no ip helper-address <A.B.C.D> [global | vrf <WORD>]
Command Syntax
Note: The global argument is only applicable when the ip helper-address
command is issued in Subinterface Configuration mode.
A.B.C.D destination broadcast/host address to be used
global specifies that the DHCP server is reachable
using the Global VRF, which is the default
vrf <WORD> name of a specific VPN
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-116 Compass ID: 391459945 Version 2
ip route
The ip route command is used to specify a static route when the router cannot
dynamically build a route to the specific destination or if the route must be in place
permanently. The no ip route command remove a static route. Using the vrf
argument allows you to specify a static IP route for the VRF.
Group Access
ISP
Command Mode
Global Configuration
Command Line Usage
Use the following command syntax for a static route:
ip route<A.B.C.D> <A.B.C.D> {<A.B.C.D> | null <0-0> | pos <X/Y> | tunnel
<0-255>} [<1-255> | [tag <1-4294967295>]
no ip route<A.B.C.D> <A.B.C.D> {<A.B.C.D> | null <0-0> | pos <X/Y> | tunnel
<0-255>} [<1-255> | [tag <1-4294967295>]
Use the following command syntax for a static VRF route:
ip route vrf <WORD> <A.B.C.D> <A.B.C.D> {<A.B.C.D> [global] | null <0-0>}
[<1-255> | tag <1-4294967295>]
no ip route vrf <WORD> <A.B.C.D> <A.B.C.D> {<A.B.C.D> [global] | null <0-0>}
[<1-255> | tag <1-4294967295>]
Command Syntax
vrf WORD the specified VRF
A.B.C.D static route destination prefix
A.B.C.D static route destination prefix mask
A.B.C.D the forwarding router's IP address
global resolves the forwarding routers IP address
reachability so that the Global VRF is used,
which is the default
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-117
Command Default
Administrative distance = 1
null 0-0 null slot and port, valid values 0 and 0
pos X/Y POS slot and port number
tunnel 0-255 tunnel interface number
1-255 administrative distance, default value 1
tag 1-4294967295 match value to control route-map
redistribution, valid values 1 to 4294967295
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-118 Compass ID: 391459945 Version 2
ip unreachables
The ip unreachables command enables processing of an ICMP unreachable message
when the BSR cannot deliver a received packet. The no ip unreachables command
disables ICMP unreachable message processing when the router cannot deliver a
received a packet.
Group Access
ISP
Command Mode
Interface Configuration and Subinterface Configuration (cable interface only)
Command Line Usage
ip unreachables
no ip unreachables
Command Default
Enabled
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-119
ip vrf forwarding
Use the ip vrf forwarding command to associate a VRF with an interface.
Use the no ip vrf forwarding command to delete a loopback interface VRF or a
subinterface VRF. When subinterface VRF is deleted or changed, the following
occurs:
All IP addresses on the subinterface or loopback interface are deleted.
All the routes (including static routes) reachable through the subinterface are
deleted in their respective VRF (static routes are removed from the
configuration).
All the associated MPLS forwarding entries (of the deleted routes) are deleted.
Routing updates (MP-BGP UNREACH-NLRIs) are sent to withdraw all the
deleted routes from BGP peers.
Records of all the associated CMs, their ARP entries and ARP entries of all the
associated CEs and/or hosts are deleted. All subinterface bundling slave
interfaces are also deleted.
All the traffic to and from the CMs will be discarded. All subinterface bundling
slave interfaces are also deleted.
Group Access
ISP
Command Mode
Interface Configuration (loopback interface only) and Subinterface Configuration
(cable interface only)
Command Line Usage
ip vrf forwarding <WORD>
no ip vrf forwarding <WORD>
Command Syntax
WORD the VRF name
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-120 Compass ID: 391459945 Version 2
ip vrf
The ip vrf command creates a VRF for each VPN on the BSR by giving it a name.
Once the VRF name is specified, VRF Configuration mode is entered and both the
Route Distinguisher (RD) and route target parameters can be configured.
The no ip vrf command deletes the VRF.
Group Access
All
Command Mode
Global Configuration mode
Command Line Usage
ip vrf <WORD>
no ip vrf <WORD>
For example:
MOT:7A(config)#ip vrf VPN1
MOT:7A(config-vrf)#
Command Syntax
Command Default
Disabled
Note: One VRF is required for each VPN and the BSR supports a maximum
of 127 VRFs.
vrf <WORD> the specified VRF.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-121
ip policy route-map
The ip policy route-map command identifies a route map used for policy routing on
an interface for packets that need to take a route other than the apparent shortest path.
Each route-map command has a list of match and set arguments associated with it.
The match commands specify the match criteria that are the conditions under which
policy routing is allowed for the interface. The set arguments specify the set actions,
which are the policy routing actions performed if the criteria enforced by the match
arguments are met. Policy routing can be performed on any match criteria that can be
defined in an extended IP access list when using the match ip address command and
referencing an extended IP access list.
The no ip policy route-map command disables policy routing on the interface and
deletes the pointer to the route map.
Group Access
All
Command Mode
Interface Configuration and Subinterface Configuration (entered through the cable
interface only)
Command Line Usage
ip policy route-map <WORD>
no ip policy route-map <WORD>
Command Syntax
Command Default
No policy routing occurs on the interface.
WORD specifies the route map name used for policy
routing. The name must match a map-tag
value specified by a route-map command.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-122 Compass ID: 391459945 Version 2
maximum-prefixes
The maximum-prefixes command allows more or less routes per VRF instance.
When the default or configured route limit is exceeded, a log message is generated
and any additional route is rejected.
The no maximum-prefixes command returns the default setting.
Group Access
All
Command Mode
VRF Configuration mode
Command Line Usage
maximum-prefixes <NUM>
no maximum-prefixes <NUM>
Command Syntax
Command Default
4096
NUM the maximum number of routes from 16 to
16384.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-123
neighbor activate
The neighbor activate command enables the address family for this BGP neighbor.
Group Access
All
Command Mode
VPN-IP Version 4 Configuration and IP Version 4 Configuration
Command Line Usage
neighbor <A.B.C.D> activate
no neighbor <A.B.C.D> activate
Command Syntax
Command Default
Disabled
A.B.C.D neighbor IP address
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-124 Compass ID: 391459945 Version 2
neighbor confed-segment
The neighbor confed-segment command is used in Router Configuration mode to
convert each segment of type AS_CONFED_SEQUENCE or AS_CONFED_SET in
the AS_PATH attribute to the same segment type for outbound updates. This
command is intended for the neighbors which are not capable to recognize on of the
values.
Group Access
All
Command Mode
Router Configuration mode (in the BGP routing protocol)
Command Line Usage
neighbor <A.B.C.D> confed-segment {sequence | set}
no neighbor <A.B.C.D> confed-segment {sequence | set}
Command Syntax
Command Default
Disabled
A.B.C.D BGP neighbor IP address
sequence convert to AS_CONFED_SEQUENCE
(rfc3065: value 3)
set convert to AS_CONFED_SET (rfc3065:
value 4)
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-125
neighbor send-community extended
The neighbor send-community extended command advertises community attributes
to this neighbor.
Group Access
All
Command Mode
VPN-IP Version 4 Configuration and IP Version 4 Configuration
Command Line Usage
neighbor <A.B.C.D> send-community [both | extended | standard]
no neighbor <A.B.C.D> send-community [both | extended | standard]
Command Syntax
Command Default
standard
A.B.C.D neighbor IP address
both send standard and extended community
attributes
extended send extended community attribute
standard send standard community attribute
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-126 Compass ID: 391459945 Version 2
ping
The ping command sends an Internet Control Message Protocol (ICMP) echo request
to a remote host that reports errors and provides information relevant to IP packet
addressing.
Use the ping command to check host reachability and network connectivity, or to
confirm basic network connectivity.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
ping [vrf <WORD>] {<A.B.C.D> | Hostname} [size <40-65515] [<1-65535>]
[timeout <1-1024>] [source <A.B.C.D>] [tos <0-255>] [ttl <0-255>] [df]
Command Syntax
vrf specifies which VRF that is used to ping the
host
WORD the VRF name
A.B.C.D IP address of the remote system to ping
Hostname name of the remote system to ping
size 1-165535 size of the echo message in bytes,
1-65535 number of ping requests to send
timeout 1-1024 timeout in seconds
source A.B.C.D source IP address to use to send the ping
request
tos 0-255 the type of service of the ping packets
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-127
ttl 0-255 time-to-live value in seconds
df sets the "dont fragment" IP flag in the
outgoing ping IP header
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-128 Compass ID: 391459945 Version 2
rd
The rd command is required to create a default Route Distinguisher (RD) for the
specified VRF. The 8-byte RD is added to a VPN Customer Network's IP address to
create a globally unique Internet Protocol Version 4 (IPv4) address. The BSR uses
this IPv4 address to route data traffic over the VPN, and allow Customer Networks to
use their existing IP address scheme for their routers and host equipment. An RD can
be either an AS number equivalent that combines an AS number and an arbitrary
number, or it is an IP address equivalent, that combines an IP address and an arbitrary
number.
You can enter an RD in either of these formats:
16-bit AS number: your 32-bit number
For example, 101:3
32-bit IP address: your 16-bit number
For example, 192.168.122.15:1
Group Access
MSO
Command Mode
VRF Configuration mode
Command Line Usage
rd [<AS-number:nn> | <IP-address:nn>]
Command Syntax
Command Default
No default.
Note: An RD cannot be deleted or changed. To change the RD, the VRF
must be deleted. Refer to Configuring CM Subnets on a Cable Interface on
page 1-68 for more information. After the VRF is deleted, refer to Creating a
VRF on page 1-17 to reconfigure the RD.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-129
AS-number:nn The Administrator subfield is an AS number
from a public ASN space (specified for a
Provider Network by the Internet Assigned
Numbers Authority (IANA). The number
format of this ASN is a 16-bit number
followed by a colon and a 32-bit number.
For example: 200:10
IP-address:nn The Administrator subfield is an IPv4 address
from a Global address space. The Type 1 RDs
use the loopback address of the BSR and
selects a number that is local to that BSR. The
number format is a 32-bit IP address followed
by a colon and a 16-bit number.
For example: 152.10.2.1:3
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-130 Compass ID: 391459945 Version 2
redistribute
The redistribute command redistributes connected or static routes into BGP in a
VPN configuration.
The no redistribute command disables the redistribution of connected or static routes
into BGP in a VPN configuration.
Group Access
ISP
Command Mode
Address Family IPv4 VRF Configuration mode is a sub-mode under BGP Router
Configuration mode. The following example shows how to access Address Family
IPv4 VRF Configuration mode from Global Configuration mode:
MOT:7A(config)#router bgp 100
MOT:7A(config-bgp)#address-family ipv4 vrf VPN_A
MOT:7A(config-bgp-af-ipv4-vrf-VPN_A)#
Command Line Usage
redistribute {connected | static} [metric <0-4294967295>] [weight <0-65535>]
[route-map <WORD>]
no redistribute {connected | static} [metric <0-4294967295>] [weight <0-65535>]
[route-map <WORD>]
Command Syntax
connected connected routes in the VRF
static static routes in the VRF
metric 0-4294967295 metric value used for the redistributed route.
route-map WORD the name of the route-map used to
conditionally control the route redistribution
weight 0-65535 set a network weight value when
redistributing into BGP
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-131
route-target
The route-target command creates a list of import, export, or both (import and
export) Route Target Extended Communities (RTEC) for a VRF. Import RTECs are
used to select routes to be imported into the VRF, while Export RTECs are used to tag
routes that originate from the VRF.
The no route-target command removes the RTEC.
Group Access
ISP
Command Mode
VRF Configuration mode
For example, VRF Configuration mode is accessed by using the ip vrf command and
specifying the VRF name from Global configuration mode:
MOT:7A(config)#ip vrf VPN_1
MOT:7A(config-vrf)#
Command Line Usage
route-target {import | export | both} {<AS-number:nn> | <IP-address:nn>}
[...<AS-number:nn> | <IP-address:nn>]
no route-target {import | export | both} {<AS-number:nn> | <IP-address:nn>}
[...<AS-number:nn> | <IP-address:nn>]
Command Syntax
Note: Local routes in one VRF instance can be imported into another VRF
instance using export and import route targets. When configuring a Route
Target for a VRF, do not configure route targets of VRFs so that an export
route target of one VRF matches an import route target of another VRF on
the same BSR 64000.
both RTECs used for both importing and exporting
import RTEC used for importing
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-132 Compass ID: 391459945 Version 2
export RTEC used for exporting
AS-number:nn |
IP-address:nn
The RTEC format can be either a 16-bit AS
number followed by a colon and a 32-bit
arbitrary number (200:10) or 32-bit IP
address followed by a colon and a 16-bit
arbitrary number (152.10.2.1:3)
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-133
show cable modem
In a VPN configuration, the show cable modem command can be used to see detailed
information that describes the physical cable interface to which a CM is connected.
Refer to the BSR 64000 Command Reference Guide for more information on how the
the show cable modem command can be used to gather more CM statistical
information.
The following show cable modem vrf and show cable modem all-vrfs command
output fields describe the association between CMs and CPEs/MTAs:
The following is an example of typical screen output from the show cable modem
all-vrfs command:
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show cable modem [vrf <WORD> | all-vrfs | summary vrf <WORD>]
CM MAC CM MAC address
CM IP CM IP address
HOST/MTA CPE host or MTA device.
Sub-if Cable subinterface on which the CM host
or MTA resides.
VRF The VRF to which the CM host or MTA
belongs
MOT:7A#show cable modem all-vrfs
CM MAC CM IP HOST/MTA Sub-if VRF
0011.8059.eda0 150.34.22.11 HOST 2/1.4 VPN_ISP1
0011.8059.eda0 150.34.22.11 MTA 2/1.3 VPN_VOICE
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-134 Compass ID: 391459945 Version 2
Command Syntax
vrf <WORD> VRF associated with a CM
all-vrfs all VRFs associated with a CM
summary vrf <WORD> displays the subinterface(s) and total
number of CMs associated with a
specified VRF
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-135
show host authorization
The show host authorization command displays the static, dynamic, leased, VRF
and non-VRF host authorization entries for CMs and CPEs. If the vrf argument is
used, it displays only the host authorization entry for the specified VRF.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show host authorization [<0-15> | cpe [leased [vrf <WORD>] | static [vrf
<WORD>]] | vrf [<vrf-name>] | summary [<0-15>]] {<WORD>}]
Command Syntax
0-15 Display host authorization entries for a BSR
module.
cpe Display dynamically configured host
authorization entries for a CPE.
leased Display leased host authorization entries for a
CPE.
vrf <WORD> Display the specified VRFs host
authorization entries for leased CPEs.
static Display statically configured host
authorization entries.
vrf <WORD> Display the specified VRFs static host
authorization entries.
vrf <WORD> Display the specified VRFs host
authorization entries.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-136 Compass ID: 391459945 Version 2
summary Display a summary of all host authorization
entries on the BSR.
0-15 Display a summary of host authorization
entries for a BSR module.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-137
show host unauthorized cpe
The show host unauthorized cpe command displays the list of hosts/CPEs that are
unauthorized due to a failed DHCP lease query response. Command output is only
displayed when host authorization is enabled.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show host unauthorized cpe [vrf <WORD>]
Command Syntax
vrf <WORD> Displays unauthorized hosts/CPEs for the
specified VRF.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-138 Compass ID: 391459945 Version 2
show interfaces
Use the show interfaces command to display the status and statistics for the network
interfaces, including subinterfaces associated with a cable interface. Use the show
interfaces command without the slot and interface argument to display all interfaces.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show interfaces [accounting | cable <X/Y.N> [configuration | downstream <NUM>
| stats | upstream <NUM>] | ethernet <X/Y.N> | gigaether <X/Y.N> | loopback
<1-255> | pos <X/Y> | tunnel <0-255>]
Command Syntax
accounting the number of packets for each protocol type
that has been sent through an interface
cable <X/Y.N> specifies a cable interface slot and port
number, and specifies the cable subinterface
number from 1 to 127.
configuration lists the entire configuration for this cable
interface.
downstream <NUM> downstream port number associated with a
cable interface
stats statistics for all upstream ports associated
with this cable interface
upstream <NUM> upstream port number associated with a cable
interface
ethernet <X/Y.N> Ethernet slot and port, and optional
subinterface number from 1 to 255
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-139
gigaether <X/Y.N> Gigabit Ethernet slot and port, and optional
subinterface number from 1 to 255
loopback <1-255> specifies loopback interface number
pos <X/Y> Packet-over-SONET interface slot and port
number
tunnel <1-255> specifies tunnel interface number
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-140 Compass ID: 391459945 Version 2
show ip arp
The show ip arp command displays the Internet Protocol (IP) Address Resolution
Protocol (ARP) cache table entries for VRF tables, individual interfaces or all
interfaces on the BSR. Each ARP entry describes the protocol type, IP address to
MAC address binding, age time, ARP type, and interface location and type. Use the
additional command arguments to filter the output information you want to receive.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip arp [vrf <WORD> | <A.B.C.D> | <H.H.H> | Hostname | ethernet <X/Y.N> |
gigaether <X/Y.N> | cable <X/Y.N>]
Command Syntax
vrf displays entries for a specific VRF
WORD VRF name
A.B.C.D displays entries matching IP address
H.H.H displays entries showing a 48 bit MAC
address
Hostname displays entries matching a hostname. The
hostname must be programmed locally using
the ip host command. It will not be resolved
through a DNS query.
cable X/Y display cable interface ARP entries for a
specified BSR slot and port number or cable
subinterface number
.N specifies the cable subinterface number from
1 to 127
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-141
ethernet X/Y.N ARP entries for a specified Ethernet slot and
port, and optional subinterface number from 1
to 255
gigaether X/Y.N ARP entries for a specified Gigabit Ethernet
slot and port number, and optional
subinterface number from 1 to 255
vrf <WORD> displays ARP cache table entries for the
specified VRF
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-142 Compass ID: 391459945 Version 2
show ip dhcp stats
The show ip dhcp stats command displays message exchange counts between the
DHCP server on the BSR upstream and downstream ports for cable modules and
VRFs.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip dhcp stats [<NUM>] [vrf <WORD>]
Command Syntax
NUM Cable module slot number.
vrf <WORD> Displays DHCP server statistical information
for the specified VRF.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-143
show ip extcommunity-list
The show ip extcommunity-list command displays details of configured extended
community access list(s).
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip extcommunity-list [<1-99> | <100-199>]
Command Syntax
1-99 Specifies a standard extended community
access list number.
100-199 Specifies an extended community access list
number from the expanded range.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-144 Compass ID: 391459945 Version 2
show ip filters
The show ip filters command displays a variety of filter and routing policy
information entries for the POS OC-3/0C12, Multi-Mode Gigabit Ethernet (SX),
Single-Mode Gigabit Ethernet (LX), or 10/100 Ethernet Network Interface Modules
(NIMs).
The following explains the show ip filters command output fields:
Type Displays inbound or outbound filtering on the
BSR or policy routes that are forwarded
through the BSR.
VRF Displays the VRF name. If this field is blank,
no VRF filters are configured.
Dest IP address Displays the destination IP address filtered
access list.
Src IP address Displays the source IP address of a filtered
access list.
Pro Displays the first three characters routing
protocol acronym.
For example, OSPF would be displayed as
OSP.
SP/Type Displays TCP or UDP Source Port (SP) or
ICMP Type.
DP/Code Displays TCP or UDP Destination Port (DP)
or ICMP Code.
DS Displays Differentiated Service (DS).
Interface Displays the interface on which the policy or
filtering is applied.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-145
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip filters [acl | hitCount <slottype:hsim> | icmp | policy | tunnel | srm |
summary | vrf |]
Command Syntax
FT Displays the Flow (classification) Type (FT).
Flow types include the following:
NL = Null Filter, SM = Send To Srm, UA =
Unresolved ARP, AP = Access List Permit,
AD = Access List Deny, PR = ACL Permit
Range, DR = ACL Deny Range, IR = ICMP
Redirect, IU = ICMP Unreachable, TL = Ip
Tunnel Loopback, TE = Ip Tunnel
Decap(sulate), TN = Ip Tunnel Encap(sulate),
PP = Policy Route Permit, PD = Policy Route
Deny, PT = Policy Tunnel, IG = Ignore CAM
use LME, PU = Ip to Mpls Push.
QId Displays the outgoing QoS queue ID number
(0-7).
Def Displays if it is the default set filter or policy.
acl Access list.
hitCount The number of instances forwarded packets
meet the criteria of an access list.
slottype:hsim The HSIM slot number.
icmp ICMP filters.
policy Policy Routing.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-146 Compass ID: 391459945 Version 2
srm Send filters to SRM to troubleshoot
problems. For example, it can be used in
instances when ARP is unresolved.
summary Displays a summary of all the fast path filters.
tunnel IP Tunneling.
vrf Select a VRF routing or forwarding instance
(VRF) name.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-147
show ip filters summary
The show ip filters summary command displays a summary statistics for IP filters
for the POS OC-3/0C12, Multi-Mode Gigabit Ethernet (SX), Single-Mode Gigabit
Ethernet (LX), or 10/100 Ethernet Network Interface Modules (NIMs).
The following explains the show ip filters summary command output fields:
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip filters summary
Flow Classification
Type
Displays the Flow (classification) Type (FT).
Flow types include the following:
NL = Null Filter, SM = Send To Srm, UA =
Unresolved ARP, AP = Access List Permit,
AD = Access List Deny, PR = ACL Permit
Range, DR = ACL Deny Range, IR = ICMP
Redirect, IU = ICMP Unreachable, TL = Ip
Tunnel Loopback, TE = Ip Tunnel
Decap(sulate), TN = Ip Tunnel Encap(sulate),
PP = Policy Route Permit, PD = Policy Route
Deny, PT = Policy Tunnel, IG = Ignore CAM
use LME, PU = Ip to Mpls Push.
Number of Filters Displays the number of filters applied to each
Flow Classification Type.
Slot Displays which BSR module slots are being
filtered.
Number of Filters Displays the number of filters applied to each
BSR module slot.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-148 Compass ID: 391459945 Version 2
show ip forwarding-table
The show ip forwarding-table command displays all VRFs and other routing
forwarding table entries for the POS OC-3/0C12, Multi-Mode Gigabit Ethernet (SX),
Single-Mode Gigabit Ethernet (LX), or 10/100 Ethernet Network Interface Modules
(NIMs).
The following explains the show ip forwarding-table command output fields:
Group Access
All
Command Mode
All modes except User EXEC
VRF VRF routing or forwarding instance (VRF)
name.
Ip Address/Prefix The IP address of a route on the MPLS NIM
interface(s).
Phys If The physical interface slot and port number
on which the routes traverse.
RT Displays one of the following Route Types:
NL = Null Route, LI = Local Interface, BC =
Subnet Broadcast, NA = Directly Connected
Need ARP, WA = Directly Connected With
ARP, GW = Gateway Route,
CH = CMTS Host Route, CI = cable interface
Route, LN = Local Interface Network Route,
CR = CMTS Route, TL = Tunnel Route, PU
= IP to MPLS Push,
2P = IP to MPLS 2 Push.
Gateway Displays the Gateway IP address.
Mac Address Displays the physical MAC layer address of
the NIM interface.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-149
Command Line Usage
show ip forwarding-table [<A.B.C.D> | hitCount <slottype:hsim> | mpls |
summary | tunnel | vrf <WORD>]
Command Syntax
A.B.C.D The destination prefix for the NIM routing
interface.
hitCount The number of instances forwarded packets
meet the criteria of an access list.
slottype:hsim The HSIM slot number.
tunnel IP Tunneling.
vrf Select a VRF routing or forwarding instance
(VRF) name.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-150 Compass ID: 391459945 Version 2
show ip forwarding-table mpls
The show ip forwarding-table mpls command displays VRF and other routing
forwarding table entries for the BGP/MPLS VPN Interface Module (NIM)
interface(s).
The following explains the show ip forwarding-table mpls command output fields:
Group Access
All
Command Mode
All modes except User EXEC
VRF VRF routing or forwarding instance (VRF)
name.
Ip Address/Prefix The IP address of a route on the MPLS NIM
interface(s).
Phys If The physical interface slot and port number
on which the routes traverse.
RT Displays one of the following Route Types:
PU = IP to MPLS Push,
2P = IP to MPLS 2 Push
Gateway Displays the Gateway IP address.
Mac Address Displays the physical MAC layer address of
the NIM interface.
Label 1 Displays the first MPLS label number, which
is used to identify an LSP that carries the
VPN traffic from the CPE to the PE.
Label 2 Displays the second MPLS label number,
which is used to identify the optimal path
between the PE (BSR) and the network
core.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-151
Command Line Usage
show ip forwarding-table mpls [hitCount <slottype:hsim>]
Command Syntax
hitCount The number of instances forwarded packets
meet the criteria of an access list.
slottype:hsim The HSIM slot number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-152 Compass ID: 391459945 Version 2
show ip forwarding-table summary
The show ip forwarding-table summary command displays a summary and total of
all VRF and other routing forwarding table entries for the POS OC-3/0C12,
Multi-Mode Gigabit Ethernet (SX), Single-Mode Gigabit Ethernet (LX), or 10/100
Ethernet Network Interface Modules (NIMs).
The following explains the show ip forwarding-table summary command output
fields:
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip forwarding-table summary
Route Type Displays one of the following Route Types:
Null Route, Local Interface, Subnet
Broadcast, Directly Connected Need ARP,
Directly Connected With ARP, Gateway
Route, CMTS Host Route, cable interface
Route, Local Interface Network Route,
CMTS Route, Tunnel Route, IP to MPLS
Push, IP to MPLS 2 Push.
Networks Displays the number of networks for each
Route Type.
equal-cost multi-path
routes
Displays the number of OSPF equal-cost
multi-path routes on the network. OSPF finds
and uses these types of routes to load share
traffic to a destination.
Slot NIM slot number on the BSR.
Networks The number of networks that are associated
with this NIM.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-153
show ip forwarding-table tunnel
The show ip forwarding-table tunnel command displays all tunnel route entries on
the POS OC-3/0C12, Multi-Mode Gigabit Ethernet (SX), Single-Mode Gigabit
Ethernet (LX), or 10/100 Ethernet Network Interface Modules (NIMs).
The following explains the show ip forwarding-table tunnel command output fields:
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip forwarding-table tunnel [hitCount <slottype:hsim>]
VRF VRF routing or forwarding instance (VRF)
name.
Ip Address/Prefix The IP address for the route.
Phys If The physical interface slot and port number
on which the routes traverse.
RT Displays the Route Type, which is TL for
Tunnel Route.
Gateway Displays the Gateway IP address.
Mac Address Displays the physical MAC layer address of
the NIM interface.
Tunnel Src The source tunnel interface number.
Tunnel Destin. The destination tunnel number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-154 Compass ID: 391459945 Version 2
Command Syntax
hitCount The number of instances forwarded packets
meet the criteria of an access list.
slottype:hsim The HSIM slot number.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-155
show ip forwarding-table vrf
The show ip forwarding-table vrf command displays entries for the specified VRF.
The following explains the show ip forwarding-table vrf command output fields:
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip forwarding-table vrf <WORD> [hitCount <slottype:hsim>]
VRF VRF routing or forwarding instance (VRF)
name.
Ip Address/Prefix The IP address of the route on the MPLS
NIM interface(s).
Phys If The physical interface slot and port number
on which the routes traverse.
RT Displays one of the following Route Types:
NL = Null Route, LI = Local Interface, BC =
Subnet Broadcast, NA = Directly Connected
Need ARP, WA = Directly Connected With
ARP, GW = Gateway Route,
CH = CMTS Host Route, CI = cable interface
Route, LN = Local Interface Network Route,
CR = CMTS Route, TL = Tunnel Route, PU
= IP to MPLS Push, 2P = IP to MPLS 2 Push.
Gateway Displays the Gateway IP address.
Mac Address Displays the physical MAC layer address of
the NIM interface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-156 Compass ID: 391459945 Version 2
Command Syntax
WORD Select a VRF routing or forwarding instance
(VRF) name.
hitCount The number of instances forwarded packets
meet the criteria of an access list.
slottype:hsim The HSIM slot number.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-157
show ip interface
The show ip interface command displays the status, statistical information, and
configuration for the interfaces and subinterfaces. The show ip interface command
issued without any command arguments displays status, statistical information, and
configuration for all interfaces and subinterfaces.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip interface [brief] [ethernet <X/Y.N> | cable <X/Y.N> | gigaether <X/Y.N> |
pos <X/Y> | loopback <1-255> | tunnel <0-255>]
Command Syntax
brief provides a brief summary of IP status and
configuration information for a specific
interface or all interfaces
cable X/Y cable interface slot and port number.
.N specifies the cable subinterface number from
1 to 127
ethernet X/Y.N Ethernet slot and port, and optional
subinterface number from 1 to 255
gigaether X/Y.N Gigabit Ethernet interface slot and port
number, and optional subinterface number
from 1 to 255
pos X/Y Packet-over-SONET interface slot and port
number
loopback 1-255 loopback port number
tunnel 0-255 tunnel port number
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-158 Compass ID: 391459945 Version 2
show ip protocols
The show ip protocols command is used for debugging routing activity and processes
by displaying the status of all routing protocol processes currently configured on the
system.
The following provides a sample of the show ip protocols command output:
Group Access
All
Command Mode
Privileged EXEC
MOT:7A#show ip protocol

Bgp default capabilities: ipv4-unicast route-refresh
Timers: keepalive 10 hold 30
Client-to-client reflection is enabled
Default local-preference 100

For global vrf

Neighbor AS Neighbor AS Neighbor AS
10.110.1.2 100 41.41.41.1 100 43.43.43.1 100

For address family ipv4
-----------------------
Outgoing update filter list for all interfaces is not set
Incoming update filter list for all interfaces is not set
Distance: external 20 internal 200 local 200
Automatic route summarization is disabled
Maximum path: 2
IGP synchronization is enabled

Neighbor AS FltI FltO DisI DisO Wght
10.110.1.2 100
41.41.41.1 100
Routing Protocol is bgp 100
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-159
Command Line Usage
show ip protocols [summary | bgp]
Command Syntax
summary Display a summary of system routing
protocol processes.
bgp Display a summary of the BGP routing
protocol processes.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-160 Compass ID: 391459945 Version 2
show ip redistribute
The show redistribute command displays the routing protocols that are being
redistributed to other routing protocol domains on the BSR.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip redistribute [bgp | isis | ospf | rip] [all-vrfs | global | vrf <WORD>]
Command Syntax
bgp Displays routing domains redistributed into
BGP.
isis Displays routing domains redistributed into
ISIS.
ospf Displays routing domains redistributed into
OSPF.
rip Displays routing domains redistributed into
RIP.
all-vrfs Displays the redistribution information for all
non-Global VRFs.
global Displays redistribution information for
Global VRFs only.
vrf <WORD> Specifies the VRF name for which
redistribution information is displayed.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-161
show ip route vrf
The show ip route vrf command displays VPN Routing Forwarding (VRF) table
information.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip route vrf <WORD> [<A.B.C.D> [<A.B.C.D>] | bgp | connected | hostname
| static | summary]
Command Syntax
A.B.C.D Displays a specific route associated with this
VRF.
A.B.C.D Optional network mask.
vrf <WORD> The specified VRF name.
bgp Displays BGP routes.
connected Displays connected routes.
hostname Internet DNS hostname of the VRF.
static Displays all static routes.
summary Displays a summary of the number of routes
per routing protocol.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-162 Compass ID: 391459945 Version 2
show ip traffic
The show ip traffic command displays IP, ICMP, UDP, TCP, ARP, OSPF, IGMP,
DVMRP, PIM, RADIUS, and VRF protocol packet statistics, depending on what
protocols are in use on the BSR.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip traffic [all-vrfs | vrf <WORD>]
Command Syntax
all-vrfs Displays packet statistics for all VRFs.
vrf WORD Displays packet statistics for a single VRF.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-163
show ip vrf
Use the show ip vrf command to display the following status information about VPN
Routing and Forwarding tables (VRFs) configured on the BSR.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show ip vrf [brief | detail | id | interface] [<WORD>]
List of subinterfaces displays each cable module slot number, port
number and subinterface for a VPN
vrf displays the VPN name that is associated with
the subinterface
description displays the description that has been
specified for each subinterface
status displays whether the subinterface is enabled
(up) or disabled (down)
primary address displays the subinterface primary IP address
VPNID specifies the VPN ID specified for the VRF
Export specifies VPN route-target export
communities
Import specifies VPN route-target import
communities
Protocol displays the state of the protocol (up or down)
for each VRF interface
Name specifies the VRF name
RD specifies the route distinguisher
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-164 Compass ID: 391459945 Version 2
Command Syntax
brief displays concise information on the VRFs and
associated interfaces
detail displays detailed information on the VRFs
and associated interfaces
id displays all the VPN IDs that are configured
on the BSR (PE router), their associated VRF
names, and VRF Route Distinguishers (RDs).
If a VRF in the PE router has not been
specified with a VPN ID, the VRF entry is not
included in the output
interface displays detailed information about all
interfaces bound to a particular VRF or any
VRF
WORD displays all the subinterfaces on the BSR that
are associated with a specified VRF name
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-165
show l2-cam
The show l2-cam command displays the BSRs Layer2 Content Addressable
Memory (L2 CAM).
The following provides a key for the various show l2-cam command output fields:
Note: The "l2" portion of the command syntax command contains a lower
case "L" not a 1.
Index The label specified by this router.
PID Port ID. The BSR module slot and port
number.
IP Address/Mask IP address.
Type Identifies either the Provider (P) or PE router.
Label MPLS label.
PRI Shows the frame priority level which is used
for prioritizing traffic and is capable of
representing 8 levels (0-7).
CFI Canonical Format Indicator (CFI) is a 1 bit
field. If the value of this field is 1 then the
MAC address is in non canonical format and
if the value is 0 then the MAC address is in
Canonical format.
VLAN VLAN ID number.
TP This field is reserved by Motorola.
BEN Layer 2 Bridge enabled. 0 indicates disabled.
1 indicates enabled.
EN Routing is enabled. 0 indicates disabled. 1
indicates enabled.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-166 Compass ID: 391459945 Version 2
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show l2-cam {ip | label | mac [<NUM>]} [ { | begin | exclude | include} {<WORD>}
[ | count | count-only}]]
show l2-cam {ip | label | mac [<NUM>]} [ | {count | count-only}]
Command Syntax
PT Enabled (Preserve) Type of Service (TOS). 0
indicates disabled. 1 indicates enabled.
TOS Type of Service value.
VRF The VRF name.
EIID/IIID Egress or Ingress Interface ID.
IIID Ingress Interface ID.
ILID Ingress Logical ID.
MAC Address The MAC address (not valid for POS) of the
BSR module slot and port number.
ip Display the Internet Protocol table, including
bridging (VLAN tagging) entries.
label Display leased host authorization entries for a
CPE.
mac Display the MAC address table, including
VRF host authorization entries for all leased
CPEs.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-167
<NUM> BSR module number. Displays MAC entries
associated with this module or VRF host
authorization entries for leased CPEs
associated with this module.
| Turns on output modifiers (filters).
begin Filter for output that begins with the specified
string.
count Count lines outputted.
count-only Count lines outputted while suppressing
output.
exclude Filter for output that excludes the specified
string.
include Filter for output that includes the specified
string.
WORD The specified string.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-168 Compass ID: 391459945 Version 2
show mpls forwarding-table
The show mpls forwarding-table command displays the LSP forwarding table
including the route label type and network. The following information is provided:
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls forwarding-table [hitCount | summary | vrf <WORD>]
Label IN The label specified by this router.
Label OUT The label specified by next hop.
Mtu The maximum transmission unit (MTU) of
labeled packet.
Phys If The interface through which packets with this
label are sent.
RT The forwarding flow classification type:
PU = MPLS Label Push
SW = MPLS Label Switch
PO = MPLS Label Pop
IP = MPLS Label to IP
LS = MPLS Label To SRM
Next Hop Ip The IP address of the neighbor that specified
the outgoing label.
MAC Address The MAC address (not valid for POS).
QId The QoS queue ID.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-169
Command Syntax
hitCount Entry hit count.
summary Summarize Fast Path MPLS labels.
vrf <WORD> The specified VRF.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-170 Compass ID: 391459945 Version 2
show mpls traffic
The show mpls traffic command displays the following BGP/MPLS VPN traffic
information:
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls traffic [vrf <WORD> | <all-vrfs>]
total the total number of MPLS packets that have been
received
header errors counted when a MPLS packet is discarded because of
error in the packet header
bad hop count counted when a MPLS packet is discarded because its
time-to-live (TTL) field was decremented to zero
runt counted when a MPLS packet length is too small to
hold a single label
unreachable counted when a MPLS packet is discarded because its
nextHop is unreachable
no lsp counted when there is no LSP established to forward
the incoming MPLS packet
other error counted when a MPLS packet is discarded without
processing, such as when MPLS forwarding is not
enabled on this router or for some other reason
forwarded the total number of MPLS packets that have been sent
drop the total number of MPLS packets that have been
dropped
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-171
Command Syntax
vrf <WORD> specific VRF
all-vrfs statistics of all VPNs
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-172 Compass ID: 391459945 Version 2
shutdown
The shutdown command disables an interface or subinterface. An administrator may
decide to shut down an interface when some configuration tasks require it.
All interfaces, including VPN subinterfaces on the BSR are in a shut down state by
default and must be enabled by using the no shutdown command so that they can
function.
Group Access
System Administrator
Command Mode
Interface Configuration and Subinterface Configuration (entered through the cable
interface only)
Command Line Usage
shutdown
no shutdown
Note: Use the show interface command to display which interfaces are
enabled or disabled.
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-173
show stats cmts
The show stats cmts command displays the following upstream and downstream
statistical information for both the cable interface and cable subinterface:
Upstream Statistics
Downstream Statistics
cable upstream cable location
upstream up/
administratively down
upstream interface administrative status
Received broadcasts upstream interface broadcast packets received
Received multicasts upstream interface multicast packets received
Received unicasts upstream interface unicast packets received
discarded upstream interface discarded packets
errors total errors preventing upstream transmission
of packets
unknown protocol packets received that were generated using a
protocol unknown to the BSR
Total Modems On This
Upstream Channel
total active or inactive CMs on this upstream
channel
Spectrum Group: the associated Spectrum Group name
cable downstream cable location
downstream up/
administratively down
downstream interface administrative status
packets output number of packets transmitted from the
interface
bytes number of bytes transmitted from the
interface
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-174 Compass ID: 391459945 Version 2
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show stats <NUM> cmts
Command Syntax
discarded number of packets discarded
total active modems total active CMs on this downstream channel
Spectrum Group: the associated upstream Spectrum Group
names
NUM the BSR CMTS slot number
cmts CMTS statistics
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-175
telnet
The telnet command is used to login and access a remote system from the BSR. The
vrf argument is used to login and access a remote system over a VPN.
Group Access
All
Command Mode
Privileged EXEC
Command Line Usage
telnet {<A.B.C.D> | <WORD> | vrf <WORD> [<A.B.C.D> | <WORD>]}
Command Syntax
A.B.C.D IP address of the remote system
<WORD> DNS hostname
vrf <WORD> the VRF
A.B.C.D IP address of the Customer Network remote
system
<WORD> Customer Network DNS hostname
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-176 Compass ID: 391459945 Version 2
traceroute
The traceroute command traces the path of IP packets from the BSR to the specified
destination.
Group Access
All
Command Mode
Privileged EXEC
Command Line Usage
traceroute [<A.B.C.D> | Hostname | vrf <WORD>]
Command Syntax
A.B.C.D destination IP address
Hostname destination DNS hostname
vrf <WORD> specifies the VRF to use for tracing
Release 6.3.1 Configuring BGP/MPLS VPNs
Compass ID: 391459945 Version 2 1-177
vpn id
The vpn id command specifies a VPN ID number to a VPN when remote access
server applications, such as DHCP are used in a Provider Network to configure their
Customer Network VPNs.
The same VPN ID is specified for all PE routers in the Provider Network that services
the VPN to ensure that the VPN has a consistent VPN ID. The VPN ID has an
Organizational Unique Identifier (OUI), which is a three-octet hexidecimal number
that is specified by the IEEE Registration Authority to equipment manufacturers to
generate universal LAN MAC addresses and protocol identifiers for use in network
applications. For example, the OUI for Motorola is 00:30:B8.
Group Access
System Administrator
Command Mode
VRF Configuration
Command Line Usage
vpn id <OUI:VPN-Index>
no vpn id <OUI:VPN-Index>
Command Syntax
OUI:VPN-Index OUI is the 3-octet IEEE specified
manufacturer ID of the PE router (BSR)
followed by a colon and VPN-Index is the
4-octet ID number specified for this VPN
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
1-178 Compass ID: 391459945 Version 2
vrf selection source
The vrf selection source command is used to populate a single source IP address or
range of source IP addresses to the VRF.
The no vrf selection source command is used to remove a single source IP address or
range of source IP addresses from a VRF.
Group Access
System Administrator
Command Mode
Interface Configuration (10/100 Ethernet or Gigabit Ethernet Interfaces only)
Command Line Usage
vrf selection source {<A.B.C.D> <A.B.C.D>} vrf <WORD>
no vrf selection source {<A.B.C.D> <A.B.C.D>} vrf <WORD>
Command Syntax
Note: If a VRF table is removed by using the no ip vrf command, all
configurations associated with that VRF will be removed including those
configurations added with the vrf selection source command.
A.B.C.D specifies the new source IP address to be
added to the VRF
A.B.C.D specifies the source IP subnetwork mask for
the source IP address or range of single
source IP addresses to be added to the VRF
vrf specifies of the VRF Selection table to which
the single source IP address or range of
source IP addresses should be added
WORD the VRF name
Compass ID: 391459945 Version 2 2-1
2
BGP/MPLS VPN
Configuration Examples
Overview
This chapter provides the following BGP/MPLS VPN configuration examples:
Building an BGP/MPLS VPN
Configuration Examples for CM, eMTA Provisioning and Voice Traffic in
Multiple VPNs
Building an BGP/MPLS VPN
Use the steps in this chapter to gain a more detailed understanding of how to
configure an BGP/MPLS VPN for testing or training purposes. We recommend that
you read and understand the configuration information provided in Chapter 1 before
doing your BGP/MPLS VPN configuration.
Note: Configuration procedures in this section are designed for a data
configuration.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-2 Compass ID: 391459945 Version 2
Configuration procedures are given for four BSRs. Parameters that are unique to each
BSR in each step are identified in bold.
Note: The IP addressing scheme used in this tutorial is provided as an
example for how to configure an BGP/MPLS VPN. Ensure that you use your
own IP addressing scheme in your network or lab environment.
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-3
Figure 2-1 presents a BGP/MPLS VPN configuration diagram example:
Figure 2-1 BGP/MPLS VPN Example Configuration
Figure 2-1 describes the following BGP/MPLS VPN components:
Provider
Router
vpn12 CPE
vpn41 CPE
vpn23 CPE
vpn34 CPE
vpn41 CPE
vpn12 CM
vpn41 CM
vpn23 CM
Global CPE
Global CM
vpn34 CPE
Global CPE
vpn23 CPE
Global CPE
Global CM
vpn12 CPE
vpn12 CM
Global CPE
vpn34 CM
vpn41 CM
Global CM
vpn34 CM
Global CM
vpn23 CM
172.23.40.32/30
.33
.34
172.23.40.36/30
.37 .38
172.23.40.40/30
.41 .42
172.23.40.44/30
.45
.46
14.14.14.4/30
20.20.20.0/30
12.12.12.0/30
.6
.5
.2
.2
.1
.1
20.20.20.4/30
20.20.20.8/30
20.20.20.12/30
12.12.12.4/30
23.23.23.0/30
23.23.23.4/30
34.34.34.0/30
34.34.34.4/30
14.14.14.0/30
.2
.1
.6
.5
.6
.5
.2
.1
.6
.5
.6
.5
.2
.1
.14
.13
.10
.9
120.120.120.0/30
112.112.112.0/30
.6
.2
.2
.1
.1
LB 172.23.49.5 /32
LB 172.23.49.8 /32
LB 172.23.49.9 /32
120.120.120.4/30
112.112.112.4/30
123.123.123.0/30
.5
.5
.2
.6
.6
120.120.120.8/30
123.123.123.4/30
134.134.134.0/30
.2
.6
.5
.10 .9
120.120.120.12/30
134.134.134.4/30
114.114.114.0/30
.6
.5
.2
.1
.14 .13
VPN 41
LB 172.23.49.6 /32
VPN 12
VPN 23
VPN 34
PE 1
S
R
M
e
7
/
0
1
x
4
C
M
T
S
c
3
/
0
8
-
P
o
r
t
1
0
/
1
0
0
e
1
4
/
0
PE 2
S
R
M
e
7
/
0
G
ig
E
g
1
5
/
0
1
x
4
C
M
T
S
c
3
/
0
PE 3
S
R
M
e
7
/
0
1
x
4
C
M
T
S
c
3
/
0
8
-
P
o
r
t
1
0
/
1
0
0
e
1
4
/
0
PE 4
S
R
M
e
7
/
0
1
x
4
C
M
T
S
c
3
/
0
8
-
P
o
r
t
1
0
/
1
0
0
e
1
4
/
0
OSS
OSS
OSS
OSS
114.114.114.4/30
VPNG005
Key:
Global Network:
VPN 12:
VPN 23:
VPN 34:
VPN 41:
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-4 Compass ID: 391459945 Version 2
The four BSRs are PE routers and are labeled: PE 1, PE 2, PE 3, and PE 4. In the
configuration examples, the host names for these BSRs appear as: PE1, PE2,
PE3, and PE4.
Four VPNs labeled: VPN 12, VPN 23, VPN 34 and VPN 41, and the global
(non-VPN) network, and their respective network and interface IP addresses.
One Provider (P) router, which in this example could be a BSR or other vendor router
has assigned interface IP addresses and routes that connect the P router to each PE
router. Configuration procedures are not given for the Provider router and must be
provided by the Provider network administrator.
The Operational Support System (OSS) consists of the Dynamic Host Configuration
Protocol (DHCP) server, Time of Day (TOD) server, and Trivial File Transport
Protocol (TFTP) server. The OSS can be administered by a VPN administrator or a
Provider network administrator. Refer to Before You Begin on page 1-12 for more
information.
A default route must be configured from within the VPN to an Internet Gateway on
the Provider Network to allow VPN members Internet access.
Table 2-1 lists the sections in this chapter in the order that they are used to configure
the BGP/MPLS example network:
Note: The configuration examples in this chapter have a different OSS for
each VPN.
Note: In the following BGP/MPLS VPN application, the DHCP server is
located in the Provider (global) Network. In other BGP/MPLS VPN
applications, the DHCP server may reside within a VPN.
Table 2-1 BGP/MPLS Example Network Tasks
Task
1. Create a VRF for each BGP/MPLS VPN
2. Enable MPLS
3. Configure the PE network interface
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-5
Create a VRF for each BGP/MPLS VPN
This step accomplishes the following:
A VPN Routing Forwarding table (VRF) is created for a VPN.
The Route Distinguisher (RD) is created for each VPN. The RD contains the
Autonomous System number (100), which is used by BGP and the number
associated with each VPN.
The import and export route target are defined for the VPN, which uses the AS
number 100 and the VPN number.
Refer to Creating a VRF on page 1-17 for more information on these parameters.
PE 1
PE1:7A(config)#ip vrf vpn12
PE1:7A(config-vrf)#rd 100:12
PE1:7A(config-vrf)#route-target export 100:12
PE1:7A(config-vrf)#route-target import 100:12
PE1:7A(config-vrf)#end
PE1:7A(config)#ip vrf vpn41
PE1:7A(config-vrf)#rd 100:41
PE1:7A(config-vrf)#route-target export 100:41
PE1:7A(config-vrf)#route-target import 100:41
4. Configure a cable interface for both VPNs and Non-VPNs
5. Configure a loopback interface for Provider Edge (PE) to
PE connectivity
6. Configure a virtual cable bundle for VPN CMs, and
non-VPN CMs and CPEs
7. Configure virtual cable bundles for VPN CPEs
8. Assign a cable bundle to a cable subinterface
9. Provision both VPN and Non-VPN CMs
10. Configure IGP routes
11. Configure the BGP AS and neighbor sessions
12. Redistribute connected VRF networks into MP-BGP
13. Configure MP-BGP to advertise VPNv4 Routes
Table 2-1 BGP/MPLS Example Network Tasks
Task
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-6 Compass ID: 391459945 Version 2
PE 2
PE2:7A(config)#ip vrf vpn12
PE2:7A(config-vrf)#rd 100:12
PE2:7A(config-vrf)#route-target export 100:12
PE2:7A(config-vrf)#route-target import 100:12
PE2:7A(config-vrf)#end
PE2:7A(config)#ip vrf vpn23
PE2:7A(config-vrf)#rd 23:23
PE2:7A(config-vrf)#route-target export 23:23
PE2:7A(config-vrf)#route-target import 23:23
PE 3
PE3:7A(config)#ip vrf vpn23
PE3:7A(config-vrf)#rd 23:23
PE3:7A(config-vrf)#route-target export 23:23
PE3:7A(config-vrf)#route-target import 23:23
PE3:7A(config-vrf)#end
PE3:7A(config)#ip vrf vpn34
PE3:7A(config-vrf)#rd 100:34
PE3:7A(config-vrf)#route-target export 100:34
PE3:7A(config-vrf)#route-target import 100:34
PE 4
PE4:7A(config)#ip vrf vpn41
PE4:7A(config-vrf)#rd 100:41
PE4:7A(config-vrf)#route-target export 100:41
PE4:7A(config-vrf)#route-target import 100:41
PE4:7A(config-vrf)#end
PE4:7A(config)#ip vrf vpn34
PE4:7A(config-vrf)#rd 100:34
PE4:7A(config-vrf)#route-target export 100:34
PE4:7A(config-vrf)#route-target import 100:34
Enable MPLS
The mpls ip command is issued in Global Configuration mode on PE 1, PE 2, PE 3
and PE 4 to enable MPLS.
Configure the PE network interface
This step accomplishes the following:
An IP address and subnet mask is assigned to the PE interface.
The PE interface is generally enabled.
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-7
The PE interface is enabled for the Label Distribution Protocol (LDP)
LDP is configured to use this PE interface IP address for the LDP transport
address.
Refer to Configuring the PE Network Interface on page 1-19 for more information on
these parameters.
PE 1
PE1:7A(config)#interface ethernet 14/0
PE1:7A(config-if)#ip address 172.23.40.33 255.255.255.252
PE1:7A(config-if)#no shutdown
PE1:7A(config-if)#mpls label protocol ldp
PE1:7A(config-if)#mpls ldp discovery transport-address interface
PE 2
PE2:7A(config)#interface gigaether 15/0
PE2:7A(config-if)#ip address 172.23.40.37 255.255.255.252
PE2:7A(config-if)#no shutdown
PE2:7A(config-if)#mpls label protocol ldp
PE2:7A(config-if)#mpls ldp discovery transport-address interface
PE 3
PE3:7A(config)#interface ethernet 14/0
PE3:7A(config-if)#ip address 172.23.40.41 255.255.255.252
PE3:7A(config-if)#no shutdown
PE3:7A(config-if)#mpls label protocol ldp
PE3:7A(config-if)#mpls ldp discovery transport-address interface
PE 4
PE4:7A(config)#interface ethernet 14/0
PE4:7A(config-if)#ip address 172.23.40.45 255.255.255.252
PE4:7A(config-if)#no shutdown
PE4:7A(config-if)#mpls label protocol ldp
PE4:7A(config-if)#mpls ldp discovery transport-address interface
Configure a cable interface for both VPNs and Non-VPNs
This step accomplishes the following:
Each BSR cable interface is enabled
Each BSR cable interface is assigned the same (slave) cable bundle number
(Cable Bundle 1).
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-8 Compass ID: 391459945 Version 2
On each BSR cable interface, both Upstream Port 0 and Downstream Port 0 are
enabled and configured with a frequency.
The DHCP relay agent information option function is enabled on each BSR cable
interface for CPEs.
Refer to Configuring a Cable Interface for a VPN on page 1-22 for more information
on these parameters.
PE 1
PE1:7A(config)#interface cable 3/0
PE1:7A(config-if)#no shutdown
PE1:7A(config-if)#cable bundle 1
PE1:7A(config-if)#no cable downstream 0 shutdown
PE1:7A(config-if)#no cable upstream 0 shutdown
PE1:7A(config-if)#ip dhcp relay information option
PE 2
PE2:7A(config)#interface cable 3/0
PE2:7A(config-if)#no shutdown
PE2:7A(config-if)#cable bundle 1
PE2:7A(config-if)#no cable downstream 0 shutdown
PE2:7A(config-if)#no cable upstream 0 shutdown
PE2:7A(config-if)#ip dhcp relay information option
PE 3
PE3:7A(config)#interface cable 3/0
PE3:7A(config-if)#no shutdown
PE3:7A(config-if)#cable bundle 1
PE3:7A(config-if)#no cable downstream 0 shutdown
PE3:7A(config-if)#no cable upstream 0 shutdown
PE3:7A(config-if)#ip dhcp relay information option
PE 4
PE4:7A(config)#interface cable 3/0
PE4:7A(config-if)#no shutdown
PE4:7A(config-if)#cable bundle 1
PE4:7A(config-if)#no cable downstream 0 shutdown
PE4:7A(config-if)#no cable upstream 0 shutdown
PE4:7A(config-if)#ip dhcp relay information option
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-9
Configure a loopback interface for Provider Edge (PE) to PE
connectivity
The loopback interface provides PE to PE connectivity for MP-BGP sessions.
This step accomplishes the following:
Loopback Interface 1 is enabled on each BSR.
Loopback Interface 1 is configured with an IP address and a 32-bit subnet(work)
mask.
Refer to Configure a Loopback Interface for PE to PE Interoperability on page 1-21
for more information on these parameters.
PE 1
PE1:7A(config)#interface loopback 1
PE1:7A(config-if)#ip address 172.23.49.5 255.255.255.255
PE1:7A(config-if)#no shutdown
PE 2
PE2:7A(config)#interface loopback 1
PE2:7A(config-if)#ip address 172.23.49.6 255.255.255.255
PE2:7A(config-if)#no shutdown
PE 3
PE3:7A(config)#interface loopback 1
PE3:7A(config-if)#ip address 172.23.49.8 255.255.255.255
PE3:7A(config-if)#no shutdown
Note: Configuring BGP on a loopback interface eliminates the need to use
the IP address that is configured for the routers physical interface. This
avoids unnecessary operational status and negotiated address
dependencies.
Note: The full subnet mask is used to conserve network address space.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-10 Compass ID: 391459945 Version 2
PE 4
PE4:7A(config)#interface loopback 1
PE4:7A(config-if)#ip address 172.23.49.9 255.255.255.255
PE4:7A(config-if)#no shutdown
Configure a virtual cable bundle for VPN CMs, and non-VPN
CMs and CPEs
This step accomplishes the following:
Loopback Interface 2 is enabled on each BSR.
Loopback Interface 2 is used for all VPN CMs and all non-VPN (global) CMs
and CPEs.
The first IP address command line configures an IP address and subnet mask for
global CMs.
The second IP address command line configures an IP address and subnet mask
for global CPEs.
The third and fourth command lines configure an IP address and subnet mask for
different VPN CMs.
The cable helper-address command lines define the Provider network DHCP
server IP address for all CMs and CPE hosts.
The (master) Cable Bundle 1 is assigned to Loopback Interface 2, which
corresponds to the (slave) Cable Bundle 1, which was configured in step
Configure a cable interface for both VPNs and Non-VPNs on page 2-7.
Refer to Creating a Virtual Cable Bundle for Global CMs Option 1 on page 1-26 for
more information on these parameters.
PE 1
PE1:7A(config)#interface loopback 2
PE1:7A(config-if)#ip address 20.20.20.1 255.255.255.252
PE1:7A(config-if)#ip address 120.120.120.1 255.255.255.252
secondary host
PE1:7A(config-if)#ip address 12.12.12.1 255.255.255.252 secondary
cm vrf vpn12
PE1:7A(config-if)#ip address 14.14.14.5 255.255.255.252 secondary
cm vrf vpn41
PE1:7A(config-if)#cable helper-address 192.168.130.130 cable-modem
PE1:7A(config-if)#cable helper-address 192.168.130.130 host
PE1:7A(config-if)#no shutdown
PE1:7A(config-if)#cable bundle 1 master
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-11
PE 2
PE2:7A(config)#interface loopback 2
PE2:7A(config-if)#ip address 20.20.20.5 255.255.255.252
PE2:7A(config-if)#ip address 120.120.120.5 255.255.255.252
secondary host
PE2:7A(config-if)#ip address 12.12.12.5 255.255.255.252 secondary
cm vrf vpn12
PE2:7A(config-if)#ip address 23.23.23.1 255.255.255.252 secondary
cm vrf vpn23
PE2:7A(config-if)#cable helper-address 192.168.10.1 cable-modem
PE2:7A(config-if)#cable helper-address 192.168.10.1 host
PE2:7A(config-if)#no shutdown
PE2:7A(config-if)#cable bundle 1 master
PE 3
PE3:7A(config)#interface loopback 2
PE3:7A(config-if)#ip address 20.20.20.9 255.255.255.252
PE3:7A(config-if)#ip address 120.120.120.9 255.255.255.252
secondary host
PE3:7A(config-if)#ip address 23.23.23.5 255.255.255.252 secondary
cm vrf vpn23
PE3:7A(config-if)#ip address 34.34.34.1 255.255.255.252 secondary
cm vrf vpn34
PE3:7A(config-if)#cable helper-address 192.168.10.2 cable-modem
PE3:7A(config-if)#cable helper-address 192.168.10.2 host
PE3:7A(config-if)#no shutdown
PE3:7A(config-if)#cable bundle 1 master
PE 4
PE4:7A(config)#interface loopback 2
PE4:7A(config-if)#ip address 20.20.20.13 255.255.255.252
PE4:7A(config-if)#ip address 120.120.120.13 255.255.255.252
secondary
PE4:7A(config-if)#ip address 34.34.34.5 255.255.255.252 secondary
cm vrf vpn34
PE4:7A(config-if)#ip address 14.14.14.1 255.255.255.252 secondary
cm vrf vpn41
PE4:7A(config-if)#cable helper-address 192.168.10.4 cable-modem
PE4:7A(config-if)#cable helper-address 192.168.10.4 host
PE4:7A(config-if)#no shutdown
PE4:7A(config-if)#cable bundle 1 master
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-12 Compass ID: 391459945 Version 2
Configure virtual cable bundles for VPN CPEs
This step configures one set of VPN CPEs to be associated with Loopback Interface 3
and the other set of VPN CPEs to be associated with Loopback Interface 4:
The VRF for a VPNs CPEs is assigned to Loopback Interface 3 and Loopback
Interface 4 by using ip vrf forwarding command and the VPNs name.
Loopback Interface 3 and 4 are each assigned an IP address, subnet mask, and the
same non-VPN "global" CPE cable helper address, which is the DHCP IP
address.
Loopback Interface 3 is assigned to (master) Cable Bundle 2.
Loopback Interface 4 is assigned to (master) Cable Bundle 3.
Loopback Interface 3 and 4 are both enabled.
Refer to Creating a Virtual Cable Bundle for Global CMs Option 2 on page 1-29 for
more information on these parameters.
PE 1
PE1:7A(config)#interface loopback 3
PE1:7A(config-if)#ip vrf forwarding vpn12
PE1:7A(config-if)#ip address 112.112.112.1 255.255.255.252
PE1:7A(config-if)#cable helper-address 192.168.130.130 host global
PE1:7A(config-if)#no shutdown
PE1:7A(config-if)#cable bundle 2 master
PE1:7A(config-if)#end
PE1:7A(config)#interface loopback 4
PE1:7A(config-if)#ip vrf forwarding vpn41
PE1:7A(config-if)#ip address 114.114.114.1 255.255.255.252
PE1:7A(config-if)#cable helper-address 192.168.130.130 host global
PE1:7A(config-if)#no shutdown
PE1:7A(config-if)#cable bundle 3 master
PE 2
PE2:7A(config)#interface loopback 3
Note: The CPE IP address on one interface can be used again on another
interface only if this IP address is used for a different VPN. For example, a
CPE IP address on one interface that is configured for VPN A can be used
again on a different interface for VPN B. However, a CPE IP address
configured for VPN A cannot be used again on another interface which
belongs to VPN A.
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-13
PE2:7A(config-if)#ip vrf forwarding vpn12
PE2:7A(config-if)#ip address 112.112.112.5 255.255.255.252
PE2:7A(config-if)#cable helper-address 192.168.10.1 host global
PE2:7A(config-if)#no shutdown
PE2:7A(config-if)#cable bundle 2 master
PE2:7A(config-if)#end
PE2:7A(config)#interface loopback 4
PE2:7A(config-if)#ip vrf forwarding vpn23
PE2:7A(config-if)#ip address 123.123.123.0 255.255.255.252
PE2:7A(config-if)#cable helper-address 192.168.10.1 host global
PE2:7A(config-if)#no shutdown
PE2:7A(config-if)#cable bundle 3 master
PE 3
PE3:7A(config)#interface loopback 3
PE3:7A(config-if)#ip vrf forwarding vpn23
PE3:7A(config-if)#ip address 123.123.123.5 255.255.255.252
PE3:7A(config-if)#cable helper-address 192.168.10.2 host global
PE3:7A(config-if)#no shutdown
PE3:7A(config-if)#cable bundle 2 master
PE3:7A(config-if)#end
PE3:7A(config)#interface loopback 4
PE3:7A(config-if)#ip vrf forwarding vpn34
PE3:7A(config-if)#ip address 134.134.134.0 255.255.255.252
PE3:7A(config-if)#cable helper-address 192.168.10.2 host global
PE3:7A(config-if)#no shutdown
PE3:7A(config-if)#cable bundle 3 master
PE 4
PE4:7A(config)#interface loopback 3
PE4:7A(config-if)#ip vrf forwarding vpn41
PE4:7A(config-if)#ip address 114.114.114.1 255.255.255.252
PE4:7A(config-if)#cable helper-address 192.168.10.4 host global
PE4:7A(config-if)#no shutdown
PE4:7A(config-if)#cable bundle 2 master
PE4:7A(config-if)#end
PE4:7A(config)#interface loopback 4
PE4:7A(config-if)#ip vrf forwarding vpn34
PE4:7A(config-if)#ip address 134.134.134.5 255.255.255.252
PE4:7A(config-if)#cable helper-address 192.168.10.4 host global
PE4:7A(config-if)#no shutdown
PE4:7A(config-if)#cable bundle 3 master
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-14 Compass ID: 391459945 Version 2
Assign a cable bundle to a cable subinterface
This step configures a different (slave) cable bundle for each subinterface:
Configure the (slave) Cable Bundle 2 on subinterface 3/0.1, which is associated
with the (master) Cable Bundle 2 on Loopback Interface 3 on each BSR. Refer to
step Configure virtual cable bundles for VPN CPEs on page 2-12 for more
information on configuring Loopback Interface 3.
Configure the (slave) Cable Bundle 3 on a subinterface 3/0.2, which is associated
with the (master) Cable Bundle 3 on Loopback Interface 4 on each BSR. Refer to
step Configure virtual cable bundles for VPN CPEs on page 2-12 for more
information on configuring Loopback Interface 4.
Enable both subinterface 3/0.1 and 3/0.2 on each BSR.
PE 1
PE1:7A(config)#interface cable 3/0.1
PE1:7A(config-if)#no shutdown
PE1:7A(config-if)#cable bundle 2
PE1:7A(config-if)#end
PE1:7A(config)#interface cable 3/0.2
PE1:7A(config-if)#no shutdown
PE1:7A(config-if)#cable bundle 3
PE 2
PE2:7A(config)#interface cable 3/0.1
PE2:7A(config-if)#no shutdown
PE2:7A(config-if)#cable bundle 2
PE2:7A(config-if)#end
PE2:7A(config)#interface cable 3/0.2
PE2:7A(config-if)#no shutdown
PE2:7A(config-if)#cable bundle 3
PE 3
PE3:7A(config)#interface cable 3/0.1
PE3:7A(config-if)#no shutdown
PE3:7A(config-if)#cable bundle 2
Note: Each cable bundle configured on the (slave) subinterface belongs to
one set of VPN CPEs.
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-15
PE3:7A(config-if)#end
PE3:7A(config)#interface cable 3/0.2
PE3:7A(config-if)#no shutdown
PE3:7A(config-if)#cable bundle 3
PE 4
PE4:7A(config)#interface cable 3/0.34
PE4:7A(config-if)#no shutdown
PE4:7A(config-if)#cable bundle 3
PE4:7A(config-if)#end
PE4:7A(config)#interface cable 3/0.41
PE4:7A(config-if)#no shutdown
PE4:7A(config-if)#cable bundle 2
Provision both VPN and Non-VPN CMs
The Provider Network administrator is responsible for provisioning both VPN and
Non-VPN CMs by creating CM configuration files and configuring the appropriate
DHCP server parameters.
Configure IGP routes
In this example, the Open Shortest Path First (OSPF) protocol is used as the IGP. This
step accomplishes the following:
The OSPF routing process is enabled on each BSR.
OSPF networks are configured within the Autonomous System (AS) on each
BSR so that routing information can be dynamically exchanged to help establish
BGP and LDP or RSVP routing sessions on the PE routers.
Refer to Configuring IGP or Static Routes for VPNs on page 1-48 for more
information on these parameters
PE 1
PE1:7A(config)#router ospf
PE1:7A(config-ospf)#network 172.23.49.5 0.0.0.255 area 54
PE1:7A(config-ospf)#network 172.23.40.32 0.0.0.255 area 54
PE1:7A(config-ospf)#network 120.120.120.0 0.0.0.255 area 54
PE1:7A(config-ospf)#network 114.114.114.4 0.0.0.255 area 54
PE1:7A(config-ospf)#network 112.112.112.0 0.0.0.255 area 54
PE 2
PE2:7A(config)#router ospf
PE2:7A(config-ospf)#network 172.23.49.6 0.0.0.255 area 54
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-16 Compass ID: 391459945 Version 2
PE2:7A(config-ospf)#network 172.23.40.36 0.0.0.255 area 54
PE2:7A(config-ospf)#network 123.123.123.0 0.0.0.255 area 54
PE2:7A(config-ospf)#network 120.120.120.4 0.0.0.255 area 54
PE2:7A(config-ospf)#network 112.112.112.4 0.0.0.255 area 54
PE 3
PE3:7A(config)#router ospf
PE3:7A(config-ospf)#network 172.23.49.8 0.0.0.255 area 54
PE3:7A(config-ospf)#network 172.23.40.40 0.0.0.255 area 54
PE3:7A(config-ospf)#network 134.134.134.0 0.0.0.255 area 54
PE3:7A(config-ospf)#network 123.123.123.4 0.0.0.255 area 54
PE3:7A(config-ospf)#network 120.120.120.8 0.0.0.255 area 54
PE 4
PE4:7A(config)#router ospf
PE4:7A(config-ospf)#network 172.23.49.9 0.0.0.255 area 54
PE4:7A(config-ospf)#network 172.23.40.44 0.0.0.255 area 54
PE4:7A(config-ospf)#network 134.134.134.4 0.0.0.255 area 54
PE4:7A(config-ospf)#network 120.120.120.12 0.0.0.255 area 54
PE4:7A(config-ospf)#network 114.114.114.0 0.0.0.255 area 54
Configure the BGP AS and neighbor sessions
This step accomplishes the following:
The Internal BGP (IBGP) Autonomous System (AS) is enabled on each BSR.
IBGP neighbor sessions are configured on each BSR.
Refer to Configuring the BGP AS and Neighbor Sessions on page 1-49 for more
information on these parameters.
PE 1
PE1:7A(config)#router bgp 100
PE1:7A(config-bgp)#neighbor 172.23.49.6 remote-as 100
PE1:7A(config-bgp)#neighbor 172.23.49.6 update-source loopback 1
PE1:7A(config-bgp)#neighbor 172.23.49.8 remote-as 100
PE1:7A(config-bgp)#neighbor 172.23.49.8 update-source loopback 1
PE1:7A(config-bgp)#neighbor 172.23.49.9 remote-as 100
PE1:7A(config-bgp)#neighbor 172.23.49.9 update-source loopback 1
PE 2
PE2:7A(config)#router bgp 100
PE2:7A(config-bgp)#neighbor 172.23.49.5 remote-as 100
PE2:7A(config-bgp)#neighbor 172.23.49.5 update-source loopback 1
PE2:7A(config-bgp)#neighbor 172.23.49.8 remote-as 100
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-17
PE2:7A(config-bgp)#neighbor 172.23.49.8 update-source loopback 1
PE2:7A(config-bgp)#neighbor 172.23.49.9 remote-as 100
PE2:7A(config-bgp)#neighbor 172.23.49.9 update-source loopback 1
PE 3
PE3:7A(config)#router bgp 100
PE3:7A(config-bgp)#neighbor 172.23.49.5 remote-as 100
PE3:7A(config-bgp)#neighbor 172.23.49.5 update-source loopback 1
PE3:7A(config-bgp)#neighbor 172.23.49.6 remote-as 100
PE3:7A(config-bgp)#neighbor 172.23.49.6 update-source loopback 1
PE3:7A(config-bgp)#neighbor 172.23.49.9 remote-as 100
PE3:7A(config-bgp)#neighbor 172.23.49.9 update-source loopback 1
PE 4
PE4:7A(config)#router bgp 100
PE4:7A(config-bgp)#neighbor 172.23.49.5 remote-as 100
PE4:7A(config-bgp)#neighbor 172.23.49.5 update-source loopback 1
PE4:7A(config-bgp)#neighbor 172.23.49.6 remote-as 100
PE4:7A(config-bgp)#neighbor 172.23.49.6 update-source loopback 1
PE4:7A(config-bgp)#neighbor 172.23.49.8 remote-as 100
PE4:7A(config-bgp)#neighbor 172.23.49.8 update-source loopback 1
Redistribute connected VRF networks into MP-BGP
This step redistributes connected VRF networks into Multi-Protocol Border Gateway
Protocol (MP-BGP) to advertise VPN routes.
Refer to Redistribute Connected or Static VRF Networks into MP-BGP on page 1-50
for more information on these parameters.
PE 1
PE1:7A(config-bgp)#address-family ipv4 vrf vpn12
PE1:7A(config-bgp-af-ipv4-vrf-vpn12)#redistribute connected
PE1:7A(config-bgp-af-ipv4-vrf-vpn12)#no auto-summary
PE1:7A(config-bgp-af-ipv4-vrf-vpn12)#exit-address-family
PE1:7A(config-bgp)#address-family ipv4 vrf vpn41
PE1:7A(config-bgp-af-ipv4-vrf-vpn41)#redistribute connected
PE1:7A(config-bgp-af-ipv4-vrf-vpn41)#no auto-summary
PE1:7A(config-bgp-af-ipv4-vrf-vpn41)#exit-address-family
PE 2
PE2:7A(config-bgp)#address-family ipv4 vrf vpn12
PE2:7A(config-bgp-af-ipv4-vrf-vpn12)#redistribute connected
PE2:7A(config-bgp-af-ipv4-vrf-vpn12)#no auto-summary
PE2:7A(config-bgp-af-ipv4-vrf-vpn12)#exit-address-family
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-18 Compass ID: 391459945 Version 2
PE2:7A(config-bgp)#address-family ipv4 vrf vpn23
PE2:7A(config-bgp-af-ipv4-vrf-vpn23)#redistribute connected
PE2:7A(config-bgp-af-ipv4-vrf-vpn23)#no auto-summary
PE2:7A(config-bgp-af-ipv4-vrf-vpn23)#exit-address-family
PE 3
PE3:7A(config-bgp)#address-family ipv4 vrf vpn23
PE3:7A(config-bgp-af-ipv4-vrf-vpn23)#redistribute connected
PE3:7A(config-bgp-af-ipv4-vrf-vpn23)#no auto-summary
PE3:7A(config-bgp-af-ipv4-vrf-vpn23)#exit-address-family
PE3:7A(config-bgp)#address-family ipv4 vrf vpn34
PE3:7A(config-bgp-af-ipv4-vrf-vpn34)#redistribute connected
PE3:7A(config-bgp-af-ipv4-vrf-vpn34)#no auto-summary
PE3:7A(config-bgp-af-ipv4-vrf-vpn34)#exit-address-family
PE 4
PE4:7A(config-bgp)#address-family ipv4 vrf vpn34
PE4:7A(config-bgp-af-ipv4-vrf-vpn34)#redistribute connected
PE4:7A(config-bgp-af-ipv4-vrf-vpn34)#no auto-summary
PE4:7A(config-bgp-af-ipv4-vrf-vpn34)#exit-address-family
PE4:7A(config-bgp)#address-family ipv4 vrf vpn41
PE4:7A(config-bgp-af-ipv4-vrf-vpn41)#redistribute connected
PE4:7A(config-bgp-af-ipv4-vrf-vpn41)#no auto-summary
PE4:7A(config-bgp-af-ipv4-vrf-vpn41)#exit-address-family
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-19
Configure MP-BGP to advertise VPNv4 Routes
This step configures the BGP routing process to advertise Multi-Protocol Border
Gateway Protocol (MP-BGP) VPN-IP Version 4 routes on each BSR:
Refer to Configuring MP-BGP to Advertise VPNv4 Routes on page 1-53 for more
information on these parameters.
PE 1
PE1:7A(config-bgp)#address-family vpnv4
PE1:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.6 activate
PE1:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.6 send-community
extended
PE1:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.8 activate
PE1:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.8 send-community
extended
PE1:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.9 activate
PE1:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.9 send-community
extended
PE1:7A(config-bgp-af-vpnv4)#exit-address-family
PE 2
PE2:7A(config-bgp)#address-family vpnv4
PE2:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.5 activate
PE2:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.5
send-community extended
PE2:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.8 activate
PE2:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.8
send-community extended
PE2:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.9 activate
PE2:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.9
send-community extended
PE2:7A(config-bgp-af-vpnv4)#exit-address-family
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-20 Compass ID: 391459945 Version 2
PE 3
PE3:7A(config-bgp)#address-family vpnv4
PE3:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.5 activate
PE3:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.5 send-community
extended
PE3:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.6 activate
PE3:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.6 send-community
extended
PE3:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.9 activate
PE3:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.9 send-community
extended
PE3:7A(config-bgp-af-vpnv4)#exit-address-family
PE 4
PE4:7A(config-bgp)#address-family vpnv4
PE4:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.5 activate
PE4:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.5
send-community extended
PE4:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.6 activate
PE4:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.6
send-community extended
PE4:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.8 activate
PE4:7A(config-bgp-af-vpnv4)#neighbor 172.23.49.8
send-community extended
PE4:7A(config-bgp-af-vpnv4)#exit-address-family
Configuration Examples for CM, eMTA
Provisioning and Voice Traffic in Multiple VPNs
The following sections provide configuration examples for CM, eMTA provisioning
and voice traffic in multiple VPNs:
Configuring VPNs for Data Only
Configuring Multiple Data VPNs and VoIP VPNs
Configuring Multiple VPNs Using a CM Provisioning VPN
Configuring a Single VPN for both VoIP and VoIP Provisioning Functions
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-21
Configuring VPNs for Data Only
In this configuration example, the provisioning of CMs and CPEs is accomplished on
the Global VPN:
interface loopback 1
cable bundle 1 master
ip address 172.17.112.1 255.255.255.0
ip address 172.17.117.1 255.255.255.0 secondary host
ip address 172.17.113.1 255.255.255.0 secondary cm-vrf VPN_ISP1
cable helper-address 150.34.26.100 cable-modem
cable helper-address 150.34.26.100 host
no shutdown
interface cable 2/1
cable bundle 1
no ip address
no shutdown
cable bind downstream 1
no cable downstream 1 shutdown
cable bind upstream 4,5,6,7
no cable upstream 4 shutdown
no cable upstream 5 shutdown
no cable upstream 6 shutdown
no cable upstream 7 shutdown
cable privacy cert trust trusted
cable dynamic-service authorization-mode authorize
cable dynamic-service loadbalance disable
ip dhcp relay information option
cable downstream schedule priority-wfq
interface cable 2/1.1
ip vrf forwarding VPN_ISP1
ip address 172.17.115.1 255.255.255.0
cable helper-address 150.34.26.100 host
no shutdown
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-22 Compass ID: 391459945 Version 2
Configuring Multiple Data VPNs and VoIP VPNs
In this configuration example, the provisioning of CMs and eMTAs is accomplished
on the Global VPN:
interface loopback 1
cable bundle 1 master
ip address 172.17.112.1 255.255.255.0
ip address 172.17.113.1 255.255.255.0 secondary
host-sub-interface 1 voice-sub-interface 4
ip address 172.17.118.1 255.255.255.0 secondary
host-sub-interface 2 voice-sub-interface 5
ip address 172.17.119.1 255.255.255.0 secondary
host-sub-interface 3 voice-sub-interface 6
ip address 172.18.114.1 255.255.255.0 secondary mta
ip address 172.18.115.1 255.255.255.0 secondary mta
ip address 172.18.116.1 255.255.255.0 secondary mta
cable helper-address 150.34.26.100 cable-modem
cable helper-address 172.19.62.50 mta
no shutdown
interface cable 2/1
cable bundle 1
no ip address
no shutdown
cable bind downstream 1
no cable downstream 1 shutdown
cable bind upstream 4,5,6,7
no cable upstream 4 shutdown
no cable upstream 5 shutdown
no cable upstream 6 shutdown
no cable upstream 7 shutdown
cable privacy cert trust trusted
cable dynamic-service authorization-mode authorize
cable dynamic-service loadbalance disable
ip dhcp relay information option
cable downstream schedule priority-wfq
interface cable 2/1.1
ip vrf forwarding VPN_ISP1
ip address 172.19.115.1 255.255.255.0
cable helper-address 150.34.26.100 host global
no shutdown
interface cable 2/1.2
ip vrf forwarding VPN_ISP2
ip address 172.19.114.1 255.255.255.0
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-23
cable helper-address 150.34.26.100 host global
no shutdown
interface cable 2/1.3
ip vrf forwarding VPN_ISP3
ip address 172.19.114.1 255.255.255.0
cable helper-address 150.34.26.100 host global
no shutdown
interface cable 2/1.4
ip vrf forwarding VPN_VOIP_CUSTOMER1
ip address 172.18.114.1 255.255.255.0
no shutdown
interface cable 2/1.5
ip vrf forwarding VPN_VOIP_CUSTOMER2
ip address 172.18.115.1 255.255.255.0
no shutdown
interface cable 2/1.6
ip vrf forwarding VPN_VOIP_CUSTOMER3
ip address 172.18.116.1 255.255.255.0
no shutdown
Configuring Multiple VPNs Using a CM Provisioning VPN
In this configuration example, the provisioning of CMs and eMTAs is accomplished
on a CM Provisioning VPN:
interface loopback 1
cable bundle 1 master
ip vrf forwarding CM_PROVISIONING_VPN
ip address 172.17.112.1 255.255.255.0
ip address 172.17.113.1 255.255.255.0 secondary
host-sub-interface 1 voice-sub-interface 4
ip address 172.17.118.1 255.255.255.0 secondary
host-sub-interface 2 voice-sub-interface 5
ip address 172.17.119.1 255.255.255.0 secondary
host-sub-interface 3 voice-sub-interface 6
ip address 172.18.114.1 255.255.255.0 secondary mta
ip address 172.18.115.1 255.255.255.0 secondary mta
ip address 172.18.116.1 255.255.255.0 secondary mta
cable helper-address 150.34.26.100 cable-modem
cable helper-address 172.19.62.50 mta
no shutdown
interface cable 2/1
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-24 Compass ID: 391459945 Version 2
cable bundle 1
no ip address
no shutdown
cable bind downstream 1
no cable downstream 1 shutdown
cable bind upstream 4,5,6,7
no cable upstream 4 shutdown
no cable upstream 5 shutdown
no cable upstream 6 shutdown
no cable upstream 7 shutdown
cable privacy cert trust trusted
cable dynamic-service authorization-mode authorize
cable dynamic-service loadbalance disable
ip dhcp relay information option
cable downstream schedule priority-wfq
interface cable 2/1.1
ip vrf forwarding VPN_ISP1
ip address 172.19.115.1 255.255.255.0
cable helper-address 150.34.26.100 host CM_PROVISIONING_VPN
no shutdown
interface cable 2/1.2
ip vrf forwarding VPN_ISP2
ip address 172.19.114.1 255.255.255.0
cable helper-address 150.34.26.100 host CM_PROVISIONING_VPN
no shutdown
interface cable 2/1.3
ip vrf forwarding VPN_ISP3
ip address 172.19.114.1 255.255.255.0
cable helper-address 150.34.26.100 host CM_PROVISIONING_VPN
no shutdown
interface cable 2/1.4
ip vrf forwarding VPN_VOIP_CUSTOMER1
ip address 172.18.114.1 255.255.255.0
no shutdown
interface cable 2/1.5
ip vrf forwarding VPN_VOIP_CUSTOMER2
ip address 172.18.115.1 255.255.255.0
no shutdown
interface cable 2/1.6
ip vrf forwarding VPN_VOIP_CUSTOMER3
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-25
ip address 172.18.116.1 255.255.255.0
no shutdown

interface loopback 1
cable bundle 1 master
ip vrf forwarding CM_PROVISIONING_VPN
ip address 192.17.112.1 255.255.255.0
ip address 172.17.114.1 255.255.255.0 secondary mta
ip address 192.17.113.1 255.255.255.0 secondary
host-sub-interface 1 mta-sub-interface 2 voice-sub-interface 2
cable helper-address 150.34.26.100 cable-modem
no shutdown

interface cable 2/1
cable bundle 1
no ip address
no shutdown
cable bind downstream 1
no cable downstream 1 shutdown
cable bind upstream 4,5,6,7
no cable upstream 4 shutdown
no cable upstream 5 shutdown
no cable upstream 6 shutdown
no cable upstream 7 shutdown
cable privacy cert trust trusted
cable dynamic-service authorization-mode authorize
cable dynamic-service loadbalance disable
ip dhcp relay information option
cable downstream schedule priority-wfq
interface cable 2/1.1
ip vrf forwarding VPN_CPE
ip address 172.17.115.1 255.255.255.0
cable helper-address 150.34.26.100 host
no shutdown
interface cable 2/1.2
ip address 172.17.114.1 255.255.255.0
cable helper-address 172.19.62.50 mta
no shutdown
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-26 Compass ID: 391459945 Version 2
Configuring a Single VPN for both VoIP and VoIP
Provisioning Functions
In this configuration example, a VPN is configured that handles both VoIP and VoIP
provisioning functions on the same VPN:
interface loopback 1
cable bundle 1 master
ip address 172.17.112.1 255.255.255.0
ip address 172.17.113.1 255.255.255.0 secondary mta-sub-interface 2
ip address 172.17.115.1 255.255.255.0 secondary host
cable helper-address 150.34.26.100 host
cable helper-address 150.34.26.100 cable-modem
no shutdown
interface loopback 12
cable bundle 12 master
ip vrf forwarding VOIP_PROVISIONING_VPN
ip address 172.17.114.1 255.255.255.0
cable helper-address 172.19.62.50 mta
no shutdown

interface cable 2/1
cable bundle 1
no ip address
no shutdown
cable bind downstream 1
no cable downstream 1 shutdown
cable bind upstream 4,5,6,7
no cable upstream 4 shutdown
no cable upstream 5 shutdown
no cable upstream 6 shutdown
no cable upstream 7 shutdown
cable privacy cert trust trusted
cable dynamic-service authorization-mode authorize
cable dynamic-service loadbalance disable
ip dhcp relay information option
cable downstream schedule priority-wfq
interface cable 2/1.2
cable bundle 12
no ip address
no shutdown
interface loopback 1
cable bundle 1 master
Release 6.3.1 BGP/MPLS VPN Configuration Examples
Compass ID: 391459945 Version 2 2-27
ip address 172.17.112.1 255.255.255.0
ip address 172.17.114.1 255.255.255.0 secondary mta
ip address 172.17.113.1 255.255.255.0 secondary host-sub-interface
1
cable helper-address 150.34.26.100 cable-modem
cable helper-address 172.19.62.50 mta
no shutdown
interface loopback 11
cable bundle 11 master
ip vrf forwarding VPN_ISP1
ip address 172.17.115.1 255.255.255.0
cable helper-address 150.34.26.100 host global
no shutdown
interface cable 2/1
cable bundle 1
no ip address
no shutdown
cable bind downstream 1
no cable downstream 1 shutdown
cable bind upstream 4,5,6,7
no cable upstream 4 shutdown
no cable upstream 5 shutdown
no cable upstream 6 shutdown
no cable upstream 7 shutdown
cable privacy cert trust trusted
cable dynamic-service authorization-mode authorize
cable dynamic-service loadbalance disable
ip dhcp relay information option
cable downstream schedule priority-wfq
interface cable 2/1.1
cable bundle 11
no ip address
no shutdown
interface loopback 1
cable bundle 1 master
ip address 172.17.112.1 255.255.255.0
ip address 172.17.114.1 255.255.255.0 secondary mta
ip address 172.17.113.1 255.255.255.0 secondary voice-sub-interface
3
ip address 172.17.115.1 255.255.255.0 secondary host
cable helper-address 150.34.26.100 host
cable helper-address 150.34.26.100 cable-modem
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
2-28 Compass ID: 391459945 Version 2
cable helper-address 172.19.62.50 mta
no shutdown
interface loopback 13
cable bundle 13 master
ip vrf forwarding VPN_VOIP_CUSTOMER1
ip address 172.17.114.1 255.255.255.0
no shutdown
interface cable 2/1
cable bundle 1
no ip address
no shutdown
cable bind downstream 1
no cable downstream 1 shutdown
cable bind upstream 4,5,6,7
no cable upstream 4 shutdown
no cable upstream 5 shutdown
no cable upstream 6 shutdown
no cable upstream 7 shutdown
cable privacy cert trust trusted
cable dynamic-service authorization-mode authorize
cable dynamic-service loadbalance disable
ip dhcp relay information option
cable downstream schedule priority-wfq
interface cable 2/1.3
cable bundle 13
no ip address
no shutdown
Compass ID: 391459945 Version 2 3-1
3
Configuring LDP
Overview
The Label Distribution Protocol (LDP) is used in to build Multiprotocol Label
Switching/Border Gateway Protocol Virtual Private Networks (BGP/MPLS VPNs)
that are both scalable and provide several levels of data services. In an BGP/MPLS
VPN, LDP labels routes defined by the underlying Interior Gateway Protocol (IGP).
These labeled paths, called Label Switch Paths (LSPs), forward label traffic across an
MPLS backbone to specified destinations. Label Switch Routers (LSRs) establish
LSPs on a network by mapping network layer routing information to data-link
switched paths.
This chapter discusses the following topics:
LDP Implementation in the BSR
Enabling LDP on an Interface
Managing LDP
LDP Network Configuration Example
LDP Commands
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-2 Compass ID: 391459945 Version 2
LDP Implementation in the BSR
The BSRs implementation of LDP is compliant with RFC 3032, RFC 3035, and
RFC 3036 and supports simultaneous sessions with up to 16 peers. The BSR supports
LSRs on the following resource modules:
8-port 10/100 Ethernet module
1-port Gigabit Ethernet module
2 port POS module
Loopback interface
Additionally, the BSR can reroute an LSP to another available path when any link in
the path fails.
LDP Message Support
The BSR supports the exchange of the following LDP messages:
Discovery messages used to announce and maintain the presence of LSR on
well-known LDP Port 646.
Session messages that are used to establish, maintain and terminate sessions
between LDP peers.
Advertisement messages that are used to create, change and delete Label
mappings for Forward Equivalence Classes (FECs).
Notification messages are used to provide advisory information and signal error
information.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-3
Enabling LDP on an Interface
LDP can be configured on a specified MPLS interface for label advertising and
distribution of labels for each LDP peer:
Follow these steps to configure LDP on an interface:
1. Ensure that MPLS is enabled. Refer to Enabling MPLS on page 1-19, for more
information.
2. Select the desired 10/100 Ethernet, Gigabit Ethernet, Loopback or POS interface
on BSR to be used for LDP by issuing the interface command in Global
Configuration mode:
MOT:7A(config)#interface {pos <X/Y> | ethernet <X/Y> | gigaether <X/Y> |
loopback <0-255>}
where:
pos is the Packet over SONET interface.
ethernet is any 10 or 10/100 Ethernet interface.
gigaether is the Gigabit Ethernet interface.
loopback specifies a loopback interface.
0-255 loopback interface number.
X is the desired module slot on the BSR.
Y is the interface number on the module.
3. Use the mpls label protocol ldp command in Interface Configuration mode to
enable LDP on the interface. This allows label exchange with configured LDP
peers:
MOT:7A(config-if)#mpls label protocol ldp
Note: Also refer to Configuring the PE Network Interface on page 1-19 for
more information on how LDP is configured in the context of an BGP/MPLS
VPN.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-4 Compass ID: 391459945 Version 2
4. Use the show mpls ldp interface command to verify that the interface is
configured to enable LDP:
MOT:7A(config-if)#show mpls ldp interface
Figure 3-1 shows an example of interfaces on the BSR that are configured to use
LDP.
Figure 3-1 show mpls ldp interfaces Command Output
Managing LDP
The following sections describe how to manage optional LDP configuration
parameters on the BSR:
Specifying an LDP Router ID
Changing the Transport Address for LDP Discovery
Controlling LDP Label Advertisements
Managing the LDP Session
Specifying an LDP Router ID
The LDP router identifier (ID) has six octets that identifies an LSR and its label space.
The first four octets are the router identifier the other two octets are reserved for the
label space.
If the mpls ldp router-id command is not specified for a preferred interface, then the
LDP router ID is determined by the BSR.
The BSR determines the Router ID by the following rules in this order:
1. The BSR examines the IP addresses of all operational NIM interfaces. If these IP
addresses include loopback interface addresses, the highest such loopback
address is selected as the LDP router ID.
2. If these IP addresses do not include loopback interface addresses, then the highest
IP address relating to an operational interface is selected as the LDP router ID.
BSR:7A(config-if)#show mpls ldp interfaces
Interface Ldp ID NbrCount Next Hello(sec)
ethernet 12/1 20.20.1.1:0 1 5
ethernet 12/2 20.20.1.1:0 0 4
ethernet 12/7 20.20.1.1:0 0 3
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-5
Select from the following options to specify the LSRs router ID:
If you need to use a particular interfaces IP address as the router ID, issue the
mpls ldp router-id command in Global Configuration mode as shown below:
MOT:7A(config)#mpls ldp router-id {cable <X/Y> | ethernet <X/Y> |
gigaether <X/Y>| loopback <1-255> | pos <X/Y> | tunnel <0-255>} [force]
where:
cable specifies the CMTS interface.
ethernet specifies the Ethernet interface.
gigaether specifies the Gigabit Ethernet address.
loopback specifies the loopback interface.
0-255 specifies the loopback number.
pos specifies the Packet-over-SONET interface.
tunnel specifies the tunnel interface.
X is the slot number.
Y is the port number.
0-255 specifies the tunnel number.
force optionally forces the use of the named interface as the LDP router ID.
The force is changed immediately if the interface is operational.
Note: The specified interface must be operational in order for its IP address
to be used as the LDP router ID.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-6 Compass ID: 391459945 Version 2
Use the mpls ldp router-id force command in Global Configuration mode to
immediately switch to the IP address of the operational interface, which causes
any existing LDP sessions to end, releases label bindings learned through these
LDP sessions, and interrupts MPLS forwarding activity associated with its
bindings:
MOT:7A(config)#mpls ldp router-id force
Changing the Transport Address for LDP Discovery
LDP Discovery provides a mechanism for the BSR to advertise its transport address.
The transport address advertisement itself may appear in the contents of Discovery
Hello messages sent to the other router or may not appear in these messages, in which
case the other router uses the source IP address of received Hello messages for the
peers transport address.
The establishment of an LDP session between two routers requires a session (TCP
connection) through which label advertisements can be exchanged between two
routers, which are also referred to as peers. To establish the session, each router must
know the transport address (IP address) of the other router. By default, LDP
advertises the router ID as its transport address in the LDP Discovery Hello messages
sent from the interface.
Note: If the interface is disabled (down) when this command is issued, the
LDP router ID is forced to change to the interface IP address when the
interface is operational.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-7
Follow these steps to change the transport IP address for LDP discovery:
1. Use the mpls ldp discovery transport-address command in Interface
Configuration mode if you need to change the IP address that is advertised in
LDP Discovery Hello messages sent on this interface:
MOT:7A(config-if)#mpls ldp discovery transport-address [interface |
<A.B.C.D>]
where:
interface uses its IP address for the LDP transport address.
A.B.C.D defines an IP address other than the interface IP address for the LDP
transport address.
2. Use the no mpls label protocol ldp command to disable LDP on this BGP/MPLS
interface.
3. Use the mpls label protocol ldp command to re-enable LDP on this BGP/MPLS
interface.
4. Use the show mpls ldp discovery command to verify that LDP Discovery Hello
messages are being sent on this interface.
For example:
The following example assumes that the LDP transport address for Ethernet interface
0 on the 10/100 Ethernet module in Slot 12 is the interface IP address, and it also
specifies that the IP address 10.33.0.36 for Ethernet interface 1 on the 10/100 Ethernet
module in Slot 12 is the LDP transport address.
MOT:7A(config)#interface ethernet 12/1
MOT:7A(config-if)#mpls ldp discovery transport-address 10.33.0.36
MOT:7A(config-if)#exit
MOT:7A(config)#interface ethernet 12/0
MOT:7A(config-if)#mpls ldp discovery transport-address interface
Note: When the BSR has multiple links connecting it to the same peer
device, the BSR must advertise the same transport address in the LDP
Discovery Hello messages it sends on all such interfaces.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-8 Compass ID: 391459945 Version 2
Controlling LDP Label Advertisements
By default, labels of all destinations are advertised to all LDP neighbors. Multiple
mpls ldp advertise-labels commands can be issued to determine how the LSR
advertises local labels.
Follow these guidelines for using multiple mpls ldp advertise-label commands:
Every mpls ldp advertise-labels command has a (prefix access list, peer access
list) pair associated with it. The access list pair associated with the mpls ldp
advertise-labels command (in the absence of both the for and to keywords) is
none and none; the access list pair associated with the mpls ldp advertise-labels
command with a prefix access list (in the absence of the to keyword) is the prefix
access list and none.
A given prefix can have, at most, one (prefix access list, peer access list) pair that
applies to it, as described below:
a. A given (prefix access list, peer access list) pair applies to a prefix only
if the prefix access list matches the prefix. A match occurs if the prefix
access list permits the prefix.
b. If more than one (prefix access list, peer access list) pair from multiple
mpls ldp advertise-labels commands matches a prefix, the (prefix access
list, peer access list) pair in the first such command (as determined by the
show running-config command) applies to the prefix.
When an LSR is ready to advertise a label for a prefix, the LSR:
a. Determines whether a (prefix access list, peer access list) pair applies to
the prefix.
b. If none applies, and if the no mpls ldp advertise-labels command has been
configured, the label for the prefix is not advertised to any peer;
otherwise, the label is advertised to all peers.
c. If a (prefix access list, peer access list) pair applies to the prefix, and if the
prefix access list denies the prefix, the label is not advertised to any
peer.
d. If the prefix access list permits the prefix and the peer access list is none
(that is, the command that applies to the prefix is an mpls ldp
advertise-labels command for the prefix access list without the to
keyword), then the label is advertised to all peers.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-9
e. If the prefix access list permits the prefix and there is a peer access list,
then the label is advertised to all peers permitted by the peer access list.
Configuring LDP Advertise Labels
Optionally issue the mpls ldp advertise-labels command in Global Configuration
mode to permit the BSR to advertise labels for a specified destination access list only:
MOT:7A(config)#mpls ldp advertise-labels [for <1-99> [to <1-99>]]
where:
for specifies which destinations should have their labels advertised with the
prefix access list number.
1-99 is the prefix access list number.
to specifies which LDP peer (neighbor) access list number should receive label
advertisements.
1-99 is the peer access list number.
The BSR can be configured to distribute label advertisements for specified networks
by either configuring an access list, which permits the specified network, or
configuring an access list that denies the unwanted network.
Example 1: Distribute Label Advertisements for Specified Networks
Figure 3-2 shows how to configure an access-list to distribute label advertisements for
the specified networks only:
Figure 3-2 Distribute Label Advertisements for Specified Networks
The result is that the BSR distributes label advertisements for the 185.1.0.0 and
19.19.0.0 networks only.
BSR:7A(config)#access-list 1 permit 185.1.0.0 0.0.255.255
BSR:7A(config)#access-list 1 permit 19.19.0.0 0.0.255.255
BSR:7A(config)#mpls ldp advertise-labels for 1
BSR:7A(config)#no mpls ldp advertise-labels
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-10 Compass ID: 391459945 Version 2
Example 2: Exclude a Label Advertisement for an Unwanted Network
Figure 3-3 shows how to configure an access list that excludes a label for the
unwanted network only:
Figure 3-3 Exclude a Label Advertisement for an Unwanted Network
The result is that the BSR advertises labels for all networks except the 16.1.1.0
network.
Configuring LDP Accept Labels
Optionally issue the mpls ldp accept-labels command in Global Configuration mode
to permit the BSR to accept labels only for a specified destination access list:
MOT:7A(config)#mpls ldp accept-labels [for <1-99> [from <1-99>]]
where:
for specifies which destination(s) should have their labels accepted.
1-99 is the prefix access list number.
from specifies which LDP neighbors should have their labels accepted
1-99 is the peer access list number.
Note: Use the no argument to prevent the distribution of any locally-assigned
labels.
BSR:7A(config)#access-list 1 deny 16.1.1.0 0.0.0.255
BSR:7A(config)#mpls ldp advertise-labels for 1
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-11
The BSR can be configured to accept labels for specified networks by either
configuring an access list, which permits the specified networks, or configuring an
access list that denies the unwanted network.
Example 1: Accept Labels for Specified Networks
Figure 3-4 shows how to configure an access-list to accept labels for the specified
networks only:
Figure 3-4 Accept Labels for Specified Networks
The result is that the BSR accepts labels for the 185.1.0.0 and 19.19.0.0 networks
only.
Example 2: Exclude a Label for an Unwanted Network
Figure 3-5 shows how to configure an access list that excludes a label for the
unwanted network only:
Figure 3-5 Exclude a Label for an Unwanted Network
The result is that the BSR accepts labels for all networks except the 16.1.1.0 network.
BSR:7A(config)#access-list 1 permit 185.1.0.0 0.0.255.255
BSR:7A(config)#access-list 1 permit 19.19.0.0 0.0.255.255
BSR:7A(config)#mpls ldp accept-labels for 1
BSR:7A(config)#no mpls ldp accept-labels
BSR:7A(config)#access-list 1 deny 16.1.1.0 0.0.0.255
BSR:7A(config)#mpls ldp accept-labels for 1
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-12 Compass ID: 391459945 Version 2
Managing the LDP Session
LDP sessions can be established between directly and non-directly connected LSRs.
Additionally, multiple LDP sessions can be established between two LSRs.
The following sections describe how to optionally manage LDP session parameters:
Adjusting the LDP Session Hold Time
Encrypting a Session with a Neighbor LDP Router
Changing the LDP Session Backoff Setting
Changing LDP Discovery Hello Message Parameters
Changing LDP Discovery Targeted Hello Message Parameters
Accepting Discovery Messages from Neighbors
Adjusting the LDP Session Hold Time
When an LDP session is established between two LSRs, the session hold time is the
lesser of the two values configured on the two LSRs. The session hold time defines
the time that an LDP session is maintained in the absence of LDP messages from the
the peer router. Use the mpls ldp holdtime command in Global Configuration mode
to change the time for which an LDP session is maintained in the absence of LDP
messages from the session peer:
MOT:7A(config)#mpls ldp holdtime <15-300>
where:
15-300 is a number between 15 and 300 that is inclusive and defines the time in
seconds that an LDP session is maintained in the absence of LDP messages from
the session peer. The default value for the LDP session hold time is 180 seconds.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-13
Encrypting a Session with a Neighbor LDP Router
Use the mpls ldp neighbor password command in Global Configuration mode to
encrypt a TCP session with a neighbor LDP Router. This command lets you configure
an encrypted password key. The key is used with the TCP Message Digest 5 (MD5)
Signature Option for the TCP connection with the specified neighbor LDP router.
MOT:7A(config)#mpls ldp neighbor <A.B.C.D> password {0 | 7} <LINE>
where:
A.B.C.D is the IP address of the LDP neighbor router.
0 specifies that the password is not encrypted.
7 specifies that the password is encrypted.
LINE is the specified password
Changing the LDP Session Backoff Setting
The LDP backoff mechanism prevents two LSRs that are not configured in a
compatible way from engaging in an un-throttled sequence of session setup failures. If
a session setup attempt fails due to a configuration incompatibility, each LSR delays
its next attempt (backs off) increasing the delay exponentially with each successive
failure until the maximum backoff delay is reached.
The default LDP backoff setting is 15 seconds and automatically expands to a
maximum of 120 seconds. Change the default values only if they result in undesirable
behavior.
Use the mpls ldp backoff command in Global Configuration mode to configure LDP
backoff settings:
MOT:7A(config)#mpls ldp backoff {<5-300> <5-300>}
where:
5-300 is the initial backoff value in seconds.
5-300 is the maximum backoff value in seconds.
Note: In accordance with RFC 3036, authentication must be configured on
both LDP peers using the same password; otherwise, the peer session is not
established.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-14 Compass ID: 391459945 Version 2
Changing LDP Discovery Hello Message Parameters
The default value for the holdtime interval is 15 seconds for Hello link messages and
45 seconds for targeted Hello messages. The default value for the interval argument
is 5 seconds.
Use the mpls ldp discovery hello command in Global Configuration mode to
configure the interval between transmission of LDP discovery Hello messages:
MOT:7A(config)#mpls ldp discovery hello {holdtime <1-300> | interval
<1-100>}
where:
hello specifies the interval and hold time for directly connected neighbors.
holdtime is the period of time a discovered LDP neighbor is remembered without
receipt of an LDP Hello message from the neighbor. The default is 15 seconds.
1-300 is the hold time in seconds.
interval is the period of time between the sending of consecutive Hello messages.
1-100 is the interval time in seconds.
Changing LDP Discovery Targeted Hello Message Parameters
Targeted Hello messages are not accepted from any neighbor by default. Use the mpls
ldp discovery targeted-hello command in Global Configuration mode to configure
the intervals and hold times for neighbors that are not directly connected (for
example, LDP sessions that run between the endpoints of an LSP tunnel):
MOT:7A(config)#mpls ldp discovery targeted-hello {holdtime <1-300> |
interval <1-100>}
where:
holdtime is the period of time a discovered LDP neighbor is remembered without
receipt of an LDP Hello message from the neighbor. The default holdtime is 45
seconds.
1-300 is the hold time in seconds.
interval is the period of time between the sending of consecutive Hello messages.
The default interval time is 5 seconds.
1-100 is the interval time in seconds.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-15
Accepting Discovery Messages from Neighbors
Use the mpls ldp discovery targeted-hello accept command in Global Configuration
mode to configure the BSR to respond to requests for targeted Hello messages from
all neighbors or from neighbors specified by the optional access list argument:
MOT:7A(config)#mpls ldp discovery targeted-hello accept [from <1-99>]
where:
accept accepts all targeted sessions.
from <1-99> selects the IP access list number from 1 to 99 that specifies the
neighbor from which requests for targeted Hello messages are accepted.
LDP Network Configuration Example
Figure 3-6 provides a sample configuration diagram of an MPLS LDP network for
BSR 1, BSR 2, and BSR 3. The configuration for each of these BSRs is described in
the following sections:
Figure 3-6 MPLS LDP Network Diagram
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-16 Compass ID: 391459945 Version 2
BSR 1 Configuration
The configuration example in Figure 3-7 accomplishes the following tasks:
Dynamic MPLS forwarding for IP is enabled.
An IP address and subnetwork mask is entered for the POS interface.
The POS interface is enabled.
LDP is enabled on this POS interface.
LDP Discovery Hello messages sent on this POS interface uses its interface IP
address for the LDP transport address.
Figure 3-7 Configuring the POS Interface on BSR 1
The configuration example in Figure 3-8 configures the OSPF networks associated
with BSR 1 that are included in Area 0, which allows BSR 1 to learn the destination
and establish the LSP:
Figure 3-8 Configuring the OSPF Networks Associated with BSR 1
The configuration example in Figure 3-9 creates an access list (1) and permits BSR 1
to accept labels only for the 185.1.0.0 network, which is the LSP destination:
Figure 3-9 Configuring an Access List for BSR 1
BSR1:7A(config)#mpls ip
BSR1:7A(config)#interface pos 3/0
BSR1:7A(config-if)#ip address 192.168.16.68 255.255.255.0
BSR1:7A(config-if)#no shutdown
BSR1:7A(config-if)#mpls label protocol ldp
BSR1:7A(config-if)#mpls ldp discovery transport-address interface
BSR1:7A(config-if)#exit
BSR1:7A(config)#router ospf
BSR1:7A(config-ospf)#network 192.168.16.0 0.0.0.255 area 0
BSR1:7A(config-ospf)#network 19.19.0.0 0.0.255.255 area 0
BSR1:7A(config-ospf)#exit
BSR1:7A(config)#access-list 1 permit 185.1.0.0 0.0.255.255
BSR1:7A(config)#no mpls ldp accept-labels
BSR1:7A(config)#mpls ldp accept-labels for 1
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-17
Checking the BSR 1 Configuration
Figure 3-10 displays information for all the interfaces that are enabled for LDP, which
in this instance is the POS 3/0 interface.
Figure 3-10 show mpls ldp interface Command Output for BSR 1
Figure 3-11 displays the configured LSPs for incoming and outgoing labels associated
with the prefix or tunnel ID and the status of these LSPs.
Figure 3-11 show mpls lsp protocol Command Output for BSR 1
BSR1:7A#show mpls ldp interface
Interface Ldp ID NbrCount Next Hello(sec)
pos 3/0 192.168.16.68:0 1 1
BSR64000_1:7A#show mpls lsp
Total LSPs : 3
Incoming Outgoing Prefix or Protocol Outgoing Next Hop LSP DataPath
label label TunnelId interface State State
-------- -------- ----------------- ---------- ------------- -------------- ------ --------
1031 - 19.19.0.0/16 LDP - - up up
1032 - 192.168.16.0/24 LDP - - up up
- 1040 185.1.0.0/16 LDP pos 3/0 192.168.16.66 up up
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-18 Compass ID: 391459945 Version 2
Figure 3-12 displays label information base (LIB) information for BSR 1 which
describes the labels advertised for networks 185.1.0.0, 19.19.0.0, and 192.168.16.0.
The prefix is the IP Address and mask for the destination. The remote binding output
field gives a list of outgoing labels for this destination learned from other LSRs. Each
item in this list identifies the LSR from which the outgoing label was learned and the
label itself. The LSR is identified by its LDP identifier. The local binding output field
shows the labels assigned by the local LSR.
Figure 3-12 show mpls ldp bindings Command Output for BSR 1
Figure 3-13 displays the operational status of BSR 1 neighbor LDP sessions:
Figure 3-13 show mpls ldp neighbor Command Output for BSR 1
BSR1:7A#show mpls ldp bindings
19.19.0.0/16, rev 0
local binding: label: 1031
remote binding: lsr: 195.168.16.65:0, label: -
192.168.16.0/24, rev 0
local binding: label: 1032
remote binding: lsr: 195.168.16.65:0, label: -
185.1.0.0/16, rev 0
local binding: label: -
remote binding: lsr: 195.168.16.65:0, label: 1040
BSR1:7A#show mpls ldp neighbor
Peer LDP Ident: 195.168.16.65:0; Local LDP Ident: 192.168.16.68:0
TCP connection: 192.168.16.66.646 - 192.168.16.68.0
State: Oper; Msgs sent/rcvd: 102/103; Downstream unsolicited
Up time: 00:23:52
LDP discovery sources:
pos 3/0
Addresses bound to peer LDP Ident:
195.168.16.65
192.168.16.66
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-19
BSR 2 Configuration
The configuration example in Figure 3-14 accomplishes the following tasks:
Dynamic MPLS forwarding for IP is enabled.
An IP address and subnetwork mask is entered for the POS interface.
The POS interface is enabled.
LDP is enabled on this POS interface.
LDP Discovery Hello messages sent on this POS interface uses its interface IP
address for the LDP transport address.
Figure 3-14 Configuring the POS Interface on BSR 2
The configuration example in Figure 3-15 accomplishes the following tasks:
An IP address and subnetwork mask is entered for the Gigabit Ethernet interface.
The Gigabit Ethernet interface is enabled.
LDP is enabled on this Gigabit Ethernet interface.
LDP Discovery Hello messages sent on this Gigabit Ethernet interface uses its
interface IP address for the LDP transport address.
Figure 3-15 Configuring the Gigabit Ethernet Interface on BSR 2
BSR2:7A(config)#mpls ip
BSR2:7A(config)#interface pos 11/0
BSR2:7A(config-if)#ip address 192.168.16.66 255.255.255.0
BSR2:7A(config-if)#no shutdown
BSR2:7A(config-if)#mpls label protocol ldp
BSR2:7A(config-if)#mpls ldp discovery transport-address interface
BSR2:7A(config-if)#exit
BSR2:7A(config)#interface gigaether 4/0
BSR2:7A(config-if)#ip address 195.168.16.65 255.255.255.0
BSR2:7A(config-if)#no shutdown
BSR2:7A(config-if)#mpls label protocol ldp
BSR2:7A(config-if)#mpls ldp discovery transport-address interface
BSR2:7A(config-if)#exit
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-20 Compass ID: 391459945 Version 2
The configuration example in Figure 3-16 configures the OSPF networks associated
with BSR 2 that are included in Area 0, which allows BSR 2 to learn the destination
and establish the LSP:
Figure 3-16 Configuring the OSPF Networks Associated with BSR 2
The configuration example in Figure 3-17 creates an access list (1) and permits BSR 2
to advertise labels only for the 185.1.0.0 and 19.19.0.0 networks, which are the LSP
destinations:
Figure 3-17 Configuring an Access List for BSR 2
Checking the BSR 2 Configuration
Figure 3-18 displays information for all the interfaces that are enabled for LDP, which
in this instance is the Gigabit Ethernet 4/0 and POS 11/0 interface on BSR 2
Figure 3-18 show mpls ldp interface Command Output for BSR 2
BSR2:7A(config)#router ospf
BSR2:7A(config-ospf)#network 195.168.16.64 0.0.0.3 area 0
BSR2:7A(config-ospf)#network 192.168.16.0 0.0.0.255 area 0
BSR2:7A(config-ospf)#exit
BSR2:7A(config)#access-list 1 permit 185.1.0.0 0.0.255.255
BSR2:7A(config)#access-list 1 permit 19.19.0.0 0.0.255.255
BSR2:7A(config)#mpls ldp advertise-labels for 1
BSR2:7A(config)#no mpls ldp advertise-labels
BSR2:7A#show mpls ldp interface
Interface Ldp ID NbrCount Next Hello(sec)
gigaether 4/0 195.168.16.65:0 1 4
pos 11/0 195.168.16.65:0 1 3
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-21
Figure 3-19 displays the configured LSPs for incoming and outgoing labels associated
with the prefix or tunnel ID and the status of these LSPs:
Figure 3-19 show mpls lsp Command Output for BSR 2
Figure 3-20 displays label information base (LIB) information for BSR 2 which
describes the labels advertised for networks 185.1.0.0 and 19.19.0.0. The prefix is the
IP Address and mask for the destination. The remote binding output field gives a list
of outgoing labels for this destination learned from other LSRs. Each item in this list
identifies the LSR from which the outgoing label was learned and the label itself. The
LSR is identified by its LDP identifier. The local binding output field shows the labels
assigned by the local LSR.
Figure 3-20 show mpls ldp bindings Command Output for BSR 2
BSR2:7A#show mpls lsp
Total LSPs : 4
Incoming Outgoing Prefix or Protocol Outgoing Next Hop LSP DataPath
label label TunnelId interface State State
-------- -------- ----------------- ---------- ------------- -------------- ------ --------
1040 1026 185.1.0.0/16 LDP gigaether 4/0 195.168.16.66 up up
1036 1031 19.19.0.0/16 LDP pos 11/0 192.168.16.68 up up
- 1026 185.1.0.0/16 LDP gigaether 4/0 195.168.16.66 up up
- 1031 19.19.0.0/16 LDP pos 11/0 192.168.16.68 up up
BSR64000_2:7A#show mpls ldp bindings
19.19.0.0/16, rev 0
local binding: label: 1036
remote binding: lsr: 195.168.16.66:0, label: -
185.1.0.0/16, rev 0
local binding: label: -
remote binding: lsr: 195.168.16.66:0, label: 1026
185.1.0.0/16, rev 0
local binding: label: 1040
remote binding: lsr: 192.168.16.68:0, label: -
19.19.0.0/16, rev 0
local binding: label: -
remote binding: lsr: 192.168.16.68:0, label: 1031
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-22 Compass ID: 391459945 Version 2
Figure 3-21 displays the operational status of BSR 2 neighbor LDP sessions:
Figure 3-21 show mpls ldp neighbor Command Output for BSR 2
BSR 3 Configuration
The configuration example in Figure 3-22 accomplishes the following tasks:
Dynamic MPLS forwarding for IP is enabled.
An IP address and subnetwork mask is entered for the Ethernet interface.
The Ethernet interface is enabled.
Figure 3-22 Configuring the Ethernet Interface on BSR 3
BSR2:7A#show mpls ldp neighbor
Peer LDP Ident: 195.168.16.66:0; Local LDP Ident: 195.168.16.65:0
TCP connection: 195.168.16.66.1027 - 195.168.16.65.646
State: Oper; Msgs sent/rcvd: 118/116; Downstream unsolicited
Up time: 00:26:57
LDP discovery sources:
gigaether 4/0
Addresses bound to peer LDP Ident:
185.1.1.3
195.168.16.66
Peer LDP Ident: 192.168.16.68:0; Local LDP Ident: 195.168.16.65:0
TCP connection: 192.168.16.68.1026 - 192.168.16.66.646
State: Oper; Msgs sent/rcvd: 115/114; Downstream unsolicited
Up time: 00:26:54
LDP discovery sources:
pos 11/0
Addresses bound to peer LDP Ident:
19.19.1.1
192.168.16.68
BSR3:7A(config)#mpls ip
BSR3:7A(config)#interface ethernet 5/1
BSR3:7A(config-if)#ip address 185.1.1.3 255.255.0.0
BSR3:7A(config-if)#no shutdown
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-23
The configuration example in Figure 3-23 accomplishes the following tasks:
An IP address and subnetwork mask is entered for the Gigabit Ethernet interface.
The Gigabit Ethernet interface is enabled.
LDP is enabled on this Gigabit Ethernet interface.
LDP Discovery Hello messages sent on this Gigabit Ethernet interface uses its
interface IP address for the LDP transport address.
Figure 3-23 Configuring the Gigabit Ethernet Interface on BSR 3
The configuration example in Figure 3-24 configures the OSPF networks associated
with BSR 3 that are included in Area 0, which allows BSR 3 to learn the destination
and establish the LSP:
Figure 3-24 Configuring the OSPF Networks Associated with BSR 3
The configuration example in Figure 3-25 creates an access list (1) and permits BSR 3
to advertise labels only for the 185.1.0.0 network, which is the LSP destination:
Figure 3-25 Configuring an Access List for BSR 3
BSR3:7A(config)#interface gigaether 4/0
BSR3:7A(config-if)#ip address 195.168.16.66 255.255.255.252
BSR3:7A(config-if)#no shutdown
BSR3:7A(config-if)#mpls label protocol ldp
BSR3:7A(config-if)#mpls ldp discovery transport-address interface
BSR3:7A(config-if)#exit
BSR3:7A(config)#router ospf
BSR3:7A(config-ospf)#network 195.168.16.64 0.0.0.3 area 0
BSR3:7A(config-ospf)#network 185.1.0.0 0.0.255.255 area 0
BSR3:7A(config-ospf)#exit
BSR3:7A(config)#access-list 1 permit 185.1.0.0 0.0.255.255
BSR3:7A(config)#mpls ldp advertise-labels for 1
BSR3:7A(config)#no mpls ldp advertise-labels
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-24 Compass ID: 391459945 Version 2
Checking the BSR 3 Configuration
Figure 3-26 displays information for all the interfaces that are enabled for LDP, which
in this instance is the gigaether 4/0 interface
Figure 3-26 show mpls ldp interface Command Output for BSR 3
Figure 3-27 displays the configured LSPs for incoming and outgoing labels associated
with the prefix or tunnel ID and the status of these LSPs:
Figure 3-27 show mpls lsp Command Output for BSR 3
Figure 3-28 displays label information base (LIB) information for BSR 3 which
describes the labels advertised for networks 185.1.0.0 and 19.19.0.0. The prefix is the
IP Address and mask for the destination. The remote binding output field gives a list
of outgoing labels for this destination learned from other LSRs. Each item in this list
identifies the LSR from which the outgoing label was learned and the label itself. The
LSR is identified by its LDP identifier. The local binding output field shows the labels
assigned by the local LSR
Figure 3-28 show mpls ldp bindings Command Output for BSR 3
BSR3:7A#show mpls ldp interface
Interface Ldp ID NbrCount Next Hello(sec)
gigaether 4/0 195.168.16.66:0 1 3
BSR3:7A# show mpls lsp
Total LSPs: 2
Incoming Outgoing Prefix or Protocol Outgoing Next Hop LSP DataPath
label label TunnelId interface State State
-------- -------- ----------------- ---------- ------------- -------------- ------ --------
1026 - 185.1.0.0/16 LDP - - up up
- 1036 19.19.0.0/16 LDP gigaether 4/0 195.168.16.65 up up
BSR3:7A#show mpls ldp bindings
185.1.0.0/16, rev 0
local binding: label: 1026
remote binding: lsr: 195.168.16.65:0, label: -
19.19.0.0/16, rev 0
local binding: label: -
remote binding: lsr: 195.168.16.65:0, label: 1036
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-25
Figure 3-29 displays the operational status of BSR 3 neighbor LDP sessions:
Figure 3-29 show mpls ldp neighbor Command Output for BSR 3
Monitoring the Start of an LDP Session
Follow these steps to monitor the start of a typical LDP session:
1. Use the debug mpls ldp session state-machine command in any modes except
User EXEC mode to display information about operational state transitions for
the LDP session as shown in Figure 3-30.
Note: The debug command output displayed for BSR 1 shows LDP session
data under normal circumstances.
Note: You should see an "OPERATIONAL" message once the LDP session
is operational
BSR3:7A#show mpls ldp neighbor
Peer LDP Ident: 195.168.16.65:0; Local LDP Ident: 195.168.16.66:0
TCP connection: 195.168.16.65.646 - 195.168.16.66.0
State: Oper; Msgs sent/rcvd: 123/125; Downstream unsolicited
Up time: 00:28:43
LDP discovery sources:
gigaether 4/0
Addresses bound to peer LDP Ident:
192.168.16.66
195.168.16.65
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-26 Compass ID: 391459945 Version 2
Figure 3-30 debug mpls ldp session state-machine Command Output for BSR 1
2. Use the debug mpls ldp bindings command once the LDP session is operational
to display information about learned addresses and label bindings. The command
also provides information to verify that bindings are getting distributed correctly,
as shown in Figure 3-31:
Figure 3-31 debug mpls ldp bindings Command Output for BSR 1
BSR1:7A#debug mpls ldp session state-machine
LDP session state machine debugging is on
[07/26-10:29:11.29- 07:LDP]-D-Session created, peer: 192.168.16.66, ACTIVE role
state NON_EXISTENT
[07/26-10:29:11.91- 07:LDP]-D-Session peer: 192.168.16.66, ACTIVE role
Event: Xport conn established; state NON_EXISTENT -> INITIALIZED
[07/26-10:29:11.91- 07:LDP]-D-Session peer: 192.168.16.66, ACTIVE role
Event: Transmit Init msg; state INITIALIZED -> OPENSENT
[07/26-10:29:12.91- 07:LDP]-D-Session peer: 192.168.16.66, ACTIVE role
Event: Recv Init msg; state OPENSENT -> OPENREC
[07/26-10:29:13.91- 07:LDP]-D-Session peer: 192.168.16.66, ACTIVE role
Event: Recv Keepalive msg; state OPENREC -> OPERATIONAL
BSR1:7A#debug mpls ldp bindings
LDP binding changes debugging is on
[07/26-10:23:26.91- 07:LDP]-D-address 192.168.16.66 from peer 195.168.16.65:0
added
[07/26-10:23:26.91- 07:LDP]-D-address 195.168.16.65 from peer 195.168.16.65:0
added
[07/26-10:23:26.91- 07:LDP]-D-(185.1.0.0/16): label 1040 from peer
195.168.16.65:0 added
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-27
3. Use the debug mpls ldp messages all command to display all LDP messages
sent to or received from peers.
Figure 3-32 debug mpls ldp messages all Command Output for BSR 1
LDP Commands
The commands in this section are implemented to configure and control the operation
of the Label Distribution Protocol (LDP), display LDP parameters, and debug LDP.
BSR1:7A#debug mpls ldp messages all
LDP message debugging is on
[07/26-13:51:15.74- 07:LDP]-D-Recving Hello msg on interface pos 3/0
[07/26-13:51:15.91- 07:LDP]-D-Sending Hello msg on interface pos 3/0
[07/26-13:51:20.76- 07:LDP]-D-Recving Hello msg on interface pos 3/0
[07/26-13:51:20.91- 07:LDP]-D-Sending Hello msg on interface pos 3/0
[07/26-13:51:25.74- 07:LDP]-D-Recving Hello msg on interface pos 3/0
[07/26-13:51:25.91- 07:LDP]-D-Sending Hello msg on interface pos 3/0
[07/26-13:51:26.91- 07:LDP]-D-Sending Keepalive msg to 195.168.16.65:0
[07/26-13:51:26.91- 07:LDP]-D-Receving Keepalive msg from 195.168.16.65:0
[07/26-13:51:30.73- 07:LDP]-D-Recving Hello msg on interface pos 3/0
[07/26-13:51:30.91- 07:LDP]-D-Sending Hello msg on interface pos 3/0
[07/26-13:51:35.73- 07:LDP]-D-Recving Hello msg on interface pos 3/0
[07/26-13:51:35.91- 07:LDP]-D-Sending Hello msg on interface pos 3/0
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-28 Compass ID: 391459945 Version 2
mpls label protocol ldp
The mpls label protocol ldp command enables the Label Distribution Protocol
(LDP) on a BSR interface. Use the no argument to restore the command default.
Group Access
All
Command Mode
Interface Configuration
Command Line Usage
mpls label protocol ldp
no mpls label protocol ldp
Command Default
Disabled
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-29
mpls ldp accept-labels
The mpls ldp accept-labels command permits the BSR to accept labels only for a
specified destination access list. Use the no argument to restore the command default.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp accept-labels [for <1-99> from <1-99>]
no mpls ldp accept-labels [for <1-99> from <1-99>]
Command Syntax
Command Default
LDP accepts labels for all prefixes.
for <1-99> Specifies which destination(s) should have
their labels accepted with the prefix access
list number from 1 to 99.
from <1-99> Specifies which LDP neighbor should have
their labels accepted with the peer access list
number from 1 to 99.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-30 Compass ID: 391459945 Version 2
mpls ldp advertise-labels
By default, labels of all destinations are advertised to all LDP neighbors. Multiple
mpls ldp advertise-labels commands can be issued to determine how the LSR
advertises local labels.
Follow these guidelines for using multiple mpls ldp advertise-label commands:
Every mpls ldp advertise-labels command has a (prefix access list, peer access
list) pair associated with it. The access list pair associated with the mpls ldp
advertise-labels command (in the absence of both the for and to keywords) is
none and none; the access list pair associated with the mpls ldp advertise-labels
command with a prefix access list (in the absence of the to keyword) is the prefix
access list and none.
A given prefix can have, at most, one (prefix access list, peer access list) pair that
applies to it, as described below:
a. A given (prefix access list, peer access list) pair applies to a prefix only
if the prefix access list matches the prefix. A match occurs if the prefix
access list permits the prefix.
b. If more than one (prefix access list, peer access list) pair from multiple
mpls ldp advertise-labels commands matches a prefix, the (prefix access
list, peer access list) pair in the first such command (as determined by the
show running-config command) applies to the prefix.
When an LSR is ready to advertise a label for a prefix, the LSR:
a. Determines whether a (prefix access list, peer access list) pair applies to
the prefix.
b. If none applies, and if the no mpls ldp advertise-labels command has been
configured, the label for the prefix is not advertised to any peer;
otherwise, the label is advertised to all peers.
c. If a (prefix access list, peer access list) pair applies to the prefix, and if the
prefix access list denies the prefix, the label is not advertised to any
peer.
d. If the prefix access list permits the prefix and the peer access list is none
(that is, the command that applies to the prefix is an mpls ldp
advertise-labels command for the prefix access list without the to
keyword), then the label is advertised to all peers.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-31
e. If the prefix access list permits the prefix and there is a peer access list,
then the label is advertised to all peers permitted by the peer access list.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp advertise-labels [for <1-99> [to <1-99>]]
no mpls ldp advertise-labels [for <1-99> [to <1-99>]]
Command Syntax
Command Default
The labels of all destinations are advertised to all LDP neighbors.
for <1-99> Specifies which destinations should have
their labels advertised with the prefix access
list number.
to <1-99> Can be used to specify which LDP peer
access list number should receive label
advertisements.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-32 Compass ID: 391459945 Version 2
mpls ldp backoff
The LDP backoff mechanism prevents two LSRs that are not configured in a
compatible way from engaging in an unthrottled sequence of session setup failures. If
a session setup attempt fails due to a configuration incompatibility, each LSR delays
its next attempt (backs off) increasing the delay exponentially with each successive
failure until the maximum backoff delay is reached.
The mpls ldp backoff command configures parameters for LDP backoff mechanism.
Use the no argument to restore the command default.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp backoff <5-300> <5-300>
no mpls ldp backoff <5-300> <5-300>
Command Syntax
Command Default
The default settings correspond to the lowest settings for initial and maximum backoff
values defined by the LDP protocol specification. Fifteen seconds is the initial value
and two minutes (120 seconds) is the final value. Change the default values only if the
default values result in undesirable behavior.
5-300 Defines the initial backoff value in seconds.
5-300 Defines the maximum backoff value in
seconds
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-33
mpls ldp discovery hello
Use the mpls ldp discovery hello command in Global Configuration mode to
configure the interval between transmission of LDP discovery Hello messages or the
hold time for a discovered LDP neighbor. Use the no argument to restore the
command default.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp discovery hello {holdtime <1-300> | interval <1-100>}
no mpls ldp discovery hello {holdtime <1-300> | interval <1-100>}
Command Syntax
Command Default
15 second holdtime interval.
5 second consecutive Hello message interval
hello
Specifies the interval and hold time for
directly connected neighbors.
holdtime <1-300> The period of time in seconds that a
discovered LDP neighbor is remembered
without receipt of an LDP Hello message
from the neighbor. The default is 15 seconds.
interval <1-100> The period of time in seconds between the
sending of consecutive Hello messages.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-34 Compass ID: 391459945 Version 2
mpls ldp discovery targeted-hello
The mpls ldp discovery targeted-hello command configures the interval between
transmission of LDP discovery Hello messages between neighbors that are not
directly connected, or the hold time for a discovered targeted LDP neighbor. Use the
no argument to restore the holdtime and interval arguments to their respective
defaults.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp discovery targeted-hello {holdtime <1-300> | interval <1-100>}
no mpls ldp discovery targeted-hello {holdtime <1-300> | interval <1-100>}
Command Syntax
Command Defaults
Holdtimes: 45 seconds, Hello: 5 seconds
targeted-hello Configures the intervals and hold times for
neighbors that are not directly connected (for
example, LDP sessions that run between the
endpoints of an LSP tunnel)
holdtime Defines the period of time a discovered LDP
neighbor is remembered without receipt of an
LDP Hello message from the neighbor.
1-300 Specifies the hold time in seconds.
interval Defines the period of time between the
sending of consecutive Hello messages.
1-100 The period of time in seconds between the
sending of consecutive Hello messages.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-35
mpls ldp discovery targeted-hello accept
Use the mpls ldp discovery targeted-hello accept command to configure the BSR to
respond to requests for targeted Hello messages from all neighbors or from neighbors
specified by the optional access list argument. Use the no argument to disable this
feature.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp discovery targeted-hello accept [from <1-99>]
no mpls ldp discovery targeted-hello accept [from <1-99>]
Command Syntax
Command Defaults
Disabled
accept Accepts all targeted sessions.
from <1-99> Specifies the IP access list number from
which the neighbor accepts requests for
targeted Hello messages.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-36 Compass ID: 391459945 Version 2
mpls ldp discovery transport-address
The mpls ldp discovery transport-address command specifies the transport address
advertised in LDP Discovery Hello messages sent from an interface. Use the no
argument to disable this feature.
Group Access
All
Command Mode
Interface Configuration
Command Line Usage
mpls ldp discovery transport-address [interface | <A.B.C.D>]
no mpls ldp discovery transport-address [interface | <A.B.C.D>]
Command Syntax
Command Default
The router ID.
interface Use the interface IP address for LDP transport
address.
A.B.C.D Define an IP address for the LDP transport
address.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-37
mpls ldp holdtime
When an LDP session is established between two LSRs, the session hold time is the
lesser of the two values configured on the two LSRs. The mpls ldp holdtime
command changes the time for which an LDP session is maintained in the absence of
LDP messages from the session peer. Use the no argument to restore the command
default.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp holdtime <15-300>
no mpls ldp holdtime <15-300>
Command Syntax
Command Default
180 seconds
15-300 Select a number between 15 and 300 that is
inclusive and defines the time in seconds that
an LDP session is maintained in the absence
of LDP messages from the session peer.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-38 Compass ID: 391459945 Version 2
mpls ldp loop-detection
The mpls ldp loop-detection command enables LDP loops to be detected by the
BSR. If a loop is detected, the label for the prefixes is discarded. Use the no argument
to disable this feature.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp loop-detection
no mpls ldp loop-detection
Command Default
Disabled
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-39
mpls ldp maxhops
The mpls ldp maxhops command limits the number of hops allowed for the setup of
LSPs. Use the no argument to disable this feature.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp maxhops <1-255>
no mpls ldp maxhops <1-255>
Command Syntax
Command Default
254 hops
1-255 A number that defines the maximum number
of hops.
Note: The hop count is ignored if the loop-detection feature is disabled. Refer
to mpls ldp loop-detection on page 3-38 for more information.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-40 Compass ID: 391459945 Version 2
mpls ldp neighbor
The mpls ldp neighbor command lets you specify an encrypted password key that is
used with the TCP Message Digest 5 (MD5) Signature Option with the specified
neighbor LDP router.
Use the no argument to disable password encyption for the specified IP address.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp neighbor <A.B.C.D> {password {0 | 7} {<LINE>}
no mpls ldp neighbor <A.B.C.D> {password {0 | 7} {<LINE>}
Command Syntax
Note: Unless the neighbor password is specified to encrypt LDP sessions
between LSRs, the neighbor password is not used.
Note: In accordance with RFC 3036, authentication must be configured on
both LDP peers using the same password; otherwise, the peer session is not
established.
A.B.C.D The IP address of the LDP neighbor router.
password Set a password for the LDP neighbor router.
0 Indicates password is not encrypted.
7 Indicates password is encrypted.
LINE Specifies the password.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-41
mpls ldp router-id
The mpls ldp router-id command specifies a preferred interface for determining the
LDP router ID on the BSR. This command causes the IP address assigned to the
specified operational interface to be used as the LDP router ID. Use the no argument
to restore the command default.
Group Access
All
Command Mode
Global Configuration
Command Line Usage
mpls ldp router-id {cable <X/Y> | ethernet <X/Y> | gigaether <X/Y> | loopback
<1-255> | pos <X/Y> | tunnel <0-255>} [force]
no mpls ldp router-id {cable <X/Y> | ethernet <X/Y> | gigaether <X/Y> | loopback
<1-255> | pos <X/Y> | tunnel <0-255>} [force]
Command Syntax
Note: The specified interface must be operational in order for its IP address
to be incorporated in the LDP router ID.
cable Specifies the CMTS interface.
ethernet Specifies the Ethernet interface.
gigaether Specifies the Gigabit Ethernet address.
loopback Specifies the loopback interface.
pos Specifies the Packet-over-SONET interface.
tunnel Specifies the tunnel interface.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-42 Compass ID: 391459945 Version 2
Command Default
If the mpls ldp router-id command is not used, the LDP router ID is determined by
examining the IP addresses of all operational NIM interfaces on the BSR. If these IP
addresses include loopback interface addresses, the highest such loopback address is
selected as the LDP router ID. If these IP addresses do not include loopback interface
addresses, then the highest IP address relating to an operational interface is selected as
the LDP router ID.
force optionally forces the use of the named
interface as the LDP router ID. The force is
changed immediately if the interface is
operational.
X slot number
Y port number
0-255 Specifies the tunnel number.
1-255 Specifies the loopback interface number.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-43
show mpls ldp backoff
The show mpls ldp backoff command displays the following configured session
setup backoff parameter information.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls ldp backoff
LDP initial/maximum
backoff
Indicates the configured backoff parameters
in seconds (initial/max).
Backoff table Contains a list of discovered LDP neighbors
for which session setup is being delayed
because of previous failures to establish a
session due to incompatible configuration.
The backoff table incorporates the following
information:
LDP IdIdentifies the LDP neighbors
Backoff (sec)Shows the current backoff
session delay.
Waiting (sec)Shows the current backoff
timer delay for that session startup.
BSR:7A#show mpls ldp backoff
LDP initial/maximum backoff: 15/120 sec
Backoff table:
LDP Id Backoff(sec) Waiting(sec)
29.29.1.1:0 60 30
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-44 Compass ID: 391459945 Version 2
show mpls ldp bindings
The show mpls ldp bindings command displays the following command output
information for the label information base (LIB):
Group Access
All
Command Mode
All modes except User EXEC
A.B.C.D /n The IP address and mask for a particular
destination (network/mask).
rev A revision number (rev) that is used internally
to manage label distribution for this
destination.
remote binding A list of outgoing labels for this destination
learned from other LSRs. Each item in this
list identifies the LSR from which the
outgoing label was learned and the label
itself. The LSR is identified by its LDP
identifier.
local binding Labels assigned by the local LSR.
BSR:7A(config)#show mpls ldp bindings
1.1.1.0/24, rev 0
local binding: label: -
remote binding: lsr: 20.20.1.1:0, label: 5012
8.8.8.0/24, rev 0 (not installed)
local binding: label: -
remote binding: lsr: 20.20.1.1:0, label: 5013
10.1.3.0/24, rev 0
local binding: label: -
remote binding: lsr: 20.20.1.1:0, label: 5014
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-45
Command Line Usage
show mpls ldp bindings [<A.B.C.D> {<1-32> | <A.B.C.D>} | neighbor <A.B.C.D> |
remote-label {<0-1048575> <0-1048575>} | summary]
Command Syntax
A.B.C.D Defines the destination network IP address.
1-32 Specifies the mask length.
A.B.C.D Defines the destination subnet mask.
neighbor Displays labels from the LDP neighbor.
A.B.C.D Neighbor router ID IP address.
remote-label Displays entries matching the label values
assigned by a neighbor router.
0-1048575 Minimum remote label.
0-1048575 Maximum remote label.
summary Displays a summary of the Label Information
Base (LIB).
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-46 Compass ID: 391459945 Version 2
show mpls ldp discovery
The show mpls ldp discovery command displays the following information for the
status of the BSR interfaces on which the LDP discovery process is running:
Local LDP Identifier The local LDP router ID (BSR).
Interfaces Lists the interfaces that are engaging in LDP
discovery activity:
The xmit fieldIndicates that the interface is
transmitting LDP discovery Hello packets.
The recv fieldIndicates that the interface is
receiving LDP discovery Hello packets.
The ldp fieldIndicates the label distribution
protocol configured for the interface.
The LDP identifiers indicate the LDP
neighbors discovered on the interface.
Targeted Hellos Lists the platforms to which targeted Hello
messages are being sent, as described below:
The xmit, recv, ldp fields are the same as
described above.
The active field indicates that this LSR has
initiated targeted Hello messages.
The passive field indicates that the neighbor
LSR has initiated targeted Hello messages
and that this LSR is configured to respond to
the targeted Hello messages from the
neighbor.
MOT:7A#show mpls ldp discovery

Local LDP Identifier:
88.88.88.94:0
Discovery Sources:
Interfaces:
gigaether 12/0 (ldp): xmit/recv
LDP Id: 88.88.88.106:0
Targeted Hellos:
no configured peers
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-47
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls ldp discovery
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-48 Compass ID: 391459945 Version 2
show mpls ldp interface
The show mpls ldp interface command displays information about one or more
interfaces configured for LDP on the BSR. If you enter the command without
specifying an interface, all LDP interfaces on the BSR are displayed.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls ldp interface [cable <X/Y> | ethernet <X/Y> | gigaether <X/Y> | pos <X/
Y> | tunnel <0-255>]
Interface LDP interface on the BSR.
Ldp ID The LDP router ID.
NbrCount Number of neighbor Adjacencies on this
interface.
Next Hello Number of seconds until next discovery Hello
message is sent on this interface.
BSR:7A#show mpls ldp interfaces
Interface Ldp ID NbrCount Next Hello(sec)
ethernet 12/1 20.20.1.1:0 1 5
ethernet 12/2 20.20.1.1:0 0 4
ethernet 12/7 20.20.1.1:0 0 3
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-49
Command Syntax
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls ldp interface
cable Specifies the CMTS interface.
ethernet Specifies the Ethernet interface.
gigaether Specifies the Gigabit Ethernet address.
pos Specifies the Packet-over-SONET interface.
X slot number
Y port number
tunnel Specifies the tunnel interface.
0-255 Specifies the tunnel interface number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-50 Compass ID: 391459945 Version 2
show mpls ldp neighbor
The show mpls ldp neighbor command displays the following fields for the status of
neighbor LDP sessions:
Peer LDP Ident The LDP identifier of the neighbor (peer) for
this session.
Local LDP Ident The LDP identifier for the local LSR for this
session.
TCP connection The TCP connection used to support the LDP
session, shown in the following format:
Peer IP address.peer port.
Local IP address.local port.
State The state of the LDP session. Generally this is
Oper (operational), but transient is another
possible state.
Msgs sent/rcvd The number of LDP messages sent to and
received from the session peer. The count
includes the transmission and receipt of
periodic keepalive messages, which are
required for maintenance of the LDP session.
Downstream on
demand
If downstream-on-demand label distribution
is used for this LDP session. An LSR
advertises its locally assigned (incoming)
labels to its LDP peer only when the peer asks
for them.
Downstream
unsolicited
If downstream label distribution is used for
this LDP session. An LSR advertises all of its
locally assigned (incoming) labels to its LDP
peer (subject to any configured access list
restrictions).
Up time The length of time the LDP session has
existed.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-51
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls ldp neighbor [<A.B.C.D> | cable <X/Y> | ethernet <X/Y> | gigaether <X/
Y> | pos <X/Y> | tunnel <0-255>} | detail]
LDP discovery sources The source(s) of LDP discovery activity that
led to the establishment of this LDP session.
Addresses bound to
peer LDP Ident
The known interface addresses of the LDP
session peer. These are addresses that might
appear as next hop addresses in the local
routing table. They are used to maintain the
Label Forwarding Information Base (LFIB).
Peer holdtime Indicates the following information for the
neighbor router:
The Peer holdtime is the time that an LDP
session is maintained in the absence of LDP
messages from the peer router.
Keep Alive (KA) Interval is the amount of
time the router will allow to elapse without
sending an LDP message to its neighbor. If
this time elapses and the router has nothing
to send, it will send a KA message.
Peer state indicates the state of its session
with a peer router. For example, estab
indicates a peer session is established.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-52 Compass ID: 391459945 Version 2
Command Syntax
A.B.C.D Identifies the neighbor with this IP address.
cable Specifies the LDP neighbors accessible over
this CMTS interface.
ethernet Specifies the LDP neighbors accessible over
this Ethernet interface.
gigaether Specifies the LDP neighbors accessible over
this Gigabit Ethernet address.
pos Specifies the LDP neighbors accessible over
this Packet-over-SONET interface.
X slot number
Y port number
tunnel Specifies the LDP neighbors accessible over
this tunnel interface.
0-255 Specifies the tunnel ID number.
detail Specifies detailed information for LDP
neighbors.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-53
show mpls ldp parameters
The show mpls ldp parameters command displays the current LDP parameter
information:
Protocol version Indicates the version of LDP running on the
platform.
Downstream label pool Describes the range of labels available for the
platform to assign for label switching
purposes. The available labels range from the
smallest label value (min label) to the highest
label value (max label), with a modest
number of labels at the low end of the range
(reserved labels) reserved for diagnostic
purposes.
Session hold time Indicates the time that an LDP session is to be
maintained with an LDP peer without
receiving LDP traffic or an LDP keepalive
message from the peer.
keep alive interval Indicates the interval of time between
consecutive transmissions of LDP keepalive
messages to an LDP peer.
Discovery hello Indicates the interval to remember that a
neighbor platform wants an LDP session
without receiving an LDP Hello message
from the neighbor (hold time), and the
interval between the transmission of
consecutive LDP Hello messages to
neighbors (interval).
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-54 Compass ID: 391459945 Version 2
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls ldp parameters
Discovery targeted
hello
Indicates the interval to remember that a
neighbor platform wants an LDP session
when:
The neighbor platform is not directly
connected to the router.
The neighbor platform has not sent an LDP
Hello message. This intervening interval is
known as hold time.
The discovery targeted hello field also
indicates the interval between the
transmission of consecutive Hello messages
to a neighbor not directly connected to the
router.
LDP initial/maximum
backoff
Reports the parameters that have been set by
the mpls ldp backoff command.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-55
show mpls ldp statistics
The show mpls ldp statistics command displays LDP information for the following
packet message types that are sent and received:
Hello Number of hello discovery messages sent and
received.
Initialization Number of LDP Initialization messages sent
and received.
Keepalive Number of LDP Keepalive messages sent and
received.
Notification Number of LDP Notification messages sent
and received.
Address Number of LDP Address messages sent and
received.
Address withdraw Number of LDP Address withdraw messages
sent and received.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-56 Compass ID: 391459945 Version 2
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
show mpls ldp statistics
Label mapping Number of LDP Label mapping messages
sent and received.
Label request Number of LDP Label request messages sent
and received.
Label withdraw Number of LDP Label withdraw messages
sent and received.
Label release Number of LDP Label release messages sent
and received.
Label abort Number of LDP Label abort messages sent
and received.
All UDP Total number of UDP messages sent and
received.
All TCP Total number of TCP messages sent and
received.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-57
debug mpls ldp advertisements
The debug mpls ldp advertisements command displays address and label
information that was advertised to LDP peers.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls ldp advertisements [peer-acl <1-99>] [prefix-acl <1-99>]
no debug mpls ldp advertisements [peer-acl <1-99>] [prefix-acl <1-99>]
Command Syntax
peer-acl Limits the displayed advertisements for LDP
peers permitted by the access list.
prefix-acl Limits the displayed advertisements for
prefixes permitted by the access list.
1-99 IP access list number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-58 Compass ID: 391459945 Version 2
debug mpls ldp bindings
The debug mpls ldp bindings command displays information about learned address
and label bindings.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls ldp bindings [peer-acl <1-99>] [prefix-acl <1-99>]
no debug mpls ldp bindings [peer-acl <1-99>] [prefix-acl <1-99>]
Command Syntax
peer-acl Limits the displayed binding information to
the information learned from LDP peers
permitted by the access list.
prefix-acl Limits the displayed advertisements to the
information learned for prefixes permitted by
the access list.
1-99 IP access list number.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-59
debug mpls ldp messages
The debug mpls ldp messages command displays specific information regarding
LDP messages sent to or received from peers.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls ldp messages [sent | received | all] [address | init | label | notification |
periodic] [peer-acl <1-99>]
no debug mpls ldp messages
Command Syntax
sent Displays LDP messages sent to LDP peers.
received Displays all LDP messages received from
LDP peers.
all Displays all LDP messages sent to and
received from LDP peers.
address Displays Address and Address Withdraw
messages.
init Displays Initialization messages.
label Displays Label Mapping, Label Request,
Label Withdraw, Label Release, Label Abort
Request messages.
notification Displays Notification messages.
periodic Displays Hello and Keepalive messages.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-60 Compass ID: 391459945 Version 2
peer-acl Limits the messages displayed for LDP peers
permitted by the access list.
<1-99> IP access list number.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-61
debug mpls ldp session state-machine
The debug mpls ldp session state-machine command displays information about the
state transitions for LDP sessions.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls ldp session state-machine [peer-acl <1-99>]
no debug mpls ldp session state-machine [peer-acl <1-99>]
Command Syntax
peer-acl Limits the displayed information for LDP
peers permitted by the access list.
<1-99> IP access list number.
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-62 Compass ID: 391459945 Version 2
debug mpls ldp session io
The debug mpls ldp session io command displays contents of LDP messages sent to
or received from LDP peers.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls ldp session io [all] [peer-acl <1-99>]
no debug mpls ldp session io [all] [peer-acl <1-99>]
Command Syntax
all This option displays the content of all LDP
messages sent to and received from LDP
peers.
peer-acl Limits the displayed message output for LDP
peers permitted by the access list.
<1-99> IP access list number.
Release 6.3.1 Configuring LDP
Compass ID: 391459945 Version 2 3-63
debug mpls ldp targeted-neighbors
Use the debug mpls ldp targeted-neighbors command to display information about
mechanism for establishing adjacencies to peers that are not directly adjacent.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls ldp targeted-neighbors
no debug mpls ldp targeted-neighbors
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
3-64 Compass ID: 391459945 Version 2
debug mpls ldp transport connections
The debug mpls ldp transport connections command displays information about
the TCP connections used in LDP sessions.
Group Access
All
Command Mode
All modes except User EXEC
Command Line Usage
debug mpls ldp transport connections [peer-acl <1-99>] [interface <X/Y>]
Command Syntax
interface <X/Y> Limits the displayed information for the
specified NIM interface.
peer-acl <1-99> Limits the displayed information for LDP
peers permitted by the specified access list
number.
Compass ID: 391459945 Version 2 Index-1
A
address-family, 1-83
Application Manager (AM), 1-4
arp, 1-85
arp (global), 1-85
Autonomous System (AS), 1-49, 1-53, 1-56
Autonomous System Number (ASN), 1-128
B
BGP/MPLS VPNs, 1-13
C
Cable Bundle
master, 1-62
slave, 1-62
Cable Bundling
see also Virtual Cable Bundling, 1-61
cable helper-address, 1-88
cable host authorization range, 1-90
cable modem (CM), 1-3
cable service-class default, 1-87
cable subinterface bundling, 1-61
Call Management Server (CMS)
description, 1-2
clear arp-cache, 1-91
clear counters, 1-92
clear ip route, 1-93
clear ip traffic, 1-94
CM configuration files, 1-13
Common Open Policy Service (COPS)
description, 1-2, 1-16
Customer Edge (CE)
devices, 1-7
Customer Premises Equipment (CPE), 1-7
D
debug arp, 1-95
debug cable reg, 1-96
debug ip bgp, 1-97
debug ip icmp, 1-99
debug ip packet, 1-100
debug ip policy, 1-102
debug mpls forwarding, 1-103
debug mpls ldp advertisements, 3-57
debug mpls ldp bindings, 3-58
debug mpls ldp messages, 3-59
debug mpls ldp session io, 3-62
debug mpls ldp session state-machine, 3-61
debug mpls ldp targeted-neighbors, 3-63
debug mpls ldp transport connections, 3-64
description, 1-104
dhcpLeaseQuery authorization on, 1-105
Dynamic Host Configuration Protocol (DHCP), 1-12,
1-13, 1-16, 1-24, 1-27, 1-28, 1-30, 1-31, 1-33,
1-34, 1-37, 1-39, 1-41, 1-42, 1-45, 1-61, 1-177
server, 1-33, 1-41, 1-44
Index
Index-2 Compass ID: 391459945 Version 2
BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1
F
Forward Equivalence Classes (FECs), 3-2
H
host authorization on, 1-106
I
interface, 1-108
ip access-group, 1-110
ip address, 1-111
ip extcommunity-list, 1-113
ip helper-address, 1-115
ip policy route-map, 1-121
ip route, 1-116
ip unreachables, 1-118
IP Version 4 (IPv4) Unicast Layer 3 routing, 1-16,
1-53
ip vrf, 1-120
ip vrf forwarding, 1-119
L
Label Distribution Protocol (LDP), 3-1
Router ID, 3-4
Label Switch Paths (LSPs), 1-7, 3-1
Label Switch Routers (LSRs), 3-1
LDP Discovery Hello messages, 3-6
M
MP-BGP UNREACH-NLRI routing updates
see also Network Layer Reach-ability Information
(NLRI), 1-79
MPLS
enabling, 1-19
mpls ip, 1-19
mpls label protocol ldp, 3-28
mpls ldp accept-labels, 3-29
mpls ldp advertise-labels, 3-30
mpls ldp backoff, 3-32
mpls ldp discovery hello, 3-33
mpls ldp discovery targeted-hello, 3-34
mpls ldp discovery targeted-hello accept, 3-35
mpls ldp discovery transport-address, 3-36
mpls ldp holdtime, 3-37
mpls ldp loop-detection, 3-38
mpls ldp maxhops, 3-39
mpls ldp neighbor, 3-40
mpls ldp router-id, 3-41
Multiple Internet Service Providers (ISPs)
interworked with VPNs, 1-74
N
neighbor confed-segment, 1-124
Network Layer Reach-ability Information (NLRI),
1-53
O
Open Shortest Path First (OSPF) protocol, 1-7
P
ping, 1-126
Policy Decision Point (PDP), 1-4
Provider (P) router, 1-13
Provider Edge (PE) router, 1-13
R
rd, 1-128
redistribute, 1-130
RFC 3035, 3-2
RFC 3036, 3-2
Route Distinguisher (RD), 1-16, 1-128
Route Target Extended Community (RTEC), 1-16
route-map, 1-130
router identifier (ID), 3-4
route-target, 1-131
Compass ID: 391459945 Version 2 Index-3
Release 6.3.1 Index
S
show cable modem, 1-133
show host authorization, 1-135
show host unauthorized cpe, 1-137
show interfaces, 1-138
show ip arp, 1-140
show ip dhcp stats, 1-142
show ip extcommunity-list, 1-143
show ip filters, 1-144
show ip filters summary, 1-147
show ip forwarding-table, 1-148
show ip forwarding-table mpls, 1-150
show ip forwarding-table summary, 1-152
show ip forwarding-table tunnel, 1-153
show ip forwarding-table vrf, 1-155
show ip interface, 1-157
show ip protocols, 1-158
show ip redistribute, 1-160
show ip route vrf, 1-161
show ip traffic, 1-162
show ip vrf, 1-163
show l2-cam, 1-165
show mpls forwarding-table, 1-168
show mpls ldp backoff, 3-43
show mpls ldp bindings, 3-44
show mpls ldp discovery, 3-46
show mpls ldp interface, 3-48
show mpls ldp neighbor, 3-50
show mpls ldp parameters, 3-53
show mpls ldp statistics, 3-55
show mpls traffic, 1-170
show running-config, 1-19
show stats cmts, 1-173
shutdown, 1-172
subinterface bundling, 1-61
T
TCP, 1-57
TCP Message Digest 5 (MD5) Signature Option, 3-13
telnet, 1-175
Time of Day (ToD), 1-12, 1-13
traceroute, 1-176
Trivial File Transfer Protocol (TFTP), 1-12, 1-13
V
Virtual Cable Bundling
slave, 1-45
Virtual Private Networks (VPNs)
description of, i-xi, 1-1, 3-1
how cable modems (CMs) belong, 1-14
interworked with multi-ISPs, 1-74
static routes, 1-65
Voice over IP (VoIP), 1-2
vpn id, 1-177
VPN-IPv4 routes, 1-16
vrf selection source, 1-178
Compass ID: 391459945 Version 2
1/12
Visit our website at:
www.motorola.com