A while ago i posted a laboratory about the basics of a L3 VPN solution. Since then, some things have changed for me and starting from January I will no longer work as a Network Engineer. A new challenge lays ahead of me, as i made the step towards the Service Delivery department inside the same company. The new position requires a mix between Project Management, design and configuration skills in order to implement new services, and it is less about troubleshooting.
To mark this event, I want to take some time and post an updated version of the laboratory about the L3 VPN solution, a version in which i will try to get as close as i can to some real life scenarios.
The archive contains the following files:
The GNS3 project
Circuits documentation files
Customer A configurations file
Customer A configurations file
Note: - The ISP backbone and the eBGP are preconfigured at a basic level in order to ensure connectivity.
What will you need:
PDF viewer
GNS3 version 2.1.0 Internet access (for research, if needed) IOS images for the 7200 and 3700 models.
(C7200-ADVENTERPRISEK9-M), Version 15.1(4)M2
(C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7
Topology
What will you need:
PDF viewer
GNS3 version 2.1.0 Internet access (for research, if needed) IOS images for the 7200 and 3700 models.
(C7200-ADVENTERPRISEK9-M), Version 15.1(4)M2
(C3725-ADVENTERPRISEK9-M), Version 12.4(15)T7
Topology
Description
Before we begin, i think a brief description of the ISP’s backbone network is required in order to get a more deeper understanding of what is going on.
Before we begin, i think a brief description of the ISP’s backbone network is required in order to get a more deeper understanding of what is going on.
The CORE router represents a router used to establish an eBGP peer with the other ISP. In this design it is also used as a route reflector for the PE routers. In real life, you’ll find more route reflectors in an ISPs IP backbone and depending on the size of the company, at least two core routers used for peering with the upstreams. Also, in real life, the routers used for peering and the route reflectors are usualy diffrent routers.
The PE1 and PE2 routers are the edge routers where we will configure the customer’s services. They will also be used to provide redundancy, meaning that if we deliver a main service from one, the backup will be delivered from the other.
The PEs are connected to the MetroE, which is in fact a ‘switch’ that simulates a MetroEthernet backbone. In real life, such a network is made by many switches and the Fiber Optic cables, the local loops used to deliver the main and backup services towards a customer’s location are connected in two diffrent such switches, located in diffrent POPs.
Requests
1. Let’s start with customer B, since his solution is easier to implement. Customer B has two sites, CE-B1 and CE-B2. He knows that our company has an MPLS network and we are providing L3 VPN services, so he comes to us for a solution to connect the two sites.
2. Customer’s A solution is a bit more complex and closer to what you might encounter in real life. Customer A also has two sites that he wants to be connected via a L3 VPN, but he is also interested in having redundancy for the sites. For site CE-A2 we can provide both local loops, but for the location CE-A1 the backup will be delivered over an internet connection provided by the other ISP.
Suggestions
This laboratory is a scrap, but you can use it to think of new scenarios and dig even deeper. You can configure IGPs between the CPE and the PE routers and use redistribution to and from MP-BGP. Maybe customer B wants to use OSPF in SITE1 and EIGRP in SITE2. Maybe customer A merges with customer B and some route leaking between VRFs must be done. You can also think of troubleshooting scenarios. There are many nice things you can play with.
I don’t recommend opening the configuration file and just copy/pasting the commands. This will not help you at all ! Instead, try to think of this lab as an exercise that forces you to see how would you configure the solution starting from the customer’s request on the current infrastructure. I encourage you to use any resource available on the internet in order to reach the end result.
I don’t recommend opening the configuration file and just copy/pasting the commands. This will not help you at all ! Instead, try to think of this lab as an exercise that forces you to see how would you configure the solution starting from the customer’s request on the current infrastructure. I encourage you to use any resource available on the internet in order to reach the end result.
I hope you’ll have fun practicing with this laboratory.
Cheers!
Cheers!
Niciun comentariu :
Trimiteți un comentariu