Configuring MPLS L2 – Base/lab config

By | November 1, 2017

This example is how to configure basic Layer 2 MPLS connectivity across your MPLS core, so CE endpoints, or in some cases, ToR switches can appear to be layer 2 adjacent, through your core.  This is primarily used on the service provider side but has amazing uses for the data center end of things.  Being able to stretch Layer 2 across your data center without needing STP is fantastic.  This is a nice alternative to use when VXLAN isn’t an option.  

To make some notes about this setup, I do not have end hosts connected into S1, S2, and S3 which are the ToR switches within this data center mock up, so instead I used SVI’s, which normally wouldn’t be needed.  They trunk their VLANs up to the core MPLS routers which use sub interfaces to break out the VLANs and create Virtual Circuits (VC’s) over to peer routers.  This is what allows the VLANs to get trunked over to the other ToR switches.  Config examples below.

Config examples:

S1 (ToR switch 1):

version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname S1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
description Uplink
switchport trunk allowed vlan 100,200,300
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
no negotiation auto
!
interface Vlan100
ip address 192.168.1.1 255.255.255.0
!
interface Vlan200
ip address 192.168.2.1 255.255.255.0
!
interface Vlan300
ip address 192.168.3.1 255.255.255.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
line con 0
line aux 0
line vty 0 4
!
!
end

S2 (ToR Switch 2):

version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname S2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
description Uplink
switchport trunk allowed vlan 100,200,300
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
no negotiation auto
!
interface Vlan100
ip address 192.168.1.2 255.255.255.0
!
interface Vlan200
ip address 192.168.2.2 255.255.255.0
!
interface Vlan300
ip address 192.168.3.2 255.255.255.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
line con 0
line aux 0
line vty 0 4
!
!
end

S3 (ToR Switch 3):

version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname S3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
!
!
!
!
!
!
!
!
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
vlan internal allocation policy ascending
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface GigabitEthernet0/0
media-type rj45
negotiation auto
!
interface GigabitEthernet0/1
description Uplink
switchport trunk allowed vlan 100,200,300
switchport trunk encapsulation dot1q
switchport mode trunk
media-type rj45
no negotiation auto
!
interface Vlan100
ip address 192.168.1.3 255.255.255.0
!
interface Vlan200
ip address 192.168.2.3 255.255.255.0
!
interface Vlan300
ip address 192.168.3.3 255.255.255.0
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!

line con 0
line aux 0
line vty 0 4
!
!
end

R1 (MPLS/Core Router – connects VLAN 200 to R2/S2 and VLAN 300 to R3/S3):

!
! Last configuration change at 19:29:26 UTC Wed Nov 1 2017
!
version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
mpls ip
redundancy
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
!
interface GigabitEthernet0/1
description Core link to R2
ip address 10.1.1.1 255.255.255.252
duplex auto
speed auto
media-type rj45
mpls ip
!
interface GigabitEthernet0/2
description Core link to R3
ip address 10.1.2.1 255.255.255.252
duplex auto
speed auto
media-type rj45
mpls ip
!
interface GigabitEthernet0/3
no ip address
duplex auto
speed auto
media-type rj45
no keepalive
!
interface GigabitEthernet0/3.1
encapsulation dot1Q 300
no cdp enable
xconnect 3.3.3.3 30 encapsulation mpls
!
interface GigabitEthernet0/3.2
encapsulation dot1Q 200
xconnect 2.2.2.2 20 encapsulation mpls
!
router ospf 1
router-id 1.1.1.1
network 0.0.0.0 255.255.255.255 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end

R2 (MPLS/Core Router – connects VLAN 200 to R1/S1 and VLAN 100 to R3/S3):

version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
mpls ip
redundancy
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface GigabitEthernet0/1
description Core link to R1
ip address 10.1.1.2 255.255.255.252
duplex auto
speed auto
media-type rj45
mpls ip
!
interface GigabitEthernet0/2
description Core link to R3
ip address 10.1.3.2 255.255.255.252
duplex auto
speed auto
media-type rj45
mpls ip
!
interface GigabitEthernet0/3
no ip address
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3.1
encapsulation dot1Q 200
xconnect 1.1.1.1 20 encapsulation mpls
!
interface GigabitEthernet0/3.2
encapsulation dot1Q 100
xconnect 3.3.3.3 10 encapsulation mpls
!
router ospf 1
router-id 2.2.2.2
network 0.0.0.0 255.255.255.255 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
line con 0
line aux 0
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end

R3 (MPLS/Core Router – connects VLAN 100 to R2/S2 and VLAN 300 to R1/S1):

version 15.6
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
ethernet lmi ce
!
!
!
mmi polling-interval 60
no mmi auto-configure
no mmi pvc
mmi snmp-timeout 180
!
!
!
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
mpls ip
redundancy
!
!
!
interface Loopback0
ip address 3.3.3.3 255.255.255.255
!
!
interface GigabitEthernet0/1
description Core link to R2
ip address 10.1.3.1 255.255.255.252
duplex auto
speed auto
media-type rj45
mpls ip
!
interface GigabitEthernet0/2
description Core link to R1
ip address 10.1.2.2 255.255.255.252
duplex auto
speed auto
media-type rj45
mpls ip
!
interface GigabitEthernet0/3
no ip address
duplex auto
speed auto
media-type rj45
no keepalive
!
interface GigabitEthernet0/3.1
encapsulation dot1Q 300
xconnect 1.1.1.1 30 encapsulation mpls
!
interface GigabitEthernet0/3.2
encapsulation dot1Q 100
xconnect 2.2.2.2 10 encapsulation mpls
!
router ospf 1
router-id 3.3.3.3
network 0.0.0.0 255.255.255.255 area 0
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server
!
!
!
!
control-plane
!
!
line con 0
line aux 0
line vty 0 4
login
transport input none
!
no scheduler allocate
!
end