BSR64K-R6.3.1-VPNGuide

8/10/2019 BSR64K-R6.3.1-VPNGuide

1/292

BSR 64000 BGP/

MPLS VPN

Configuration and

Management Guide

Compass ID: 391459945 Version 2

Release 6.3.1


2/292

Notice

EXCEPT AS INDICATED IN THE APPLICABLE SYSTEM PURCHASE AGREEMENT, THE SYSTEM,

DOCUMENTATION AND SERVICES ARE PROVIDED "AS IS", AS AVAILABLE, WITHOUT WARRANTY OFANY KIND. MOTOROLA MOBILITY, INC. DOES NOT WARRANT THAT THE SYSTEM WILL MEETCUSTOMER'S REQUIREMENTS, OR THAT THEIR OPERATION WILL BE UNINTERRUPTED ORERROR-FREE, OR THAT ANY ERRORS CAN OR WILL BE FIXED. MOTOROLA MOBILITY, INC. HEREBYDISCLAIMS ALL OTHER WARRANTIES, EXPRESS OR IMPLIED, ORAL OR WRITTEN, WITH RESPECTTO THE SYSTEM AND SERVICES INCLUDING, WITHOUT LIMITATION, ALL IMPLIED WARRANTIES OFTITLE, NON-INFRINGEMENT, INTEGRATION, MERCHANTABILITY OR FITNESS FOR ANY PARTICULARPURPOSE AND ALL WARRANTIES ARISING FROM ANY COURSE OF DEALING OR PERFORMANCE ORUSAGE OF TRADE.

EXCEPT AS INDICATED IN THE APPLICABLE SYSTEM PURCHASE AGREEMENT, MOTOROLAMOBILITY, INC. SHALL NOT BE LIABLE CONCERNING THE SYSTEM OR SUBJECT MATTER OF THISDOCUMENTATION, REGARDLESS OF THE FORM OF ANY CLAIM OR ACTION (WHETHER INCONTRACT, NEGLIGENCE, STRICT LIABILITY OR OTHERWISE), FOR ANY (A) MATTER BEYOND ITSREASONABLE CONTROL, (B) LOSS OR INACCURACY OF DATA, LOSS OR INTERRUPTION OF USE, ORCOST OF PROCURING SUBSTITUTE TECHNOLOGY, GOODS OR SERVICES, (C) INDIRECT, PUNITIVE,INCIDENTAL, RELIANCE, SPECIAL, EXEMPLARY OR CONSEQUENTIAL DAMAGES INCLUDING, BUT

NOT LIMITED TO, LOSS OF BUSINESS, REVENUES, PROFITS OR GOODWILL, OR (D) DIRECT

DAMAGES, IN THE AGGREGATE, IN EXCESS OF THE FEES PAID TO IT HEREUNDER FOR THE SYSTEMOR SERVICE GIVING RISE TO SUCH DAMAGES DURING THE 12-MONTH PERIOD PRIOR TO THE DATETHE CAUSE OF ACTION AROSE, EVEN IF COMPANY HAS BEEN ADVISED OF THE POSSIBILITY OFSUCH DAMAGES. THESE LIMITATIONS ARE INDEPENDENT FROM ALL OTHER PROVISIONS OF THISAGREEMENT AND SHALL APPLY NOTWITHSTANDING THE FAILURE OF ANY REMEDY PROVIDEDHEREIN.

All Motorola Mobility, Inc. products are furnished under a license agreement included with the product. If you areunable to locate a copy of the license agreement, please contact Motorola Mobility, Inc.

No part of this publication may be reproduced in any form or by any means or used to make any derivative work (suchas translation, transformation, or adaptation) without written permission from Motorola Mobility, Inc.

Motorola Mobility reserves the right to revise this publication and to make changes in content from time to timewithout obligation on the part of Motorola Mobility to provide notification of such revision or change. MotorolaMobility provides this guide without warranty of any kind, implied or expressed, including, but not limited to, theimplied warranties of merchantability and fitness for a particular purpose. Motorola Mobility may make

improvements or changes in the product(s) described in this manual at any time.

MOTOROLA and the Stylized M Logo are trademarks or registered trademarks of Motorola Trademark Holdings,LLC. All other trademarks are the property of their respective owners.

2012 Motorola Mobility, Inc. All rights reserved.

Compass ID: 391459945 Version 2

Release 6.3.1

Published: 1/12


3/292

Compass ID: 391459945 Version 2 iii

Contents

Contents

Preface

Scope .............................................................................................................................................xiAudience........................................................................................................................................xi

Documentation Set ........................................................................................................................xi

Conventions.................................................................................................................................xiv

Notes, Cautions, Warnings ...........................................................................................................xv

If You Need Help..........................................................................................................................xv

Motorola BSR Customer Website ................................................................... i-xvi

1 Configuring BGP/MPLS VPNs

Overview .....................................................................................................................................1-1

Terminology ................................................................................................................................1-2

Introduction to the BGP/MPLS VPN..........................................................................................1-5

BGP/MPLS VPN Overview .............................................................................................1-5

Customer Edge to Provider Edge.......................................................................1-7

Provider Edge to Provider Core .........................................................................1-7

Provider Edge to Provider Edge.........................................................................1-9

Provisioning BGP/MPLS VPNs for VoIP and Data .......................................................1-10

Before You Begin ......................................................................................................................1-12

Customer Network Prerequisites....................................................................................1-12

Provider Network Prerequisites......................................................................................1-13Cable Modem Configuration File Configuration Prerequisites .......................1-13
http://bsr64k-r5.3.1-vpnguide.prf.pdf/http://bsr64k-r5.3.1-vpnguide.prf.pdf/


4/292

BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6.3.1

iv Compass ID: 391459945 Version 2

VPN Configuration Rules...............................................................................................1-14

VPN Task Summary..................................................................................................................1-15

Provider Network Configuration Tasks..........................................................................1-15

Customer Network Configuration for VPNs..................................................................1-16

VPN Configuration ...................................................................................................................1-16

Creating a VRF...............................................................................................................1-17

Enabling MPLS ..............................................................................................................1-19

Configuring the PE Network Interface...........................................................................1-19

Configure a Loopback Interface for PE to PE Interoperability......................................1-21

Configuring a Cable Interface for a VPN.......................................................................1-22

Configuration Scenarios for CM, eMTA Provisioning and Voice Traffic in Multiple VPNs

1-25

Creating a Virtual Cable Bundle for Global CMs Option 1.............................1-26

Creating a Virtual Cable Bundle for Global CMs Option 2.............................1-29

Creating a Virtual Cable Bundle for Global eMTAs........................................1-32

Creating a Virtual Cable Bundle for a CM in Provisioning VPN....................1-35

Creating a Virtual Cable Bundle for an eMTA Provisioning VPN ..................1-40

Creating a Virtual Cable Bundle for a Data or Voice VPN..............................1-43

Configuring IGP or Static Routes for VPNs ..................................................................1-48

Configuring BGP and MP-BGP for VPNs.....................................................................1-49

Configuring the BGP AS and Neighbor Sessions............................................1-49

Redistribute Connected or Static VRF Networks into MP-BGP .....................1-50

Configuring MP-BGP to Advertise VPNv4 Routes ........................................1-53

Redistributing Routes Between Different VRFs ............................................................1-54

Redistribute Connected, Static or BGP Routes Between VRFs ......................1-56

Configuring Internet Access for a VPN .........................................................................1-56

Configuring Policy Decision Point Access for a VoIP VPN..........................................1-57

Optional Configuration Task Summary ....................................................................................1-58Creating a DHCP Provisioning VPN .............................................................................1-59

Bundling Cable Subinterfaces........................................................................................1-61

Configuring a VPN ID....................................................................................................1-63

Configuring Static Routes for VRF CEs and Hosts .......................................................1-65

Managing the Number of Routes per VRF Instance ......................................................1-66

Assigning a Service Class to a VPN Subinterface .........................................................1-67


5/292

Release 6.3.1 Contents

Compass ID: 391459945 Version 2 v

Configuring CM Subnets on a Cable Interface ..............................................................1-68

Configuring CM Subnets on a Cable Interface for VPNs................................1-68

Configuring CM Subnets on a Cable Interface for Non-VPNs .......................1-71

Interworking VPNs and Multi-ISPs ...............................................................................1-74

Assigning a VRF to a Cable Subinterface......................................................................1-75

Deleting a VRF...............................................................................................................1-78

Removing VRF Associations from Interfaces................................................................1-79

Removing a VRF from a Cable Subinterface ..................................................1-79

Removing a VRF from a Loopback Interface..................................................1-80

Configuring BGP to Advertise IPv4 Routes ..................................................................1-81

BGP/MPLS VPN Commands ...................................................................................................1-82

address-family ................................................................................................................1-83

arp ...................................................................................................................................1-85

cable service-class default ..............................................................................................1-87

cable helper-address .......................................................................................................1-88cable host authorization range ........................................................................................1-90

clear arp-cache................................................................................................................1-91

clear counters..................................................................................................................1-92

clear ip route ...................................................................................................................1-93

clear ip traffic .................................................................................................................1-94

debug arp ........................................................................................................................1-95

debug cable reg...............................................................................................................1-96

debug ip bgp ...................................................................................................................1-97

debug ip icmp .................................................................................................................1-99

debug ip packet.............................................................................................................1-100

debug ip policy .............................................................................................................1-102

debug mpls forwarding.................................................................................................1-103

description ....................................................................................................................1-104

dhcp leasequery authorization on .................................................................................1-105

host authorization on ....................................................................................................1-106

interface ........................................................................................................................1-108

ip access-group .............................................................................................................1-110

ip address ......................................................................................................................1-111

ip extcommunity-list.....................................................................................................1-113


6/292


vi Compass ID: 391459945 Version 2

ip helper-address...........................................................................................................1-115

ip route..........................................................................................................................1-116

ip unreachables .............................................................................................................1-118

ip vrf forwarding...........................................................................................................1-119

ip vrf .............................................................................................................................1-120

ip policy route-map.......................................................................................................1-121

maximum-prefixes........................................................................................................1-122

neighbor activate ..........................................................................................................1-123

neighbor confed-segment .............................................................................................1-124

neighbor send-community extended.............................................................................1-125

ping ...............................................................................................................................1-126

rd...................................................................................................................................1-128

redistribute....................................................................................................................1-130

route-target ...................................................................................................................1-131

show cable modem .......................................................................................................1-133show host authorization................................................................................................1-135

show host unauthorized cpe..........................................................................................1-137

show interfaces .............................................................................................................1-138

show ip arp ...................................................................................................................1-140

show ip dhcp stats.........................................................................................................1-142

show ip extcommunity-list ...........................................................................................1-143

show ip filters ...............................................................................................................1-144

show ip filters summary ...............................................................................................1-147

show ip forwarding-table..............................................................................................1-148

show ip forwarding-table mpls.....................................................................................1-150

show ip forwarding-table summary..............................................................................1-152

show ip forwarding-table tunnel...................................................................................1-153

show ip forwarding-table vrf ........................................................................................1-155

show ip interface...........................................................................................................1-157

show ip protocols..........................................................................................................1-158

show ip redistribute ......................................................................................................1-160

show ip route vrf...........................................................................................................1-161

show ip traffic...............................................................................................................1-162

show ip vrf....................................................................................................................1-163


7/292


Compass ID: 391459945 Version 2 vii

show l2-cam..................................................................................................................1-165

show mpls forwarding-table .........................................................................................1-168

show mpls traffic ..........................................................................................................1-170

shutdown.......................................................................................................................1-172

show stats cmts .............................................................................................................1-173

telnet .............................................................................................................................1-175

traceroute ......................................................................................................................1-176

vpn id ............................................................................................................................1-177

vrf selection source.......................................................................................................1-178

2 BGP/MPLS VPN

Configuration Examples

Overview .....................................................................................................................................2-1

Building an BGP/MPLS VPN.....................................................................................................2-1

Create a VRF for each BGP/MPLS VPN.........................................................................2-5

PE 1 ....................................................................................................................2-5

PE 2 ....................................................................................................................2-6

PE 3 ....................................................................................................................2-6

PE 4 ....................................................................................................................2-6

Enable MPLS....................................................................................................................2-6

Configure the PE network interface .................................................................................2-6

PE 1 ....................................................................................................................2-7

PE 2 ....................................................................................................................2-7

PE 3 ....................................................................................................................2-7

PE 4 ....................................................................................................................2-7

Configure a cable interface for both VPNs and Non-VPNs.............................................2-7

PE 1 ....................................................................................................................2-8

PE 2 ....................................................................................................................2-8PE 3 ....................................................................................................................2-8

PE 4 ....................................................................................................................2-8

Configure a loopback interface for Provider Edge (PE) to PE connectivity....................2-9

PE 1 ....................................................................................................................2-9

PE 2 ....................................................................................................................2-9

PE 3 ....................................................................................................................2-9


8/292


viii Compass ID: 391459945 Version 2

PE 4 ..................................................................................................................2-10

Configure a virtual cable bundle for VPN CMs, and non-VPN CMs and CPEs ...........2-10

PE 1 ..................................................................................................................2-10

PE 2 ..................................................................................................................2-11

PE 3 ..................................................................................................................2-11

PE 4 ..................................................................................................................2-11

Configure virtual cable bundles for VPN CPEs.............................................................2-12

PE 1 ..................................................................................................................2-12

PE 2 ..................................................................................................................2-12PE 3 ..................................................................................................................2-13

PE 4 ..................................................................................................................2-13

Assign a cable bundle to a cable subinterface ................................................................2-14

PE 1 ..................................................................................................................2-14

PE 2 ..................................................................................................................2-14

PE 3 ..................................................................................................................2-14PE 4 ..................................................................................................................2-15

Provision both VPN and Non-VPN CMs.......................................................................2-15

Configure IGP routes......................................................................................................2-15

PE 1 ..................................................................................................................2-15

PE 2 ..................................................................................................................2-15

PE 3 ..................................................................................................................2-16

PE 4 ..................................................................................................................2-16

Configure the BGP AS and neighbor sessions...............................................................2-16

PE 1 ..................................................................................................................2-16

PE 2 ..................................................................................................................2-16

PE 3 ..................................................................................................................2-17

PE 4 ..................................................................................................................2-17

Redistribute connected VRF networks into MP-BGP....................................................2-17

PE 1 ..................................................................................................................2-17

PE 2 ..................................................................................................................2-17

PE 3 ..................................................................................................................2-18

PE 4 ..................................................................................................................2-18

Configure MP-BGP to advertise VPNv4 Routes ...........................................................2-19

PE 1 ..................................................................................................................2-19


9/292


Compass ID: 391459945 Version 2 ix

PE 2 ..................................................................................................................2-19

PE 3 ..................................................................................................................2-20

PE 4 ..................................................................................................................2-20

Configuration Examples for CM, eMTA Provisioning and Voice Traffic in Multiple VPNs ...2-20

Configuring VPNs for Data Only...................................................................................2-21

Configuring Multiple Data VPNs and VoIP VPNs ........................................................2-22

Configuring Multiple VPNs Using a CM Provisioning VPN ........................................2-23

Configuring a Single VPN for both VoIP and VoIP Provisioning Functions .................2-26

3 Configuring LDP

Overview .....................................................................................................................................3-1

LDP Implementation in the BSR ................................................................................................3-2

LDP Message Support......................................................................................................3-2

Enabling LDP on an Interface.....................................................................................................3-3

Managing LDP ............................................................................................................................3-4Specifying an LDP Router ID ..........................................................................................3-4

Changing the Transport Address for LDP Discovery ......................................................3-6

Controlling LDP Label Advertisements...........................................................................3-8

Configuring LDP Advertise Labels ...................................................................3-9

Configuring LDP Accept Labels....................................................................................3-10

Managing the LDP Session ............................................................................................3-12

Adjusting the LDP Session Hold Time............................................................3-12

Encrypting a Session with a Neighbor LDP Router ........................................3-13

Changing the LDP Session Backoff Setting ....................................................3-13

Changing LDP Discovery Hello Message Parameters ....................................3-14

Changing LDP Discovery Targeted Hello Message Parameters......................3-14

Accepting Discovery Messages from Neighbors.............................................3-15

LDP Network Configuration Example......................................................................................3-15

BSR 1 Configuration ......................................................................................................3-16

Checking the BSR 1 Configuration .................................................................3-17






10/292


x Compass ID: 391459945 Version 2

Monitoring the Start of an LDP Session.........................................................................3-25

LDP Commands ........................................................................................................................3-27

mpls label protocol ldp ...................................................................................................3-28

mpls ldp accept-labels ....................................................................................................3-29

mpls ldp advertise-labels ................................................................................................3-30

mpls ldp backoff .............................................................................................................3-32

mpls ldp discovery hello.................................................................................................3-33

mpls ldp discovery targeted-hello ..................................................................................3-34

mpls ldp discovery targeted-hello accept .......................................................................3-35mpls ldp discovery transport-address.............................................................................3-36

mpls ldp holdtime...........................................................................................................3-37

mpls ldp loop-detection ..................................................................................................3-38

mpls ldp maxhops...........................................................................................................3-39

mpls ldp neighbor ...........................................................................................................3-40

mpls ldp router-id ...........................................................................................................3-41

show mpls ldp backoff....................................................................................................3-43

show mpls ldp bindings..................................................................................................3-44

show mpls ldp discovery ................................................................................................3-46

show mpls ldp interface..................................................................................................3-48

show mpls ldp neighbor..................................................................................................3-50

show mpls ldp parameters ..............................................................................................3-53

show mpls ldp statistics..................................................................................................3-55

debug mpls ldp advertisements ......................................................................................3-57

debug mpls ldp bindings.................................................................................................3-58

debug mpls ldp messages ...............................................................................................3-59

debug mpls ldp session state-machine............................................................................3-61

debug mpls ldp session io ...............................................................................................3-62

debug mpls ldp targeted-neighbors ................................................................................3-63debug mpls ldp transport connections............................................................................3-64

Index


11/292

Compass ID: 391459945 Version 2 xi

Preface

Scope

This document describes the Motorola implementation of the Border Gateway

Protocol/Multiprotocol Label Switching Virtual Private Networks (BGP/MPLS

VPNs) and Label Distribution Protocol (LDP) features of the BSR 64000 product. Itcontains software configuration procedures and command descriptions for these

features.

Audience

This document is used by Network Administrators who configure the BSR 64000 to

use BGP/MPLS VPNs.

Documentation Set

The following documents comprise the BSR 64000 documentation set:

n BSR 64000 Quick Start Guide

The quick start guide provides a "roadmap" to the tasks involved in physically

installing the BSR 64000 product, physically connecting it to your network/HFC

infrastructure, and performing configuration tasks to enable the BSR 64000 to

operate in your networking environment.


12/292


xii Compass ID: 391459945 Version 2

n BSR 64000 Chassis Installation Guide

This guide provides detailed instructions for physically installing the BSR 64000

product including: procedures for rack mounting, making physical network cable

connections, connecting DC power, and for determining the status of the BSR

64000 after applying power to it. This document also provides a description of the

BSR 64000 chassis, its hardware components and modules.

n BSR 64000 Module Installation Guide

This guide contains procedures for installing additional and replacement

Resource and I/O Modules in a BSR 64000 chassis and for making physical cableconnections to the modules.

n BSR 64000 Command Line Interface Users Guide

For users, this guide describes the structure of the BSR 64000 Command Line

Interface (CLI) and its various command modes. It also provides rules and

guidelines for navigating through the CLI.

n BSR 64000 Command Reference Guide

This guide contains individual descriptions of the entire set of commands that

comprise the BSR 64000 Command Line Interface (CLI). These commands are

used to interface with, configure, manage, and maintain the BSR 64000.

n BSR 64000 System Administration Guide

For system administrators, this guide provides detailed procedures for performing

initial configuration tasks including setting up: user accounts and passwords;

telnet and console access; system logging; and associated servers such as DHCP,

DNS, etc.

n BSR 64000 CMTS Configuration and Management Guide

This guide provides the instructions and procedures for configuring and

managing BSR 64000 CMTS operation.

n BSR 64000 Routing Configuration and Management Guide

This guide contains the instructions and procedures for configuring and managing

BSR 64000 routing operation, including RIP, OSPF, and BGP.


13/292

Release 6.3.1 Preface

Compass ID: 391459945 Version 2 xiii

n BSR 64000 SNMP Configuration and Management Guide


managing BSR 64000 Simple Network Management Protocol (SNMP) operation.

It also describes SNMP MIBs; provides information that describes standard and

proprietary MIB support; describes how to walk MIBs; and how to compile and

load SNMP MIBs.

n BSR 64000 BGP/MPLS VPN Configuration Guide


managing the BSR 64000 to support and implement Border Gateway Protocol/MultiProtocol Label Switching Virtual Private Networks (BGP/MPLS VPNs).

n BSR 64000 Troubleshooting Guide

This guide contains instructions and procedures for troubleshooting typical

configuration problems that might be encountered using the BSR 64000. It also

offers suggestions for information to record, and have available should the need

arise to call Motorola support for assistance with BSR 64000 operationalproblems.

n BSR 64000 Release Notes

These documents are specific to each release of the BSR 64000 product (software

and hardware). Release notes provide information about features not documented

or incorrectly documented in the main documentation set; known problems and

anomalies; product limitations; and problem resolutions.


14/292


xiv Compass ID: 391459945 Version 2

Conventions

This document uses the conventions in the following table:

Convention Example Explanation

angle brackets < > ping

ping 54.89.145.71

Arguments in italic and enclosed by angle

brackets must be replaced by the text the

argument represents. In the example,

54.89.145.71replaces . When

entering the argument, do not type the anglebrackets.

bar brackets [ ] disable[level] Bar brackets enclose optional arguments. The

example indicates you can use the disable

command with or without specifying a level.

Some commands accept more than one

optional argument. When entering the

argument, do not type the bar brackets.

bold text cable relay-agent-option Boldface text must be typed exactly as it

appears.

brace brackets {} page{on| off} Brace brackets enclose required text. The

example indicates you must enter either onor

offafter page. The system accepts the

command with only one of the parameters.

When entering the text, do not type the brace

brackets.

italic text boot system Italic type indicates variables for which you

supply values in command syntax descriptions.

It also indicates file names, directory names,

document titles, or emphasized text.

screen display Wed May 6 17:01:03

2000

This font indicates system output.

vertical bar | page{on| off} A vertical bar separates the choices when a

parameter is required. The example indicatesyou can enter either command:

page onorpage off

When entering the parameter, do not type the

vertical bar or the brace brackets.


15/292

Release 6.3.1 Preface

Compass ID: 391459945 Version 2 xv

Notes, Cautions, Warnings

The following icons and associated text may appear in this document.

If You Need Help

Support for your BSR 64000 hardware and software is available via telephone and the

Internet.

Telephone Support

If you need assistance while working with the BSR 64000, contact the Motorola

Technical Response Center (TRC):

The Motorola TRC is on call 24 hours a day, 7 days a week.

When calling for technical support, please have the following information available:

n Your customer information, including location, main contact, and telephone

number

n BSR product and modules

Note:A note contains tips, suggestions, and other helpful information, such

as references to material not contained in the document, that can help you

complete a task or understand the subject matter.

Caution: The exclamation point, within an equilateral triangle, is intended toalert the user to the presence of important installation, servicing, andoperating instructions in the documents accompanying the equipment.

Warning: This symbol indicates that dangerous voltage levels are present

within the equipment. These voltages are not insulated and may be of

sufficient strength to cause serious bodily injury when touched. The symbolmay also appear on schematics.

U.S. 1-888-944-HELP (1-888-944-4357)

International +215-323-0044


16/292


xvi Compass ID: 391459945 Version 2

n Detailed description of the issue

n Specific information to assist with resolving the problem, including:

BSR hostname

BSR error messages and logs

Output of BSR show techcommand

Cable modem information

n List of troubleshooting steps you have performed before calling the TRC.

n Current state of your BSR 64000 product

n Severity of the issue you are reporting

When calling for repair or Advanced Component Exchange (ACE) replacement,

please provide the following additional information:

n Output of BSR show versioncommand, with part numbers and serial numbers of

BSR components

n Shipping information for the replacement, including contact name, company

name, address, phone number, and email address

Online Support

Motorola BSR Customer Website

The BSR customer website, http://bsr.motorola.com, is available for BSR customers

with active service contracts to access the latest product information, softwareupdates, troubleshooting information, and technical publications for the BSR 64000,

BSR 2000, and BSR 1000 product line.

You may request access to the site by emailing the BSR product support team at

[email protected] with the following information:

n Company name

n Contact name, phone number, and email addressn Motorola Support contact

n BSR product under service contract

The BSR product support team will email an invitation to you with further

instructions on how to set up an account on the BSR customer information website.


17/292

Compass ID: 391459945 Version 2 1-1

1Configuring BGP/MPLS VPNs

Overview

Border Gateway Protocol/Multiprotocol Label Switching Virtual Private Networks

(BGP/MPLS VPNs) are shared networks that allow traffic to be transported securely

among different locations, and can be configured for data, Voice over Internet

Protocol (VoIP), and other applications. Defined user groups at these different

physical locations can belong to the same VPN. Network traffic belonging to oneVPN is isolated from that of other VPNs to ensure that users associated with one VPN

do not have access to data or VoIP traffic of another VPN implemented over the same

physical network.

Note: BGP/MPLS VPNs are also referred to as VPNs throughout this book.


18/292


1-2 Compass ID: 391459945 Version 2

This chapter discusses the following topics:

Terminology

Introduction to the BGP/MPLS VPN

Before You Begin

VPN Task Summary

VPN Configuration

Optional Configuration Task Summary

BGP/MPLS VPN Commands

Terminology

Table 1-1provides a list of VPN related terms that are used in theBSR 64000 BGP/

MPLS VPN Configuration Guide:

Table 1-1 VPN related Terms

Term Acronym Definition

Autonomous System AS A group of networks under mutual administration that share the

same routing methodology. An AS uses an internal gateway

protocol and common metrics to route packets within the AS

and uses an external gateway protocol to route packets to other

ASs.

Border Gateway

Protocol

BGP A protocol that establishes a routing system that automatically

guarantees the loop-free exchange of routing information

between Autonomous Systems (ASs).

Cable Modem CM A modem that uses part of the capacity of the local cable

system to transmit data downstream to a home and upstream to

a Cable Modem Termination System (CMTS).

Call Management Server CMS A server that maintains and manages PacketCable Network

Call Signaling (NCS) based VoIP calls.

Cable ModemTermination System

CMTS The cable interface on the BSR.

Common Open Policy

Service

COPS A protocol used to communicate a Quality-of-Service-related

decision message to and from a Policy Decision Point (Policy

Server and CMS) and Policy Enforcement Point (BSR).

Customer Edge CE Devices at a Customer Network site, such as switches, routers,

and hosts that are connected to a Provider Network CM.


19/292

Release 6.3.1 Configuring BGP/MPLS VPNs


Customer Premises

Equipment

CPE A subscriber device such as a PC or router connected to a CM.

Dynamic Host

Configuration Protocol

DHCP A protocol for automatic TCP/IP configuration that provides

static and dynamic address allocation and management.

Domain Name Server DNS Matches the URL of a website with its proper numeric IP

address.

Hybrid Fiber-coax HFC Networks that combine both optical-fiber and coaxial cablelines. Optical fiber runs from the cable head end to

neighborhoods of 500 to 2,000 subscribers. Coaxial cable runs

from the optical-fiber feeders to each subscriber.

Interior Gateway

Protocol

IGP A protocol for exchanging routing information between

gateways (hosts with routers) within an autonomous network.

Label Distribution

Protocol

LDP LDP enables an LSR to inform other LSRs of the label bindings

it has made, thereby distributing label binding information to

peer devices for the purpose of supporting hop-by-hop

forwarding along normally routed paths.

Label Edge Router LER Applies MPLS labels to packets. An LER is also referred to as

an Edge LSR.

Label Switch Path LSP A path on which routed traffic, labeled by LDP, is forwarded

across an MPLS backbone to a specified destination.

Label Switch Router LSR A router that exchanges MPLS labels in the Provider (P) core

network.

Multi-Protocol Label

Switching

MPLS A protocol that provides a mechanism for engineering network

traffic patterns that are independent of routing tables and

supports other routing protocols by creating end-to-end links

across a network.

Multimedia Terminal

Adapter (MTA)

MTA A device that provides an interface for a subscribers telephone

service. A Terminal Adapter (TA) that is embedded into a CM

becomes an eMTA.

Multiprotocol Border

Gateway Protocol

MP-BGP Enhanced BGP protocol that distributes the VPN routing

information using VPN-IPv4 address family.

Network Address

Translation

NAT A server that can connect multiple subscribers on a VPN to the

Internet using one IP address.

Network Layer

Reachability Information

NLRI Keywords used for unicast and multicast database forwarding.




20/292



Open Shortest Path First OSPF An interior gateway routing protocol developed for IP networks

based on the shortest path first or link-state algorithm to send

routing information to all nodes in a network. This is done by

calculating the shortest path to each node based on a

topography of the network constructed by each node.

Policy Based Routing PBR Routes network traffic by establishing protocol-independent

data paths.

Policy Server PS The Policy Server applies a policy and manages the

relationships between an Application Manager (AM) and

CMTS(s). Also referred to as the Policy Decision Point (PDP).

Provider Core Router P A router that resides in the Provider Networks core.

Provider Edge PE The portion of the Provider Network that interfaces with the

Customer Network, e.g. LER.

Routing Information

Protocol

RIP An interior gateway protocol that specifies how routers

exchange routing table information. With RIP, routersperiodically exchange entire tables.

Trivial File Transport

Protocol

TFTP Simple form of the File Transfer Protocol (FTP). TFTP uses the

User Datagram Protocol (UDP) and provides no security

features. It is often used by servers to boot diskless

workstations, X-terminals, and routers.

Time of Day TOD A server that allows CMs and other CPE devices connected to

cable interfaces to get the current date and time to accuratelytime-stamp its Simple Network Management Protocol (SNMP)

messages and error log entries.

Virtual Private Network VPN Shared exclusive network that can be accessed across

geographically distributed areas.

Voice over Internet

Protocol

VoIP Supports voice communication over packet networks such as

VPNs or the Internet.

VPN Routing and

Forwarding table

VRF A VPN routing forwarding table used to route VPN traffic.



R l 6 3 1 C fi i BGP/MPLS VPN


21/292



Introduction to the BGP/MPLS VPN

The Provider Network administrator configures individual VPNs that connect to theBSR 64000 through the HFC network infrastructure. VPNs share the Provider

Networks BSR HFC network resources with other subscribers who do not belong to

a VPN. However, a VPNs traffic is isolated and its subscribers can only access traffic

that belongs to their VPN. The Provider Network uses BGP/MPLS on the BSR 64000

and other edge routers to connect the different user groups belonging to the same

VPN.

BGP/MPLS VPN OverviewA BGP/MPLS VPN consists of three major parts:

Customer Edge (CE) has devices such as switches, routers, and hosts at a

Customer Network site. These devices belong to a VPN that are connected to a

Provider Network CM or eMTA.

Provider Edge (PE) is the portion of the Provider Network that interfaces with the

Customer Network CE devices.

Provider (P) core contains one or more core routers that reside in the Provider

Networks core.

All CE devices are connected through cable (CMTS) subinterfaces and all Provider

Network equipment (P and PE routers) are connected through network interfaces.

VPN routes originate or terminate on PE routers. The PE router communicates with

CE devices through IP and communicates with P core routers through MPLS. Froman MPLS perspective, PE routers are referred to as LERs and P routers are referred to

as LSRs.

BSR 64000 BGP/MPLS VPN C fi ti d M t G id R l 6 3 1


22/292



Figure 1-1displays a typical example of a BGP/MPLS VPN.

Figure 1-1 BGP/MPLS VPN

The remainder of this section describes the interoperability between these parts of a

BGP/MPLS VPN:

Customer Edge to Provider Edge Provider Edge to Provider Core

Provider Edge to Provider Edge

LSR

LSR

LSR

LSR

0 1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 1 3 1 4 15

1 2 3 4 5 6 7 8 9 1 00 11 12 13 14 15

0 1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 1 3 1 4 15

1 2 3 4 5 6 7 8 9 1 00 11 12 13 14 15

BSR64000

VPN A20.10.3.0

VPN A20.10.1.0

VPN B100.10.1.0

VPN B100.10.2.0

VPNG001

VPN A20.10.2.0

VPN B100.10.3.0

CM CM

CM

CM

CM

CM

VPN A MPLS LSPs

VPN B MPLS LSPs

0 1 2 3 4 5 6 7 8 9 1 0 1 1 1 2 1 3 1 4 15

1 2 3 4 5 6 7 8 9 1 00 11 12 13 14 15

Release 6 3 1 Configuring BGP/MPLS VPNs


23/292



Customer Edge to Provider Edge

A CM links the Customer Network and the Provider Network. CE devices specified

for a specific VPN include the CPE behind the CM on the Customer Network.

Figure 1-2displays the CE to PE portion of the VPN:

Figure 1-2 CE to PE portion of a VPN

Once a VPN Routing and Forwarding table (VRF) is configured on the PE router for a

VPN, the following VRF information is used to learn CE routes:

VRF subinterfaces or VRF loopback interfaces (Virtual Cable Bundling)

Static routes

Connected routes

Provider Edge to Provider Core

PE routers are linked to P routers, as described below: An IGP such as OSPF or RIP dynamically exchanges routing information within

the AS to help establish MP-BGP sessions on the PE routers.

Label Distribution Protocol (LDP) is enabled on PE and P routers to provide a

signalling function on the Provider Network to establish LSPs with MPLS labels.

Static routes can also be configured to link PE routers to core P routers.

PE CE

LER

VPNG002

CM

MTA

BSR 64000 BGP/MPLS VPN Configuration and Management Guide Release 6 3 1


24/292



Figure 1-3displays the PE to P portion of the VPN:

Figure 1-3 PE to P portion of a VPN

LER

LSR

LSR

P

P

PE

VPNG003



25/292



Provider Edge to Provider Edge

MP-BGP is used between the PE routers to distribute VPN route information.

Customer Network data traffic is transported transparently through the MPLS core,which is the PE to PE section of the VPN.

Figure 1-4displays the PE to PE portion of a VPN:

Figure 1-4 PE to PE portion of a VPN

LER LER

LSR

LSR

LSR

LSR

P P

PP

PE

PE

VPNG004



26/292

g g


Provisioning BGP/MPLS VPNs for VoIP and Data

The Provider Network administrator can provision BGP/MPLS VPNs for data and

VoIP by using the following provisioning scenarios:

The Global VPN can be used to forward provisioning traffic from CMs and

eMTAs and traffic from non-VRF CPEs, which is the default.

A BGP/MPLS VPN can be used for VoIP or data traffic and provisioning traffic.

Figure 1-5shows a BGP/MPLS network that shows both VoIP traffic and VoIP

provisioning traffic forwarded within the same VPN (VPN B):

Figure 1-5 VoIP Provisioning in the same VPN

Note: Stand-alone MTAs must use the Global VPN.

LSR

LSR

LSR

0 1 2 3 4 5 6 7 8 9 1 0 1 1 12 1 3 1 4 1 5

1 2 3 4 5 6 7 8 9 1 00 11 12 13 14 15

2 1

BSR 64000

VPN A20.10.3.0

VPN A20.10.1.0

VPN B

100.10.1.0

VPN B

100.10.2.0

VPN A20.10.2.0

BVPN100.10.3.0

CM

Provisioning

VPN A MPLS LSPs

VPN B MPLS LSPs

CPE

CM

MTA

VoIP

CPE

CM

MTA

VoIP

CPE

CPE

LER

LSR

(LER)

LER



27/292


A provisioning VPN can be used to separate all provisioning traffic from CMs,

CPEs and eMTAs from the backbone network traffic and the VoIP or data traffic

from different customer VPNs. Figure 1-6displays a example of a BGP/MPLSVPN that separates VoIP (VPN B) and data (VPN A) traffic from the

provisioning VPN (VPN C).

Figure 1-6 VoIP Service and VoIP Provisioning implemented in separate VPNs

LSR

LSR

LSR

0 1 2 3 4 5 6 7 8 9 1 0 1 1 12 1 3 1 4 1 5

1 2 3 4 5 6 7 8 9 1 00 11 12 13 14 15

2 1

BSR 64000

VPN A20.10.3.0

VPN A20.10.1.0

VPN B100.10.1.0

VPN C10.10.2.0

VPN A20.10.2.0

BVPN100.10.3.0

CM

ProvisioningCPE

CM

MTA

VoIP

CPE

CM

MTA

VoIP

CPE

CPE

LER

LSR

(LER)

LER

VPN A MPLS LSPs

VPN B MPLS LSPs

VPN C

VPN C



28/292


Before You Begin

The following sections describe the prerequisites for both the Provider Network andCustomer Network:

Customer Network Prerequisites

Provider Network Prerequisites

VPN Configuration Rules

Customer Network Prerequisites

Perform the following tasks before configuring the Customer Network for VPNs:

Determine if the Operational Support System (OSS), which consists of the

DHCP, TOD, TFTP and NAT server is to be installed and administered by a VPN

administrator or a Provider network administrator on their respective networks.

Configure any other applicable servers that are used exclusively on the Customer

Network.

Contact the Provider Network administrator to define the number and what type

of VPNs that you need and discuss the naming convention for your VPN(s).

Plan the IP addressing scheme for routing interfaces, networks, and server

applications.

Note: The number of Customer Network sites per VPN depends on the

number of VRF and static routes that the BSR 64000 maintains for the VPN.

This includes local routes for directly connected CEs and routes of other sites

learned through MP-BGP notifications from peer PEs. The limit for VRF

routes is 127 and the limit for static routes is 4000.



29/292


Provider Network Prerequisites

Perform the following tasks before configuring the Provider Network for VPNs:

Ensure that HFC network(s) maintain reliable data transmission and that the

required CMTS parameters are configured correctly for the HFC networks.

Install the required Provider (P) and PE routers (which may include the BSR and

other vendor routers) necessary to support VPNs.

Plan the IP addressing scheme for routing interfaces, networks, and server

applications.

Contact the Customer Network administrator for each Customer Network to

define the number of VPNs and discuss their naming convention.

Plan for the routing protocols involved in creating VPNs. For example, know the

BGP AS numbers that are being used.

Determine if the Operational Support System (OSS), which may consist of the

CMS, DHCP, TOD, TFTP and NAT server are installed and operational.

Decide how CMs, eMTAs, and CPEs are provisioned for VPNs.

Cable Modem Configuration File Configuration Prerequisites

Make sure that DHCP and CM configuration files are set up correctly to ensure that

CMs can transmit a DHCP request, receive an IP address, obtain TFTP and ToD

server addresses, and download the CM configuration file.

For VoIP applications, the CM must place VoIP, signalling, eMTA provisioning, and

eMTA management traffic into the correct flows to map the VoIP traffic and VoIP

signalling traffic only. VoIP traffic flows are created dynamically, but the flows forthe VoIP signalling, eMTA provisioning, and eMTA management traffic need to be

specified in the CM configuration file, as follows:

An upstream flow (which is not the primary flow) for VoIP signalling and

DOCSIS MAC messages (to prevent delay).

eMTA provisioning and management traffic for the primary upstream flow.

Note: If PacketCable or PacketCable Multimedia is implemented on a BSR

with BGP/MPLS VPNs, the configuration must be implemented on the Global

VPN.



30/292


VPN Configuration Rules

Follow these VPN configuration rules for both data and VoIP VPNs:

One VRF is created for one VPN only.

A CM can be specified for one subinterface only.

A subinterface can be specified for one VPN only.

CPE or eMTA IP addresses configured for one VPN can be used again (overlap)

for the CPE or eMTA IP addresses of another VPN. This helps conserve IP

addresses on the Provider Network.

All the CMs of a cable interface can be associated with either a Provisioning VPN

or a Global VPN.

CM IP addresses must be unique across all interfaces.

CPEs that are not associated with any VPN are in the Global VPN by default.



31/292


VPN Task Summary

The following sections provide a summary of the configuration tasks for the ProviderNetwork and a Customer Network for data, VoIP, or combined data and VoIP VPN

applications:

Provider Network Configuration Tasks

Customer Network Configuration for VPNs

Provider Network Configuration Tasks

Table 1-2provides a VPN configuration task summary:

Table 1-2 VPN Configuration Task Summary

Task Refer to:

1. Create a VRF for each VPN. Creating a VRF on page 1-17

2. Enable MPLS on the PE router. Enabling MPLS on page 1-193. Configure the PE network interface and

Enable LDP on this (MPLS) interface.

Configuring the PE Network Interface on page 1-19

4. Assign a loopback interface for PE to PE

interoperability for MP-BGP.

Configure a Loopback Interface for PE to PE

Interoperability on page 1-21

5. Configure the cable interface(s) on the BSR

that are used by data and VoIP VPNs and

non-VPNs.

Configuring a Cable Interface for a VPN on page 1-22

6. Provision VPNs. Configuration Scenarios for CM, eMTA Provisioning and

Voice Traffic in Multiple VPNs on page 1-25

7. Enable and configure IGP or static routes for

VPNs.

Configuring IGP or Static Routes for VPNs on page 1-48

8. Configure the MP-BGP AS and neighbor

sessions.

Configuring the BGP AS and Neighbor Sessions on page

1-49

9. Redistribute BGP, connected, or static VRF

networks into MP-BGP.

Redistribute Connected or Static VRF Networks into

MP-BGP on page 1-50

10. Configure the MP-BGP to advertise VPN

Version 4 routes between PE routers.

Configuring MP-BGP to Advertise VPNv4 Routes on

page 1-53

11. Optionally redistribute routes between

different VRFs.

Redistributing Routes Between Different VRFs on page

1-54



32/292


Customer Network Configuration for VPNsHost devices in the Customer Network that are directly connected to a CM or eMTAs

can get their IP addresses either from a DHCP server on the Provider Network or from

a DHCP server within a VPN.

VPN Configuration

You must create a VPN Routing and Forwarding table (VRF) and specify a RouteDistinguisher (RD), Import Route Target, and Export Route Target for it.

The RD is added to a VPN Customer Network's IP address to create a Globally unique

VPN Internet Protocol Version 4 (VPN-IPv4) address.

The BSR distributes VPN-IPv4 routes with an export Route Target Extended

Community (RTEC). The RTEC format can be either an AS number and an arbitrary

number, or an IP address and an arbitrary number.

12. Configure Internet access for VPN Customer

Networks.

Configuring Internet Access for a VPN on page 1-56

13. Configure access between the BSR and

CMS over the Common Open Policy Service

(COPS) interface for a VoIP VPN.

Configuring Policy Decision Point Access for a VoIP

VPN on page 1-57

Table 1-2 VPN Configuration Task Summary

Task Refer to:



33/292


Creating a VRF

VRF names can be created depending on your application of BGP/MPLS VPNs. For

example, the following VRFs can be created for a mixed VoIP and data application:

ISP1_CPE_VPN

ISP2_CPE_VPN

VOIP_Prov_VPN

VOIP_Voice_VPN

Follow these steps to create a VRF:1. Use the ip vrf command in Global Configuration mode to create a VRF:

MOT:7A(config)#ip vrf

where:

WORDis the VRF name.

2. Use the rdcommand in VRF Configuration mode to specify the Route

Distinguisher (RD) for the VRF that you created:

MOT:7A(config-vrf)#rd[ |]

where:

A.B.C.D:is the IP address.

EFis a 16 bit arbitrary number.

For example, 10.200.12.15:1

Ais an AS number

BCis a 32 bit arbitrary number.

For example, 2:7

Note:An RD cannot be deleted or changed. Delete the VRF to change theRD. To do this, issue the exit command to enter Global Configuration mode

and issue the no ip vrf command, and repeat Step 1and Step 2.



34/292


3. Use the route-target importcommand to specify the import route target.

If the import target is not the same, issue the route-target importcommand:

MOT:7A(config-vrf)#route-target import[ | ]

where:

A.B.C.D:EFis a 32-bit IP address followed by a colon and a 16-bit arbitrary

number. For example: 152.10.2.1:3

A:BCis a 16-bit AS number followed by a colon and a 32-bit arbitrary

number. For example: 200:10

4. Use the route-target exportcommand to specify the export route target for the

VPN:

MOT:7A(config-vrf)#route-target export[ | ]

where:

A.B.C.D:EFis a 32-bit IP address followed by a colon and a 16-bit arbitrary

number. For example: 152.10.2.1:4

A:BCis a 16-bit AS number followed by a colon and a 32-bit arbitrary

number. For example: 200:11

5. Repeat Step 1through Step 4to create a VRF for each VPN that you configure.

When you are finished proceed to Step 6.

6. Use the copy running-config startup-configcommand to copy the current

system configuration to the system startup configuration, which saves these

configuration changes.

7. Use the exitcommand to enter Global Configuration mode.

Note: If the import and export route target are the same, the keyword both

argument can be used. For example:

MOT:7A(config-vrf)#route-target both[ | ]

Note: Local routes in one VRF instance can be imported into another VRF

instance using export and import route targets. This is when the export routetarget of one VRF matches with a route import target of another.



35/292


Enabling MPLS

Follow these steps to enable MPLS globally:

1. Use the mpls ipcommand in Global Configuration mode to enable the MPLS

Protocol on the BSR so it can function as a PE router:

MOT:7A(config)#mpls ip

2. Check to see that MPLS is running with the show running-config command, in

Global Configuration mode, as follows:

MOT:7A(config)#show running-config | begin mpls"mpls ip" should appear as an entry in the running configuration file

Configuring the PE Network Interface

Follow these steps to configure the PE network interface:

1. Select the network interface on BSR to be used for the PE network interface, by

issuing the interfacecommand in Global Configuration mode:

MOT:7A(config)#interface{pos | ethernet | gigaether }

where:

posis the Packet over SONET interface.

ethernetis any 10 or 10/100 Ethernet interface.

gigaetheris the Gigabit Ethernet interface.

Xis the slot number.

Yis the port number.

Note: If you need more information on MPLS, please refer to Chapter 16 of

the BSR 64000 Configuration and Management Guide.



36/292


2. Use theip address command in Interface Configuration mode to define an IP

address for the PE interface:

MOT:7A(config-if)#ip address

where:

A.B.C.Dis the IP address of the BSR interface for the PE network interface.

A.B.C.Dis the subnetwork mask of the IP network on which the interface is

associated.

3. Use the no shutdowncommand to enable the PE interface.

4. Use the mpls label protocol ldpcommand in Interface Configuration mode to

enable LDP on the interface for label advertising and distribution of labels for

each LDP peer on the BGP/MPLS VPN. This allows label exchange with

configured LDP peers:

MOT:7A(config-if)#mpls label protocol ldp

5. If the PE interface IP address must be advertised in LDP Discovery Hello

messages sent on this interface, then issue the mpls ldp discovery

transport-addresscommand in Interface Configuration mode:

MOT:7A(config-if)#mpls ldp discovery transport-address [interface |

]

where:

interfaceuses its IP address for the LDP transport address.A.B.C.D defines an IP address other than the interface IP address for the LDP

transport address.

6. Use the show mpls ldp interface command to verify that the interface is

configured to enable LDP:

MOT:7A(config-if)#show mpls ldp interface



37/292


Figure 1-7shows an example of interfaces on the BSR that are configured to use

LDP.

Figure 1-7 show mpls ldp interface Command Output

7. Use the show mpls ldp neighbor command to verify the MPLS LDP neighbor

relationships:

MOT:7A(config-if)#show mpls ldp neighbor

Configure a Loopback Interface for PE to PE Interoperability

Follow these steps to specify a loopback interface to enable PE to PE interoperability

for MP-BGP sessions:

1. Use the interface loopback command in Global Configuration mode to enter a

loopback interface.

MOT:7A(config)#interfaceloopback

where:

1-255is the loopback interface number.

Note: If you need more information on LDP, please refer to Chapter 3.

Note: Using a loopback interface eliminates operational status and

negotiated address dependencies that result from using the IP address of a

physical interface on the router to configure BGP. Refer to Configuring

MP-BGP to Advertise VPNv4 Routes on page 1-53for more information.

BSR:7A(config-if)#show mpls ldp interfaceInterface Ldp ID NbrCount Next Hello(sec)

ethernet 12/1 20.20.1.1:0 1 5

ethernet 12/2 20.20.1.1:0 0 4

ethernet 12/7 20.20.1.1:0 0 3



38/292



address for the loopback interface. This IP address is used for all Global CMs on

the BSR.MOT:7A(config-if)#ip address

where:

A.B.C.Dis the IP address of the BSR interface designated for the loopback

interface.


associated.

Configuring a Cable Interface for a VPN

Follow these steps to configure basic cable interface parameters and VPN-specific

parameters.

1. Use the interface cablecommand in Global Configuration mode to enter the

desired cable interface:

MOT:7A(config)#interface cable where:



2. Use the ip vrf forwardingcommand in Interface Configuration mode to specify

a VRF for this cable interface:

MOT:7A(config-if)#ip vrf forwarding

where:

WORDis the VRF name.

3. Use the no shutdowncommand to enable this interface.

Note: Refer to Chapter 6 in the BSR 64000 Configuration and Management

Guidefor additional information on configuring the cable interface.



39/292


4. Use the cable bundlecommand in Interface Configuration mode to specify this

(slave) cable interface with the same cable bundle number that is configured for

the master loopback interface:

MOT:7A(config-if)#cable bundle

where:

1-255is the number of the cable bundle identifier.

5. Use the nocable downstream 0 shutdowncommand to enable the cable

interfaces downstream port.

6. The upstream ports are in a shutdown state by default. Use the no cable

upstream shutdowncommand in Interface Configuration mode to enable the

upstream ports:

MOT:7A(config-if)#no cable upstream shutdown

where:

NUMis the upstream port number.

7. Repeat Step 6to enable another upstream port.

Note: This (slave) cable bundle number must be consistent with the master

cable bundle number. In section Configuration Scenarios for CM, eMTA

Provisioning and Voice Traffic in Multiple VPNs on page 1-25, a master

loopback interface, which uses a master cable bundle number, is configured

in each provisioning scenario.

Cable bundling is not required in BGP/MPLS VPN Configurations, but it ismost commonly used to simplify them.



40/292


8. The upstream logical channels are in a shutdown state by default. Use the no

cable upstream shutdowncommand in Interface Configuration mode to enable

an upstream logical channel:

MOT:7A(config-if)#no cable upstream shutdown

where:

X/Yis the upstream port number and logical channel.

9. Repeat Step 8to enable another logical channel on an upstream port.

10. Use theip dhcp relay information optioncommand to enable the DHCP relay

agent.

MOT:7A(config-if)#ip dhcp relay information option

11. Use the show interface cablecommand to ensure that this cable interface and its

upstream and downstream ports are enabled:

MOT:7A(config-if)#show interface cable

where:



12. Use the copy running-config startup-configcommand to copy the current

system configuration to the system startup configuration.

13. Use the exitcommand to exit Interface Configuration mode.

Note: Refer to the BSR 64000 Configuration and Management Guideformore information on logical channels.



41/292


Configuration Scenarios for CM, eMTA Provisioning and

Voice Traffic in Multiple VPNs

Table 1-3lists the tasks needed to configure Virtual Cable Bundling on the BSR for

different data and VoIP VPN provisioning schemes:

Table 1-3 Configuring Virtual Cable Bundling for Data and VoIP VPN Provisioning

Schemes

If Then refer to:

Configuring VPNs for data only. Provisioning CMs

and CPEs is accomplished on the Global VPN.

1. Creating a Virtual Cable Bundle for Global CMs

Option 1 on page 1-26

2. Creating a Virtual Cable Bundle for a Data or

Voice VPN on page 1-43

3. Refer to Configuring VPNs for Data Only on

page 2-21for a configuration example.

Configuring multiple data VPNs and VoIP VPNs.

Provisioning of CMs and eMTAs is accomplished onthe Global VPN.

1. Creating a Virtual Cable Bundle for Global CMs

Option 2 on page 1-29



3. Refer to Configuring Multiple Data VPNs and

VoIP VPNs on page 2-22for a configuration

example.

Configuring multiple data VPNs and VoIP VPNs.

Provisioning of CMs and eMTAs is accomplished on aCM Provisioning VPN.

1. Creating a Virtual Cable Bundle for a CM in

Provisioning VPN on page 1-35



3. Refer to Configuring Multiple VPNs Using a CM

Provisioning VPN on page 2-23for a

configuration example.

Configuring a Single VPN for both VoIP and VoIP

Provisioning Functions

1. Creating a Virtual Cable Bundle for an eMTA

Provisioning VPN on page 1-402. Refer to Configuring a Single VPN for both VoIP

and VoIP Provisioning Functions on page 2-26

for a configuration example.



42/292


Creating a Virtual Cable Bundle for Global CMs Option 1

A virtual cable bundle for CMs and Global CPEs is implemented in a data VPN only.

Follow these steps to specify Global CMs and CPEs, the CMs belonging to multipleVPNs, and its virtual cable bundle to a specified loopback interface:


loopback interface.


where:



address on the loopback interface for all Global CMs:

MOT:7A(config-if)#ip address

where:

A.B.C.Dis the IP address of the BSR interface designated for the loopbackinterface.


associated.

3. Use the ip addresscommand in Interface Configuration mode to specify a

secondary IP address on this loopback interface:

MOT:7A(config-if)#ip address secondary host

where:A.B.C.Dis the secondary IP address of the BSR interface.


associated.

secondary hostdesignates the IP address as a secondary IP address for

Global CPE hosts.

Note:A 32-bit mask (255.255.255.255) is permitted for a loopback IP

address.


S fi ddi i l b hi l b k i f d


43/292


4. Repeat Step 3to configure additional VRF subnets on this loopback interface and

proceed to Step 5.

5. Use the cable helper-addresscommand to forward DHCP requests from CMs tothe IP address of the DHCP server.

MOT:7A(config-if)#cable helper-address cable-modem

where

A.B.C.D is the IP address of the destination DHCP server.

cable-modemforwards DHCP requests from CMs.

6. Use the cable helper-addresscommand to forward DHCP requests from MTA

devices to the IP address of the DHCP server.

MOT:7A(config-if)#cable helper-address mta

where


mtaforwards DHCP requests from MTA devices.

7. Use the cable helper-addresscommand to forward DHCP requests from CPE

hosts to the IP address of the DHCP server. This command helps CPEs get an IP

address from the DHCP server and successfully register with the BSR.

MOT:7A(config-if)#cable helper-address host

where


hostforwards DHCP requests from CPE host devices.

8. Use the cable bundle mastercommand to specify the loopback interface as the

master cable interface and specify the bundle a number:

MOT:7A(config-if)#cable bundle master

where:


9. Use the exitcommand to exit Interface Configuration mode.


10 U th i t f bl d i Gl b l C fi ti d t t th


44/292


10. Use the interface cablecommand in Global Configuration mode to enter the

desired cable interface:

MOT:7A(config)#interface cable

where:



11. Use the cable bundlecommand in Interface Configuration mode to specify this

(slave) cable interface with the same cable bundle number that was configured for

the master loopback interface:

MOT:7A(config-if)#cable bundle

where:


12. Use theip dhcp relay information optioncommand to enable the DHCP relay

agent.

MOT:7A(config-if)#ip dhcp relay information option13. Use the exitcommand to exit Interface Configuration mode.

14. Use the interface cable command in Global Configuration mode to enter the

cable subinterface:

MOT:7A(config)#interfacecable

where:



.Nis the subinterface number from 1 to 127 used for configuring a VPN on a

cable interface.

Note: This (slave) cable bundle number must be consistent with the master

cable bundle number.


15 Use the ip address command in Subinterface Configuration mode to specify a


45/292


15. Use the ip addresscommand in Subinterface Configuration mode to specify a

primary network IP address and subnet address for this subinterface:

MOT:7A(config-if)#ip address { }

where:

A.B.C.D is the IP address of the subinterface.

A.B.C.D is the network mask of the IP network on which the subinterface is

associated.

16. Use the endcommand to return to Global Configuration mode.

Creating a Virtual Cable Bundle for Global CMs Option 2

Follow these steps to specify a virtual cable bundle for Global CMs whose hosts

belong to multiple VPNs. In this instance, data VPNs, eMTAs, and VoIP VPNs have

their respective provisioning functions on the Global VPN.


loopback interface.


where:



2 Use the ip address command in Interface Configuration mode to define an IP


46/292



address on the loopback interface for the Global CMs and eMTAs. The

host-sub-interface, mta-sub-interface, and voice-sub-interfacearguments can

be used to specify the forwarding of CPE, eMTA provisioning, and VoIP traffic:

MOT:7A(config-if)#ip address [host-sub-interface

| mta-sub-interface | voice-sub-interface]

where:

A.B.C.Dis the IP address of the BSR interface designated for the loopback

interface.

A.B.C

BSR64K-R6.3.1-VPNGuide

Documents

Transcript of BSR64K-R6.3.1-VPNGuide