Wednesday, May 13, 2026

Cisco MPLS VPN Lab Guide | VRF, IS-IS and MP-BGP VPNv4 Configuration

Complete MPLS L3VPN Using IS-IS, VRF and VPNv4 MP-BGP Configuration Guide

Complete MPLS Layer 3 VPN Using IS-IS, VRF and VPNv4 MP-BGP

MPLS Layer 3 VPN is one of the most important technologies used by enterprise companies, telecom providers, cloud providers and data center operators. This lab demonstrates how to configure MPLS VPN using:

  • VPNv4 MP-BGP
  • VRF
  • Route Distinguishers
  • Route Targets
  • IS-IS PE-CE Routing
  • Route Redistribution

๐Ÿ’ก What You Will Learn

  • How MP-BGP exchanges VPNv4 routes
  • How VRF isolates customer routing tables
  • How IS-IS works inside MPLS VPN environments
  • How to configure IS-IS Level-2 routers
  • How redistribution works between IS-IS and BGP
  • How MPLS VPN scales for multiple customers
  • How Route Targets control VPN membership

Table of Contents

1. MPLS VPN Introduction

MPLS stands for Multi Protocol Label Switching. Instead of forwarding packets purely based on IP routing table lookups, MPLS forwards traffic using labels.

This improves:

  • Scalability
  • Traffic Engineering
  • VPN Isolation
  • Fast Forwarding
  • Service Provider Design

Important MPLS Components

Component Purpose
PE Router Provider Edge Router connecting customers
P Router Core MPLS Router
CE Router Customer Edge Router
VRF Virtual Routing Table
MP-BGP VPN Route Exchange

MPLS Label Switching Formula

$$ Incoming\ Label \rightarrow Swap \rightarrow Outgoing\ Label $$

MPLS routers swap labels instead of performing complex routing lookups.

2. VPNv4 MP-BGP Neighbor Configuration

VPNv4 MP-BGP exchanges customer VPN routes between PE routers.

Task Objective

Configure VPNv4 BGP peering between R1 and R4.

R1 Configuration

Basic Example:

router bgp ASN
 neighbor LOOPBACK remote-as ASN
 address-family vpnv4
  neighbor activate


R1

router bgp 1000
 neighbor 4.4.4.4 remote-as 1000
 neighbor 4.4.4.4 update-source loopback0

 address-family vpnv4
  neighbor 4.4.4.4 activate

R4 Configuration


R4

router bgp 1000
 neighbor 1.1.1.1 remote-as 1000
 neighbor 1.1.1.1 update-source loopback0

 address-family vpnv4
  neighbor 1.1.1.1 activate
๐Ÿ“˜ Why Use Loopbacks for BGP?

Loopback interfaces provide stable BGP sessions. If physical interfaces fail but alternate paths exist, BGP remains operational.

VPNv4 Address Representation

$$ VPNv4 = RD + IPv4Prefix $$

Example:

$$ 1000:1 : 10.1.1.0/24 $$

3. Configuring VRF Cust-A

VRF allows multiple customers to use overlapping IP address spaces.

R1 Configuration


vrf definition Cust-A
 rd 1000:1

 address-family ipv4
  route-target both 1000:1

interface e0/1
 vrf forwarding Cust-A
 ip address 192.1.15.1 255.255.255.0
 no shutdown

R4 Configuration


vrf definition Cust-A
 rd 1000:1

 address-family ipv4
  route-target both 1000:1

interface e0/2
 vrf forwarding Cust-A
 ip address 192.1.48.4 255.255.255.0
 no shutdown

Route Target Logic

$$ Import = Matching\ RouteTarget $$

Routes are imported into VRFs only when Route Targets match.

4. IS-IS Fundamentals

IS-IS stands for Intermediate System to Intermediate System. It is a link-state routing protocol commonly used in service provider networks.

Why IS-IS Is Popular

  • Scales efficiently
  • Fast convergence
  • Simple hierarchy
  • Works well with MPLS
  • Protocol independent design

IS-IS NET Address Structure

$$ NET = AreaID + SystemID + NSEL $$

Example:

$$ 49.0000.1111.1111.1111.00 $$

NET Breakdown

Field Value
Area ID 49.0000
System ID 1111.1111.1111
NSEL 00

5. IS-IS Between R1 and R5 for Cust-A

Customer A uses IS-IS between CE router R5 and PE router R1.

Important IS-IS Concepts

  • Level-2 routers act similarly to backbone routers
  • Wide metric style supports modern metrics
  • IS-IS runs directly over Layer-2

IS-IS SPF Calculation

$$ ShortestPath = \sum LinkCosts $$

R1 Configuration

Configuration Example:

router isis PROCESS-ID
 vrf CUSTOMER-NAME
 net NET-ADDRESS


R1

router isis 1
 vrf Cust-A
 net 49.0000.1111.1111.1111.00
 is-type level-2
 metric-style wide
 redistribute bgp 1000

interface e0/1
 ip router isis 1

Redistribute IS-IS into BGP


router bgp 1000

 address-family ipv4 vrf Cust-A
  redistribute isis 1

R5 Configuration


router isis
 net 49.0000.5555.5555.5555.00
 is-type level-2
 metric-style wide

interface loopback0
 ip router isis

interface e0/0
 ip router isis
๐Ÿ“˜ Why Wide Metric Style?

Traditional IS-IS metrics were limited. Wide metric style supports larger and more scalable metrics required in modern MPLS environments.

6. IS-IS Between R4 and R8 for Cust-A

R4 Configuration


router isis 1
 vrf Cust-A
 net 49.0000.4444.4444.4444.00
 is-type level-2
 metric-style wide
 redistribute bgp 1000

interface e0/2
 ip router isis 1

BGP Redistribution


router bgp 1000

 address-family ipv4 vrf Cust-A
  redistribute isis 1

R8 Configuration


router isis
 net 49.0000.8888.8888.8888.00
 is-type level-2
 metric-style wide

interface loopback0
 ip router isis

interface e0/0
 ip router isis

7. Configuring VRF Cust-B

R1 Configuration


vrf definition Cust-B
 rd 1000:2

 address-family ipv4
  route-target both 1000:2

interface e0/2
 ip vrf forwarding Cust-B
 ip address 192.1.16.1 255.255.255.0
 no shutdown

R4 Configuration


vrf definition Cust-B
 rd 1000:2

 address-family ipv4
  route-target both 1000:2

interface e0/1
 ip vrf forwarding Cust-B
 ip address 192.1.47.4 255.255.255.0
 no shutdown

๐ŸŽฏ Important Concept

VRF separation allows multiple customers to safely use overlapping IP ranges.

8. IS-IS Between R1 and R6 for Cust-B

R1 Configuration


router isis 2
 vrf Cust-B
 net 49.0000.1111.1111.1111.00
 is-type level-2
 metric-style wide
 redistribute bgp 1000

interface e0/2
 ip router isis 2

BGP Redistribution


router bgp 1000

 address-family ipv4 vrf Cust-B
  redistribute isis 2

R6 Configuration


router isis
 net 49.0000.6666.6666.6666.00
 is-type level-2
 metric-style wide

interface loopback0
 ip router isis

interface e0/0
 ip router isis

9. IS-IS Between R4 and R7 for Cust-B

R4 Configuration


router isis 2
 vrf Cust-B
 net 49.0000.4444.4444.4444.00
 is-type level-2
 metric-style wide
 redistribute bgp 1000

interface e0/1
 ip router isis 2

BGP Redistribution


router bgp 1000

 address-family ipv4 vrf Cust-B
  redistribute isis 2

R7 Configuration


router isis
 net 49.0000.7777.7777.7777.00
 is-type level-2
 metric-style wide

interface loopback0
 ip router isis

interface e0/0
 ip router isis

10. MPLS and IS-IS Mathematics

Shortest Path First Formula

$$ SPF = Minimum\ Total\ Metric $$

Bandwidth Formula

$$ Bandwidth = \frac{Data}{Time} $$

Latency Formula

$$ Latency = Propagation + Queuing + Serialization + Processing $$

VPN Route Formula

$$ VPNRoute = RD + IPv4Prefix $$

Redistribution Logic

$$ IS-IS \leftrightarrow MPBGP $$

IS-IS Metric Addition

$$ TotalMetric = Metric_1 + Metric_2 + Metric_3 $$

11. Verification Commands

Verify IS-IS Neighbors

show isis neighbors

Verify VRFs

show vrf

Verify VPNv4 Routes

show bgp vpnv4 unicast all

Verify IS-IS Database

show isis database

Verify VRF Routes

show ip route vrf Cust-A

Expected Output Example

R1#show isis neighbors

System Id      Type Interface IP Address State Holdtime Circuit Id
R5             L2   Et0/1     Up    28   R5.01

12. Troubleshooting MPLS VPN with IS-IS

Problem 1: IS-IS Neighbor Not Forming

  • Area mismatch
  • Level mismatch
  • Interface shutdown
  • Missing ip router isis command

Problem 2: VRF Routes Missing

  • Route Target mismatch
  • Missing redistribution
  • BGP session down

Problem 3: VPNv4 Neighbor Down

  • Loopback unreachable
  • Wrong update-source
  • Missing vpnv4 activation

Useful Debug Commands

debug isis adj-packets
debug ip bgp
debug ip routing

13. End-to-End Route Flow

  1. R5 advertises routes into IS-IS
  2. R1 learns routes inside VRF Cust-A
  3. R1 redistributes routes into MP-BGP
  4. VPNv4 routes travel to R4
  5. R4 imports matching Route Targets
  6. R4 redistributes routes into IS-IS
  7. R8 receives remote customer routes
$$ CE \rightarrow PE \rightarrow MPBGP \rightarrow PE \rightarrow CE $$

14. Final Learning Summary

๐ŸŽฏ Key Takeaways

  • MP-BGP exchanges VPN routes
  • VRFs isolate customer routing tables
  • IS-IS provides scalable PE-CE routing
  • Route Targets control VPN membership
  • Route Distinguishers create unique prefixes
  • MPLS VPN enables scalable multi-customer design

16. Final Thoughts

MPLS Layer 3 VPN with IS-IS is widely deployed in large enterprise and service provider networks. Understanding VRFs, MP-BGP, IS-IS, redistribution and VPNv4 routing is critical for CCNP Enterprise, CCIE Enterprise Infrastructure and CCIE Service Provider engineers.

This lab demonstrated:

  • VPNv4 BGP peering
  • VRF deployment
  • IS-IS PE-CE routing
  • Redistribution between IS-IS and BGP
  • Customer route isolation
  • Scalable MPLS VPN architecture
By at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Featured Post

How HMT Watches Lost the Time: A Deep Dive into Disruptive Innovation Blindness in Indian Manufacturing

The Rise and Fall of HMT Watches: A Story of Brand Dominance and Disruptive Innovation Blindness The Rise and Fal...

Popular Posts