Complete Cisco IOS XR MPLS L3VPN Configuration Guide | OSPF, LDP, MP-BGP, VRF & VPNv4

Complete Cisco IOS XR MPLS L3VPN Configuration Guide Part 1

In this complete educational Cisco IOS XR MPLS tutorial, we will build a full MPLS Layer 3 VPN environment using OSPF, LDP, MP-BGP, VPNv4, VRFs, Route Reflectors, and PE-CE BGP routing.

This is Part 1 of the complete MPLS and Segment Routing series.

🚀 Upcoming Parts in This Series

• Segment Routing using OSPF
• Segment Routing using IS-IS
• SR-LDP Mapping Server
• Traffic Engineering with SR
• SR Policy Configuration
• MPLS Fast Reroute
• TI-LFA Protection

📚 Table of Contents

• 1. MPLS L3VPN Introduction
• 2. Network Topology
• 3. Task 1 - OSPF Core Setup
• 4. Task 2 - MPLS LDP Configuration
• 5. Task 3 - MP-iBGP VPNv4 Setup
• 6. Task 4 - VRF and PE Configuration
• 7. Task 5 - CE Router Configuration
• 8. Verification Commands
• 9. MPLS Mathematics
• 10. Troubleshooting
• 11. Related Articles

1. MPLS L3VPN Introduction

MPLS Layer 3 VPN is one of the most important technologies used by service providers to deliver scalable VPN services to enterprise customers.

The provider backbone transports customer traffic while maintaining complete routing separation using VRFs.

MPLS Label Switching Formula

$$ Forwarding = Label\\ Lookup + LFIB\\ Decision $$

Where:

• LFIB = Label Forwarding Information Base
• MPLS labels replace long routing lookups
• Forwarding becomes faster and scalable

2. MPLS Network Topology

CE1 ---- XR1 ---- XR2 ---- XR3 ---- XR4 ---- XR5 ---- CE2

         PE        P        RR       P        PE

Device Roles:

Router	Role
XR1	PE Router
XR2	P Router
XR3	Route Reflector
XR4	P Router
XR5	PE Router

3. Task 1 - Configure OSPF Core Routing

The first step in every MPLS deployment is establishing reachability between all provider routers.

OSPF is used as the Interior Gateway Protocol inside AS 100.

💡 Why OSPF?

• Fast convergence
• Scalable link-state routing
• Excellent MPLS integration
• Supports Traffic Engineering
• Foundation for Segment Routing

OSPF SPF Calculation

$$ Shortest\\ Path = \sum Cost $$

OSPF calculates shortest paths using Dijkstra SPF algorithm.

XR1 Configuration

hostname XR1

interface gig0/0/0/0
 ip address 192.1.12.1 255.255.255.0
 no shut
!

interface loopback0
 ip address 10.1.1.1 255.255.255.255
!

router ospf 1
 router-id 0.0.0.1
 area 0
  interface gig0/0/0/0
  exit
  interface loopback0
  exit
!

commit

XR2 Configuration

hostname XR2

interface gig0/0/0/0
 ip address 192.1.12.2 255.255.255.0
 no shut
!

interface gig0/0/0/1
 ip address 192.1.23.2 255.255.255.0
 no shut
!

interface loopback0
 ip address 10.1.1.2 255.255.255.255
!

router ospf 1
 router-id 0.0.0.2
 area 0
  interface gig0/0/0/0
  exit
  interface gig0/0/0/1
  exit
  interface loopback0
  exit
!

commit

XR3 Configuration

hostname XR3

interface gig0/0/0/0
 ip address 192.1.23.3 255.255.255.0
 no shut
!

interface gig0/0/0/1
 ip address 192.1.34.3 255.255.255.0
 no shut
!

interface loopback0
 ip address 10.1.1.3 255.255.255.255
!

router ospf 1
 router-id 0.0.0.3
 area 0
  interface gig0/0/0/0
  exit
  interface gig0/0/0/1
  exit
  interface loopback0
  exit
!

commit

XR4 Configuration

hostname XR4

interface gig0/0/0/0
 ip address 192.1.34.4 255.255.255.0
 no shut
!

interface gig0/0/0/1
 ip address 192.1.45.4 255.255.255.0
 no shut
!

interface loopback0
 ip address 10.1.1.4 255.255.255.255
!

router ospf 1
 router-id 0.0.0.4
 area 0
  interface gig0/0/0/0
  exit
  interface gig0/0/0/1
  exit
  interface loopback0
  exit
!

commit

XR5 Configuration

hostname XR5

interface gig0/0/0/0
 ip address 192.1.45.5 255.255.255.0
 no shut
!

interface loopback0
 ip address 10.1.1.5 255.255.255.255
!

router ospf 1
 router-id 0.0.0.5
 area 0
  interface gig0/0/0/0
  exit
  interface loopback0
  exit
!

commit

OSPF Verification Output

XR1#show ospf neighbor

Neighbor ID     Pri State           Dead Time Address         Interface
0.0.0.2           1 FULL/DR         00:00:32 192.1.12.2      Gig0/0/0/0

4. Task 2 - Configure MPLS LDP

LDP stands for Label Distribution Protocol.

LDP distributes MPLS labels between routers.

MPLS Label Mapping

$$ FEC \rightarrow Label $$

Where:

• FEC = Forwarding Equivalence Class
• Each route receives a label

XR1 MPLS LDP

mpls ldp
 router-id 10.1.1.1

 interface gig0/0/0/0
  exit
!

commit

XR2 MPLS LDP

mpls ldp
 router-id 10.1.1.2

 interface gig0/0/0/0
  exit

 interface gig0/0/0/1
  exit
!

commit

XR3 MPLS LDP

mpls ldp
 router-id 10.1.1.3

 interface gig0/0/0/0
  exit

 interface gig0/0/0/1
  exit
!

commit

XR4 MPLS LDP

mpls ldp
 router-id 10.1.1.4

 interface gig0/0/0/0
  exit

 interface gig0/0/0/1
  exit
!

commit

XR5 MPLS LDP

mpls ldp
 router-id 10.1.1.5

 interface gig0/0/0/0
  exit
!

commit

LDP Verification

XR1#show mpls ldp neighbor

Peer LDP Identifier: 10.1.1.2:0
 TCP connection: 192.1.12.2 - 192.1.12.1
 State: Oper

5. Task 3 - Configure MP-iBGP VPNv4

MP-BGP distributes VPNv4 routes between PE routers.

XR3 acts as the Route Reflector.

VPNv4 Route Formula

$$ VPNv4 = RD + IPv4\\ Prefix $$

Example:

$$ 100:1:10.11.11.0/24 $$

XR1 MP-BGP

router bgp 100

 address-family vpnv4 unicast
 exit

 neighbor 10.1.1.3
  remote-as 100
  update-source loopback0

  address-family vpnv4 unicast
  exit
!

commit

XR5 MP-BGP

router bgp 100

 address-family vpnv4 unicast
 exit

 neighbor 10.1.1.3
  remote-as 100
  update-source loopback0

  address-family vpnv4 unicast
  exit
!

commit

XR3 Route Reflector

router bgp 100

 address-family vpnv4 unicast
 exit

 neighbor-group MP-IBGP
  remote-as 100
  update-source loopback0

  address-family vpnv4 unicast
   route-reflector-client
  exit
 exit

 neighbor 10.1.1.1
  use neighbor-group MP-IBGP
 exit

 neighbor 10.1.1.5
  use neighbor-group MP-IBGP
 exit
!

commit

Why Route Reflectors?

Without Route Reflectors:

$$ Sessions = \frac{n(n-1)}{2} $$

A full mesh becomes difficult at scale.

Route Reflectors reduce BGP sessions significantly.

6. Task 4 - Configure VRF and PE-CE BGP

Now we create VRFs on PE routers.

💡 Understanding RD and RT

• RD creates uniqueness
• RT controls route sharing
• VPNv4 uses both RD and RT

XR1 VRF Configuration

vrf Cust-A

 address-family ipv4 unicast

  import route-target
   100:1
  exit

  export route-target
   100:1
  exit
!

commit


interface Gig0/0/0/1
 vrf Cust-A
 ip address 192.168.10.1 255.255.255.0
 no shut
!

commit


route-policy PASSALL
 pass
!


router bgp 100

 address-family ipv4 unicast
 exit

 vrf Cust-A

  rd 100:1

  address-family ipv4 unicast
  exit

  neighbor 192.168.10.11
   remote-as 65001

   address-family ipv4 unicast
    route-policy PASSALL in
    route-policy PASSALL out
   exit
 exit
!

commit

XR5 VRF Configuration

vrf Cust-A

 address-family ipv4 unicast

  import route-target
   100:1
  exit

  export route-target
   100:1
  exit
!

commit


interface Gig0/0/0/1
 vrf Cust-A
 ip address 192.168.20.5 255.255.255.0
 no shut
!

commit


route-policy PASSALL
 pass
!


router bgp 100

 address-family ipv4 unicast
 exit

 vrf Cust-A

  rd 100:1

  address-family ipv4 unicast
  exit

  neighbor 192.168.20.22
   remote-as 65002

   address-family ipv4 unicast
    route-policy PASSALL in
    route-policy PASSALL out
   exit
 exit
!

commit

7. Task 5 - Configure CE Routers

CE1 Configuration

router bgp 65001

 neighbor 192.168.10.1 remote-as 100

 network 10.11.11.0 mask 255.255.255.0

CE2 Configuration

router bgp 65002

 neighbor 192.168.20.5 remote-as 100

 network 10.22.22.0 mask 255.255.255.0

BGP Path Selection

$$ Best\\ Path = Highest\\ LocalPref + Shortest\\ AS\\ Path $$

BGP selects the best route using multiple attributes.

8. Verification Commands

Verify OSPF

show ospf neighbor
show ospf database

Verify MPLS LDP

show mpls ldp neighbor
show mpls forwarding

Verify BGP VPNv4

show bgp vpnv4 unicast summary
show bgp vpnv4 unicast

Verify VRF Routes

show route vrf Cust-A

Ping Verification

ping vrf Cust-A 10.22.22.1

Expected End-to-End Verification

CE1#ping 10.22.22.1

!!!!!
Success rate is 100 percent

9. MPLS and VPN Mathematics

Label Stack Formula

$$ Packet = Transport\\ Label + VPN\\ Label + Payload $$

VPN Route Distribution

$$ VPN\\ Route = RD + Prefix + RT $$

OSPF SPF Complexity

$$ Complexity = O(n \\ log n) $$

Scalability Formula

$$ Total\\ VRFs = PE\\ Routers \\times Customer\\ Instances $$

10. Troubleshooting Guide

Problem	Cause	Solution
No MPLS labels	LDP missing	Enable MPLS LDP
BGP VPNv4 down	Loopback unreachable	Verify OSPF reachability
VRF routes absent	RT mismatch	Check import/export RT
No CE reachability	BGP issue	Verify PE-CE BGP

11. Related Articles

• Complete Cisco IOS XR Segment Routing with OSPF Configuration Guide | SRGB, Prefix-SID & SR-Prefer Tutorial Part 2
• Cisco IOS XR Segment Routing with IS-IS Configuration Guide | MPLS SR Tutorial Part 3
• Complete Cisco IOS XR SR-LDP Mapping Server Configuration Guide | Segment Routing Interoperability Part 4
• Complete Cisco Nexus Multicast

🎯 Final Conclusion

In this first part of the Cisco IOS XR MPLS series, we successfully built:

• OSPF MPLS core
• MPLS LDP infrastructure
• MP-iBGP VPNv4 sessions
• Route Reflector architecture
• VRF configuration
• PE-CE BGP connectivity
• End-to-end MPLS L3VPN reachability