|
|
This document describes a secure, scalable, managed broadband access system utilizing multiprotocol label switching virtual private networks (MPLS VPNs). The system configuration proposed in this document will enable cable multiple service operators (MSOs) to share the broadband transport system of the cable television infrastructure with different service providers and business customers. In so doing, MSOs will be able to offer their subscribers a choice from a variety of service providers while simultaneously delivering multiple value-added services such as Web and media caching.
 |
Note This solutions guide deals only with the MPLS VPN method of managed broadband access. |
This document is intended primarily for system administrators responsible for installing and configuring internetworking equipment in a hybrid fiber-coaxial (HFC) cable network environment. It is assumed that the reader is familiar with the fundamentals of router-based and cable-based internetworking, and also familiar with Cisco routers and Cisco IOS software.
This document will describe the basic network setup and configuration of the MPLS VPNs managed broadband access system. It will explain how to interface the cable modem termination system (CMTS) with the MPLS cloud, and how to interface ISPs with MPLS VPNs. It will not provide cable-specific installation information or describe the details of MPLS configuration.
The following sections are included in this document:
For a variety of business reasons, it is advantageous for cable Multiple Service Operators (MSOs) to be able to make their subscribers available to other organizations or Internet Service Providers (ISPs), and/or to provide their subscribers with IP access to other ISPs. The challenge faced by MSOs is to find a way of providing this kind of open access to their subscribers while maintaining the ability to track, bill, and monitor connections. The answer to this challenge is a process called managed broadband access.
In a managed broadband access environment, each ISP must have a method of moving traffic to and from a subscriber's PC, through the MSO's physical network infrastructure, to the ISP's network. One of the optimal ways of accomplishing this is to form a secure virtual private network (VPN) through the MSO's network. In an ideal scenario, each ISP VPN is insulated from other ISPs who might be using the same MSO infrastructure. MPLS VPNs are an efficient, scalable method of transporting ISP traffic seamlessly across the MSO's network.
The method used by an MSO to provide managed broadband access will depend on the MSO's business model and on the agreements made with their partner ISPs. In some business models, the MSO will bill the cable subscriber extra for providing the capability to connect to another ISP. The extra billing may be based on the time the subscriber is using the other ISP, or on the amount of data transferred by the subscriber while connected to the other ISP.
Typical Business Needs of a Cable MSO
In evaluating the advantages and disadvantages of alternate methods of providing managed broadband access, the following business needs were considered:
Figure 1 depicts a typical DOCSIS cable modem network connected to a hybrid fiber/coax infrastructure (HFC network). Cable modems (CMs) connected to the HFC network are terminated on a cable modem termination system (CMTS), typically a Cisco uBR7200 series cable router. The CMTS connects via a high-speed medium (typically OC-3 or Fast Ethernet) to the MSO's IP core. The IP core consists of several large routers or switches such as the Cisco GSR12008 or other enterprise-class routing platform. Connected somewhere on the MSO network are one or more DOCSIS-based provisioning servers to provide DHCP, ToD, and TFTP to cable modems as they initialize. The MSO network is connected to the internet via a high-speed leased line.
Working together, these components allow the MSO to supply IP connectivity to subscribers' homes.
Without additional configuration, the basic cable network depicted above lacks the ability to differentiate subscriber traffic and route it separately to a relavant ISP. Thus, the MSO must either supply IP service to its customers itself, or rely on a single ISP partner to supply it.
There are two primary strategies for providing managed broadband access:
Managed Broadband Access Via Separate Frequencies
There are several difficulties encountered in providing managed broadband access by assigning a separate pair of frequencies to each ISP. Four of these difficulties are summarized below:
1. The DOCSIS specification states the that the cable modem (CM) MUST operate using the first valid downstream signal that it encounters while scanning (Section 7.2.13). The specification further states that the CM can be instructed via configuration file parameters to shift operations to a different downstream frequency.
2. If a cable modem locks onto the wrong downstream frequency for the ISP to which it is subscribed, the provisioning system that is assigned to the locked-on frequency will not assign an IP address to the cable modem because it will not know about its MAC address. (A provisioning system will only respond to cable modems whose MAC addresses are known; that is, whose MAC addresses are assigned to its ISP.)
3. There is a limited amount of usable upstream bandwidth. If the entire usable upstream bandwidth is assigned to ISPs, there will be no room for upstream frequency hopping in the event of ingress noise.
4. Assigning separate frequencies maps each ISP to a specific upstream port on the Cisco uBR7246 CMTS. Mapping a specific upstream port to an ISP means that a specific channel is mapped to each ISP.
Because of the above factors, separate frequency assignments is not recommended as a method for providing managed broadband access.
Managed Broadband Access Via Logical Separation
To provide managed broadband access via logical separation, a virtual tunnel is constructed between the MSO and the managed partner ISP. The tunnel can be created using one of the following methods:
Cisco has extensively evaluated the range of technologies for providing managed broadband access and has concluded that network-based MPLS is the preferred technological foundation for building managed broadband access networks. For MSOs that require specific tunneling protocols, these approaches can work in conjunction with MPLS.
MPLS is an Internet Engineering Task Force (IETF) draft standard based on RFC 2547, and is supported by many equipment vendors around the world. MPLS VPN technology is useful for providing voice telephony services, digital video services such as movies, video on demand (VoD), and other streaming media services such as distant TV news or entertainment programming.
The basic components of a network that supports MPLS are the devices of two entities: a provider and a customer. The provider is the owner of a physical network infrastructure. The customer's goal is to route traffic across the provider's network.
In an MPLS network there are three basic types of router: the customer edge (CE) router, which interfaces with the provider edge (PE) router, and the provider (P) router that is located in the core of the provider's network and that helps route traffic. The MPLS VPN connects an interface on one PE router to an interface on a distant PE router, thus causing two or more remote CE routers to be "virtually connected" to each other via the VPN.
The MPLS VPN solution operates as an "overlay" on top of the typical MSO network and requires minimal changes to the physical network. Typically the network has a unique VPN that is used exclusively for management of the MSO provider's devices. This VPN is called the management VPN and contains the servers and other devices to which all other VPNs require access.
In Figure 2, each ISP that signs a contract with the MSO is peered to a provider edge (PE) router that is MPLS-capable. The uBR7246, acting as CMTS and also as a PE router, and having its own managed broadband access subscribers to the ISPs, creates a VPN with each PE router that peers with an ISP. There may be multiple MSO routers in the core of the network that act as provider (P) routers.
In addition to the PE routers connected to the ISPs, one additional PE router is connected to management servers (the CNR/DHCP) and is part of the management VPN.
Because each ISP has its own set of IP addresses and its own VPN with the CMTS, whenever a cable modem is assigned an IP address belonging to a particular ISP, that cable modem along with all of the devices connected to its Ethernet port are placed into that ISP's VPN. Thus, the PC can acquire an IP address in the ISP's address range directly from the ISP's DHCP server.
In addition to the advantages described above, MPLS VPN cable networks provide operationally scalable private IP services and internet access. Following are additional specific benefits of this solution:
The MPLS VPN network operation is as follows:
1. The MSO and the ISP negotiate a contract to provide internet services for end subscribers.
2. The MSO CMTS is notified of the new ISP, the classes of service allowed, the range of IP addresses provided by the ISP, and the location of the ISP's authentication server.
3. The network administrator assigns a range of IP addresses to the new ISP for the cable modems (CMs) that will be associated with the new ISP, and configures the CNR appropriately.
4. As subscribers sign up for the ISP's services with the MSO, the CMTS notifies the CM management provisioning server of the new subscribers. The provisioning server will keep track of the MAC addresses of the subscriber cable modems and CPE devices, and will build a relationship between MAC address, service provider, and class of service.
|
Note Provisioning systems such as CSRC can be used to implement auto-provisioning and other management schemes. |
5. The CMTS will know the IP addresses and subnet masks of the various router interfaces. The MSO will use this information to add the subnets and subnet masks to the CNR's scope table.
6. The network administrator will add the appropriate configuration information to the PE routers and add the VPN information to Cable Manager if Cable Manager is supporting VPNs.
When a cable modem at an end subscriber site is connected to the HFC network and is powered on, the following events occur:
1. The cable modem completes its boot cycle and sends a DHCP discover packet.
2. The CMTS adds the giaddr to the discover packet and forwards it to the MSO's provisioning system.
3. The provisioning system checks its tables to see if the MAC address of the cable modem is listed there. If it is not listed, it will forward the packet to the CNR with a class of service (CoS) of an unregistered cable modem. Unregistered cable modems can be denied service, connected to an auto-provisioning service, or allowed limited access.
4. Once the provisioned cable modem is reset, the provisioning system finds the cable modem's MAC address in its tables and forwards the DHCP discover packet to the CNR with the appropriate CoS.
5. The CNR issues an IP address to the cable modem based on the giaddr taken from the discover packet. As the IP address passes through the CMTS on its way to the cable modem, the CMTS gleans the IP address, assigns a corresponding SID to the cable modem, and associates that SID with the subinterface that is assigned to the ISP to which that IP address belongs.
|
Note Because each subinterface on the CMTS is tied to a specific ISP, when a cable modem is assigned a SID that ties it to a specific subinterface, the PC connected to that cable modem is then tied to a specific ISP. |
The MPLS VPN method of providing managed broadband access is the most flexible and scalable of all of the methods of providing VPN service over cable. It does require MPLS on the entire backbone; however, it offers the following advantages:
The primary strategy used to provide managed broadband access via MPLS VPNs is to enable the creation of subinterfaces on a physical cable interface or on a bundle of cable interfaces. Each subinterface is then configured to connect to a separate managed partner ISP network; in this case, a separate ISP. The subinterfaces are tied to virtual routing and forwarding tables (VRFs) for their respective ISPs.
In addition to creating one subinterface for each ISP, one additional subinterface needs to be created for a management VPN. The management VPN connects the CMTS to a PE router that is connected to cable modem management servers such as CNR, DHCP, ToD, etc.
The MPLS model has some elementary built-in security. Because each MPLS VPN has its own routing/forwarding table, the VPN will only know about its own addresses. Any knowledge of other IP networks will come only from the ISP's normal Internet routing. Therefore, even though two ISPs have an MPLS VPN on the same router, the only traffic through the router will be via the ISP's internet routes.
In implementing MPLS VPNs, it is essential that the management subinterface be configured first. Note that the CMTS needs a management subinterface to route DHCP packets coming from cable modems when they come online for the first time. This is because the CMTS does not know which subinterface a cable modem belongs to until it has seen the assigned IP address by gleaning the DHCP reply message from the CNR.
Prerequisites
To implement managed broadband access for cable using MPLS VPNs, the following conditions must be met:
Design Considerations
The basic supposition of this design is that the MSO must be able to maintain full control over the devices directly connected to the cable plant, whether they be cable modems (CMs), set top boxes (STBs), or integrated telephony cable modems (ITCMs).
It is also imperative for security purposes that each home connected to each ISP gets its DHCP addresses from that ISP and not from any other source.
To implement the MPLS VPN solution, the MSO configures its routers to be MPLS-capable. To establish each new VPN, you only have to configure the VPN on the edge of the network. The implementation process is as follows:
1. Configure the uBR7246 CMTS
2. Configure each provider edge router
3. Configure the provider core router(s) to be MPLS-capable
4. Confirm the operation of MPLS
5. Configure the Cable Network Registrar (CNR) server
Details of each of these implementation steps are provided in the following case study section.
The following table describes the hardware, software, and interface IP addresses for the devices used in the case study sample configuration files.
| Customer Edge | Provider Edge | Provider | Provider Edge | Customer Edge | Customer Edge | |
|---|---|---|---|---|---|---|
| Hostname | 2016 | 2014 | 2004 | 2005 | Cable Modem | PC |
| Chassis type | Cisco 7200 series router | Cisco 7500 series router | Cisco 7500 series router | Cisco uBR7246 cable access router | Cisco uBR924 cable modem | Host PC |
| Physical interfaces | FastEthernet | FastEthernet | FastEthernet | FastEthernet | Cable | Cable |
| Software loaded | Cisco 12.1(2)T | Cisco 12.1(2)T | Cisco 12.1(2)T | Cisco 12.1(2)T | Cisco 12.1(2)T | Cisco 12.1(2)T |
| Ethernet IP Address and IP Address Ranges | | | | | 10.0.1.1 | |
Before configuring the MSO network for managed broadband access, it is assumed that the network has the following characteristics:
To implement managed broadband access with MPLS, accomplish the following tasks:
|
Note The BGP address families define how the routing occurs between the VPNs. The VPN configuration considers groups of routes. An address family is a group of route parameters associated with the specified VRF. BGP is the engine that allows things to talk in this network environment. |
This section contains a show running config file for each of the devices shown in the detailed network diagram (see Figure 3). The following configuration files are included:
The Cisco uBR7246 is located at the cable headend to supply IP connectivity to the cable modems via its cable interfaces (Cable 3/0 through Cable 6/0). The Cisco uBR7246 operates as a PE router on the MPLS network; it is an endpoint for every VPN in use on the attached cable plant. Cisco IOS is used to build multiple logical subinterfaces, each associated with a specific ISP's VPN. An additional management subinterface exists to supply OSS to the cable modems during initial registration..
The Cisco uBR7246 also has a high-speed OC-3 SONET connection to the MSO's core IP network.
Configuration File for Device 2005: Cisco uBR 7246 (Provider Edge Device)
! ! Identifies the version of Cisco IOS software installed. version 12.1 ! Defines the hostname of the Cisco uBR7246 hostname region-1-ubr ! ! Describes where the system is getting the software image it is running. In ! this configuration example, the system is loading a Cisco uBR7246 image named ! AdamSpecial from slot 0. boot system flash slot0:ubr7200-p-mz.AdamSpecial ! ! Creates the enable secret password. enable secret 5 $1$SCp7$yyOG5jxTUPWPJht7WrR9F0 enable password cable ! ! Sets QoS per modem for the cable plant. no cable qos permission create no cable qos permission update cable qos permission modems ! ! Allows the system to use a full range of IP addresses, including subnet zero, for ! interface addresses and routing updates. ip subnet-zero ! ! Enables Cisco Express Forwarding. ip cef ! ! Configures a Cisco IOS Dynamic Host Configuration Protocol (DHCP) server to insert the ! DHCP relay agent information option in forwarded BOOTREQUEST messages. ip dhcp relay information option ! ! Enters the virtual routing forwarding (VRF) configuration mode and maps a VRF table to ! the virtual private network (VPN) called MSO. The VRF table contains the set of routes ! that points to or gives routes to the CNR device, which provisions the cable modem ! devices. Each VRF table defines a path through the MPLS cloud. ip vrf MAINT ! ! Creates the route distinguisher and creates the routing and forwarding table of the ! router itself. rd 100:1 ! ! Creates a list of inport and/or export route target communities for the VPN. route-target export 100:2 route-target export 100:3 ! ! Maps a VRF table to the VPN called isp1. ip vrf isp-A ! ! Creates the route distinguisher and creates the routing and forwarding table of the ! router itself. rd 100:2 ! ! Creates a list of inport and/or export route target communities for the VPN. route-target import 100:1 ! ! Maps a VRF table to the VPN called isp2. ip vrf isp-B ! ! Creates the route distinguisher and creates the routing and forwarding table of the ! router itself. rd 100:3 ! ! Creates a list of inport and/or export route target communities for the VPN. route-target import 100:1 ! ! Maps a VRF table to the VPN called MSO-isp. Note: MSO-isp could be considered ISP-3; in ! this case, the MSO is competeing with other ISPs for other ISP services. ip vrf MSO-isp ! ! Creates the route distinguisher and creates the routing and forwarding table of the ! router itself. rd 100:2 ! ! Creates a list of inport and/or export route target communities for the VPN. route-target export 100:2 route-target import 100:2 route-target import 100:1 ! ! Builds a loopback interface to be used with MPLS and BGP; creating a loopback interface ! eliminates unnecessary updates (caused by physical interfaces going up and down) from ! flooding the network. interface Loopback0 ip address 10.100.0.5 255.255.255.255 no ip directed-broadcast ! ! Assigns an IP address to this Fast Ethernet interface. MPLS tag-switching must be ! enabled on this interface. interface FastEthernet0/0 description Connection to MSO core. ip address 10.10.0.26 255.255.255.252 no ip directed-broadcast full-duplex tag-switching ip ! ! Enters cable interface configuration mode and configures the physical aspects of the ! 3/0 cable interface. Please note that no IP addresses are assigned to this interface; ! they will be assigned instead to the logical subinterfaces. All other commands for ! this cable interface should be configured to meet the specific needs of your cable RF ! plant and cable network. interface Cable3/0 no ip address ip directed-broadcast no ip mroute-cache load-interval 30 no keepalive cable downstream annex B cable downstream modulation 64qam cable downstream interleave-depth 32 cable downstream frequency 855000000 cable upstream 0 frequency 30000000 cable upstream 0 power-level 0 no cable upstream 0 shutdown cable upstream 1 shutdown cable upstream 2 shutdown cable upstream 3 shutdown cable upstream 4 shutdown cable upstream 5 shutdown ! ! Configures the physical aspects of the 3/0.1 cable subinterface. If cable modems have ! not been assigned IP addresses, they will automatically come on-line using the settings ! for subinterface X.1. interface Cable3/0.1 description Cable Administration Network ! ! Associates this interface with the VRF and MPLS VPNs that connect to the MSO cable ! network registrar (CNR). The CNR provides cable modems with IP addresses and other ! initialization parameters. ip vrf forwarding MSO ! ! Defines a range of IP addresses and masks to be assigned to cable modems not yet associated with an ISP. ip address 10.0.1.1 255.255.255.0 ! ! Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast ! ! Defines the DHCP server for cable modems whether they are associated with an ISP or ! with the MSO acting as ISP. cable helper-address 10.4.1.2 cable-modem ! ! Defines the DHCP server for PCs that are not yet associated with an ISP. cable helper-address 10.4.1.2 host ! ! Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this ! cable interface. no cable proxy-arp no cable ip-multicast-echo ! ! Configures the physical aspects of the 3/0.2 cable subinterface. interface Cable3/0.2 description MSO as ISP Network ! ! Assigns this subinterface to the MPLS VPN used by the MSO to supply service to ! managed partner ISPs—in this case, MSO-isp. ip vrf forwarding MSO-isp ! ! Defines a range of IP addresses and masks to be assigned to cable modems associated ! with the MSO as ISP network. ip address 10.1.0.1 255.255.255.0 secondary ! ! Defines a range of IP addresses and masks to be assigned to host devices associated ! with the MSO as ISP network. ip address 24.0.1.1 255.255.255.0 ! ! Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast ! ! Defines the DHCP server for cable modems whether they are associated with an ISP or ! with the MSO acting as ISP. cable helper-address 10.4.1.2 cable-modem ! ! Defines the DHCP server for PC host devices. cable helper-address 24.0.1.1 host ! ! Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this ! cable interface. no cable proxy-arp no cable ip-multicast-echo ! ! Configures the physical aspects of the 3/0.3 cable subinterface interface Cable3/0.3 description ISP1's Network ! ! Makes this subinterface a member of the MPLS VPN. ip vrf forwarding isp1 ! ! Defines a range of IP addresses and masks to be assigned to cable modems associated ! with the MSO as ISP network. ip address 10.1.1.1 255.255.255.0 secondary ! ! Defines a range of IP addresses and masks to be assigned to host devices associated ! with the MSO as ISP network. ip address 11.0.1.1 255.255.255.0 ! ! Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast ! ! Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this ! cable interface. no cable proxy-arp no cable ip-multicast-echo ! ! Defines the DHCP server for cable modems whether they are associated with an ISP or ! with the MSO acting as ISP. cable helper-address 10.4.1.2 cable-modem ! ! Defines the DHCP server for PC host devices. cable helper-address 11.4.1.2 host ! ! Configures the physical aspects of the 3/0.4 cable subinterface interface Cable3/0.4 description ISP2's Network ! ! Makes this subinterface a member of the MPLS VPN. ip vrf forwarding isp2 ! ! Defines a range of IP addresses and masks to be assigned to cable modems associated ! with the MSO as ISP network. ip address 10.1.2.1 255.255.255.0 secondary ! ! Defines a range of IP addresses and masks to be assigned to host devices associated ! with the MSO as ISP network. ip address 22.0.1.1 255.255.255.0 ! ! Disables the translation of directed broadcasts to physical broadcasts. no ip directed-broadcast ! ! Disables cable proxy Address Resolutio Protocol (ARP) and IP multicast echo on this ! cable interface. no cable proxy-arp no cable ip-multicast-echo ! ! cable dhcp-giaddr policy ! !! Defines the DHCP server for cable modems whether they are associated with an ISP or ! with the MSO acting as ISP. cable helper-address 10.4.1.2 cable-modem ! ! Defines the DHCP server for PC host devices. cable helper-address 22.4.1.2 host ! ! Configures OSPF as an IGP (Interior Gateway Protocol). OSPF should be configured so ! that the MSO network can communicate appropriately. router ospf 100 redistribute connected network 10.0.0.0 0.255.255.255 area 0 network 24.0.0.0 0.255.255.255 area 0 default-metric 25 ! Enables BGP on the router and configures the IP addresses for the BGP neighbors. BGP ! communication is linked to the loopback interface. router bgp 100 neighbor 10.100.0.3 remote-as 100 neighbor 10.100.0.3 update-source Loopback0 neighbor 10.100.0.14 remote-as 100 neighbor 10.100.0.14 update-source Loopback0 ! ! Defines static route parameters for every BGP PE to CE session—in essence, associating an address family with a defined VPN. ! address-family ipv4 vrf isp2 redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf isp1 redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf MSO-isp redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! ! Configures an address family for the MSO that makes the MSO avaialble to all other ! address families. address-family ipv4 vrf MSO redistribute connected neighbor 10.100.0.14 remote-as 100 neighbor 10.100.0.14 update-source Loopback0 neighbor 10.100.0.14 activate no auto-summary no synchronization network 10.1.0.0 mask 255.255.0.0 network 24.0.1.0 mask 255.255.255.0 exit-address-family ! address-family vpnv4 neighbor 10.100.0.3 activate neighbor 10.100.0.3 send-community extended neighbor 10.100.0.14 activate neighbor 10.100.0.14 send-community extended exit-address-family ! ip classless no ip http server ! ! ! Configures passwords for telnet sessions. line con 0 password cable login transport input none line aux 0 line vty 0 4 password cable login ! end
Following is a description of what is being accomplished by configuring this device—and the purpose of this device in the larger view of the configuration.
Sample Configuration File for Device 2004: One of Several Cisco 7500 Series Core Routers (Provider Device)
! version 12.1 service timestamps debug uptime service timestamps log uptime no service password-encryption service udp-small-servers service tcp-small-servers ! hostname region-1-7500 ! boot system flash slot1:rsp12108.T enable secret 5 $1$wsjq$v1F6SXDGtBlsqLxiKbUNA. enable password cable ! ! ip subnet-zero ! ip cef distributed cns event-service server ! ! ! interface FastEthernet0/0 no ip address shutdown half-duplex ! interface FastEthernet0/1 ip address 10.10.0.25 255.255.255.252 full-duplex tag-switching ip ! interface FastEthernet1/0/0 no ip address ip route-cache distributed shutdown half-duplex ! interface FastEthernet1/1/0 no ip address ip route-cache distributed shutdown half-duplex ! interface POS2/0/0 ip address 10.10.0.5 255.255.255.252 ip route-cache distributed no keepalive ! Enables MPLS tag switching on this interface. tag-switching ip clock source internal no cdp enable ! interface POS3/0/0 ip address 10.10.0.9 255.255.255.252 ip route-cache distributed no keepalive tag-switching ip clock source internal no cdp enable ! ! This is part of the IGP. This must be configured as per IGP. router ospf 100 redistribute connected network 10.0.0.0 0.255.255.255 area 0 default-metric 25 ! ip classless no ip http server ! ! ! line con 0 transport input none line aux 0 line vty 0 4 password cable login ! end
Following is a description of what is being accomplished by configuring this device—and the purpose of this device in the larger view of the configuration. The provider edge device provides routing through the MPLS cloud so that the MSO can reach the ISPs.
Configuration File for Device 2014: Cisco 7500 Series Router (Provider Edge Device)
! version 12.1 ! ! hostname region-2-7500 ! boot system flash slot1:rsp12108.T enable secret 5 $1$wc3I$.06R34MjkfJMeDM2j8PiH1 enable password cable ! ! ! ! ! ip subnet-zero ! ! ip vrf MSO rd 100:1 route-target export 100:1 route-target import 100:1 route-target import 100:2 route-target import 100:3 route-target import 100:4 ! ip vrf MSO-isp rd 100:2 route-target export 100:2 route-target import 100:2 route-target import 100:1 ! ip vrf isp1 rd 100:3 route-target export 100:3 route-target import 100:3 route-target import 100:1 ! ip vrf isp2 rd 100:4 route-target export 100:4 route-target import 100:4 route-target import 100:1 ip cef distributed cns event-service server ! ! ! ! ! ! interface Loopback0 ip address 10.100.0.14 255.255.255.255 ! interface FastEthernet0/0 description Region-2 connection no ip address shutdown full-duplex tag-switching ip ! interface FastEthernet0/1 ip vrf forwarding MSO ip address 10.4.1.1 255.255.255.0 half-duplex ! interface POS1/0/0 description Connect 2004(region-1-7500) ip address 10.10.0.6 255.255.255.252 ip route-cache distributed no keepalive tag-switching ip clock source internal no cdp enable ! interface POS2/0/0 description 2001(region-1and2-gsr) ip address 10.10.0.1 255.255.255.252 no ip route-cache cef ip route-cache distributed no keepalive clock source internal no cdp enable ! interface FastEthernet3/0/0 description ISP1 ip vrf forwarding isp1 ip address 11.1.0.2 255.255.255.252 ip route-cache distributed full-duplex ! interface FastEthernet3/1/0 ip vrf forwarding isp2 ip address 22.1.0.2 255.255.255.252 ip route-cache distributed full-duplex ! router ospf 100 network 10.0.0.0 0.255.255.255 area 0 network 24.0.0.0 0.255.255.255 area 0 ! router bgp 100 redistribute connected neighbor 10.100.0.3 remote-as 100 neighbor 10.100.0.3 update-source Loopback0 neighbor 10.100.0.5 remote-as 100 neighbor 10.100.0.5 update-source Loopback0 ! address-family ipv4 vrf isp2 neighbor 22.1.0.1 remote-as 6200 neighbor 22.1.0.1 activate no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf isp1 neighbor 11.1.0.1 remote-as 6100 neighbor 11.1.0.1 activate no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf MSO-isp no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf MSO no auto-summary no synchronization network 10.4.1.0 mask 255.255.255.0 exit-address-family ! address-family vpnv4 neighbor 10.100.0.3 activate neighbor 10.100.0.3 send-community extended neighbor 10.100.0.5 activate neighbor 10.100.0.5 send-community extended exit-address-family ! no ip classless no ip http server ! ! ! line con 0 transport input none line aux 0 line vty 0 4 password cable login ! end
Following is a description of what is being accomplished by configuring this device—and the purpose of this device in the larger view of the configuration.
Configuration File for Device 2016: Cisco 7200 Series Router (Customer Edge Device)
! version 12.1 ! ! service timestamps debug uptime service timestamps log uptime no service password-encryption ! hostname cse-ce1-7200 ! boot system flash slot0:c7200-12108.T enable secret 5 $1$inJL$97cEHC5GGR4qI2WtDbMDb1 enable password cable ! ! ip subnet-zero ! cns event-service server ! ! interface Loopback0 ip address 11.100.0.1 255.255.255.255 ! interface FastEthernet0/0 ip address 11.1.0.1 255.255.255.252 full-duplex ! interface FastEthernet1/0 ip address 11.4.1.1 255.255.255.0 full-duplex ! router bgp 6100 redistribute connected neighbor 11.1.0.2 remote-as 100 ! ip classless no ip http server ! ! ! line con 0 transport input none line aux 0 line vty 0 4 password cable login ! end
For additional information on MPLS, VPNs, managed broadband access, and cable networks, refer to the following documents:
Introduction to MPLS VPNs for Cable
Beyond Tunneling: The Cisco Managed Broadband Access Architecture for Cable MSOs and Other Service Providers
Virtual Private Networks: An Overview
Cisco uBR7200 Series MPLS VPN Cable Enhancements
http://lbj.cisco.com/push_targets1/ucdit/cc/td/doc/product/cable/cab_r_sw/dtvpn.htm
Posted: Mon Oct 2 16:33:34 PDT 2000
Copyright 1989-2000©Cisco Systems Inc.