, ,


MPLS L3 VPN involves following steps:

Step 1: The CE router sends an IPv4 routing update to the PE Router.
Step 2: A 64 bit RD is prepended to the customer IPv4 prefix to make it globally unique, resulting in a 96-bit VPNv4 prefix.
Step 3: A 96 bit VPNv4 prefix is propagated via MP-BGP to the other PE router.
Step 4: The RD is removed from the VPNv4 prefix, resulting in a 32 bit IPv4 prefix.
Step 5: The PE router sends the resulting IPv4 prefix to the CE router.

For the provider R1 & R4 work as PE Router.

PHASE 2: Configure L3 VPN for CUSTOMER1

1. Create Separate VRF for CUSTOMER1
R1(config)#ip vrf CUSTOMER1
R1(config-vrf)#rd 500:1
R1(config-vrf)#route-target export 500:1
R1(config-vrf)#route-target import 500:1

2. MP-BGP with R4, actiavte VPNv4 and redistribute static route to BGP
2.A Configurer MP-BGP

R1(config)#router bgp 500
R1(config-router)#neighbor remote-as 500
R1(config-router)#neighbor update-source Loopback0

2.B Activate VPNv4

R1(config-router)# address-family vpnv4
R1(config-router-af)#neighbor activate
R1(config-router-af)#neighbor next-hop-self
R1(config-router-af)#neighbor send-community extended

2.C Redistribute CUSTOMER1 VRF static route to BGP

R1(config-router-af)#address-family ipv4 vrf CUSTOMER1
R1(config-router-af)#redistribute static
R1(config-router-af)#no auto-summary

3. Create static route in CUSTOMER1 VRF.

R1(config)#ip route vrf CUSTOMER1

4. Put interface or R1 & R4 in related VRF.

R1(config)#interface FastEthernet1/0
R1(config-if)#ip vrf forwarding CUSTOMER1

5. From C1S1 route just provide a default route to R1.

PE router R4 configuration will be similar to R1. Bellow is the configuration of R4


ip vrf CUSTOMER1
rd 500:1
route-target export 500:1
route-target import 500:1
interface FastEthernet1/0
ip vrf forwarding CUSTOMER1
router bgp 500
no synchronization
bgp log-neighbor-changes
neighbor remote-as 500
neighbor update-source Loopback0
no auto-summary
address-family vpnv4
neighbor activate
neighbor next-hop-self
neighbor send-community extended
address-family ipv4 vrf CUSTOMER1
redistribute static
no auto-summary
no synchronization
ip route vrf CUSTOMER1

Check the VRF table for CUSTOMER1

R4#show ip route vrf CUSTOMER1

Routing Table: CUSTOMER1
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP
D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is not set is subnetted, 2 subnets
B [200/0] via, 01:35:55
S [1/0] via is subnetted, 1 subnets
C is directly connected, FastEthernet1/0

R4 is receiving as BGP route via This route is coming statically coming to R1; R1 is announcing this via MP-BGP to R4. R4 remove MPLS and VPN tag and install it CUSTOMER1 VRF table.

If you check carefully, there is no related route ( or in provider core router(R2,R3 or R5). These routers are not aware about these routes.

Check the reachability from C1S1:

C1S1# traceroute
Protocol [ip]:
Target IP address:
Source address:
Numeric display [n]:
Timeout in seconds [3]:
Probe count [3]:
Minimum Time to Live [1]:
Maximum Time to Live [30]:
Port Number [33434]:
Loose, Strict, Record, Timestamp, Verbose[none]:
Type escape sequence to abort.
Tracing the route to

1 12 msec 24 msec 8 msec
2 [MPLS: Labels 22/25 Exp 0] 112 msec 160 msec 136 msec
3 [MPLS: Labels 20/25 Exp 0] 92 msec 156 msec 148 msec
4 [MPLS: Label 25 Exp 0] 80 msec 112 msec 112 msec
5 96 msec * 104 msec