OcNOS – L3VPN

nick Others

OcNOS is an open network operating system produced by IP Infusion. A copy of the software to use with EVE-NG or GNS3 can be downloaded from their website (click below).

OcNOS VM

This lab is a simple L3VPN. IS-IS used as the underlay and iBGP between PE1 & PE2. If not familiar with OcNOS, the CLI is very similar to Cisco IOS but with a commit so don’t forget to issue that after you have applied the commands!

Exports_eve-ng_export-20240217-190938Download

PE1

conf t
hostname pe1

ip vrf cust1
rd 5.5.5.5:1
route-target both 65200:1
  
router ldp
inter-area-lsp eth1

interface lo
ip address 5.5.5.5/32 secondary
ip router isis 1
  
interface eth1
ip address 1.1.1.1/30
label-switching
ip router isis 1
enable-ldp ipv4

interface eth2
ip vrf forwarding cust1
ip address 10.1.1.1/24

router isis 1
is-type level-2-only
net 49.0000.1111.1111.1111.00

router bgp 65200
neighbor 9.9.9.9 remote-as 65200
neighbor 9.9.9.9 update-source lo

address-family ipv4 unicast
redistribute connected
neighbor 9.9.9.9 activate
exit-address-family

address-family vpnv4 unicast
neighbor 9.9.9.9 activate
exit-address-family

address-family ipv4 vrf cust1
neighbor 10.1.1.100 remote-as 65222
neighbor 10.1.1.100 activate
neighbor 10.1.1.100 as-override
exit-address-family

P1

conf t
hostname p1
  
router ldp
inter-area-lsp eth1
  
interface lo
ip address 6.6.6.6/32 secondary
ip router isis 1
  
interface eth1
ip address 1.1.1.2/30
label-switching
ip router isis 1
enable-ldp ipv4

interface eth2
ip address 2.2.2.1/30
label-switching
ip router isis 1
enable-ldp ipv4

router isis 1
is-type level-2-only
net 49.0000.2222.2222.2222.00

P2

conf t
hostname p2

router ldp

interface lo
ip address 7.7.7.7/32 secondary
ip router isis 1
  
interface eth1
ip address 2.2.2.2/30
label-switching
ip router isis 1
enable-ldp ipv4

interface eth2
ip address 3.3.3.1/30
label-switching
ip router isis 1
enable-ldp ipv4

router isis 1
is-type level-2-only
net 49.0000.7777.7777.7777.00

P3

conf t
hostname p3

router ldp
  
interface lo
ip address 8.8.8.8/32 secondary
ip router isis 1

interface eth1
ip address 3.3.3.2/30
label-switching
ip router isis 1
enable-ldp ipv4

interface eth2
ip address 4.4.4.1/30
label-switching
ip router isis 1
enable-ldp ipv4

router isis 1
is-type level-2-only
net 49.0000.8888.8888.8888.00

PE2

conf t
hostname pe2

ip vrf cust1
rd 9.9.9.9:1
route-target both 65200:1

router ldp
inter-area-lsp eth1

hostname pe2

interface lo
ip address 9.9.9.9/32 secondary
ip router isis 1

interface eth1
ip address 4.4.4.2/30
label-switching
ip router isis 1
enable-ldp ipv4

interface eth2
ip vrf forwarding cust1
ip address 10.10.10.1/24
  
router isis 1
is-type level-2-only
net 49.0000.9999.9999.9999.00

router bgp 65200
neighbor 5.5.5.5 remote-as 65200
neighbor 5.5.5.5 update-source lo

address-family ipv4 unicast
redistribute connected
neighbor 5.5.5.5 activate
exit-address-family

address-family vpnv4 unicast
neighbor 5.5.5.5 activate
exit-address-family

address-family ipv4 vrf cust1
neighbor 10.10.10.100 remote-as 65222
neighbor 10.10.10.100 activate
neighbor 10.10.10.100 as-override
exit-address-family

BGP is configured between the CE (Cisco vIOS) & PE devices and loopbacks have been configured on the CE’s with addresses of 22.22.22.22 & 33.33.33.33 respectively. These are being redistributed into BGP and you should now see the opposing loopback in the route table.

Leave a Reply

Your email address will not be published. Required fields are marked *