OSPF downward bit in MPLS network

Similar Messages

• L3 mpls network with out P router, all PE to PE plus daisy chainging

  Guys, is it possible to run a core l3 MPLS network over 7600s and 3800s with out any P routers? The reason i aak is because of the particular situation where we will have to daisy chain PE routers due to lack of fiber.
  any thoughts?

  As martin says absolutley limited problems with this it will work a charm UNTIL yo urun into scaling issues. You are daisy chaining all the PEs which would also suggest to me that you are daisy chaining your RRs. In an mpls network the RR's have enough state to handle to keep them busy enough without also having to deal with passing labels about the network. Also you will have any cisco account team breaking down your door putting the fear of god into you for not having at least 2 P routers ;-). So yes you can indeed run it like you say but the lifetime of your network will be very limited indeed. If your not an SP then dont be concerned - unless you are an enterprise with 10000000s routes then id start to worry. Oh they (cisco) also state that PEs also have enough to do in their life without passing labelled packets about the place. sit and think about what your poor PE is having to do daily it could be 100 vrfs routing tables, which in turn means layer 3 lookups to find out where the packet has to go, qos, multicast, bgp, ospf, rip, eigrp, your own internal IGP, TE tunnels, RSVP - this poor router has enough to do without also adding transit traffic. ;-)

• MPLS Network Backup

  We have a MPLS network between Head office & varios branch office located across the globe. Can you suggest me the best possible backup(automatic) for this MPLS? as we are facing lot of breaks/cuts in the MPLS Network.

  This is to give a fair idea.
  Pls modify the conifg to suit your setup.
  router ospf x
  router-id x.x.x.x
  network 192.168.1.0 0.0.0.255 area 1
  network 192.168.2.0 0.0.0.255 area 1
  network 192.168.3.0 0.0.0.255 area 1
  Assumption that you have Area 0 at your MPLS CE for upwards and other VPN router upwards.
  interface fa1/0
  Description Connection ot MPLS CE
  ip add 192.168.1.1 255.255.255.0
  ip ospf cost 10
  interface fa1/1
  Description Connection to Backup VPN CE
  ip add 192.168.2.1 255.255.255.0
  ip ospf cost 100
  interface vlan 10
  Description Connection to Servers Subnet
  ip add 192.168.3.1 255.255.255.0
  HTH-Cheers,
  Swaroop

• Debugging and monitoring MPLS networks

  Hi ,
  I've had the following problem with a customer of ours and I'd like to know if there's any tools I can use in the future to better diagnose the problem if it may arise again.
  The customer is a bank with hundreds of brnach sites. All of them are connected to the corporate via a MPLS network managed by a local TELCO company .
  In the last ten days they have experienced long delays during logons of users in the branch sites . This delay has been initially thought due to new operating systems deployed on the clients ( XP ) . In fact there's a rollout of XP computers at all the branch sites .
  Trying to troubleshoot the problem we have started looking at all OS related known problems but found nothing important.
  Next I tried looking at the network connections with the few tools I have ( basically ping , traceroute and protocol analyzer ) but all seemed ok .
  Having no access to the telco routers I monitored the corporate's switch ports to which the two telco router are attched .
  Finally I found some packet discarded and could call the telco and having the routers checked.
  They found a problem , they didn't told us what it was , and suddendly most of the problems were gone.
  This was really tricky because a part from the slow logon we had no other mulfunctions . I found the problem thanks to a Microsoft tool to check group policy problem which point me to possible networks problem.
  The question , after this long post , is ; is there any tool, agent , software I can install or use to check MPLS network efficiency having no access to the TELCO routers ?
  Thanks in advance
  Stefano Colombo
  CCNA - CCSP
  MCSE NT/2k/2003 Messaging

  havent not told us what the actual problem was it is kinda difficult to suggest tools. However IF this was an MTU issue then you should have used ping with the DF bit set to see how big a packet you could get over the mpls network. Let us know what the issue was and hopefully we can be a bit more detailed in our responses.
  HTH

• Routing Protocol recommendation for MPLS Network

  I am in the process of building a 14 site MPLS network for voice and data traffic. The vendor installing the network has configured RIPv2 as the routing protocol. I am considering switching this over to EIGRP. Can anyone explain to me why this would be better or should I just stay with RIP.
  Thanks

  Hi Chip,
  Its not very clear whether you are implementing a MPLS network or implementing a Network over MPLS for an end user with 14 sites.
  1) If MPLS network then other IGP variants than OSPF and ISIS best avoided. Now if the choice is between ISIS and OSPF then my personal recommendation would be OSPF. And this decision is purely driven by Operational Considerations rather than any technical advantages. Since at the end of the day what matters is how easy it is to implement add delete or troubleshoot the network.
  2)If for End User then it would not be right to recommend EIGRP or RIP or OSPF without knowing the current size & topology of each of these 14 sites, as well as the desired expansion plans. But if these 14 sites are the only sites and are all standalone branch sites connecting over MPLS VPN then RIP,EIGRP or OSPF can be implemented as per your and customer comfort.
  HTH-Cheers,
  Swaroop

• MTU Ethernet MPLS Network

  Actually I have implemented MPLS in my Ethernet network using Cisco 75XX as part of my core (P) and Huawei equipments for access (PE). We realized that customers can not navigate to certain pages like hotmail, msn, hi5, etc. Reviewing possible solutions we found two options:
  - Change the MTU 1492 in the CE equipment
  - Adjust TCP MSS size to 1440 in CE.
  Making this our customers finished complianing. Besides this all interface working under MPLS are using MPLS MTU 1508 command but Huawei PE?s dont support a similar command.
  My question is what is the real effect of mpls mtu command? is it change the mtu size for predefined Ethernet??
  Do you have any suggestion or similar cases, to make "transparent" for customes transition to MPLS network and not change values in CE equipment??
  I really appreciate your answers and sugestions,
  Best Regards
  Jack

  Hi Jack,
  1) Why a Datagram is Fragmented:
  When a frame is carrying an unlabeled IP datagram, the Frame
  Payload is just the IP datagram itself. When a frame is
  carrying a labeled IP datagram, the Frame Payload consists of
  the label stack entries and the IP datagram.
  Now when this frame payload as defined as above exceeds the
  conventional layer 2 media MTU then the frame is fragmented.
  In case of ethernet this MTU is 1500.
  So for example when a unlabelled frame with payload of 1500
  bytes is received and the same has to be sent further to
  the remote destination by labelling it, then the payload
  has to be fragmented.
  2) Why the MPLS MTU command:
  Once you receive an unlabelled frame, first the PE router
  receives it, labels it and then its put out for forwarding,
  when its to be forwarded, it needs to be fragmented.
  The problem comes here, when before being forwarded out of
  the interface if it gets fragmented, it would create two
  fragments or frames.
  By conventional fragmentation, the label which is inserted
  in the header may not be preserved into the new fragments
  created and the frame may be simply discarded as it loses
  the forwarding address which was the label.
  So to avoid this MPLS MTU command needs to be configured,
  so when there is fragmentation, it takes care of putting
  in the same label into the fragments created.
  Now in IOS even is MPLS MTU command is not configured
  it takes the default MTU as the MPLS MTU value.
  3) Solution to your problem:
  To aviod configuring the CE devices with MTU 1492,
  what you need to take care of is configure all you
  core facings links, with an physical MTU of 1508.
  So automatically your TCP packets which if total
  to 1500 bytes payload with a DF bit set wont need
  to be fragmented from PE at one end to other end.
  For this your PE <--->P link ethernet media MTU
  should be 1508, (if you can configure 1512 or 1516
  that would also be great if you plan to increase the
  stack size or later provide IPV6 VPN's.)
  You P<-->P links ethernet media MTU should also be
  the same as set between PE to P. if you have any
  SONET/POS links in your backbone then you dont have
  to do anything for the MTU.
  So the net effect of this would be any TCP sessions
  as which are prone to setting the DF bit can be
  transparently sent across without send ICMP error message.
  HTH-Cheers!
  Swaroop
  You may also like to see the RFC 3032 about label stack.

• In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

  In our enterprise MPLS network we are using 192.168.20.0/24 subnet, in this subnet we have not assigned the IP 192.168.20.200/30 & 204/30, But still these subnets are reachable . Are these NNI IP ...Please explain.

  I have checked with ISP, there response is like below:
  Those are the NNI to GBNET IPs for Dominican Republic. They are Network IPs. You should be able to ping them-that means they are working.
  WANRT01#show  ip route | include 192.168.20.20
  B        192.168.20.200/30 [20/0] via 192.168.20.226, 02:18:29
  B        192.168.20.204/30 [20/0] via 192.168.20.226, 02:18:29
  Here its shows from any of our MPLS site we are able to trace the IP and it seems like, 192.168.20.204/30 is one more site but in actual its not.
  INMUMWANRT01#ping 192.168.20.205
  Type escape sequence to abort.
  Sending 5, 100-byte ICMP Echos to 192.168.20.205, timeout is 2 seconds:
  Success rate is 100 percent (5/5), round-trip min/avg/max = 224/232/260 ms
  INMUMWANRT01#trace              
  INMUMWANRT01#traceroute 192.168.20.205
  Type escape sequence to abort.
  Tracing the route to 192.168.20.205
  VRF info: (vrf in name/id, vrf out name/id)
    1 192.168.20.226 24 msec 24 msec 24 msec
    2 192.168.20.206 [AS 8035] 232 msec 232 msec 252 msec
    3 192.168.20.205 [AS 8035] 224 msec 224 msec *

• Path Selection for Routes Across MPLS Network

  Customer hub site has two CE routers with two links connected to two seperate PE routers in the Carrier's MPLS network. At the customer's remote site one CE router on a single link is connected to PE router in MPLS network.
  How can I configure the CE routers at the hub site to advertised the same network across the MPLS network to the CE router at the remote site? Also, how can I configure the CE router at the remote site to select on of the router as the primary and the other as secondary? Can I use local-preference on the CE router at the remote site to selected on path over the other.
  I'm not sure if this makes any sense. Any help will be appreciated. Thanks

  Even with multiple RDs for VRFs belonging to the same VPN, you still need IBGP multipath, correct? Multiple RDs is just to get around the RR restriction.
  Also, you posted this message a while back:
  "If you have many VPN customers all using the same addresses (most likely rfc1918), the fact that they have different RDs and that the PE prepends the RD to the prefixes exchanged between PEs will make the same prefixes different in the MPLS VPN core
  cust1 advertises 192.168.1.0/24 with RD 1:1 therefore
  VPNv4 prefix is 1:1:192.168.1.0
  cust2 advertises 192.168.1.0/24 with RD 1:2 therefore
  VPNv4 prefix is 1:2:192.168.1.0"
  My test lab does not support the IBGP multipath command, and thus even with different RDs, it still only installs one best path.
  I understand that RD = make unique VPNv4 routes in SP space, and that RT = what to import into the VRF. However, I am having a hard time visualizing the scenario with mutiple RDs for the same VPN for load balancing purposes. I am trying to understand the logic behind it.
  Per your example, if both 1:1 and 1:2 are received by the remote PE, assuming IBGP multipath is enabled, why would the remote PE load balance between the two links? Why would it assume that the hub subnets are reachable via two different PEs, and that it's not two different, isolated VPNs altogether?
  Is it b/c you imported both 1:1 and 1:2 into a VRF at the remote PE?

• Equivalent for an "IP accounting" in MPLS Network

  Do we have an equivalent for an IP accounting in an interface in MPLS network. I would like to know this to identify traffic flowing across a WAN interface which is being tag/label switched

  Thanks gopal. However this command "show tag-switching forwarding table" did not help me find a host in a network choking up the WAN link. I heard from one of the cisco reps saying cisco is releasing an IOS to do this in Feb. I hope that helps.

• VOIP MPLS network only 40-50% utilized

  We are in the process of upgrading our bandwidth at our branch locations into 3 Mbps MPLS networ and we only run Citrix traffic and IP Voice (Interoffice calls) from our Branch locations into our HQ.
  We expect Bandwith utilization to typically max out at 1.6 MBPS. Do you think we need to configure QoS for the voice traffic since the circuit will only be 40-50 percent utilized? My thinking was why should I configure QoS if the bandwidth is only at 40 - 50 percent. The voice traffic should have enough bandwidth to communicate over the wire.
  Is my thinking correct or should I configure QoS across this MPLS network? If I should confiure QoS what type do you recommend.
  Any responses are greatly appreciated

  Hi,
  I would configure QoS, because there are not only sunny days in life ...
  What if you catch Nimda version 7.2beta, i.e. the newest worm out there trying to blast any valid IP in your network? I would not want to explain to my CEO why we lost telephony as well ...
  So on a more technical level: QoS is needed to do resource management. As such you are right in that QoS is not needed if you have enough resources. Yet, who can guarantee this in an IP network at any point in time? I would put it QoS just as an insurance though it would not be needed during normal operation.
  Saying this I might add that this is the appropriate usage anyhow, as QoS will not solve issues arising from constant lack of bandwidth. Queueing is meant to handle exceptions. There is always the possibility of the unforseen.
  Hope this helps! Please rate all posts.
  Regards, Martin

• Running Large Backups over an MPLS Network

  We are opening up a second data center at my organization. The location is about 60 miles from our primary data center.
  At our primary data center we use an MPLS network for our WAN. We have ll remote locations on our WAN and we have a DS-3 that connects to our primary data center.
  At our new second data center we will connect it to the MPLS network.
  Do you think we should run our backups between the 2 data centers across the MPLS or do you think we should order a seperate private line or ethernet type service between the 2 data centers? All back ups from our primary data center will continually move across the network to our new secondary data center.
  Do you think MPLS is a good technology to run large back ups across? Is it reliable enough

  "Do you think MPLS is a good technology to run large back ups across?"
  Sure.
  "Is it reliable enough"
  Depends more on your MPLS provider than the technology itself.
  Two issues that may be more important to you vs. how "reliable" MPLS is, might be cost of bandwidth vs. other technologies or sharing the MPLS bandwidth with non-backup applications. The latter would depend much on what QoS that might be available to you to insure your backup traffic doesn't adversely impact non-backup traffic.

• MPLS network design challenge

  Hi,
  I have a design issue for which I really like your help.
  In a MPLS network there are twoPOP gateway routers (G1,G2) peering with various MPLS VPN Service providers via B2B vrf eBGP peering are in 4 different ASN's. They inturn all peer via VPNv4 eBGP with the Core ASN which comprises of  2 Nos VPNv4 RR's and every site in the ASN haveing 2 P/PE per site. Every P/PE is peering via VPNv4- iBGP with the VPNv4 RR's. The RR's are not in the forwarding path of the traffic.
  Every site has 2 Nos CE routers and each CE router does a vrf based ebgp peering with the P/PE's.
  The P/PE routers import 2Nos RT exported by the 2 Nos POP G/w routers and inturn selects the best path and pass it to the CE routers.
  Now it is seen that the P/PE of all sites is selecting the best path adverstised by G1 instead of  G2 based on the AS PATH length and the shortest path is being adverstised by G1. So till a situation arises that the G1 is down till that time the P/PE's are forwarding the outbound traffic from the CE to G1 even also when the IGP cost is adding up high and when there is a direct link failure from the P/PE site to G1 site.
  It therefore makes sense that if the direct physical link form a P/PE site to the site G1 is located goes down ,the P/PE's then should choose  G2 via another path even when G1 is available.
  Does these sort of requirements ever come in SP environments from customers ? if so what are the solutions ..
  Thanks in advance
  Kas

  Hi kas,
  This type of requirement come to providers and there are few options which provider can implement.
  1- Play with local preference along with import map in vrf if requirement is customer specific. I mean if one customer want that G1 should be primary exit point and other customer want G2 as primary exit than he can use import map (which is similar to route-map )
  ip vrf ABCD
  rd XX
  import map ABCD
  route-target export XX
  route-target import YY
  route-map ABCD permit 20
  set local-preference >100
  2- Or you can play with As-path prepending option if you want to skip selection based on local preference.
  it is in provider interest to provide you solution. as there are options of affecting traffic by using communities.
  Please provide diagram and some config for complete solution.
  Regards
  Mahesh

• Connectivity problems on ATM MPLS network

  We have implemented a country wide MPLS network based on 8500 platforms. We have encountered some strange connectivity problems between some PE's. Without apparent reason connectivity is lost between some PEs and restored after some time. The global routing table is perfectly stable among all the routers on the path between respective PE's. Also the LVC's & TAGs are stable and practically we were unable to find any change between the working and not working state. As a curious thing, during the outage (minutes) clearing routes into a PE VRF was restoring connectivity on the respective VRF and all other VRFs on the respective PE also!
  Has enyone seeing similar problems before?
  PE routers are 3660 series and we've tried all IOS available on CCO.

  Have you made any provisioning (upgrading connectivity) bet the PEs and Ps....I suffer such a similar problem with our network PEs and I notice that this happen after provisioning links between our PEs (RPMs in MGX 8850) and the ATM LSR (BPX 8600).
  when i issue "clear ip route vrf *" or reload the RPM.....all the VRFs operate normally again.....so I get used to such a problem after any network provisioning process but still i couldn't relate this to problems with VRFs.

• Influencing BGP attributes within MPLS network

  pls take a look at my question and diagram is attached in the file. pls help me to fix this problem.
  I have following requirement about traffic paths within the 
  MPLS network.MPLS network is running MP-BGP4.
  1.Traffic from Europe branch to Asia branch go through London
    router.
  2.Traffic from America branch to Asia branch go through Los Angeles
    router.
  3.The two paths through London and Los Angeles should have redundancy.
    That is if path through London is not accessible all the traffic must
    go through Los Angeles. IF Los Angeles path go down all the traffic must
    go through London.
  4.Traffic from Asia to Europe and America is controlled by redistributing
    BGP4 learned routes with different metrics at the London and Los Angeles
    routers.So that trafic from Asia branch to Europe go through London and
    traffic from Asia to America go through Los Angeles.
  I have been using below configs on the PE routers. But it is not working.
  In the MPLS network only one path is selected for both traffic from Europe
  and America.Pls can anyone help me to fix this problem.
  #PE3
  ip vrf CUSTOMER
  rd 1:10
  route-target export 1:20
  route-target import 1:40
  export map EXPORT-ROUTE
  import map IMPORT-ROUTE
  interface FastEthernet0/0
  description LONDON-GW
  ip vrf forwarding CUSTOMER
  ip address 1.1.1.2 255.255.255.252
  router bgp 65400
  address-family ipv4 vrf CUSTOMER
  redistribute connected
  neighbor 1.1.1.1 remote-as 65401
  neighbor 1.1.1.1 activate
  neighbor 1.1.1.1 next-hop-self
  neighbor 1.1.1.1 soft-reconfiguration inbound
  no auto-summary
  no synchronization
  exit-address-family
  ip extcommunity-list 1 permit rt 1:10
  ip extcommunity-list 2 permit rt 1:40
  route-map EXPORT-ROUTE permit 10
  description LONDON-GW
  match extcommunity 1
  set extcomm-list 1 delete
  set extcommunity rt 1:20 additive
  route-map IMPORT-ROUTE permit 10
  description EU & US-BRANCH
  match extcommunity 2
  #PE4
  ip vrf CUSTOMER
  rd 1:10
  route-target export 1:30
  route-target import 1:40
  export map EXPORT-ROUTE
  import map IMPORT-ROUTE
  interface FastEthernet0/0
  description LA-GW
  ip vrf forwarding CUSTOMER
  ip address 2.2.2.2 255.255.255.252
  router bgp 65400
  address-family ipv4 vrf CUSTOMER
  redistribute connected
  neighbor 2.2.2.1 remote-as 65402
  neighbor 2.2.2.1 activate
  neighbor 2.2.2.1 next-hop-self
  neighbor 2.2.2.1 soft-reconfiguration inbound
  no auto-summary
  no synchronization
  exit-address-family
  ip extcommunity-list 1 permit rt 1:10
  ip extcommunity-list 2 permit rt 1:40
  route-map EXPORT-ROUTE permit 10
  description LA-GW
  match extcommunity 1
  set extcomm-list 1 delete
  set extcommunity rt 1:30 additive
  route-map IMPORT-ROUTE permit 10
  description EU & US-BRANCH
  match extcommunity 2
  #PE1
  ip vrf CUSTOMER
  rd 1:10
  route-target export 1:40
  route-target import 1:20
  route-target import 1:30
  export map EXPORT-ROUTE
  import map IMPORT-ROUTE
  interface FastEthernet0/0
  description EU-BRANCH
  ip vrf forwarding CUSTOMER
  ip address 3.3.3.2 255.255.255.252
  router bgp 65400
  address-family ipv4 vrf CUSTOMER
  redistribute connected
  redistribute static
  no auto-summary
  no synchronization
  exit-address-family
  ip route vrf CUSTOMER 172.16.1.0 255.255.255.0 FastEthernet0/0 3.3.3.1 name EU-BRANCH
  ip extcommunity-list 1 permit rt 1:10
  ip extcommunity-list 2 permit rt 1:20
  ip extcommunity-list 3 permit rt 1:30
  route-map EXPORT-ROUTE permit 10
  description EU-BRANCH
  match extcommunity 1
  set extcomm-list 1 delete
  set extcommunity rt 1:40 additive
  route-map IMPORT-ROUTE permit 10
  description LONDON-GW(MAIN)
  match extcommunity 2
  set metric 100
  route-map IMPORT-ROUTE permit 20
  description LA-GW(BACKUP)
  match extcommunity 3
  set metric 200
  route-map IMPORT-ROUTE permit 30
  description OTHER
  #PE2
  ip vrf CUSTOMER
  rd 1:10
  route-target export 1:40
  route-target import 1:20
  route-target import 1:30
  export map EXPORT-ROUTE
  import map IMPORT-ROUTE
  interface FastEthernet0/0
  description US-BRANCH
  ip vrf forwarding CUSTOMER
  ip address 4.4.4.2 255.255.255.252
  router bgp 65400
  address-family ipv4 vrf CUSTOMER
  redistribute connected
  redistribute static
  no auto-summary
  no synchronization
  exit-address-family
  ip route vrf CUSTOMER 192.168.1.0 255.255.255.0 FastEthernet0/0 4.4.4.1 name US-BRANCH
  ip extcommunity-list 1 permit rt 1:10
  ip extcommunity-list 2 permit rt 1:20
  ip extcommunity-list 3 permit rt 1:30
  route-map EXPORT-ROUTE permit 10
  description US-BRANCH
  match extcommunity 1
  set extcomm-list 1 delete
  set extcommunity rt 1:40 additive
  route-map IMPORT-ROUTE permit 10
  description LONDON-GW(BACKUP)
  match extcommunity 2
  set metric 200
  route-map IMPORT-ROUTE permit 20
  description LA-GW(MAIN)
  match extcommunity 3
  set metric 100
  route-map IMPORT-ROUTE permit 30
  description OTHER

  Hi Manoj
  "send-community both" will export both Standard and Extended Communities
  The Standard Community Values which we are setting up New on PE3 and PE4 and Matching on PE1 and PE2 can be anything in ASN:nn Format..I Just randomly chose them as 65400:1111 on PE3/PE1 and 65400:2222 on PE4/PE2.
  The extcommunity values to be used on PE3/PE4 will be the export RT values used in the VRF Customer Config as posted in your first post..
  #PE3
  ip vrf CUSTOMER
  rd 1:10
  route-target export 1:20
  route-target import 1:40
  export map EXPORT-ROUTE
  import map IMPORT-ROUTE
  #PE4
  ip vrf CUSTOMER
  rd 1:10
  route-target export 1:30
  route-target import 1:40
  export map EXPORT-ROUTE
  import map IMPORT-ROUTE
  I think I mixed up little with PE3 as PE1 and PE4 as PE2 instead ..Revised corrected config would be
  On PE3-- Under VPNv4 We enable sending out the normal community values out to the RR.Then we match the extcommunity rt for the VRF Customer and set the community value to 65400:1111 which will be matched at PE1
  router bgp 65400
  address-family vpnv4
  neighbor "RR-IP" send-community both
  neighbor "RR-IP" route-map community out
  exit-address-family
  route-map community permit 10
  match extcommunity CUSTOMER
  set community 65400:1111
  route-map community permit 20
  ip extcommunity-list standard CUSTOMER permit rt 1:20
  On PE4-- Under VPNv4 We enable sending out the normal community values out to the RR.Then we match the extcommunity rt for the VRF Customer and set the community value to 65400:2222 which will be matched at PE2
  router bgp 65400
  address-family vpnv4
  neighbor "RR-IP" send-community both
  neighbor "RR-IP" route-map community out
  exit-address-family
  route-map community permit 10
  match extcommunity CUSTOMER
  set community 65400:2222
  route-map community permit 20
  ip extcommunity-list standard CUSTOMER permit rt 1:30
  On PE1-- Under VPNv4 We match the community value 65400:1111 which was set at PE3 and set the LP to 110
  router bgp 65400
  address-family vpnv4
  neighbor "RR-IP" route-map community in
  exit-address-family
  route-map community permit 10
  match community CUSTOMER
  set local-preference 110
  route-map community permit 20
  ip community-list standard CUSTOMER permit 65400:1111
  On PE2-- Under VPNv4 We match the community value 65400:2222 which was set at PE4 and set the LP to 110
  router bgp 65400
  address-family vpnv4
  neighbor "RR-IP" route-map community in
  exit-address-family
  route-map community permit 10
  match community CUSTOMER
  set local-preference 110
  route-map community permit 20
  ip community-list standard CUSTOMER permit 65400:2222
  Make Sure that RR is enabled to propogate the normal BGP communities as well...
  Hope this helps to answer your question..Please let me know for any clarifications..
  Regards
  Varma

• Access local mpls network surf internet with pda(gprs/edge/3g connection)

  dear sir,
  we have the hp pda 6365 and wish to use this pda connect with gprs/edge/3g and hopefully can access the local mpls network and surf internet. Any idea how to perform this? please share. thank you very much.
  hereby is the link to the pda.
  http://h20000.www2.hp.com/bizsupport/TechSupport/DocumentIndex.jsp &lang=en&cc=us&contentType=SupportManual&docIndexId=179166&prodTypeId=215348&prodSeriesId=430120&lang=en&cc=us

  Hi,
  For this kind of case, normally, I anticipate the connection comes from internet cloud which refers to remote access.
  Since we have managed firewall services that associated with customer VRF, on windows based client, just configure/enable PPTP/IPSec on client - like most laptop or maybe perhaps pda...
  cheers..
  maher