CCIE SPv5.1 Labs
  • Intro
    • Setup
  • Purpose
  • Video Demonstration
  • Containerlab Tips
  • Labs
    • ISIS
      • Start
      • Topology
      • Prefix Suppression
      • Hello padding
      • Overload Bit
      • LSP size
      • Default metric
      • Hello/Hold Timer
      • Mesh groups
      • Prefix Summarization
      • Default Route Preference
      • ISIS Timers
      • Log Neighbor Changes
      • Troubleshooting 1 - No routes
      • Troubleshooting 2 - Adjacency
      • IPv6 Single Topology
      • IPv6 Single Topology Challenge
      • IPv6 Multi Topology
      • IPv6 Single to Multi Topology
      • Wide Metrics Explained
      • Route Filtering
      • Backdoor Link
      • Non-Optimal Intra-Area routing
      • Multi Area
      • Authentication
      • Conditional ATT Bit
      • Troubleshooting iBGP
      • Troubleshooting TE Tunnel
    • LDP
      • Start
      • Topology
      • LDP and ECMP
      • LDP and Static Routes
      • LDP Timers
      • LDP Authentication
      • LDP Session Protection
      • LDP/IGP Sync (OSPF)
      • LDP/IGP Sync (ISIS)
      • LDP Local Allocation Filtering
      • LDP Conditional Label Advertisement
      • LDP Inbound Label Advertisement Filtering
      • LDP Label Advertisement Filtering Challenge
      • LDP Implicit Withdraw
      • LDP Transport Address Troubleshooting
      • LDP Static Labels
    • MPLS-TE
      • Start
      • Topology
      • Basic TE Tunnel w/ OSPF
      • Basic TE Tunnel w/ ISIS
      • TE Tunnel using Admin Weight
      • TE Tunnel using Link Affinity
      • TE Tunnel with Explicit-Null
      • TE Tunnel with Conditional Attributes
      • RSVP message pacing
      • Reoptimization timer
      • IGP TE Flooding Thresholds
      • CSPF Tiebreakers
      • TE Tunnel Preemption
      • TE Tunnel Soft Preemption
      • Tunneling LDP inside RSVP
      • PE to P TE Tunnel
      • Autoroute Announce Metric (XE)
      • Autoroute Announce Metric (XR)
      • Autoroute Announce Absolute Metric
      • Autoroute Announce Backup Path
      • Forwarding Adjacency
      • Forwarding Adjacency with OSPF
      • TE Tunnels with UCMP
      • Auto-Bandwidth
      • FRR Link Protection (XE, BFD)
      • FRR Link Protection (XE, RSVP Hellos)
      • FRR Node Protection (XR)
      • FRR Path Protection
      • FRR Multiple Backup Tunnels (Node Protection)
      • FRR Multiple Backup Tunnels (Link Protection)
      • FRR Multiple Backup Tunnels (Backwidth/Link Protection)
      • FRR Backup Auto-Tunnels
      • FRR Backup Auto-Tunnels with SRLG
      • Full Mesh Auto-Tunnels
      • Full Mesh Dynamic Auto-Tunnels
      • One-Hop Auto-Tunnels
      • CBTS/PBTS
      • Traditional DS-TE
      • IETF DS-TE with MAM
      • IETF DS-TE with RDM
      • RDM w/ FRR Troubleshooting
      • Per-VRF TE Tunnels
      • Tactical TE Issues
      • Multicast and MPLS-TE
    • SR
      • Start
      • Topology
      • Basic SR with ISIS
      • Basic SR with OSPF
      • SRGB Modifcation
      • SR with ExpNull
      • SR Anycast SID
      • SR Adjacency SID
      • SR LAN Adjacency SID (Walkthrough)
      • SR and RSVP-TE interaction
      • SR Basic Inter-area with ISIS
      • SR Basic Inter-area with OSPF
      • SR Basic Inter-IGP (redistribution)
      • SR Basic Inter-AS using BGP
      • SR BGP Data Center (eBGP)
      • SR BGP Data Center (iBGP)
      • LFA
      • LFA Tiebreakers (ISIS)
      • LFA Tiebreakers (OSPF)
      • Remote LFA
      • RLFA Tiebreakers?
      • TI-LFA
      • Remote LFA or TILFA?
      • TI-LFA Node Protection
      • TI-LFA SRLG Protection
      • TI-LFA Protection Priorities (ISIS)
      • TI-LFA Protection Priorities (OSPF)
      • Microloop Avoidance
      • SR/LDP Interworking
      • SR/LDP SRMS OSPF Inter-Area
      • SR/LDP Design Challenge #1
      • SR/LDP Design Challenge #2
      • Migrate LDP to SR (ISIS)
      • OAM with SR
      • SR-MPLS using IPv6
      • Basic SR-TE with AS
      • Basic SR-TE with AS and ODN
      • SR-TE with AS Primary/Secondary Paths
      • SR-TE Dynamic Policies
      • SR-TE Dynamic Policy with Margin
      • SR-TE Explicit Paths
      • SR-TE Disjoint Planes using Anycast SIDs
      • SR-TE Flex-Algo w/ Latency
      • SR-TE Flex-Algo w/ Affinity
      • SR-TE Disjoint Planes using Flex-Algo
      • SR-TE BSIDs
      • SR-TE RSVP-TE Stitching
      • SR-TE Autoroute Include
      • SR Inter-IGP using PCE
      • SR-TE PCC Features
      • SR-TE PCE Instantiated Policy
      • SR-TE PCE Redundancy
      • SR-TE PCE Redundancy w/ Sync
      • SR-TE Basic BGP EPE
      • SR-TE BGP EPE for Unified MPLS
      • SR-TE Disjoint Paths
      • SR Converged SDN Transport Challenge
      • SR OAM DPM
      • SR OAM Tools
      • Performance-Measurement (Interface Delay)
    • SRv6
      • Start
      • Topology
      • Basic SRv6
      • SRv6 uSID
      • SRv6 uSID w/ EVPN-VPWS and BGP IPv4/IPv6
      • SRv6 uSID w/ SR-TE
      • SRv6 uSID w/ SR-TE Explicit Paths
      • SRv6 uSID w/ L3 IGW
      • SRv6 uSID w/ Dual-Connected PE
      • SRv6 uSID w/ Flex Algo
      • SRv6 uSID - Scale (Pt. 1)
      • SRv6 uSID - Scale (Pt. 2)
      • SRv6 uSID - Scale (Pt. 3) (UPA Walkthrough)
      • SRv6 uSID - Scale (Pt. 4) (Flex Algo)
      • SRv6 uSID w/ TI-LFA
    • Multicast
      • Start
      • Topology
      • Basic PIM-SSM
      • PIM-SSM Static Mapping
      • Basic PIM-SM
      • PIM-SM with Anycast RP
      • PIM-SM with Auto-RP
      • PIM-SM with BSR
      • PIM-SM with BSR for IPv6
      • PIM-BiDir
      • PIM-BiDir for IPv6
      • PIM-BiDir with Phantom RP
      • PIM Security
      • PIM Boundaries with AutoRP
      • PIM Boundaries with BSR
      • PIM-SM IPv6 using Embedded RP
      • PIM SSM Range Note
      • PIM RPF Troubleshooting #1
      • PIM RPF Troubleshooting #2
      • PIM RP Troubleshooting
      • PIM Duplicate Traffic Troubleshooting
      • Using IOS-XR as a Sender/Receiver
      • PIM-SM without Receiver IGMP Joins
      • RP Discovery Methods
      • Basic Interdomain Multicast w/o MSDP
      • Basic Interdomain Multicast w/ MSDP
      • MSDP Filtering
      • MSDP Flood Reduction
      • MSDP Default Peer
      • MSDP RPF Check (IOS-XR)
      • MSDP RPF Check (IOS-XE)
      • Interdomain MBGP Policies
      • PIM Boundaries using MSDP
    • MVPN
      • Start
      • Topology
      • Profile 0
      • Profile 0 with data MDTs
      • Profile 1
      • Profile 1 w/ Redundant Roots
      • Profile 1 with data MDTs
      • Profile 6
      • Profile 7
      • Profile 3
      • Profile 3 with S-PMSI
      • Profile 11
      • Profile 11 with S-PMSI
      • Profile 11 w/ Receiver-only Sites
      • Profile 9 with S-PMSI
      • Profile 12
      • Profile 13
      • UMH (Upstream Multicast Hop) Challenge
      • Profile 13 w/ Configuration Knobs
      • Profile 13 w/ PE RP
      • Profile 12 w/ PE Anycast RP
      • Profile 14 (Partitioned MDT)
      • Profile 14 with Extranet option #1
      • Profile 14 with Extranet option #2
      • Profile 14 w/ IPv6
      • Profile 17
      • Profile 19
      • Profile 21
    • MVPN SR
      • Start
      • Topology
      • Profile 27
      • Profile 27 w/ Constraints
      • Profile 27 w/ FRR
      • Profile 28
      • Profile 28 w/ Constraints and FRR
      • Profile 28 w/ Data MDTs
      • Profile 29
    • VPWS
      • Start
      • Topology
      • Basic VPWS
      • VPWS with Tag Manipulation
      • Redundant VPWS
      • Redundant VPWS (IOS-XR)
      • VPWS with PW interfaces
      • Manual VPWS
      • VPWS with Sequencing
      • Pseudowire Logging
      • VPWS with FAT-PW
      • MS-PS (Pseudowire stitching)
      • VPWS with BGP AD
    • VPLS
      • Start
      • Topology
      • Basic VPLS with LDP
      • VPLS with LDP and BGP
      • VPLS with BGP only
      • Hub and Spoke VPLS
      • Tunnel L2 Protocols over VPLS
      • Basic H-VPLS
      • H-VPLS with BGP
      • H-VPLS with QinQ
      • H-VPLS with Redundancy
      • VPLS with Routing
      • VPLS MAC Protection
      • Basic E-TREE
      • VPLS with LDP/BGP-AD and XRv RR
      • VPLS with BGP and XRv RR
      • VPLS with Storm Control
    • EVPN
      • Start
      • Topology
      • EVPN VPWS
      • EVPN VPWS Multihomed
      • EVPN VPWS Multihomed Single-Active
      • Basic Single-homed EVPN E-LAN
      • EVPN E-LAN Service Label Allocation
      • EVPN E-LAN Ethernet Tag
      • EVPN E-LAN Multihomed
      • EVPN E-LAN on XRv
      • EVPN IRB
      • EVPN-VPWS Multihomed IOS-XR (All-Active)
      • EVPN-VPWS Multihomed IOS-XR (Port-Active)
      • EVPN-VPWS Multihomed IOS-XR (Single-Active)
      • EVPN-VPWS Multihomed IOS-XR (Non-Bundle)
      • PBB-EVPN (Informational)
    • BGP Multi-Homing (XE)
      • Start
      • Topology
      • Lab1 ECMP
      • Lab2 UCMP
      • Lab3 Backup Path
      • Lab4 Shadow Session
      • Lab5 Shadow RR
      • Lab6 RR with Add-Path
      • Lab7 MPLS + Add Path ECMP
      • Lab8 MPLS + Shadow RR
      • Lab9 MPLS + RDs + UCMP
    • BGP Multi-Homing (XR)
      • Start
      • Topology
      • Lab1 ECMP
      • Lab2 UCMP
      • Lab3 Backup Path
      • Lab4 “Shadow Session”
      • Lab5 “Shadow RR”
      • Lab6 RR with Add-Path
      • Lab7 MPLS + Add Path ECMP
      • Lab8 MPLS + “Shadow RR”
      • Lab9 MPLS + RDs + UCMP
      • Lab10 MPLS + Same RD + Add-Path + UCMP
      • Lab11 MPLS + Same RD + Add-Path + Repair Path
    • BGP
      • Start
      • Conditional Advertisement
      • Aggregation and Deaggregation
      • Local AS
      • BGP QoS Policy Propagation
      • Non-Optimal eBGP Routing
      • Multihomed Enterprise Challenge
      • Provider Communities
      • Destination-Based RTBH
      • Destination-Based RTBH (Community-Based)
      • Source-Based RTBH
      • Source-Based RTBH (Community-Based)
      • Multihomed Enterprise Challenge (XRv)
      • Provider Communities (XRv)
      • DMZ Link BW Lab1
      • DMZ Link BW Lab2
      • PIC Edge in the Global Table
      • PIC Edge Troubleshooting
      • PIC Edge for VPNv4
      • AIGP
      • AIGP Translation
      • Cost-Community (iBGP)
      • Cost-Community (confed eBGP)
      • Destination-Based RTBH (VRF Provider-triggered)
      • Destination-Based RTBH (VRF CE-triggered)
      • Source-Based RTBH (VRF Provider-triggered)
      • Flowspec (Global IPv4/6PE)
      • Flowspec (VRF)
      • Flowspec (Global IPv4/6PE w/ Redirect)
      • Flowspec (Global IPv4/6PE w/ Redirect) T-Shoot
      • Flowspec (VRF w/ Redirect)
      • Flowspec (Global IPv4/6PE w/ CE Advertisement)
    • Intra-AS L3VPN
      • Start
      • Partitioned RRs
      • Partitioned RRs with IOS-XR
      • RT Filter
      • Non-Optimal Multi-Homed Routing
      • Troubleshoot #1 (BGP)
      • Troubleshoot #2 (OSPF)
      • Troubleshoot #3 (OSPF)
      • Troubleshoot #4 (OSPF Inter-AS)
      • VRF to Global Internet Access (IOS-XE)
      • VRF to Global Internet Access (IOS-XR)
    • Inter-AS L3VPN
      • Start
      • Inter-AS Option A
      • Inter-AS Option B
      • Inter-AS Option C
      • Inter-AS Option AB (D)
      • CSC
      • CSC with Option AB (D)
      • Inter-AS Option C - iBGP LU
      • Inter-AS Option B w/ RT Rewrite
      • Inter-AS Option C w/ RT Rewrite
      • Inter-AS Option A Multi-Homed
      • Inter-AS Option B Multi-Homed
      • Inter-AS Option C Multi-Homed
    • Russo Inter-AS
      • Start
      • Topology
      • Option A L3NNI
      • Option A L2NNI
      • Option A mVPN
      • Option B L3NNI
      • Option B mVPN
      • Option C L3NNI
      • Option C L3NNI w/ L2VPN
      • Option C mVPN
    • BGP RPKI
      • Start
      • RPKI on IOS-XE (Enabling the feature)
      • RPKI on IOS-XE (Validation)
      • RPKI on IOS-XR (Enabling the feature)
      • Enable SSH in Routinator
      • RPKI on IOS-XR (Validation)
      • RPKI on IOS-XR (RPKI Routes)
      • RPKI on IOS-XR (VRF)
      • RPKI iBGP Mesh (No Signaling)
      • RPKI iBGP Mesh (iBGP Signaling)
    • NAT
      • Start
      • Egress PE NAT44
      • NAT44 within an INET VRF
      • Internet Reachability between VRFs
      • CGNAT
      • NAT64 Stateful
      • NAT64 Stateful w/ Static NAT
      • NAT64 Stateless
      • MAP-T BR
    • BFD
      • Start
      • Topology
      • OSPF Hellos
      • ISIS Hellos
      • BGP Keepalives
      • PIM Hellos
      • Basic BFD for all protocols
      • BFD Asymmetric Timers
      • BFD Templates
      • BFD Tshoot #1
      • BFD for Static Routes
      • BFD Multi-Hop
      • BFD for VPNv4 Static Routes
      • BFD for VPNv6 Static Routes
      • BFD for Pseudowires
    • QoS
      • Start
      • QoS on IOS-XE
      • Advanced QoS on IOS-XE Pt. 1
      • Advanced QoS on IOS-XE Pt. 2
      • MPLS QoS Design
      • Notes - QoS on IOS-XR
    • NSO
      • Start
      • Basic NSO Usage
      • Basic NSO Template Service
      • Advanced NSO Template Service
      • Advanced NSO Template Service #2
      • NSO Template vs. Template Service
      • NSO API using Python
      • NSO API using Python #2
      • NSO API using Python #3
      • Using a NETCONF NED
      • Python Service
      • Nano Services
    • MDT
      • Start
      • MDT Server Setup
      • Basic Dial-Out
      • Filtering Data using XPATH
      • Finding the correct YANG model
      • Finding the correct YANG model #2
      • Event-Driven MDT
      • Basic Dial-In using gNMI
      • Dial-Out with TLS
      • Dial-In with TLS
      • Dial-In with two-way TLS
    • App-Hosting
      • Start
      • Lab - iperf3 Docker Container
      • Notes - LXC Container
      • Notes - Native Applications
      • Notes - Process Scripts
    • ZTP
      • Notes - Classic ZTP
      • Notes - Secure ZTP
    • L2 Connectivity Notes
      • 802.1ad (Q-in-Q)
      • MST-AG
      • MC-LAG
      • G.8032
    • Ethernet OAM
      • Start
      • Topology
      • CFM
      • y1731
      • Notes - y1564
    • Security
      • Start
      • Notes - Security ACLs
      • Notes - Hybrid ACLs
      • Notes - MPP (IOS-XR)
      • Notes - MPP (IOS-XE)
      • Notes - CoPP (IOS-XE)
      • Notes - LPTS (IOS-XR)
      • Notes - WAN MACsec White Paper
      • Notes - WAN MACsec Config Guide
      • Notes - AAA
      • Notes - uRPF
      • Notes - VTY lines (IOS-XR)
      • Lab - uRPF
      • Lab - MPP
      • Lab - AAA (IOS-XE)
      • Lab - AAA (IOS-XR)
      • Lab - CoPP and LPTS
    • Assurance
      • Start
      • Notes - Syslog on IOS-XE
      • Notes - Syslog on IOS-XR
      • Notes - SNMP Traps
      • Syslog (IOS-XR)
      • RMON
      • Netflow (IOS-XE)
      • Netflow (IOS-XR)
Powered by GitBook
On this page
  • Answer
  • Explanation
  • Verification
  • What happens if MPLS is broken at one of the CSC CE - CSC PE links?
  • Summary
  1. Labs
  2. Inter-AS L3VPN

CSC

PreviousInter-AS Option AB (D)NextCSC with Option AB (D)

Last updated 2 months ago

Load csc.init.cfg

#IOS-XE
config replace flash:csc.init.cfg
 
#IOS-XR
configure
load bootflash:csc.init.cfg
commit replace
y

The IGPs of each AS are already preconfigured. Basic L3VPN is setup in AS100 for VPN_A and VPN_B, however R2 and XR2 have no connectivity yet.

Configure CSC between AS 17819 and AS 100. Use LDP where possible at the ASBR-ASBR links.

Answer

#R1
vrf def CSC
 rd 1:1
 route-target both 1:1
 add ipv4
!
router isis
 vrf CSC
 net 49.0001.0000.0000.0001.00
 is-type level-2-only
 redistribute bgp 17819
!
int gi2.13
 vrf forwarding CSC
 ip add 20.1.3.1 255.255.255.0
 mpls ip
 ip router isis
 isis net point-to-point
!
router bgp 17819
 add ipv4 vrf CSC
  redistribute isis

#R3
int gi2.13
 mpls ip
 ip router isis
 isis net point-to-point

#XR1
vrf CSC
 add ipv4 uni
  import route-target 1:1
  export route-target 1:1
!
int gi0/0/0/0.419
 no ipv4 add
 vrf CSC
 ipv4 add 20.4.19.19/24
!
router static vrf CSC add ipv4 uni
 20.4.19.4/32 gi0/0/0/0.419
!
route-policy PASS
 pass
end-policy
!
router bgp 17819
 vrf CSC
  rd 1:1
  add ipv4 uni
   allocate-label all
  neighbor 20.4.19.4
   remote-as 100
   add ipv4 labeled-unicast
    route-policy PASS in
    route-policy PASS out

#R4
router bgp 100
 neighbor 20.4.19.19 remote-as 17819
 neighbor 20.4.19.19 send-label
 redistribute isis
 redistribute connected
!
router isis
 redistribute bgp 100

Explanation

CSC (Carrier Supporting Carrier), also called Carrier’s Carrier, and also called Hierarchical L3VPN, allows an SP to use another SP for MPLS transit. Simply put, in our lab, the backbone carrier (AS 17819) carries the customer carrier’s (AS 100) global table in a VRF. This allows AS 100 to extend its MPLS transit across another MPLS provider, without the backbone carrier needing to be concerned with the final customer’s routing tables.

Another option could be to do one of the inter-AS options (A, B, or C), but in all of these cases, AS 17819 would have to partipate in VPN_A and VPN_B, which makes no sense, because the customer is not directly connecting to AS 17819. AS100 simply needs to use AS 17819 for MPLS transit.

CSC is usually seen when L2VPN p2p circuits are not an option. This may be the case if an Ethernet handoff is not viable in a particular PoP, so L3VPN using CSC might be more feasible than doing an EVC with protocol translation. (Protocol translation, as in translating Ethernet to ATM for example).

In CSC, the backbone carrier’s PEs are called CSC PEs. The customer carrier’s PEs are called CSC CEs, because from the backbone carrier’s perspective, they are CEs. In our lab, R1 and XR1 are CSC PEs. R3 and R4 are CSC CEs. R3 and R4 must advertise the internal prefixes to their CSC PE. The CSC PEs just treat this like a normal L3VPN, except they must enable MPLS on the CE-PE link.

We are limited to two options for using MPLS on the CE-PE link, because the CSC PE must put this link in a VRF. On IOS-XE, we can use LDP in a VRF, or we can do BGP IPv4-LU in a VRF. On IOS-XR, our only option is BGP IPv4-LU in a VRF. This lab asks us to use LDP where possible, so we use it on R1. Note that R1 will automatically use the interface address as the transport address for the LDP session in VRF CSC, because no actual loopback exists in that VRF.

#R1
router isis
 vrf CSC
 net 49.0001.0000.0000.0001.00
 is-type level-2-only
 redistribute bgp 17819
!
int gi2.13
 vrf forwarding CSC
 ip add 20.1.3.1 255.255.255.0
 mpls ip
 ip router isis
 isis net point-to-point
!
router bgp 17819
 add ipv4 vrf CSC
  redistribute isis

#R3
int gi2.13
 mpls ip
 ip router isis
 isis net point-to-point

From R3’s perspective, this is just another link in the internal IGP, which makes it easy. From R1’s perspective, this is using ISIS as a PE-CE protocol, so there is mutual redistribution between ISIS and BGP for the CSC VRF.

On R1, we can examine LDP output for the VRF by appending the vrf CSC keyword to all show commands.

On XR1, our only option is to use BGP IPv4-LU. We configure this under a VRF as you would expect. You must make sure to allocate-labels under the regular IPv4 unicast address-family. This allows routes injected from VPNv4 to be advertised to the CSC CE with a label. Remember to configure the static /32 route on IOS-XR when doing BGP IPv4-LU with an eBGP neighbor.

#XR1
router static vrf CSC add ipv4 uni
 20.4.19.4/32 gi0/0/0/0.419
!
router bgp 17819
 vrf CSC
  rd 1:1
  !
  add ipv4 uni
   allocate-label all
  !
  neighbor 20.4.19.4
   remote-as 100
   add ipv4 labeled-unicast
    route-policy PASS in
    route-policy PASS out

At this point, the backbone carrier will only have the customer carrier’s internal links in the VRF table. This is highly scalable, as no matter how many L3VPNs the customer carrier has, the backbone carrier’s VRF table stays the same size.

The customer carrier sees the ASBR link as a regular ISIS link at the R3 side, and as a BGP IPv4 LU link on the R4 side. Note that this negatively impacts TE, as there are two separate IGP islands. R1 is redistributing routes into ISIS, and R4 is redistributing BGP routes into ISIS.

Verification

Preform a traceroute between R9 and R10, and see if you can identify each label in the path.

At hops 2-4, the top label represents 20.20.20.20/32. R2 has a route to 30.10.10.10/32 via XR2. This is no different than basic L3VPN. The difference is just that the route to 20.20.20.20/32 has been redistributed into ISIS at R1.

At hop 5, the label 34, which represents 20.20.20.20/32, is swapped for the VPN label 24003 which comes from XR1. The transport label for XR1 within AS 17819 is pushed on top as well.

At hops 6-7, normal transport switching is preformed. R8 preforms PHP, exposing the service label for 20.20.20.20/32 in VRF CSC to XR1.

At hop 8, XR1 swaps label 24003 for label 18, which it learned from R4 via BGP IPv4-LU. The rest of the path does normal transport switching towards 20.20.20.20/32.

Notice that the service label that XR2 allocated, 24010, is carried end-to-end. This is possible because the CSC CE ↔ CSC PE links are MPLS enabled.

What happens if MPLS is broken at one of the CSC CE - CSC PE links?

Let’s break LDP at the R1-R3 link.

#R1
int gi2.13
 no mpls ip

The LDP session goes down at R3:

A traceroute from R9 to R10 is completely broken, because the traceroute functionality relies on a fully working LSP to the egress PE, which tunnels the ICMP error all the way back to the CE. Without this working, we can only get one hop.

IPv4 reachability between R2 and XR20 is still maintained, because R3 can send unlabeled traffic to R1.

If we traceroute from R2 to XR2, we can see that the packet becomes unlabeled at R3-R1:

We can also verify this in the LFIB of R3. Previously, R3 had an outgoing label for 20.20.20.20/32. Now the outgoing action is no label. Completely disposes the VPN label, which breaks the end-to-end L3VPN LSP.

One more way to troubleshoot this is an OAM traceroute. We enable mpls oam on XR2. The OAM traceroute cannot go beyond R3 because the packet becomes unlabeled.

We then bring the LDP session back up between R1-R3. The OAM traceroute will timeout within the backbone carrier’s core, because the traffic is L3VPN traffic. However, once it gets past the backbone carrier, we should see the OAM packet terminate at 20.20.20.20.

Summary

When it comes down to it, CSC is just about running L3VPN using labels at the CE-PE link. In CSC, the CE-PE link is called CSC CE - CSC PE. The prefixes that the CE advertises to the PE are the internal loopbacks in order to achieve end-to-end LSPs through the backbone carrier. That’s really all there is to it.

We have two options for enabling MPLS at the CSC CE - CSC PE link: LDP in a VRF (only on IOS-XE), and BGP IPv4-LU.

Interestingly, you could have multiple levels of heirarchy if you desired. In this lab, you could have CEs connecting to the customer carrier which are in fact a lower level of customer carrier. The customer carrier would carry the lower level customer carrier’s loopbacks in a VRF. The level of heirarchy is arbitrary. CSC is just the practice of extending an internal MPLS domain via L3VPN of another transit provider, which requires MPLS at the CE-PE links.