User guide
MPLS Module Installation and User Guide 7-11
TLS VPN Configuration Examples
Basic MPLS TLS Configuration Example
This MPLS TLS network configuration shown in Figure 7-1, is based on the routed
MPLS network configuration example, shown in Figure 4-1.
Figure 7-1: MPLS TLS configuration example
In this configuration example, a new VLAN, unc-wilmington, is configured on LSR 4,
with a router interface of 9.9.9.1/24. Because TLS provides Layer-2 transport capabilities
over MPLS, both TLS VLANs are part of the same IP subnet. Exporting of direct
interfaces is disabled so that external OSPF routers are not exported into the backbone
area.
The commands used to create a TLS Tunnel between LSR 1 and LSR 4 follow.
The following command creates a TLS tunnel to the 11.0.4.11 for traffic originating from
VLAN unc:
config mpls add tls-tunnel rt40 11.0.4.11 unc tls-labels 8f001 8f004
MPLS_19
LSR 3
Router ID =11.0.3.11
LSR 4
Router ID =11.0.4.11
LSR 1
Router ID =11.0.1.11
LSR 2
Router ID =11.0.2.11
OSPF backbone area
and
MPLS domain
11.0.1.0/24
vlan1
11.0.3.0/24
vlan3
11.0.2.0/24
vlan2
11.0.4.0/24
vlan4
9.9.9.0/24
unc-
wilmington
9.9.9.0/24
unc
TLS Tunnel