Contents. Introduction. Prerequisites. Configure. Requirements. Components Used

Similar documents
IOS Implementation of the ibgp PE CE Feature

UniNets MPLS LAB MANUAL MPLS. UNiNets Multiprotocol label Switching MPLS LAB MANUAL. UniNets MPLS LAB MANUAL

MPLS VPN--Inter-AS Option AB

This document is not restricted to specific software and hardware versions.

MPLS VPN Carrier Supporting Carrier Using LDP and an IGP

BGP Event-Based VPN Import

Deploy MPLS L3 VPN. APNIC Technical Workshop October 23 to 25, Selangor, Malaysia Hosted by:

Troubleshooting LSP Failure in MPLS VPN

MPLS VPN Inter-AS Option AB

Configuring BGP: RT Constrained Route Distribution

MPLS VPN Carrier Supporting Carrier Using LDP and an IGP

MPLS VPN C H A P T E R S U P P L E M E N T. BGP Advertising IPv4 Prefixes with a Label

MPLS VPN Multipath Support for Inter-AS VPNs

BGP Best External. Finding Feature Information

MPLS VPN Route Target Rewrite

Route Leaking in MPLS/VPN Networks

MPLS over GRE. Finding Feature Information. Prerequisites for MPLS VPN L3VPN over GRE

MPLS VPN Inter-AS with ASBRs Exchanging VPN-IPv4 Addresses

InterAS Option B. Information About InterAS. InterAS and ASBR

BGP Cost Community. Prerequisites for the BGP Cost Community Feature

The information in this document is based on Cisco IOS Software Release 15.4 version.

Layer3 VPN with OSPF Protocol between CE-PE

MPLS VPN Carrier Supporting Carrier

Layer3 VPN with RIP protocol between CE-PE

BGP Next Hop Unchanged

BGP-VPN Distinguisher Attribute

BGP mvpn BGP safi IPv4

ibgp Multipath Load Sharing

BGP-MVPN SAFI 129 IPv6

BGP Event-Based VPN Import

HP FlexFabric 7900 Switch Series

Multi-VRF Support. Finding Feature Information. Prerequisites for Multi-VRF Support

BGP Graceful Shutdown

OSPF Sham-Link Support for MPLS VPN

HP FlexFabric 5930 Switch Series

MPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution

Deploy VPLS. APNIC Technical Workshop October 23 to 25, Selangor, Malaysia Hosted by:

Configuring MPLS L3VPN

ibgp Multipath Load Sharing

MPLS VPN Carrier Supporting Carrier IPv4 BGP Label Distribution

MPLS: Layer 3 VPNs: Inter-AS and CSC Configuration Guide, Cisco IOS Release 15SY

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

MPLS VPN Inter-AS IPv4 BGP Label Distribution

Impact Analysis in MPLS Networks

Border Gateway Protocol (BGP) Optimal Route Reflection

HPE FlexFabric 5940 Switch Series

BGP Link Bandwidth. Finding Feature Information. Prerequisites for BGP Link Bandwidth

Configuring IPv6 VPN Provider Edge over MPLS (6VPE)

address-family ipv4 vrf vrf-name - Selects a per-vrf instance of a routing protocol.

GRE Tunnel with VRF Configuration Example

Operation Manual MCE H3C S3610&S5510 Series Ethernet Switches. Table of Contents

IPv6 Switching: Provider Edge Router over MPLS

MPLS VPN Half-Duplex VRF

Configuring MPLS L3VPN

Complex MPLS VPN with OSPF on CE-PE Routers

FlexVPN HA Dual Hub Configuration Example

Cisco Training - HD Telepresence MPLS: Implementing Cisco MPLS V3.0. Upcoming Dates. Course Description. Course Outline

BGP Diverse Path Using a Diverse-Path Route Reflector

HP A5820X & A5800 Switch Series MPLS. Configuration Guide. Abstract

Configuring IPv6 Provider Edge over MPLS (6PE)

Contents. Introduction. Prerequisites. Requirements. Components Used

Configuring BGP community 43 Configuring a BGP route reflector 44 Configuring a BGP confederation 44 Configuring BGP GR 45 Enabling Guard route

LAB 10: Configure BGP Route Dampening


IPv6 Switching: Provider Edge Router over MPLS

Chapter 6 Lab 6-4, BGP Route Reflectors and Route Filters

Configuring Multicast VPN Inter-AS Support

Configuration prerequisites 45 Configuring BGP community 45 Configuring a BGP route reflector 46 Configuring a BGP confederation 46 Configuring BGP

AS 100 AS 300. Lab -1 Private Communities - II .1 S1/2. Task 1. On R1: / / /24. Configure the above topology.

BGP Support for the L2VPN Address Family

Multiprotocol BGP Extensions for IP Multicast Commands

Multiprotocol Label Switching Virtual Private Network

Multi-Protocol Label Switching (MPLS) Support

Connecting to a Service Provider Using External BGP

Protecting an EBGP peer when memory usage reaches level 2 threshold 66 Configuring a large-scale BGP network 67 Configuring BGP community 67

PASS4TEST. IT Certification Guaranteed, The Easy Way! We offer free update service for one year

Cisco Exam Implementing Cisco Service Provider Next-Generation Egde Network Services Version: 7.0 [ Total Questions: 126 ]

WAN Edge MPLSoL2 Service

MPLS design. Massimiliano Sbaraglia

Connecting to a Service Provider Using External BGP

Configuring MPLS, MPLS VPN, MPLS OAM, and EoMPLS

How BGP Routers Use the Multi Exit Discriminator for Best Path Selection

HP 5920 & 5900 Switch Series

BGP FlowSpec Route-reflector Support

Configure the IPv6 BGP Local Preference Feature

Exam : Title : BGP + MPLS Exam (BGP + MPLS)

Implementing MPLS VPNs over IP Tunnels

BGP Persistence. Restrictions for BGP Persistence. Information About BGP Persistence

BGP Commands. Network Protocols Command Reference, Part 1 P1R-355

CCIE R&S Techtorial MPLS

Implementing DCI VXLAN Layer 3 Gateway

Routing Design. Transit Routing. About Transit Routing

Segment Routing On Demand Next Hop for L3/L3VPN

MPLS L3VPN. The MPLS L3VPN model consists of three kinds of devices: PE CE Site 2. Figure 1 Network diagram for MPLS L3VPN model

Configuring Scalable Hub-and-Spoke MPLS VPNs

IP Routing: BGP Command Reference, Cisco IOS XE Release 3SE (Catalyst 3850 Switches)

Configuring multicast VPN

BGP MPLS VPNs. Introduction

Introduction to External Connectivity

Configuring MPLS and EoMPLS

Transcription:

Contents Introduction Prerequisites Requirements Components Used Configure Network Diagram Configurations CE1 CE2 PE1 PE2 Verify Case 1: Accepting and exchanging customer routes over MP-BGP Case 2: Leaking routes from one VRF to another. Workaround Related Cisco Support Community Discussions Introduction This document discusses inter VRF route leaking when customer edge (CE) and provider edge (PE) are running internal BGP (ibgp) protocol. It discusses current limitation with route-leaking and a workaround for it as well. Prerequisites Requirements Cisco recommends that you have basic knowledge of BGP. Components Used The information in this document was created from the devices in a specific lab environment. All of the devices used in this document started with a cleared (default) configuration. If your network is live, make sure that you understand the potential impact of any command. Configure The support for ibgp as PE to CE protocol was not supported earlier. However, this has been incorporated now and ibgp also can be considered as a potential candidate for PE to CE routing. This feature allows customers to have one single autonomous system across all sites. To achieve this a new attribute ATTR_SET has been introduced that carries the VPN BGP attributes across service provider network in a transparent manner. Also, it requires to make the PE as routereflector for ibgp session with CE router. Newly introduced command " neighbor x.x.x.x internal

vpn-client" helps achieve this. When this single command is configured, it automatically configures "neighbor x.x.x.x route-reflector-client" and "neighbor x.x.x.x next-hop-self". Network Diagram Configurations CE1 CE2 interface Loopback10 ip address 10.20.0.1 255.255.255.0 interface Ethernet0/1 ip address 10.0.45.5 255.255.255.0 bgp router-id 10.5.5.5 bgp log-neighbor-changes neighbor 10.0.45.4 remote-as 100 network 10.20.0.0 mask 255.255.255.0 neighbor 10.0.45.4 activate PE1 vrf definition A rd 10:10 route-target export 100:100 route-target import 100:100 vrf definition B rd 20:20 route-target import 50:50 route-target import 100:100 interface Loopback0

ip address 10.2.2.2 255.255.255.255 ip ospf 100 area 0 interface Ethernet0/0 vrf forwarding A ip address 10.0.12.2 255.255.255.0 interface Ethernet0/1 ip address 10.0.23.2 255.255.255.0 mpls ip bgp router-id 10.2.2.2 bgp log-neighbor-changes neighbor 10.4.4.4 remote-as 100 neighbor 10.4.4.4 update-source Loopback0 address-family vpnv4 neighbor 10.4.4.4 activate neighbor 10.4.4.4 send-community extended vrf A neighbor 10.0.12.1 remote-as 100 neighbor 10.0.12.1 activate neighbor 10.0.12.1 internal-vpn-client // needed to exchange routes between PEs neighbor 10.0.12.1 next-hop-self vrf B PE2 vrf definition A rd 10:10 route-target export 100:100 route-target import 100:100 interface Loopback0 ip address 10.4.4.4 255.255.255.255 ip ospf 100 area 0 interface Ethernet0/0 ip address 10.0.34.4 255.255.255.0 mpls ip interface Ethernet0/1 vrf forwarding A ip address 10.0.45.4 255.255.255.0 bgp router-id 10.4.4.4 bgp log-neighbor-changes neighbor 10.2.2.2 remote-as 100 neighbor 10.2.2.2 update-source Loopback0 address-family vpnv4 neighbor 10.2.2.2 activate

neighbor 10.2.2.2 send-community extended vrf A neighbor 10.0.45.5 remote-as 100 neighbor 10.0.45.5 activate neighbor 10.0.45.5 internal-vpn-client //needed to exchange routes between PEs neighbor 10.0.45.5 route-reflector-client neighbor 10.0.45.5 next-hop-self Verify Case 1: Accepting and exchanging customer routes over MP-BGP As discussed earlier, ibgp as PE to CE requires configuration of BGP peering with customer inside VRF with command "neighbor x.x.x.x internal vpn-client". In the absence of this command, local PE accepts the routes from local CE in VRF, however these customer routes are not shared via MP-BGP with other PR routers. Below outputs have been taken with "neighbor x.x.x.x internal vpn-client" pre-configured. Below output shows routes in vrf A on PE1 and PE2. PE1#show ip route vrf A C 10.0.12.0/24 is directly connected, Ethernet0/0 L 10.0.12.2/32 is directly connected, Ethernet0/0 B 10.10.0.0/24 [200/0] via 10.0.12.1, 00:35:23 B 10.20.0.0/24 [200/0] via 10.4.4.4, 00:40:55 PE2#show ip route vrf A

C 10.0.45.0/24 is directly connected, Ethernet0/1 L 10.0.45.4/32 is directly connected, Ethernet0/1 B 10.10.0.0/24 [200/0] via 10.2.2.2, 00:00:08 B 10.20.0.0/24 [200/0] via 10.0.45.5, 00:41:55 CE1#show ip route bgp 10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks B 10.20.0.0/24 [200/0] via 10.0.12.2, 00:03:56 CE2#show ip route bgp 10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks B 10.10.0.0/24 [200/0] via 10.0.45.4, 00:04:21 Case 2: Leaking routes from one VRF to another. Case 1, successfully demonstrated exchange of routes between CE1 and CE2. Now consider another vrf B that needs to install routes in vrf A into itself. Regular method is to use export-map value in VRF A and import same value in VRF B as shown below. PE1#show ip route vrf A

C 10.0.12.0/24 is directly connected, Ethernet0/0 L 10.0.12.2/32 is directly connected, Ethernet0/0 B 10.10.0.0/24 [200/0] via 10.0.12.1, 00:35:23 B 10.20.0.0/24 [200/0] via 10.4.4.4, 00:40:55 PE2#show ip route vrf A C 10.0.45.0/24 is directly connected, Ethernet0/1 L 10.0.45.4/32 is directly connected, Ethernet0/1 B 10.10.0.0/24 [200/0] via 10.2.2.2, 00:00:08 B 10.20.0.0/24 [200/0] via 10.0.45.5, 00:41:55 CE1#show ip route bgp 10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks B 10.20.0.0/24 [200/0] via 10.0.12.2, 00:03:56 CE2#show ip route bgp 10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks B 10.10.0.0/24 [200/0] via 10.0.45.4, 00:04:21 When above configuration is done, VRF B fails to install any of the BGP route that was received

from local CE. However, routes received from other PEs via MP-BGP are successfully installed as show below in output. 10.20.0.0/24 belongs to CE and that is successfully received in VRF A and is also exported to VRF B. But 10.10.0.0/24 received locally from CE1 fails to enter VRF B. PE1#show ip route vrf A bgp B 10.10.0.0/24 [200/0] via 10.0.12.1, 00:12:35 B 10.20.0.0/24 [200/0] via 10.4.4.4, 00:54:22 PE1#show ip route vrf B Routing Table: B 10.0.0.0/24 is subnetted, 1 subnets B 10.20.0.0 [200/0] via 10.4.4.4, 00:46:38 This problem of VRF route leaking of local CE route from VRF A to B is seen only till the point "neighbor x.x.x.x internal vpn-client" is configured. As soon as this command is removed from PE1, VRF B is able to successfully see local CE1 route 10.10.0.0/24 as well as shown below. vrf A no neighbor 10.0.12.1 internal-vpn-client PE1#show ip route vrf B bgp Routing Table: B

10.0.0.0/24 is subnetted, 2 subnets B 10.10.0.0 [200/0] via 10.0.12.1 (A), 00:00:11 B 10.20.0.0 [200/0] via 10.4.4.4, 00:58:33 And remote site B, stops receiving site A's routes (as neighbor x.x.x.x internal vpn-client has been removed). PE2#show ip route vrf A bgp 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks B 10.20.0.0/24 [200/0] via 10.0.45.5, 01:04:21 // 10.10.0.0/24 is missing. This is a limitation and an enhancement bug CSCuw43489 has already been filed to fix this problem. Workaround There is a workaround that is available to check above discussed problem. This workaround does allow to import routes from VRF A to VRF B in the presence of command "neighbor x.x.x.x internal vpn-client". This workaround requires to set a dummy community (50:50 done in example below) when importing routes from customer. Import this dummy extended community into vrf B. route-map TEST, permit, sequence 10 Match clauses: Set clauses: extended community RT:50:50 Policy routing matches: 0 packets, 0 bytes vrf definition B rd 20:20 route-target import 100:100 route-target import 50:50 vrf A neighbor 10.0.12.1 route-map TEST in // match dummy community // Set dummy community PE1#show bgp vpnv4 uni vrf B 10.10.0.0 BGP routing table entry for 20:20:10.10.0.0/24, version 4 Paths: (1 available, best #1, table B) Not advertised to any peer Refresh Epoch 1 Local, (Received from ibgp-pece RR-client), imported path from 10:10:10.10.0.0/24 (A) 10.0.12.1 (via vrf A) (via A) from 10.0.12.1 (10.1.1.1)

Origin IGP, metric 0, localpref 100, valid, internal, best Extended Community: RT:50:50 rx pathid: 0, tx pathid: 0x0 PE1#show ip route vrf B Routing Table: B 10.0.0.0/24 is subnetted, 2 subnets B 10.10.0.0 [200/0] via 10.0.12.1 (A), 00:00:25 B 10.20.0.0 [200/0] via 10.4.4.4, 00:00:25 As shown above, this workaround makes route 10.10.0.0/24 present in VRF A install in VRF B.

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback