cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
93
Views
1
Helpful
3
Replies
khgrant
Cisco Employee

L3VPN Service (IOS-XR) - config will be merged on every router with different endpoints!

I try to get my fist basic L3VPN Service up and running and I have the following error.

  

If I deploy the first endpoint which is a combination of CE and PE device than everything works fine and the routers will be configured correctly:

admin@ncs(config)# show conf

vpn l3mplsvpn 1

vpn-id   10

customer NCS_CUSTOMER

endpoint 1

ce device   CE_NCS_A1

ce remote-as 10

ce intf-number 0/0/0/1

ce ip-address 10.0.0.1

pe device   PE_A1

pe intf-number 0/0/0/3

pe ip-address 10.0.0.2

!

!

admin@ncs(config)# commit dry-run outformat cli

device CE_NCS_A1

   config {

               cisco-ios-xr:router {

           bgp {

+           bgp-no-instance 10 {  

+               address-family {  

+                   ipv4 {

+                       unicast {

+                           redistribute {

+                               connected {

+                               }

+                           }

+                       }

+                    }

+                 }

+                 neighbor 10.0.0.2 {

+                     remote-as 1;

+                     address-family {

+                         ipv4 {

+                             unicast {

+                                 route-policy in {

+                                     name bgp_in;

+                                 }

+                                 route-policy out {

+                                     name bgp_out;

+                                 }

+                              }

+                           }

+                       }

+                   }

+               }

           }

      }

  }

device PE_A1

—snip—

If I add the second endpoint:

admin@ncs(config)# show conf

vpn l3mplsvpn 1

endpoint 2

    ce device   CE_NCS_B1

  ce remote-as 20

  ce intf-number 0/0/0/1

  ce ip-address 10.0.0.41

  pe device   PE_B1

  pe intf-number 0/0/0/3

  pe ip-address 10.0.0.42

!

!

admin@ncs(config)# commit dry-run outformat cli

device CE_NCS_A1 # It configures again the CE router with the ENDPOINT 1 and 2 configuration which is wrong, it should only configure CE_NCS_B1

   config {

       cisco-ios-xr:router {

           bgp {

               bgp-no-instance 10 {

+                  neighbor 10.0.0.42 {

+                      remote-as 1;

+                      address-family {

+                         ipv4 {

+                             unicast {                   

+                                 route-policy in {

+                                     name bgp_in;

+                                 }

+                                 route-policy out {

+                                     name bgp_out;

+                                 }

+                             }

+                         }

+                     }

+                }

             }

+            bgp-no-instance 20 { # should not be configure on CE_NCS_A1

+                address-family {

+                    ipv4 {

+                        unicast {

+                            redistribute }

+                                connected {

+                                }

+                            }

+                        }

+                    }

+                 }

+                 neighbor 10.0.0.2 {

+                     remote-as 1;

+                     address-family {

+                         ipv4 {

+                             unicast {

+                                 route-policy in {

+                                     name bgp_in;

+                                 }

+                                 route-policy out {

+                                     name bgp_out

+                                 }

+                              }

+                           }

+                        }

+                     }

+                     neighbor 10.0.0.42 { # should not be configure on CE_NCS_A1

+                         remote-as 1;

+                         address-family {

+                            ipv4 {

+                                unicast {

+                                    route-policy in {

+                                        name bgp_in;

+                                    }

+                                    route-policy out {

+                                        name bgp_out;

+                                   }

+                               }

+                           }

+                      }

+                  }

+             }

         }

     }

  }

device CE_NCS_B1 

—snip—             

than the problem is that both CE’s and PE’s from Endpoint 1 + 2 will be configured simultaneously.

Question: What could be the problem here? I have attached the YANG and the XML file, as reference

1 ACCEPTED SOLUTION

Accepted Solutions
khgrant
Cisco Employee

The problem you have is that you are always using absolute paths in your template.

One example is:

<id>{/endpoint/ce/ip-address}</id>

<remote-as>{/endpoint/ce/remote-as}</remote-as>

<description>eBGP peer {/endpoint/ce/device} vrf {/vpn-name}</description>

Here you are evaluating the different XPATH expressions for every element of the endpoint list. If you want to refer to the “remote-as” that correspond to the previous ip-address, you should use relative paths to that ce equipment:

<remote-as>{remote-as}</remote-as

NCS 3.4 has a great template debug feature that would help you understand these errors.

Basically, you can do:

#commit dry-run | debug template

View solution in original post

3 REPLIES 3
khgrant
Cisco Employee

I believe you device needs to be an array    i.e device[0] device[1] etc

khgrant
Cisco Employee

The problem you have is that you are always using absolute paths in your template.

One example is:

<id>{/endpoint/ce/ip-address}</id>

<remote-as>{/endpoint/ce/remote-as}</remote-as>

<description>eBGP peer {/endpoint/ce/device} vrf {/vpn-name}</description>

Here you are evaluating the different XPATH expressions for every element of the endpoint list. If you want to refer to the “remote-as” that correspond to the previous ip-address, you should use relative paths to that ce equipment:

<remote-as>{remote-as}</remote-as

NCS 3.4 has a great template debug feature that would help you understand these errors.

Basically, you can do:

#commit dry-run | debug template

View solution in original post

khgrant
Cisco Employee

Thank you very much for your help. The issue was caused by the absolute XPATH. I have now adjusted the XPATH with relative XPATH, and now it works.

Just for reference if somebody also run into the same issue, I have attached the correct XML with the relative paths.

Here an example of the corrected XPATH vs. the absolute path:

Not working example with absolute path:

             <vrf>

                <name>{/vpn-name}</name>

                <neighbor>

                  <id>{/endpoint/ce/ip-address}</id>

                  <remote-as>{/endpoint/ce/remote-as}</remote-as>

                  <description>eBGP peer {/endpoint/ce/device} vrf {/vpn-name}</description>

                  <address-family>

Corrected  example with relative path path:

              <vrf>

                <name>{string(/vpn-name)}</name>

                <neighbor>

                  <id>{string(../ce/ip-address)}</id>

                  <remote-as>{string(../ce/remote-as)}</remote-as>

                  <description>eBGP peer {string(../ce/device)} vrf {string(/vpn-name)}</description>

                  <address-family>

.BTW: the string will only read the values of the leaves and will not adjust the XPATH in the tree.

Create
Recognize Your Peers
Content for Community-Ad