02-21-2021 03:28 PM
Hi
I have an small MPLS network with around 30 x ASR920, no P, all routers are PE. 2 of them are running as RR. All works fine.
My Public Internet is running in a VRF, so upstream just peers to a 920 and it sends prefixes to the RR that sends them out. RR are also forwarding traffic. Currently we have a filter on the upstrem BGP peering that filters all but prefixes that the upstream provider AS originates.
(WHY: We have a costumer that only revieves these, and uses us as a paid peering to the upstream providers net)
Now i am ading 2 x ASR9001 to the setup. Each upstream will be connected to a ASR9001. The 9001 will step in and act as a PE router. And in the final setup act as PE/RR.
MY goal is to have the 2 RR (New 9001) to send all routes (Full table) to each other. But when they send routes to the other PE (ASR920) they should then Internet VRF filter out all prefiexes that has my upstream AS number in AS-PATH.
Why: I whould like to have full table on the RR, and i have a costumer onboarding next month, and he needs full table. So my guess, is to let him peer directly with the RR (That has the full table) Like multihop BGP.
BUT how do i prevent the PE (9001 connected to the Internet) from sending all the prefixes (from the full Internet table) to the RR Clients connected to it. They should only have prefixes where my own AS number is in the list.
02-21-2021 04:00 PM
Route Target Constraint is the solution for your issue.
see link above.
02-22-2021 04:12 PM
Hi, Thnaks for your post
In a reguler vrf i have rd MY-ASN:VRF# (Like 3030:500)
Then for my own routes (Orign from my AS and from my costumers) i will give them ASN:VRF#1 (Like 3030:500) and for all the routes in the same VRF from the Internet i will give them ASN:VRF#2 (Like 3030:501)
And for PE routers that will handle full table i import both 3030:500 and 3030:501
As i read this will also work for routers that does not support Route Target Constraint. They will revieve all the routes, but just not install them in the routing table due to ASN:VRF#2 not in the import state in the VRF config.
Is this the best way to solve this, or is there an other way ?
02-23-2021 05:49 AM
not support route target constraint
the PE will receive all route from RR and then deny it, i.e. this filter is done by PE
But
with RTC the filter is done in RR.
RTC is what I know there is other solution which I not full know if it solve this issue or not
which is use BGP server route
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide