Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1207
Views
0
Helpful
5
Replies

Basic MPLS L3 VPN problem

roger perkin
Level 2
Level 2

‎06-15-2011 07:23 AM

I have setup a basic MPLS lab and am trying to get R1 and R11 to run RIP over the VRF PALM

I am running OSPF inside and BGP between PE1 and PE2

I believe why R1 cannot ping R11 is that routes are not being passed between BGP because of the same AS?

PE1:

router bgp 1

no synchronization

bgp log-neighbor-changes

neighbor 55.55.55.55 remote-as 1

neighbor 55.55.55.55 update-source Loopback1

no auto-summary

!

address-family vpnv4

  neighbor 55.55.55.55 activate

  neighbor 55.55.55.55 send-community extended

  neighbor 55.55.55.55 allowas-in

exit-address-family

!

address-family ipv4 vrf PALM

  redistribute rip

  no synchronization

exit-address-family

router rip

version 2

!

address-family ipv4 vrf PALM

  redistribute connected

  redistribute bgp 1 metric 0

  network 192.168.13.0

  no auto-summary

  version 2

exit-address-family

PE2:

router bgp 1

no synchronization

bgp log-neighbor-changes

neighbor 33.33.33.33 remote-as 1

neighbor 33.33.33.33 update-source Loopback1

no auto-summary

!

address-family vpnv4

  neighbor 33.33.33.33 activate

  neighbor 33.33.33.33 send-community extended

  neighbor 33.33.33.33 allowas-in

exit-address-family

!

address-family ipv4 vrf PALM

  redistribute rip

  no synchronization

exit-address-family

router rip

version 2

!

address-family ipv4 vrf PALM

  redistribute connected

  redistribute bgp 1 metric 0

  network 192.168.115.0

  no auto-summary

  version 2

exit-address-family

The RIP routes are in the VRF on both PE1 and PE2 but they are not making it between them.

I am sure I am missing a redistribute command between RIP and BGP and possibly a AS issue,

I have probably put the redistribute in the wrong place? not exactly sure about VRF's etc.

Thanks for any help

Roger

Labels:
Preview file
21 KB
0 Helpful
5 Replies 5

Nagendra Kumar Nainar
Cisco Employee
Cisco Employee

‎06-15-2011 08:16 AM

Hi,

Do you have the RT import/export configuration as required?. Can you get the configuration from both PE devices along with "show ip bgp vpnv4 all" output.

Regards,

Nagendra

0 Helpful

roger perkin
Level 2
Level 2
In response to Nagendra Kumar Nainar

‎06-15-2011 10:03 AM

PE1#show ip bgp vpnv4 all

BGP table version is 7, local router ID is 33.33.33.33

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 111:111 (default for vrf PALM)

*> 1.0.0.0          192.168.13.1             1         32768 ?

*> 11.0.0.0         192.168.13.1             1         32768 ?

*> 192.168.13.0     0.0.0.0                  0         32768 ?

PE1#

PE1#

PE1#sh run

Building configuration...

Current configuration : 2187 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname PE1

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

!

!

ip cef

no ip domain lookup

!

!

ip vrf PALM

rd 111:111

route-target export 111:111

route-target import 111:111

!

mpls label protocol ldp

mpls ldp neighbor 44.44.44.44 password cisco

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface Loopback0

ip address 3.3.3.3 255.255.255.0

!

interface Loopback1

ip address 33.33.33.33 255.255.255.0

!

interface Ethernet0/0

ip address 192.168.34.3 255.255.255.0

half-duplex

mpls ip

!

interface Ethernet0/1

no ip address

half-duplex

!

interface Ethernet0/2

ip vrf forwarding PALM

ip address 192.168.13.3 255.255.255.0

half-duplex

!

interface Ethernet0/3

ip address 192.168.23.3 255.255.255.0

half-duplex

!

interface Ethernet1/0

ip address 192.168.36.3 255.255.255.0

half-duplex

!

interface Ethernet1/1

no ip address

half-duplex

!

interface Ethernet1/2

no ip address

shutdown

half-duplex

!

interface Ethernet1/3

no ip address

shutdown

half-duplex

!

router ospf 1

log-adjacency-changes

redistribute rip

passive-interface default

no passive-interface Ethernet0/0

network 3.3.3.3 0.0.0.0 area 0

network 33.33.33.33 0.0.0.0 area 0

network 192.168.34.3 0.0.0.0 area 0

!

router rip

version 2

!

address-family ipv4 vrf PALM

  redistribute connected

  redistribute bgp 1 metric 0

  network 192.168.13.0

  no auto-summary

  version 2

exit-address-family

!

router bgp 1

bgp log-neighbor-changes

neighbor 55.55.55.55 remote-as 1

neighbor 55.55.55.55 update-source Loopback1

!

address-family ipv4

  redistribute rip

  neighbor 55.55.55.55 activate

  no auto-summary

  no synchronization

exit-address-family

!

address-family vpnv4

  neighbor 55.55.55.55 activate

  neighbor 55.55.55.55 send-community extended

  neighbor 55.55.55.55 allowas-in

exit-address-family

!

address-family ipv4 vrf PALM

  redistribute rip

  no synchronization

exit-address-family

!

ip http server

ip forward-protocol nd

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

!

end

PE2#sh ip bgp vpnv4 all

BGP table version is 5, local router ID is 55.55.55.55

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 111:111 (default for vrf PALM)

*> 111.0.0.0        192.168.115.11           1         32768 ?

*> 192.168.115.0    0.0.0.0                  0         32768 ?

PE2#sh run

Building configuration...

Current configuration : 2189 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname PE2

!

boot-start-marker

boot-end-marker

!

!

no aaa new-model

memory-size iomem 5

!

!

ip cef

no ip domain lookup

!

!

ip vrf PALM

rd 111:111

!

mpls ldp neighbor 44.44.44.44 password cisco

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

!

interface Loopback0

ip address 5.5.5.5 255.255.255.0

ip ospf network point-to-point

!

interface Loopback1

ip address 55.55.55.55 255.255.255.0

!

interface Ethernet0/0

ip address 192.168.45.5 255.255.255.0

half-duplex

mpls ip

!

interface Ethernet0/1

ip address 192.168.57.5 255.255.255.0

half-duplex

!

interface Ethernet0/2

ip address 192.168.58.5 255.255.255.0

half-duplex

!

interface Ethernet0/3

ip vrf forwarding PALM

ip address 192.168.115.5 255.255.255.0

half-duplex

!

interface Ethernet1/0

ip address 192.168.125.5 255.255.255.0

half-duplex

!

interface Ethernet1/1

ip address 192.168.105.5 255.255.255.0

half-duplex

!

interface Ethernet1/2

no ip address

shutdown

half-duplex

!

interface Ethernet1/3

no ip address

shutdown

half-duplex

!

router ospf 1

log-adjacency-changes

redistribute rip

passive-interface default

no passive-interface Ethernet0/0

network 5.5.5.5 0.0.0.0 area 0

network 55.55.55.55 0.0.0.0 area 0

network 192.168.45.5 0.0.0.0 area 0

!

router rip

version 2

!

address-family ipv4 vrf PALM

  redistribute connected

  redistribute bgp 1 metric 0

  network 192.168.115.0

  no auto-summary

  version 2

exit-address-family

!

router bgp 1

bgp log-neighbor-changes

neighbor 33.33.33.33 remote-as 1

neighbor 33.33.33.33 update-source Loopback1

!

address-family ipv4

  redistribute rip

  neighbor 33.33.33.33 activate

  no auto-summary

  no synchronization

exit-address-family

!

address-family vpnv4

  neighbor 33.33.33.33 activate

  neighbor 33.33.33.33 send-community extended

  neighbor 33.33.33.33 allowas-in

exit-address-family

!

address-family ipv4 vrf PALM

  redistribute rip

  no synchronization

exit-address-family

!

ip http server

ip forward-protocol nd

!

!

!

!

!

!

control-plane

!

!

!

!

!

!

!

!

!

line con 0

exec-timeout 0 0

line aux 0

line vty 0 4

login

!

!

end

PE2#

0 Helpful

Marcin Latosiewicz
Cisco Employee
Cisco Employee
In response to roger perkin

‎06-16-2011 12:22 AM

Roger,

This reminds me of a similar setup I've done a few months ago. My case is a bit different but here goes my config (I had to change IP address, but hopefully didn't destroy consistency) 

sh run | s r b
router bgp 100
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 192.2.5.5 remote-as 100
neighbor 192.2.5.5 update-source Loopback0
neighbor 192.2.6.6 remote-as 100
neighbor 192.2.6.6 update-source Loopback0
!
address-family vpnv4
  neighbor 192.2.5.5 activate
  neighbor 192.2.5.5 send-community extended
  neighbor 192.2.5.5 route-reflector-client
  neighbor 192.2.6.6 activate
  neighbor 192.2.6.6 send-community extended
  neighbor 192.2.6.6 route-reflector-client
exit-address-family
!
address-family ipv4 vrf VPN_B
  redistribute rip
  no synchronization
exit-address-family

sh run | s r r
router rip
version 2
!
address-family ipv4 vrf VPN_B
  redistribute bgp 100 metric transparent
  network 192.168.1.0
  no auto-summary
exit-address-family
sh ip bgp vpnv4 vrf VPN_B
BGP table version is 31, local router ID is 192.2.4.4
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 0:2 (default for vrf VPN_B)
*>i0.0.0.0          192.2.6.6                0    100      0 ?
*>i192.2.7.7/32     192.2.6.6                0    100      0 78 i
*>i192.2.8.0/24     192.2.6.6                0    100      0 78 i
*>i192.2.55.55/32   192.2.5.5                0    100      0 i
*>i192.2.66.66/32   192.2.6.6                0    100      0 i
*>i192.1.5.0/24     192.2.5.5                0    100      0 ?
*>i192.1.58.0/24    192.2.5.5                0    100      0 ?
*>i192.1.67.0/24    192.2.6.6                0    100      0 ?
*>i192.1.76.0/24    192.2.6.6                0    100      0 ?
*>i192.1.68.7.0      192.2.6.6                0    100      0 ?
* i                 192.2.6.6                1    100      0 ?
*> 192.1.68.1.0       0.0.0.0                  0         32768 ?

sh ip rip data vrf VPN_B
0.0.0.0/0    auto-summary
0.0.0.0/0    redistributed
    [1] via 192.2.6.6,
192.2.0.0/16    auto-summary
192.2.7.7/32    redistributed
    [1] via 192.2.6.6,
192.2.8.0/24    redistributed
    [1] via 192.2.6.6,
192.2.55.55/32    redistributed
    [1] via 192.2.5.5,
192.2.66.66/32    redistributed
    [1] via 192.2.6.6,
192.1.0.0/16    auto-summary
192.1.5.0/24    redistributed
    [1] via 192.2.5.5,
192.1.58.0/24    redistributed
    [1] via 192.2.5.5,
192.1.67.0/24    redistributed
    [1] via 192.2.6.6,
192.1.76.0/24    redistributed
    [1] via 192.2.6.6,
192.1.68.7.0/24    auto-summary
192.1.68.7.0/24    redistributed
    [1] via 192.2.6.6,
192.1.68.1.0/24    auto-summary


192.1.68.1.0/24    directly connected, FastEthernet0/0

In anyway I would check if those prefixes are redistributed into RIP as the next step ;-)

Marcin

0 Helpful

Nagendra Kumar Nainar
Cisco Employee
Cisco Employee
In response to roger perkin

‎06-16-2011 07:29 AM

Hi,

One Pe2 side, you appears to be missing with route-target import and export. Can you try that and see if it works?.

Regards,

Nagendra

0 Helpful

Thomas Schmitt
Level 1
Level 1
In response to Nagendra Kumar Nainar

‎06-23-2011 09:11 AM

If you are using same AS on both sides, you have to override the AS number.

http://fengnet.com/book/MPLS%20Configuration%20on%20Cisco%20IOS%20Software/ch06lev1sec1.html

0 Helpful
Customers Also Viewed These Support Documents