Solved: Re: BGP in PE-CE and MP-BGP running together, unable to reach sp - Page 3

Arun Nair · ‎10-22-2011

Hi experts,

I am just starting out with CCIE(R & S and SP, dont know which one I'm gonna give, I love both). I am just trying to come up with a lab design that I will be constructing based on my mistakes and experiences. I'd like you all to help me out here with this scenario.

The routers I am working on as of now are the ones connected to the FR switch(less important, just plain OSPF over broadcast network), CE4, CE1, CE2, PE1 and PE4.

I am running BGP between CE1-PE1, CE2-PE4, and OSPF between CE1-CE4. MP-BGP runs creating the super backbone between PE1 and PE4(PE2 is just a P router, never found the time to really rename it).

Relevant outputs are given below:

CE1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

B 1.1.1.1 [20/0] via 10.1.1.10, 01:01:21

50.0.0.0/32 is subnetted, 1 subnets

O 50.50.50.50 [110/75] via 10.1.1.1, 00:59:57, Ethernet0/0

70.0.0.0/32 is subnetted, 1 subnets

O 70.70.70.70 [110/75] via 10.1.1.1, 00:59:57, Ethernet0/0

33.0.0.0/32 is subnetted, 1 subnets

O 33.33.33.33 [110/21] via 10.1.1.1, 00:59:57, Ethernet0/0

80.0.0.0/32 is subnetted, 1 subnets

O 80.80.80.80 [110/75] via 10.1.1.1, 00:59:57, Ethernet0/0

20.0.0.0/32 is subnetted, 1 subnets

O 20.20.20.20 [110/75] via 10.1.1.1, 00:59:57, Ethernet0/0

172.19.0.0/16 is variably subnetted, 5 subnets, 2 masks

B 172.19.20.0/30 [20/0] via 10.1.1.10, 00:45:06

O 172.19.10.4/32 [110/138] via 10.1.1.1, 00:59:57, Ethernet0/0

O 172.19.10.1/32 [110/74] via 10.1.1.1, 00:59:57, Ethernet0/0

O 172.19.10.3/32 [110/10] via 10.1.1.1, 00:59:57, Ethernet0/0

O 172.19.10.2/32 [110/74] via 10.1.1.1, 00:59:57, Ethernet0/0

111.0.0.0/32 is subnetted, 1 subnets

C 111.111.111.111 is directly connected, Loopback1

40.0.0.0/32 is subnetted, 1 subnets

O 40.40.40.40 [110/139] via 10.1.1.1, 00:59:57, Ethernet0/0

10.0.0.0/30 is subnetted, 4 subnets

C 10.1.1.8 is directly connected, Ethernet0/1

C 10.1.1.0 is directly connected, Ethernet0/0

O 10.1.1.4 [110/20] via 10.1.1.1, 00:59:57, Ethernet0/0

B 10.1.1.32 [20/0] via 10.1.1.10, 01:01:21

11.0.0.0/24 is subnetted, 1 subnets

C 11.11.11.0 is directly connected, Loopback0

90.0.0.0/32 is subnetted, 1 subnets

O 90.90.90.90 [110/75] via 10.1.1.1, 00:59:57, Ethernet0/0

60.0.0.0/32 is subnetted, 1 subnets

O 60.60.60.60 [110/75] via 10.1.1.1, 00:59:57, Ethernet0/0

30.0.0.0/32 is subnetted, 1 subnets

O 30.30.30.30 [110/11] via 10.1.1.1, 00:59:57, Ethernet0/0

CE1#sh ip bgp su

BGP router identifier 111.111.111.111, local AS number 2

BGP table version is 25, main routing table version 25

20 network entries using 2340 bytes of memory

21 path entries using 1092 bytes of memory

14/12 BGP path/bestpath attribute entries using 1736 bytes of memory

2 BGP AS-PATH entries using 48 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 5216 total bytes of memory

BGP activity 21/1 prefixes, 22/1 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.1.1.10 4 1 71 78 25 0 0 01:02:01 4

CE1#sh ip ospf ne

Neighbor ID Pri State Dead Time Address Interface

30.30.30.30 0 FULL/ - 00:00:30 10.1.1.1 Ethernet0/0

CE1#

----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

PE1#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

200.200.200.0/32 is subnetted, 2 subnets

C 200.200.200.200 is directly connected, Loopback1

O 200.200.200.201 [110/21] via 10.1.1.22, 01:03:42, Ethernet1/1

[110/21] via 10.1.1.18, 01:03:42, Ethernet1/0

10.0.0.0/30 is subnetted, 5 subnets

O 10.1.1.24 [110/20] via 10.1.1.22, 01:03:42, Ethernet1/1

O 10.1.1.28 [110/20] via 10.1.1.18, 01:03:42, Ethernet1/0

C 10.1.1.16 is directly connected, Ethernet1/0

C 10.1.1.20 is directly connected, Ethernet1/1

O 10.1.1.36 [110/20] via 10.1.1.18, 01:03:42, Ethernet1/0

PE1#

PE1#sh ip route vrf CE1

Routing Table: CE1

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

C 1.1.1.1 is directly connected, Loopback0

50.0.0.0/32 is subnetted, 1 subnets

B 50.50.50.50 [20/75] via 11.11.11.11, 01:01:41

70.0.0.0/32 is subnetted, 1 subnets

B 70.70.70.70 [20/75] via 11.11.11.11, 01:01:41

33.0.0.0/32 is subnetted, 1 subnets

B 33.33.33.33 [20/21] via 11.11.11.11, 01:02:55

80.0.0.0/32 is subnetted, 1 subnets

B 80.80.80.80 [20/75] via 11.11.11.11, 01:01:41

20.0.0.0/32 is subnetted, 1 subnets

B 20.20.20.20 [20/75] via 11.11.11.11, 01:01:10

172.19.0.0/16 is variably subnetted, 5 subnets, 2 masks

B 172.19.20.0/30 [200/0] via 200.200.200.201, 00:47:01

B 172.19.10.4/32 [20/138] via 11.11.11.11, 01:01:41

B 172.19.10.1/32 [20/74] via 11.11.11.11, 01:01:41

B 172.19.10.3/32 [20/10] via 11.11.11.11, 01:02:25

B 172.19.10.2/32 [20/74] via 11.11.11.11, 01:01:10

40.0.0.0/32 is subnetted, 1 subnets

B 40.40.40.40 [20/139] via 11.11.11.11, 01:01:41

10.0.0.0/30 is subnetted, 4 subnets

C 10.1.1.8 is directly connected, Ethernet1/2

B 10.1.1.0 [20/0] via 11.11.11.11, 01:02:55

B 10.1.1.4 [20/20] via 11.11.11.11, 01:02:55

B 10.1.1.32 [200/0] via 200.200.200.201, 01:03:18

11.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

S 11.11.11.11/32 [1/0] via 10.1.1.9, Ethernet1/2

B 11.11.11.0/24 [20/0] via 11.11.11.11, 01:02:55

90.0.0.0/32 is subnetted, 1 subnets

B 90.90.90.90 [20/75] via 11.11.11.11, 01:01:41

60.0.0.0/32 is subnetted, 1 subnets

B 60.60.60.60 [20/75] via 11.11.11.11, 01:01:41

30.0.0.0/32 is subnetted, 1 subnets

B 30.30.30.30 [20/11] via 11.11.11.11, 01:02:55

PE1#

PE1#sh ip bg

PE1#sh ip bgp vpa

PE1#sh ip bgp vpn

PE1#sh ip bgp vpnv4 all

BGP table version is 31, local router ID is 200.200.200.200

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 1:1 (default for vrf CE1)

*> 1.1.1.1/32 0.0.0.0 0 32768 i

*> 10.1.1.0/30 11.11.11.11 0 0 2 ?

*> 10.1.1.4/30 11.11.11.11 20 0 2 ?

*> 10.1.1.8/30 0.0.0.0 0 32768 ?

* 11.11.11.11 0 0 2 ?

*>i10.1.1.32/30 200.200.200.201 0 100 0 ?

*> 11.11.11.0/24 11.11.11.11 0 0 2 ?

*> 20.20.20.20/32 11.11.11.11 75 0 2 ?

*> 30.30.30.30/32 11.11.11.11 11 0 2 ?

*> 33.33.33.33/32 11.11.11.11 21 0 2 ?

*> 40.40.40.40/32 11.11.11.11 139 0 2 ?

*> 50.50.50.50/32 11.11.11.11 75 0 2 ?

*> 60.60.60.60/32 11.11.11.11 75 0 2 ?

*> 70.70.70.70/32 11.11.11.11 75 0 2 ?

*> 80.80.80.80/32 11.11.11.11 75 0 2 ?

*> 90.90.90.90/32 11.11.11.11 75 0 2 ?

*> 172.19.10.1/32 11.11.11.11 74 0 2 ?

*> 172.19.10.2/32 11.11.11.11 74 0 2 ?

*> 172.19.10.3/32 11.11.11.11 10 0 2 ?

*> 172.19.10.4/32 11.11.11.11 138 0 2 ?

*>i172.19.20.0/30 200.200.200.201 0 100 0 3 i

PE1#

PE1#sh ip bgp vpnv4 all su

BGP router identifier 200.200.200.200, local AS number 1

BGP table version is 31, main routing table version 31

20 network entries using 2740 bytes of memory

21 path entries using 1428 bytes of memory

23/13 BGP path/bestpath attribute entries using 2852 bytes of memory

2 BGP AS-PATH entries using 48 bytes of memory

2 BGP extended community entries using 48 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 7116 total bytes of memory

BGP activity 21/1 prefixes, 22/1 paths, scan interval 15 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

11.11.11.11 4 2 79 72 31 0 0 01:03:07 17

200.200.200.201 4 1 70 83 31 0 0 01:04:17 2

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

PE4#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

200.200.200.0/32 is subnetted, 2 subnets

O 200.200.200.200 [110/21] via 10.1.1.29, 01:04:40, Ethernet1/0

[110/21] via 10.1.1.25, 01:04:40, Ethernet1/1

C 200.200.200.201 is directly connected, Loopback1

10.0.0.0/30 is subnetted, 5 subnets

C 10.1.1.24 is directly connected, Ethernet1/1

C 10.1.1.28 is directly connected, Ethernet1/0

O 10.1.1.16 [110/20] via 10.1.1.29, 01:04:40, Ethernet1/0

O 10.1.1.20 [110/20] via 10.1.1.25, 01:04:40, Ethernet1/1

O 10.1.1.36 [110/20] via 10.1.1.29, 01:04:40, Ethernet1/0

PE4#

PE4#sh ip route vp

PE4#sh ip route vpn

PE4#sh ip bg

PE4#sh ip bgp vp

PE4#sh ip bgp vpnv4 all

BGP table version is 46, local router ID is 200.200.200.201

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 1:1 (default for vrf CE2)

*>i1.1.1.1/32 200.200.200.200 0 100 0 i

*>i10.1.1.0/30 200.200.200.200 0 100 0 2 ?

*>i10.1.1.4/30 200.200.200.200 20 100 0 2 ?

*>i10.1.1.8/30 200.200.200.200 0 100 0 ?

* 10.1.1.32/30 12.12.12.12 0 0 3 i

*> 0.0.0.0 0 32768 ?

*>i11.11.11.0/24 200.200.200.200 0 100 0 2 ?

*>i20.20.20.20/32 200.200.200.200 75 100 0 2 ?

*>i30.30.30.30/32 200.200.200.200 11 100 0 2 ?

*>i33.33.33.33/32 200.200.200.200 21 100 0 2 ?

*>i40.40.40.40/32 200.200.200.200 139 100 0 2 ?

*>i50.50.50.50/32 200.200.200.200 75 100 0 2 ?

*>i60.60.60.60/32 200.200.200.200 75 100 0 2 ?

*>i70.70.70.70/32 200.200.200.200 75 100 0 2 ?

*>i80.80.80.80/32 200.200.200.200 75 100 0 2 ?

*>i90.90.90.90/32 200.200.200.200 75 100 0 2 ?

*>i172.19.10.1/32 200.200.200.200 74 100 0 2 ?

*>i172.19.10.2/32 200.200.200.200 74 100 0 2 ?

*>i172.19.10.3/32 200.200.200.200 10 100 0 2 ?

*>i172.19.10.4/32 200.200.200.200 138 100 0 2 ?

*> 172.19.20.0/30 12.12.12.12 0 0 3 i

PE4#

PE4#sh ip bgp vpnv4 all su

BGP router identifier 200.200.200.201, local AS number 1

BGP table version is 46, main routing table version 46

20 network entries using 2740 bytes of memory

21 path entries using 1428 bytes of memory

15/13 BGP path/bestpath attribute entries using 1860 bytes of memory

2 BGP AS-PATH entries using 48 bytes of memory

2 BGP extended community entries using 48 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 6124 total bytes of memory

BGP activity 21/1 prefixes, 22/1 paths, scan interval 15 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

12.12.12.12 4 3 53 76 46 0 0 00:48:21 2

200.200.200.200 4 1 84 71 46 0 0 01:05:15 18

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

CE2#ter len 0

CE2#sh ip route

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

B 1.1.1.1 [20/0] via 10.1.1.34, 00:48:51

50.0.0.0/32 is subnetted, 1 subnets

B 50.50.50.50 [20/0] via 10.1.1.34, 00:48:51

100.0.0.0/30 is subnetted, 1 subnets

C 100.100.100.0 is directly connected, Serial1/0

70.0.0.0/32 is subnetted, 1 subnets

B 70.70.70.70 [20/0] via 10.1.1.34, 00:48:51

33.0.0.0/32 is subnetted, 1 subnets

B 33.33.33.33 [20/0] via 10.1.1.34, 00:48:51

80.0.0.0/32 is subnetted, 1 subnets

B 80.80.80.80 [20/0] via 10.1.1.34, 00:48:51

20.0.0.0/32 is subnetted, 1 subnets

B 20.20.20.20 [20/0] via 10.1.1.34, 00:48:51

172.19.0.0/16 is variably subnetted, 5 subnets, 2 masks

C 172.19.20.0/30 is directly connected, Ethernet0/1

B 172.19.10.4/32 [20/0] via 10.1.1.34, 00:48:51

B 172.19.10.1/32 [20/0] via 10.1.1.34, 00:48:51

B 172.19.10.3/32 [20/0] via 10.1.1.34, 00:48:51

B 172.19.10.2/32 [20/0] via 10.1.1.34, 00:48:51

40.0.0.0/32 is subnetted, 1 subnets

B 40.40.40.40 [20/0] via 10.1.1.34, 00:48:51

10.0.0.0/30 is subnetted, 4 subnets

B 10.1.1.8 [20/0] via 10.1.1.34, 00:48:51

B 10.1.1.0 [20/0] via 10.1.1.34, 00:48:51

B 10.1.1.4 [20/0] via 10.1.1.34, 00:48:51

C 10.1.1.32 is directly connected, Ethernet0/0

11.0.0.0/24 is subnetted, 1 subnets

B 11.11.11.0 [20/0] via 10.1.1.34, 00:48:51

12.0.0.0/32 is subnetted, 1 subnets

C 12.12.12.12 is directly connected, Loopback0

90.0.0.0/32 is subnetted, 1 subnets

B 90.90.90.90 [20/0] via 10.1.1.34, 00:48:51

60.0.0.0/32 is subnetted, 1 subnets

B 60.60.60.60 [20/0] via 10.1.1.34, 00:48:51

30.0.0.0/32 is subnetted, 1 subnets

B 30.30.30.30 [20/0] via 10.1.1.34, 00:48:51

CE2#

CE2#sh ip bg

CE2#sh ip bgp su

BGP router identifier 172.19.20.1, local AS number 3

BGP table version is 21, main routing table version 21

20 network entries using 2340 bytes of memory

21 path entries using 1092 bytes of memory

6/4 BGP path/bestpath attribute entries using 744 bytes of memory

2 BGP AS-PATH entries using 48 bytes of memory

0 BGP route-map cache entries using 0 bytes of memory

0 BGP filter-list cache entries using 0 bytes of memory

BGP using 4224 total bytes of memory

BGP activity 20/0 prefixes, 21/0 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

10.1.1.34 4 1 76 53 21 0 0 00:48:54 19

CE2#

CE2#sh ip ospf ne

CE2#

------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

CE4#

CE4#sh ip rout

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

O E2 1.1.1.1 [110/1] via 10.1.1.2, 01:03:56, Ethernet1/0

50.0.0.0/32 is subnetted, 1 subnets

O 50.50.50.50 [110/65] via 172.19.10.1, 01:03:56, Serial0/0

70.0.0.0/32 is subnetted, 1 subnets

O 70.70.70.70 [110/65] via 172.19.10.1, 01:03:56, Serial0/0

33.0.0.0/32 is subnetted, 1 subnets

O 33.33.33.33 [110/11] via 10.1.1.6, 01:03:56, Ethernet1/1

80.0.0.0/32 is subnetted, 1 subnets

O 80.80.80.80 [110/65] via 172.19.10.1, 01:03:56, Serial0/0

20.0.0.0/32 is subnetted, 1 subnets

O 20.20.20.20 [110/65] via 172.19.10.2, 01:03:56, Serial0/0

172.19.0.0/16 is variably subnetted, 5 subnets, 3 masks

O E2 172.19.20.0/30 [110/1] via 10.1.1.2, 00:49:05, Ethernet1/0

O 172.19.10.4/32 [110/128] via 172.19.10.1, 01:03:56, Serial0/0

O 172.19.10.1/32 [110/64] via 172.19.10.1, 01:03:56, Serial0/0

C 172.19.10.0/24 is directly connected, Serial0/0

O 172.19.10.2/32 [110/64] via 172.19.10.2, 01:03:56, Serial0/0

40.0.0.0/32 is subnetted, 1 subnets

O 40.40.40.40 [110/129] via 172.19.10.1, 01:03:56, Serial0/0

10.0.0.0/30 is subnetted, 4 subnets

O 10.1.1.8 [110/20] via 10.1.1.2, 01:03:56, Ethernet1/0

C 10.1.1.0 is directly connected, Ethernet1/0

C 10.1.1.4 is directly connected, Ethernet1/1

O E2 10.1.1.32 [110/1] via 10.1.1.2, 01:03:56, Ethernet1/0

11.0.0.0/32 is subnetted, 1 subnets

O 11.11.11.11 [110/11] via 10.1.1.2, 01:03:56, Ethernet1/0

90.0.0.0/32 is subnetted, 1 subnets

O 90.90.90.90 [110/65] via 172.19.10.1, 01:03:56, Serial0/0

60.0.0.0/32 is subnetted, 1 subnets

O 60.60.60.60 [110/65] via 172.19.10.1, 01:03:56, Serial0/0

30.0.0.0/32 is subnetted, 1 subnets

C 30.30.30.30 is directly connected, Loopback0

CE4#

CE4#sh ip ospf ne

Neighbor ID Pri State Dead Time Address Interface

20.20.20.20 0 FULL/ - 00:01:45 172.19.10.2 Serial0/0

90.90.90.90 0 FULL/ - 00:01:33 172.19.10.1 Serial0/0

33.33.33.33 0 FULL/ - 00:00:33 10.1.1.6 Ethernet1/1

111.111.111.111 0 FULL/ - 00:00:34 10.1.1.2 Ethernet1/0

CE4#

--------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------

Things I am not understanding here are the following:

1. I try pinging from CE2/PE4 to 10.1.1.2/10.1.1.1. They dont ping. The other way around(i.e. pinging from CE4 to 10.1.1.33/10.1.1.34 is a no no).

2. As soon as I remove the redistribution of connected routes in BGP address-family ipv4 on PE1 and PE4, I lose connectivity between CEs. The only subnets pinging with the redistribution configured are the connected routes on each CE.

3. Why dont I understand these things!!!!???????? Ive been bugged up and usually I am lazy enough to even create a new post(you might find this is the first post from my end), but things are going really bad around my learning curve lately, so I decided to buckle up and hence ended up with this post(usually I try to figure it out by myself(of course through Brian McGahans blog posts and through great stuff contributed by the other demi-Gods.)

Configs for all the other routers are given below. Please do not bother about the other routers since I have just IPed them, no other useful configuration exists.

Kishore Chennupati · ‎11-03-2011

Issue:

1. Right now, I have configured BGP addr-families in PE1 and PE2 with redistribute connected. In this case,

I can get a bgp route for the connected subnet across the CEs and can ping the connected subnets. Also, here,

I am unable to ping CE1 to CE2 subnets(except the connected one) and can ping all subnets from CE2 to CE1.Same is the case for PE1 to PE2 and vice-versa.

2. As soon as I remove the redistributed connected command, I am unable to ping anything from PE1 to PE2, and PE2 to PE1, and CE1 to CE2 and CE2 to CE1. I get all the other routes other than the connected vrf routes though.

1 first of all, each af ipv4 vrf vrf-name under router bgp should have at least redistribute connected otherwise the local prefixes are not advertised over the VPNv4 af to the remote PE.

2. When you say ping between the PE's are you pinging the interface where the vrf forwarding is put on? With the redistribute connected it will work because it will source the local interface in the same VRF but once you remove the redis connected and you try to ping it it won't work because it has nothing to source from.

3. You cannot ping any subnet between CE1 and CE2 .

verify with

sh ip bgp vpnv4 all

that each PE receives the routes of the other one.

HTH

Kishore

Arun Nair · ‎11-03-2011

Hi Kishore/Vaibhava,

I will reply to you asap. (On duty ). Please bear with me.

Arun Nair · ‎11-03-2011

Hi Guys,

Really useful insight into the topic. But just for my understanding let me rephrase it in terms of one prefix and see whether I have nailed it:

I am considering the 30.30.30.30/32 prefix, which is somewhere in CE1 or behind the router(should i really care ).

PE1#

PE1#sh ip route vrf CE1 30.30.30.30

Routing entry for 30.30.30.30/32

Known via "bgp 1", distance 20, metric 11

Tag 2, type external

Last update from 11.11.11.11 00:23:16 ago

Routing Descriptor Blocks:

* 11.11.11.11, from 11.11.11.11, 00:23:16 ago

Route metric is 11, traffic share count is 1

AS Hops 1

Route tag 2

PE1#sh ip cef vrf CE1 30.30.30.30 deta

PE1#sh ip cef vrf CE1 30.30.30.30 detail

30.30.30.30/32, version 18, epoch 0, cached adjacency 10.1.1.9

0 packets, 0 bytes

tag information set

local tag: 25

via 11.11.11.11, 0 dependencies, recursive

next hop 10.1.1.9, Ethernet1/2 via 11.11.11.11/32

valid cached adjacency

PE1#sh mpl

PE1#sh mpls fo

PE1#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

16 Pop tag 10.1.1.28/30 0 Et1/0 10.1.1.18

17 Untagged 10.1.1.24/30 0 Et1/1 10.1.1.22

18 Pop tag 10.1.1.36/30 0 Et1/0 10.1.1.18

19 17 200.200.200.201/32 \

0 Et1/0 10.1.1.18

20 Aggregate 1.1.1.1/32[V] 3244

21 Aggregate 10.1.1.8/30[V] 0

PE1#sh mpls forwarding-table vr

PE1#sh mpls forwarding-table vrf CE1

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

20 Aggregate 1.1.1.1/32[V] 3244

21 Aggregate 10.1.1.8/30[V] 0

PE1#sh ip route vrf CE1

Routing Table: CE1

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets

C 1.1.1.1 is directly connected, Loopback0

50.0.0.0/32 is subnetted, 1 subnets

B 50.50.50.50 [20/75] via 11.11.11.11, 00:22:49

70.0.0.0/32 is subnetted, 1 subnets

B 70.70.70.70 [20/75] via 11.11.11.11, 00:22:49

33.0.0.0/32 is subnetted, 1 subnets

B 33.33.33.33 [20/21] via 11.11.11.11, 00:23:49

80.0.0.0/32 is subnetted, 1 subnets

B 80.80.80.80 [20/75] via 11.11.11.11, 00:22:49

20.0.0.0/32 is subnetted, 1 subnets

B 20.20.20.20 [20/75] via 11.11.11.11, 00:22:50

172.19.0.0/16 is variably subnetted, 5 subnets, 2 masks

B 172.19.20.0/30 [200/0] via 200.200.200.201, 00:23:49

B 172.19.10.4/32 [20/138] via 11.11.11.11, 00:22:50

B 172.19.10.1/32 [20/74] via 11.11.11.11, 00:22:50

B 172.19.10.3/32 [20/10] via 11.11.11.11, 00:23:50

B 172.19.10.2/32 [20/74] via 11.11.11.11, 00:22:50

40.0.0.0/32 is subnetted, 1 subnets

B 40.40.40.40 [20/139] via 11.11.11.11, 00:22:50

10.0.0.0/30 is subnetted, 4 subnets

C 10.1.1.8 is directly connected, Ethernet1/2

B 10.1.1.0 [20/0] via 11.11.11.11, 00:23:50

B 10.1.1.4 [20/20] via 11.11.11.11, 00:23:50

B 10.1.1.32 [200/0] via 200.200.200.201, 00:23:49

11.0.0.0/8 is variably subnetted, 2 subnets, 2 masks

S 11.11.11.11/32 [1/0] via 10.1.1.9, Ethernet1/2

B 11.11.11.0/24 [20/0] via 11.11.11.11, 00:23:50

12.0.0.0/32 is subnetted, 1 subnets

B 12.12.12.12 [200/0] via 200.200.200.201, 00:23:49

90.0.0.0/32 is subnetted, 1 subnets

B 90.90.90.90 [20/75] via 11.11.11.11, 00:22:50

60.0.0.0/32 is subnetted, 1 subnets

B 60.60.60.60 [20/75] via 11.11.11.11, 00:22:50

30.0.0.0/32 is subnetted, 1 subnets

B 30.30.30.30 [20/11] via 11.11.11.11, 00:23:51

PE1#

Now, let prefix 30.30.30.30 enters VRF-CE1 on PE1. It gets assigned a VPN label, thanks to the vrf rd and rt configuration and then it is bought to the global bgp vpnv4 table, right?

BGP has imported this prefix into its VPN table, and now the LDP procedure allocates a tag to the prefix.

(the label 25 that I see, is that a vpn label or am I wrong. I am sure we need a vpn label to carry the data through, but where is it? If 25 is the vpn label, then where is the mpls ldp label?????? Confused!!.)

This is where I got stuck.

Also, a noob question that I would like to put in is( to Vaibhava esp based on her explanation above), is it so that in the PE2(My P router here) will see only the tags of the next hops for the prefixes and the connected interfaces? Because I can see only them on the P router. Detail given below:

PE2#sh mpls forwarding-table

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

16 Pop tag 10.1.1.24/30 0 Et1/1 10.1.1.30

17 Pop tag 200.200.200.201/32 \

9245 Et1/1 10.1.1.30

18 Pop tag 10.1.1.20/30 0 Et1/0 10.1.1.17

19 Pop tag 200.200.200.200/32 \

4224 Et1/0 10.1.1.17

PE2#

Thanks for your patience guys. But I really am trying to sort it out somehow.

Kishore Chennupati · ‎11-03-2011

Arun,

I will answer the first part as you have requested the second part to be answered by Vaibhava.

Now, let prefix 30.30.30.30 enters VRF-CE1 on PE1. It gets assigned a VPN label, thanks to the vrf rd and rt configuration and then it is bought to the global bgp vpnv4 table, right?
BGP has imported this prefix into its VPN table, and now the LDP procedure allocates a tag to the prefix.
(the label 25 that I see, is that a vpn label or am I wrong. I am sure we need a vpn label to carry the data through, but where is it? If 25 is the vpn label, then where is the mpls ldp label?????? Confused!!.)
This is where I got stuck.

Label 25 is the VPN label which is assigned by cef on the PE1. This will be then shipped to the remote PE2.

If you want to see the transport label. Then you need to check what label is assigned to the loopback of the PE as this is the transport medium for the VRF prefxes. so if you type sh mpls forwarding-table this will show you the transport label. Remember that the loopback is for the MP-BGP and doesn't belong any one particular vrf. It carries the VPNv4 prefixes for all the VRF's so you dont need to check the forwarding table for the VRF's.

Also remember that the Transport label will not be the same by the time it reaches the other end it will be swapped the P in between.

If you need more info please let me know

HTH

Kishore

Arun Nair · ‎11-04-2011

Hi Kishore.

So the next hop for the prefixes only will be allocated labels, right? Great. That is why I got tags only for /30 connected routes and /32 loopbacks in the P router(PE2). I was thinking whether this was a bug.

So actual prefixes will get only VPN labels and their next hops will get tags. Is that right?

And I so not meant to say that you should not do the honours of answering my question that I intended for Vaibhava. I would love to hear your inputs on the same.

Also, why is it that MPLS vpn label as well as LDP label both are being called as Local tags or TAGS for that matter? I find it to be my main source for confusion, since, for 30.30.30.30/32, I find a local tag of 25(VPN label) and no other label, but for the connected routes in PE1 too, I find LOCAL TAGS in the forwarding table. ?????

Thanks again guys.

Kishore Chennupati · ‎11-04-2011

Hi Arun,

When you turn mpls ip globally every route in the RIB gets a label.But, what I was mentioning was that for the LSP to function properly at control plane and data plane you need to make sure that you have labels for the x/32 which are loopbacks.

tags and labels are used interchangeably. Cisco used to call it tag switching which was legacy. If you have old IOS and enable mpls ip and then run a sh run you will see that the IOS will convert it to "tag-switching ip"

The label 25 is assigned by cef for 30.30.30.30 and since its an IP packet in a VRF it becomes the VPN label. You don't see any other label because its and IP packet and cef takes care of it.

Now, let me give you the golden rule or tracing how labels work etc.

If the labels flow from left to right then the data will flow right to left and vice versa. This rule will help you fix any label issues.

In your case we saw that the cef assigned label 25 on PE1? now this will go from left to right. So as I said before the data will go from left to right. So, lets see what happens on PE2. I am just using an example below and used your ip address

PE32#sh ip cef vrf CustA 30.30.30.30

30.30.30.30/24, version 11, epoch 0

0 packets, 0 bytes

tag information set

local tag: VPN-route-head

fast tag rewrite with Tu0, point2point, tags imposed: {17 25} << Now, you see 2 labels dont worry if u runnig a 3640

via 192.168.3.17, 0 dependencies, recursive

next hop 192.168.3.17, Tunnel0 via 192.168.3.17/32

valid adjacency

tag rewrite with Tu0, point2point, tags imposed: {17 25}

So, now you can see that its learning this via the 192.168.3.17 (remote loopback of PE1). Lets see what label is being used for this ip address. To find this you need to check the LFIB(forwarding table)

PE32#sh mpls forwarding-table 192.168.3.17

Local Outgoing Prefix Bytes tag Outgoing Next Hop

tag tag or VC or Tunnel Id switched interface

17 Pop tag [T] 192.168.3.17/32 0 Tu0 point2point << This is the transport label

So, if you can't see a label in the mpls forwarding table then you have a problem and that means you dont have a transport label.

Does this give you an idea. Just perform the commands that I have put here in your topology and you will see the result yourself.

Kishore

Arun Nair · ‎11-04-2011

Hi Kishore,

Thank you very much. This is what I was trying to understand.

Let me put it in my own words: Locally generated prefixes will not have tag-switching label assigned, since they do not have a next hop in the MPLS cloud, as they originate from a CE. On the remote end, I can see two labels, one is the next hop(loop back label), and this label will be on top of the VPN label. Right?

Question: What if I do not use loopbacks(or is this mandatory for next hops and BGP peers to be loopbacks?) and I decide to use the /30 address PE-P-PE connected subnets? I mean, do aggregate prefixes cause an issue with LSP?

Question: Okay, now I get the concepts of RT and RD to a certain point where I get confused thinking about what should be done if two PEs use same RD for the vrf, have same IP prefixes(private range IPs coming from CE are the same) and need to import those prefixes into their vrfs( would there be such a case like this at all? Or am I going crazy? I mean, its not the why would they, but HOW would they, as they would already be having the same private range prefixes with the same RD assigned in their vrfs, so when the other PE's vrf exports the same prefixes, how do they identify that it is different and welcome it into its own vrf).

Question: Suppose I have an ISP with 1000 PEs. Each will have an RD per vrf and RTs too. These all are being pooled into the MPLS cloud. How does a PE router find the optimum path to build a VPN to a certain PE and to a certain vrf on the PE?

Arun Nair · ‎11-04-2011

Also one more thing guys,

Behind CE1(all those FR routers), I am running OSPF and in CE1, I am redistributing OSPF into BGP and vice versa.

On CE2, I am advertising the networks in BGP directly, no OSPF.

On PE1, I do not get to see tags in forwarding table for CE1 redistributed routes, but in CE2, I do. From CE2 I am not able to ping CE1 but from CE1 it is possible to ping everything. Does the redistribution of OSPF into BGP in CE1 have anything to do with routes not being present in the forwarding table?

However, please note that I can see those redistributed CE1 routes in CE2, so the VPN is carrying the routes for sure. Queer.

BGP in PE-CE and MP-BGP running together, unable to reach specific IPs in CE