06-20-2008 01:18 PM
I have a lab environment where I'm duplicating our production network (to a small scale). I have the following:
C3550--C6503--ME6524--C3550
CE#1 PE#1 PE#2 CE#2
I have the 3550's participating at CE's to the C6503 ad ME6524 as PE's. At each CE, I can see the other CE's uplink subnet, but not the subnet assigned to the loopback interface on the other CE.
I have included the relevant portions of the configurations for each of the switches involved. I'm certain that I'm overlooking something very simple, but I cannot find why the routes don't propagate to the other side. Any help is greatly appreciated!
Michael
06-20-2008 02:10 PM
Hi Michael,
the same AS number is used in CE1 & CE2 so they will not accept routes coming from the same AS number so you need to configure: neighbor x.x.x.x as-override into PE1 & PE2 under address-family ipv4 vrf Customer1 so the PE will send bgp update with AS [10 10] instead of [10 1001].
Regards,W.Amer
06-21-2008 12:50 AM
Hi All,
Just to add to Waleed's suggestion, you can also use the allowas-in feature on the CE router (to disable the AS-Path check in the first place), but with either cases i'd recommend you to configure SOO if a backdoor is present between VPN sites or if a site is dual-homed (sites that are connected to two or more PE routers) since you have overriden the eBGP loop prevention mechanisms.
BR,
Mohammed Mahmoud.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: