cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3251
Views
6
Helpful
37
Replies

Clarify next-hop-self in RR

Ethan55
Level 1
Level 1

I have a simple topo as below: 

 

Topology.png

R9 and R13 establish iBGP with RR. R9 is RR client of RR (10.10.10.10). R13 is a normal iBGP neighbor of RR.

I use OSPF and LDP.

R9 and R13 have VRF VPNA and exchange Lo1 as the VPNv4 route. Do Next-hop self in RR.

R13 and R9 learn the VPNv4 route of each other but can not ping each other.

R9#show ip route vrf VPN_A

Routing Table: VPN_A
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
C        172.16.167.0/24 is directly connected, Loopback1
L        172.16.167.1/32 is directly connected, Loopback1
B        172.16.168.0/24 [200/0] via 10.10.10.10, 00:30:41

R13#show ip route vrf VPN_A

Routing Table: VPN_A
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      172.16.0.0/16 is variably subnetted, 3 subnets, 2 masks
B        172.16.167.0/24 [200/0] via 10.10.10.10, 00:31:55
C        172.16.168.0/24 is directly connected, Loopback1
L        172.16.168.1/32 is directly connected, Loopback1

ICMP request out but was dropped at RR. The current configuration:

R13
vrf definition VPN_A
 rd 13.13.13.13:1
 route-target export 999:1
 route-target import 999:1
 !
 address-family ipv4
 exit-address-family
!         

interface Loopback0
 ip address 13.13.13.13 255.255.255.255
!
interface Loopback1
 vrf forwarding VPN_A
 ip address 172.16.168.1 255.255.255.0
!

router ospf 1
 network 13.13.13.13 0.0.0.0 area 0
 network 192.168.23.0 0.0.0.255 area 0
!
router bgp 7552
 bgp log-neighbor-changes
 neighbor 10.10.10.10 remote-as 7552
 neighbor 10.10.10.10 update-source Loopback0
 !
 address-family ipv4
  neighbor 10.10.10.10 activate
 exit-address-family
 !
 address-family vpnv4
  neighbor 10.10.10.10 activate
  neighbor 10.10.10.10 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf VPN_A
  redistribute connected
 exit-address-family
 

R9
vrf definition VPN_A
 rd 9.9.9.9:1
 route-target export 999:1
 route-target import 999:1
 !
 address-family ipv4
 exit-address-family
!
interface Loopback0
 ip address 9.9.9.9 255.255.255.255
!
interface Loopback1
 vrf forwarding VPN_A
 ip address 172.16.167.1 255.255.255.0
!

router ospf 1
 network 9.9.9.9 0.0.0.0 area 0
 network 192.168.29.0 0.0.0.255 area 0
!
router bgp 7552
 bgp log-neighbor-changes
 neighbor 10.10.10.10 remote-as 7552
 neighbor 10.10.10.10 update-source Loopback0
 !
 address-family ipv4
  neighbor 10.10.10.10 activate
 exit-address-family
 !
 address-family vpnv4
  neighbor 10.10.10.10 activate
  neighbor 10.10.10.10 send-community extended
 exit-address-family
 !
 address-family ipv4 vrf VPN_A
  redistribute connected
 exit-address-family
!

RR
router bgp 7552
 bgp router-id 10.10.10.10
 address-family ipv4 unicast
 !
 address-family vpnv4 unicast
 !
 neighbor 9.9.9.9
  remote-as 7552
  update-source Loopback0
  address-family ipv4 unicast
   route-reflector-client
   next-hop-self
   soft-reconfiguration inbound always
  !
  address-family vpnv4 unicast
   route-reflector-client
   next-hop-self
   soft-reconfiguration inbound always
  !
 !
 neighbor 13.13.13.13
  remote-as 7552
  update-source Loopback0
  address-family ipv4 unicast
   next-hop-self
   soft-reconfiguration inbound always
  !
  address-family vpnv4 unicast
  next-hop-self
  soft-reconfiguration inbound always
  !
 !
! 

If I don't Next-hop self in RR, I can ping between VPNA of R13 and R9 successfully. Please help me clarify this case.

Thanks.

37 Replies 37

Hi @Harold Ritter ,

I also think it is caused by version,

Do you have any update version of IOS-XR can share with me.

Thank you.

Hi @Ethan55 ,

Please send me your email address in a private message and I will reach out to you with the information.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Again 

Share show ip bgp vpnv4 all 

Of RR

Ethan55
Level 1
Level 1

Thank you all guys,

I re-test with the different IOS-XR, the same configuration and finally it works well.

The version I am using and working well is:

RP/0/0/CPU0:CKV01#show version
Mon Jul 24 17:42:37.721 UTC

Cisco IOS XR Software, Version 6.0.1[Default]
Copyright (c) 2016 by Cisco Systems, Inc.

I have attached the full config in the attachment.

VPNv4 route in AGG:

RP/0/0/CPU0:CKV01#show bgp vpnv4 unicast
Mon Jul 24 17:57:31.840 UTC
BGP router identifier 10.10.10.10, local AS number 7552
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 17
BGP NSR Initial initsync version 2 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 9.9.9.9:1
*>i172.16.167.0/24 9.9.9.9 0 100 0 ?
Route Distinguisher: 13.13.13.13:1
*>i172.16.168.0/24 13.13.13.13 0 100 0 ?

Processed 2 prefixes, 2 paths

RP/0/0/CPU0:CKV01#show bgp vpnv4 unicast advertised neighbor 9.9.9.9
Mon Jul 24 17:58:06.927 UTC
Route Distinguisher: 13.13.13.13:1
172.16.168.0/24 is advertised to 9.9.9.9
Path info:
neighbor: 13.13.13.13 neighbor router id: 13.13.13.13
valid internal best import-candidate
Received Path ID 0, Local Path ID 1, version 16
Attributes after inbound policy was applied:
next hop: 13.13.13.13
MET ORG AS LOCAL EXTCOMM
origin: incomplete metric: 0 local pref: 100
aspath:
extended community: RT:999:1
Attributes after outbound policy was applied:
next hop: 10.10.10.10
MET ORG AS LOCAL EXTCOMM
origin: incomplete metric: 0 local pref: 100
aspath:
extended community: RT:999:1
originator: 13.13.13.13 cluster list: 10.10.10.10

RP/0/0/CPU0:CKV01#show bgp vpnv4 unicast advertised neighbor 13.13.13.13
Mon Jul 24 17:58:16.386 UTC
Route Distinguisher: 9.9.9.9:1
172.16.167.0/24 is advertised to 13.13.13.13
Path info:
neighbor: 9.9.9.9 neighbor router id: 9.9.9.9
(Received from a RR-client) valid internal best import-candidate
Received Path ID 0, Local Path ID 1, version 17
Attributes after inbound policy was applied:
next hop: 9.9.9.9
MET ORG AS LOCAL EXTCOMM
origin: incomplete metric: 0 local pref: 100
aspath:
extended community: RT:999:1
Attributes after outbound policy was applied:
next hop: 10.10.10.10
MET ORG AS LOCAL EXTCOMM
origin: incomplete metric: 0 local pref: 100
aspath:
extended community: RT:999:1
originator: 9.9.9.9 cluster list: 10.10.10.10

 

Happy news finally' 

Glad you solve issue.

Have a nice summer 

MHM

 

Ethan55
Level 1
Level 1

How can I show which action RR will do if it received MPLS packet from R9 (or R13), MPLS in this case have only one label (VPN label) because I use ldp implicit-null.

Use mpls traceroute, check the label

Then see match label with what RR have in show mpls forwarding 

Hi @Ethan55 ,

"show mpls forwarding" on the RR shows you that the locally assigned VPNv4 label is swapped with the VPNv4 label received from the other PE.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México