Solved: Re: configuring intra as vpnv4 with a small scenario

Muhammad Thanveer · ‎04-19-2013

I have a small setup with two IOS XRs and two IOS routers

I will be unable to test this but need some command reference.

(IOS)R1----->R2(XR)-------R3(XR)<-------R4(IOS)

R2 and R3 are in AS 1 and has vrf named vrf_cu

R1 and R4 are in AS 2

My Igp is configured

I have setup LDP neighbor relation ship between R2 and R3

There is a vpnv4 neighbor relation ship between them

Now My PE to CE protocol is BGP

R1 R2 R3 and R4 has their loopback 1s and R2 and R3 have them in vrf_cu

In R2

Route-policy PASS

pass

end-policy

router bgp 1

mpls activate

vrf vrf_cu

address-family ipv4 unicast

neighbor (R1's directly connected interface)

remote-as 2

redistribute connected

address-family ipv4 labeled unicast

route-policy PASS in

route-policy PASS out

as_override (This is because I have the same as at R4)

end

commit

Static route

add-ipv4 uni

R1's interface and outgoing interface of R2

exit

R1

router bgp 2

no bgp default-ipv4-unicast

neighbor (R2's interface) remote-as 1

add ipv4 uni

neighbor (neighbor ip) activate

neighbor (neighbor ip) send-community both

In the same way at R3 and R4. Now my question is why are we using address-family ipv4 labeled unicast for the commands shown in their?.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Harold Ritter · ‎04-19-2013

well, the route-policy in and out are required for eBGP. In this scenario, the AF vpnv4 unicast would be configured for the iBGP session between PEs (R2 and R3), so no need for the route-policy.

The as-override, on the other hand, would be configured for a specific neighbor under the VRF section of the BGP configuration:

router bgp 100

vrf vpn1

rd 100:1

address-family ipv4 unicast

neighbor 10.0.0.1

remote-as 200

address-family ipv4 unicast

as-override

route-policy pass-all in

route-policy pass-all out

      

Hope this helps

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Harold Ritter · ‎04-20-2013

Hi Thanveer,

That is correct and it is due to the fact that IOS-XR (and IOS as well) uses the same RIB for both labeled and unlabeled IPv4 prefixes.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Harold Ritter · ‎04-19-2013

Hi Thanveer,

If I understand your question, you want to do intra-AS not inter-AS, right? If so, AF ipv4 labeled unicast is not required in this scenario. It would in case you wanted to do inter-AS (option C). In your scenario, you need to use AF vpnv4 unicast between r2 and r3.

Hope this helps

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Muhammad Thanveer · ‎04-19-2013

Hello Harold,

Ok

Do you mean to say route-policy PASS in and PASS out should be in vpnv4 uni AF

As I have same AS no at R1 and R4 I need to use as-override command where should I type it?

I understand I also can use allow-as-in but Please clarify my doubt.

Thanks in Advance

Thanveer

Harold Ritter · ‎04-19-2013

well, the route-policy in and out are required for eBGP. In this scenario, the AF vpnv4 unicast would be configured for the iBGP session between PEs (R2 and R3), so no need for the route-policy.

The as-override, on the other hand, would be configured for a specific neighbor under the VRF section of the BGP configuration:

router bgp 100

vrf vpn1

rd 100:1

address-family ipv4 unicast

neighbor 10.0.0.1

remote-as 200

address-family ipv4 unicast

as-override

route-policy pass-all in

route-policy pass-all out

      

Hope this helps

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Muhammad Thanveer · ‎04-19-2013

Thanks Harold,

Today My day Is Good!!!

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Muhammad Thanveer · ‎04-19-2013

A small question again,

if in inter as vpnv4 (OPTION C) if I donot have same AS no on the otherside then I would not require as-override command right?

only I should put route-policy PASS in and out.

like

address-family ipv4 unicast

rd 1:1

neighbor (R1's directly connected interface)

remote-as 2

as_override (This is because I have the same as at R4)

redistribute connected

route-policy PASS in

route-policy PASS out

address-family ipv4 labeled unicast

route-policy PASS in

route-policy PASS out

send-extended-community-ebgp

end

commit

Am I correct?

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Harold Ritter · ‎04-19-2013

InterAS means that you have two or more service providers, each with its own ASN, collaborating to offer MPLS services.

The as-override command is used on a eBGP session to the CE, in a case where multiple CEs that are part of the same VPN share the same ASN. This is true regardless you are in an intra or inter AS scenario. In the above scenario, you would indeed need as-override on the eBGP sessions to R1 and the one to R4.

The route-policy in and out are always needed on an eBGP session, whether it is AF vpnv4, ipv4 labeled unicast or any other for that matter.

Hope this helps

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Muhammad Thanveer · ‎04-19-2013

thanx Harold.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Muhammad Thanveer · ‎04-20-2013

Hello Harold,

I found this today at http://ieoc.com/forums/p/22920/179608.aspx

In IOS XR, DO NOT turn on both the unlabelled ipv4 unicast and the labelled-unicast for the same peer if you need the routes to have labels, the unlabelled configuration will overwrite the labelled and you will not have a labelled path. Only activate that neighbor under address-family ipv4 labelled-unicast.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."

Harold Ritter · ‎04-20-2013

Hi Thanveer,

That is correct and it is due to the fact that IOS-XR (and IOS as well) uses the same RIB for both labeled and unlabeled IPv4 prefixes.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Muhammad Thanveer · ‎04-20-2013

Thanks Harold.

Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."