How To modify the next hop in This L3 VPN scenario?

xZamalek · ‎04-04-2020

Dears,

Could you please advise on how can i modify the next hop of customer A & B so when they leak routes to each other the next hop can be reachable ? they are currently use the same address space and they can see the loopbacks of each other already

but the next hop for CE-B1 is 10.1.1.6 (which is not reachable and wont be because customer B using the same subnet).

CE-A1#sh ip rout

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback0
6.0.0.0/32 is subnetted, 1 subnets
O E2 6.6.6.6 [110/1] via 10.1.1.6, 00:41:18, FastEthernet0/0
10.0.0.0/24 is subnetted, 2 subnets
C 10.10.10.0 is directly connected, Loopback10
C 10.1.1.0 is directly connected, FastEthernet0/0
CE-A1#

CE-B1#sh ip rou

Gateway of last resort is not set

1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 [20/0] via 10.1.1.1, 00:42:00
6.0.0.0/32 is subnetted, 1 subnets
C 6.6.6.6 is directly connected, Loopback0
7.0.0.0/32 is subnetted, 1 subnets
B 7.7.7.7 [20/0] via 10.1.1.2, 00:42:40
10.0.0.0/24 is subnetted, 1 subnets
C 10.1.1.0 is directly connected, FastEthernet0/0

PE-1#sh run
Building configuration...

Current configuration : 3179 bytes

!

ip vrf A
rd 2:2
route-target export 7:7
route-target export 5:5
route-target import 7:7
route-target import 5:5
!
ip vrf B
rd 1:1
route-target export 300:300
route-target export 5:5
route-target import 200:200
route-target import 5:5
!

!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Loopback50
ip vrf forwarding A
ip address 60.60.60.60 255.255.255.0
!
interface FastEthernet0/0
ip vrf forwarding A
ip address 10.1.1.2 255.255.255.0
duplex auto
speed auto
!
interface Serial0/0
ip address 23.23.23.2 255.255.255.0
mpls ip
clock rate 2000000
!
interface FastEthernet0/1
ip vrf forwarding B
ip address 10.1.1.2 255.255.255.0
duplex auto
speed auto

interface Vlan1
no ip address
!
router ospf 2 vrf A
log-adjacency-changes
redistribute bgp 5000 subnets
network 10.1.1.0 0.0.0.255 area 0
!
router ospf 1
log-adjacency-changes
network 2.2.2.0 0.0.0.0 area 0
network 2.2.2.0 0.0.0.3 area 0
network 23.23.23.0 0.0.0.255 area 0
!
router bgp 5000
no synchronization
bgp log-neighbor-changes
neighbor 4.4.4.4 remote-as 5000
neighbor 4.4.4.4 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 4.4.4.4 activate
neighbor 4.4.4.4 send-community extended
neighbor 4.4.4.4 next-hop-self
exit-address-family
!
address-family ipv4 vrf B
neighbor 10.1.1.6 remote-as 1
neighbor 10.1.1.6 activate
neighbor 10.1.1.6 as-override
no synchronization
exit-address-family
!
address-family ipv4 vrf A
redistribute ospf 2 vrf A match internal external 1 external 2
no synchronization
exit-address-family

PE-1#

rais · ‎04-05-2020

Hi,

If there is an issue with next-hop why are loopbacks still advertised and accepted? Don't they have the next-hops you are questioning?

Thanks.

LinhNguyen15326 · ‎04-05-2020

i think you need adv subnet connect for each vrf

xZamalek · ‎04-05-2020

The next hop for 6.6.6.6 on router CE-A1 is 10.1.1.6 (f0/0 on CE-B1) , router CE-A1 doesn't have a valid route to reach this IP.

CCIE28 · ‎04-06-2020

Routing is not involved here as all ips are on the same broadcast domain. CEs will not search for a route for 10.1.1.x instead they'll arp for it.
Moreover, the routes for the loopbacks are already in the rt. The router won't install it if the next hop is not reacable.
Can you show the arp table for the respective next hops on the CEs and PE?