cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
390
Views
0
Helpful
0
Replies
Highlighted

Inter-AS Multicast VPN - L3VPN Option B

Hello All guys, 

Hope this post finds you well. I was going over some Inter-AS multicast VPN and at this point im really stuck. I know the final goal its to have a PIM neighbor up for a particular VRF (between PEs), so you can forwards PIM join messages between both AS-s.

I started with a big topology and in order to simplify it and to get to understand how it works, i have reduced it to a few boxes:

AS1 (same for AS2):

3 CSR1000v + 1 IOS XRv

CSR1000v as PE router and another for RR, then 2 ASBRs CSR1000v and an IOS XRv.

Both AS have the same physical topology, connected to one CE each. 

I had L3VPN inter AS option B working perfect with end to end connectivity working just fine.

Then on top of that, i wanted to add support for Multicast VPN (Just Rosen-GRE). I read in one of the multicast VPN configuration guides, that you need to configure the VRF aware ip multicast-routing command in the ASBR when you are using Inter AS option B (i guess just to enable the mdt address command) and also when using a IOS XR as an ASBR you need to enable support for PIM-vector. 

Here below, are the configuration for the 2 PEs, both ASBRs (one XE and one XR) and the RR (just included one as both have identical configurations but different IP addressing):

PE-AS100

vrf definition CUST
rd 100:1
!
address-family ipv4
mdt default 232.0.0.1
mdt data 232.0.1.0 0.0.0.255
route-target export 100:1
route-target import 100:1
exit-address-family
!
address-family ipv6
exit-address-family
!
!
ip multicast-routing distributed
ip multicast-routing vrf CUST distributed
ip multicast vrf CUST rpf proxy rd vector
!
!
ipv6 unicast-routing
!
interface Loopback0
ip address 100.0.0.2 255.255.255.255
ip pim sparse-mode
ip ospf 100 area 0
ipv6 address 2001:100::2/128
!
interface GigabitEthernet2
ip address 100.0.0.17 255.255.255.252
ip pim sparse-mode
ip ospf 100 area 0
negotiation auto
ipv6 address 2001:100::17/127
!
interface GigabitEthernet5
vrf forwarding CUST
ip address 100.0.0.30 255.255.255.252
negotiation auto
ipv6 address 2001:100::30/127
!
router ospf 100
router-id 100.0.0.2
passive-interface Loopback0
mpls ldp autoconfig
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 100.0.0.3 remote-as 100
neighbor 100.0.0.3 update-source Loopback0
neighbor 100.0.0.29 remote-as 400
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 100.0.0.3 activate
neighbor 100.0.0.3 send-community extended
exit-address-family
!
address-family ipv4 mdt
neighbor 100.0.0.3 activate
neighbor 100.0.0.3 next-hop-self
exit-address-family
!
address-family ipv4 vrf CUST
neighbor 100.0.0.29 remote-as 400
neighbor 100.0.0.29 activate
exit-address-family
!
!
!
ip forward-protocol nd
ip pim ssm default
!
mpls ldp router-id Loopback0
!
line con 0
exec-timeout 0 0
logging synchronous
transport preferred none
stopbits 1
line vty 0 4
no login
!
!
end

PE-AS200

vrf definition CUST
rd 100:1
!
address-family ipv4
mdt default 232.0.0.1
mdt data 232.0.1.0 0.0.0.255
route-target export 100:1
route-target import 100:1
exit-address-family
!
address-family ipv6
exit-address-family
!
!
ip multicast-routing distributed
ip multicast-routing vrf CUST distributed
ip multicast vrf CUST rpf proxy rd vector
!
no ip domain lookup
!
!
!
ipv6 unicast-routing
!
interface Loopback0
ip address 200.0.0.2 255.255.255.255
ip pim sparse-mode
ipv6 address 2001:200::2/128
!
interface GigabitEthernet2
ip address 200.0.0.14 255.255.255.252
ip pim sparse-mode
ip router isis 200
negotiation auto
ipv6 address 2001:100::14/127
!
interface GigabitEthernet5
vrf forwarding CUST
ip address 200.0.0.45 255.255.255.252
negotiation auto
ipv6 address 2001:200::45/127
!
router isis 200
net 49.0000.0000.0000.0002.00
is-type level-2-only
metric-style wide
passive-interface Loopback0
mpls ldp autoconfig
!
router bgp 200
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 200.0.0.3 remote-as 200
neighbor 200.0.0.3 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 200.0.0.3 activate
neighbor 200.0.0.3 send-community extended
exit-address-family
!
address-family ipv4 mdt
neighbor 200.0.0.3 activate
neighbor 200.0.0.3 next-hop-self
exit-address-family
!
address-family ipv4 vrf CUST
neighbor 200.0.0.46 remote-as 300
neighbor 200.0.0.46 activate
exit-address-family
!
!
ip pim ssm default
!
!
mpls ldp router-id Loopback0
!
!
line con 0
exec-timeout 0 0
logging synchronous
transport preferred none
stopbits 1
line vty 0 4
no login
!
!
end

ASBR-AS100

vrf definition CUST
rd 100:1
!
address-family ipv4
mdt default 232.0.0.1
mdt data 232.0.1.0 0.0.0.255
exit-address-family
!
!
ip multicast-routing distributed
ip multicast-routing vrf CUST distributed
!
ipv6 unicast-routing
!
interface Loopback0
ip address 100.0.0.1 255.255.255.255
ip pim sparse-mode
ip ospf 100 area 0
ipv6 address 2001:100::1/128
!
interface GigabitEthernet2
ip address 100.0.0.18 255.255.255.252
ip pim sparse-mode
ip ospf 100 area 0
negotiation auto
ipv6 address 2001:100::18/127
!
interface GigabitEthernet6
ip address 100.0.0.61 255.255.255.252
ip pim sparse-mode
negotiation auto
ipv6 address 2001:100::61/127
mpls bgp forwarding
!
router ospf 100
router-id 100.0.0.1
passive-interface Loopback0
mpls ldp autoconfig
!
router bgp 100
bgp log-neighbor-changes
no bgp default ipv4-unicast
no bgp default route-target filter
neighbor 100.0.0.3 remote-as 100
neighbor 100.0.0.3 update-source Loopback0
neighbor 100.0.0.62 remote-as 200
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 100.0.0.3 activate
neighbor 100.0.0.3 send-community extended
neighbor 100.0.0.3 next-hop-self
neighbor 100.0.0.62 activate
neighbor 100.0.0.62 send-community extended
exit-address-family
!
address-family ipv4 mdt
neighbor 100.0.0.3 activate
neighbor 100.0.0.3 next-hop-self
neighbor 100.0.0.62 activate
exit-address-family
!
ip pim ssm default
!
mpls ldp router-id Loopback0
!
!
!
line con 0
exec-timeout 0 0
logging synchronous
transport preferred none
stopbits 1
line vty 0 4
no login
!
!
end

ASBR-AS200

vrf CUST
address-family ipv4 unicast
!
address-family ipv6 unicast
!
!
line console
exec-timeout 0 0
!
interface Loopback0
ipv4 address 200.0.0.4 255.255.255.255
ipv6 address 2001:200::4/128
!
interface GigabitEthernet0/0/0/0
ipv4 address 200.0.0.13 255.255.255.252
ipv6 address 2001:200::13/127
!
interface GigabitEthernet0/0/0/1
ipv4 address 200.0.0.53 255.255.255.252
ipv6 address 2001:200::53/127
!
interface GigabitEthernet0/0/0/2
ipv4 address 200.0.0.25 255.255.255.252
ipv6 address 2001:200::25/127
!
interface GigabitEthernet0/0/0/3
ipv4 address 100.0.0.62 255.255.255.252
ipv6 address 2001:100::62/127
!
route-policy PASS
pass
end-policy
!
route-policy rpf-for-cust
set core-tree pim-default
end-policy
!
router static
address-family ipv4 unicast
100.0.0.61/32 GigabitEthernet0/0/0/3
!
!
router isis 200
is-type level-2-only
net 49.0000.0000.0000.0004.00
address-family ipv4 unicast
metric-style wide
mpls ldp auto-config
!
interface Loopback0
passive
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/1
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/2
address-family ipv4 unicast
!
!
!
router bgp 200
address-family vpnv4 unicast
retain route-target all
!
address-family ipv4 mdt
!
neighbor 200.0.0.3
remote-as 200
update-source Loopback0
address-family vpnv4 unicast
next-hop-self
!
address-family ipv4 mdt
next-hop-self
!
!
neighbor 100.0.0.61
remote-as 100
address-family vpnv4 unicast
route-policy PASS in
route-policy PASS out
!
address-family ipv4 mdt
route-policy PASS in
route-policy PASS out
!
!
vrf CUST
rd 100:1
!
!
mpls ldp
router-id 200.0.0.4
!
multicast-routing
address-family ipv4
interface Loopback0
enable
!
interface GigabitEthernet0/0/0/0
enable
!
interface GigabitEthernet0/0/0/1
enable
!
interface GigabitEthernet0/0/0/2
enable
!
interface GigabitEthernet0/0/0/3
enable
!
mdt source Loopback0
!
vrf CUST
address-family ipv4
mdt source Loopback0
mdt default ipv4 232.0.0.1
mdt data 232.0.1.0/24
!
!
!
router pim
address-family ipv4
rpf-vector
interface Loopback0
enable
!
interface GigabitEthernet0/0/0/0
enable
!
interface GigabitEthernet0/0/0/1
enable
!
interface GigabitEthernet0/0/0/2
enable
!
interface GigabitEthernet0/0/0/3
enable
!
!
vrf CUST
address-family ipv4
rpf topology route-policy rpf-for-cust
!
!
!
end

I know i have some mixed concepts in the configuration above (maybe at this point im kind of dizzy), but i know that this should work something like this:

PIM neighbor has to come up between both PEs in both ASs. for tha tto happen i need to have unicast routing for L3VPN inter AS Option b working properly already (which is). 

Then to add PEs to support ssm on the VRF (configure MDT default), to enable multicast routing vrf aware, to generate the PIM vector and to enable MP-BGP support for MDT SAFI with the RR and in the inter AS link along with VPNV4. For ASBR to recognize PIM vector, enable upport for it under router pim. VRF addition to ASBRs i did it later on in order to see if the problem was that even the MTI was comming up on each individual AS, there was no intra AS PIM neighbor yet (and still none). 

Thanks in advance for your time.

Everyone's tags (3)
CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards