cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1167
Views
0
Helpful
5
Replies

MP-MGB using CORE VRF for LDP and PE neighbor

Evlaa2021
Level 1
Level 1

I'm setting up a small lab for MP-BGP and MPLS, i've had a similar configuration working before but this time i'm setting up all of he core MPLS routers, PE using a CORE VRF. I'm struggling to get a configuration in place which works using this config. I'm pretty sure if i can get the below config in place it will work:

router bgp 65000
bgp router-id 100.64.0.7
bgp log-neighbor-changes
!
address-family vpnv4

neighbor 100.64.0.10 activate << Unable to add this command
exit-address-family
!
address-family ipv4 vrf CORE
neighbor 100.64.0.10 remote-as 65000
neighbor 100.64.0.10 update-source Loopback0

exit-address-family
!
address-family ipv4 vrf MFT_CORP
redistribute ospf 21
exit-address-family


The BGP neighbor complains if it's not using the correct address family and using the global BGP neighbor config which makes sense. Is there a command i'm missing to allow vpnv4 using a different VRF to the default VRF.

5 Replies 5

Harold Ritter
Level 12
Level 12

Hi @Evlaa2021 ,

Running VPNv4 inside a VRF is not a supported configuration. Can you please explain what it is that you are trying to achieve?

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

For the core MPLS configuration PE<->CORE MPLS routers, CORE MPLS <-> CORE MPLS i wanted this to all be isolated within it's own VRF (called CORE), not using the default routing table. The problem comes when i create iBGP peer between 2x PE routers and add the neighbor statements under the default BGP configuration, see below:   
PE_1#show run | sec bgp
mpls label mode all-vrfs protocol bgp-vpnv4 per-vrf
redistribute bgp 65000 subnets
router bgp 65000
bgp router-id 100.64.0.7
bgp log-neighbor-changes
neighbor 100.64.0.10 remote-as 65000
neighbor 100.64.0.10 update-source Loopback0
!
address-family vpnv4
neighbor 100.64.0.10 activate
neighbor 100.64.0.10 send-community extended
exit-address-family
!
address-family ipv4 vrf CORE
exit-address-family

PE_2(config-router)#do show run | sec bgp
mpls label mode all-vrfs protocol bgp-vpnv4 per-vrf
redistribute bgp 65000 subnets
router bgp 65000
bgp router-id 100.64.0.10
bgp log-neighbor-changes
neighbor 100.64.0.7 remote-as 65000
neighbor 100.64.0.7 update-source Loopback0
!
address-family vpnv4
neighbor 100.64.0.7 activate
neighbor 100.64.0.7 send-community extended
exit-address-family
!
address-family ipv4 vrf CORE
exit-address-family
!

I get the following log when i debug BGP:
PE_2(config-router)#
*Oct 17 04:41:34.165: BGP: 100.64.0.7 Active open failed - no route to peer, open active delayed 6144ms (35000ms max, 60% jitter)

If i configure BGP under the CORE VRF then this message no longer appears  but i'm unable to activate the neighbor under address-family vpnv4. Are you saying this not supported for vpnv4, I'm able to setup MPLS LDP using the CORE VRF by using the following command: mpls ldp router-id vrf CORE Loopback0 force
So it seems like i should be able to use the same VRF for the PE-PE iBGP peers.

Hi @Evlaa2021 ,

Are you saying this not supported for vpnv4, I'm able to setup MPLS LDP using the CORE VRF by using the following command:

> mpls ldp router-id vrf CORE Loopback0 force

LDP inside a VRF has been available for a long time for the Carrier supporting Carrier (CsC) support, but VPNv4 inside a VRF is unsupported.

Any specific reason you want to run the core in a VRF?

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

CE1(R1)-BGP-PE1(R2)-MPLS-PE2(R3)-CE2(R4)

between PE1(R2) and PE2(R3) we run iBGP, and this use LOOP known by R2 and R3 as update source, here these neighbor config under VPNv4

between CE1(R1)-BGP-PE1(R2) & PE2(R3)-CE2(R4) here we run eBGP, and this config under VRF address family. 

the core of using BGP VPNv4 is to carry multi VRF prefix (each VRF is known by RD & RT) from one router to another using only one BGP establish (iBGP or eBGP)and this is done (one BGP ) in global not in any VRF.
and for separation there is separation, the VRF connect to Cust is different than global connect each router inside MPLS Core. 
each one have it separate table and routing, and that give use more advance which make us using for example 
eBGP between CE-PE and using (OSPF + (BGP VPNv4)) between PE-PE 
each prefix inside VPNv4 update is unique by RD & RT.

if you want to run VRF for VPNv4 then why we use VPNv4 in first place??
we can BGP IPv4 VRF for each Cust.