cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
958
Views
0
Helpful
3
Replies

MPLS VPN core with MP-BGP Condefederation

jgomezve
Cisco Employee
Cisco Employee

Hello all,

 

 

I am trying to set up a MPLS with BGP core, using confederations in order to have the iBGP full mesh. While configuring it, I faced this situation

 

R1 establishes an eBGP connection with R2

R2 establishes an iBGP connection with R3

 

R1 and R3 are PE routers, therefore they have the 'address-family ipv4 vrf VRF_NAME' and the respective VRF configured on it.

 

After activating the neighbors in the 'address-family vpnv4' I see that the neighbors are up but no prefixes are being exchanged between R1 <-> R2 and R2 <-> R3. As a result R1 does not get the vpnv4 prefixes learned by R3 and viceversa.

 

While debugging it I decided  to create the VRF in R2 as well, and to create 'address-family ipv4 vrf VRF_NAME ' in the bgp configuration. This worked, but I have not found any explanation whether this is the right way to configure it or not.

 

Normally I configure the BGP core using Route Reflectors and with this approach the VRF(s) and the 'address family ipv4 vrf VRF_NAME' do not have to be configured on the RR Router.

 

Here the configuration of the BGP processes 

 

!------------------------------------------!

!---R3

router bgp 65023
bgp log-neighbor-changes
bgp confederation identifier 65000
bgp confederation peers 65121
no bgp default ipv4-unicast
neighbor 192.168.0.1 remote-as 65121
neighbor 192.168.0.1 ebgp-multihop 255
neighbor 192.168.0.1 update-source Loopback0
neighbor 192.168.0.2 remote-as 65023
neighbor 192.168.0.2 update-source Loopback0
!
address-family ipv4
network 192.168.0.3 mask 255.255.255.255
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 next-hop-self
exit-address-family
!
address-family vpnv4
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 send-community extended
exit-address-family
!
address-family ipv4 vrf SiteA
network 192.168.100.3 mask 255.255.255.255
redistribute ospf 10
exit-address-family

!------------------------------------------!

!---R2

iosv-2#sh run | s bgp
router bgp 65023
bgp log-neighbor-changes
bgp confederation identifier 65000
bgp confederation peers 65108 65121
no bgp default ipv4-unicast
neighbor 192.168.0.1 remote-as 65121
neighbor 192.168.0.1 ebgp-multihop 3
neighbor 192.168.0.1 update-source Loopback0
neighbor 192.168.0.3 remote-as 65023
neighbor 192.168.0.3 update-source Loopback0
neighbor 192.168.0.8 remote-as 65108
neighbor 192.168.0.8 ebgp-multihop 3
neighbor 192.168.0.8 update-source Loopback0
!
address-family ipv4
network 192.168.0.2 mask 255.255.255.255
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-community
neighbor 192.168.0.3 activate
neighbor 192.168.0.3 send-community
neighbor 192.168.0.8 activate
neighbor 192.168.0.8 send-community
exit-address-family
!
address-family vpnv4
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-community extended
neighbor 192.168.0.3 activate
neighbor 192.168.0.3 send-community extended
exit-address-family
!

! I had to create this, in addition to the respective vrf 
address-family ipv4 vrf SiteA
exit-address-family

!------------------------------------------!

!---R1

router bgp 65121
bgp log-neighbor-changes
bgp confederation identifier 65000
bgp confederation peers 65023 65108
no bgp default ipv4-unicast
neighbor 192.168.0.2 remote-as 65023
neighbor 192.168.0.2 ebgp-multihop 3
neighbor 192.168.0.2 update-source Loopback0
neighbor 192.168.0.3 remote-as 65023
neighbor 192.168.0.3 ebgp-multihop 255
neighbor 192.168.0.3 update-source Loopback0
neighbor 192.168.0.12 remote-as 65121
neighbor 192.168.0.12 update-source Loopback0
!
address-family ipv4
network 192.168.0.1 mask 255.255.255.255
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 next-hop-self
neighbor 192.168.0.12 activate
neighbor 192.168.0.12 next-hop-self
exit-address-family
!
address-family vpnv4
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 send-community extended
neighbor 192.168.0.2 next-hop-self
exit-address-family
!
address-family ipv4 vrf SiteA
network 192.168.100.1 mask 255.255.255.255
redistribute ospf 10
exit-address-family

!---------------------------------

 

I will appreciate any help

 

Regards

 

1 Accepted Solution

Accepted Solutions

Harold Ritter
Cisco Employee
Cisco Employee

By default, IOS filters out routes for which we do not have a matching VRF defined locally. To disable this default behavior, you need to use the following command: "no bgp default route-target filter". You would need to use this command on R2.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

3 Replies 3

Harold Ritter
Cisco Employee
Cisco Employee

By default, IOS filters out routes for which we do not have a matching VRF defined locally. To disable this default behavior, you need to use the following command: "no bgp default route-target filter". You would need to use this command on R2.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Harold,

Your answer seemed to be just what I was looking for, but after configuring R2 (and deleting the ‘addres-famili ipv4 vrf VRF_NAME’ from my previous work around), I do not learn any prefix.
This is the output:

iosv-2#show bgp vpnv4 uni all summary
BGP router identifier 192.168.0.2, local AS number 65023
BGP table version is 28, main routing table version 28

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.0.1 4 65121 142 144 28 0 0 01:57:19 0
192.168.0.3 4 65023 143 143 28 0 0 01:56:45 0


Any idea?

Did you clear the BGP sessions on R2?

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: