cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Community Helping Community

162
Views
0
Helpful
3
Replies
Cisco Employee

MPLS VPN core with MP-BGP Condefederation

Hello all,

 

 

I am trying to set up a MPLS with BGP core, using confederations in order to have the iBGP full mesh. While configuring it, I faced this situation

 

R1 establishes an eBGP connection with R2

R2 establishes an iBGP connection with R3

 

R1 and R3 are PE routers, therefore they have the 'address-family ipv4 vrf VRF_NAME' and the respective VRF configured on it.

 

After activating the neighbors in the 'address-family vpnv4' I see that the neighbors are up but no prefixes are being exchanged between R1 <-> R2 and R2 <-> R3. As a result R1 does not get the vpnv4 prefixes learned by R3 and viceversa.

 

While debugging it I decided  to create the VRF in R2 as well, and to create 'address-family ipv4 vrf VRF_NAME ' in the bgp configuration. This worked, but I have not found any explanation whether this is the right way to configure it or not.

 

Normally I configure the BGP core using Route Reflectors and with this approach the VRF(s) and the 'address family ipv4 vrf VRF_NAME' do not have to be configured on the RR Router.

 

Here the configuration of the BGP processes 

 

!------------------------------------------!

!---R3

router bgp 65023
bgp log-neighbor-changes
bgp confederation identifier 65000
bgp confederation peers 65121
no bgp default ipv4-unicast
neighbor 192.168.0.1 remote-as 65121
neighbor 192.168.0.1 ebgp-multihop 255
neighbor 192.168.0.1 update-source Loopback0
neighbor 192.168.0.2 remote-as 65023
neighbor 192.168.0.2 update-source Loopback0
!
address-family ipv4
network 192.168.0.3 mask 255.255.255.255
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 next-hop-self
exit-address-family
!
address-family vpnv4
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 send-community extended
exit-address-family
!
address-family ipv4 vrf SiteA
network 192.168.100.3 mask 255.255.255.255
redistribute ospf 10
exit-address-family

!------------------------------------------!

!---R2

iosv-2#sh run | s bgp
router bgp 65023
bgp log-neighbor-changes
bgp confederation identifier 65000
bgp confederation peers 65108 65121
no bgp default ipv4-unicast
neighbor 192.168.0.1 remote-as 65121
neighbor 192.168.0.1 ebgp-multihop 3
neighbor 192.168.0.1 update-source Loopback0
neighbor 192.168.0.3 remote-as 65023
neighbor 192.168.0.3 update-source Loopback0
neighbor 192.168.0.8 remote-as 65108
neighbor 192.168.0.8 ebgp-multihop 3
neighbor 192.168.0.8 update-source Loopback0
!
address-family ipv4
network 192.168.0.2 mask 255.255.255.255
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-community
neighbor 192.168.0.3 activate
neighbor 192.168.0.3 send-community
neighbor 192.168.0.8 activate
neighbor 192.168.0.8 send-community
exit-address-family
!
address-family vpnv4
neighbor 192.168.0.1 activate
neighbor 192.168.0.1 send-community extended
neighbor 192.168.0.3 activate
neighbor 192.168.0.3 send-community extended
exit-address-family
!

! I had to create this, in addition to the respective vrf 
address-family ipv4 vrf SiteA
exit-address-family

!------------------------------------------!

!---R1

router bgp 65121
bgp log-neighbor-changes
bgp confederation identifier 65000
bgp confederation peers 65023 65108
no bgp default ipv4-unicast
neighbor 192.168.0.2 remote-as 65023
neighbor 192.168.0.2 ebgp-multihop 3
neighbor 192.168.0.2 update-source Loopback0
neighbor 192.168.0.3 remote-as 65023
neighbor 192.168.0.3 ebgp-multihop 255
neighbor 192.168.0.3 update-source Loopback0
neighbor 192.168.0.12 remote-as 65121
neighbor 192.168.0.12 update-source Loopback0
!
address-family ipv4
network 192.168.0.1 mask 255.255.255.255
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 next-hop-self
neighbor 192.168.0.12 activate
neighbor 192.168.0.12 next-hop-self
exit-address-family
!
address-family vpnv4
neighbor 192.168.0.2 activate
neighbor 192.168.0.2 send-community extended
neighbor 192.168.0.2 next-hop-self
exit-address-family
!
address-family ipv4 vrf SiteA
network 192.168.100.1 mask 255.255.255.255
redistribute ospf 10
exit-address-family

!---------------------------------

 

I will appreciate any help

 

Regards

 

1 ACCEPTED SOLUTION

Accepted Solutions
Cisco Employee

Re: MPLS VPN core with MP-BGP Condefederation

By default, IOS filters out routes for which we do not have a matching VRF defined locally. To disable this default behavior, you need to use the following command: "no bgp default route-target filter". You would need to use this command on R2.

 

Regards,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

3 REPLIES 3
Cisco Employee

Re: MPLS VPN core with MP-BGP Condefederation

By default, IOS filters out routes for which we do not have a matching VRF defined locally. To disable this default behavior, you need to use the following command: "no bgp default route-target filter". You would need to use this command on R2.

 

Regards,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Cisco Employee

Re: MPLS VPN core with MP-BGP Condefederation

Hi Harold,

Your answer seemed to be just what I was looking for, but after configuring R2 (and deleting the ‘addres-famili ipv4 vrf VRF_NAME’ from my previous work around), I do not learn any prefix.
This is the output:

iosv-2#show bgp vpnv4 uni all summary
BGP router identifier 192.168.0.2, local AS number 65023
BGP table version is 28, main routing table version 28

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.0.1 4 65121 142 144 28 0 0 01:57:19 0
192.168.0.3 4 65023 143 143 28 0 0 01:56:45 0


Any idea?
Cisco Employee

Re: MPLS VPN core with MP-BGP Condefederation

Did you clear the BGP sessions on R2?

 

Regards,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
CreatePlease to create content
Content for Community-Ad
FusionCharts will render here
This widget could not be displayed.