Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
923
Views
0
Helpful
4
Replies

mpls vpn dual home and backdoor links

Johnson Chan
Level 1
Level 1

‎07-08-2013 02:27 PM

I have the following network

CE1----OSPF------CE2

|                              |

|                              |

BGP(AS109)                    OSPF

|                              |

|                              |

PE1-------------------PE2         

|          ospf/ibgp      |

|          AS 9            |

P(RR)---------------------|

my goal from P is go to CE1-Lo0 via PE1

but it goes to PE1 - PE2 - CE2 - CE1

here the output of PE1

sho ip bgp vpnv4 all 172.9.0.11(CE1-LO)

BGP routing table entry for 9:9:172.9.0.11/32, version 124

Paths: (2 available, best #1, table ABC)

  Advertised to update-groups:

     3        

  Refresh Epoch 1

  Local

    9.9.0.5 (metric 11) from 9.9.0.7 (9.9.0.7)

      Origin incomplete, metric 21, localpref 100, valid, internal, best

      Extended Community: RT:9:9 OSPF DOMAIN ID:0x0005:0x0000006D0200

        OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.9.0.5:0

      Originator: 9.9.0.5, Cluster list: 9.9.0.7

      mpls labels in/out 57/33

  Refresh Epoch 1

  109

    172.9.113.11 from 172.9.113.11 (172.9.0.11)

      Origin incomplete, metric 0, localpref 100, valid, external

      Extended Community: RT:9:9

      mpls labels in/out 57/imp-null

HERE'S THE CONFIG OF PE1

address-family vpnv4

  neighbor 9.9.0.7 activate

  neighbor 9.9.0.7 send-community extended

exit-address-family

address-family ipv4 vrf ABC

  no synchronization

  network 172.9.0.3 mask 255.255.255.255

  redistribute connected

  neighbor 172.9.113.11 remote-as 109

  neighbor 172.9.113.11 activate

  neighbor 172.9.113.11 send-community both

  neighbor 172.9.113.11 as-override

  neighbor 172.9.113.11 send-label

exit-address-family

HERE'S THE CONFIG OF CE1:

router ospf 109

router-id 172.9.0.11

log-adjacency-changes

redistribute bgp 109 subnets tag 109

network 172.9.0.11 0.0.0.0 area 0

network 172.9.112.11 0.0.0.0 area 0

router bgp 109

bgp router-id 172.9.0.11

no bgp default ipv4-unicast

no bgp default route-target filter

neighbor 172.9.113.3 remote-as 9

!

address-family ipv4

  no synchronization

  redistribute ospf 109

  neighbor 172.9.113.3 activate

  neighbor 172.9.113.3 send-community both

  neighbor 172.9.113.3 send-label

  no auto-summary

exit-address-family

!

HERE'S THE CONFIG CE2

router ospf 109

router-id 172.9.0.12

log-adjacency-changes

network 172.9.0.12 0.0.0.0 area 0

network 172.9.112.12 0.0.0.0 area 0

network 172.9.125.12 0.0.0.0 area 0

LAST THE CONFIG PE2:

router ospf 109 vrf ABC

router-id 172.9.0.5

domain-tag 109

log-adjacency-changes

redistribute bgp 9 metric-type 1 subnets

network 172.9.0.5 0.0.0.0 area 0

network 172.9.125.5 0.0.0.0 area 0

router ospf 9

router-id 9.9.0.5

log-adjacency-changes

network 9.9.0.5 0.0.0.0 area 0

network 9.9.35.5 0.0.0.0 area 0

network 9.9.56.5 0.0.0.0 area 0

mpls traffic-eng router-id Loopback0

mpls traffic-eng area 0

mpls traffic-eng multicast-intact

router bgp 9

bgp router-id 9.9.0.5

no bgp default ipv4-unicast

no bgp default route-target filter

neighbor 9.9.0.7 remote-as 9

neighbor 9.9.0.7 update-source Loopback0

address-family vpnv4

  neighbor 9.9.0.7 activate

  neighbor 9.9.0.7 send-community extended

exit-address-family

!

address-family ipv4 vrf ABC

  no synchronization

  network 172.9.0.5 mask 255.255.255.255

  redistribute ospf 109 vrf ABC

exit-address-famil

Please let me know if need more info

Any help will be very much appreciated.

Labels:
0 Helpful
4 Replies 4

Akash Agrawal
Cisco Employee
Cisco Employee

‎07-09-2013 01:22 AM

Hi Johnson,

I believe this is lab invironment and not production setup where you have to use BGP as PE-CE protocol on PE1 and OSPF as PE-CE protocol on PE2.

Now once you have two BGP route on PE1 VPN table, it will prefer route from PE2 over CE1 route because of lower AS-PATH attribute. To prefer CE1 route, you can set weight on PE1 router for neighbor 172.9.113.11 which will be locally significant.

BGP routing table entry for 9:9:172.9.0.11/32, version 124

Paths: (2 available, best #1, table ABC)

  Advertised to update-groups:

     3       

  Refresh Epoch 1

  Local

    9.9.0.5 (metric 11) from 9.9.0.7 (9.9.0.7)

      Origin incomplete, metric 21, localpref 100, valid, internal, best

      Extended Community: RT:9:9 OSPF DOMAIN ID:0x0005:0x0000006D0200

        OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.9.0.5:0

      Originator: 9.9.0.5, Cluster list: 9.9.0.7

      mpls labels in/out 57/33

  Refresh Epoch 1

  109                                                         >>>>>>>>>>>>>>>>>>>>>

    172.9.113.11 from 172.9.113.11 (172.9.0.11)

      Origin incomplete, metric 0, localpref 100, valid, external

      Extended Community: RT:9:9

      mpls labels in/out 57/imp-null

Regards,

Akash

0 Helpful

Johnson Chan
Level 1
Level 1
In response to Akash Agrawal

‎07-09-2013 09:36 AM

Correct!

I did change the weight and it is the best path

But the traffic still goes to PE1 - PE2 - CE2 - CE1 instead of PE1-CE1

See the outputs below.

PE1:

sho ip bgp vpnv4 all 172.9.0.11

BGP routing table entry for 9:9:172.9.0.11/32, version 113

Paths: (2 available, best #2, table ABC)

  Advertised to update-groups:

     1        

  Local

    9.9.0.5 (metric 11) from 9.9.0.7 (9.9.0.7)

      Origin incomplete, metric 21, localpref 100, valid, internal

      Extended Community: RT:9:9 OSPF DOMAIN ID:0x0005:0x0000000A0200

        OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.9.0.5:512

      Originator: 9.9.0.5, Cluster list: 9.9.0.7

      mpls labels in/out 45/27

  109

    172.9.113.11 from 172.9.113.11 (172.9.0.11)

      Origin incomplete, metric 0, localpref 100, weight 100, valid, external, best

      Extended Community: RT:9:9

      mpls labels in/out 45/imp-null

TRACEROUTE:

P:

traceroute vrf ABC 172.9.0.11

  9.9.23.3 [MPLS: Labels 18/27 Exp 0] 16 msec <======PE1

  172.9.125.5 [MPLS: Label 27 Exp 0] 20 msec 20 msec 4 msec <======PE2

  172.9.125.12                                    16 msec 48 msec 24 msec <======CE2

  172.9.112.11                                     16 msec *  24 msec <======CE1

CE1----OSPF------CE2

|                              |

|                              |

BGP(AS109)         OSPF

|                              |

|                              |

PE1-------------------PE2         

|          ospf/ibgp      |

|          AS 9            |

P(RR)---------------------|

0 Helpful

Johnson Chan
Level 1
Level 1
In response to Johnson Chan

‎07-09-2013 09:40 AM

FROM RR ROUTER

P:

sho ip bgp vpnv4 all 172.9.0.11

BGP routing table entry for 9:9:172.9.0.11/32, version 147

Paths: (2 available, best #1, table ABC)

  Advertised to update-groups:

     1          2        

  Local, (Received from a RR-client)

    9.9.0.5 (metric 31) from 9.9.0.5 (9.9.0.5)

      Origin incomplete, metric 21, localpref 100, valid, internal, best

      Extended Community: RT:9:9 OSPF DOMAIN ID:0x0005:0x0000000A0200

        OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.9.0.5:512

      mpls labels in/out 51/27

  109, (Received from a RR-client)

    9.9.0.3 (metric 21) from 9.9.0.3 (9.9.0.3)

      Origin incomplete, metric 0, localpref 100, valid, internal

      Extended Community: RT:9:9

      mpls labels in/out 51/45

0 Helpful

Akash Agrawal
Cisco Employee
Cisco Employee
In response to Johnson Chan

‎07-09-2013 11:39 PM

Hi,

you can determine it by yourself if you go through BGP best path selection algorithm and compare each BGP attribute between two BGP routes.

http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094431.shtml

Regards,

Akash

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents