Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1039
Views
5
Helpful
2
Replies

MPLS VPN With Cisco CSR and Cisco IOS-XR

Go to solution
sachin30720041
Level 1
Level 1

‎12-03-2021 04:12 PM

Hello All,

 

<------Site1-------><-----Site2---------->

R1----R2---R3---R4--XR5--R6---XR7---R8

 

R1, R2. R3, R4,R6, R7 are cisco CSR.

XR5, XR7 are cisco XR.

 

R1 and R8 are CE routers.

R2 and XR7 are PE routers.

 

ospf, ldp is running on r2,r3,r4 in site1.

ospf, ldp is running on xr5,r6,xr7 in site2.

 

100.100.100.100, 20.20.20.20 are loopbacks on R1(CE router site1) and R8(CE router site2).

192.168.255.2, 192.168.255.7 are loopbacks of R2 and XR7 respectively.

R4 and XR5 are running ipv4 bgp label. and exchange 192.168.255.2(loopback of R2) and 192.168.255.7(loopback of XR7) respectively.

R2 and XR7 are running BGP vpnv4.

 

Below is the configuration.

R2


vrf definition A
rd 192.168.255.2:65000
!
address-family ipv4
route-target export 99:99
route-target import 99:99
exit-address-family
!
interface Loopback1
ip address 192.168.255.2 255.255.255.255
ip ospf 1 area 0
!
interface gig2
no sh
vrf forwarding A
ip address 192.168.12.2 255.255.255.0
ip ospf 10 area 0

interface gig1
no sh
ip address 192.168.23.2 255.255.255.0
ip ospf 1 area 0
mpls ip
!

router ospf 10 vrf vrf1
redistribute bgp 65000 subnets

router ospf 1
 
!
router bgp 65000
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 192.168.255.7 remote-as 65001
neighbor 192.168.255.7 update-source Loopback1
neighbor 192.168.255.7 ebgp-multihop
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 192.168.255.7 activate
neighbor 192.168.255.7 send-community both
exit-address-family
!
address-family ipv4 vrf A
redistribute ospf 10
exit-address-family
-----------------------------------
R4
interface Loopback1
ip address 192.168.255.4 255.255.255.255
ip ospf 1 area 0
!
interface gig2
no sh
ip address 192.168.34.4 255.255.255.0
ip ospf 1 area 0
mpls ip
!
interface gig1
no sh
ip address 192.168.45.4 255.255.255.0
mpls bgp forwarding
!
router ospf 1
redistribute bgp 65000 subnets route-map REDISTRIBUTE_IN_IGP
!
router bgp 65000
bgp log-neighbor-changes
network 192.168.255.2 mask 255.255.255.255
neighbor 192.168.45.5 remote-as 65001
address-family ipv4 unicast
neighbor 192.168.45.5 activate
neighbor 192.168.45.5 send-label
!
ip prefix-list FOREIGN_PREFIXES seq 10 permit 192.168.255.7/32
!
route-map REDISTRIBUTE_IN_IGP permit 10
match ip address prefix-list FOREIGN_PREFIXES
!
--------------------------------------------
R5

interface Loopback1
ipv4 address 192.168.255.5 255.255.255.255
!
interface GigabitEthernet0/0/0/1
no sh
ipv4 address 192.168.45.5 255.255.255.0
!
interface GigabitEthernet0/0/0/0
no sh
ipv4 address 192.168.56.5 255.255.255.0
!
prefix-set FOREIGN_PREFIXES
192.168.255.2/32,
192.168.255.3/32
end-set
!
route-policy DEFAULT
pass
end-policy
!
route-policy REDISTRIBUTE_IN_IGP
if destination in FOREIGN_PREFIXES then
pass
endif
end-policy
!
router static
address-family ipv4 unicast
192.168.45.4/32 GigabitEthernet0/0/0/1
!
router ospf 1
address-family ipv4 unicast
router-id 192.168.255.5
redistribute bgp 65001 route-policy REDISTRIBUTE_IN_IGP
area 0
interface Loopback1
!
interface GigabitEthernet0/0/0/0
!
router bgp 65001
address-family ipv4 unicast
network 192.168.255.7/32
allocate-label all
!
neighbor 192.168.45.4
remote-as 65000
address-family ipv4 labeled-unicast
route-policy DEFAULT in
route-policy DEFAULT out
!
mpls ldp
address-family ipv4
!
interface GigabitEthernet0/0/0/0
!
---------------------------------
R7
route-policy pass
pass
exit

vrf A
address-family ipv4 unicast
import route-target
99:99
!
export route-target
99:99
!
!
interface Loopback1
ipv4 address 192.168.255.7 255.255.255.255
!
interface GigabitEthernet0/0/0/1
no vrf vrf1
ipv4 address 192.168.67.7 255.255.255.0
no sh
!
interface GigabitEthernet0/0/0/0
vrf A
ipv4 address 192.168.78.7 255.255.255.0
no sh
!
router ospf 1
address-family ipv4
 
area 0
interface Loopback1
!
interface GigabitEthernet0/0/0/1
vrf A
redistribute bgp 65001
area 0
int gi0/0/0/0

!
router bgp 65001
address-family vpnv4 unicast
!
neighbor 192.168.255.2
remote-as 65000
update-source Loopback1
ebgp-multihop
address-family vpnv4 unicast
route-policy pass in
route-policy pass out
!
vrf A
rd 192.168.255.12:65001
address-family ipv4 unicast
redistribute ospf 1
!
mpls ldp
address-family ipv4
!
interface GigabitEthernet0/0/0/1
 
I see 100.100.100.100/32(R1's loopback) in R8's routing table and 20.20.20.20(R8's loopback) in R1's routing table. Routes between R1 and R8 are getting exchanged. But ping is not working from R1 to R8.  XR7 has the following labels.
 
RP/0/RP0/CPU0:XR7 # show mpls forwarding
incoming.   outgoing.    Prefix.                         interface.      nexthop
label            label
24002         Pop            192.168.255.2/32    Gi0/0/0/1    192.168.67.6

For prefix 192.168.255.2(R2's loopback),  XR7 is poping the label.
 
On R2 I see label 19 as an outgoing label for 192.168.255.7(XR7's loopback).
R2#show mpls forwarding-table
20   19    192.168.255.7/32 0     Gi1   192.168.23.3
 
That's why the ping request from R1 reaches R8 but the reply is dropped by XR7.
Do I need to do extra configuration on XR7? 
 
Thanks,
Sachin

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Spotlight
Spotlight

‎12-03-2021 07:54 PM - edited ‎12-03-2021 09:18 PM

Hi @sachin30720041 ,

 

The issue is that when you configure an ebgp session, XR does not allow the session to be established over an LSP by default. It does that by installing a pop label operation locally for the neighbor address. You can change that default behavior by adding the mpls keyword to the "ebgp-multihop" command as follow:

 

XR7:

router bgp 65001

neighbor 192.168.255.2
remote-as 65000
update-source Loopback1
ebgp-multihop mpls

 

This should fix the issue you are seeing.

 

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

View solution in original post

2 Replies 2

Go to solution
Harold Ritter
Spotlight
Spotlight

‎12-03-2021 07:54 PM - edited ‎12-03-2021 09:18 PM

Hi @sachin30720041 ,

 

The issue is that when you configure an ebgp session, XR does not allow the session to be established over an LSP by default. It does that by installing a pop label operation locally for the neighbor address. You can change that default behavior by adding the mpls keyword to the "ebgp-multihop" command as follow:

 

XR7:

router bgp 65001

neighbor 192.168.255.2
remote-as 65000
update-source Loopback1
ebgp-multihop mpls

 

This should fix the issue you are seeing.

 

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

Go to solution
sachin30720041
Level 1
Level 1
In response to Harold Ritter

‎12-03-2021 11:01 PM

Thank you so much, Harold!!!

0 Helpful
Customers Also Viewed These Support Documents