Solved: Re: SR MPLS VPN オプション C に関する質問

Yang Li · ‎12-05-2023

2 つの RR ルーター間で VPNV4 ネイバーを確立する際のトラブルこの問題の解決を手伝っていただければ幸いです。ありがとう

RP/0/0/CPU0:P1-RR#show bgp vpnv4 unicast summary
Tue Dec 5 11:26:33.927 UTC
BGP router identifier 172.16.1.3, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 79
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

BGP is operating in STANDALONE mode.

Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 79 79 79 79 79 0

Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
172.16.1.1 0 100 15576 15663 79 0 0 5d05h 2
172.16.1.4 0 100 14260 14364 79 0 0 5d05h 0
172.16.1.9 0 200 9955 9973 0 0 0 03:10:32 Active
172.16.1.20 0 100 14262 14361 79 0 0 5d05h 0

RP/0/0/CPU0:P1-RR#show bgp vpnv4 unicast
Tue Dec 5 11:26:37.167 UTC
BGP router identifier 172.16.1.3, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 79
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:100
*>i1.1.1.1/32 172.16.1.1 0 100 0 65001 i
*>i192.168.1.1/32 172.16.1.1 0 100 0 65001 i

Processed 2 prefixes, 2 paths
RP/0/0/CPU0:P1-RR#show mpls forwarding
Tue Dec 5 11:26:51.046 UTC
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
16017 Pop SR Pfx (idx 17) Gi0/0/0/1 10.1.78.1 37307
16019 Pop SR Pfx (idx 19) Gi0/0/0/2 10.1.89.2 7542
24011 Pop SR Adj (idx 1) Gi0/0/0/0 10.1.83.2 0
24012 Pop SR Adj (idx 3) Gi0/0/0/0 10.1.83.2 0
24013 Pop SR Adj (idx 1) Gi0/0/0/1 10.1.78.1 0
24014 Pop SR Adj (idx 3) Gi0/0/0/1 10.1.78.1 0
24015 Pop SR Adj (idx 1) Gi0/0/0/2 10.1.89.2 0
24016 Pop SR Adj (idx 3) Gi0/0/0/2 10.1.89.2 0

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Harold Ritter · ‎12-06-2023

Hi @Yang Li ,

Thanks for confirming that the BGP LU sessions are up and that the prefixes are being exchanged between the 2 ASBRs.

I definitely see an issue with the labels being exchanged. They should be the SR labels (16018 for RR in AS100 and 16021 for RR in AS200), but they are not. This is definitely a problem.

It could be a code issue. I would suggest you upgrade at least the ASBRs to a level of code more recent than 6.3.1.

Just before you upgrade the ASBRs, it would be worth trying to restart the BGP process with the following command and see if it fixes the issue:

process restart bgp

And then do a "show bgp ipv4 labeled-unicast labels" again to see if the labels are the SR labels. If not, I would definitely recommend upgrading.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

Harold Ritter · ‎12-05-2023

Hi @Yang Li ,

The reason the VPNv4 session is down between the 2 RRs is that you do not seem that they can't reach each other. The route should be learnt via the BGP ipv4 labeled unicast (LU). Can you check if the BGP ipv4 LU is up between AS100 and AS200 and if the ASBRs are receiving the prefixes from each others?

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Yang Li · ‎12-05-2023

Dear Mr @Harold Ritter

Sorry for not replying to your message in time

-----------ASBR-AS100------------

RP/0/0/CPU0:ASBR1#show bgp ipv4 labeled-unicast
Wed Dec 6 05:48:21.078 UTC
BGP router identifier 172.16.1.5, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 298
BGP main routing table version 298
BGP NSR Initial initsync version 5 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.1.1/32 10.1.89.1 30 32768 i
*> 172.16.1.3/32 10.1.89.1 20 32768 i
*> 172.16.1.9/32 10.1.92.2 20 0 200 i
*> 172.16.1.11/32 10.1.92.2 30 0 200 i

Processed 4 prefixes, 4 paths
RP/0/0/CPU0:ASBR1#show bgp ipv4 labeled-unicast labels
Wed Dec 6 05:48:24.768 UTC
BGP router identifier 172.16.1.5, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 298
BGP main routing table version 298
BGP NSR Initial initsync version 5 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*> 172.16.1.1/32 10.1.89.1 nolabel 24012
*> 172.16.1.3/32 10.1.89.1 nolabel 24000
*> 172.16.1.9/32 10.1.92.2 24010 24008
*> 172.16.1.11/32 10.1.92.2 24008 24009

-----------ASBR-AS200----------

RP/0/0/CPU0:ASBR3#show bgp ipv4 labeled-unicast
Wed Dec 6 05:49:20.194 UTC
BGP router identifier 172.16.1.7, local AS number 200
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 375
BGP main routing table version 375
BGP NSR Initial initsync version 4 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 172.16.1.1/32 10.1.92.1 30 0 100 i
*> 172.16.1.3/32 10.1.92.1 20 0 100 i
*> 172.16.1.9/32 10.1.21.2 20 32768 i
*> 172.16.1.11/32 10.1.21.2 30 32768 i

Processed 4 prefixes, 4 paths
RP/0/0/CPU0:ASBR3#show bgp ipv4 labeled-unicast labels
Wed Dec 6 05:49:22.384 UTC
BGP router identifier 172.16.1.7, local AS number 200
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0xe0000000 RD version: 375
BGP main routing table version 375
BGP NSR Initial initsync version 4 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*> 172.16.1.1/32 10.1.92.1 24012 24001
*> 172.16.1.3/32 10.1.92.1 24000 24011
*> 172.16.1.9/32 10.1.21.2 nolabel 24010
*> 172.16.1.11/32 10.1.21.2 nolabel 24008

Processed 4 prefixes, 4 paths
RP/0/0/CPU0:ASBR3#

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Yang Li · ‎12-05-2023

Below is the configuration of my ASBR AS100 AS200, please kindly check

My BGP establishes a relationship

VPNV4 AS-100-PE1-XRV17 > AS-100-RR-XRV17 > AS-200-RR-XRV21-AS-200-PE2-XRV27

EBGP（ipv4 labeled-unicast） AS-100-ASBR1-XRV19 >AS-200-ASBR3-XRV20

-------------------AS100-ASBR--------------

RP/0/0/CPU0:ASBR1#show running-config
Tue Dec 5 11:20:59.040 UTC
Building configuration...
!! IOS XR Configuration 6.3.1
!! Last configuration change at Tue Dec 5 08:14:26 2023 by root-system
!
hostname ASBR1
address-family ipv4 unicast
!
interface Loopback0
ipv4 address 172.16.1.5 255.255.255.255
!
interface MgmtEth0/0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.94.1 255.255.255.252
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.89.2 255.255.255.252
!
interface GigabitEthernet0/0/0/2
ipv4 address 10.1.92.1 255.255.255.252
!
interface GigabitEthernet0/0/0/3
vrf a
ipv4 address 172.16.2.1 255.255.255.0
shutdown
!
interface GigabitEthernet0/0/0/4
shutdown
!
interface GigabitEthernet0/0/0/5
shutdown
!
interface GigabitEthernet0/0/0/6
shutdown
!
prefix-set c
172.16.1.9/32,
172.16.1.11/32
end-set
!
route-policy SID($SID)
set label-index $SID
end-policy
!
route-policy PASS
pass
end-policy
!
route-policy R-B-I
if destination in c then
pass
endif
end-policy
!
router static
address-family ipv4 unicast
10.1.92.2/32 GigabitEthernet0/0/0/2
!
!
router isis as100
is-type level-2-only
net 49.0001.0000.0000.5555.00
log adjacency changes
address-family ipv4 unicast
metric-style wide
redistribute bgp 100 level-2 route-policy R-B-I
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid index 19
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/1
address-family ipv4 unicast
!
!
!
router bgp 100
bgp router-id 172.16.1.5
address-family ipv4 unicast
network 172.16.1.1/32 route-policy SID(17)
network 172.16.1.3/32 route-policy SID(18)
allocate-label all
!
neighbor 10.1.92.2
remote-as 200
address-family ipv4 labeled-unicast
route-policy PASS in
route-policy PASS out
!
!
!
mpls oam
!
segment-routing
global-block 16000 23999

-------------------AS200-ASBR--------------

User Access Verification

Username: root-system
Password:

RP/0/0/CPU0:ASBR3#show running-config
Tue Dec 5 11:24:04.147 UTC
Building configuration...
!! IOS XR Configuration 6.3.1
!! Last configuration change at Tue Dec 5 08:15:44 2023 by root-system
!
hostname ASBR3
interface Loopback0
ipv4 address 172.16.1.7 255.255.255.255
!
interface MgmtEth0/0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.25.1 255.255.255.252
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.92.2 255.255.255.252
!
interface GigabitEthernet0/0/0/2
ipv4 address 10.1.21.1 255.255.255.252
!
interface GigabitEthernet0/0/0/3
shutdown
!
interface GigabitEthernet0/0/0/4
shutdown
!
interface GigabitEthernet0/0/0/5
shutdown
!
interface GigabitEthernet0/0/0/6
shutdown
!
prefix-set c
172.16.1.1/32,
172.16.1.3/32
end-set
!
route-policy SID($SID)
set label-index $SID
end-policy
!
route-policy PASS
pass
end-policy
!
route-policy B-T-I
if destination in c then
pass
endif
end-policy
!
router static
address-family ipv4 unicast
10.1.92.1/32 GigabitEthernet0/0/0/1
!
!
router isis as200
is-type level-2-only
net 48.0001.0000.0000.2020.00
address-family ipv4 unicast
metric-style wide
redistribute bgp 200 level-2 route-policy B-T-I
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid index 20
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/2
address-family ipv4 unicast
!
!
!
router bgp 200
bgp router-id 172.16.1.7
address-family ipv4 unicast
network 172.16.1.9/32 route-policy SID(21)
network 172.16.1.11/32 route-policy SID(27)
allocate-label all
!
neighbor 10.1.92.1
remote-as 100
address-family ipv4 labeled-unicast
route-policy PASS in
route-policy PASS out
!
!
!
mpls oam
!
segment-routing
global-block 16000 23999
!
end

RP/0/0/CPU0:ASBR3#
RP/0/0/CPU0:ASBR3#show running-config
Tue Dec 5 11:24:19.626 UTC
Building configuration...
!! IOS XR Configuration 6.3.1
!! Last configuration change at Tue Dec 5 08:15:44 2023 by root-system
!
hostname ASBR3
interface Loopback0
ipv4 address 172.16.1.7 255.255.255.255
!
interface MgmtEth0/0/CPU0/0
shutdown
!
interface GigabitEthernet0/0/0/0
ipv4 address 10.1.25.1 255.255.255.252
!
interface GigabitEthernet0/0/0/1
ipv4 address 10.1.92.2 255.255.255.252
!
interface GigabitEthernet0/0/0/2
ipv4 address 10.1.21.1 255.255.255.252
!
interface GigabitEthernet0/0/0/3
shutdown
!
interface GigabitEthernet0/0/0/4
shutdown
!
interface GigabitEthernet0/0/0/5
shutdown
!
interface GigabitEthernet0/0/0/6
shutdown
!
prefix-set c
172.16.1.1/32,
172.16.1.3/32
end-set
!
route-policy SID($SID)
set label-index $SID
end-policy
!
route-policy PASS
pass
end-policy
!
route-policy B-T-I
if destination in c then
pass
endif
end-policy
!
router static
address-family ipv4 unicast
10.1.92.1/32 GigabitEthernet0/0/0/1
!
!
router isis as200
is-type level-2-only
net 48.0001.0000.0000.2020.00
address-family ipv4 unicast
metric-style wide
redistribute bgp 200 level-2 route-policy B-T-I
segment-routing mpls sr-prefer
!
interface Loopback0
address-family ipv4 unicast
prefix-sid index 20
!
!
interface GigabitEthernet0/0/0/0
address-family ipv4 unicast
!
!
interface GigabitEthernet0/0/0/2
address-family ipv4 unicast
!
!
!
router bgp 200
bgp router-id 172.16.1.7
address-family ipv4 unicast
network 172.16.1.9/32 route-policy SID(21)
network 172.16.1.11/32 route-policy SID(27)
allocate-label all
!
neighbor 10.1.92.1
remote-as 100
address-family ipv4 labeled-unicast
route-policy PASS in
route-policy PASS out
!
!
!
mpls oam
!
segment-routing
global-block 16000 23999
!
end

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Harold Ritter · ‎12-06-2023

Hi @Yang Li ,

Thanks for confirming that the BGP LU sessions are up and that the prefixes are being exchanged between the 2 ASBRs.

I definitely see an issue with the labels being exchanged. They should be the SR labels (16018 for RR in AS100 and 16021 for RR in AS200), but they are not. This is definitely a problem.

It could be a code issue. I would suggest you upgrade at least the ASBRs to a level of code more recent than 6.3.1.

Just before you upgrade the ASBRs, it would be worth trying to restart the BGP process with the following command and see if it fixes the issue:

process restart bgp

And then do a "show bgp ipv4 labeled-unicast labels" again to see if the labels are the SR labels. If not, I would definitely recommend upgrading.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Yang Li · ‎12-06-2023

Dear Mr @Harold Ritter

Thank you for confirming so I can understand that it's not my configuration that is causing this problem？

i wii try change other version

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Harold Ritter · ‎12-06-2023

Hi @Yang Li ,

Your configuration is correct. Try restarting the BGP process with the command "process restart bgp" before you upgrade. This might fix the issue.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Yang Li · ‎12-06-2023

Dear Mr @Harold Ritter

Thank you very much. I tried restarting the BGP process and it has indeed started to work.

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Rcvd Label Local Label
*> 172.16.1.1/32 10.1.89.1 nolabel 16017
*> 172.16.1.3/32 10.1.89.1 nolabel 16018
*> 172.16.1.9/32 10.1.92.2 16021 16021
*> 172.16.1.11/32 10.1.92.2 16027 16027

Processed 4 prefixes, 4 paths
RP/0/0/CPU0:ASBR1#

RP/0/0/CPU0:P1-RR#show bgp vpnv4 unicast summary
Wed Dec 6 12:38:04.534 UTC
BGP router identifier 172.16.1.3, local AS number 100
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0 RD version: 0
BGP main routing table version 81
BGP NSR Initial initsync version 1 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

BGP is operating in STANDALONE mode.

Process RcvTblVer bRIB/RIB LabelVer ImportVer SendTblVer StandbyVer
Speaker 81 81 81 81 81 0

Neighbor Spk AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down St/PfxRcd
172.16.1.1 0 100 17087 17174 81 0 0 6d06h 2
172.16.1.4 0 100 15771 15875 81 0 0 6d06h 0
172.16.1.9 0 200 9961 9979 81 0 0 00:03:04 2
172.16.1.20 0 100 15773 15872 81 0 0 6d06h 0

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it

Harold Ritter · ‎12-05-2023

...

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Yang Li · ‎12-05-2023

In addition, I have a question. Do all the neighbor relationships of BGP ipv4 labeled unicast (LU) need to be opened?

.ılı..ılı.
Cisco System
Pyhton
U got a dream, U gotta protect it