VPNv4 Routing Issue

minaketan_19 · ‎03-26-2017

Hi Guys,

I have a setup (2 PE - 2 CE. Image attached). VPNv4 eBGP is configured between PE & CE. I have access to only CE's. I am receiving routes in VRF's from PE via eBGP. Then its advertised to other CE via VPNv4 iBGP (No MPLS configured).

Now the problem is when i have a link failure between any of the PE-CE. That CE is not able to reach to the destination, though i can see the routes under the VRF. The problem here is, these routes are reachable via other CE's Loopback. Which doesn't have a route under VRF's. I can't configure MPLS on these boxes.

Will appreciate any suggestion to fix this routing logic.

SOHAN HEGDE · ‎03-28-2017

Hello,

Can you provide more details on "these routes are reachable via other CE's Loopback. Which doesn't have a route under VRF's. "

minaketan_19 · ‎03-28-2017

On CE-1 i can see VPNv4 routes from CE-2 with a next-hop as CE-2's loopback. But CE-1 doesn't have reach-ability to CE-2's loopback under the vrf.

SOHAN HEGDE · ‎03-28-2017

i think you should use next-hop-self in IBGP neighbor on both router, this may solve your issue.

minaketan_19 · ‎03-28-2017

Hi Sohan, I don't think it will solve my problem. VPNv4 by nature changes next-hop to self. My problem here is i am not using MPLS. Hence i dont have reachability to other router's Loopback under vrf. Since Loopback is in global.

SOHAN HEGDE · ‎03-28-2017

Hii,

Ideally route at CE1 should show next hop of IBGP neighbor configured. at CE2. and if CE1 dont have route for CE2 loopback under VRF then how IBGP is formed on first place. can you shared some logs if possible.

Vinit Jain · ‎04-01-2017

Are you having a CSC solution. Else, i dont see a reason for having eBGP VPNv4 connection between PE and CE routers.

Please share the configuration.

Also, if you do not have MPLS enabled, then the LSP can be completed using the neighbor x.x.x.x send-label command under the ipv4 AFI.

Thanks

Vinit

Thanks
--Vinit

minaketan_19 · ‎04-01-2017

Hi Vinit, Here is the sample configuration of one of the CE. The other is having identical configuration.

CE-1
router bgp 65200
bgp router-id 10.20.30.193----->Loopback0 in global
neighbor XYZ peer-group
neighbor XYZ remote-as 65200
neighbor XYZ update-source Loopback0
neighbor 10.20.30.194 peer-group XYZ------>iBGP neighbor
neighbor 172.20.192.1 remote-as 1234------->eBGP Neighbor
!
address-family ipv4
network X.X.X.X
neighbor XYZ send-community both
neighbor 10.20.30.194 activate------>Loopback0 of CE-2
neighbor 172.20.192.1 activate
neighbor 172.20.192.1 send-community both
exit-address-family
!
address-family vpnv4
neighbor XYZ send-community both
neighbor 10.20.30.194 activate------->Loopback0 of CE-2
exit-address-family
!
address-family ipv4 vrf ABC
network 0.0.0.0
neighbor 172.30.2.1 remote-as 1234-----?eBGP neighbor
neighbor 172.30.2.1 activate
neighbor 172.30.2.1 send-community both
exit-address-family

Vinit Jain · ‎04-01-2017

Could you please try configuring nei 172.20.192.1 send-label under ipv4 address-family both on PE and CE router. This will help complete ur LSP.

Also, are you having LDP between 10.20.30.194 and .193 router?

Secondly, is your VRF ABC peering in same AS 1234 as your PE router?

Thanks

Vinit

Thanks
--Vinit

minaketan_19 · ‎04-01-2017

Hi,

no, there is no LDP between 10.20.30.194 & 193 (As mentioned in the original post. I have constraint in doing so.)

yes, vrf ABC is peering to same AS and same PE.

I couldn't get your 1st point. Could you elaborate this how it will complete the LSP?

Vinit Jain · ‎04-01-2017

Since you are having vpnv4 peering, how are you planning to have a labelled switched path. There is no LDP even between IBGP peers. So, the other option is to have the labels be generated by using BGP which can be done using the send-label command under ipv4 address-family.

Thanks
--Vinit