Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
839
Views
2
Helpful
5
Replies

Basic questions: import/export/VPNv4/LDP

Go to solution
GioacchinoInfanti
Level 1
Level 1

‎01-25-2024 02:14 PM - edited ‎01-28-2024 09:47 AM

Hi all,

I'm trying to refresh the basics for MPLS-VPN in order to consolidate my knowledge. Unfortunately I don't have the possibility to use it and hence I need to review from time to time some topics in order not to forget.

I ended up with 3 questions, 

1) When the statements for route-target import/export are specified in the classic section and in the newer format address-family IPv4, does the router take just the newer AF or both statements, or AF overrides the classic one?

 

vrf definition cust01
  rd: 100:200
  router-target export 1001:1001
  router-target import 1001:1001
!
address-family ipv4
 router-target import 1001:1002
!

 

2) speaking again of import/export, we normally have an IGP between the PE and the CE hence as to export, the router/VRF always picks up the IGP routes announced by the CE (and also static, if any) and advertise them to others PEs via VPNv4. If IGP is used in CE-PE, then all the BGP entries in the VRF routing table will always be coming from VPNv4, right? BGP entries in the routing tables will be always from remote , won't them?

3) if instead of IGP in CE-PE we use the BGP protocol it's always eBGP, right? Aside the fact that using iBGP would mean that CE and PE would be under the same admin domain, is there any other technical restriction for not using iBGP? In case it is possible to use iBGP in CE-PE, what about the import/export? I guess the logic of the BGP process is that if a prefix present in the routing table is also present in the BGP DB, then it's not advertised back to the VPNv4 world, right?

When keeping into account a loss of a P router and hence re-routing happens, for the convergence we have to keep into account, in this order, the convergence of the IGP, the LDP and then of the MP-BGP. I don't want to have fast convergence of MP-BGP and have the dataplane yet not stable, right?

 

TIA, Gio

 

Labels:
2 Accepted Solutions

Accepted Solutions

Go to solution
MHM Cisco World
VIP
VIP

‎01-25-2024 04:13 PM

When keeping into account a loss of a P router and hence re-routing happens, for the convergence we have to keep into account, in this order, the convergence of the IGP, the LDP and then of the MP-BGP. I don't want to have fast convergence of MP-BGP and have the dataplane yet not stable, right?

For this you can use IGP sync this make IGP and LDP sync and data plane not use until ldp is full established

View solution in original post

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎01-25-2024 04:17 PM

3) if instead of IGP in CE-PE we use the BGP protocol it's always eBGP, right? Aside the fact that using iBGP would mean that CE and PE would be under the same admin domain, is there any other technical restriction for not using iBGP? In case it is possible to use iBGP in CE-PE, what about the import/export? I guess the logic of the BGP process is that if a prefix present in the routing table is also present in the BGP DB, then it's not advertised back to the VPNv4 world, right?

Ibgp as CE-PE is so so rare' I read and check I see cases but it rare and it not clear in which case we use it.

The first thing we must consider here is that CE AS must same as SP AS which I dont think is suitable solution' the CE usually private AS and SP is public AS.

Anyway there is rfc for ibgp CE-PE

MHM

View solution in original post

0 Helpful
5 Replies 5

Go to solution
MHM Cisco World
VIP
VIP

‎01-25-2024 04:13 PM

When keeping into account a loss of a P router and hence re-routing happens, for the convergence we have to keep into account, in this order, the convergence of the IGP, the LDP and then of the MP-BGP. I don't want to have fast convergence of MP-BGP and have the dataplane yet not stable, right?

For this you can use IGP sync this make IGP and LDP sync and data plane not use until ldp is full established

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP

‎01-25-2024 04:17 PM

3) if instead of IGP in CE-PE we use the BGP protocol it's always eBGP, right? Aside the fact that using iBGP would mean that CE and PE would be under the same admin domain, is there any other technical restriction for not using iBGP? In case it is possible to use iBGP in CE-PE, what about the import/export? I guess the logic of the BGP process is that if a prefix present in the routing table is also present in the BGP DB, then it's not advertised back to the VPNv4 world, right?

Ibgp as CE-PE is so so rare' I read and check I see cases but it rare and it not clear in which case we use it.

The first thing we must consider here is that CE AS must same as SP AS which I dont think is suitable solution' the CE usually private AS and SP is public AS.

Anyway there is rfc for ibgp CE-PE

MHM

0 Helpful

Go to solution
MHM Cisco World
VIP
VIP
In response to MHM Cisco World

‎01-25-2024 04:19 PM

2) speaking again of import/export, we normally have an IGP between the PE and the CE hence as to export, the router/VRF always picks up the IGP routes announced by the CE (and also static, if any) and advertise them to others PEs via VPNv4. If IGP is used in CE-PE, then all the BGP entries in the VRF routing table will always be coming from VPNv4, right? BGP entries in the routing tables will be always from remote , won't them?

I check if I use IGP CE-PE the show ip bgp VPNV4 vrf show both local and remote prefix 

Also I check if I use bgp CE-PE same 

MHM

0 Helpful

Go to solution
GioacchinoInfanti
Level 1
Level 1

‎01-28-2024 10:12 AM - edited ‎01-28-2024 10:59 AM

Well, the best way for question 1 is to configure a device that supports VRFs and import/export VPNv4/VPNv6 families.

 

vrf definition Cust01
rd 1:1
 route-target export 100:1
 route-target import 100:1
 !
 address-family ipv4
  route-target import 100:2
 exit-address-family
 !
 address-family ipv6
  route-target export 100:3
  route-target import 100:3
 exit-address-family

 

The outcome surprises me a bit, meaning that I thought the import/export statements would be taken from the global section AND the family-specific one, instead family-specific statements override global ones. And hence this particular VRF Cust01 just imports VPNv4 NLRIs with route-target 100:2.

 

PE1# show vrf detail Cust01

VRF Cust01 (VRF Id = 1); default RD 1:1; default VPNID <not set>
New CLI format, supports multiple address-families
Flags: 0x180C
No interfaces
Address family ipv4 unicast (Table ID = 0x1):
Flags: 0x0
Export VPN route-target communities
RT:100:1
Import VPN route-target communities
RT:100:2
No import route-map
No global export route-map
No export route-map
VRF label distribution protocol: not configured
VRF label allocation mode: per-prefix
Address family ipv6 unicast (Table ID = 0x1E000001):
Flags: 0x0
Export VPN route-target communities
RT:100:3
Import VPN route-target communities
RT:100:3
No import route-map
No global export route-map
No export route-map
VRF label distribution protocol: not configured
VRF label allocation mode: per-prefix
Address family ipv4 multicast not active
Address family ipv6 multicast not active

 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card