Solved: Re: BGP Configuration Issue

gregwoodson · ‎07-11-2007

I had a BGP configuration that was based on interface address instead of loopback. This gave me errors on the router, but routes were passed. I have changed this configuration over to the loopback addresses, and although the bgp neighbors show to be active, none of the routes are being shared.

ROUTER A

interface Loopback0

ip address 10.255.0.0 255.255.255.255

no ip redirects

no ip unreachables

!

router bgp xxxxx

bgp log-neighbor-changes

neighbor 10.255.0.7 remote-as xxxxx

neighbor 10.255.0.7 update-source Multilink1

neighbor XX.XX.XX.XX remote-as 65512

neighbor XX.XX.XX.XX update-source Multilink12

!

address-family ipv4

redistribute static

redistribute ospf XXXXX match internal external 1 external 2

neighbor 10.255.0.7 activate

neighbor XX.XX.XX.XX activate

no auto-summary

no synchronization

network 10.255.0.0 mask 255.255.255.255

exit-address-family

!

address-family vpnv4

neighbor 10.255.0.7 activate

neighbor 10.255.0.7 send-community both

neighbor XX.XX.XX.XX activate

neighbor XX.XX.XX.XX send-community both

exit-address-family

!

address-family ipv4 vrf CustomerA

redistribute connected

redistribute static

redistribute ospf 65507 vrf CustomerA match internal external 1 external 2

default-information originate

no synchronization

exit-address-family

!

address-family ipv4 vrf CustomerB

redistribute connected

redistribute static

redistribute ospf 65512 vrf CustomerB match internal external 1 external 2

neighbor 10.105.255.10 remote-as 65512

neighbor 10.105.255.10 activate

default-information originate

no synchronization

aggregate-address 10.105.0.0 255.255.0.0 summary-only

exit-address-family

ROUTER B

interface Loopback0

ip address 10.255.0.7 255.255.255.255

no clns route-cache

!

router bgp XXXXX

bgp log-neighbor-changes

neighbor 10.255.0.0 remote-as XXXXX

neighbor 10.255.0.0 update-source Multilink1

!

address-family ipv4

redistribute ospf XXXXX match internal external 1 external 2

neighbor 10.255.0.0 activate

no auto-summary

no synchronization

network 10.255.0.7 mask 255.255.255.255

exit-address-family

!

address-family vpnv4

neighbor 10.255.0.0 activate

neighbor 10.255.0.0 send-community both

exit-address-family

!

address-family ipv4 vrf CustomerB

redistribute connected

redistribute static

redistribute ospf 65512 vrf CustomerB match internal external 1 external 2

default-information originate

no auto-summary

no synchronization

exit-address-family

The other BGP peering is working just fine. The 10.255.0.0 to 10.255.0.7 peering is not working. I have verified pings from one router to the other to confirm connectivity.

Thanks

Greg

mheusing · ‎07-12-2007

Hi Greg,

Great to hear the peering works now!

Can you post "show bgp vpnv4 unicast" or the VRF specific portion from both routers? Can you also post "show bgp vpnv4 unicast all X.X.X.X" for a specific prefix under question from both routers? The config does not look too bad ;-) But on the other hand it is not the complete VRF related config, which makes it hard to judge what is going wrong.

Regards, Martin

View solution in original post

mheusing · ‎07-11-2007

Hi,

"ACTIVE" means, that no TCP session is established. This can either be IP connectivity related (you checked that - hopefully with an extended ping specifying the Loopback as source) or BGP related. The latter can be because of wrong source IP, wrong AS and the like.

In your case make sure the update-source refers to the Loopback interfaces.

Router A

router bgp xxxxx

bgp log-neighbor-changes

neighbor 10.255.0.7 remote-as xxxxx

neighbor 10.255.0.7 update-source Loopback0

Router B

router bgp XXXXX

bgp log-neighbor-changes

neighbor 10.255.0.0 remote-as XXXXX

neighbor 10.255.0.0 update-source Loopback0

Hope this helps!

Regards, Martin

gregwoodson · ‎07-11-2007

Thanks Martin!

There is one problem we are now having though-

ROUTER A

router bgp XXXXX

bgp log-neighbor-changes

neighbor 10.255.0.7 remote-as XXXXX

neighbor 10.255.0.7 update-source Loopback0

neighbor XX.XX.XX.XX remote-as 65512

neighbor XX.XX.XX.XX update-source Multilink12

!

address-family ipv4

redistribute static

redistribute ospf XXXXX match internal external 1 external 2

neighbor 10.255.0.7 activate

neighbor XX.XX.XX.XX activate

no auto-summary

no synchronization

network 10.255.0.0 mask 255.255.255.255

exit-address-family

!

address-family vpnv4

neighbor 10.255.0.7 activate

neighbor 10.255.0.7 send-community both

neighbor XX.XX.XX.XX activate

neighbor XX.XX.XX.XX send-community both

exit-address-family

!

address-family ipv4 vrf CustomerA

redistribute connected

redistribute static

redistribute ospf 65507 vrf CustomerA match internal external 1 external 2

default-information originate

no synchronization

exit-address-family

!

address-family ipv4 vrf CustomerB

redistribute connected

redistribute static

redistribute ospf 65512 vrf CustomerB match internal external 1 external 2

neighbor 10.105.255.10 remote-as 65512

neighbor 10.105.255.10 activate

default-information originate

no synchronization

aggregate-address 10.105.0.0 255.255.0.0 summary-only

exit-address-family

ip route 10.255.0.7 255.255.255.255 Multilink1 10.0.0.2

ROUTER B

!

router bgp XXXXX

bgp log-neighbor-changes

neighbor 10.255.0.0 remote-as XXXXX

neighbor 10.255.0.0 update-source Loopback0

!

address-family ipv4

redistribute ospf XXXXX match internal external 1 external 2

neighbor 10.255.0.0 activate

no auto-summary

no synchronization

network 10.255.0.7 mask 255.255.255.255

network 10.0.0.2 mask 255.255.255.252

exit-address-family

!

address-family vpnv4

neighbor 10.255.0.0 activate

neighbor 10.255.0.0 send-community both

exit-address-family

!

address-family ipv4 vrf CustomerB

redistribute connected

redistribute static

redistribute ospf 65512 vrf CustomerB match internal external 1 external 2

default-information originate

no auto-summary

no synchronization

exit-address-family

ip route 0.0.0.0 0.0.0.0 10.0.0.1

OK- the BGP Peering is now working. The only remaining problem is: in Router B, we are receiving routes from the other BGP peers with their gateways as the destination. We are not seeing 10.0.0.1 from within the CustomerB vrf. Thus, we are not able to get past Router A and to the other BGP peers. What is missing to be able to see the interface so that we can get to the next hop?

Greg

gregwoodson · ‎07-11-2007

One more question- why do the cisco configuration guides show each VRF as having their own loopback?

Greg

mheusing · ‎07-12-2007

Hi Greg,

Not every MPLS VPN configuration guide does have a Loopback per VRF, because in many cases there is no need for it. For some features like OSPF sham link, a Loopback is needed in the VRF. Which documents are you refering to?

Hope this helps! Please rate all posts.

Regards, Martin

mheusing · ‎07-12-2007

Hi Greg,

Great to hear the peering works now!

Can you post "show bgp vpnv4 unicast" or the VRF specific portion from both routers? Can you also post "show bgp vpnv4 unicast all X.X.X.X" for a specific prefix under question from both routers? The config does not look too bad ;-) But on the other hand it is not the complete VRF related config, which makes it hard to judge what is going wrong.

Regards, Martin

gregwoodson · ‎07-12-2007

Martin,

Thanks for your help! I got the whole thing figured out late last nite. There were vrf BGP tweaks all over the place that were needed. I appreciate the help!

Greg