Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
10325
Views
10
Helpful
4
Replies

BGP peering using VRF

Go to solution
Khade Purcell
Level 1
Level 1

ā€Ž12-14-2018 08:59 AM - edited ā€Ž08-30-2019 12:28 PM

I am having issues Peering 2 routers with BGP within their VRF. I can accomplish this with Cisco IOS version 12.4 just fine in a simulator but I am unable to peer using cisco IOS 15.1 or on a live catalyst 6800 switch unless I configure an RD. I am new to RD and I'm not an advanced VRF user. How can I establish BGP adjacency on the Catalyst 6800 using the VRF without needing to configure the RD?

 

Example

************************The following config works fine****************

Cisco 3700 Ver 12.4

#router 1
ip vrf INET

int fa 0/0
  ip vrf forwarding INET
  ip address 192.168.0.1 255.255.255.252
  no shut

router bgp 456
  bgp router-id 1.1.1.1
  bgp log-neighbor-changes
  neighbor 192.168.0.2 remote-as 123
  neighbor 192.168.0.2 version 4
!
address-family ipv4
  no neighbor 192.168.0.2 activate
  no auto-summary
  no synchronization
exit-address-family
!
address-family ipv4 vrf INET
  neighbor 192.168.0.2 remote-as 123
  neighbor 192.168.0.2 version 4
  neighbor 192.168.0.2 activate
  no synchronization
  network 1.1.1.1 mask 255.255.255.255
exit-address-family

 

%BGP-5-ADJCHANGE: neighbor 192.168.0.2 vpn vrf INET Up peer


#router 2
ip vrf INET

int fa 0/0
ip vrf forwarding INET
ip address 192.168.0.2 255.255.255.252
no shut

router bgp 123
  bgp router-id 2.2.2.2
  bgp log-neighbor-changes
  neighbor 192.168.0.1 remote-as 456
  neighbor 192.168.0.1 version 4
!
address-family ipv4
  no neighbor 192.168.0.1 activate
  no auto-summary
  no synchronization
  exit-address-family
!
address-family ipv4 vrf INET
neighbor 192.168.0.1 remote-as 456
neighbor 192.168.0.1 version 4
neighbor 192.168.0.1 activate
no synchronization
network 2.2.2.2 mask 255.255.255.255
exit-address-family

%BGP-5-ADJCHANGE: neighbor 192.168.0.1 vpn vrf INET Up

 

************************ Swapping router 1 with a a L3 switch running 15.1, The following Doesn't work usless I configure an RD****************
L3 Switch vm IOS ver 15.1

#router 1

ip vrf INET

int fa 0/0
  ip vrf forwarding INET
  ip address 192.168.0.1 255.255.255.252
  no shut

router bgp 456
  bgp router-id 1.1.1.1
  bgp log-neighbor-changes
  neighbor 192.168.0.2 remote-as 123
  neighbor 192.168.0.2 version 4
!
 address-family ipv4
   no neighbor 192.168.0.2 activate
exit-address-family

(config)#router bgp 456
(config-router)# address-family ipv4 vrf INET
% VRF INET does not have an RD configured. <<<< Error Message

 

ip vrf INET
rd 456:1
  route-target export 456:1
  route-target import 456:1

 

router bgp 456

   address-family ipv4 vrf INET
     neighbor 192.168.0.2 remote-as 123
     neighbor 192.168.0.2 version 4
     neighbor 192.168.0.2 activate
     no synchronization

%BGP-5-ADJCHANGE: neighbor 192.168.0.2 vpn vrf INET Up


#router 2

ip vrf INET

int fa 0/0
    ip vrf forwarding INET
    ip address 192.168.0.2 255.255.255.252
    no shut

router bgp 123
  bgp router-id 2.2.2.2
  bgp log-neighbor-changes
  neighbor 192.168.0.1 remote-as 456
  neighbor 192.168.0.1 version 4
!
 address-family ipv4
  no neighbor 192.168.0.1 activate
  no auto-summary
  no synchronization
  exit-address-family
!
address-family ipv4 vrf INET
  neighbor 192.168.0.1 remote-as 456
  neighbor 192.168.0.1 version 4
  neighbor 192.168.0.1 activate
  no synchronization
  network 2.2.2.2 mask 255.255.255.255
exit-address-family

 

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
mlund
Level 7
Level 7
In response to Khade Purcell

ā€Ž12-18-2018 12:49 AM

Hi

If you are using mpls, then the rd is required, however when using only vrf lite the rd is not used. So technically, then rd can be omitted. But my guess is that if the equipment is able to run mpls, the ios code is written in away that required you to have a rd configured.

When you are using vrf lite you don't need the route-targets. They are also used in mpls.

/Mikael 

View solution in original post

4 Replies 4

Go to solution
Georg Pauwen
VIP
VIP

ā€Ž12-14-2018 02:17 PM

Hello,

 

to be honest I haven't seen a VRF yet without an RD, and I don't see how the BGP peering is working without it. When you say simulator, which one are we talking about ?

0 Helpful

Go to solution
Khade Purcell
Level 1
Level 1
In response to Georg Pauwen

ā€Ž12-15-2018 07:26 AM

GNS3

0 Helpful

Go to solution
mlund
Level 7
Level 7
In response to Khade Purcell

ā€Ž12-18-2018 12:49 AM

Hi

If you are using mpls, then the rd is required, however when using only vrf lite the rd is not used. So technically, then rd can be omitted. But my guess is that if the equipment is able to run mpls, the ios code is written in away that required you to have a rd configured.

When you are using vrf lite you don't need the route-targets. They are also used in mpls.

/Mikael 

Go to solution
paul driver
VIP
VIP

ā€Ž12-18-2018 02:07 AM - edited ā€Ž12-18-2018 02:13 AM

Hello

FYI -You dont need to specify route distinguishers for vrf-lite but depending on what L3 switch your are using and applicable i would check what SDM template is being used.

sh sdm prefer


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the communityā€™s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card