Solved: CEF and host route

verma-rohit · ‎09-09-2019

Hi,

R1-------------R2

R1:

lo0: 1.1.1.1/32

R2:

lo02.2.2.2/32

I have MP-BGP configured between R1 and R2.

Everything works fine, however on R1 i summarized loopback in ospf as 1.1.0.0/16. R2 routing table has 1.1.1.1/32 route and has 1.1.0.0/16 as configured. However i noticed CEF did install 1.1.1.1/32 host route which i find strange and I believe it has to do with MP-BGP configuration.

When i remove MP-BGP and runs plain ospf between two routers, host route 1.1.1.1/32 no longer exits. So why Mp-BGP is injecting a host route when route is summarized?

R2: When MP-BGP is in operation

R2#show ip cef
Prefix Next Hop Interface
0.0.0.0/0 no route
0.0.0.0/8 drop
0.0.0.0/32 receive
1.1.0.0/16 192.168.1.1 Ethernet0/0
1.1.1.1/32 192.168.1.1 Ethernet0/0
2.2.2.2/32 receive Loopback0
127.0.0.0/8 drop
192.168.1.0/24 attached Ethernet0/0
192.168.1.0/32 receive Ethernet0/0
192.168.1.1/32 attached Ethernet0/0
192.168.1.2/32 receive Ethernet0/0
192.168.1.255/32 receive Ethernet0/0
224.0.0.0/4 drop
224.0.0.0/24 receive
240.0.0.0/4 drop
255.255.255.255/32 receive

R2: When MP-BGP is removed

R2#show ip cef
Prefix Next Hop Interface
0.0.0.0/0 no route
0.0.0.0/8 drop
0.0.0.0/32 receive
1.1.0.0/16 192.168.1.1 Ethernet0/0
2.2.2.2/32 receive Loopback0
127.0.0.0/8 drop
192.168.1.0/24 attached Ethernet0/0
192.168.1.0/32 receive Ethernet0/0
192.168.1.1/32 attached Ethernet0/0
192.168.1.2/32 receive Ethernet0/0
192.168.1.255/32 receive Ethernet0/0
224.0.0.0/4 drop
224.0.0.0/24 receive
240.0.0.0/4 drop
255.255.255.255/32 receive

Harold Ritter · ‎09-12-2019

This should work, as 1.1.1.1/32 will be recursively resolved via 1.1.0.0/16 and will use its label. I just tried it and it works as expected.

R2#sh ip cef 1.1.1.1 det
1.1.1.1/32, epoch 0
1 RR source [active source]
Dependent covered prefix type rr, cover 1.1.0.0/16
recursive via 1.1.0.0/16
nexthop 192.168.24.2 GigabitEthernet0/1 label 16-(local:17)
R2#

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

View solution in original post

Georg Pauwen · ‎09-09-2019

Hello,

share the running configs of both routers...

verma-rohit · ‎09-10-2019

1.Configuration files are attached.
2. On R1, I have intentionally summarized lo0 as 1.1.0.0/16.

3. On R2: Why CEF has host route for R1 lo0 even though it is summarized on R1. RIB does not have host route.

R2#show ip cef
Prefix Next Hop Interface
0.0.0.0/0 no route
0.0.0.0/8 drop
0.0.0.0/32 receive
1.1.0.0/16 192.168.1.1 Ethernet0/0
1.1.1.1/32 192.168.1.1 Ethernet0/0
2.2.2.2/32 receive Loopback0
127.0.0.0/8 drop
192.168.1.0/24 attached Ethernet0/0
192.168.1.0/32 receive Ethernet0/0
192.168.1.1/32 attached Ethernet0/0
192.168.1.2/32 receive Ethernet0/0
192.168.1.255/32 receive Ethernet0/0
224.0.0.0/4 drop
224.0.0.0/24 receive
240.0.0.0/4 drop
255.255.255.255/32 receive

R2#show ip cef 1.1.1.1 detail
1.1.1.1/32, epoch 0
1 RR source [active source]
Dependent covered prefix type rr, cover 1.1.0.0/16
recursive via 1.1.0.0/16
nexthop 192.168.1.1 Ethernet0/0

R2: RIB

1.0.0.0/16 is subnetted, 1 subnets
O IA 1.1.0.0 [110/11] via 192.168.1.1, 00:14:15, Ethernet0/0
2.0.0.0/32 is subnetted, 1 subnets
C 2.2.2.2 is directly connected, Loopback0
192.168.1.0/24 is variably subnetted, 2 subnets, 2 masks
C 192.168.1.0/24 is directly connected, Ethernet0/0
L 192.168.1.2/32 is directly connected, Ethernet0/0

Note: If i change R1 bgp router-id to some other loopback ip, host route for 1.1.1.1/32 goes away on R2.

Georg Pauwen · ‎09-10-2019

Hello,

Iabbed this in GNS3. The problem is the redistribution of connected routes:

address-family ipv4 vrf A
redistribute connected
exit-address-family

If you remove that, the host route in CEF on R2 is gone.

verma-rohit · ‎09-10-2019

Redistribution is for connected routes in vrf A where as lo0 is in R1 global routing. Lo0 is not part of any vrf

Georg Pauwen · ‎09-10-2019

Hello,

have you tried to remove the 'redistribute connected' ? What is the result ?

verma-rohit · ‎09-10-2019

Yes I did and it did remove cef entry for host route but I am unable to get my head around it.

Redistribute connected was for vrf A where as host route entry was for loopback 0 which was not in vrf A. I am assuming , when redistribution was in place , lo1 was advertised as vpnv4 route to R2 with its lo0 as source. Now as lo0 is in global table, it got redistributed.

verma-rohit · ‎09-11-2019

Harold Ritter · ‎09-10-2019

It is recommended not to summarize the loopback address used as the destination for the L3VPN service.

In your case, the /32 is automatically generated in the CEF table for the next hop of the VPNv4 prefixes, hence you only see it if the redistributed connected is configured. This /32 only exist in the CEF table, not in the RIB.

Regards,

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

verma-rohit · ‎09-10-2019

verma-rohit · ‎09-11-2019

To Add it further:

(PE)R1--------R2(PE)

1. R1 lo0 is 1.1.1.1 and it is summarized as 1.1.0.0/16. R1 will assign label to both routes and advertise it to R2.
2. R2 RIB will have 1.1.0.0/16 and NO 1.1.1.1/32. ldp binding received is for 1.1.0.0/16 and 1.1.1.1/32.Now R2 CEF has a route for 1.1.1.1/32 because it the update source on R1 was lo0 but mpls forwarding table has no entry for 1.1.1.1/32 with a local assigned label.

On R2, doesn't mpls forwarding table should have a route with a label for 1.1.1.1/32. The exact route is CEF. There is broken LSP as mpls ping results in all Q but I am unable to get my head around it.

Harold Ritter · ‎09-12-2019

This should work, as 1.1.1.1/32 will be recursively resolved via 1.1.0.0/16 and will use its label. I just tried it and it works as expected.

R2#sh ip cef 1.1.1.1 det
1.1.1.1/32, epoch 0
1 RR source [active source]
Dependent covered prefix type rr, cover 1.1.0.0/16
recursive via 1.1.0.0/16
nexthop 192.168.24.2 GigabitEthernet0/1 label 16-(local:17)
R2#

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

verma-rohit · ‎09-12-2019

Hi Harold,

Yes it indeed worked. However, when i issue mpls ping from R1 ( PE ) to R2(PE) it fails. I get response as request not sent ( QQQ). Now there is end to end label , not for 1.1.1.1/32 but for 1.1.0.0/16.

Any reason why LSP is broken ?

Harold Ritter · ‎09-12-2019

If R1 is the one summarizing, the ping not working should be in the other direction (R2 to R1). It should work from R2 to R1, if you use "ping mpls ipv4 1.1.0.0/16". No reason for it not to work from R1 to R2 though.

Regards

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

verma-rohit · ‎09-12-2019

Thanks Harold fr the reply. Please bear with me for some more time. I have injected 11.11.11.11/32 on R1. Output below is on R2

R2#show ip route vrf A 11.11.11.11

Routing Table: A
Routing entry for 11.11.11.0/24
Known via "bgp 100", distance 200, metric 0, type internal
Last update from 1.1.1.1 00:07:25 ago
Routing Descriptor Blocks:
* 1.1.1.1 (default), from 1.1.1.1, 00:07:25 ago
Route metric is 0, traffic share count is 1
AS Hops 0
MPLS label: 17
MPLS Flags: MPLS Required

Here next HOP is 1.1.1.1. So i looked into mpls forwarding table for 1.1.1.1
R2#
R2#show mpls for
R2#show mpls forwarding-table 1.1.1.1
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
None No Label 1.1.1.1/32 0 Et0/0 192.168.1.1

There is no label for 1.1.1.1 in LFIB. I agree it is borrowing label from 1.1.0.0/16

R2#show ip cef 1.1.1.1 detail
1.1.1.1/32, epoch 0
1 RR source [active source]
Dependent covered prefix type rr, cover 1.1.0.0/16
recursive via 1.1.0.0/16
nexthop 192.168.1.1 Ethernet0/0

I understand now that label swap from R2 to R1 for R1 lo0 is for network 1.1.0.0/16 but what is bothering me that next hop is 1.1.1.1 and mpls forwarding table for the said next hop ( 1.1.1.1) shows no label.

What am i missing ?