Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1626
Views
0
Helpful
2
Replies

L3VPN MPLS with RSVP-TE and VLAN

rodolfo.alvizu
Level 1
Level 1

‎09-19-2017 05:38 AM - edited ‎03-05-2019 09:09 AM

Hi all,

We are having problems to configure a L3VPN in VIRL with an MPLS CORE NETWORK that uses RSVP-TE as label exchange protocol and IS-IS as IGP protocol. The idea is to distinguish different type of traffic from the CEs to route them on specific MPLS tunnels. The topology is depicted in the following Figure.

 topologytopology

-CE1 (ioS): belongs to autonomous system 2 (AS-2), it is attached to PE1 with a VLAN/802.1q connection and they use an eBGP session for IPv4 prefix advertisement.

-CE2 (ioS): belongs to AS-3, it is attached to PE2 with a VLAN/802.1q connection and an eBGP session for IPv4 prefix advertisement.

-PE1 and PE2 (XRv): belong to AS-1, they are connected through MPLS-TE tunnel and they use an MP-iBGP session for VPNV4 prefix advertisement.

-P1 and P2 (ioS): belong to AS-1, they are part of the MPLS core network.

-CE1 and CE2 belongs to the same VPN associated to VRF-A on the PEs. VRF-A is placed on a logical subinterface that connects CE1--PE1 and it uses the ip address of physical interface. The same method is used for the connection between CE2--PE2.

-CE1 is reachable from PE1 through VRF-A using physical interface ip address of CE-1 (same from PE2 to CE2).

-PE2 is reachable from PE1 through tunnel-te11 (dynamic config by RSVP-TE) and viceversa using the loopback interface.

-Problem: CE2 cannot reach CE1 and viceversa. We believe that there is an error or something missing in the configuration. Attached please find the configuration of all the routers hoping that someone can help us.

We have some doubts about the configuration:

  •   We use as update-source of eBGP session the logical subinterface on which the VRF-A stays. Is it possible to obtain the association between VRF and an MPLS tunnel that is created using loopback interface?
  •   Is it correct to configure the CE to redistribute the network between CE and PE through eBGP session?
  •   If the connection between CE--PE is done through a VLAN_ID, what are the IPv4 prefixes that PE can advertise in eBGP session? (redistributed connected?)
  •   It is possible to use a CE loopback interface to simulate a network behind the CE and propagate this prefix through eBGP?



 

Thanks in advance,

Best regards

Serena and Rodolfo

 

Labels:
Preview file
13 KB
Preview file
19 KB
Preview file
13 KB
0 Helpful
2 Replies 2

Harold Ritter
Spotlight
Spotlight

‎09-19-2017 09:21 AM

- We use as update-source of eBGP session the logical subinterface on which the VRF-A stays. Is it possible to obtain the association between VRF and an MPLS tunnel that is created using loopback interface?

 

HR> It is normally recommended to use the following configuration to change the next-hop for a specific VRF.

 

vrf definition test
 rd 109:1
 route-target export 109:1
 route-target import 109:1
 !
 address-family ipv4
  bgp next-hop Loopback99 (loopback address that correspond to a specific tunnel interface)
 exit-address-family
 !  

 

Is it correct to configure the CE to redistribute the network between CE and PE through eBGP session?

 

HR> Yes, it is correct. It is what most people do.

 

- If the connection between CE--PE is done through a VLAN_ID, what are the IPv4 prefixes that PE can advertise in eBGP session? (redistributed connected?)

 

HR> All networks reachable via the specific CE.

 

- It is possible to use a CE loopback interface to simulate a network behind the CE and propagate this prefix through eBGP?

 

HR> Yes, using a loopback interface IP address is commonly done to simulate.

 

 

Regards,
Harold Ritter, CCIE #4168 (EI, SP)
0 Helpful

rodolfo.alvizu
Level 1
Level 1
In response to Harold Ritter

‎09-20-2017 09:14 AM

Thanks a lot for your fast reply. We are using XRv as the PE router, therefore the command from ios that you suggested “bgp nexthop” is not available. We find out that in XRv the “bgp nexthop” can be done with the definition of a route-policy using a pseudo-code:

 

route-policy NH

set next-hop LoopbackAddress

end-policy

 

Then, this route-policy needs to be applied to the eBGP neighbor inside the VRF

 

 vrf VRF-A
   rd 1:1001
   label mode per-ce
   address-family ipv4 unicast
   !
 neighbor 10.0.0.1

 remote-as 2

 update-source GigabitEthernet0/0/0/0.101

 address-family ipv4 unicast

 send-community-ebgp

 route-policy NH in

 as-override

 

However, this new configuration creates new questions:

 

  1. We are not sure if we have to use “update-source loopback 0” and then modify the nexthop (using the route policy), or if it is possible to use the subinterface associated with the VRF (as shown above)?
  2. What is the difference between importing the route-policy: i) at the VRF-A definition (as shown below), and ii) at the eBGP neighbor under VRF-A (as shown above).

 

vrf VRF-A

address-family ipv4 unicast

import route-policy NH

import route-target

1:101

export route-policy NH

export route-target

1:101

 

3. When we try to apply the route-policy to the VRF definition there is the following error:

 

vrf VRF-A

address-family ipv4 unicast

import route-policy NH

!!% Could not find entry in list: Policy [NH] uses 'assign-ip next-hop'. 'set' is not a valid operator for the 'next-hop' attribute at the bgp export attach point.

export route-policy NH

!!% The process 'policy_repository' rejected the operation but returned no error

!

!

!

route-policy NH

set next-hop 192.168.1.1

end-policy

!

!!% The process 'policy_repository' rejected the operation but returned no error

end

 

So what is the right way to apply the route-policy ?

Is there any XRv reference for route-policy?

0 Helpful
Customers Also Viewed These Support Documents