08-10-2020 06:24 AM
There is an MPLS VPN network of about 30 routers (Cisco and Mikrotik) in the attachment simplified network diagram. 2-a Route Reflector on Cisco 3845. OSPF, BGP, and MP BGP are deployed.
Two problems have recently emerged:
OSPF, LDP, BGP VPNv4 tables are all normal, pings are stable.
It helps to disable the LDP interface on Mikrotik (10.40.254.213) and enable it after the MP BGP session is established.
Tried changing OS, changing MSS. Not help.
It seems that the problems are related. Can someone help?
Solved! Go to Solution.
08-12-2020 11:55 PM
Changing the MTU in the network section (OSPF in the diagram) helped. There were MPLS MTU 1500, L3 MTU 1484. Became MPLS MTU 1530, L3 MTU 1500. Although the previous values work fine on other parts of the network.
Thanks everyone.
08-10-2020 08:24 AM
Hello @Mitii ,
are you using loopback interfaces as MP BGP endpoints ?
Because that is a requirement for a working MPLS L3 VPN service.
if you are using loopback interfaces as BGP router-ids OSPF RIDS and MPLS LDP RIDS (the same loopback on the same node for all three RIDs) is another best practice.
Each PE node should have two backbone facing interfaces with MPLS enabled on it.
Also avoid to have an MPLS enabled path with the same OSPF cost of a not enabled MPLS path Cisco routers are not able to discriminate and they attempt to load balance over them breaking L3 VPN connectivity.
>> it helps to disable the LDP interface on Mikrotik (10.40.254.213) and enable it after the MP BGP session is established.
it is strange what you see in your tests.
Hope to help
Giuseppe
08-10-2020 11:16 PM
Thank you for your quick response.
Yes, i use loopback for OSPF, LDP, MP BGP.
Also, LDP is enabled on all interfaces that are in Global OSPF.
Very strange. And what to do is unclear.
08-10-2020 10:55 AM - edited 08-10-2020 10:57 AM
Hello
Just to confirm you have a ibgp peering between the RR's with client to client reflection disabled for the RRC's, And the RRC's are NOT meshed to each other correct?
08-10-2020 11:29 PM
Thank you for your quick response.
Yes, configuration from RR-1 (10.40.254.240):
router bgp 65040
bgp cluster-id 1
neighbor 10.40.254.213 remote-as 65040 (This Is RR Client)
neighbor 10.40.254.213 password xxx
neighbor 10.40.254.213 update-source Loopback40
neighbor 10.40.254.239 remote-as 65040 (This Is RR-2)
neighbor 10.40.254.239 password xxx
neighbor 10.40.254.239 update-source Loopback40
address-family vpnv4
neighbor 10.40.254.213 activate
neighbor 10.40.254.213 route-reflector-client
neighbor 10.40.254.239 activate
On RR-2 same configuration.
RRC's have iBGP connectivity only with RR-1 and RR-2.
08-11-2020 12:00 AM
Hello,
do you have the full configs of the devices in your simplified diagram ? So we can lab this ?
08-11-2020 12:16 AM
Thank you.
Sure. Can try.
But we must remember that there is no such problem with other routers.
08-12-2020 11:55 PM
Changing the MTU in the network section (OSPF in the diagram) helped. There were MPLS MTU 1500, L3 MTU 1484. Became MPLS MTU 1530, L3 MTU 1500. Although the previous values work fine on other parts of the network.
Thanks everyone.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide