Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1068
Views
0
Helpful
9
Replies

MP-BGP on a middle PE

Mohammad Nasim
Level 1
Level 1

‎06-01-2020 11:42 AM

Hello everybody,

I have the following topology. Network A needs to talk to Network B.

CAC Community.png

I created Customer VRF on the middle PE (PE-X) and I successfully saw the routes from both sides, however Network A still cannot ping network B. also, traceroute shows astrisks.

I got a solution by enabling address-family vrf CustomerX under MP-BGP.

Can anybody explain why this solved the problem?

 

Labels:
0 Helpful
9 Replies 9

Harold Ritter
Cisco Employee
Cisco Employee

‎06-01-2020 12:40 PM - edited ‎06-01-2020 12:47 PM

 Are network A and network B the only two networks you advertise? If so, make sure use them as the source when you ping the other side (ie. ping <network B> source <network A> and vice versa.

 

I got a solution by enabling address-family vrf CustomerX under MP-BGP.

 

You mean enabling it on PE-X?

 

By the way, did you configure as a route-reflector for address-family vpnv4? 

 

Regards,

 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Mohammad Nasim
Level 1
Level 1
In response to Harold Ritter

‎06-01-2020 12:48 PM - edited ‎06-01-2020 12:49 PM

Thank you Harold.

Yes, I am sure of the ping's source.

and Yes, I mean enabling "address-family ipv4 vrf Customer" on PE-X.

By the way, it is not a router.

PE-1 is an ASR

PE-2 and PE-X is a nexus N7K.

 

So, the correct syntax is:

router bgp 65000
 vrf Customer
  address-family ipv4 unicast
!
0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to Mohammad Nasim

‎06-01-2020 01:28 PM - edited ‎06-01-2020 01:30 PM

Hi Mohammad,

 

You do not need to enable "address-family ipv4 vrf Customer" on PE-X, unless there are actually local customers belonging to that VRF.

 

On the other hand, Do you have a direct VPNv4 session between PE1 and PE2 or do PE1 and PE2 only have a BGP session to PE-X? If so, PE-X needs to reflect VPNv4 routes from PE1 to PE2 and vice versa, in which case it needs to be configured as a route reflector for that address family. 

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Mohammad Nasim
Level 1
Level 1
In response to Harold Ritter

‎06-01-2020 01:53 PM

@Harold Ritter wrote:

You do not need to enable "address-family ipv4 vrf Customer" on PE-X, unless there are actually local customers belonging to that VRF.

Yes, and that is why I am asking for explanation.

 

On the other hand, Do you have a direct VPNv4 session between PE1 and PE2 or do PE1 and PE2 only have a BGP session to PE-X? If so, PE-X needs to reflect VPNv4 routes from PE1 to PE2 and vice versa, in which case it needs to be configured as a route reflector for that address family. 

 Yes, there is a full mesh BGP session for both IPv4 and VPNv4.

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to Harold Ritter

‎06-01-2020 02:19 PM

Can you confirm that LDP sessions are up between PE1 and PE-X and between PE2 and PE-X?

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Mohammad Nasim
Level 1
Level 1
In response to Harold Ritter

‎06-01-2020 02:31 PM

LDP sessions between PE-1 and PE-x AND PE-2 and PE-x are up for weeks.

 

Actually, this is not the first abnormal behavior between Nexus and ASR.

I have very strange cases. For example, BGP will never install routes in the routing table unless the bgp neighbor is learned via EIGRP. However, routes are there in BGP table. Static routing and OSPF makes BGP stuck and reject all routes. This is a very strange behavior.

ASR itself, has many GP session with other routers. It is stable.

Nexus itself, has another BGP session with another Nexus and BGP neighbor is learned via OSPF. No problem at all.

Only Nexus and ASR shows misbehavior.

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to Mohammad Nasim

‎06-01-2020 05:31 PM

Could you please post the configuration for PE1, PE-X and PE2.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Mohammad Nasim
Level 1
Level 1
In response to Harold Ritter

‎06-02-2020 04:06 AM

Actually, it is a classified information that i cannot expose without customer permission. However, I will establish a lab with c7200 routers to simulate the case and post the configuration.

I am sure, c7200 will work correctly, as the problem is between nexus and ASR.

The purpose of the lab is to show you how devices are configured, but not to replicate the behavior.

Give me some time, and I will reply back to this thread.

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to Mohammad Nasim

‎06-02-2020 06:34 AM - edited ‎06-02-2020 09:13 AM

In the meantime, it would be useful to do a "show ip cef vrf <vrf-name> <network a> det" from PE1 and vice versa on PE2 in the customer network to verify that the label stack is fine.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card