Hi,

christoph.hofmann · ‎04-19-2017

Hi,

i need some help by configuring MP-BGP on Cisco ASR 903 Routers.

I have two Routers #Homer an #Bart they are linked via IS-IS on the transit-network. Each router has Access to the same VRF on differnet Subnetworks in different virtual Subinterfaces (on a ASR Router called Bridge-Domain).

The is-is works fine, the MP-BGP Informations a there but i can not ping from vrf test (10.10.0.0/24) on #Homer to vrf test (10.20.0.0/24) on #Bart.

BGP looks like good?!

############################

Homer#sh ip bgp vpnv4 all
BGP table version is 9, local router ID is 10.0.0.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 65000:10 (default for vrf test)
*> 10.10.0.0/24     0.0.0.0                  0         32768 ?
*>i 10.20.0.0/24     10.0.0.2                 0    100      0 ?

##################################################################

Bart#show ip bgp vpnv4 all
BGP table version is 14, local router ID is 10.0.0.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 65000:10 (default for vrf test)
*>i 10.10.0.0/24     10.0.0.1                 0    100      0 ?
*> 10.20.0.0/24     0.0.0.0                  0         32768 ?

config #Homer

------------------------------------------

hostname Homer
!
boot-start-marker
boot system bootflash:Image/packages.conf
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
enable password telent
!
no aaa new-model
facility-alarm critical exceed-action shutdown
!
ip vrf test
rd 65000:10
route-target export 65000:10
route-target import 65000:10
!
ip host Bart 10.0.0.2

ip domain name babsa.de
!
!
!
!
!
!
!
!
!
!
mpls label protocol ldp
multilink bundle-name authenticated
!
!
license udi pid ASR-903 sn XXXXXXXXXXXXXXXXXXXX
license boot level metroaggrservices
!
sdm prefer default
!
!
redundancy
mode sso
!
!
!
!
controller wanphy 0/0/0
!
controller wanphy 0/1/0
!
controller wanphy 0/3/0
!
!
transceiver type all
monitoring
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description "*MGMT*"
ip address 10.0.0.1 255.255.255.255
!
interface TenGigabitEthernet0/0/0
no ip address
!
interface TenGigabitEthernet0/1/0
no ip address
!
interface GigabitEthernet0/2/0
no ip address
negotiation auto
!
interface GigabitEthernet0/2/1
no ip address
negotiation auto
!
interface GigabitEthernet0/2/2
no ip address
negotiation auto
!
interface GigabitEthernet0/2/3
no ip address
negotiation auto
!
interface GigabitEthernet0/2/4
no ip address
negotiation auto
!
interface GigabitEthernet0/2/5
no ip address
negotiation auto
!
interface GigabitEthernet0/2/6
no ip address
negotiation auto
!
interface GigabitEthernet0/2/7
no ip address
negotiation auto
!
interface TenGigabitEthernet0/3/0
no ip address
!
interface GigabitEthernet0/4/0
description "testnetz1"
ip address 192.168.1.1 255.255.255.0
ip router isis
negotiation auto
isis circuit-type level-2-only
!
interface GigabitEthernet0/4/1
description "Transitnetz"
ip address 10.0.1.1 255.255.255.252
ip router isis
negotiation auto
isis circuit-type level-2-only
!
interface GigabitEthernet0/4/2
description "Transitnetz2"
ip address 10.0.2.1 255.255.255.252
ip router isis
negotiation auto
isis circuit-type level-2-only
!
interface GigabitEthernet0/4/3
no ip address
negotiation auto
service instance 11 ethernet
encapsulation dot1q 11
rewrite ingress tag pop 1 symmetric
bridge-domain 11
!
!
interface GigabitEthernet0/4/4
no ip address
negotiation auto
service instance trunk 11 ethernet
encapsulation dot1q 11-12
rewrite ingress tag pop 1 symmetric
bridge-domain from-encapsulation
!
!
interface GigabitEthernet0/4/5
no ip address
negotiation auto
!
interface GigabitEthernet0/4/6
no ip address
negotiation auto
!
interface GigabitEthernet0/4/7
no ip address
negotiation auto
!
interface GigabitEthernet0
description "*** MGMT Vlan 3***"
vrf forwarding Mgmt-intf
ip address 10.3.255.233 255.255.255.0
negotiation auto
!
interface BDI11
ip vrf forwarding test
ip address 10.10.0.1 255.255.255.0
!
router isis
net 49.0001.0100.0000.0001.00
is-type level-2-only
passive-interface Loopback0
!
router bgp 65000
bgp router-id 10.0.0.1
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.0.0.2 remote-as 65000
neighbor 10.0.0.2 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 10.0.0.2 activate
neighbor 10.0.0.2 send-community both
exit-address-family
!
address-family ipv4 vrf test
redistribute connected
redistribute static
default-information originate
exit-address-family
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0
!
!
mpls ldp router-id Loopback0
!
!

config #Bart

------------------------------------------

hostname Bart
!
boot-start-marker
boot system bootflash:Image/packages.conf
boot-end-marker
!
!
vrf definition Mgmt-intf
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
no logging console
enable password telent
!
no aaa new-model
facility-alarm critical exceed-action shutdown
!
ip vrf test
rd 65000:10
route-target export 65000:10
route-target import 65000:10
!
ip host Homer 10.0.0.1

ip domain name babsa.de
!
!
!
!
!
!
!
!
!
!
mpls label protocol ldp
multilink bundle-name authenticated
!
!
license udi pid ASR-903 sn xxxxxxxxxxxxxxxxxxxx
license boot level metroaggrservices
!
sdm prefer default
!
!
redundancy
mode sso
!
!
!
!
controller wanphy 0/0/0
!
controller wanphy 0/1/0
!
controller wanphy 0/3/0
!
!
transceiver type all
monitoring
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
description "*MGMT*"
ip address 10.0.0.2 255.255.255.255
!
interface TenGigabitEthernet0/0/0
no ip address
!
interface TenGigabitEthernet0/1/0
no ip address
!
interface GigabitEthernet0/2/0
no ip address
negotiation auto
!
interface GigabitEthernet0/2/1
no ip address
negotiation auto
!
interface GigabitEthernet0/2/2
no ip address
negotiation auto
!
interface GigabitEthernet0/2/3
no ip address
negotiation auto
!
interface GigabitEthernet0/2/4
no ip address
negotiation auto
!
interface GigabitEthernet0/2/5
no ip address
negotiation auto
!
interface GigabitEthernet0/2/6
no ip address
negotiation auto
!
interface GigabitEthernet0/2/7
no ip address
negotiation auto
!
interface TenGigabitEthernet0/3/0
no ip address
!
interface GigabitEthernet0/4/0
description "testnetz2"
ip address 192.168.2.1 255.255.255.0
ip router isis
negotiation auto
isis circuit-type level-2-only
!
interface GigabitEthernet0/4/1
description "Transitnetz"
ip address 10.0.1.2 255.255.255.252
ip router isis
negotiation auto
isis circuit-type level-2-only
!
interface GigabitEthernet0/4/2
ip address 10.0.3.1 255.255.255.252
ip router isis
negotiation auto
isis circuit-type level-2-only
!
interface GigabitEthernet0/4/3
no ip address
negotiation auto
service instance 12 ethernet
encapsulation dot1q 12
rewrite ingress tag pop 1 symmetric
bridge-domain 12
!
!
interface GigabitEthernet0/4/4
no ip address
negotiation auto
service instance trunk 12 ethernet
encapsulation dot1q 11-12
rewrite ingress tag pop 1 symmetric
bridge-domain from-encapsulation
!
!
interface GigabitEthernet0/4/5
no ip address
negotiation auto
!
interface GigabitEthernet0/4/6
no ip address
negotiation auto
!
interface GigabitEthernet0/4/7
no ip address
negotiation auto
!
interface GigabitEthernet0
description "*MGMT*"
vrf forwarding Mgmt-intf
ip address 10.3.255.234 255.255.255.0
negotiation auto
!
interface BDI11
no ip address
!
interface BDI12
ip vrf forwarding test
ip address 10.20.0.1 255.255.255.0
!
router isis
net 49.0001.0100.0000.0002.00
is-type level-2-only
passive-interface Loopback0
!
router bgp 65000
bgp router-id 10.0.0.2
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 10.0.0.1 remote-as 65000
neighbor 10.0.0.1 update-source Loopback0
!
address-family ipv4
exit-address-family
!
address-family vpnv4
neighbor 10.0.0.1 activate
neighbor 10.0.0.1 send-community both
exit-address-family
!
address-family ipv4 vrf test
redistribute connected
redistribute static
default-information originate
exit-address-family
!
ip forward-protocol nd
!
ip bgp-community new-format
no ip http server
no ip http secure-server
ip tftp source-interface GigabitEthernet0
!
!
mpls ldp router-id Loopback0
!
!

many thanks!

Julio E. Moisa · ‎04-19-2017

Hi

Have your assigned the interface to the VRF test? BGP vpn will work over MPLS, is the LDP enabled?

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

christoph.hofmann · ‎04-19-2017

Hi,

thanks for the fast feedback! i assigned the interface bdi to the right vrf, furthermore MPLS label protocol ldp was enabeld correctly.

i forget "mpls ip" on the transit-interfaces.

It works fine, now.

many thanks!

MP-BGP Testsetup on CISCO ASR 903