Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
816
Views
5
Helpful
2
Replies

Route Engineering for VRF on MPLS

Douglas Oman
Level 1
Level 1

‎08-12-2021 09:11 AM

I have done some digging on this, but nothing I've found seems to match-up enough with my situation. Here is what I have:

 

I am a Small ISP with an MPLS network with geo dispersed PE routers that have customers hanging off them on an internet VRF - Lets call this VRF 1. I also have two internet peers (Same Carrier) in two different locations with full internet routes where I am advertising all of my public addresses on both. From my internet routers I am inserting a default route into VRF 1 at both locations. I now want to try to influence traffic to try and keep user traffic from traversing across certain links unless of an outage. I have already figured out and tested the inbound from my carrier to push traffic for specific subnets into one of the routers based on the attached diagram, but I am not sure how to proceed with outbound.

 

In the diagram you can see that I separated the network into two segments (lack of a better word) and I would like the outbound internet traffic to flow out of the internet router in that segment unless there is a failure which in that case would flow out of the other segment's router.

 

I hope this makes sense and someone has some ideas for this. If you have any further questions or need further clarification please let me know.

Preview file
129 KB
2 Replies 2

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎08-13-2021 12:46 AM

Hello @Douglas Oman ,

as in internal MP BGP the BGP next-hop is preserved you can use a route-map to increase the local-preference based on the BGP next-hop = loopback address of the Internet router.

You should be able to apply the route-map either in the AF VPNv4 or as in import-map in each VRF in each PE

 

ip prefix-list DEFAULT permit 0.0.0.0/0

access-list 11 remark internet next-hop

access-list 11 permit host 10.0.0.1

 

route-map RISE-PREFERENCE permit 10

match address prefix DEFAULT

match ip next-hop 11

set preference 200

route-map RISE-PREFERENCE permit 20

 

! the empty block is needed to allow all other routes with no changes in attributes otherwise they would be denied by implicit deny any

 

vrf definition 1

import-map RISE-PREFERENCE

 

on segment 2 all you need to change is the ACL that matches the next-hop

in case of fault the other default route is installed.

 

Hope to help

Giuseppe

 

0 Helpful

Douglas Oman
Level 1
Level 1
In response to Giuseppe Larosa

‎08-13-2021 07:50 AM

@Giuseppe Larosa 

 

Thanks for the reply. So if I understand this correctly - Using either a route-map or import-map is done at every PE Correct?

 

Also, is there anything I can do on the route reflector side to accomplish the same thing? It would be nice to reduce the number of routers I need to put config in this kind of configuration in. As it sits right now the two PE's that are connected to the internet routers are RR and both have ibgp sessions with each other. Each of the other PE's in the network are RR Clients to both RR. The drawing I had attached was a simplified version, but there are more routers out there. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card