Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
883
Views
0
Helpful
12
Replies

vrf-lite route leaking along with BGP announcement

inderjeet452
Level 1
Level 1

‎01-20-2024 07:24 AM

Hi Folks...!!!

Again need your support for one query.

Attache diagram having one link with 3 VLAN(encaptulation dot1Q) configured at both end.

eBGP neighbor are configured with respective vrf(RED, BLUE and GREEN)........vrf-lite configured.

Question is- We are announcing all locally connected subnet in respective vrf address family in BGP and also doing cyclical route leaking on both routers.

Will it work or any issue will it create.

************************************************

vrf config on each node:-

R1#sh run | b vrf
ip vrf BLUE
rd 100:200
route-target export 100:200
route-target import 100:100
!
ip vrf GREEN
rd 100:300
!
ip vrf RED
rd 100:100
route-target export 100:100
route-target import 100:200
!

R2#sh run | b vrf
ip vrf BLUE
rd 100:200
route-target export 100:200
route-target import 100:100
!
ip vrf GREEN
rd 100:300
!
ip vrf RED
rd 100:100
route-target export 100:100
route-target import 100:200

****************************************

BGP Config on each node:-

R1#sh run | b bgp
router bgp 100
bgp router-id 192.168.100.1
bgp log-neighbor-changes
!
address-family ipv4 vrf BLUE
  network 2.2.2.1 mask 255.255.255.255
  network 192.168.120.0
  neighbor 192.168.120.2 remote-as 200
  neighbor 192.168.120.2 activate
exit-address-family
!
address-family ipv4 vrf GREEN
  network 192.168.130.0
  neighbor 192.168.130.2 remote-as 200
  neighbor 192.168.130.2 activate
exit-address-family
!
address-family ipv4 vrf RED
  network 1.1.1.1 mask 255.255.255.255
  network 20.20.20.0 mask 255.255.255.0
  network 192.168.100.0
  neighbor 192.168.100.2 remote-as 200
  neighbor 192.168.100.2 activate
exit-address-family

R2#sh run | b bgp
router bgp 200
bgp router-id 192.168.100.2
bgp log-neighbor-changes
!
address-family ipv4 vrf BLUE
  network 2.2.2.2 mask 255.255.255.255
  network 30.30.30.0 mask 255.255.255.0
  network 192.168.120.0
  neighbor 192.168.120.1 remote-as 100
  neighbor 192.168.120.1 activate
exit-address-family
!
address-family ipv4 vrf GREEN
  network 3.3.3.2 mask 255.255.255.255
  network 192.168.130.0
  neighbor 192.168.130.1 remote-as 100
  neighbor 192.168.130.1 activate
exit-address-family
!
address-family ipv4 vrf RED
  network 1.1.1.2 mask 255.255.255.255
  network 192.168.100.0
  neighbor 192.168.100.1 remote-as 100
  neighbor 192.168.100.1 activate
exit-address-family

 

Labels:
Preview file
20 KB
0 Helpful
12 Replies 12

balaji.bandi
Hall of Fame
Hall of Fame

‎01-20-2024 08:14 AM

High level that should work - but we do not have any visibility 3 VLAN Layer 3 interface part of the VRF ?

 3 VLAN(encapsulation dot1Q)  - So you have sub-interface configured with VLAN interface on the Eth0/0.X ?

you need to post full configuration  here :

show ip bgp vpnv4 vrf BLUE summary (check all BGP neighbor up)

Router 1  - you should see the routes

#show ip route VRF BLUE

Router 2 - you should see other side route

#show ip route vrf RED  

Note : make sure your  Fa0/1 respective VRF - Router 1 RED  and Router 2 BLUE

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

inderjeet452
Level 1
Level 1

‎01-20-2024 09:01 AM

Hi @balaji.bandi,

Config are attached......Able to ping from PC to PC as well where PC1 is in vrf RED and PC2 is in vrf BLUE.

Just want to know if we are doing this cyclical route leaking along with network announcement in BGP vrf address family......Any overlapping chance are there or how it will work....!!!

E.G. One subnet we are advertising in vrf RED let say on R1, loopback 1.1.1.1 and same we are doing import in vrf Blue......Now when it reaches to vrf BLUE on R2....then how it will check the next hop and how it got installed in routing table.....Because again here on R2, we are doing route-leaking.

On which mechanism is is working....!!!

Preview file
3 KB
Preview file
3 KB
0 Helpful

MHM Cisco World
VIP
VIP

‎01-20-2024 09:19 AM

Friend 
1-you use LO as neighbor IP so you need to use update-interface loopback x
2-since you use LO as neighbor IP you need static route for each LO in both router 
OR 
3- instead of point 1,2 and 4 use sub interface IP as neighbor IP since it direct connect so you dont need static route and ebgp multihop
4-and also you need
neighbor xx ebgp mulithop 
5-redistribute connect<<- this need if you use LO or subinterface 

MHM

0 Helpful

inderjeet452
Level 1
Level 1
In response to MHM Cisco World

‎01-20-2024 09:23 AM

Please have a look on config...I need to make ebgp between p2p ip only...not with loopback.

Also please check post again...seems you not understand the concern.

0 Helpful

MHM Cisco World
VIP
VIP
In response to inderjeet452

‎01-20-2024 09:29 AM

OK, 
I will focus in vrf RED
your BGP indeed use subinterface not LO 
can I see 
show ip route vrf RED in both router ?
show ip bgp in both router ?
MHM

0 Helpful

inderjeet452
Level 1
Level 1
In response to MHM Cisco World

‎01-20-2024 09:32 AM

Attached are the required output.

Preview file
29 KB
Preview file
28 KB
Preview file
42 KB
Preview file
43 KB
0 Helpful

MHM Cisco World
VIP
VIP
In response to inderjeet452

‎01-20-2024 09:46 AM

Ok' 2.2.2.2 and 2.2.2.1 

Must learn from bgp vrf BLUE but it learn from bgp vrf RED since you leak these LO between RED and BLUE so other peer receive two path one via bgp vrf RED abd other bgp vrf BLUE' and prefer bgp vrf RED.

So I think it suboptimal only.

MHM

0 Helpful

inderjeet452
Level 1
Level 1
In response to MHM Cisco World

‎01-20-2024 09:49 AM

Can you confirm if we can use this case in any network or not?

If yes....whether it work fine?

If no....why?

0 Helpful

MHM Cisco World
VIP
VIP
In response to inderjeet452

‎01-20-2024 12:00 PM

Can you confirm if we can use this case in any network or not? I never see this config before

If yes....whether it work fine? It work but sub optimal 

If no....why? the BGP will full with extra path (via other VRF), so instead router have one path via one BGP VRF it learn same prefix via more than one BGP VRF, even so all BGP use same link (i.e. if the link between router down all BGP VRF will be down), this extra path need memory and CPU to scan next-hop.

MHM

0 Helpful

inderjeet452
Level 1
Level 1
In response to MHM Cisco World

‎01-20-2024 08:46 PM

Hi,

Suboptimal routing can occur when there are multiple points of redistribution between the same two routing domains. 

Here we are having only two routers p2p connected along with eBGP neighbor under particular vrf.

I am doing import/export between these two routers. Why it shouldn't work proper.

0 Helpful

MHM Cisco World
VIP
VIP
In response to inderjeet452

‎01-21-2024 06:11 AM

Did you check my last reply 

I mention it work and it suboptimal' suboptimal is not only in case of redistrubte (with multiple points and bidirectional) suboptimal here the LO learn from two vrf.

Why ? This also I explain' here you have one link if it down both bgp vrf will failed' adding extra path is not recommend. 

You want to go with this solution it upto you.

MHM

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card