01-20-2024 07:24 AM
Hi Folks...!!!
Again need your support for one query.
Attache diagram having one link with 3 VLAN(encaptulation dot1Q) configured at both end.
eBGP neighbor are configured with respective vrf(RED, BLUE and GREEN)........vrf-lite configured.
Question is- We are announcing all locally connected subnet in respective vrf address family in BGP and also doing cyclical route leaking on both routers.
Will it work or any issue will it create.
************************************************
vrf config on each node:-
R1#sh run | b vrf
ip vrf BLUE
rd 100:200
route-target export 100:200
route-target import 100:100
!
ip vrf GREEN
rd 100:300
!
ip vrf RED
rd 100:100
route-target export 100:100
route-target import 100:200
!
R2#sh run | b vrf
ip vrf BLUE
rd 100:200
route-target export 100:200
route-target import 100:100
!
ip vrf GREEN
rd 100:300
!
ip vrf RED
rd 100:100
route-target export 100:100
route-target import 100:200
****************************************
BGP Config on each node:-
R1#sh run | b bgp
router bgp 100
bgp router-id 192.168.100.1
bgp log-neighbor-changes
!
address-family ipv4 vrf BLUE
network 2.2.2.1 mask 255.255.255.255
network 192.168.120.0
neighbor 192.168.120.2 remote-as 200
neighbor 192.168.120.2 activate
exit-address-family
!
address-family ipv4 vrf GREEN
network 192.168.130.0
neighbor 192.168.130.2 remote-as 200
neighbor 192.168.130.2 activate
exit-address-family
!
address-family ipv4 vrf RED
network 1.1.1.1 mask 255.255.255.255
network 20.20.20.0 mask 255.255.255.0
network 192.168.100.0
neighbor 192.168.100.2 remote-as 200
neighbor 192.168.100.2 activate
exit-address-family
R2#sh run | b bgp
router bgp 200
bgp router-id 192.168.100.2
bgp log-neighbor-changes
!
address-family ipv4 vrf BLUE
network 2.2.2.2 mask 255.255.255.255
network 30.30.30.0 mask 255.255.255.0
network 192.168.120.0
neighbor 192.168.120.1 remote-as 100
neighbor 192.168.120.1 activate
exit-address-family
!
address-family ipv4 vrf GREEN
network 3.3.3.2 mask 255.255.255.255
network 192.168.130.0
neighbor 192.168.130.1 remote-as 100
neighbor 192.168.130.1 activate
exit-address-family
!
address-family ipv4 vrf RED
network 1.1.1.2 mask 255.255.255.255
network 192.168.100.0
neighbor 192.168.100.1 remote-as 100
neighbor 192.168.100.1 activate
exit-address-family
01-20-2024 08:14 AM
High level that should work - but we do not have any visibility 3 VLAN Layer 3 interface part of the VRF ?
3 VLAN(encapsulation dot1Q) - So you have sub-interface configured with VLAN interface on the Eth0/0.X ?
you need to post full configuration here :
show ip bgp vpnv4 vrf BLUE summary (check all BGP neighbor up)
Router 1 - you should see the routes
#show ip route VRF BLUE
Router 2 - you should see other side route
#show ip route vrf RED
Note : make sure your Fa0/1 respective VRF - Router 1 RED and Router 2 BLUE
01-20-2024 09:01 AM
Hi @balaji.bandi,
Config are attached......Able to ping from PC to PC as well where PC1 is in vrf RED and PC2 is in vrf BLUE.
Just want to know if we are doing this cyclical route leaking along with network announcement in BGP vrf address family......Any overlapping chance are there or how it will work....!!!
E.G. One subnet we are advertising in vrf RED let say on R1, loopback 1.1.1.1 and same we are doing import in vrf Blue......Now when it reaches to vrf BLUE on R2....then how it will check the next hop and how it got installed in routing table.....Because again here on R2, we are doing route-leaking.
On which mechanism is is working....!!!
01-20-2024 09:19 AM
Friend
1-you use LO as neighbor IP so you need to use update-interface loopback x
2-since you use LO as neighbor IP you need static route for each LO in both router
OR
3- instead of point 1,2 and 4 use sub interface IP as neighbor IP since it direct connect so you dont need static route and ebgp multihop
4-and also you need
neighbor xx ebgp mulithop
5-redistribute connect<<- this need if you use LO or subinterface
MHM
01-20-2024 09:23 AM
Please have a look on config...I need to make ebgp between p2p ip only...not with loopback.
Also please check post again...seems you not understand the concern.
01-20-2024 09:29 AM
OK,
I will focus in vrf RED
your BGP indeed use subinterface not LO
can I see
show ip route vrf RED in both router ?
show ip bgp in both router ?
MHM
01-20-2024 09:32 AM
01-20-2024 09:46 AM
Ok' 2.2.2.2 and 2.2.2.1
Must learn from bgp vrf BLUE but it learn from bgp vrf RED since you leak these LO between RED and BLUE so other peer receive two path one via bgp vrf RED abd other bgp vrf BLUE' and prefer bgp vrf RED.
So I think it suboptimal only.
MHM
01-20-2024 09:49 AM
Can you confirm if we can use this case in any network or not?
If yes....whether it work fine?
If no....why?
01-20-2024 12:00 PM
Can you confirm if we can use this case in any network or not? I never see this config before
If yes....whether it work fine? It work but sub optimal
If no....why? the BGP will full with extra path (via other VRF), so instead router have one path via one BGP VRF it learn same prefix via more than one BGP VRF, even so all BGP use same link (i.e. if the link between router down all BGP VRF will be down), this extra path need memory and CPU to scan next-hop.
MHM
01-20-2024 08:46 PM
Hi,
Suboptimal routing can occur when there are multiple points of redistribution between the same two routing domains.
Here we are having only two routers p2p connected along with eBGP neighbor under particular vrf.
I am doing import/export between these two routers. Why it shouldn't work proper.
01-21-2024 06:11 AM
Did you check my last reply
I mention it work and it suboptimal' suboptimal is not only in case of redistrubte (with multiple points and bidirectional) suboptimal here the LO learn from two vrf.
Why ? This also I explain' here you have one link if it down both bgp vrf will failed' adding extra path is not recommend.
You want to go with this solution it upto you.
MHM
01-21-2024 06:22 AM
https://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/12512-41.html#anc15
Cisco doc. About bgp and memory allocation.
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide