Hi all,

I need some help, my head will explode

I am moving out from asr920 to ncs540 (v24.3.2)

On asr920 we had bunch of bdi interfaces facing customers subnets, firewalls etc. Together with it there were bunch of static routes exiting bdi interfaces. Redistributing static/connected were no issue. Full reachability was there.

Even core devices had mpls/ldap neighbourship over bdi interfaces.

I w decided to mimic that configuration to ncs540 and that's where things went sideways. Not sure if I can list it all :

- BVI for ospf/ldp - some strange mtu issues at first, as ip mtu on BVI was not accepted but fixed with mtu ---These I can move away and use physical interfaces.

- Static default routes exiting trough customer bvi interface were redistributed over the network by mbgp and seen in routing tables on far end devices but they didn't work. To be precise ingress to ncs540 worked, I could see traffic on firewall tcpdump leaving to internet and going back to ncs540 but then there it was black-holed.

I know that its somehow bvi related but i don't know how can i move away from it...

Some config and outputs :

interface BVI1001580
description SAP INTERNET ACCESS FIREWALL TRANSIT SUBNET
vrf SAP
ipv4 mtu 2012
ipv4 address 10.179.87.77 255.255.255.248
!
router static vrf SAP address-family ipv4 unicast 0.0.0.0/0 BVI1001580 10.179.87.73 description DEFAULT-ROUTE
!
router bgp 65000
vrf SAP
default-information originate
address-family ipv4 unicast
redistribute connected route-policy SET-BGP-ORIG-BACKUP
redistribute static route-policy DEFAULT-ROUTE-BGP-ORIG-BACKUP
!
!
route-policy SET-BGP-ORIG-BACKUP
set local-preference 500
pass
end-policy
!
route-policy DEFAULT-ROUTE-BGP-ORIG-BACKUP
if destination in DEFAULT-ROUTE-ONLY then
set local-preference 500
pass
else
drop
endif
end-policy
!
prefix-set DEFAULT-ROUTE-ONLY
# ONLY ALLOW DEFAULT ROUTE
0.0.0.0/0
end-set

=================================================

RP/0/RP0/CPU0:ncs02#SHOW MPLs FORwarding VRF SAP
Mon Apr 14 10:55:46.445 CEST
Local Outgoing Prefix Outgoing Next Hop Bytes
Label Label or ID Interface Switched
------ ----------- ------------------ ------------ --------------- ------------
24264 Aggregate SAP: Per-VRF Aggr[V] \
SAP 0
24265 Unlabelled 0.0.0.0/0[V] BV1001580 10.179.87.73 0
RP/0/RP0/CPU0:ncs02#
!

RP/0/RP0/CPU0:ncs02#Show bgp vpnv4 unicast vrf SAP
Mon Apr 14 10:58:58.131 CEST
BGP router identifier 192.168.199.199, local AS number 65000
BGP generic scan interval 60 secs
Non-stop routing is enabled
BGP table state: Active
Table ID: 0x0
BGP table nexthop route policy:
BGP main routing table version 3297
BGP NSR Initial initsync version 219 (Reached)
BGP NSR/ISSU Sync-Group versions 0/0
BGP scan interval 60 secs

Status codes: s suppressed, d damped, h history, * valid, > best
i - internal, r RIB-failure, S stale, N Nexthop-discard
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 65000:10039 (default for vrf SAP)
Route Distinguisher Version: 3003
*> 0.0.0.0/0 10.179.87.73 0 500 32768 ?
*> 10.179.87.72/29 0.0.0.0 0 500 32768 ?

Processed 2 prefixes, 2 paths

On a asr920 what is see as difference this connected interface is in mpls forwarding table :

asr920#SHOW MPLs FORwarding VRF SAP
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
308 No Label 10.179.87.72/29[V] \
0 aggregate/SAP
339 No Label 0.0.0.0/0[V] 98468 BD2080 10.179.87.73

Any help will be highly appreciated.