Solved: Trouble with advertise a route BGP from VRF on Cisco IOS 7600

saul.reyes · ‎05-20-2013

Hi

the diagram especifie the actually operating network

we try to advertise the network 172.16.161.6 to Nortel devices and Cisco devices on cisco AS 2005 and 64912, if we are staying look the routing table on cisco 7600 the network 172.16.161.6 is know it

Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/28 ms

cisco 7600#trace

cisco 7600#traceroute vrf data 172.16.161.6

Type escape sequence to abort.

Tracing the route to 172.16.161.6

1 189.1.11.5 [MPLS: Labels 581/730 Exp 0] 24 msec 24 msec 24 msec

2 172.16.12.73 [MPLS: Label 730 Exp 0] 36 msec 28 msec 36 msec

3 172.16.12.74 20 msec 20 msec 24 msec

4 172.16.14.10 64 msec 20 msec 20 msec

5 172.16.19.9 20 msec 24 msec 20 msec

6 172.16.161.6 24 msec 20 msec 24 msec

PE_CAR_1#ping vrf data 172.16.161.6

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.161.6, timeout is 2 seconds:

!!!!!

but the devices Nortel on AS 64912 on routing tables don´t know the networ 172.16.161.6

the difference on cisco 7600 that know both AS 64912 and 2005 is this one:

configuration on Cisco Router 7600

router bgp 2006

bgp router-id 172.16.110.97

bgp log-neighbor-changes

bgp graceful-restart restart-time 120

bgp graceful-restart stalepath-time 360

bgp graceful-restart

neighbor 172.16.10.41 remote-as 64912

neighbor 172.16.10.41 description PP-A6

neighbor 172.16.11.233 remote-as 64912

neighbor 172.16.11.233 description PP-2TE2

neighbor 172.16.12.73 remote-as 2005

neighbor 172.16.12.73 description PE_MEX_1

neighbor 172.16.12.73 fall-over bfd

neighbor 172.16.13.9 remote-as 2005

neighbor 172.16.13.9 description PE_MEX_3

neighbor 172.16.13.9 fall-over bfd

neighbor 172.16.13.77 remote-as 2005

neighbor 172.16.14.6 remote-as 64512

neighbor 172.16.14.10 remote-as 64512

neighbor 172.16.16.26 remote-as 64982

neighbor 172.16.16.26 description INTERNET-2

neighbor 172.16.16.30 remote-as 64982

neighbor 172.16.16.30 description INTERNET-1

!

address-family ipv4

neighbor 172.16.10.41 activate (conexion to Nortel Devices)

neighbor 172.16.10.41 route-map AS-PATH-MAN in

neighbor 172.16.10.41 route-map REDES-WAN->MAN out

neighbor 172.16.11.233 activate (conexion to Nortel Devices)

neighbor 172.16.11.233 route-map AS-PATH-MAN in

neighbor 172.16.11.233 route-map REDES-WAN->MAN out

neighbor 172.16.12.73 activate

neighbor 172.16.12.73 route-map REDES-WAN-PE_MEX_1 in

neighbor 172.16.12.73 route-map DEFAULT-ROUTE out

neighbor 172.16.13.9 activate (conexion to Cisco 7600 Devices)

neighbor 172.16.13.9 route-map REDES-WAN-PE_MEX_3 in

neighbor 172.16.13.9 route-map DEFAULT-ROUTE out

neighbor 172.16.13.77 activate

neighbor 172.16.13.77 route-map DEFAULT-ROUTE out

neighbor 172.16.14.6 activate (conexion to ASR 9000)

neighbor 172.16.14.6 route-map default out

neighbor 172.16.14.10 activate (conexion to ASR 9000)

neighbor 172.16.14.10 route-map default out

the difference that look it from routes to know Nortel devices an Cisco Devices is the sollow on Cisco 7600

Cisco 7600#sho ip bgp 150.151.1.250

BGP routing table entry for 150.151.0.0/16, version 5612717

Paths: (2 available, best #1, table default)

Multipath: eBGP

Advertised to update-groups:

2 4

2005

172.16.13.9 from 172.16.13.9 (150.220.250.5)

Origin IGP, localpref 300, valid, external, best

Community: 100:22

Extended Community: RT:100:22

2005

172.16.12.73 from 172.16.12.73 (150.220.250.1)

Origin IGP, localpref 260, valid, external

Community: 100:22

Extended Community: RT:100:22

Cisco 7600#sho ip bgp 172.16.161.6

BGP routing table entry for 172.16.161.6/32, version 6133620

Paths: (2 available, best #2, table default)

Multipath: eBGP

Not advertised to any peer

64512 64513

172.16.14.6 from 172.16.14.6 (172.16.14.1)

Origin incomplete, localpref 100, valid, external, multipath

Extended Community: RT:64512:64513

64512 64513

172.16.14.10 from 172.16.14.10 (172.16.14.2)

Origin incomplete, localpref 100, valid, external, multipath, best

Extended Community: RT:64512:64513

NOT advertised to any peer

if we looking on ASR the vrf GAT the network is advertised but on vrf CAMPUS not

RP/0/RSP0/CPU0:ED_MEX_1#sho bgp vrf CAMPUS 172.16.161.6

Mon May 20 12:58:03.516 UTC

BGP routing table entry for 172.16.161.6/32, Route Distinguisher: 64512:64513

Versions:

Process bRIB/RIB SendTblVer

Speaker 20 20

Local Label: 16004

Last Modified: May 17 17:24:29.877 for 2d19h

Paths: (1 available, best #1)

Not advertised to any peer

Path #1: Received by speaker 0

Not advertised to any peer

64513

172.16.19.5 from 172.16.19.5 (172.16.162.4)

Origin incomplete, metric 110, localpref 100, valid, external, best, group-best, import-candidate

Received Path ID 0, Local Path ID 1, version 20

Extended community: RT:64512:64513

but the vrf GAT:

RP/0/RSP0/CPU0:ED_MEX_1#sho bgp vrf GAT 172.16.161.6

Mon May 20 12:58:52.909 UTC

BGP routing table entry for 172.16.161.6/32, Route Distinguisher: 64512:2006

Versions:

Process bRIB/RIB SendTblVer

Speaker 30 30

Last Modified: May 17 17:24:29.877 for 2d19h

Paths: (1 available, best #1)

Advertised to CE peers (in unique update groups):

172.16.14.5

Path #1: Received by speaker 0

Advertised to CE peers (in unique update groups):

172.16.14.5

64513

172.16.19.5 from 172.16.19.5 (172.16.162.4)

Origin incomplete, metric 110, localpref 100, valid, external, best, group-best, import-candidate, imported

Received Path ID 0, Local Path ID 1, version 30

Extended community: RT:64512:64513

Any idea for this trouble, we try to advertise the extend community but nothing.

the configuration on ASR is the follow:

router bgp 64512

bgp router-id 172.16.14.1

address-family ipv4 unicast

!

address-family vpnv4 unicast

!

vrf GAT

rd 64512:2006

address-family ipv4 unicast

redistribute connected

redistribute static

!

neighbor 172.16.14.5

remote-as 2006

address-family ipv4 unicast

send-community-ebgp

route-policy pass-all in

route-policy pass-all out

send-extended-community-ebgp

!

vrf CAMPUS

rd 64512:64513

address-family ipv4 unicast

redistribute connected

redistribute static

!

neighbor 172.16.19.5

remote-as 64513

address-family ipv4 unicast

route-policy pass-all in

route-policy pass-all out

we only put send-extended-community-ebgp only on vrf GAT.

Best Regards

Harold Ritter · ‎05-20-2013

Hi Saul,

route-target extended communities are normally not sent to the peers in the VRF (ce). Can you remove the command

send-extended-community-ebgp from the neighbor in vrf GAT and try to see if the 7600 passes it on to the Nortel and Cisco devices.

Regards

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

View solution in original post

Harold Ritter · ‎05-20-2013

Hi Saul,

route-target extended communities are normally not sent to the peers in the VRF (ce). Can you remove the command

send-extended-community-ebgp from the neighbor in vrf GAT and try to see if the 7600 passes it on to the Nortel and Cisco devices.

Regards

Regards,
Harold Ritter, CCIE #4168 (EI, SP)

saul.reyes · ‎05-22-2013

Hi Harold thanks for your comment

We do it your recommendation and put on AS 64912 routes a route-map for identify the traffic IN on interface the finally configuration on cisco 7600 is:

router bgp 2006

bgp router-id 172.16.110.97

bgp log-neighbor-changes

bgp graceful-restart restart-time 120

bgp graceful-restart stalepath-time 360

bgp graceful-restart

neighbor 172.16.14.6 remote-as 64512

neighbor 172.16.14.6 description EDGE_MEX_1

neighbor 172.16.14.10 remote-as 64512

neighbor 172.16.14.10 description EDGE_MEX_2

!

address-family ipv4

no synchronization

neighbor 172.16.14.6 route-map REDES_CAMPUS in

neighbor 172.16.14.6 route-map default out

neighbor 172.16.14.10 activate

neighbor 172.16.14.10 route-map REDES_CAMPUS in

neighbor 172.16.14.10 route-map default out

neighbor 172.16.16.26 activate

with the follow route maps:

ip extcommunity-list standard GAT permit rt 64512:64513

ip bgp-community new-format

ip community-list standard REDES-GAT permit 64512:2006

route-map REDES_CAMPUS permit 430

match extcommunity GAT

set local-preference 250

set community 64512:2006 additive

set extcommunity rt 64512:64513 additive

route-map REDES-WAN->MAN permit 1600

match community REDES-GAT

with this information the routes advertise on neighbord know the loopback 172.16.161.6

GW_MEX_2#sho ip bgp neighbors 172.16.11.233 advertised-routes

BGP table version is 6160029, local router ID is 172.16.110.97

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

*> 1.0.0.1/32 172.16.12.73 300 0 2005 ?

*> 1.0.0.2/32 172.16.12.73 300 0 2005 ?

Network Next Hop Metric LocPrf Weight Path

*> 172.16.140.72/32 172.16.13.9 300 0 2005 ?

*> 172.16.141.22/32 172.16.12.73 250 0 2005 ?

*> 172.16.141.61/32 172.16.12.73 250 0 2005 i

*> 172.16.141.71/32 172.16.12.73 250 0 2005 i

*> 172.16.142.0/27 172.16.13.9 300 0 2005 ?

*> 172.16.142.32/27 172.16.13.9 250 0 2005 ?

*> 172.16.144.0/27 172.16.13.9 300 0 2005 ?

*> 172.16.146.1/32 172.16.13.9 300 0 2005 65451 i

*> 172.16.150.0/27 172.16.12.73 250 0 2005 ?

*> 172.16.152.0/27 172.16.13.9 300 0 2005 ?

*> 172.16.152.32/28 172.16.13.9 300 0 2005 ?

*> 172.16.155.1/32 172.16.13.9 300 0 2005 ?

*> 172.16.161.1/32 172.16.14.6 0 250 0 64512 ?

*> 172.16.161.6/32 172.16.14.10 0 250 0 64512 ?

Thanks for your cooperation

Best Regards