BGP maximum path in route reflectors

Answered Question
Dec 3rd, 2007
User Badges:

I have RR in MPLS VPN . they are not part of mpls vpn . they only act as RR

each MPLS L3 VPN has 2 next hop and all are in RR VPN4

But one of 2 routes are in PEs

I want to use BGP load sharing using the following command


address-family ipv4 [mdt | multicast | tunnel | unicast [vrf vrf-name] | vrf vrf-name] | ipv6 [multicast | unicast] | vpnv4 [unicast]

5. maximum-paths eibgp number [import number]


i have heard that this command is not supported in RR

Is it correct and if yes what will be the solution


thx

Correct Answer by mheusing about 9 years 6 months ago

Hi,


You are right, load sharing this way will not work today. The underlying reason is the way BGP is designed. RFC 4271 clearly states: "In the context of this document, we assume that a BGP speaker advertises to its peers only those routes that it uses itself (in this context, a BGP speaker is said to "use" a BGP route if it is the most preferred BGP route and is used in forwarding). All other cases are outside the scope of this document."


As a RR is a BGP speaker it will only announce the best route. This is not configurable, but part of the standard.

Especially in an MPLS network the solution thus is: let two identical IP networks look different by using two different route-distinguisher. This is very much the same idea as why to have RDs in the first place: let an IP network used by different customers look different to BGP by prepending unique 64 Bit. Now we let the prefix look different to the BGP path selection of a RR.


Example config for a dual homed CE:


At PE1:


ip vrf CE11

rd 65000:1011

route-target export 65000:11

route-target import 65000:11


router bgp 65000

!

address-family ipv4 vrf CE11

neighbor 10.1.11.2 remote-as 65011

neighbor 10.1.11.2 activate

maximum-path unequal-cost ibgp 2 import 2

no auto-summary

no synchronization

network 10.1.11.0 mask 255.255.255.252

exit-address-family


At PE2:

ip vrf CE11

rd 65000:2011 !<--- note the different RD but identical RTs

route-target export 65000:11

route-target import 65000:11


router bgp 65000

!

address-family ipv4 vrf CE11

neighbor 10.2.11.2 remote-as 65011

neighbor 10.2.11.2 activate

maximum-path unequal-cost ibgp 2 import 2

no auto-summary

no synchronization

network 10.2.11.0 mask 255.255.255.252

exit-address-family



So in general, every PE should have a unique set of RDs to allow for load sharing along the example given above. Be aware, that this will increase the memory requirements, because every VPNv4 prefix will at least be stored twice in the VPNv4 table, one with original RD, and one imported one per VRF.


Hope this helps! Please rate all posts.


Regards, Martin

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Correct Answer
mheusing Mon, 12/03/2007 - 05:18
User Badges:
  • Cisco Employee,

Hi,


You are right, load sharing this way will not work today. The underlying reason is the way BGP is designed. RFC 4271 clearly states: "In the context of this document, we assume that a BGP speaker advertises to its peers only those routes that it uses itself (in this context, a BGP speaker is said to "use" a BGP route if it is the most preferred BGP route and is used in forwarding). All other cases are outside the scope of this document."


As a RR is a BGP speaker it will only announce the best route. This is not configurable, but part of the standard.

Especially in an MPLS network the solution thus is: let two identical IP networks look different by using two different route-distinguisher. This is very much the same idea as why to have RDs in the first place: let an IP network used by different customers look different to BGP by prepending unique 64 Bit. Now we let the prefix look different to the BGP path selection of a RR.


Example config for a dual homed CE:


At PE1:


ip vrf CE11

rd 65000:1011

route-target export 65000:11

route-target import 65000:11


router bgp 65000

!

address-family ipv4 vrf CE11

neighbor 10.1.11.2 remote-as 65011

neighbor 10.1.11.2 activate

maximum-path unequal-cost ibgp 2 import 2

no auto-summary

no synchronization

network 10.1.11.0 mask 255.255.255.252

exit-address-family


At PE2:

ip vrf CE11

rd 65000:2011 !<--- note the different RD but identical RTs

route-target export 65000:11

route-target import 65000:11


router bgp 65000

!

address-family ipv4 vrf CE11

neighbor 10.2.11.2 remote-as 65011

neighbor 10.2.11.2 activate

maximum-path unequal-cost ibgp 2 import 2

no auto-summary

no synchronization

network 10.2.11.0 mask 255.255.255.252

exit-address-family



So in general, every PE should have a unique set of RDs to allow for load sharing along the example given above. Be aware, that this will increase the memory requirements, because every VPNv4 prefix will at least be stored twice in the VPNv4 table, one with original RD, and one imported one per VRF.


Hope this helps! Please rate all posts.


Regards, Martin

Actions

This Discussion