cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1276
Views
5
Helpful
10
Replies

multihop BGP

Antonio_1_2
Level 1
Level 1

Hello,

In my MPLS network I have vrf Internet which I use to give my customers access to Internet. I'm having multihop BGP with customers that have their own IP address space. Problem is (see picture in attachment) that I want to avoid static routes in vrf Internet for customers prefixes received via BGP.

This prefixes received by eBGP I inject via iBGP into vrf Internet so that next hop stays the same as it is announced by customer. Although the routing table and CEF show correct next hop, traceroute from customer B to Customer A shows that packet goes to CENTRAL ROUTER outside MPLS and than back to MPLS and then to Customer A.

Traceroute should be like this

traceroute 1.1.1.1

1. PE3

2. PE1

3. CPE customer A

I think it is problem with MPLS but I can't find where. Can anyone help me with this?

Thanks in advance

10 Replies 10

Harold Ritter
Cisco Employee
Cisco Employee

Antonio,

It is unclear to me how PE3 can resolv the next hop for 1.1.1.0/24 if that NH 192.168.0.4 is learnt via VPNv4. Could you please further explain or provide us with configs.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

192.168.0.4 is connected network in vrf Internet. So PE3 learned about this network 192.168.0.0/29 via MPBGP.

here is configuration from PE1

(I replaced IP address with names)

router bgp 50000

neighbor PE2 remote-as 50000

neighbor PE2 update-source Loopback0

neighbor PE3 remote-as 50000

neighbor PE3 update-source Loopback0

!

address-family ipv4

no synchronization

neighbor PE2 activate

neighbor PE2 next-hop-self

neighbor PE2 soft-reconfiguration inbound

neighbor PE3 activate

neighbor PE3 route-reflector-client

neighbor PE3 soft-reconfiguration inbound

no auto-summary

exit-address-family

!

address-family vpnv4

neighbor PE2 activate

neighbor PE2 send-community both

neighbor PE3 activate

neighbor PE3 send-community both

neighbor PE3 route-reflector-client

exit-address-family

!

address-family ipv4 vrf Internet

no synchronization

redistribute connected

redistribute static

neighbor CENTRAL_ROUTER remote-as 50000

neighbor CENTRAL_ROUTER activate

default-information originate

exit-address-family

Regards

I don't know if configs made clear what I was trying to explain. But here is the concept:

1)CustomersA BGP router has eBGP with ISP CENTRAL ROUTER.

2)1.1.1.0/24 is announced to CENTRAL ROUTER

3)CENTRAL ROUTER has route in routing table

1.1.1.0/24 via 192.168.0.4

4)It sends this route via iBGP to PE2 and PE1 (and nexthop for the route stays unchanged)

5) PE1 and PE2 has route 1.1.1.0/24 via 192.168.0.4 in its routing table for vrf Internet

6) via MHBGP this route is announced to PE3

7) PE3 now has also route 1.1.1.0/24 via 192.168.0.4 in its routing table for vrf Internet

Hope I managed to explain the situation

regards,

Antonio,

Thanks for the configs. It did help. Running ibgp between the PE and the CE is an unsupported configuration. For 1.1.1.0/24 to be resolvable, the next hop has to exist in the GRT not in the VRF.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Thanks,

Can you tell me if this would work if I used eigrp with no-next-hop-self instead of iBGP (between central router and PE1/PE2)?

Regards,

Antonio,

Wouldn't it be simpler to have Customer to eBGP peer to both PE1 AND PE2 and then to have them eBGP peer with the central router.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Yes, it would. But then I would have to have full BGP table in vrf which is not case right now. And I don't is it recommended to run full BGP table in MPLS?

Regards,

Antonio,

Understood. The best thing to do then would be to run an ebgp session to the PE and an eBGP multihop session to the central router.

You can indeed use two different AS numbers to do that using the local-as feature.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Moreover can you tell me is it possible to run two BGP instances on the same router in GRT. In this why I can run eBGP from CENTRAL ROUTER to PE1/PE2 but config would be under private AS.

i.e. this would be configuration on CENTRAL ROUTER

router bgp 5000 #eBGP to Customer

neigbor CUSTOMER_A

router bgp 65002 #eBGP to PE1

neighbor PE1

regards,

Antonio,

If you try to run more then one instance of BGP, Cisco routers will notify you that you already have one running. If it is Juniper route, then the second instance will replace the first one. Either way, you can only run one instance at the time per router.

HTH

Reza

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: