09-18-2008 07:33 AM
Hello,
In my MPLS network I have vrf Internet which I use to give my customers access to Internet. I'm having multihop BGP with customers that have their own IP address space. Problem is (see picture in attachment) that I want to avoid static routes in vrf Internet for customers prefixes received via BGP.
This prefixes received by eBGP I inject via iBGP into vrf Internet so that next hop stays the same as it is announced by customer. Although the routing table and CEF show correct next hop, traceroute from customer B to Customer A shows that packet goes to CENTRAL ROUTER outside MPLS and than back to MPLS and then to Customer A.
Traceroute should be like this
traceroute 1.1.1.1
1. PE3
2. PE1
3. CPE customer A
I think it is problem with MPLS but I can't find where. Can anyone help me with this?
Thanks in advance
09-18-2008 12:49 PM
Antonio,
It is unclear to me how PE3 can resolv the next hop for 1.1.1.0/24 if that NH 192.168.0.4 is learnt via VPNv4. Could you please further explain or provide us with configs.
Regards
09-18-2008 11:41 PM
192.168.0.4 is connected network in vrf Internet. So PE3 learned about this network 192.168.0.0/29 via MPBGP.
here is configuration from PE1
(I replaced IP address with names)
router bgp 50000
neighbor PE2 remote-as 50000
neighbor PE2 update-source Loopback0
neighbor PE3 remote-as 50000
neighbor PE3 update-source Loopback0
!
address-family ipv4
no synchronization
neighbor PE2 activate
neighbor PE2 next-hop-self
neighbor PE2 soft-reconfiguration inbound
neighbor PE3 activate
neighbor PE3 route-reflector-client
neighbor PE3 soft-reconfiguration inbound
no auto-summary
exit-address-family
!
address-family vpnv4
neighbor PE2 activate
neighbor PE2 send-community both
neighbor PE3 activate
neighbor PE3 send-community both
neighbor PE3 route-reflector-client
exit-address-family
!
address-family ipv4 vrf Internet
no synchronization
redistribute connected
redistribute static
neighbor CENTRAL_ROUTER remote-as 50000
neighbor CENTRAL_ROUTER activate
default-information originate
exit-address-family
Regards
09-22-2008 12:09 AM
I don't know if configs made clear what I was trying to explain. But here is the concept:
1)CustomersA BGP router has eBGP with ISP CENTRAL ROUTER.
2)1.1.1.0/24 is announced to CENTRAL ROUTER
3)CENTRAL ROUTER has route in routing table
1.1.1.0/24 via 192.168.0.4
4)It sends this route via iBGP to PE2 and PE1 (and nexthop for the route stays unchanged)
5) PE1 and PE2 has route 1.1.1.0/24 via 192.168.0.4 in its routing table for vrf Internet
6) via MHBGP this route is announced to PE3
7) PE3 now has also route 1.1.1.0/24 via 192.168.0.4 in its routing table for vrf Internet
Hope I managed to explain the situation
regards,
09-22-2008 04:15 PM
Antonio,
Thanks for the configs. It did help. Running ibgp between the PE and the CE is an unsupported configuration. For 1.1.1.0/24 to be resolvable, the next hop has to exist in the GRT not in the VRF.
Regards
09-22-2008 11:28 PM
Thanks,
Can you tell me if this would work if I used eigrp with no-next-hop-self instead of iBGP (between central router and PE1/PE2)?
Regards,
09-24-2008 04:39 AM
Antonio,
Wouldn't it be simpler to have Customer to eBGP peer to both PE1 AND PE2 and then to have them eBGP peer with the central router.
Regards
09-24-2008 11:20 PM
Yes, it would. But then I would have to have full BGP table in vrf which is not case right now. And I don't is it recommended to run full BGP table in MPLS?
Regards,
09-25-2008 05:31 PM
Antonio,
Understood. The best thing to do then would be to run an ebgp session to the PE and an eBGP multihop session to the central router.
You can indeed use two different AS numbers to do that using the local-as feature.
Regards,
09-23-2008 12:28 AM
Moreover can you tell me is it possible to run two BGP instances on the same router in GRT. In this why I can run eBGP from CENTRAL ROUTER to PE1/PE2 but config would be under private AS.
i.e. this would be configuration on CENTRAL ROUTER
router bgp 5000 #eBGP to Customer
neigbor CUSTOMER_A
router bgp 65002 #eBGP to PE1
neighbor PE1
regards,
09-25-2008 05:58 PM
Antonio,
If you try to run more then one instance of BGP, Cisco routers will notify you that you already have one running. If it is Juniper route, then the second instance will replace the first one. Either way, you can only run one instance at the time per router.
HTH
Reza
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: