Global routing and VRF labeling for multihome mpls provider

Unanswered Question
Nov 12th, 2008

I have lab scenario working on L3 VPN to test for the environment where PE connection to two MPLS P providers. In my lab shows only one MPLS provider(P1 and P2)

CE1<->PE1<->P1<->P2<->PE2<->CE2

However in PE both sites, route learning between PE and P are under VRF, not in global routing.

CE1<->(vrf B)PE1=PE1(vrf A)<->P1<->P2<->(vrf A)PE2=PE2(vrf B)<->CE2

I created tunnel VRF within PE to bridge global routing and VRF A.

I have loopback99 in both PEs global routing using for MBGP source address, MBGP is up properly.

I can see VPN routes from CE1 and CE2 exchanges throuhg BGP both sites.

The problem is I couldn't get response while ping from CE1 to CE2 address (VRF B). From first glance, it might cause from labeling between global routing and VRF A.

PE1

===

interface Tunnel100

ip vrf forwarding vrfA

ip address 99.99.99.2 255.255.255.252

tunnel source Serial1/2

tunnel destination 150.30.11.1

tunnel vrf vrfA

!

interface Tunnel200

ip address 99.99.99.1 255.255.255.252

tunnel source Serial1/0

tunnel destination 10.1.1.2

!

ip route 10.1.1.0 255.255.255.252 Serial1/2

ip route vrf vrfA 150.30.11.0 255.255.255.252 Serial1/0

!

ip route 8.8.8.0 255.255.255.0 99.99.99.2

ip route vrf vrfA 8.8.8.10 255.255.255.255 99.99.99.1

!

router bgp 1

neighbor 8.8.8.10 remote-as 1

neighbor 8.8.8.10 update-source Loopback99

add vpn

neigh 8.8.8.10 act

neigh 8.8.8.10 send exten

!

router ospf 200

red con sub

PE2

===

interface Tunnel100

ip vrf forwarding vrfA

ip address 99.99.99.6 255.255.255.252

tunnel source Serial1/2

tunnel destination 150.30.33.2

tunnel vrf vrfA

!

interface Tunnel200

ip address 99.99.99.5 255.255.255.252

tunnel source Serial1/0

tunnel destination 10.1.1.22

!

ip route 10.1.1.20 255.255.255.252 Serial1/2

ip route vrf vrfA 150.30.33.0 255.255.255.252 Serial1/0

!

ip route 8.8.8.0 255.255.255.0 99.99.99.6

ip route vrf vrfA 8.8.8.15 255.255.255.255 99.99.99.5

!

router bgp 1

neighbor 8.8.8.15 remote-as 1

neighbor 8.8.8.15 update-source Loopback99

add vpn

neigh 8.8.8.15 act

neigh 8.8.8.15 send exten

!

router ospf 200

red con sub

Thanks,

Monty

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
m.noktes Wed, 11/12/2008 - 08:41

Opps forgot to ask, any similar scenario out there? Any IOS feature to over come this problem? Thanks!

Laurent Aubert Sat, 12/06/2008 - 14:37

Hi,

I don't know what exactly you're trying to achieve here but:

- MP-BGP session can only use the GRT

- You need a LSP between your PEs

So your vrfa is useless because your MP-iBGP session is build via the tunnel 200 (GRT). You need to activate LDP on the tunnel 200 as well to build the LSP between PE1 and PE2.

Hope this helps

Laurent.

Actions

This Discussion