04-28-2010 08:31 AM
Hello,
Im trying to setup a simple one PE two CE, mpls vpn network. Im using an example from a document called Configuring MPLS Layer 3 VPN. The problem is that the example provided is for one CE, I'm having trouble when adding the second CE. My problem is that the route to the other CE wont show up. So I cant make ping from one CE to the other. I think the problem is in the ospf configuration. I've tried using different ospf proccess id and area, but the route wont show up. First I tried just changing ospf process, then I tried changing the area. Neither of both worked. Im providing my last configuration files. Thanks in advance for your help.
PE
---------
ip vrf vpn1
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf vpn2
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip cef
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
interface Loopback0
ip address 10.0.0.1 255.255.255.255
!
interface f0/0
ip vrf forwarding vpn1
ip address 34.0.0.2 255.0.0.0
no cdp enable
no shu
!
interface f1/0
ip vrf forwarding vpn2
ip address 30.0.0.2 255.0.0.0
no cdp enable
no shu
!
router ospf 1000 vrf vpn1
log-adjacency-changes
redistribute bgp 100 metric-type 1 subnets
network 10.0.0.13 0.0.0.0 area 10000
network 34.0.0.0 0.255.255.255 area 10000
!
router ospf 1001 vrf vpn2
log-adjacency-changes
redistribute bgp 100 metric-type 1 subnets
network 10.0.0.13 0.0.0.0 area 10001
network 34.0.0.0 0.255.255.255 area 10001
!
router bgp 100
no synchronization
bgp log-neighbor changes
neighbor 10.0.0.3 remote-as 100
neighbor 10.0.0.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
bgp scan-time import 5
exit-address-family
!
address-family ipv4 vrf vpn1
redistribute connected
redistribute ospf 1000 match internal external 1 external 2
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf vpn2
redistribute connected
redistribute ospf 1001 match internal external 1 external 2
no auto-summary
no synchronization
exit-address-family
end
CE1
----------------
ip cef
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
interface Loopback0
ip address 10.0.0.9 255.255.255.255
!
interface f0/0
ip address 34.0.0.1 255.0.0.0
no cdp enable
no shu
!
router ospf 1000
log-adjacency-changes
auto-cost reference-bandwidth 1000
redistribute connected subnets
network 34.0.0.0 0.255.255.255 area 1000
network 10.0.0.0 0.0.0.0 area 1000
end
CE2
-------------------
ip cef
mpls ldp router-id Loopback0 force
mpls label protocol ldp
!
interface Loopback0
ip address 10.0.0.8 255.255.255.255
!
interface f0/0
ip address 30.0.0.1 255.0.0.0
no cdp enable
no shu
!
router ospf 1001
log-adjacency-changes
auto-cost reference-bandwidth 1000
redistribute connected subnets
network 30.0.0.0 0.255.255.255 area 1001
network 10.0.0.0 0.0.0.0 area 1001
end
Solved! Go to Solution.
04-28-2010 10:18 AM
Hi
you might want to use different rd per vrf : rd 100:1 for vpn1 et rd 100:2 for vpn2, while keeping the route targets as they currently are.
Also,check you network command in ospf for vpn2 : it shoud be network 30.0.0.0 0.255.255.255 area 10001.
what is this 10.0.0.13 network that is announced in both ospf for vpn1 and vpn2?
And the areas between CEs and PE do not match : area 10000 for 34/8 on PE and area 1000 for 34/8 on CE. Same issue for CE2
On the CEs the entry network 10.0.0.0 0.0.0.0 area 1000 means nothing as this interface does not exist : should be network 10.0.0.9 0.0.0.0 area 1000 if you want to inject the loopback in OSPF. same issue on CE2
See u
04-28-2010 10:18 AM
Hi
you might want to use different rd per vrf : rd 100:1 for vpn1 et rd 100:2 for vpn2, while keeping the route targets as they currently are.
Also,check you network command in ospf for vpn2 : it shoud be network 30.0.0.0 0.255.255.255 area 10001.
what is this 10.0.0.13 network that is announced in both ospf for vpn1 and vpn2?
And the areas between CEs and PE do not match : area 10000 for 34/8 on PE and area 1000 for 34/8 on CE. Same issue for CE2
On the CEs the entry network 10.0.0.0 0.0.0.0 area 1000 means nothing as this interface does not exist : should be network 10.0.0.9 0.0.0.0 area 1000 if you want to inject the loopback in OSPF. same issue on CE2
See u
04-30-2010 12:26 AM
Not sure..
might be because of ORF..
try playing around with SOO and ORF...
04-30-2010 10:47 AM
I would suggest you to change RD... RD are usualy different for different VRFs, leave RT as they are, and we can continue troubleshooting from there...
05-02-2010 12:28 PM
Hello Drojasug33,
RD cannot be equal in two different VRFs defined on same PE node, the real router doesn't accept it so you have to use two different RDs
see my test on a real IOS device:
router#conf t
Enter configuration commands, one per line. End with CNTL/Z.
router(config)#ip vrf prova1
router(config-vrf)#rd 8234:10
router(config-vrf)#route
router(config-vrf)#route-target both 8234:10
router(config-vrf)#
router(config-vrf)#exit
routerconfig)#ip vrf prova2
router(config-vrf)#rd 8234:10
% "rd" 8234:10 already in use by VRF prova1
router(config-vrf)#
or you have mistyped the configuration or you are using an emulation software that didn't advise you of this.
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: