Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

VRF lite link between CE routers

Good day.

Review the picture first, and I will briefly introduce you into question.

mpls+vrflite.jpg

R1, R2, R3 and R4 run OSPF/LDP/BGP bundle over black links which interconnects them. They belong to same BGP AS and runs iBGP between each other. Networks 10.10.10.0/24 and 40.40.40.0/24 belongs to same  VRF, lets name it Technical in further references.  All four routers have instance of vrf Technical, cos in essence all of them are PE routers and have connections to other networks belonging to this vrf.

We have a target – to move traffic between networks 10.10.10.0/24 and 40.40.40.0/24 (ONLY!!!) to different physical connection (RED link between R2 and R4) with possibility to swap back to MPLS links in case of RED link failure.

Cos we have two upstream connections from R1 and R4, traffic between 10.10.10.0/24 and 40.40.40.0/24 networks get load balanced between those links (maximum-paths ibgp 2) , and this make a major problem for me.

My idea is run VRF LITE over RED link and establish BGP neighborship between R2 and R4 inside adress-family ipv4 vrf Technical and control preferred path between R2 and R4 to reach desired networks using standard BGP path control facilities.

But problem is that some traffic from 10.10.10.0/24 to 40.40.40.0/24 can choose path not through R2 but through R3, and in such conditions that traffic will be forwarded further over link R3-R4, cos R3 will not receive at all update about 40.40.40.0/24 network from R2 direction – we run iBGP between all routers, and inside VRF LITE only R2 have connection to R4. But desired for me path is R3-R2-R4. How to make R3 choose it but preserve possibility to “to swap back to MPLS links in case of RED link failure”?

I have following considerations:

•1)      We can configure reliable static routing on R3 through R2 with tracking remote end of RED link

Comment: I don’t like this solution – it seems odd for network run BGP/OSPF use reliable stat routing.

•2)      Add VRF LITE link between R3 and R2 and establish iBGP neighborship  between R3 and R4 through these VRF lite links

•3)      Connect R3 to RED link aswell with  some “HUB” placed on RED link and establish iBGP neighborship  between R3 and R4 directly.

To be honest I don’t like not only first but every solution I adduce. So I wondering is there any other ways to solve these task?

Tnx in advance.

Everyone's tags (3)
1 REPLY
Cisco Employee

VRF lite link between CE routers

Hi Alexey,

I have seen this requirement to steer traffic for a specific VPN via a specific path in the core. This is normally addressed by using MPLS TE and to change the vpnv4 next hop so that only traffic for this specific VPN is forwarded down the tunnel.

There are many cases on CSC documenting this approach.

https://supportforums.cisco.com/thread/249483

Regards

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México 
Paseo de la Reforma 222 Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
334
Views
0
Helpful
1
Replies
CreatePlease login to create content