Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Issue with multipath load-sharing of VPNv4 routes

Hi Sir,

Below is output of "show ip bgp vpnv4 all 10.1.36.0/24" on a PE router in an MPLS VPN environment:

KP1#sh ip bgp vpnv4 all 10.1.36.0/24

BGP routing table entry for 65001:202:10.1.36.0/24, version 1732

Paths: (2 available, best #1, no table)

Not advertised to any peer

Local

172.18.254.56 (metric 31) from 172.18.254.54 (172.18.254.54)

Origin incomplete, metric 0, localpref 100, valid, internal, best

Extended Community: RT:65001:1200

Originator: 172.18.254.56, Cluster list: 172.18.254.54

Local

172.18.254.56 (metric 31) from 172.18.255.254 (172.18.255.254)

Origin incomplete, metric 0, localpref 100, valid, internal

Extended Community: RT:65001:1200

Originator: 172.18.254.56, Cluster list: 172.18.255.254

BGP routing table entry for 65001:203:10.1.36.0/24, version 2439

Paths: (2 available, best #2, no table)

Not advertised to any peer

Local

172.18.255.4 (metric 21) from 172.18.255.254 (172.18.255.254)

Origin incomplete, metric 0, localpref 100, valid, internal

Extended Community: RT:65001:1200

Originator: 172.18.255.4, Cluster list: 172.18.255.254

Local

172.18.255.4 (metric 21) from 172.18.254.54 (172.18.254.54)

Origin incomplete, metric 0, localpref 100, valid, internal, best

Extended Community: RT:65001:1200

Originator: 172.18.255.4, Cluster list: 172.18.254.54

BGP routing table entry for 65001:204:10.1.36.0/24, version 2441

Paths: (2 available, best #2, table V1:TEST)

Multipath: iBGP

Not advertised to any peer

Local, imported path from 65001:202:10.1.36.0/24

172.18.254.56 (metric 31) from 172.18.254.54 (172.18.254.54)

Origin incomplete, metric 0, localpref 100, valid, internal

Extended Community: RT:65001:1200

Originator: 172.18.254.56, Cluster list: 172.18.254.54

Local, imported path from 65001:203:10.1.36.0/24

172.18.255.4 (metric 21) from 172.18.254.54 (172.18.254.54)

Origin incomplete, metric 0, localpref 100, valid, internal, best

Extended Community: RT:65001:1200

Originator: 172.18.255.4, Cluster list: 172.18.254.54

KP1#

There are two RRs on the network: RR1 (172.18.254.54) and RR2 (172.18.255.254). All PE routers peer with these two RRs.

The VPNv4 prefix 10.1.36.0/24 is advertised by two PE routers; the first is 172.18.254.56 (hostname: SK1) using RD 65001:202, another is 172.18.255.4 (hostname: SK2) using RD 65001:203. This is an Intranet VPN with RT value of 65001:1200.

I understand why KP1 selects the path via SK2 as the best because it matches the BGP best-path selection criteria: "Prefer the path with the lowest IGP metric to the BGP next hop".

I want to load-balance traffic destined to 10.1.36.0/24 across SK1 and SK2. Thus, I modified the config on KP1 as follows:

!

router bgp 65001

!

address-family ipv4 vrf V1:TEST

maximum-paths ibgp 2

!

!

But still only one best path is selected and installed into the VRF routing tables, as follows:

KP1#sh ip route vrf V1:TEST

Routing Table: V1:TEST

10.0.0.0/24 is subnetted, 6 subnets

B 10.1.36.0 [200/0] via 172.18.255.4, 20:53:01

KP1#sh ip bgp vpnv4 vrf V1:TEST

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 10081:204 (default for vrf V1:TEST)

* i10.1.36.0/24 172.18.254.56 0 100 0 ?

*>i 172.18.255.4 0 100 0 ?

KP1 only installs the two paths when I configured the following:

!

router bgp 65001

!

address-family ipv4 vrf V1:TEST

maximum-paths ibgp unequal-cost 2 (I can't exactly remember the command. It should be this one.)

!

!

Please advise if this is the correct way to install both routes.

Thank you.

B.Rgds,

Lim TS

5 REPLIES
Cisco Employee

Re: Issue with multipath load-sharing of VPNv4 routes

Lim,

It is indeed the correct way to install the two paths.

"maximum-paths ibgp unequal-cost" is required if you want two or more paths to be installed if they have different IGP metrics.

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
New Member

Re: Issue with multipath load-sharing of VPNv4 routes

Hi Harold,

Thanks for taking time to "digest" my problem. My post is rather lengthy.

I notice that the two commands (i.e. "maximum-paths ibgp " and "maximum-paths ibgp unequal-cost") are mutually exclusive.

It seems to me that my scenario (i.e. to load-balance across multiple remote PE routers advertising the same prefixes) can be resolved using the "maximum-paths ibgp unequal-cost" command, and of course with proper RD assignment. What if there are two or more iBGP paths having different IGP metrics?

What do you typically configure?

Thank you.

B.Rgds,

Lim TS

New Member

Re: Issue with multipath load-sharing of VPNv4 routes

Sorry, typo error. My sentence should be:

"What if there are two or more iBGP paths having same IGP metrics?"

Thank you.

B.Rgds,

Lim TS

Re: Issue with multipath load-sharing of VPNv4 routes

Hi,

"maximum-path ... unequal-cost" means install two pathes EVEN IF paths have unequal IGP metric. If the metric is identical then the BGP path selection is identical to not configuring "unequal-cost".

This option is used to skip the normal BGP path selection step "closest IGP neighbor" when it comes to decide what to insert into the IP routing table.

So typically you would use "unequal-cost" as for the VPN customer your core network is not interesting (not even visible). So routing decisions based on your core network metrics are (often) not in the customers interest. The customer is usually interested in loading the redundant access lines. This would potentially not be possible because of the SP BGP selection mechanism.

Hope this helps!

Regards, Martin

Cisco Employee

Re: Issue with multipath load-sharing of VPNv4 routes

Lim,

As Martin stated, the unequal-cost keyword will cause the prefixes to be installed regardless of whether their IGP metrics are equal or not.

Hope this helps,

Harold Ritter
Sr. Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
551
Views
0
Helpful
5
Replies
CreatePlease to create content