Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

MPLS INTER-AS B2B

Hi All,

          I have a topology with inter_AS as follows:

CE_AS1----PE_AS1----P_AS1-----ASBR_AS1<---------->ASBR2_AS2------P_AS2-----PE_AS2-----CE2.

The problem faced was that both CEs in each ASes can reach each other but neither the PEs nor the ASBRs can reach the CE in a diffenrent AS.

Although the PEs can ping their CEs and see all of the routes on both CEs.

PE in AS1 cannot ping CE in AS2....is this a normal behaviour, even though these routes are in it VRF table?.

ASBRs cannot even ping CEs in their own AS less you think of CE in another AS, is this a normal behaviour?

P router in AS2 was made a vpnv4 RR for ASBR and the PE, thus, i can see all the routes in both ASes in it VPNV4 table yet cannot ping either way, is this a normal behaviour?.

CE1_AS1#sir bgp

     172.16.0.0/24 is subnetted, 14 subnets

B       172.16.212.0 [20/0] via 172.16.1.1, 00:41:47

B       172.16.51.0 [20/0] via 172.16.1.1, 00:41:47

B       172.16.41.0 [20/0] via 172.16.1.1, 00:41:47

B       172.16.31.0 [20/0] via 172.16.1.1, 00:41:47

B       172.16.20.0 [20/0] via 172.16.1.1, 00:41:47

B       172.16.21.0 [20/0] via 172.16.1.1, 00:41:47

B       172.16.2.0 [20/0] via 172.16.1.1, 00:41:47

CE1_AS1#

CE1_AS1#

CE1_AS1#siib | ex un

Interface                  IP-Address      OK? Method Status                Protocol

FastEthernet1/0            172.16.1.2      YES manual up                    up

Loopback0                  172.16.10.1     YES manual up                    up

Loopback1                  172.16.11.1     YES manual up                    up

Loopback2                  172.16.22.1     YES manual up                    up

Loopback3                  172.16.33.1     YES manual up                    up

Loopback4                  172.16.44.1     YES manual up                    up

Loopback5                  172.16.55.1     YES manual up                    up

CE1_AS1#

CE1_AS1#ping 172.16.2.0

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.2.0, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 188/321/432 ms

CE1_AS1#

==========================================================================

CE2_AS2#sir eigrp

     172.16.0.0/24 is subnetted, 14 subnets

D EX    172.16.55.0 [170/2560002816] via 172.16.2.1, 00:41:39, FastEthernet1/0

D EX    172.16.44.0 [170/2560002816] via 172.16.2.1, 00:41:39, FastEthernet1/0

D EX    172.16.33.0 [170/2560002816] via 172.16.2.1, 00:41:39, FastEthernet1/0

D EX    172.16.22.0 [170/2560002816] via 172.16.2.1, 00:41:39, FastEthernet1/0

D EX    172.16.10.0 [170/2560002816] via 172.16.2.1, 00:41:39, FastEthernet1/0

D EX    172.16.11.0 [170/2560002816] via 172.16.2.1, 00:41:39, FastEthernet1/0

D EX    172.16.1.0 [170/2560002816] via 172.16.2.1, 00:41:39, FastEthernet1/0

CE2_AS2#

CE2_AS2#

CE2_AS2#siib | ex un

Interface                  IP-Address      OK? Method Status                Protocol

FastEthernet1/0            172.16.2.2      YES manual up                    up

Loopback0                  172.16.20.1     YES manual up                    up

Loopback1                  172.16.21.1     YES manual up                    up

Loopback2                  172.16.212.1    YES manual up                    up

Loopback3                  172.16.31.1     YES manual up                    up

Loopback4                  172.16.41.1     YES manual up                    up

Loopback5                  172.16.51.1     YES manual up                    up

CE2_AS2#

CE2_AS2#ping 172.16.55.0

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.55.0, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 364/425/540 ms

CE2_AS2#

==========================================================================

Second part of my question:

The P router in AS2 which is a VPNV4 RR for both ASBR2 and PE was able to see all routes without any VRF configured on it, Can this be normal?.

here is the configs on the P router for your perusal.

P_AS2#sr | s router bgp

router bgp 2

no synchronization

bgp log-neighbor-changes

neighbor 10.20.20.201 remote-as 2

neighbor 10.20.20.201 update-source Loopback0

neighbor 10.20.20.202 remote-as 2

neighbor 10.20.20.202 update-source Loopback0

no auto-summary

!

address-family vpnv4

  neighbor 10.20.20.201 activate

  neighbor 10.20.20.201 send-community both

  neighbor 10.20.20.201 route-reflector-client

  neighbor 10.20.20.202 activate

  neighbor 10.20.20.202 send-community both

  neighbor 10.20.20.202 route-reflector-client

exit-address-family

P_AS2#

P_AS2#

P_AS2#

P_AS2#show ip vrf

P_AS2#show ip bgp vpnv4 rd 1:2

BGP table version is 15, local router ID is 10.20.20.200

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 1:2

*>i172.16.1.0/24    10.20.20.201             0    100      0 1 ?

*>i172.16.2.0/24    10.20.20.202             0    100      0 ?

*>i172.16.10.0/24   10.20.20.201             0    100      0 1 10 i

*>i172.16.11.0/24   10.20.20.201             0    100      0 1 10 i

*>i172.16.20.0/24   10.20.20.202        156160    100      0 ?

*>i172.16.21.0/24   10.20.20.202        156160    100      0 ?

*>i172.16.22.0/24   10.20.20.201             0    100      0 1 10 i

*>i172.16.31.0/24   10.20.20.202        156160    100      0 ?

*>i172.16.33.0/24   10.20.20.201             0    100      0 1 10 i

*>i172.16.41.0/24   10.20.20.202        156160    100      0 ?

*>i172.16.44.0/24   10.20.20.201             0    100      0 1 10 i

*>i172.16.51.0/24   10.20.20.202        156160    100      0 ?

*>i172.16.55.0/24   10.20.20.201             0    100      0 1 10 i

*>i172.16.212.0/24  10.20.20.202        156160    100      0 ?

P_AS2#

Thanking you all in advance,

O.A

  • MPLS
1 REPLY

MPLS INTER-AS B2B

Hi O.A

From my understanding I will try to answer your queries.

Second Query first:

Second part of my question:

The P router in AS2 which is a VPNV4 RR for both ASBR2 and PE was able to see all routes without any VRF configured on it, Can this be normal?.

"On an RR the Automatic Route FIltering based on extcommunity RT is disbaled by default as it has to reflect routes to its clients and that is why all the routes are seen on an RR even without VRFs."

First Question Second:

The problem faced was that both CEs in each ASes can reach each other but neither the PEs nor the ASBRs can reach the CE in a diffenrent AS.

Although the PEs can ping their CEs and see all of the routes on both CEs.

PE in AS1 cannot ping CE in AS2....is this a normal behaviour, even though these routes are in it VRF table?.

" This can be a source-based oing issue..Are you redistrubuting the ASBR's connected interfaces to respected VRs so that when we ping from ASBR the CEs have reverse routes to the source "

Regards

Varma

386
Views
0
Helpful
1
Replies