Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

RIP to CE (L2TP VPDN DSL Connection)

Hi,

Just attempting to have CE advertise the LAN subnet to PE, without success.

On CE(No NAT enabled), I currently have:

!

interface Ethernet0

description LAN

ip address 192.168.1.1 255.255.255.0

no keepalive

!

!

router rip

version 2

redistribute static

network 192.168.1.0

!

#show ip rip database

0.0.0.0/0 auto-summary

0.0.0.0/0 redistributed

[1] via 0.0.0.0,

192.168.1.0/24 auto-summary

192.168.1.0/24 directly connected, Ethernet0

Then on PE:

router rip

version 2

!

address-family ipv4 vrf TEST10

redistribute bgp 17766 metric transparent

network 10.0.0.0

network 192.168.1.0

no auto-summary

version 2

exit-address-family

#show ip rip database vrf TEST10

10.0.0.0/8 auto-summary

10.0.0.0/24 directly connected, Loopback10

10.0.2.1/32 directly connected, Virtual-Access7

10.0.2.2/32 directly connected, Loopback11

10.0.3.0/24 redistributed

[1] via 203.149.76.248,

10.0.5.0/24 redistributed

[1] via 203.149.76.249,

10.0.6.0/24 redistributed

[1] via 203.149.76.250,

10.0.7.0/24 redistributed

[1] via 203.149.76.247,

PE can successfully get to CE WAN (10.0.2.1), but not the CE LAN.

Regards,

MB

10 REPLIES

Re: RIP to CE (L2TP VPDN DSL Connection)

Hello,

you need to include the PE-CE network into your RIP processes. The config should look like:

CE:

router rip

version 2

redistribute static

network 192.168.1.0

network 10.0.0.0

no auto-summary

PE:

router rip

version 2

!

address-family ipv4 vrf TEST10

redistribute bgp 17766 metric 2

network 10.0.0.0

network 192.168.1.0

no auto-summary

version 2

exit-address-family

router bgp 17766

address-family ipv4 vrf TEST10

redistribute rip

no synchronization

no auto-summary

exit-address-family

I would also advise you to use a fixed metric, otherwise you might encounter problems, when redsitributing routes with a BGP MED larger than 15, because RIP will try to use this as hop count and find it to be "unreachable".

A helpful command for troubleshooting in this context is "show ip protocols vrf TEST10" on the PE (without vrf on the CE). You should see the other side as routing information source.

Hope this helps! Please rate all posts.

Regards, Martin

Community Member

Re: RIP to CE (L2TP VPDN DSL Connection)

Thanks for the response - I now have what you suggested, but PE is still not receiving the CE LAN subnet:

PE:

ip vrf TEST10

rd 17766:10

route-target export 17766:10

route-target import 17766:10

maximum routes 256 75

router rip

version 2

!

address-family ipv4 vrf TEST10

redistribute bgp 17766 metric 2

network 10.0.0.0

network 192.168.1.0

no auto-summary

version 2

exit-address-family

!

router bgp 17766

address-family ipv4 vrf TEST10

redistribute connected

redistribute static

redistribute rip

no auto-summary

no synchronization

exit-address-family

CE:

!

router rip

version 2

redistribute static

network 10.0.0.0

network 192.168.1.0

no auto-summary

!

Then CE Rip:

test# show ip rip database

0.0.0.0/0 auto-summary

0.0.0.0/0 redistributed

[1] via 0.0.0.0,

10.0.0.0/8 auto-summary

10.0.2.1/32 directly connected, Dialer1

10.0.2.2/32 directly connected, Dialer1

192.168.1.0/24 auto-summary

192.168.1.0/24 directly connected, Ethernet0

PE Rip:

#show ip rip database vrf TEST10

10.0.0.0/8 auto-summary

10.0.0.0/24 directly connected, Loopback10

10.0.2.1/32 directly connected, Virtual-Access7

10.0.2.2/32 directly connected, Loopback11

10.0.3.0/24 redistributed

[2] via 203.149.76.248,

10.0.5.0/24 redistributed

[2] via 203.149.76.249,

10.0.6.0/24 redistributed

[2] via 203.149.76.250,

10.0.7.0/24 redistributed

[2] via 203.149.76.247,

And I'm not seeing the CE as a routing info source:(Do I have to enable rip on my VirtualTemplate?)

#show ip protocols vrf TEST10

Routing Protocol is "bgp 17766"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

IGP synchronization is disabled

Automatic route summarization is disabled

Redistributing: connected, static, rip

Maximum path: 1

Routing Information Sources:

Gateway Distance Last Update

203.149.76.247 200 1w2d

203.149.76.245 200 3w4d

203.149.76.250 200 1w2d

203.149.76.248 200 2w5d

203.149.76.249 200 3w4d

Distance: external 20 internal 200 local 200

Routing Protocol is "rip"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Sending updates every 30 seconds, next due in 25 seconds

Invalid after 180 seconds, hold down 180, flushed after 240

Redistributing: bgp 17766, rip

Default version control: send version 2, receive version 2

Interface Send Recv Triggered RIP Key-chain

Loopback10 2 2

Loopback11 2 2

Maximum path: 4

Routing for Networks:

10.0.0.0

192.168.1.0

Routing Information Sources:

Gateway Distance Last Update

Distance: (default is 120)

Re: RIP to CE (L2TP VPDN DSL Connection)

Hello,

my assumption was, that the network between CE and PE (namely the interface IPs) are in the range 10.0.0.0/8.

In case you have a virtual template starting connectivity between PE and CE then you should include it´s IP address as network statement.

The network statements in RIP identify the interfaces on which RIP updates should be sent and which networks to include in the updates. So make sure that the PE-CE interfaces are included.

Hope this helps! Please rate all posts.

Regards, Martin

Community Member

Re: RIP to CE (L2TP VPDN DSL Connection)

Thanks again for your assistance with this.

I have added the Loopbacks IP to rip:

PE:

!

interface Virtual-Template1

description L2TP-1 Termination

ip unnumbered Loopback1

qos pre-classify

ppp authentication chap callin

!

!

interface Loopback1

description BNE-LNS-1 Interface

ip address 203.149.76.243 255.255.255.255

!

!

router rip

version 2

!

address-family ipv4 vrf TEST10

redistribute bgp 17766 metric 2

network 10.0.0.0

network 192.168.1.0

network 203.149.76.0

no auto-summary

version 2

exit-address-family

!

but still no joy in rip:

#show ip rip database vrf TEST10

10.0.0.0/8 auto-summary

10.0.0.0/24 directly connected, Loopback10

10.0.2.1/32 directly connected, Virtual-Access7

10.0.2.2/32 directly connected, Loopback11

10.0.3.0/24 redistributed

[2] via 203.149.76.248,

10.0.5.0/24 redistributed

[2] via 203.149.76.249,

10.0.6.0/24 redistributed

[2] via 203.149.76.250,

10.0.7.0/24 redistributed

[2] via 203.149.76.247,

#show ip protocols vrf TEST10

Routing Protocol is "bgp 17766"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

IGP synchronization is disabled

Automatic route summarization is disabled

Redistributing: connected, static, rip

Maximum path: 1

Routing Information Sources:

Gateway Distance Last Update

203.149.76.247 200 1w2d

203.149.76.245 200 3w4d

203.149.76.250 200 1w3d

203.149.76.248 200 2w5d

203.149.76.249 200 3w4d

Distance: external 20 internal 200 local 200

Routing Protocol is "rip"

Outgoing update filter list for all interfaces is not set

Incoming update filter list for all interfaces is not set

Sending updates every 30 seconds, next due in 20 seconds

Invalid after 180 seconds, hold down 180, flushed after 240

Redistributing: bgp 17766, rip

Default version control: send version 2, receive version 2

Interface Send Recv Triggered RIP Key-chain

Loopback10 2 2

Loopback11 2 2

Maximum path: 4

Routing for Networks:

10.0.0.0

192.168.1.0

203.149.76.0

Routing Information Sources:

Gateway Distance Last Update

Distance: (default is 120)

Note: If I add the following static route, I can successfully get to CE LAN:

ip route vrf TEST10 192.168.1.0 255.255.255.0 10.0.2.1

Hall of Fame Super Silver

Re: RIP to CE (L2TP VPDN DSL Connection)

Hello,

you have linked virtual-template1 to loopback1, did you mean loop10 instead ?

Loop1 is a backbone interface from your configuration:

interface Loopback1

description BNE-LNS-1 Interface

ip address 203.149.76.243 255.255.255.255

!

in the RIP database for VRF TEST10 loop10, loop11 and Virtual-Access 7 are listed.

Been loop1 in the global routing table the network command under rip af vrf TEST10 is not working.

For this reason RIP messages from CE router are probably ignored and so the PE cannot learn the Customer LAN network

Hope to help

giuslar

Community Member

Re: RIP to CE (L2TP VPDN DSL Connection)

Thanks for the reply - Loop10 is being assigned to DSL Int upon connection:

Radius reply attribute:

lcp:interface-config=ip vrf forwarding TEST10 \nip unnumbered Loopback10

interface Loopback10

ip vrf forwarding TEST10

ip address 10.0.0.1 255.255.255.0

So how do you suggest I modify my config so that the PE can talk rip to CE?

Regards,

MB

Silver

Re: RIP to CE (L2TP VPDN DSL Connection)

hi bell,

On the PE do u have any interface with same ip subnet of CE LAN(192.168.1.0).

If not why ur advertising that n/w from PE too.(network 192.168.1.0). Try by removing that line from rip on PE.

Hope this will help,

Rgs.

Hall of Fame Super Silver

Re: RIP to CE (L2TP VPDN DSL Connection)

Hello,

I would try to link virtual-template 1 to Loop10 instead of Loop1 so that both Virtual-Access 7 and Virtual-Template 1 are members of VRF TEST10.

Interface Virtual-Access is derived from Virtual-template 1 and from RADIUS reply and currently VT1 is a member of global routing table and the Virtual-Access is member of VRF.

This mismatch could cause the problem you see

hope to help

giuslar

Community Member

Re: RIP to CE (L2TP VPDN DSL Connection)

Unfortunately I cannot link virt template to loop10 - This virt template is used for all vpdn connections (vrf + non-vrf)

Hall of Fame Super Silver

Re: RIP to CE (L2TP VPDN DSL Connection)

OK I see,

But IF you are using the Virtual-Template 1 just as a Front End for PPP CHAP authentication and RADIUS reply provides L3 info for both VRF and non VRF users

THEN I would try to use "no ip address" within Virtual-template 1 configuration to give it a neutral role.

I tried this on a similar context of ISDN direct access to MPLS VPN (without using L2TP), with some users members of VRFs and other that are in the global table and for me worked (I was using eBGP sessions actually for PE-CE communication) also at the same time on multiple clients.

In my case virtual-template was without IP address and all L3 info was provided by the RADIUS server.

Another idea could be to try to use the neighbor command within rip address-family vrf TEST10 on the PE router and on the CE router rip process just to avoid any issue with multicast on the PPP over L2TP link ( RIP updates are TX/RX as unicast)

hope to help

giuslar

320
Views
0
Helpful
10
Replies
CreatePlease to create content