cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1831
Views
5
Helpful
7
Replies

BGP and VRF

adam.sellhorn
Level 4
Level 4

I have a question regarding running BGP on a router with two VRF's:

Here is my config:

!

router bgp xxxxx

no synchronization

bgp log-neighbor-changes

network x.x.x.x mask 255.255.255.x

network x.x.x.x mask 255.255.255.x

network x.x.x.x mask 255.255.255.x

neighbor x.x.x.x remote-as xxxxx

no auto-summary

!

address-family ipv4 vrf VRF-2

redistribute connected

redistribute static

neighbor y.y.y.y remote-as xxxxx

neighbor y.y.y.y activate

no synchronization

exit-address-family

!

This works fine but now I need to add the following lines to the Global-VRF:

neighbor x.x.x.x prefix-list ROUTES_ALLOWED_IN in

neighbor x.x.x.x route-map PREPEND_RM out

When I do this the changes apply to the Global-VRF and VRF-2.

Should the Global-VRF be in it's own address-family? I think this would work but wanted to run it by you folks since this is my first deployment of VRF's and BGP.

Any help would be greatly appreciated.

Thanks.

7 Replies 7

Edison Ortiz
Hall of Fame
Hall of Fame

I'm not sure the behavior you are seeing. I applied your configuration here and it remained in the global portion of the BGP configuration. It didn't duplicate the command into the VRF-2.

What exactly are you seeing in your config?

Also, you only have one VRF, the global routing table isn't considered a VRF.

__

Edison.

Thank you for your reply Edison. The problem I was having with the prefix-list and route-map in the global bgp configuration was that it was filtering routes in VRF-2. I have since created a second VRF and configured it as below to get it to work. I am hoping tomorrow to set up the previous config in my lab tomorrow and play around with it.

router bgp xxxxx

no synchronization

bgp router-id xxx.xxx.58.150

bgp log-neighbor-changes

no auto-summary

!

address-family ipv4 vrf VRF-1

redistribute connected

redistribute static

neighbor xxx.xxx.242.169 remote-as xxxxx

neighbor xxx.xxx.242.169 activate

no synchronization

exit-address-family

!

address-family ipv4 vrf Local

neighbor xxx.xxx.249.205 remote-as xxxxx

neighbor xxx.xxx.249.205 activate

neighbor xxx.xxx.249.205 prefix-list ROUTES_ALLOWED_IN in

neighbor xxx.xxx.249.205 route-map PREPEND_RM out

no synchronization

network xxx.xxx.58.150 mask 255.255.255.255

network xxx.xxx.58.151 mask 255.255.255.255

network xxx.xxx.129.0 mask 255.255.255.0

network xxx.xxx.129.32 mask 255.255.255.240

exit-address-family

Good luck and let us know.

__

Edison.

Well now that I have this setup in a lab environment it works fine. You were right Edison. There must have been something that I was overlooking when this was in production. Thanks for looking into this and sorry for wasting your time.

Mohamed Sobair
Level 7
Level 7

Hi,

just One note:

The Global IPV4 Bgp table is differ from the BGP VPNv4 table.

If you want to apply any Route filtering method you should know where u want it to be applied. As usually Normal BGP IPv4 carried out Between the PE-CE, And VPNv4 is carried out between PE-PE.

HTH

Mohamed

I agree Mohamed and thank you for your reply. But in this case the provider terminated two VRFs to me via one T3 seperated by DLCIs so I had to use BGP IPv4 and VPNv4 on the CE.

Mohamed Sobair
Level 7
Level 7

Hi Adam,

Ok, so you are having Internet Service along with a VPN through the same MPLS-VPN Backbone provider.

Configuring per vrf instance on the bgp process shouldnt affect your Global BGP IPv4 config at all, pls double check and update.

HTH

Mohamed

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco