Re: Can we create L3 VPN without using LDP/RSVP

mrityunjay singh · ‎09-19-2017

Topology
CE1---PE1----PE2---CE12

I have gone through different online resources so far but did not get the answer why we cannot create L3VPN without using LDP/RSVP.

As per RFC 3107 BGP canbe used to distributes label without any requiremnt or label distribution protocol(LDP/RSVP)

RFC 3107- Carrying Label Information in BGP-4

   This can be useful in the following situations:

      - If two immediately adjacent Label Switched Routers (LSRs) are
         also BGP peers, then label distribution can be done without the
         need for any other label distribution protocol.

As per my understanding.

1) BGP create VPN label for each vrf and encode the label info update setting next hop as its own IP.
considering the scenario if BGP is crating VPN label and encoding it under udate attribute, the other side ibgp peer should be able to decode the same and destined
packet to the destined vrf.The next-hop rechibility can be done based on simple IP forwarding.

2) AS RFC say BGP can create Transport label as well to reach to next-hop.

why we required tranport label if we just need to reach to next hop, which can be done using simple FIB/IGP.

Configuration attached for reference.

Anyone help me with the above query..

Julio E. Moisa · ‎09-19-2017

Hi

You can create a L3 VPN without RSVP, it is used for signalling by MPLS TE tunnels. MPLS TE could avoid LDP but you always need RSVP.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

mrityunjay singh · ‎09-19-2017

Hi Julio,
Your answer is contradicting as you saying for L3VPN RSVP required /not required.
Moreover I want to know BGP can generated both label transport/Inner then why can't we use only bgp for the solution.

This is what segment routing says running both label through IGP only.

Julio E. Moisa · ‎09-19-2017

Hi

I know it sounds crazy hehe but MPLS Traffic Enginneering (TE) can work without LDP unless you are using LDP Target. Now RSVP is mandatory for MPLS TE but not for MPLS L3 VPN.

http://blog.ipspace.net/2008/09/do-you-need-ldp-with-mpls-te.html

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

mrityunjay singh · ‎09-19-2017

Hello Julio,
Thanks for feedback.
Still I am stuck with the same.
1) Why BGP alone cannot do this ? As RFC saying it can generate label.
2)Why the next-hop reachablity cannot be done by using simple ip forwarding, after all inner label is encoded into bgp update.
3) IF MPLS transport label is used for forwading only , it can be done by IGP, why LDP needed then ?

Julio E. Moisa · ‎09-19-2017

Hi,

Good questions actually but as MPLS is handled by the ISP in order to transport packets from multiple clients, you need to use VRFs to separate the clients and MPBGP to create the VPN tunnels in order to forward the packets on the PE, LDP is used tag over the path and keep a tracking. Now imagine using BGP only, you could configure VRF to separate clients/networks over differents paths for specific clients and it could be complex, hard to manage, the P router should be committed and probably requesting more resources.

MPLS L3VPN is easy to manage and it keeps an order, also it is extremenly scalable and flexible. Also the P routers don't see the client networks on their global routing tables.

>> Marcar como útil o contestado, si la respuesta resolvió la duda, esto ayuda a futuras consultas de otros miembros de la comunidad. <<

mrityunjay singh · ‎09-19-2017

Hi Julio,
I know implementing L3VPN using BGP only is not scalable and complex.
But it should work in a simple topology that I have highlighted above.
The fact is it do not seems to be working when I use BGP only in L3vpn. Or can you simulate it with simple topology that is works ?
As I am curious why LDP/RSVP is mandatory ?

Harold Ritter · ‎09-19-2017

Mrityunjay,

It is certainly possible to create an LSP wthout using LDP, RSVP and an IGP. You would do this only using BGP IPv4 + Labels. If you do this using iBGP, each router P router in the path becomes a route reflector and reflects the routes along with the associated label. This last statement does not apply to your scenario though, as you do not have P routers.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

mrityunjay singh · ‎09-19-2017

Hi Harhold,
If it is possible , then could you suggest how we can do this ?
As I am not able to replicated this in gns3 , on internet I did not see any article that solve my query.
Any Link, RFC , article which explain how we can do this ?

Harold Ritter · ‎09-19-2017

Very simple configurations. The secret sauce is the "mpls bgp forwarding" on the core facing link to activate MPLS between the two PEs. It would look something like this.

PE1:

vrf definition test
rd 109:1
route-target export 109:1
route-target import 109:1
!
address-family ipv4
exit-address-family
!
!
interface Loopback0
ip address 1.1.1.1 255.255.255.255
!
interface Loopback1
vrf forwarding test
ip address 192.168.1.1 255.255.255.0
!
interface GigabitEthernet0/1
ip address 10.1.12.1 255.255.255.0
mpls bgp forwarding
!
router bgp 109
no bgp default ipv4-unicast
neighbor 2.2.2.2 remote-as 109
neighbor 2.2.2.2 update-source Loopback0
neighbor 10.1.12.2 remote-as 109
!
address-family ipv4
network 1.1.1.1 mask 255.255.255.255
neighbor 10.1.12.2 activate
neighbor 10.1.12.2 send-label
exit-address-family
!
address-family vpnv4
neighbor 2.2.2.2 activate
neighbor 2.2.2.2 send-community extended
exit-address-family
!
address-family ipv4 vrf test
redistribute connected
exit-address-family
!

PE2:

vrf definition test
rd 109:2
route-target export 109:1
route-target import 109:1
!
address-family ipv4
exit-address-family
!
!
interface Loopback0
ip address 2.2.2.2 255.255.255.255
!
interface Loopback1
vrf forwarding test
ip address 192.168.2.1 255.255.255.0
!
interface GigabitEthernet0/1
ip address 10.1.12.2 255.255.255.0
mpls bgp forwarding
!
router bgp 109
no bgp default ipv4-unicast
neighbor 1.1.1.1 remote-as 109
neighbor 1.1.1.1 update-source Loopback0
neighbor 10.1.12.1 remote-as 109
!
address-family ipv4
network 2.2.2.2 mask 255.255.255.255
neighbor 10.1.12.1 activate
neighbor 10.1.12.1 send-label
exit-address-family
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf test
redistribute connected
exit-address-family
!

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

mrityunjay singh · ‎09-20-2017

Hi Harhold,
The above solution is not working me.On further digging mpls bgp forwarding , i come to know that this option is used with inter-as mpls deployment , whereas in my case I am using Intra option.

Moreover after configuring the same I did not see transport label , in ip cef vrf table , transport label was missing and the communication failed.
I am trying to get answers of my below query
1) Why my solution not working if i do not use ldp/rsvp.
2)How it will work without using ldp/rsvp( or say only BGP)

Thanks,

Harold Ritter · ‎09-20-2017

Hi Mrityunjay.

"mpls bgp forwarding" is used to enable mpls on the interface in the case LDP or RSVP are not configured. It is normally used for InterAS, where LDP or BGP are not configured, but can also be used in the IntraAS scenario.

1) Why my solution not working if i do not use ldp/rsvp.

HR> I suspect it might be due to the IOS version you used. What IOS version do you use?

2)How it will work without using ldp/rsvp( or say only BGP)

HR> The labels propagated by BGP should be sufficient to create the LSP.

Can you please provide the following information from both PEs:

show bgp vpnv4 uni all summ

show bgp vpnv4 uni all <loopback address of other PE>

show ip cef vrf <your vrf> <vrf prefix from other PE>

show mpls forwarding

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México