Can RouterOS do Inter-AS MPLS with Option A/B/C?

Hello, Mikrotik guru!


Can RouterOS transfer MPLS Labels between AS?

This is a screenshot from simplified lab environment with border routers connected directly.

All “Router XX” is a mikrotik CHR routers and “Cisco XX” is a IOSv L3 Cisco Routers

I can`t manage to transfer MPLS Labels from AS 65001 to AS 65002 by Mikrotik!

but it has been done on same lab (see screenshot) with cisco routers as Inter-AS MPLS L3VPN – Option C without any problems

Here is 3 options how it can be implemented in theory:

1. Inter-AS MPLS L3VPN – Option A – Back to Back VRF, I tried to implement it without success (example is here https://mellowd.co.uk/ccie/?p=3766 )
2. Inter-AS MPLS L3VPN – Option B – ASBR + VPNv4, unknown how to do in RouterOS (example is here https://mellowd.co.uk/ccie/?p=3783 )
3. Inter-AS MPLS L3VPN – Option C – BGP + Label, can`t be done for sure because BGP limitations in RouterOS ( example is here https://mellowd.co.uk/ccie/?p=3804 )

Based on my current experience It can be only done by external hardware (Cisco or Juniper)

Please share your knowledge!

what did you get from thother side?

Hi,

I am managing both AS and try to implement Inter-AS based on mikrotik to build L3VPNs between AS.

I updated screenshot so you can see that is a lab environment build on eve-ng

Guys,
I can share this lab with all settings to play with MPLS on your equipment

Still no solution known… Anyone?

From presentation,Tomas sad:

Thanks, nichky. When it was presented? Last mum in Milan?


UPD: This is old slide from 2013, that is not fully correct anymore.

L3VPN works fine within one AS

That slide is semi-accurate.

L3VPN became usable with 6.2, e.g. Mikrotik fixed the L3VPN withdrawl bug. As for Route Leaking, it has always worked for us, Maybe Tomas was doing something different from us…

However there are still some major bugs in RouterOS v6 routing. e.g. BGP NLRI’s are not sent when a route received via PE-CE BGP becomes active over a L3VPN received route.

These will not be fixed until we see “new routing” which will only appear in the next major RouterOS version, which unfortunately has no ETA

did yoy try L3VPN on ospf? Does it work good? And aldo wich vOS are you recomending for that?

Thanks

@nichky

Do you mean OSPF as a PE-CE protocol in a VRF? If so, then yes, this works. However I would not reccomend it, L3VPN is flaky enough without adding another variable…

If I remember correctly, inter AS MPLS will work as long as you enable BGP multi hop over OSPF and run LDP between the two peers. While this isn’t the same solution you using with the Cisco routers, it should allow you to exchange labels.

Also, VRF leaking does work. We’ve built a number of production environments that rely on VRF leaking.

Some time ago I had to connect a Mikrotik MPLS with a Cisco MPLS for VPNv4 service. I was not brave enough to even think about trying inter-as option B. I did read about the RouterOS difficulties in BGP PE-CE (or inter-as option a, which is basically the same), so I decided to use OSPF PE-CE as the choice I believed to be the safest.

It somehow works, but after a while I experienced an issue with duplicate routes in BGP, as I tried to discuss in http://forum.mikrotik.com/t/duplicate-vpnv4-default-route-in-bgp-mpls/108582/1

So I do not any more believe OSPF PE-CE to be a safe choice.

I would like to thank nichky, nz_monkey, IPANetEngineer and Tomas Kirnak for the insights.

I am now planning to migrate to vrrp + static routing (bleah!).

Regards,
Bergonz

May I ask you to make more clear statement? The LDP do not pass over BGP because LDP nature. LDP can use IGP routing protocol only (OSPF or ISIS).

I tried to use separate OSPF instance for inter-AS connection in parallel with BGP connection but It was (a) wrong by design, (b) routes did not passed (c) it was just mess

What was your experience on that?