Hi Guys
I've set up layer3 on new site with 4 routers.
my main client routerboard - 450 with V3.24 and test packages and the rest is 600 and 433 with V3.24
Router1
ip address print
0 10.168.248.1/30 10.168.248.0 10.168.248.3 ether2
1 10.255.254.1/32 10.255.254.1 10.255.254.1 lobridge
2 192.168.0.1/24 192.168.0.0 192.168.0.255 ether5
3 10.168.248.253/30 10.168.248.252 10.168.248.255 ether4
ip route vrf print detail
Flags: X - disabled, I - inactive
0 routing-mark=vrf1 interfaces=ether5 route-distinguisher=1.1.1.1:111 import-route-targets=1.1.1.1:111
export-route-targets=1.1.1.1:111
routing bgp instance print
Flags: X - disabled
0 name="default" as=65530 router-id=0.0.0.0 redistribute-connected=no redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
1 name="bgp1" as=65550 router-id=0.0.0.1 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
routing bgp peer print
Flags: X - disabled
0 name="peer1" instance=bgp1 remote-address=10.168.248.2 remote-as=65550 tcp-md5-key="" nexthop-choice=default
multihop=no route-reflect=yes hold-time=3m ttl=default in-filter="" out-filter="" address-families=vpnv4
default-originate=never
routing bgp instance vrf print detail
Flags: X - disabled, I - invalid
0 instance=bgp1 routing-mark=vrf1 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter=""
ROUTER2
> ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.168.248.2/30 10.168.248.0 10.168.248.3 ether1
1 10.255.254.2/32 10.255.254.2 10.255.254.2 lobridge
2 10.168.248.5/30 10.168.248.4 10.168.248.7 CSS-CR-WCMAS
routing bgp instance print
Flags: X - disabled
0 name="default" as=65530 router-id=0.0.0.0 redistribute-connected=no redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
1 name="bgp1" as=65550 router-id=0.0.0.2 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
2 name="bgp2" as=65550 router-id=0.0.0.5 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
routing bgp peer print
Flags: X - disabled
0 name="peer1" instance=bgp1 remote-address=10.168.248.1 remote-as=65550 tcp-md5-key="" nexthop-choice=default
multihop=no route-reflect=yes hold-time=3m ttl=255 in-filter="" out-filter="" address-families=vpnv4
default-originate=never
1 name="peer2" instance=bgp2 remote-address=10.168.248.6 remote-as=65550 tcp-md5-key="" nexthop-choice=default
multihop=no route-reflect=yes hold-time=3m ttl=255 in-filter="" out-filter="" address-families=vpnv4
default-originate=never
routing bgp vpnv4-route print
Flags: L - label present
# ROUTE-DISTINGUISHER DST-ADDRESS GATEWAY INTERFACE IN-LABEL OUT-LABEL
0 L 1.1.1.1:111 192.168.0.0/24 10.168.248.1 25 25
1 L 1.1.1.1:111 192.168.2.0/24 10.168.248.6 27 27
ROUTER3
ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.168.248.6/30 10.168.248.4 10.168.248.7 CSS-CR-WCMAS
1 10.255.254.3/32 10.255.254.3 10.255.254.3 lobridge
2 10.168.248.9/30 10.168.248.8 10.168.248.11 CSS-WCMAS-LEO
3 10.168.248.13/30 10.168.248.12 10.168.248.15 CSS-WCMAS-RC
4 10.168.248.17/30 10.168.248.16 10.168.248.19 CSS-WCMAS-A1
routing bgp instance print
Flags: X - disabled
0 name="default" as=65530 router-id=0.0.0.0 redistribute-connected=no redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
1 name="bgp1" as=65550 router-id=0.0.0.6 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
2 name="bgp2" as=65550 router-id=0.0.0.17 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
routing bgp peer print
Flags: X - disabled
0 name="peer1" instance=bgp1 remote-address=10.168.248.5 remote-as=65550 tcp-md5-key="" nexthop-choice=default
multihop=no route-reflect=yes hold-time=3m ttl=255 in-filter="" out-filter="" address-families=vpnv4
default-originate=never
1 name="peer2" instance=bgp2 remote-address=10.168.248.18 remote-as=65550 tcp-md5-key="" nexthop-choice=default
multihop=no route-reflect=yes hold-time=3m ttl=255 in-filter="" out-filter="" address-families=vpnv4
default-originate=never
routing bgp vpnv4-route print
Flags: L - label present
# ROUTE-DISTINGUISHER DST-ADDRESS GATEWAY INTERFACE IN-LABEL OUT-LABEL
0 L 1.1.1.1:111 192.168.0.0/24 10.168.248.5 25 25
1 L 1.1.1.1:111 192.168.2.0/24 10.168.248.18 27 27
Router4
ip route vrf print
Flags: X - disabled, I - inactive
0 routing-mark=vrf1 interfaces=ether1 route-distinguisher=1.1.1.1:111 import-route-targets=1.1.1.1:111
export-route-targets=1.1.1.1:111
> ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.168.248.18/30 10.168.248.16 10.168.248.19 wlan1
1 192.168.2.1/24 192.168.2.0 192.168.2.255 ether1
2 10.255.254.7/32 10.255.254.7 10.255.254.7 lobridge
routing bgp instance print
Flags: X - disabled
0 name="default" as=65530 router-id=0.0.0.0 redistribute-connected=no redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=no ignore-as-path-len=no
1 name="bgp1" as=65550 router-id=0.0.0.18 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=no redistribute-other-bgp=no out-filter="" client-to-client-reflection=yes ignore-as-path-len=no
routing bgp peer print
Flags: X - disabled
0 name="peer1" instance=bgp1 remote-address=10.168.248.17 remote-as=65550 tcp-md5-key="" nexthop-choice=default
multihop=no route-reflect=yes hold-time=3m ttl=255 in-filter="" out-filter="" address-families=vpnv4
default-originate=never
routing bgp instance vrf print detail
Flags: X - disabled, I - invalid
0 instance=bgp1 routing-mark=vrf1 redistribute-connected=yes redistribute-static=no redistribute-rip=no
redistribute-ospf=yes redistribute-other-bgp=no out-filter=""
routing bgp vpnv4-route print
Flags: L - label present
# ROUTE-DISTINGUISHER DST-ADDRESS GATEWAY INTERFACE IN-LABEL OUT-LABEL
0 L 1.1.1.1:111 192.168.0.0/24 10.168.248.17 wlan1 25 25
1 L 1.1.1.1:111 192.168.2.0/24 ether1 27
snippet from my ip route print detail on router4
0 ADb dst-address=192.168.0.0/24 gateway=10.168.248.17 reachable wlan1 distance=20 scope=40 target-scope=30
routing-mark=vrf1 bgp-local-pref=100 bgp-origin=incomplete bgp-ext-communities="RT:1.1.1.1:111"
my CE cant ping 192.168.0.1 or 192.168.0.4
tool traceroute 192.168.0.1
ADDRESS STATUS
1 192.168.2.1 1ms 1ms 1ms
2 (unknown) timeout timeout timeout
What am i missing?
Thanks for the help
S
Re: routing vrf problem
You should set your lobridge interface as BGP peer update-source so that BGP next hop is correct for VPNv4 routes. Also - you do not need multiple BGP instances, you should add all BGP peers to one instance.
Re: routing vrf problem
Thanks mplsguy
I have done what u said
changed all instances to one single one , i however notice my bgp peers wont establish if i set both peers to update-source=lobridge , setting one side of the peer to lobridge works, takes bit longer than usual to establish , is this correct as you said?
my Router4 looks like this
ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.168.248.18/30 10.168.248.16 10.168.248.19 wlan1
1 192.168.2.1/24 192.168.2.0 192.168.2.255 ether1
2 10.255.254.7/32 10.255.254.7 10.255.254.7 lobridge
ip route vrf print
Flags: X - disabled, I - inactive
0 routing-mark=css interfaces=ether1 route-distinguisher=2.2.2.2:2 import-route-targets=2.2.2.2:2 export-route-targets=2.2.2.2:2
routing bgp peer print
Flags: X - disabled
0 name="peer1" instance=bgp1 remote-address=10.168.248.17 remote-as=65540 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=yes hold-time=3m ttl=255 in-filter="" out-filter=""
address-families=vpnv4 update-source=lobridge default-originate=never
routing bgp vpnv4-route print
Flags: L - label present
# ROUTE-DISTINGUISHER DST-ADDRESS GATEWAY INTERFACE IN-LABEL OUT-LABEL
0 L 2.2.2.2:2 192.168.0.0/24 10.168.248.1 wlan1 26 26
1 L 2.2.2.2:2 192.168.2.0/24 ether1 66
I see on my vpnv4-route the gateways has changed to PE(10.168.248.1) routers and not the P(10.168.248.17) routers, is that correct?
Thanks
S
I have done what u said
changed all instances to one single one , i however notice my bgp peers wont establish if i set both peers to update-source=lobridge , setting one side of the peer to lobridge works, takes bit longer than usual to establish , is this correct as you said?
my Router4 looks like this
ip address print
Flags: X - disabled, I - invalid, D - dynamic
# ADDRESS NETWORK BROADCAST INTERFACE
0 10.168.248.18/30 10.168.248.16 10.168.248.19 wlan1
1 192.168.2.1/24 192.168.2.0 192.168.2.255 ether1
2 10.255.254.7/32 10.255.254.7 10.255.254.7 lobridge
ip route vrf print
Flags: X - disabled, I - inactive
0 routing-mark=css interfaces=ether1 route-distinguisher=2.2.2.2:2 import-route-targets=2.2.2.2:2 export-route-targets=2.2.2.2:2
routing bgp peer print
Flags: X - disabled
0 name="peer1" instance=bgp1 remote-address=10.168.248.17 remote-as=65540 tcp-md5-key="" nexthop-choice=default multihop=no route-reflect=yes hold-time=3m ttl=255 in-filter="" out-filter=""
address-families=vpnv4 update-source=lobridge default-originate=never
routing bgp vpnv4-route print
Flags: L - label present
# ROUTE-DISTINGUISHER DST-ADDRESS GATEWAY INTERFACE IN-LABEL OUT-LABEL
0 L 2.2.2.2:2 192.168.0.0/24 10.168.248.1 wlan1 26 26
1 L 2.2.2.2:2 192.168.2.0/24 ether1 66
I see on my vpnv4-route the gateways has changed to PE(10.168.248.1) routers and not the P(10.168.248.17) routers, is that correct?
Thanks
S
Re: routing vrf problem
It is mandatory to use "loopback" address as update-source, otherwise remote router will not use proper label mapping to deliver frames to this router - it will use mapping of wrong route that may cause penultimate hop popping to happen at the wrong hop.
If BGP does not establish between loopback addresses, most likely routes for loopback address are not distributed/configured correctly.
Gateway of vpnv4 route must be remote PE router, because every PE figures out who is remote PE from BGP nexthop - this is how route reflector works - it does not change BGP nexthop of route. If BGP nexthop of vpnv4 route gets changed, PE router that receives this route will not be able to MPLS switch packets using this route to correct "egress" PE.
If BGP does not establish between loopback addresses, most likely routes for loopback address are not distributed/configured correctly.
Gateway of vpnv4 route must be remote PE router, because every PE figures out who is remote PE from BGP nexthop - this is how route reflector works - it does not change BGP nexthop of route. If BGP nexthop of vpnv4 route gets changed, PE router that receives this route will not be able to MPLS switch packets using this route to correct "egress" PE.
Re: routing vrf problem
thanks got it working
i had my peers wrong, i had to set my peers remote-address to the loopback address and not the wan routed ip
working wonderfull
Thanks
S
i had my peers wrong, i had to set my peers remote-address to the loopback address and not the wan routed ip
working wonderfull
Thanks
S
Who is online
Users browsing this forum: No registered users and 33 guests