MPLS – BGP L3 VPN

image

we will build this lab on previous post MPLS EIGRP L3 VPN 

we will run BGP between CE and PE instead of EIGRP

We will start by configuring BGP on the CEs

R1

R1#show running-config | sec router
router bgp 65011
 no synchronization
 bgp log-neighbor-changes
 network 1.1.1.0 mask 255.255.255.0
 neighbor 10.1.12.2 remote-as 100
 no auto-summary

R5

R5#show running-config | sec router bgp
router bgp 65011
 no synchronization
 bgp log-neighbor-changes
 network 5.5.5.0 mask 255.255.255.0
 neighbor 10.1.45.4 remote-as 100
 no auto-summary

Now let’s run the BGP between the CE and PE

on both router R2 and R4

router bgp 100
 address-family ipv4 vrf CUST_A
  neighbor 10.1.45.5 remote-as 65011
  neighbor 10.1.45.5 activate
  no synchronization
  network 10.1.45.0 mask 255.255.255.0

let’s check BGP on R5

R5#show ip bgp summary  | b Nei
Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
10.1.45.4       4   100      35      27       10    0    0 00:12:14        2

we see the BGP neighbor is up, but we are receiving only 2 routes while we should be receiving 3

R5(config-router)#do sh ip bgp
BGP table version is 11, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 5.5.5.0/24       0.0.0.0                  0         32768 i
*> 10.1.12.0/24     10.1.45.4                              0 100 i
r> 10.1.45.0/24     10.1.45.4                0             0 100 i

The reason that R5 is not receiving 1.1.1.0/24 prefix is that this prefix is originated

in AS 65011 which is the same AS of R5 as a default behaviour BGP will filter routes with its own AS in the AS_Path to prevent loop

we can override this behaviour using this command

neighbor x.x.x.x allow-as in

R5(config)#router bgp 100
R5(config-router)#neighbor 10.1.45.4 allowas-in
R5(config-router)#do sh ip bgp
BGP table version is 11, local router ID is 5.5.5.5
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       10.1.45.4                              0 100 65011 i
*> 5.5.5.0/24       0.0.0.0                  0         32768 i
*> 10.1.12.0/24     10.1.45.4                              0 100 i
r> 10.1.45.0/24     10.1.45.4                0             0 100 i

As we can see from the output above R5 has accepted the 1.1.1.0/24 after the command was used under the BGP configuration

Another way of doing this is using this command on the PE

neighbor x.x.x.x as-override

so on R2

R2(config)#router bgp 100
R2(config-router)#address-family ipv4 vrf CUST_A
R2(config-router-af)#neighbor 10.1.12.1 as-override 

Now let’s check the BGP on R1

R1#sh ip bgp
BGP table version is 13, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

   Network          Next Hop            Metric LocPrf Weight Path
*> 1.1.1.0/24       0.0.0.0                  0         32768 i
*> 5.5.5.0/24       10.1.12.2                              0 100 100 i
r> 10.1.12.0/24     10.1.12.2                0             0 100 i
*> 10.1.45.0/24     10.1.12.2                              0 100 i

As we can see R2 overrides the original AS_Path and replaced it with its AS number

Comments

Post a Comment

Popular posts from this blog

BPDU Filter vs BPDU Guard

        Today we will try to explore the difference between these 2 options, BPDU guard and BPDU filter We know that BPDU are used to communicate between switches in L2 networks  to ensure loop free topology. BPDU Guard is used to protect our access (or trunks incase of servers) ports from receiving undesired BPDU packets, this feature is helpful in enforcing your network boundary in access layer BPDU Guard can be enabled on global configuration as well as under the interface configuration BPDU Filter on the other hand is used to filter BPDU packets outbound when configured  in global configuration (after sending 11 BPDU out ) and will filter BPDU inbound/outbound when configured under the interface level To better understand these two features, let’s use this simple topology R1 is connected to SW1 through F0/0 to have R1 send and receive BPDU we will simple configure bridging group 1 on the router and we will join the bridge group when desired to test our configuration BPDU
Read more

BGP Weight Attribute

Image
Before we start the lab let's see the BGP path selection process If the path specifies a next hop that is inaccessible, drop the update. •Prefer the path with the highest weight. •If the weights are the same, prefer the path with the largest local preference. •If the local preferences are the same, prefer the path that was originated by BGP running on this router. •If no route was originated, prefer the route that has the shortest AS_path. •If all paths have the same AS_path length, prefer the path with the lowest origin code (where IGP is lower than EGP, and EGP is lower than incomplete). •If the origin codes are the same, prefer the path with the lowest MED attribute. •If the paths have the same MED, prefer the external path over the internal path. •If the paths are still the same, prefer the path through the closest IGP neighbor. •Prefer the path with the lowest IP address, as specified by the BGP router ID. I read this on CCIE Pursuit blog We Love Oranges As O
Read more

OSPF–Point To Multipoint Non-Broadcast

Image
Using same setup that we have been using in the last 3 posts, we will change the network type to point-to-multipoint Non-Broadcast we will also add a Ethernet link between R2 and R3 and enable OSPF on it Our final configuration should be something like this R1 interface Serial0/0   no ip address   encapsulation frame-relay   no frame-relay inverse-arp ! interface Serial0/0.123 multipoint   ip address 10.1.123.1 255.255.255.0   ip ospf network point-to-multipoint non-broadcast   ip ospf 1 area 0   frame-relay map ip 10.1.123.2 102   frame-relay map ip 10.1.123.3 103 !          router ospf 1   router-id 1.1.1.1   log-adjacency-changes   neighbor 10.1.123.2   neighbor 10.1.123.3 R2 interface Serial0/0   no ip address   encapsulation frame-relay   no frame-relay inverse-arp ! interface Serial0/0.123 multipoint   ip address 10.1.123.2 255.255.255.0   ip ospf network point-to-multipoint non-broadcast   ip ospf 1 area 0   frame-relay map ip 10.1.123.1 201 R3 interface
Read more