MPLS Layer 3 VPNs | Central Services | Same PE

Hello All;

 

I am confused about a point that Brian stressed in the ATC Video (ATC, MPLS Layer 3 VPNs and VPNv4 BGP  … Time in 43:50) - I am hoping someone can help shed some light.

The topic was Centeral services type config, and he was stressing that you cannot locally leak routes for two VRFs on the same PE.  I am not sure about if his point was specifically without the use for MP-BGP or not, but for some reason I get the feeling that his point was including the use of MP-BGP.  

Why I am confused, is because I was able to leak routes from one VRF to another on the same PE, simply but importing the RT that was being exported.…so I am not sure why I was able to....or maybe I have missed understood the point Brian was trying to make.

 

Here are the configs / outputs from my testing on R4.  Single PE, multiple vrfs just like the ATC topology:

 

ip vrf A

 rd 150.1.4.4:1

!

ip vrf B

 rd 150.1.4.4:2

!

ip vrf D

 rd 150.1.4.4:4

!

router eigrp 22334

 no auto-summary

 !

 address-family ipv4 vrf B

  network 10.0.0.0

  no auto-summary

  autonomous-system 10

 exit-address-family

!

router ospf 200

 mpls ldp autoconfig area 0

 log-adjacency-changes

 network 10.0.0.0 0.255.255.255 area 0

 network 150.0.0.0 0.255.255.255 area 0

!

router rip

 !

 address-family ipv4 vrf A

  redistribute bgp 200 metric 7

  network 10.0.0.0

  no auto-summary

  version 2

 exit-address-family

!

router bgp 200

 no bgp default ipv4-unicast

 bgp log-neighbor-changes

 neighbor 150.1.5.5 remote-as 200

 neighbor 150.1.5.5 update-source Loopback0

 neighbor 150.1.6.6 remote-as 200

 neighbor 150.1.6.6 update-source Loopback0

 !

 address-family ipv4

  neighbor 150.1.5.5 activate

  neighbor 150.1.6.6 activate

  no auto-summary

  no synchronization

 exit-address-family

 !

 address-family vpnv4

  neighbor 150.1.5.5 activate

  neighbor 150.1.5.5 send-community extended

  neighbor 150.1.6.6 activate

  neighbor 150.1.6.6 send-community extended

 exit-address-family

 !

 address-family ipv4 vrf D

  neighbor 192.10.1.254 remote-as 254

  neighbor 192.10.1.254 password CISCO

  neighbor 192.10.1.254 activate

  no synchronization

 exit-address-family

 !

 address-family ipv4 vrf B

  redistribute eigrp 10

  no synchronization

 exit-address-family

 !

 address-family ipv4 vrf A

  redistribute rip metric 2

  no synchronization

 exit-address-family

!

 

 

>> 

>> The Routes per vrf before adding the appropriate Route Targets

>> 

 

 

Rack1R4#show bgp vpnv4 unicast vrf D

BGP table version is 68, local router ID is 150.1.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 150.1.4.4:4 (default for vrf D)

*> 205.90.31.0      192.10.1.254             0             0 254 ?

*> 220.20.3.0       192.10.1.254             0             0 254 ?

*> 222.22.2.0       192.10.1.254             0             0 254 ?

Rack1R4#

Rack1R4#

Rack1R4#

Rack1R4#

Rack1R4#

Rack1R4#

Rack1R4#

Rack1R4#

Rack1R4#show bgp vpnv4 unicast vrf A

BGP table version is 68, local router ID is 150.1.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 150.1.4.4:1 (default for vrf A)

*> 10.1.104.0/24    0.0.0.0                  0         32768 ?

*> 150.1.10.0/24    10.1.104.10              2         32768 ?

Rack1R4#

 

 

>> 

>> Add the appropriate Route Targets

>> 

 

Rack1R4#config t

Enter configuration commands, one per line.  End with CNTL/Z.

Rack1R4(config)#ip vrf D

Rack1R4(config-vrf)#route-target export 1:6

Rack1R4(config-vrf)#

*Feb 21 23:09:26.573: %BGP-5-ADJCHANGE: neighbor 192.10.1.254 vpn vrf D Down VRF config change

Rack1R4(config-vrf)#ip vrf A

Rack1R4(config-vrf)#route-

Rack1R4(config-vrf)#route-target import 1:6

Rack1R4(config-vrf)#end

 

>> 

>> Show the vrf routes

>> 

 

 

Rack1R4#show bgp vpnv4 unicast vrf A

BGP table version is 77, local router ID is 150.1.4.4

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 150.1.4.4:1 (default for vrf A)

*> 10.1.104.0/24    0.0.0.0                  0         32768 ?

*> 150.1.10.0/24    10.1.104.10              2         32768 ?

*> 205.90.31.0      192.10.1.254             0             0 254 ?

*> 220.20.3.0       192.10.1.254             0             0 254 ?

*> 222.22.2.0       192.10.1.254             0             0 254 ?

Rack1R4#

Comments

  • peetypeety ✭✭✭

    Last time I dealt with this, I was working on a 7200 with multiple VRFs and no VPNv4 active.  Adding the export/import policies didn't get the desired effect, but then putting connected/static redistribution into the VPNv4 address families got things working as desired.

Sign In or Register to comment.