In model B all vprn routes were present in the ASBR.
In option-C the ASBR distribute reachability information for the remote PE's system ip address only.
VPRN routing information is handled by the PE's or more appropriately by the RR's in the different AS's
/32 routes needs to be advertised in the peer AS, as it is not possible we need a label for that see the figure below:-
In this case PE1 appends the label V, BGP label z and ldp label.
LDP label is stripped by ASBR1 and swaps the label Z with a new label Y
ASBR2 attaches a new ldp label and transmits the packet to ASBR2
similar configuration exists on PE2 also.
Route target on PE1 and PE2 must match.
In this case PE5 acts as an RR and all should peer with the RR, advertise label ipv4 should be enabled on all the routers.
Two groups needs to be enabled on ASBR's and all should be configured with family ipv4 vpn-ip4
Another common cli is advertise-label ipv4 command.
Verify the BGP session with ASBR2
In this case there are 3 labels that are used the top label is the ldp label use the following command to view the top label:-
The middle label is assigned by ASBR to PE1 to reach the remote system address of 10.10.10.2 ie PE2
Above output shows that the labels are interchanged by the ASBR's.
192.2.1.1/27 is the loopback address of CE1 the below output shows the vpn label assigned by PE1 to PE2 to reach 192.2.1.1
PE2 advertises the route to RR2 using the label 131071
RR2 advertises the route to RR1 :-
Model C advantages:-
All the /32 routes are advertised.
Verification of routes in ASBR1:-
The Rib-in entries shows the label which is received from ASBR2 which is 131069 and rib out entries shows the ipv4 label as 131064.
For 3 different routes 3 different labels are generated as seen above.
The above command shows all the routes will be installed in the routing table ie all the /32 prefixes the prefixes received from the neighbouring AS will be advertised by BGP.
The routes should be further advertised to PE1 and the routes should be seen as tunnelled those routes which are received in ASBR as BGP. The routing table in PE1
Between the RR's we need to configure MP-ebgp for exchanging vpn-ipv4 routes. Multihop 10 is also configured to increase the TTL value of ip header to 10 as they are not directly connected. Neighbor 10.10.10.5 is the system address of the neighbouring RR.
Verify the MP-EBGP session between the RR's
VPRN routes and ping can be verified by using the following command:-
In option-C the ASBR distribute reachability information for the remote PE's system ip address only.
VPRN routing information is handled by the PE's or more appropriately by the RR's in the different AS's
/32 routes needs to be advertised in the peer AS, as it is not possible we need a label for that see the figure below:-
In this case PE1 appends the label V, BGP label z and ldp label.
LDP label is stripped by ASBR1 and swaps the label Z with a new label Y
ASBR2 attaches a new ldp label and transmits the packet to ASBR2
similar configuration exists on PE2 also.
Route target on PE1 and PE2 must match.
The above figure describes the advertisements of /32 system addresses between the AS's
Advertise-label ipv4 needs to be enabled to advertise labelled ipv4 packets.
In this case PE5 acts as an RR and all should peer with the RR, advertise label ipv4 should be enabled on all the routers.
Two groups needs to be enabled on ASBR's and all should be configured with family ipv4 vpn-ip4
Another common cli is advertise-label ipv4 command.
Verify the BGP session with ASBR2
Advertise Label : ipv4
Auth key chain : n/a
Bfd Enabled : Disabled L2 VPN Cisco Interop : Disabled
Local Capability : RtRefresh MPBGP 4byte ASN
Remote Capability : RtRefresh MPBGP 4byte ASN
Import Policy : None Specified / Inherited
Export Policy : None Specified / Inherited
-------------------------------------------------------------------------------
Neighbors : 1
A:PE1# show router ldp bindings active prefix 10.10.10.3/32
===============================================================================
Legend: (S) - Static
===============================================================================
LDP Prefix Bindings (Active)
===============================================================================
Prefix Op IngLbl EgrLbl EgrIntf/LspId EgrNextHop
-------------------------------------------------------------------------------
10.10.10.3/32 Push -- 131070 1/1/3 10.1.3.3
10.10.10.3/32 Swap 131069 131070 1/1/3 10.1.3.3
-------------------------------------------------------------------------------The middle label is assigned by ASBR to PE1 to reach the remote system address of 10.10.10.2 ie PE2
A:PE1# show router bgp routes 10.10.10.2/32 hunt
===============================================================================
BGP Router ID:10.10.10.1 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best
===============================================================================
BGP IPv4 Routes
===============================================================================
RIB In Entries
-------------------------------------------------------------------------------
Network : 10.10.10.2/32
Nexthop : 10.10.10.3
From : 10.10.10.6
Res. Nexthop : 10.10.10.3 (LDP)
Local Pref. : 100 Interface Name : toR3
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 100
Community : No Community Members
Cluster : 0.0.0.1
Originator Id : 10.10.10.3 Peer Router Id : 10.10.10.6
IPv4 Label : 131064
Flags : Used Valid Best IGP
AS-Path : 64497
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Routes : 1A:ASBR1# show router bgp inter-as-label
===============================================================================
BGP Inter-AS labels
===============================================================================
NextHop Received Advertised Label
Label Label Origin
-------------------------------------------------------------------------------
10.10.10.1 0 131071 Internal
10.10.10.3 0 131067 Edge
10.3.4.4 131066 131065 External
10.3.4.4 131067 131063 External
10.3.4.4
10.10.10.6 0 131066 Internal
===============================================================================
131069 131064 ExternalASBR2 advertised label 131069 for 10.10.10.2/32 towards ASBR1
ASBR1 advertised label 131064 for 10.10.10.2/32 towards PE1 over RR1Above output shows that the labels are interchanged by the ASBR's.
192.2.1.1/27 is the loopback address of CE1 the below output shows the vpn label assigned by PE1 to PE2 to reach 192.2.1.1
*A:PE2# show router bgp routes vpn-ipv4 192.2.1.1/27 hunt
===============================================================================
BGP Router ID:10.10.10.2 AS:64497 Local AS:64497
===============================================================================
BGP VPN-IPv4 Routes
===============================================================================
-------------------------------------------------------------------------------
RIB In Entries
-------------------------------------------------------------------------------
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Network : 192.2.1.0/27
Nexthop : 10.10.10.2
Route Dist. : 64496:1
VPN Label : 131071To : 10.10.10.5
Res. Nexthop : n/a
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
Community : target:64496:10
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 10.10.10.5
Origin : IGP
AS-Path : No As-Path
-------------------------------------------------------------------------------
Routes : 1
===============================================================================PE2 advertises the route to RR2 using the label 131071
*A:PE2# show router bgp neighbor 10.10.10.5 advertised-routes vpn-ipv4
===============================================================================
BGP Router ID:10.10.10.2 AS:64497 Local AS:64497
===============================================================================
BGP VPN-IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop VPNLabel
As-Path
-------------------------------------------------------------------------------
i 64496:1:192.2.1.0/27 100 None
10.10.10.2 131071
No As-Path
-------------------------------------------------------------------------------
Routes : 1RR2 advertises the route to RR1 :-
*A:RR2# show router bgp neighbor 10.10.10.6 advertised-routes vpn-ipv4
===============================================================================
BGP Router ID:10.10.10.5 AS:64497 Local AS:64497
===============================================================================
BGP VPN-IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop VPNLabel
As-Path
-------------------------------------------------------------------------------
i 64496:1:192.2.1.0/27 n/a None
10.10.10.2 131071
64497
-------------------------------------------------------------------------------
Routes : 1
RR1 inturn advertises the route to PE1:-
*A:RR1# show router bgp neighbor 10.10.10.1 advertised-routes vpn-ipv4
===============================================================================
BGP Router ID:10.10.10.6 AS:64496 Local AS:64496
===============================================================================
BGP VPN-IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop VPNLabel
As-Path
-------------------------------------------------------------------------------
i 64496:1:192.2.1.0/27 100 None
10.10.10.2 131071
64497
-------------------------------------------------------------------------------
Routes : 1A:PE1# show router bgp routes vpn-ipv4 192.2.1.1/27 hunt
===============================================================================
BGP Router ID:10.10.10.1 AS:64496 Local AS:64496
===============================================================================
BGP VPN-IPv4 Routes
===============================================================================
RIB In Entries
-------------------------------------------------------------------------------
Network : 192.2.1.0/27
Nexthop : 10.10.10.2
Route Dist. : 64496:1
VPN Label : 131071From : 10.10.10.6
Res. Nexthop : n/a
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : None
Community : target:64496:10
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 10.10.10.6
Flags : Used Valid Best IGP
AS-Path : 64497
VPRN Imported : 10
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Routes : 1
Model C advantages:-
Model C redistributes the /32 loopbacks via an eBGP session
between the ASBR’s
label together with the /32 loopback
MP-BGP extensions defined in RFC 3107 are used to announce aA 3 label stack is used in the remote ASASBR’s do not have VPN-IPv4 Routes and label informationScales the best among all the three Inter-AS IP-VPRN modelsHigh Control through BGP policiesModel C typically deployed within a service provider networkA:ASBR1>config>router>policy-options# info
----------------------------------------------
prefix-list "PE_SYSTEM"
prefix 10.10.10.0/24 longer <<----- A policy needs to be created for advertising /32 routes between the AS
exit
policy-statement "PE_SYS_TO_BGP"
entry 10
from
prefix-list "PE_SYSTEM"
exit
to
protocol bgp
exit
action accept
exit
exit
exit
----------------------------------------------A:ASBR1>config>router>bgp# info
----------------------------------------------
group "Inter_AS"
family ipv4
peer-as 64497
neighbor 10.3.4.4
export "PE_SYS_TO_BGP"
advertise-label ipv4
exit
exit
----------------------------------------------The advertised routes from ASBR2 to ASBR1 are as shown below:
*A:ASBR2# show router bgp neighbor 10.3.4.3 advertised-routes
===============================================================================
BGP Router ID:10.10.10.4 AS:64497 Local AS:64497
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop VPNLabel
As-Path
-------------------------------------------------------------------------------
i 10.10.10.2/32 n/a 100
10.3.4.4 -
64497
? 10.10.10.4/32 n/a None
10.3.4.4 -
64497
i 10.10.10.5/32 n/a 200
10.3.4.4 -
64497
-------------------------------------------------------------------------------
Routes : 3
===============================================================================All the /32 routes are advertised.
Verification of routes in ASBR1:-
A:ASBR1# show router bgp routes
===============================================================================
BGP Router ID:10.10.10.3 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best
===============================================================================
BGP IPv4 Routes
===============================================================================
Flag Network LocalPref MED
Nexthop VPNLabel
As-Path
-------------------------------------------------------------------------------
u*>i 10.10.10.2/32 None 100
10.3.4.4 -
64497
u*>? 10.10.10.4/32 None None
10.3.4.4 -
64497
u*>i 10.10.10.5/32 None 100
10.3.4.4 -
64497
-------------------------------------------------------------------------------
Routes : 3
The actual labels can be seen with following command A:ASBR1# show router bgp routes 10.10.10.2/32 hunt
===============================================================================
BGP Router ID:10.10.10.3 AS:64496 Local AS:64496
===============================================================================
Legend -
Status codes : u - used, s - suppressed, h - history, d - decayed, * - valid
Origin codes : i - IGP, e - EGP, ? - incomplete, > - best
===============================================================================
BGP IPv4 Routes
===============================================================================
RIB In Entries
-------------------------------------------------------------------------------
Network : 10.10.10.2/32
Nexthop : 10.3.4.4
From : 10.3.4.4
Res. Nexthop : 10.3.4.4
Local Pref. : None Interface Name : toR4
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 100
Community : No Community Members
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 10.10.10.4
IPv4 Label : 131069
Flags : Used Valid Best IGP
AS-Path : 64497
-------------------------------------------------------------------------------
RIB Out Entries
-------------------------------------------------------------------------------
Network : 10.10.10.2/32
Nexthop : 10.10.10.3
To : 10.10.10.6
Res. Nexthop : n/a
Local Pref. : 100 Interface Name : NotAvailable
Aggregator AS : None Aggregator : None
Atomic Aggr. : Not Atomic MED : 100
Community : No Community Members
Cluster : No Cluster Members
Originator Id : None Peer Router Id : 10.10.10.6
IPv4 Label : 131064
Origin : IGP
AS-Path : 64497
-------------------------------------------------------------------------------
Routes : 2The Rib-in entries shows the label which is received from ASBR2 which is 131069 and rib out entries shows the ipv4 label as 131064.
A:ASBR1# show router bgp inter-as-label
===============================================================================
BGP Inter-AS labels
===============================================================================
NextHop Received Advertised Label
Label Label Origin
-------------------------------------------------------------------------------
10.10.10.1 0 131071 Internal
10.10.10.3 0 131067 Edge
10.3.4.4 131066 131065 External
10.3.4.4 131067 131063 External
10.3.4.4 131069 131064 External
10.10.10.6 0 131066 Internal
===============================================================================For 3 different routes 3 different labels are generated as seen above.
A:ASBR1# show router route-table
===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Prefix Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.1.3.0/27 Local Local 13d21h21m 0
toR1 0
10.1.6.0/27 Remote OSPF 01d00h19m 10
10.1.3.1 200
10.3.4.0/27 Local Local 23h46m29s 0
toR4 0
10.3.6.0/27 Local Local 01d00h46m 0
toR6 0
10.10.10.1/32 Remote OSPF 06d01h56m 10
10.1.3.1 100
10.10.10.2/32 Remote BGP 23h25m19s 170
10.3.4.4 0
10.10.10.3/32 Local Local 13d21h24m 0
system 0
10.10.10.4/32 Remote BGP 23h25m19s 170
10.3.4.4 0
10.10.10.5/32 Remote BGP 23h25m19s 170
10.3.4.4 0
10.10.10.6/32 Remote OSPF 01d00h17m 10
10.3.6.6 100
-------------------------------------------------------------------------------
No. of Routes: 10
===============================================================================The above command shows all the routes will be installed in the routing table ie all the /32 prefixes the prefixes received from the neighbouring AS will be advertised by BGP.
The routes should be further advertised to PE1 and the routes should be seen as tunnelled those routes which are received in ASBR as BGP. The routing table in PE1
A:PE1# show router route-table
===============================================================================
Route Table (Router: Base)
===============================================================================
Dest Prefix Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
10.1.3.0/27 Local Local 13d21h23m 0
toR3 0
10.1.6.0/27 Local Local 01d00h38m 0
toR6 0
10.3.6.0/27 Remote OSPF 01d00h19m 10
10.1.3.3 200
10.10.10.1/32 Local Local 13d21h25m 0
system 0
10.10.10.2/32 Remote BGP 21h54m04s 170
10.10.10.3 (tunneled) 0
10.10.10.3/32 Remote OSPF 06d01h58m 10
10.1.3.3 100
10.10.10.4/32 Remote BGP 21h54m04s 170
10.10.10.3 (tunneled) 0
10.10.10.5/32 Remote BGP 21h54m04s 170
10.10.10.3 (tunneled) 0
10.10.10.6/32 Remote OSPF 01d00h19m 10
10.1.6.6 100
192.1.1.0/27 Local Local 01d01h33m 0
toVPN 0
-------------------------------------------------------------------------------
No. of Routes: 10Between the RR's we need to configure MP-ebgp for exchanging vpn-ipv4 routes. Multihop 10 is also configured to increase the TTL value of ip header to 10 as they are not directly connected. Neighbor 10.10.10.5 is the system address of the neighbouring RR.
A:RR1>config>router>bgp# info
----------------------------------------------
group "Remote_AS_RR"
family vpn-ipv4
multihop 10
peer-as 64497
neighbor 10.10.10.5
exit
exit
----------------------------------------------Verify the MP-EBGP session between the RR's
A:RR1# show router bgp neighbor 10.10.10.5
===============================================================================
BGP Neighbor
===============================================================================
Peer : 10.10.10.5
Group : Remote_AS_RR
-------------------------------------------------------------------------------
Peer AS : 64497 Peer Port : 179
Peer Address : 10.10.10.5
Local AS : 64496 Local Port : 50864
Local Address : 10.10.10.6
Peer Type : External
State : Established Last State : Active
Last Event : recvKeepAlive
Last Error : Unrecognized Error
Local Family : VPN-IPv4
Remote Family : VPN-IPv4
Hold Time : 90 Keep Alive : 30
Active Hold Time : 90 Active Keep Alive : 30
Cluster Id : None
Preference : 170 Num of Update Flaps : 1
Recd. Paths : 1
IPv4 Recd. Prefixes : 0 IPv4 Active Prefixes : 0
IPv4 Suppressed Pfxs : 0 VPN-IPv4 Suppr. Pfxs : 0
VPN-IPv4 Recd. Pfxs : 1 VPN-IPv4 Active Pfxs : 0
Advertise Label : None
Auth key chain : n/a
Bfd Enabled : Disabled L2 VPN Cisco Interop : Disabled
Local Capability : RtRefresh MPBGP 4byte ASN
Remote Capability : RtRefresh MPBGP 4byte ASN
Import Policy : None Specified / Inherited
Export Policy : None Specified / Inherited
-------------------------------------------------------------------------------
Neighbors : 1VPRN routes and ping can be verified by using the following command:-
A:PE1# show router 10 route-table
===============================================================================
Route Table (Service: 10)
===============================================================================
Dest Prefix Type Proto Age Pref
Next Hop[Interface Name] Metric
-------------------------------------------------------------------------------
192.1.1.0/27 Local Local 01d00h49m 0
toVPN 0
192.2.1.0/27 Remote BGP VPN 22h12m56s 170
10.10.10.2 (tunneled) 0
-------------------------------------------------------------------------------
No. of Routes: 2
===============================================================================
A:PE1# ping router 10 192.2.1.1
PING 192.2.1.1 56 data bytes
64 bytes from 192.2.1.1: icmp_seq=1 ttl=64 time=2.42ms.
64 bytes from 192.2.1.1: icmp_seq=2 ttl=64 time=2.30ms.
64 bytes from 192.2.1.1: icmp_seq=3 ttl=64 time=2.30ms.
64 bytes from 192.2.1.1: icmp_seq=4 ttl=64 time=2.31ms.
64 bytes from 192.2.1.1: icmp_seq=5 ttl=64 time=2.31ms.
---- 192.2.1.1 PING Statistics ----
5 packets transmitted, 5 packets received, 0.00% packet loss
round-trip min = 2.30ms, avg = 2.33ms, max = 2.42ms, stddev = 0.064ms
A:PE1# show router route-tableA:ASBR1# show router bgp neighbor 10.3.4.4
===============================================================================
BGP Neighbor
===============================================================================
Peer : 10.3.4.4
Group : Inter_AS
-------------------------------------------------------------------------------
Peer AS : 64497 Peer Port : 49492
Peer Address : 10.3.4.4
Local AS : 64496 Local Port : 179
Local Address : 10.3.4.3
Peer Type : External
State : Established Last State : Established
Last Event : recvKeepAlive
Last Error : Cease
Local Family : IPv4
Remote Family : IPv4
Hold Time : 90 Keep Alive : 30
Active Hold Time : 90 Active Keep Alive : 30
Cluster Id : None
Preference : 170 Num of Update Flaps : 0
Recd. Paths : 0
IPv4 Recd. Prefixes : 0 IPv4 Active Prefixes : 0
IPv4 Suppressed Pfxs : 0 VPN-IPv4 Suppr. Pfxs : 0
VPN-IPv4 Recd. Pfxs : 0 VPN-IPv4 Active Pfxs : 0
A:PE1>config>service>vprn# info
----------------------------------------------
description "Customer A"
router-id 10.10.10.1
autonomous-system 64496
route-distinguisher 64496:1
auto-bind ldp
vrf-target target:64496:10
interface "toVPN" create
address 192.1.1.1/27
loopback
exit
exit
no shutdown
----------------------------------------------
Thanks for sharing this such a great information.I really appreciate your work i share this link to my facebook friend as well as Digg and twitter this info helps to everyone
ReplyDelete___________
Best Torrent Vpn Providers | Best US VPN Providers
Wow, a lot of SRC materials :-D
ReplyDeleteHi, Between ASBRs we do have eBGP Labeled IPv4 session and not MP-eBGP
ReplyDeleteASBR’s do not have VPN-IPv4 Routes and label information. MP-eBGP session is in case of Model B