|
alexraduly
1 post
 |
Hi guys! I'm faced with a problem imposed by one my business partners. I'm supposed to add mpls funtionality between the customers router and the provider. I tried to configure mp-ebgp between the client AS and my backbone AS, with no luck. Here is a snapshot of the config, from Cherbourg Region: ! ! ! Last configuration change at 15:38:30 UTC Tue Mar 12 2013 ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec ! hostname CE_CHRBG ! boot-start-marker boot-end-marker ! ! no aaa new-model ip source-route ! ! ! ip dhcp pool Cherbourg network 142.1.4.0 255.255.255.0 default-router 142.1.4.1 lease 10 ! ! no ip domain lookup ip cef ipv6 unicast-routing ipv6 cef ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! ! ! interface Loopback0 no ip address ipv6 address FC00:100:1000:FFFF::1/128 ! interface Tunnel0 description 4to6 vers site de Caen ip address 142.142.144.101 255.255.255.252 ipv6 enable tunnel source FastEthernet0/1 tunnel mode ipv6 tunnel destination FC00:100:3000::2 ! interface FastEthernet0/0 ip address 142.1.4.1 255.255.255.0 speed auto duplex auto ! interface FastEthernet0/1 description To 6vPE_Cherbourg ip address 10.0.1.5 255.255.255.252 speed auto duplex full ipv6 address FC00:100:1000::2/64 ipv6 enable mpls ip ! router ospf 100 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! ! no ip http server no ip http secure-server ip route 142.1.3.0 255.255.255.0 142.142.144.102 ! ipv6 route ::/0 FC00:100:1000::1 ! ! ! control-plane ! ! line con 0 stopbits 1 line aux 0 line vty 0 4 ! end ! ! ! Last configuration change at 15:44:18 UTC Tue Mar 12 2013 ! version 12.2 service timestamps debug datetime msec service timestamps log datetime msec ! hostname PE_CHRBG ! boot-start-marker boot-end-marker ! vrf definition SITE rd 100:1 route-target export 100:1 route-target import 100:1 ! address-family ipv4 exit-address-family ! address-family ipv6 exit-address-family ! ! no aaa new-model ip source-route ! ! ! ! no ip domain lookup ip cef ipv6 unicast-routing ipv6 cef ipv6 multicast rpf use-bgp ! ! multilink bundle-name authenticated ! ! ! ! ! ! ! ! ! ! interface Loopback0 ip address 10.20.0.1 255.255.255.255 ! interface Loopback100 vrf forwarding SITE ip address 172.16.32.1 255.255.255.255 ipv6 address FC00:100::1/128 ! interface FastEthernet0/0 description To Core_1 ip address 10.0.1.2 255.255.255.252 speed auto duplex auto mpls ip ! interface FastEthernet0/1 description To CE_Cherbourg vrf forwarding SITE ip address 10.0.1.6 255.255.255.252 speed auto duplex full ipv6 address FC00:100:1000::1/64 ipv6 enable mpls ip ! router ospf 100 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 65000 no bgp default ipv4-unicast no bgp default route-target filter bgp log-neighbor-changes neighbor PE peer-group neighbor PE remote-as 65000 neighbor PE update-source Loopback0 neighbor 10.20.0.2 peer-group PE neighbor 10.20.0.3 peer-group PE neighbor 10.20.0.4 peer-group PE ! address-family ipv4 no synchronization redistribute connected redistribute static no auto-summary exit-address-family ! address-family vpnv4 neighbor PE send-community extended neighbor 10.20.0.2 activate neighbor 10.20.0.3 activate neighbor 10.20.0.4 activate exit-address-family ! address-family ipv6 redistribute connected redistribute static no synchronization exit-address-family ! address-family vpnv6 neighbor PE send-community extended neighbor 10.20.0.2 activate neighbor 10.20.0.3 activate neighbor 10.20.0.4 activate exit-address-family ! address-family ipv4 vrf SITE no synchronization redistribute connected redistribute static exit-address-family ! address-family ipv6 vrf SITE redistribute connected redistribute static no synchronization exit-address-family ! ! ! no ip http server no ip http secure-server ! ipv6 route vrf SITE FC00:100:1000::/48 FC00:100:1000::2 ! ! ! control-plane ! ! line con 0 stopbits 1 line aux 0 line vty 0 4 ! end ! hostname CORE1 ! ipv6 cef ip source-route no ip icmp rate-limit unreachable ip cef ! ! ! no ip domain lookup ! interface Loopback0 ip address 10.10.0.1 255.255.255.255 ! ! interface FastEthernet0/0 description To 6VPE_Cherbourg ip address 10.0.1.1 255.255.255.252 negotiation auto mpls ip ! ! interface FastEthernet0/1 description To Core_2 ip address 10.0.0.1 255.255.255.252 negotiation auto mpls ip ! ! router ospf 100 network 10.0.0.0 0.255.255.255 area 0 ! this is from gns3 point of view, in the real life it's fiber between the routers and cat cables between firewalls and CEs. Can you help me with extending mpls from the core to the CE, without affecting the PE conf regarding the vrf definition? also with a compatible solution for the 4to6 tunnel existing on the CE. Thank you! |
|
Dclangst
10 posts
 |
I haven't dug into your configs but one problem I've had with 6VPE in the past is that if you are exchanging vpn6 prefixes over an IPv4 peering sometimes the next hop isn't valid for vpnv6. I believe show ip bgp vrf SITE vpnv6 might show v6-mapped-v4 addresses as the next hop, something like ::abcd:192.168.1.5.1. I ended up using a route map to set the v6 next hop to the egress interface IP for vpnv6. ebgp-multihop might be in there too. Hopefully that's not a red herring, I last dealt with 6VPE over a year ago so my recollection may be imperfect. It gets better. IOS-XR at the time would drop your bgp sessions, v4 and v6. IOS would leave sessions up and start black holing stuff. Good times. http://ccie-in-3-months.blogspot.com/2011/05/how-multi-is-mp-bgp-in-ios-xr.html That's an XR article but I think it applies. See Tasos' 12 November response in the comments. HTH. |
|
bluepackets
25 posts
|
I'm slightly confused by all the presented information. First, although the diagram indicates MP-BGP sessions between your network and the clients, I don't see that reflected in the configurations. In your configurations, you only have MP-BGP configured between your own networks devices. In fact, the BGP process is not even in the CE configurations. Next, the configuration on CE_CHRBG and PE_CHRBG seems a bit off. On the CE, you have OSPF configured in the global routing plane and to run on and advertise anything in 10/8, which would include the interface towards the PE for IPv4. On the PE though, the interface towards the CE is in a VRF and there is no routing process for that VRF. Though, if there were, it would not really follow what you intended on implementing anyway. I think more important than the above though is this: does the customer network actually need to participate in MPLS forwarding across your network? If the answer is yes, then you are going to need to configure BGP send label. Additionally, I would not just willy-nilly run LDP between yourself and your customers to get the forwarding labels for the AS-to-AS link. I would make sure that you do not send/receive any labels that you weren't intending to get/send. I would recommend reading Cisco's "Carrier Supporting Carrier" documentation. Not to generalize and this could most certainly be a different case, but I find that many times customers say they want/need MPLS this or that, when they actually just need something like a managed L3VPN or Ethernet transport and they've unnecessarily tied the technical implementation to the service they need. (Unless there is actual label exchange and forwarding between a provider and customer, "MPLS" is not a service, it's a technology that allows for one or more ways of implementation) |
Viewing 1 - 3 of 3
- 1