01 Jul

MPLS workshop #5 – CE-PE connection using EIGRP

Last protocol I’ll be focusing on for CE-PE connection is EIGRP. As in OSPF redistributing routes from EIGRP to BGP and back to EIGRP makes them external from routing protocol perspective. Using BGP extended communities many characteristics including AS number, tags or metric components are passed between PE routers and allows reconstruction of prefix. If the EIGRP route is internal it’s redistributed back as internal if AS numbers on remote PE router matches the source one (it’s encoded using external community). Otherwise it’s redistributed as EIGRP external.
Read More

26 Jun

MPLS workshop #4 – CE-PE connection using OSPF

In previous example a CE-PE routing protocol was BGP, but it’s not only option. We can also use IGP protocols like OSPF. We use this protocol for customers in VRF_A. On PE router OSPF is redistributed to iBGP and vice versa, otherwise vpnv4 routes won’t be propagated through MPLS domain. MPLS VPN area is usually referred as super backbone and PE routers are ASR routers.

Because of redistribution in normal OSPF operation those routes would be treated as external routes (LSA Type 5) when redistributed back to OSPF. PE router is treated as ASBR. When redistributing from MP-BGP back to OSPF those routes are marked as inter-area routes (LSA Type 3), even if the area numbers on both ends does not match. However if customer network has more than one area PE routers must be in area 0 or virtual-link between PE router and nearest ABR must be configured.

Read More

18 Jun

MPLS workshop #2 – MP-BGP for L3VPN in the Core

Our core network after first chapter of workshop is able to forward labeled packets. Let’s focus now on deploying some services within this network. First MPLS L3VPN. As for now we have IS-IS as an IGP protocol in the core to forward prefixes of links and loopbacks, and LDP to maintain label exchange. Next step is to introduce mechanism that will allow us to attach label information to prefixes. MP-BGP is an extension of standard BGP protocol that let us carry MPLS VPN routes. It’s flexible and well known protocol. At this step we configure core routers (P and PE) to carry MPLS VPN routes.
Read More

24 Jan

BGP Route Server on ASR1000

BGP Route Server is feature designated mostly for IX (Internet Exchange) deployment. You can find many deployment around the world mostly using open software like Quagga, but it’s also available on Cisco’s ASR1000 routers. Route server is an advanced route reflector which provide customized policy support for each service provider, which means that standard path selection can be overridden by route policies set per particular provider.
Read More

07 Oct

Different default BGP prefix policy on ASR9k

ASR9000 and it’s IOS XR required administrator to apply routing policy for every neighbor. This behavior is different from IOS where if no policy were applied router accepts and sends all prefixes without limitation. So if we make following configuration:

router bgp 65374
  neighbor 10.129.11.51
  remote-as 1234
  ebgp-multihop 10
  update-source Bundle-Ether1.260
  graceful-restart
  address-family ipv4 unicast
   soft-reconfiguration inbound always

router will inform us, that no prefixes will be send nor received on this session

RP/0/RSP0/CPU0:Aug 20 08:56:13.388 : bgp[137]: %ROUTING-BGP-6-NBR_NOPOLICY : No inbound IPv4 Unicast policy is configured for eBGP neighbor 10.129.11.51. 
No IPv4 Unicast prefixes will be accepted from the neighbor until inbound policy is configured. 
RP/0/RSP0/CPU0:Aug 20 08:56:13.388 : bgp[137]: %ROUTING-BGP-6-NBR_NOPOLICY : No outbound IPv4 Unicast policy is configured for eBGP neighbor 10.129.11.51. 
No IPv4 Unicast prefixes will be sent to the neighbor until outbound policy is configured. 

So proper configuration always have to contain policy attached to neighbor in proper address-family. In following example we’re making router send and accept all prefixes

route-policy Accept-All
  pass
end-policy
!
router bgp 65374
 neighbor 10.129.11.51
  remote-as 1234
  ebgp-multihop 10
  update-source Bundle-Ether1.260
  address-family ipv4 unicast
   route-policy Accept-All in
   route-policy Accept-All out
   soft-reconfiguration inbound always

update: As my friend considered this is default behavior for eBGP peers only, for iBGP it works like in in standard IOS and all prefixes are passed to neighbors by default.

23 Jul

BGP Unknown path error on ASR1000

In some situations you can see following error message while trying to establish BGP neighborship

%BGP_SESSION-5-ADJCHANGE: neighbor 192.168.0.2 IPv4 Unicast topology base removed from session  Unknown path error

This can be misconfiguration or internal bug described (or rather just mentioned because I’d say bug description is almost empty) in CSCsy10339 bug ticket if you are using release prior to 12.2(33)XNE. If this is misconfiguration you’d rather expect error message like

%BGP_SESSION-5-ADJCHANGE: neighbor 192.168.0.2 IPv4 Unicast topology base removed from session  Peer closed the session

. This can be quite confusing and leads to looking for problem elsewhere than it exists.