Sunday, November 4, 2012

MPLS VPNV4 RR



Issue

In this example we will investigate the vpnv4 router reflector configuration, as can be seen from the above diagram that we have multiple PEs: R2, R4, R5 and R7
We will configure R3 (Which is one of the Ps in the topology) as the vpnv4 route reflector, so all the VPN traffic sent from will be redirected through our RR: R3
ISIS is the IGP used throughout the backbone and OSPF the PE-CE routing protocol


Configuration

R1

R1#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.12.1 255.255.255.0
 speed 100
 duplex full

R1#sh run int lo0
interface Loopback0
 ip address 1.1.1.1 255.255.255.255

R1#sh run | sec router ospf
router ospf 101
 router-id 1.1.1.1
 network 1.1.1.1 0.0.0.0 area 0
 network 192.1.12.1 0.0.0.0 area 0

R2

R2#sh run int f1/0
interface FastEthernet1/0
 vrf forwarding A
 ip address 192.1.12.2 255.255.255.0
 speed 100
 duplex full

R2#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.23.2 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R2#sh run int f2/0
interface FastEthernet2/0
 vrf forwarding B
 ip address 192.1.214.2 255.255.255.0
 speed 100
 duplex full

R2#sh run int lo0
interface Loopback0
 ip address 2.2.2.2 255.255.255.255

mpls label protocol ldp
mpls ldp router-id Loopback0 force

R2#sh run | sec vrf
vrf definition A
 rd 100:1
 route-target export 100:1
 route-target import 100:1
 !
 address-family ipv4

vrf definition B
 rd 100:2
 route-target export 100:2
 route-target import 100:2
 !
 address-family ipv4

R2#sh run | sec router isis
router isis 1
 net 49.0000.0000.0000.0002.00
 is-type level-2-only
 passive-interface Loopback0

R2# sh run | sec router ospf
router ospf 101 vrf A
 router-id 192.1.12.2
 redistribute bgp 100 subnets
 network 192.1.12.2 0.0.0.0 area 0
router ospf 102 vrf B
 router-id 192.1.214.2
 redistribute bgp 100 subnets
 network 192.1.214.2 0.0.0.0 area 0

R2#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 100
 neighbor 3.3.3.3 update-source Loopback0
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community both
 exit-address-family
 !
 address-family ipv4 vrf A
  redistribute ospf 101
 exit-address-family
 !
 address-family ipv4 vrf B
  redistribute ospf 102

R3

R3#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.23.3 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R3#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.34.3 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R3#sh run int lo0
interface Loopback0
 ip address 3.3.3.3 255.255.255.255

mpls label protocol ldp
mpls ldp router-id Loopback0 force

R3#sh run | sec router isis
router isis 1
 net 49.0000.0000.0000.0003.00
 is-type level-2-only
 passive-interface Loopback0

R3#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 100
 neighbor 2.2.2.2 update-source Loopback0
 neighbor 4.4.4.4 remote-as 100
 neighbor 4.4.4.4 update-source Loopback0
 neighbor 5.5.5.5 remote-as 100
 neighbor 5.5.5.5 update-source Loopback0
 neighbor 7.7.7.7 remote-as 100
 neighbor 7.7.7.7 update-source Loopback0
 !
 address-family vpnv4
  neighbor 2.2.2.2 activate
  neighbor 2.2.2.2 send-community both
  neighbor 2.2.2.2 route-reflector-client
  neighbor 4.4.4.4 activate
  neighbor 4.4.4.4 send-community both
  neighbor 4.4.4.4 route-reflector-client
  neighbor 5.5.5.5 activate
  neighbor 5.5.5.5 send-community both
  neighbor 5.5.5.5 route-reflector-client
  neighbor 7.7.7.7 activate
  neighbor 7.7.7.7 send-community both
  neighbor 7.7.7.7 route-reflector-client
 exit-address-family

R4

R4#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.34.4 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R4#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.45.4 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R4#sh run int f2/0
interface FastEthernet2/0
 vrf forwarding A
 ip address 192.1.49.4 255.255.255.0
 speed 100
 duplex full

R4#sh run int f2/1
interface FastEthernet2/1
 vrf forwarding C
 ip address 192.1.41.4 255.255.255.0
 speed 100
 duplex full

R4#sh run int lo0
interface Loopback0
 ip address 4.4.4.4 255.255.255.255

mpls label protocol ldp
mpls ldp router-id Loopback0 force

R4#sh run | sec vrf
vrf definition A
 rd 100:1
 route-target export 100:1
 route-target import 100:1
address-family ipv4

vrf definition C
 rd 100:3
 route-target export 100:3
 route-target import 100:3
address-family ipv4

R4#sh run | sec router isis
router isis 1
 net 49.0000.0000.0000.0004.00
 is-type level-2-only
 passive-interface Loopback0

R4#sh run | sec router ospf
router ospf 101 vrf A
 router-id 192.1.49.4
 redistribute bgp 100 subnets
 network 192.1.49.4 0.0.0.0 area 0
router ospf 103 vrf C
 router-id 192.1.41.4
 redistribute bgp 100 subnets
 network 192.1.41.4 0.0.0.0 area 0

R4#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 100
 neighbor 3.3.3.3 update-source Loopback0
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community both
 exit-address-family
 !
 address-family ipv4 vrf A
  redistribute ospf 101
 exit-address-family
 !
 address-family ipv4 vrf C
  redistribute ospf 103
 exit-address-family

R5

R5#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.45.5 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R5#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.56.5 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R5#sh run int f2/0
interface FastEthernet2/0
 vrf forwarding B
 ip address 192.1.51.5 255.255.255.0
 speed 100
 duplex full

R5#sh run int f2/1
interface FastEthernet2/1
 vrf forwarding D
 ip address 192.1.52.5 255.255.255.0
 speed 100
 duplex full

R5#sh run int lo0
interface Loopback0
 ip address 5.5.5.5 255.255.255.255

R5#sh run | inc mpls
mpls label protocol ldp
mpls ldp router-id Loopback0 force

R5#sh run | sec vrf
vrf definition B
 rd 100:2
 route-target export 100:2
 route-target import 100:2
 !
 address-family ipv4
 exit-address-family

vrf definition D
 rd 100:4
 route-target export 100:4
 route-target import 100:4
 !
 address-family ipv4
 exit-address-family
R5#sh run | sec router isis
router isis 1
 net 49.0000.0000.0000.0005.00
 is-type level-2-only
 passive-interface Loopback0

R5#sh run | sec router ospf
router ospf 102 vrf B
 router-id 192.1.51.5
 redistribute bgp 100 subnets
 network 192.1.51.5 0.0.0.0 area 0
router ospf 104 vrf D
 router-id 192.1.52.5
 redistribute bgp 100 subnets
 network 192.1.52.5 0.0.0.0 area 0

R5#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 100
 neighbor 3.3.3.3 update-source Loopback0
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community both
 exit-address-family
 !
 address-family ipv4 vrf B
  redistribute ospf 102
 exit-address-family
 !
 address-family ipv4 vrf D
  redistribute ospf 104
 exit-address-family

R6

R6#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.56.6 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R6#sh run int f1/1
interface FastEthernet1/1
 ip address 192.1.67.6 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R6#sh run int lo0
interface Loopback0
 ip address 6.6.6.6 255.255.255.255

mpls label protocol ldp
mpls ldp router-id Loopback0 force

R6#sh run | sec router isis
router isis 1
 net 49.0000.0000.0000.0006.00
 is-type level-2-only
 passive-interface Loopback0

R7

R7#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.67.7 255.255.255.0
 ip router isis 1
 speed 100
 duplex full
 mpls ip

R7#sh run int f1/1
interface FastEthernet1/1
 vrf forwarding A
 ip address 192.1.78.7 255.255.255.0
 speed 100
 duplex full

R7#sh run int f2/0
interface FastEthernet2/0
 vrf forwarding C
 ip address 192.1.73.7 255.255.255.0
 speed 100
 duplex full

R7#sh run int f2/1
interface FastEthernet2/1
 no ip address
 shutdown
 speed auto
 duplex auto

R7#sh run int lo0
interface Loopback0
 ip address 7.7.7.7 255.255.255.255

mpls label protocol ldp
mpls ldp router-id Loopback0 force

R7#sh run | sec vrf
vrf definition A
 rd 100:1
 route-target export 100:1
 route-target import 100:1
 !
 address-family ipv4
vrf definition C
 rd 100:3
 route-target export 100:3
 route-target import 100:3
 !
 address-family ipv4

R7#sh run | sec router isis
router isis 1
 net 49.0000.0000.0000.0007.00
 is-type level-2-only
 passive-interface Loopback0

R7#sh run | sec router ospf
router ospf 101 vrf A
 router-id 192.1.78.7
 redistribute bgp 100 subnets
 network 192.1.78.7 0.0.0.0 area 0
router ospf 103 vrf C
 router-id 192.1.73.7
 redistribute bgp 100 subnets
 network 192.1.73.7 0.0.0.0 area 0

R7#sh run | sec router bgp
router bgp 100
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 100
 neighbor 3.3.3.3 update-source Loopback0
 !
 address-family vpnv4
  neighbor 3.3.3.3 activate
  neighbor 3.3.3.3 send-community both
 exit-address-family
 !
 address-family ipv4 vrf A
  redistribute ospf 101
 exit-address-family
 !
 address-family ipv4 vrf C
  redistribute ospf 103
 exit-address-family

R8

R8#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.78.8 255.255.255.0
 speed 100
 duplex full

R8#sh run int lo0
interface Loopback0
 ip address 8.8.8.8 255.255.255.255

R8#sh run | sec router ospf
router ospf 101
 router-id 8.8.8.8
 network 8.8.8.8 0.0.0.0 area 0
 network 192.1.78.8 0.0.0.0 area 0

R9

R9#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.49.9 255.255.255.0
 speed 100
 duplex full

R9#sh run int lo0
interface Loopback0
 ip address 9.9.9.9 255.255.255.255

R9#sh run | sec router ospf
router ospf 101
 router-id 9.9.9.9
 network 9.9.9.9 0.0.0.0 area 0
 network 192.1.49.9 0.0.0.0 area 0

R10

R10#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.41.10 255.255.255.0
 speed 100
 duplex full

R10#sh run int lo0
interface Loopback0
 ip address 10.10.10.10 255.255.255.255

R10#sh run | sec router ospf
router ospf 103
 router-id 10.10.10.10
 network 10.10.10.10 0.0.0.0 area 0
 network 192.1.41.10 0.0.0.0 area 0

R11

R11#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.51.11 255.255.255.0
 speed 100
 duplex full

R11#sh run int lo0
interface Loopback0
 ip address 11.11.11.11 255.255.255.255

R11#sh run | sec router ospf
router ospf 102
 router-id 11.11.11.11
 network 11.11.11.11 0.0.0.0 area 0
 network 192.1.51.11 0.0.0.0 area 0

R12

R12#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.52.12 255.255.255.0
 speed 100
 duplex full

R12#sh run int lo0
interface Loopback0
 ip address 12.12.12.12 255.255.255.255

R12#sh run | sec router ospf
router ospf 104
 router-id 12.12.12.12
 network 12.12.12.12 0.0.0.0 area 0
 network 192.1.52.12 0.0.0.0 area 0

R13

R13#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.73.13 255.255.255.0
 speed 100
 duplex full

R13#sh run int lo0
interface Loopback0
 ip address 13.13.13.13 255.255.255.255

R13#sh run | sec router ospf
router ospf 103
 router-id 13.13.13.13
 network 13.13.13.13 0.0.0.0 area 0
 network 192.1.73.13 0.0.0.0 area 0

R14

R14#sh run int f1/0
interface FastEthernet1/0
 ip address 192.1.214.14 255.255.255.0
 speed 100
 duplex full

R14#sh run int lo0
interface Loopback0
 ip address 14.14.14.14 255.255.255.255

R14#sh run | sec router ospf
router ospf 102
 router-id 14.14.14.14
 network 14.14.14.14 0.0.0.0 area 0
 network 192.1.214.14 0.0.0.0 area 0

Verification

R1#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      8.0.0.0/32 is subnetted, 1 subnets
O IA     8.8.8.8 [110/3] via 192.1.12.2, 21:57:08, FastEthernet1/0
      9.0.0.0/32 is subnetted, 1 subnets
O IA     9.9.9.9 [110/3] via 192.1.12.2, 22:01:27, FastEthernet1/0
O IA  192.1.49.0/24 [110/2] via 192.1.12.2, 22:01:27, FastEthernet1/0
O IA  192.1.78.0/24 [110/2] via 192.1.12.2, 21:57:08, FastEthernet1/0

R1#ping 9.9.9.9 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.9.9, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/19/28 ms
R1#ping 8.8.8.8 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 1.1.1.1
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/30/36 ms

R8#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/32 is subnetted, 1 subnets
O IA     1.1.1.1 [110/3] via 192.1.78.7, 21:58:18, FastEthernet1/0
      9.0.0.0/32 is subnetted, 1 subnets
O IA     9.9.9.9 [110/3] via 192.1.78.7, 21:58:18, FastEthernet1/0
O IA  192.1.12.0/24 [110/2] via 192.1.78.7, 21:58:18, FastEthernet1/0
O IA  192.1.49.0/24 [110/2] via 192.1.78.7, 21:58:18, FastEthernet1/0
R8#ping 1.1.1.1 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 28/28/32 ms
R8#ping 9.9.9.9 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 9.9.9.9, timeout is 2 seconds:
Packet sent with a source address of 8.8.8.8
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms

R9#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      1.0.0.0/32 is subnetted, 1 subnets
O IA     1.1.1.1 [110/3] via 192.1.49.4, 22:03:07, FastEthernet1/0
      8.0.0.0/32 is subnetted, 1 subnets
O IA     8.8.8.8 [110/3] via 192.1.49.4, 21:58:33, FastEthernet1/0
O IA  192.1.12.0/24 [110/2] via 192.1.49.4, 22:03:07, FastEthernet1/0
O IA  192.1.78.0/24 [110/2] via 192.1.49.4, 21:58:33, FastEthernet1/0
R9#ping 1.1.1.1 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
Packet sent with a source address of 9.9.9.9
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 16/16/16 ms
R9#ping 8.8.8.8 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.8, timeout is 2 seconds:
Packet sent with a source address of 9.9.9.9
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/21/24 ms

R10#ping 13.13.13.13 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 13.13.13.13, timeout is 2 seconds:
Packet sent with a source address of 10.10.10.10
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/32 ms

R11#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      14.0.0.0/32 is subnetted, 1 subnets
O IA     14.14.14.14 [110/3] via 192.1.51.5, 22:00:00, FastEthernet1/0
O IA  192.1.214.0/24 [110/2] via 192.1.51.5, 22:00:00, FastEthernet1/0


R11#ping 14.14.14.14 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 14.14.14.14, timeout is 2 seconds:
Packet sent with a source address of 11.11.11.11
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/24/32 ms

R13#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      10.0.0.0/32 is subnetted, 1 subnets
O IA     10.10.10.10 [110/3] via 192.1.73.7, 21:59:34, FastEthernet1/0
O IA  192.1.41.0/24 [110/2] via 192.1.73.7, 21:59:34, FastEthernet1/0

R13#ping 10.10.10.10 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.10, timeout is 2 seconds:
Packet sent with a source address of 13.13.13.13
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms

R14#sh ip route ospf
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       + - replicated route, % - next hop override

Gateway of last resort is not set

      11.0.0.0/32 is subnetted, 1 subnets
O IA     11.11.11.11 [110/3] via 192.1.214.2, 22:00:32, FastEthernet1/0
O IA  192.1.51.0/24 [110/2] via 192.1.214.2, 22:00:32, FastEthernet1/0
R14#ping 11.11.11.11 sou lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 11.11.11.11, timeout is 2 seconds:
Packet sent with a source address of 14.14.14.14
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 20/20/24 ms

R2#sh bgp vpnv4 unicast all summary
BGP router identifier 2.2.2.2, local AS number 100
BGP table version is 17, main routing table version 17
10 network entries using 1560 bytes of memory
10 path entries using 800 bytes of memory
10/10 BGP path/bestpath attribute entries using 1440 bytes of memory
3 BGP rrinfo entries using 72 bytes of memory
5 BGP extended community entries using 200 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 4072 total bytes of memory
BGP activity 10/0 prefixes, 10/0 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
3.3.3.3         4          100    1477    1476       17    0    0 22:10:35        6

R3#sh bgp vpnv4 unicast all summary
BGP router identifier 3.3.3.3, local AS number 100
BGP table version is 17, main routing table version 17
16 network entries using 2496 bytes of memory
16 path entries using 1280 bytes of memory
16/16 BGP path/bestpath attribute entries using 2304 bytes of memory
8 BGP extended community entries using 320 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 6400 total bytes of memory
BGP activity 16/0 prefixes, 16/0 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
2.2.2.2         4          100    1476    1477       17    0    0 22:10:46        4
4.4.4.4         4          100    1477    1485       17    0    0 22:10:41        4
5.5.5.5         4          100    1468    1499       17    0    0 22:10:37        4
7.7.7.7         4          100    1471    1483       17    0    0 22:10:32        4

R4#sh bgp vpnv4 unicast all summary
BGP router identifier 4.4.4.4, local AS number 100
BGP table version is 17, main routing table version 17
10 network entries using 1560 bytes of memory
10 path entries using 800 bytes of memory
10/10 BGP path/bestpath attribute entries using 1440 bytes of memory
2 BGP rrinfo entries using 48 bytes of memory
5 BGP extended community entries using 200 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 4048 total bytes of memory
BGP activity 10/0 prefixes, 10/0 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
3.3.3.3         4          100    1485    1477       17    0    0 22:10:51        6

R5#sh bgp vpnv4 unicast all summary
BGP router identifier 5.5.5.5, local AS number 100
BGP table version is 9, main routing table version 9
6 network entries using 936 bytes of memory
6 path entries using 480 bytes of memory
6/6 BGP path/bestpath attribute entries using 864 bytes of memory
1 BGP rrinfo entries using 24 bytes of memory
3 BGP extended community entries using 120 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 2424 total bytes of memory
BGP activity 6/0 prefixes, 6/0 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
3.3.3.3         4          100    1499    1468        9    0    0 22:10:57        2

R7#sh bgp vpnv4 unicast all summary
BGP router identifier 7.7.7.7, local AS number 100
BGP table version is 17, main routing table version 17
10 network entries using 1560 bytes of memory
10 path entries using 800 bytes of memory
10/10 BGP path/bestpath attribute entries using 1440 bytes of memory
2 BGP rrinfo entries using 48 bytes of memory
5 BGP extended community entries using 200 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 4048 total bytes of memory
BGP activity 10/0 prefixes, 10/0 paths, scan interval 60 secs

Neighbor        V           AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down  State/PfxRcd
3.3.3.3         4          100    1483    1471       17    0    0 22:11:03        6

Now, if we checked on R2 the prefix 11.11.11.11 coming from R11 which is part of VRF B

R2#sh bgp vpnv4 unicast vrf B 11.11.11.11
BGP routing table entry for 100:2:11.11.11.11/32, version 12
Paths: (1 available, best #1, table B)
  Not advertised to any peer
  Refresh Epoch 1
  Local
    5.5.5.5 (metric 30) from 3.3.3.3 (3.3.3.3)
      Origin incomplete, metric 2, localpref 100, valid, internal, best
      Extended Community: RT:100:2 OSPF DOMAIN ID:0x0005:0x000000660200
        OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.51.5:0
      Originator: 5.5.5.5, Cluster list: 3.3.3.3
      mpls labels in/out nolabel/24
      rx pathid: 0, tx pathid: 0x0

We can see the cluster list: 3.3.3.3 which means the route has been redirected through the route reflector: R3

Now, if we have turned on debugging on R2 and cleared the bgp vpnv4 sessions what we will see?

R2#debug bgp vpnv4 unicast updates
BGP updates debugging is on for address family: VPNv4 Unicast

R2#clear bgp vpnv4 unicast *

*Nov  4 10:31:53.647: BGP(4): no valid path for 100:1:8.8.8.8/32
*Nov  4 10:31:53.651: BGP(4): no valid path for 100:1:9.9.9.9/32
*Nov  4 10:31:53.651: BGP(4): no valid path for 100:1:192.1.49.0/24
*Nov  4 10:31:53.651: BGP(4): no valid path for 100:1:192.1.78.0/24
*Nov  4 10:31:53.651: BGP(4): no valid path for 100:2:11.11.11.11/32
*Nov  4 10:31:53.651: BGP(4): no valid path for 100:2:192.1.51.0/24
*Nov  4 10:31:53.659: %BGP-5-ADJCHANGE: neighbor 3.3.3.3 Down User reset
*Nov  4 10:31:53.659: %BGP_SESSION-5-ADJCHANGE: neighbor 3.3.3.3 VPNv4 Unicast topology base removed from session  User reset
*Nov  4 10:31:53.663: %BGP_SESSION-5-ADJCHANGE: neighbor 3.3.3.3 IPv4 Unicast topology base removed from session  User reset
*Nov  4 10:31:53.919: %BGP-5-ADJCHANGE: neighbor 3.3.3.3 Up
*Nov  4 10:31:53.931: BGP: nbr_topo global 3.3.3.3 VPNv4 Unicast:base (0x674B376C:1) rcvd Refresh Start-of-RIB
*Nov  4 10:31:53.931: BGP: nbr_topo global 3.3.3.3 VPNv4 Unicast:base (0x674B376C:1) refresh_epoch is 2
*Nov  4 10:31:53.947: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 7.7.7.7, origin ?, localpref 100, metric 2, originator 7.7.7.7, clusterlist 3.3.3.3, extended community RT:100:3 OSPF DOMAIN ID:0x0005:0x000000670200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.73.7:0
*Nov  4 10:31:53.951: BGP(4): 3.3.3.3 rcvd 100:3:13.13.13.13/32, label 27 -- DENIED due to:  extended community not supported;
*Nov  4 10:31:53.951: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 4.4.4.4, origin ?, localpref 100, metric 0, originator 4.4.4.4, clusterlist 3.3.3.3, extended community RT:100:3 OSPF DOMAIN ID:0x0005:0x000000670200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.41.4:0
*Nov  4 10:31:53.951: BGP(4): 3.3.3.3 rcvd 100:3:192.1.41.0/24, label 27 -- DENIED due to:  extended community not supported;
*Nov  4 10:31:53.951: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 7.7.7.7, origin ?, localpref 100, metric 0, originator 7.7.7.7, clusterlist 3.3.3.3, extended community RT:100:3 OSPF DOMAIN ID:0x0005:0x000000670200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.73.7:0
*Nov  4 10:31:53.951: BGP(4): 3.3.3.3 rcvd 100:3:192.1.73.0/24, label 28 -- DENIED due to:  extended community not supported;
*Nov  4 10:31:53.951: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 4.4.4.4, origin ?, localpref 100, metric 2, originator 4.4.4.4, clusterlist 3.3.3.3, extended community RT:100:3 OSPF DOMAIN ID:0x0005:0x000000670200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.41.4:0
*Nov  4 10:31:53.955: BGP(4): 3.3.3.3 rcvd 100:3:10.10.10.10/32, label 26 -- DENIED due to:  extended community not supported;
*Nov  4 10:31:53.955: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 7.7.7.7, origin ?, localpref 100, metric 2, originator 7.7.7.7, clusterlist 3.3.3.3, extended community RT:100:1 OSPF DOMAIN ID:0x0005:0x000000650200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.78.7:0
*Nov  4 10:31:53.955: BGP(4): 3.3.3.3 rcvd 100:1:8.8.8.8/32, label 25
*Nov  4 10:31:53.955: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 7.7.7.7, origin ?, localpref 100, metric 0, originator 7.7.7.7, clusterlist 3.3.3.3, extended community RT:100:1 OSPF DOMAIN ID:0x0005:0x000000650200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.78.7:0
*Nov  4 10:31:53.955: BGP(4): 3.3.3.3 rcvd 100:1:192.1.78.0/24, label 26
*Nov  4 10:31:53.955: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 4.4.4.4, origin ?, localpref 100, metric 0, originator 4.4.4.4, clusterlist 3.3.3.3, extended community RT:100:1 OSPF DOMAIN ID:0x0005:0x000000650200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.49.4:0
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd 100:1:192.1.49.0/24, label 25
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 4.4.4.4, origin ?, localpref 100, metric 2, originator 4.4.4.4, clusterlist 3.3.3.3, extended community RT:100:1 OSPF DOMAIN ID:0x0005:0x000000650200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.49.4:0
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd 100:1:9.9.9.9/32, label 24
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 5.5.5.5, origin ?, localpref 100, metric 0, originator 5.5.5.5, clusterlist 3.3.3.3, extended community RT:100:2 OSPF DOMAIN ID:0x0005:0x000000660200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.51.5:0
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd 100:2:192.1.51.0/24, label 25
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 5.5.5.5, origin ?, localpref 100, metric 2, originator 5.5.5.5, clusterlist 3.3.3.3, extended community RT:100:2 OSPF DOMAIN ID:0x0005:0x000000660200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.51.5:0
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd 100:2:11.11.11.11/32, label 24
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 5.5.5.5, origin ?, localpref 100, metric 0, originator 5.5.5.5, clusterlist 3.3.3.3, extended community RT:100:4 OSPF DOMAIN ID:0x0005:0x000000680200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.52.5:0
*Nov  4 10:31:53.959: BGP(4): 3.3.3.3 rcvd 100:4:192.1.52.0/24, label 27 -- DENIED due to:  extended community not supported;
*Nov  4 10:31:53.963: BGP(4): 3.3.3.3 rcvd UPDATE w/ attr: nexthop 5.5.5.5, origin ?, localpref 100, metric 2, originator 5.5.5.5, clusterlist 3.3.3.3, extended community RT:100:4 OSPF DOMAIN ID:0x0005:0x000000680200 OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:192.1.52.5:0
*Nov  4 10:31:53.963: BGP(4): 3.3.3.3 rcvd 100:4:12.12.12.12/32, label 26 -- DENIED due to:  extended community not supported;
*Nov  4 10:31:53.963: BGP: nbr_topo global 3.3.3.3 VPNv4 Unicast:base (0x674B376C:1) rcvd Refresh End-of-RIB

If we have checked some of the red bolded lines above , we can see that these routes have been denies because the route target values attached to it are not allowed to be imported route-target value 100:3 for example are not configured under the current VRFs or no VRF handling these RT values have been created

No comments:

Post a Comment