ExtremeSwitching (EXOS)

Expand all | Collapse all

L3 BGP MPLS and VPN don't work together

PARTHIBAN CHINNAYA

PARTHIBAN CHINNAYA11-15-2014 04:16

Stephane Grosjean

Stephane Grosjean11-22-2014 11:10

  • 1.  L3 BGP MPLS and VPN don't work together

    Posted 10-13-2014 12:04
    Summit X460.
    Scheme:
    X460-1 (loopback vlan) <-> (ospf+mpls+ldp)<->X460-2 (loopback vlan) <-> (ospf+mpls+ldp) <-> cisco 7301
    All work fine beetween X460-1 and X460-2; X460-2 and Cisco
    All routes is present, protocols working, labels is running, BUT when enable iBGP session beetween X460-2 and Cisco, there is no connection beetween X460-1 and Cisco.
    Is there some nuances or ideas?

    Than you!


  • 2.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-13-2014 12:13
    Hi,

    There should be no issue, we have L3VPN running with Cisco and others without problem. Can you share your config, so that we can validate it?


  • 3.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-13-2014 12:16
    Hello, Stephane!

    Can you give me, please, your e-mail?

    Thank you!


  • 4.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-13-2014 12:25
    I don't find how to send private message...
    Can't you just put the relevant config here, changing the IP addresses to some RFC1918?


  • 5.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-13-2014 12:56
    X460-1 (192.168.88.241)
    ## Module vlan configuration.
    #
    configure vlan default delete ports all
    configure vr VR-Default delete ports 1-34
    configure vr VR-Default add ports 1, 3-27, 29-34
    configure vman ethertype 0x8100
    create vlan "Loopback0"
    enable loopback-mode vlan Loopback0
    create vman "vman140"
    configure vman vman140 tag 140
    enable jumbo-frame ports 1
    configure vman vman140 add ports 1 tagged
    onfigure vlan Loopback0 ipaddress 192.168.88.241 255.255.255.255
    enable ipforwarding vlan Loopback0configure ip-mtu 9000 vlan Loopback0
    configure vlan vman140 ipaddress 192.168.89.250 255.255.255.252
    enable ipforwarding vlan vman140
    configure ip-mtu 9000 vlan vman140
    #
    # Module rtmgr configuration.
    #
    enable iproute sharing vr VR-Default
    enable iproute mpls-next-hop
    #
    # Module mcmgr configuration.
    #
    enable ipmcforwarding vlan "vman140"
    #
    # Module bgp configuration.
    #
    configure bgp AS-number 45800
    configure bgp routerid 192.168.88.241
    configure bgp maximum-paths 8
    enable bgp community format AS-number:number
    create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.241
    enable bgp neighbor 192.168.88.226
    create bgp neighbor 192.168.88.240 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.240 source-interface ipaddress 192.68.88.241
    enable bgp neighbor 192.168.88.240
    configure bgp neighbor 192.168.88.226 send-community extended
    disable bgp neighbor 192.168.88.226 capability ipv4-unicast
    disable bgp neighbor 192.168.88.226 capability ipv4-multicast
    configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.226 capability vpnv4
    enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
    configure bgp neighbor 192.168.88.240 send-community extended
    disable bgp neighbor 192.168.88.240 capability ipv4-unicast
    disable bgp neighbor 192.168.88.240 capability ipv4-multicast
    configure bgp neighbor 192.168.88.240 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.240 capability vpnv4
    enable bgp
    #
    # Module mpls configuration.
    #
    configure mpls add vlan "Loopback0"
    enable mpls vlan "Loopback0"
    enable mpls ldp vlan "Loopback0"
    configure mpls add vlan "vman140"
    enable mpls vlan "vman140"
    enable mpls ldp vlan "vman140"
    configure mpls lsr-id 192.168.88.241
    enable mpls protocol ldp
    enable mpls
    #
    # Module ospf configuration.
    #
    configure ospf routerid 192.168.88.241
    enable ospf
    enable ospf export direct cost 30 type ase-type-1
    create ospf area 192.168.89.248
    configure ospf add vlan Loopback0 area 192.168.89.248
    configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point
    configure ospf vlan vman140 cost 5

    X460-2 (192.168.88.240)
    #
    # Module vlan configuration.
    #
    configure vlan default delete ports all
    enable jumbo-frame ports all
    configure vman ethertype 0x8100
    create vlan "Loopback0"
    configure vlan Loopback0 description "Loopback0"
    configure vlan Loopback0 protocol mpls
    enable loopback-mode vlan Loopback0
    create vlan "vlan61"
    configure vlan vlan61 tag 61
    configure vlan vlan61 protocol mpls
    create vman "vman140"
    configure vman vman140 tag 140
    configure vlan vlan61 add ports 28 tagged
    configure vman vman140 add ports 2 tagged
    configure vlan vlan61 ipaddress 192.168.89.254 255.255.255.252
    enable ipforwarding vlan vlan61
    configure ip-mtu 9000 vlan vlan61
    configure vlan Loopback0 ipaddress 192.168.88.240 255.255.255.255
    enable ipforwarding vlan Loopback0
    configure ip-mtu 9000 vlan Loopback0
    configure vlan vman140 ipaddress 192.168.89.249 255.255.255.252
    enable ipforwarding vlan vman140
    configure ip-mtu 9000 vlan vman140
    #
    # Module rtmgr configuration.
    #
    enable iproute sharing vr VR-Default
    enable iproute mpls-next-hop
    #
    # Module mcmgr configuration.
    #
    enable ipmcforwarding vlan "Loopback0"
    enable ipmcforwarding vlan "vlan61"
    enable ipmcforwarding vlan "vman140"
    #
    # Module bgp configuration.
    #
    configure bgp AS-number 45800
    configure bgp routerid 192.168.88.240
    enable bgp community format AS-number:number
    create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.240
    create bgp neighbor 192.168.88.241 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.241 source-interface ipaddress 192.168.88.240
    enable bgp neighbor 192.168.88.241
    configure bgp neighbor 192.168.88.226 send-community extended
    disable bgp neighbor 192.168.88.226 capability ipv4-unicast
    disable bgp neighbor 192.168.88.226 capability ipv4-multicast
    configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.226 capability vpnv4
    enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
    configure bgp neighbor 192.168.88.241 send-community extended
    disable bgp neighbor 192.168.88.241 capability ipv4-unicast
    disable bgp neighbor 192.168.88.241 capability ipv4-multicast
    configure bgp neighbor 192.168.88.241 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.241 capability vpnv4
    enable bgp
    #
    # Module mpls configuration.
    #
    configure mpls add vlan "Loopback0"
    enable mpls vlan "Loopback0"
    enable mpls ldp vlan "Loopback0"
    configure mpls add vlan "vlan61"
    enable mpls vlan "vlan61"
    enable mpls ldp vlan "vlan61"
    configure mpls add vlan "vman140"
    enable mpls vlan "vman140"
    enable mpls ldp vlan "vman140"
    configure mpls lsr-id 192.168.88.240
    enable mpls protocol ldp
    enable mpls
    #
    # Module ospf configuration.
    #
    configure ospf routerid 192.168.88.240
    enable ospf
    enable ospf export direct cost 30 type ase-type-1
    create ospf area 192.168.89.248
    configure ospf add vlan Loopback0 area 0.0.0.0
    configure ospf add vlan vlan61 area 0.0.0.0
    configure ospf vlan vlan61 cost 30
    configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point
    configure ospf vlan vman140 cost 5

    Then Cisco 7301
    (vlan 61 - 192.168.89.253/30)
    (loopback0 - 192.168.88.226)


  • 6.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-13-2014 13:19
    Thanks,

    Let's be sure of what you're trying to setup.

    I understood you wanted to configure a L3VPN service on your backbone, made of x460 and Cisco routers. Reading again your initial question, I have a doubt of what you're trying to do.

    You were saying: "when enable iBGP session beetween X460-2 and Cisco, there is no connection beetween X460-1 and Cisco".

    Is that a typo, a shortcut, or are you really expecting to have a connection between x460-1 and Cisco when configuring x460-2 to Cisco? When you say connection, what do you mean exactly? I understand you already have reachability because of OSPF/MPLS.

    Assuming you really want to have L3VPN (I see the vpnv4 AF enabled), this configuration is missing the VPN-VRF, RD and RT and export part.

    What MP-iBGP session are Established?
    Is it normal to have ipv4-unicast AF disabled?
    Is it the same on the Cisco side?



  • 7.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 05:08
    Hello, Stephane!

    1. When enable BGP disappears connection - ospf/mpls/bgp.
    2. I expect connection through ospf/mpls/bgp
    3. ipv4-unicast AF disabled - it is normal, there is as example in Concept Guide and there is "next-hop-self in vpnv4" , other interactions is not necessary, only VPN routes
    4. The same in the Cisco side.

    Scheme of network:


    Full config below:
    X460-2
    #
    # Module vlan configuration.
    #
    configure vlan default delete ports all
    configure vr VR-Default delete ports 1:1-34, 2:1-34
    configure vr VR-Default add ports 1:1-26, 1:28-34
    create vr "AAAA" type vpn-vrf vr "VR-Default"
    create vr "BBBB" type vpn-vrf vr "VR-Default"
    create vr "CCCC" type vpn-vrf vr "VR-Default"
    create vr "DDDD" type vpn-vrf vr "VR-Default"
    configure vlan default delete ports 1:27-28, 2:1-34
    enable jumbo-frame ports all
    configure sharing address-based custom ipv4 source-and-destination
    configure vman ethertype 0x8100
    create vlan "Loopback0"
    configure vlan Loopback0 description "Loopback0"
    configure vlan Loopback0 protocol mpls
    enable loopback-mode vlan Loopback0
    create vlan "Loopback10" vr BBBB
    enable loopback-mode vlan Loopback10
    create vlan "Loopback20" vr AAAA
    enable loopback-mode vlan Loopback20
    create vlan "Loopback30" vr CCCC
    enable loopback-mode vlan Loopback30
    create vlan "Loopback40" vr DDDD
    enable loopback-mode vlan Loopback40
    create vlan "vlan110" vr AAAA
    configure vlan vlan110 tag 110
    create vlan "vlan130" vr BBBB
    configure vlan vlan130 tag 130
    create vlan "vlan132" vr CCCC
    configure vlan vlan132 tag 132
    create vlan "vlan133" vr DDDD
    configure vlan vlan133 tag 133
    create vlan "vlan219"
    configure vlan vlan219 tag 219
    create vlan "Vlan447"
    configure vlan Vlan447 tag 447
    create vlan "Vlan487"
    configure vlan Vlan487 tag 487
    create vlan "Vlan60"
    configure vlan Vlan60 tag 60
    configure vlan Vlan60 protocol mpls
    create vlan "vlan61"
    configure vlan vlan61 tag 61
    configure vlan vlan61 protocol mpls
    create vman "vman140"
    configure vman vman140 tag 140
    disable port 1:1
    disable port 1:4
    disable port 1:5
    disable port 1:6
    disable port 1:7
    disable port 1:8
    disable port 1:9
    disable port 1:10
    disable port 1:11
    disable port 1:12
    disable port 1:13
    disable port 1:14
    disable port 1:15
    disable port 1:16
    disable port 1:17
    disable port 1:18
    disable port 1:19
    disable port 1:20
    disable port 1:21
    disable port 1:22
    disable port 1:23
    disable port 1:24
    disable port 1:25
    disable port 1:26
    disable port 1:29
    configure ports 1:29 auto off speed 10000 duplex full
    disable port 1:30
    configure ports 1:30 auto off speed 10000 duplex full
    disable port 1:31
    configure ports 1:31 auto off speed 10000 duplex full
    disable port 1:32
    configure ports 1:32 auto off speed 10000 duplex full
    disable port 1:33
    configure ports 1:33 auto off speed 10000 duplex full
    disable port 1:34
    configure ports 1:34 auto off speed 10000 duplex full
    configure ports 2:2 auto off speed 1000 duplex full
    disable port 2:3
    disable port 2:4
    disable port 2:5
    disable port 2:6
    disable port 2:7
    disable port 2:8
    disable port 2:9
    disable port 2:10
    disable port 2:11
    disable port 2:12
    disable port 2:13
    disable port 2:14
    disable port 2:15
    disable port 2:16
    disable port 2:17
    disable port 2:18
    disable port 2:19
    disable port 2:20
    disable port 2:21
    disable port 2:22
    disable port 2:23
    disable port 2:24
    disable port 2:25
    disable port 2:26
    disable port 2:29
    configure ports 2:29 auto off speed 10000 duplex full
    disable port 2:30
    configure ports 2:30 auto off speed 10000 duplex full
    disable port 2:31
    configure ports 2:31 auto off speed 10000 duplex full
    disable port 2:32
    configure ports 2:32 auto off speed 10000 duplex full
    disable port 2:33
    configure ports 2:33 auto off speed 10000 duplex full
    disable port 2:34
    configure ports 2:34 auto off speed 10000 duplex full
    enable sharing 1:27 grouping 1:27, 2:27 algorithm address-based L3_L4 lacp
    configure vlan Default add ports 1:1-26, 1:29-34 untagged
    configure vlan vlan110 add ports 1:27 tagged
    configure vlan vlan130 add ports 1:27 tagged
    configure vlan vlan132 add ports 1:27 tagged
    configure vlan vlan133 add ports 1:27 tagged
    configure vlan vlan219 add ports 2:1-2 tagged
    configure vlan Vlan447 add ports 1:3, 1:28 tagged
    configure vlan Vlan487 add ports 1:3, 2:1 tagged
    configure vlan Vlan60 add ports 2:1 tagged
    configure vlan vlan61 add ports 1:28 tagged
    configure vman vman140 add ports 1:2 tagged
    configure vlan Loopback0 ipaddress 192.168.88.240 255.255.255.255
    enable ipforwarding vlan Loopback0
    configure ip-mtu 9000 vlan Loopback0
    configure vlan Vlan60 ipaddress 192.168.89.244 255.255.255.248
    enable ipforwarding vlan Vlan60
    configure ip-mtu 9000 vlan Vlan60
    configure vlan vman140 ipaddress 192.168.89.249 255.255.255.252
    enable ipforwarding vlan vman140
    configure ip-mtu 9000 vlan vman140
    configure vlan vlan219 ipaddress 192.168.90.173 255.255.255.248
    enable ipforwarding vlan vlan219
    configure ip-mtu 9000 vlan vlan219
    configure vlan vlan110 ipaddress 10.20.2.4 255.255.255.240
    enable ipforwarding vlan vlan110
    configure ip-mtu 9000 vlan vlan110
    configure vlan vlan132 ipaddress 10.20.2.36 255.255.255.240
    enable ipforwarding vlan vlan132
    configure ip-mtu 9000 vlan vlan132
    configure vlan vlan133 ipaddress 10.20.2.52 255.255.255.240
    enable ipforwarding vlan vlan133
    configure ip-mtu 9000 vlan vlan133
    configure vlan vlan61 ipaddress 192.168.89.254 255.255.255.252
    enable ipforwarding vlan vlan61
    configure ip-mtu 9000 vlan vlan61
    configure vlan Loopback10 ipaddress 10.20.1.122 255.255.255.255
    enable ipforwarding vlan Loopback10
    configure vlan vlan130 ipaddress 10.20.2.20 255.255.255.240
    enable ipforwarding vlan vlan130
    configure ip-mtu 9000 vlan vlan130
    configure vlan Loopback20 ipaddress 10.20.2.241 255.255.255.255
    enable ipforwarding vlan Loopback20
    configure vlan Loopback30 ipaddress 10.20.2.242 255.255.255.255
    enable ipforwarding vlan Loopback30
    configure vlan Loopback40 ipaddress 10.20.2.243 255.255.255.255
    enable ipforwarding vlan Loopback40
    configure vr AAAA rd 45800:70
    configure vr BBBB rd 45800:50
    configure vr CCCC rd 45800:110
    configure vr DDDD rd 45800:120
    configure vr AAAA route-target both add 45800:70
    configure vr BBBB route-target both add 45800:50
    configure vr CCCC route-target both add 45800:110
    configure vr DDDD route-target both add 45800:120

    #
    # Module fdb configuration.
    #
    configure iparp vr BBBB fast-convergence on

    #
    # Module rtmgr configuration.
    #
    enable iproute sharing vr VR-Default
    enable iproute sharing vr AAAA
    enable iproute sharing vr BBBB
    enable iproute sharing vr CCCC
    enable iproute sharing vr DDDD
    enable iproute mpls-next-hop

    #
    # Module mcmgr configuration.
    #
    enable ipmcforwarding vlan "Loopback0"
    enable ipmcforwarding vlan "Loopback10"
    enable ipmcforwarding vlan "Loopback20"
    enable ipmcforwarding vlan "Loopback30"
    enable ipmcforwarding vlan "Loopback40"
    enable ipmcforwarding vlan "vlan130"
    enable ipmcforwarding vlan "vlan219"
    enable ipmcforwarding vlan "Vlan60"
    enable ipmcforwarding vlan "vlan61"
    enable ipmcforwarding vlan "vman140"

    #
    # Module bgp configuration.
    #
    configure bgp AS-number 45800
    configure bgp routerid 192.168.88.240
    enable bgp community format AS-number:number
    create bgp neighbor 192.168.88.225 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.225 source-interface ipaddress 191.168.88.240
    create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.240
    create bgp neighbor 192.168.88.241 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.241 source-interface ipaddress 192.168.88.240
    enable bgp neighbor 192.168.88.241
    configure bgp neighbor 192.168.88.225 send-community extended
    disable bgp neighbor 192.168.225 capability ipv4-unicast
    disable bgp neighbor 192.168.88.225 capability ipv4-multicast
    configure bgp neighbor 192.168.88.225 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.225 capability vpnv4
    enable bgp neighbor 192.168.88.225 address-family vpnv4 soft-in-reset
    configure bgp neighbor 192.168.88.226 send-community extended
    disable bgp neighbor 192.168.88.226 capability ipv4-unicast
    disable bgp neighbor 192.168.88.226 capability ipv4-multicast
    configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.226 capability vpnv4
    enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
    configure bgp neighbor 192.168.88.241 send-community extended
    disable bgp neighbor 192.168.88.241 capability ipv4-unicast
    disable bgp neighbor 192.168.88.241 capability ipv4-multicast
    configure bgp neighbor 192.168.88.241 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.241 capability vpnv4
    enable bgp export vr BBBB direct address-family vpnv4
    enable bgp export vr BBBB static address-family vpnv4
    enable bgp export vr AAAA direct address-family vpnv4
    enable bgp export vr AAAA static address-family vpnv4
    enable bgp export vr CCCC direct address-family vpnv4
    enable bgp export vr CCCC static address-family vpnv4
    enable bgp export vr DDDD direct address-family vpnv4
    enable bgp export vr DDDD static address-family vpnv4
    enable bgp

    #
    # Module lldp configuration.
    #
    enable lldp ports 1:2

    #
    # Module mpls configuration.
    #
    configure mpls add vlan "Loopback0"
    enable mpls vlan "Loopback0"
    enable mpls ldp vlan "Loopback0"
    configure mpls add vlan "vlan219"
    enable mpls vlan "vlan219"
    enable mpls ldp vlan "vlan219"
    configure mpls add vlan "Vlan60"
    enable mpls vlan "Vlan60"
    enable mpls ldp vlan "Vlan60"
    configure mpls add vlan "vlan61"
    enable mpls vlan "vlan61"
    enable mpls ldp vlan "vlan61"
    configure mpls add vlan "vman140"
    enable mpls vlan "vman140"
    enable mpls ldp vlan "vman140"
    configure mpls lsr-id 192.168.88.240
    enable mpls protocol ldp
    enable mpls

    #
    # Module ospf configuration.
    #
    configure ospf routerid 192.168.88.240
    enable ospf
    enable ospf export direct cost 30 type ase-type-1
    create ospf area 192.168.89.248
    configure ospf add vlan Loopback0 area 0.0.0.0
    configure ospf add vlan vlan219 area 0.0.0.0
    configure ospf vlan vlan219 cost 40
    configure ospf add vlan Vlan60 area 0.0.0.0
    configure ospf vlan Vlan60 cost 30
    configure ospf add vlan vlan61 area 0.0.0.0
    configure ospf vlan vlan61 cost 30
    configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point
    configure ospf vlan vman140 cost 5

    X460-1

    #
    # Module vlan configuration.
    #
    configure vlan default delete ports all
    configure vr VR-Default delete ports 1-34
    configure vr VR-Default add ports 1, 3-27, 29-34
    create vr "BBBB" type vpn-vrf vr "VR-Default"
    configure vr BBBB add ports 2
    create vr "EEEE"
    configure vr EEEE add ports 28
    configure vlan default delete ports 1-2, 28
    configure vman ethertype 0x8100
    create vlan "Inet-Mgmt-IPTP" vr EEEE
    configure vlan Inet-Mgmt-IPTP protocol IP
    create vlan "Loopback0"
    configure vlan Loopback0 description "Loopback0"
    enable loopback-mode vlan Loopback0
    create vlan "Loopback10" vr BBBB
    enable loopback-mode vlan Loopback10
    create vlan "vlan142" vr BBBB
    configure vlan vlan142 tag 142
    create vlan "vlan152" vr BBBB
    configure vlan vlan152 tag 152
    create vman "vman140"
    configure vman vman140 tag 140
    enable jumbo-frame ports 1
    enable jumbo-frame ports 2
    disable port 3
    enable jumbo-frame ports 3
    disable port 4
    enable jumbo-frame ports 4
    disable port 5
    enable jumbo-frame ports 5
    disable port 6
    enable jumbo-frame ports 6
    disable port 7
    enable jumbo-frame ports 7
    disable port 8
    enable jumbo-frame ports 8
    disable port 9
    enable jumbo-frame ports 9
    disable port 10
    enable jumbo-frame ports 10
    disable port 11
    enable jumbo-frame ports 11
    disable port 12
    enable jumbo-frame ports 12
    disable port 13
    enable jumbo-frame ports 13
    disable port 14
    enable jumbo-frame ports 14
    disable port 15
    enable jumbo-frame ports 15
    disable port 16
    enable jumbo-frame ports 16
    disable port 17
    enable jumbo-frame ports 17
    disable port 18
    enable jumbo-frame ports 18
    disable port 19
    enable jumbo-frame ports 19
    disable port 20
    enable jumbo-frame ports 20
    disable port 21
    enable jumbo-frame ports 21
    disable port 22
    enable jumbo-frame ports 22
    disable port 23
    enable jumbo-frame ports 23
    disable port 24
    enable jumbo-frame ports 24
    disable port 25
    enable jumbo-frame ports 25
    disable port 26
    enable jumbo-frame ports 26
    disable port 27
    enable jumbo-frame ports 27
    enable jumbo-frame ports 28
    disable flooding all_cast port 28
    configure ports 29 auto off speed 10000 duplex full
    configure ports 30 auto off speed 10000 duplex full
    configure ports 31 auto off speed 10000 duplex full
    configure ports 32 auto off speed 10000 duplex full
    configure ports 33 auto off speed 10000 duplex full
    configure ports 34 auto off speed 10000 duplex full
    configure mirror DefaultMirror to port 27 remote-tag 200
    configure vlan Default add ports 3-27, 29-34 untagged
    configure vlan Inet-Mgmt-IPTP add ports 28 untagged
    configure vlan vlan142 add ports 2 tagged
    configure vlan vlan152 add ports 2 tagged
    configure vman vman140 add ports 1 tagged
    configure vlan Loopback0 ipaddress 192.168.88.241 255.255.255.255
    enable ipforwarding vlan Loopback0
    configure ip-mtu 9000 vlan Loopback0
    configure vlan vman140 ipaddress 192.168.89.250 255.255.255.252
    enable ipforwarding vlan vman140
    configure ip-mtu 9000 vlan vman140
    configure vlan Inet-Mgmt-IPTP ipaddress 192.168.123.131 255.255.255.0
    enable ipforwarding vlan Inet-Mgmt-IPTP
    configure vlan vlan142 ipaddress 10.20.1.105 255.255.255.248
    enable ipforwarding vlan vlan142
    configure vlan Loopback10 ipaddress 10.20.1.121 255.255.255.255
    enable ipforwarding vlan Loopback10
    configure vlan vlan152 ipaddress 10.20.1.113 255.255.255.248
    enable ipforwarding vlan vlan152
    configure vr BBBB add protocol bgp
    configure vr BBBB rd 45800:50
    configure vr BBBB route-target both add 45800:50
    configure mirror DefaultMirror add port 2 ingress-and-egress

    #
    # Module fdb configuration.
    #
    configure iparp vr BBBB fast-convergence on

    #
    # Module rtmgr configuration.
    #
    enable iproute sharing vr VR-Default
    enable iproute sharing vr BBBB
    configure iproute add default 192.168.123.254 vr EEEE
    enable iproute mpls-next-hop

    #
    # Module mcmgr configuration.
    #
    enable ipmcforwarding vlan "vman140"

    #
    # Module bgp configuration.
    #
    configure bgp AS-number 45800
    configure bgp routerid 192.168.88.241
    configure bgp maximum-paths 8
    enable bgp community format AS-number:number
    create bgp neighbor 192.168.88.225 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.225 source-interface ipaddress 192.168.88.241
    enable bgp neighbor 192.168.88.225
    create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.241
    enable bgp neighbor 192.168.88.226
    create bgp neighbor 192.168.88.240 remote-AS-number 45800 multi-hop
    configure bgp neighbor 192.168.88.240 source-interface ipaddress 192.168.88.241
    enable bgp neighbor 192.168.88.240
    configure bgp neighbor 192.168.88.225 send-community extended
    disable bgp neighbor 192.168.88.225 capability ipv4-unicast
    disable bgp neighbor 192.168.88.225 capability ipv4-multicast
    configure bgp neighbor 192.168.88.225 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.225 capability vpnv4
    enable bgp neighbor 192.168.88.225 address-family vpnv4 soft-in-reset
    configure bgp neighbor 192.168.88.226 send-community extended
    disable bgp neighbor 192.168.88.226 capability ipv4-unicast
    disable bgp neighbor 192.168.88.226 capability ipv4-multicast
    configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.226 capability vpnv4
    enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
    configure bgp neighbor 192.168.88.240 send-community extended
    disable bgp neighbor 192.168.88.240 capability ipv4-unicast
    disable bgp neighbor 192.168.88.240 capability ipv4-multicast
    configure bgp neighbor 192.168.88.240 address-family vpnv4 next-hop-self
    enable bgp neighbor 192.168.88.240 capability vpnv4
    enable bgp export vr BBBB direct address-family vpnv4
    enable bgp export vr BBBB static address-family vpnv4
    enable bgp export vr BBBB bgp address-family vpnv4
    enable bgp

    #
    # Module bgp configuration on virtual router VR-SIGTRAN-VPN.
    #
    virtual-router BBBB
    configure bgp AS-number 45800
    configure bgp routerid 10.20.1.121
    configure bgp maximum-paths 8
    enable bgp fast-external-fallover
    create bgp neighbor 10.20.1.108 remote-AS-number 4788
    enable bgp neighbor 10.20.1.108
    create bgp neighbor 10.20.1.116 remote-AS-number 4788
    enable bgp neighbor 10.20.1.116
    configure bgp neighbor 10.20.1.108 route-policy in AS4788-map-in
    configure bgp neighbor 10.20.1.108 route-policy out AS4788-map-out
    enable bgp neighbor 10.20.1.108 soft-in-reset
    disable bgp neighbor 10.20.1.108 capability ipv4-multicast
    configure bgp neighbor 10.20.1.116 route-policy in AS4788-map-in
    configure bgp neighbor 10.20.1.116 route-policy out AS4788-map-out
    enable bgp neighbor 10.20.1.116 soft-in-reset
    disable bgp neighbor 10.20.1.116 capability ipv4-multicast
    enable bgp export direct address-family ipv4-unicast
    enable bgp export remote-vpn address-family ipv4-unicast
    enable bgp
    virtual-router VR-Default

    #
    # Module edp configuration.
    #
    disable edp ports 28

    #
    # Module lldp configuration.
    #
    enable lldp ports 1

    #
    # Module mpls configuration.
    #
    configure mpls add vlan "Loopback0"
    enable mpls vlan "Loopback0"
    enable mpls ldp vlan "Loopback0"
    configure mpls add vlan "vman140"
    enable mpls vlan "vman140"
    enable mpls ldp vlan "vman140"
    configure mpls lsr-id 192.168.88.241
    enable mpls protocol ldp
    enable mpls

    #
    # Module ospf configuration.
    #
    configure ospf routerid 192.168.88.241
    enable ospf
    enable ospf export direct cost 30 type ase-type-1
    create ospf area 192.168.89.248
    configure ospf add vlan Loopback0 area 192.168.89.248
    configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point
    configure ospf vlan vman140 cost 5

    #
    # Module pim configuration.
    #
    configure pim register-checksum-to include-data
    configure pim ipv6 register-checksum-to include-data



  • 8.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 08:06
    The BGP routerid should be the same in the parent VR and in the VPN-VRF.


  • 9.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 08:29
    You mean thet I can't configure different routerid on different VRF?
    If I want to configure few roureid what I have to do? Is this case will be successfull when I configure different routerid on different VR (created by me - not VR-Default)?


  • 10.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 08:34
    The VPN-VRF are children of the VR, and in that respect they are using the same BGP process. This is why you have to have the same BGP settings (ASN, RouterId).

    You could create several VR (user VR as we say) and have different BGP process in each one, and then each would have a different RouterId.

    Be aware that only one VR can have MPLS, though.


  • 11.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 09:48
    But there is processes BGP and BGP4.

    Also in situation:
    irtual-router BBBB
    configure bgp AS-number 45800
    configure bgp routerid 10.20.1.121
    or chane to
    irtual-router BBBB
    configure bgp AS-number 45800
    configure bgp routerid 192.168.88.241
    (or when I have previous config)

    I have situation:
    - From 192.168.88.241 I can ping 192.168.89.254 and 192.168.89.253, but can't ping 192.168.88.226

    Thank you!


  • 12.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 10:03
    So now I have the same routerid but problem not gone.

    Any ideas?


  • 13.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 10:09
    Not being able to ping means you have another issue than BGP. Your ping should work through the IGP (OSPF). If you can't ping the loopback of the Cisco, you won't be able to establish a BGP session with it.
    Do you have a route to that loopback? ie is the loopback announced in OSPF by the Cisco router?


  • 14.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 10:30
    I can ping when configured mpls+ospf without bgp.
    When enable bgp I can't ping (but routes is present)
    Now I can ping 192.168.89.253 but can't ping 192.168.88.226

    X460-1

    -> show ospf neighbor Neighbor ID Pri State Up/Dead Time Address Interface
    BFD Session State
    ==========================================================================================
    192.168.88.240 1 FULL /DROTHER 00:08:51:18/00:00:00:08 192.168.89.249 vman140
    None

    -> show bgp neighbor detail
    IBGP Peer : 192.168.88.226 AS : 45800 Enabled : Yes OperStatus : Up
    Weight : 1 Shutdown-Priority : 1024
    ConnectRetry : 120 MinAsOrig : 5
    HoldTimeCfg : 180 KeepaliveCfg : 60
    Source Interface : 192.168.88.241 RRClient : No
    EBGP-Multihop : Yes Remove Private AS : No
    Capabilities Config : 4-Byte-As,vpnv4,route-refresh (old & new)
    Policy for NLRI Type ipv4-unicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : Extended
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    Policy for NLRI Type ipv4-multicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : No
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    Policy for NLRI Type vpnv4
    In Policy : None
    Out Policy : None
    NextHopSelf : Enabled Send Communities : Standard, Extended
    Soft Input Recfg : Enabled Allow Looped AS-Path: No
    Policy for NLRI Type ipv6-unicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : No
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    Policy for NLRI Type ipv6-multicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : No
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    State : ESTABLISHED
    FSM Up since : Fri Oct 10 09:52:51 2014
    (Duration: 0:1:25:34)
    Remote Addr : 192.168.88.226 Local Addr : 192.168.88.241
    Remote Port : 179 Local Port : 51414
    Remote RouterId : 192.168.88.226 Local RouterId : 192.168.88.241
    HoldTimeNegotiated : 180 KeepAliveNegotiated : 60
    FsmTransitions : 3
    InUpdateElapsedTime : 00:00:00:25 InMsgElapsedTime : 0:0:00:25
    InUpdates : 25 OutUpdates (in TxQ) : 6 (0)
    InTotalMsgs : 140 OutTotalMsgs : 131
    InRouteRefreshes : 0 OutRouteRefreshes : 0
    Route Statistics for NLRI Type vpnv4
    Received : 8 Accepted : 8
    Rejected : 0 Active : 0
    Suppressed : 0
    Capabilities Tx : 4-Byte-As,vpnv4,route-refresh (old & new)
    Capabilities Rx : 4-Byte-As,vpnv4,route-refresh (old & new),graceful-restart
    NLRI for the session: vpnv4
    Last State : ESTABLISHED Last Event : RX_KEEP
    LastError : 'Open Message - Unspecific error subcode' (RX) on: Fri Oct 10 09:52:36 2014

    X460-2
    -> show ospf neighbor Neighbor ID Pri State Up/Dead Time Address Interface
    BFD Session State
    ==========================================================================================
    192.168.90.226 10 FULL /BDR 00:01:32:49/00:00:00:04 192.168.90.172 vlan219
    None

    192.168.88.225 5 2WAY /DROTHER 00:01:32:49/00:00:00:00 192.168.90.169 vlan219
    None

    192.168.88.226 5 2WAY /DROTHER 00:01:32:49/00:00:00:03 192.168.90.170 vlan219
    None

    192.168.90.225 10 FULL /DR 00:01:32:49/00:00:00:02 192.168.90.171 vlan219
    None

    192.168.88.225 5 FULL /BDR 00:01:32:51/00:00:00:01 192.168.89.241 Vlan60
    None

    192.168.88.226 5 FULL /BDR 00:10:47:27/00:00:00:03 192.168.89.253 vlan61
    None

    192.168.88.241 1 FULL /DROTHER 00:08:49:52/00:00:00:08 192.168.89.250 vman140
    None

    Total number of neighbors: 7 (5 neighbors in Full state)

    -> show bgp neighbor detail
    IBGP Peer : 192.168.88.226 AS : 45800 Enabled : No OperStatus : Down
    Weight : 1 Shutdown-Priority : 1024
    ConnectRetry : 120 MinAsOrig : 5
    HoldTimeCfg : 180 KeepaliveCfg : 60
    Source Interface : 192.168.88.240 RRClient : No
    EBGP-Multihop : Yes Remove Private AS : No
    Capabilities Config : 4-Byte-As,vpnv4,route-refresh (old & new)
    Policy for NLRI Type ipv4-unicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : Extended
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    Policy for NLRI Type ipv4-multicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : No
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    Policy for NLRI Type vpnv4
    In Policy : None
    Out Policy : None
    NextHopSelf : Enabled Send Communities : Standard, Extended
    Soft Input Recfg : Enabled Allow Looped AS-Path: No
    Policy for NLRI Type ipv6-unicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : No
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    Policy for NLRI Type ipv6-multicast
    In Policy : None
    Out Policy : None
    NextHopSelf : Disabled Send Communities : No
    Soft Input Recfg : Disabled Allow Looped AS-Path: No
    State : IDLE
    FSM Down since : Fri Oct 10 11:20:31 2014
    (Duration: 0:0:00:00)
    Remote Addr : 192.168.88.226 Local Addr : 192.168.88.240
    Remote Port : 0 Local Port : 0
    Remote RouterId : 192.168.88.226 Local RouterId : 192.168.88.240
    HoldTimeNegotiated : 0 KeepAliveNegotiated : 0
    FsmTransitions : 0
    InUpdateElapsedTime : 00:00:00:00 InMsgElapsedTime : 0:0:00:00
    InUpdates : 0 OutUpdates (in TxQ) : 0 (0)
    InTotalMsgs : 0 OutTotalMsgs : 0
    InRouteRefreshes : 0 OutRouteRefreshes : 0
    Capabilities Tx : None
    Capabilities Rx : None
    NLRI for the session: None


  • 15.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 10:42
    Can you give a "sh iproute" without BGP, then with BGP?


  • 16.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-14-2014 11:28
    Stephan!

    Routes is present:
    X460-1
    #mp 192.168.88.226/32 192.168.89.249 1 U--D---um-Lf- vman140 0d:22h:21m:15s or 192.168.88.226/32 192.168.89.249 36 UG-D---um---- vman140 0d:22h:21m:11s

    X460-2

    #mp 192.168.88.226/32 192.168.90.170 1 U--D---um-Lf- vlan219 0d:22h:31m:32s
    #mp 192.168.88.226/32 192.168.89.253 1 U--D---um-L-- vlan61 0d:22h:31m:32s
    oa 192.168.88.226/32 192.168.89.253 31 UG-D---um---- vlan61 0d:22h:31m:28s


  • 17.  RE: L3 BGP MPLS and VPN don't work together

    Posted 10-15-2014 07:03
    Hi,

    I meant, if possible, can you give the "sh iproute" output result when BGP is disable, and on the same switch, give the same with BGP enable.


  • 18.  RE: L3 BGP MPLS and VPN don't work together

    Posted 11-14-2014 19:15
    Hello,

    As I could understand, we´re facing the same issue here with a BD8100. IP traffic runs ok, but when I run "enable iproute mpls-next-hop", I lose connectivity between the BGP peer´s loopback interfaces.

    If I disable "enable iproute mpls-next-hop", I am able to establish BGP sessions OK, but not having MPLS forwarding enabled will not allow my MPLS VPN's to go through BD8100. We have tested this on EXOS 15.6.1.4 and 15.5.2.9, with same results.

    We also have another similiar scenario (Cisco x Cisco BGP through Extreme Switch) using a X670 on version 15.4.1.3, and all works fine. I will repeat this scenario using X670 between CISCO routers and let you know the result.

    IGP and Label allocation is consistent on all routers/switches, but there´s no connectivity.

    I am guessing that one possible cause is the information I found on EXOS Concept Guide 15.4 (page 1139), where it says:

    "Multivendor Support for Calculated LSPsUnfortunately, some MPLS implementations do not support the ability to forward packets received on
    an egress LSP to their OSPF router ID and/or BGP next hop address.
    If your MPLS network includes equipment that does not support this type of IP forwarding, you can use
    configuration commands to explicitly control the use of calculated LSP next hops."

    If anyone has any clue on how to solve this, please share.


  • 19.  RE: L3 BGP MPLS and VPN don't work together

    Posted 11-15-2014 04:16
    15.4.1.3 latest patch has many MPLS fixes


  • 20.  RE: L3 BGP MPLS and VPN don't work together

    Posted 11-15-2014 08:28
    I have this running for a while with x670v and Cat6500. I'm running EXOS 15.3.1.
    If you can afford some tests, I would try to set the BD8k to the latest 15.3.1 patch (p1-44 if I recall correctly) and see if it changes a thing.

    What ever the result, please open a case.


  • 21.  RE: L3 BGP MPLS and VPN don't work together

    Posted 11-20-2014 15:24
    I have tried these versions without success. Whenever I isse the command "enable iproute mpls-next-hop", I lose connectivity through BD. Through X670 this issue is not present. I´ve already opened a tech case for this.



  • 22.  RE: L3 BGP MPLS and VPN don't work together

    Posted 11-22-2014 11:10
    Can you please share the case number?


  • 23.  RE: L3 BGP MPLS and VPN don't work together

    Posted 11-24-2014 16:07
    Sure. Case number is 01066137. It ́s about BGP process crash on BD and also MPLS traffic not passing through BD when "enable iproute mpls-next-hop" is enable. All help is welcome.