L3 BGP MPLS and VPN don't work together

  • 0
  • 2
  • Problem
  • Updated 4 years ago
  • In Progress
Summit X460.
Scheme: 
X460-1 (loopback vlan) <-> (ospf+mpls+ldp)<->X460-2 (loopback vlan) <-> (ospf+mpls+ldp) <-> cisco 7301
All work fine beetween X460-1 and X460-2; X460-2 and Cisco
All routes is present, protocols working, labels is running, BUT when enable iBGP session beetween X460-2 and Cisco, there is no connection beetween X460-1 and Cisco.
Is there some nuances or ideas?

Than you!
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb

Posted 4 years ago

  • 0
  • 2
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
Hi,

There should be no issue, we have L3VPN running with Cisco and others without problem. Can you share your config, so that we can validate it?
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
Hello, Stephane!

Can you give me, please, your e-mail?

Thank you!
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
I don't find how to send private message...
Can't you just put the relevant config here, changing the IP addresses to some RFC1918?
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
X460-1 (192.168.88.241)
## Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-34
configure vr VR-Default add ports 1, 3-27, 29-34
configure vman ethertype 0x8100
create vlan "Loopback0"
enable loopback-mode vlan Loopback0
create vman "vman140"
configure vman vman140 tag 140
enable jumbo-frame ports 1
configure vman vman140 add ports 1 tagged
onfigure vlan Loopback0 ipaddress 192.168.88.241 255.255.255.255
enable ipforwarding vlan Loopback0configure ip-mtu 9000 vlan Loopback0
configure vlan vman140 ipaddress 192.168.89.250 255.255.255.252
enable ipforwarding vlan vman140
configure ip-mtu 9000 vlan vman140
#
# Module rtmgr configuration.
#
enable iproute sharing vr VR-Default
enable iproute mpls-next-hop
#
# Module mcmgr configuration.
#
enable ipmcforwarding vlan "vman140"
#
# Module bgp configuration.
#
configure bgp AS-number 45800
configure bgp routerid 192.168.88.241
configure bgp maximum-paths 8
enable bgp community format AS-number:number
create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.241
enable bgp neighbor 192.168.88.226
create bgp neighbor 192.168.88.240 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.240 source-interface ipaddress 192.68.88.241
enable bgp neighbor 192.168.88.240
configure bgp neighbor 192.168.88.226 send-community extended
disable bgp neighbor 192.168.88.226 capability ipv4-unicast
disable bgp neighbor 192.168.88.226 capability ipv4-multicast
configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.226 capability vpnv4
enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
configure bgp neighbor 192.168.88.240 send-community extended
disable bgp neighbor 192.168.88.240 capability ipv4-unicast
disable bgp neighbor 192.168.88.240 capability ipv4-multicast
configure bgp neighbor 192.168.88.240 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.240 capability vpnv4
enable bgp
#
# Module mpls configuration.
#
configure mpls add vlan "Loopback0"
enable mpls vlan "Loopback0"
enable mpls ldp vlan "Loopback0"
configure mpls add vlan "vman140"
enable mpls vlan "vman140"
enable mpls ldp vlan "vman140"
configure mpls lsr-id 192.168.88.241
enable mpls protocol ldp
enable mpls
#
# Module ospf configuration.
#
configure ospf routerid 192.168.88.241
enable ospf
enable ospf export direct cost 30 type ase-type-1
create ospf area 192.168.89.248
configure ospf add vlan Loopback0 area 192.168.89.248 
configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point 
configure ospf vlan vman140 cost 5

X460-2 (192.168.88.240)
#
# Module vlan configuration.
#
configure vlan default delete ports all
enable jumbo-frame ports all
configure vman ethertype 0x8100
create vlan "Loopback0"
configure vlan Loopback0 description "Loopback0" 
configure vlan Loopback0 protocol mpls
enable loopback-mode vlan Loopback0
create vlan "vlan61"
configure vlan vlan61 tag 61
configure vlan vlan61 protocol mpls
create vman "vman140"
configure vman vman140 tag 140
configure vlan vlan61 add ports 28 tagged 
configure vman vman140 add ports 2 tagged
configure vlan vlan61 ipaddress 192.168.89.254 255.255.255.252
enable ipforwarding vlan vlan61
configure ip-mtu 9000 vlan vlan61
configure vlan Loopback0 ipaddress 192.168.88.240 255.255.255.255
enable ipforwarding vlan Loopback0
configure ip-mtu 9000 vlan Loopback0
configure vlan vman140 ipaddress 192.168.89.249 255.255.255.252
enable ipforwarding vlan vman140
configure ip-mtu 9000 vlan vman140
#
# Module rtmgr configuration.
#
enable iproute sharing vr VR-Default
enable iproute mpls-next-hop
#
# Module mcmgr configuration.
#
enable ipmcforwarding vlan "Loopback0"
enable ipmcforwarding vlan "vlan61"
enable ipmcforwarding vlan "vman140"
#
# Module bgp configuration.
#
configure bgp AS-number 45800
configure bgp routerid 192.168.88.240
enable bgp community format AS-number:number
create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.240
create bgp neighbor 192.168.88.241 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.241 source-interface ipaddress 192.168.88.240
enable bgp neighbor 192.168.88.241
configure bgp neighbor 192.168.88.226 send-community extended
disable bgp neighbor 192.168.88.226 capability ipv4-unicast
disable bgp neighbor 192.168.88.226 capability ipv4-multicast
configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.226 capability vpnv4
enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
configure bgp neighbor 192.168.88.241 send-community extended
disable bgp neighbor 192.168.88.241 capability ipv4-unicast
disable bgp neighbor 192.168.88.241 capability ipv4-multicast
configure bgp neighbor 192.168.88.241 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.241 capability vpnv4
enable bgp
#
# Module mpls configuration.
#
configure mpls add vlan "Loopback0"
enable mpls vlan "Loopback0"
enable mpls ldp vlan "Loopback0"
configure mpls add vlan "vlan61"
enable mpls vlan "vlan61"
enable mpls ldp vlan "vlan61"
configure mpls add vlan "vman140"
enable mpls vlan "vman140"
enable mpls ldp vlan "vman140"
configure mpls lsr-id 192.168.88.240
enable mpls protocol ldp
enable mpls
#
# Module ospf configuration.
#
configure ospf routerid 192.168.88.240
enable ospf
enable ospf export direct cost 30 type ase-type-1
create ospf area 192.168.89.248
configure ospf add vlan Loopback0 area 0.0.0.0 
configure ospf add vlan vlan61 area 0.0.0.0 
configure ospf vlan vlan61 cost 30
configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point 
configure ospf vlan vman140 cost 5

Then Cisco 7301 
(vlan 61 - 192.168.89.253/30)
(loopback0 - 192.168.88.226)
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
Thanks,

Let's be sure of what you're trying to setup.

I understood you wanted to configure a L3VPN service on your backbone, made of x460 and Cisco routers. Reading again your initial question, I have a doubt of what you're trying to do.

You were saying: "when enable iBGP session beetween X460-2 and Cisco, there is no connection beetween X460-1 and Cisco".

Is that a typo, a shortcut, or are you really expecting to have a connection between x460-1 and Cisco when configuring x460-2 to Cisco? When you say connection, what do you mean exactly? I understand you already have reachability because of OSPF/MPLS.

Assuming you really want to have L3VPN (I see the vpnv4 AF enabled), this configuration is missing the VPN-VRF, RD and RT and export part.

What MP-iBGP session are Established?
Is it normal to have ipv4-unicast AF disabled?
Is it the same on the Cisco side?
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
Hello, Stephane!

1. When enable BGP disappears connection - ospf/mpls/bgp.
2. I expect connection through ospf/mpls/bgp
3. ipv4-unicast AF disabled - it is normal, there is as example in Concept Guide and there is "next-hop-self in vpnv4" , other interactions is not necessary, only VPN routes
4. The same in the Cisco side.

Scheme of network:

Full config below:
X460-2
#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1:1-34, 2:1-34
configure vr VR-Default add ports 1:1-26, 1:28-34
create vr "AAAA" type vpn-vrf vr "VR-Default" 
create vr "BBBB" type vpn-vrf vr "VR-Default" 
create vr "CCCC" type vpn-vrf vr "VR-Default" 
create vr "DDDD" type vpn-vrf vr "VR-Default" 
configure vlan default delete ports 1:27-28, 2:1-34
enable jumbo-frame ports all
configure sharing address-based custom ipv4 source-and-destination
configure vman ethertype 0x8100
create vlan "Loopback0"
configure vlan Loopback0 description "Loopback0" 
configure vlan Loopback0 protocol mpls
enable loopback-mode vlan Loopback0
create vlan "Loopback10" vr BBBB
enable loopback-mode vlan Loopback10
create vlan "Loopback20" vr AAAA
enable loopback-mode vlan Loopback20
create vlan "Loopback30" vr CCCC 
enable loopback-mode vlan Loopback30
create vlan "Loopback40" vr DDDD
enable loopback-mode vlan Loopback40
create vlan "vlan110" vr AAAA
configure vlan vlan110 tag 110
create vlan "vlan130" vr BBBB
configure vlan vlan130 tag 130
create vlan "vlan132" vr CCCC
configure vlan vlan132 tag 132
create vlan "vlan133" vr DDDD
configure vlan vlan133 tag 133
create vlan "vlan219" 
configure vlan vlan219 tag 219
create vlan "Vlan447"
configure vlan Vlan447 tag 447
create vlan "Vlan487"
configure vlan Vlan487 tag 487
create vlan "Vlan60" 
configure vlan Vlan60 tag 60
configure vlan Vlan60 protocol mpls
create vlan "vlan61"
configure vlan vlan61 tag 61
configure vlan vlan61 protocol mpls
create vman "vman140"
configure vman vman140 tag 140
disable port 1:1
disable port 1:4
disable port 1:5
disable port 1:6
disable port 1:7
disable port 1:8
disable port 1:9
disable port 1:10
disable port 1:11
disable port 1:12
disable port 1:13
disable port 1:14
disable port 1:15
disable port 1:16
disable port 1:17
disable port 1:18
disable port 1:19
disable port 1:20
disable port 1:21
disable port 1:22
disable port 1:23
disable port 1:24
disable port 1:25
disable port 1:26
disable port 1:29
configure ports 1:29 auto off speed 10000 duplex full 
disable port 1:30
configure ports 1:30 auto off speed 10000 duplex full 
disable port 1:31
configure ports 1:31 auto off speed 10000 duplex full 
disable port 1:32
configure ports 1:32 auto off speed 10000 duplex full 
disable port 1:33
configure ports 1:33 auto off speed 10000 duplex full 
disable port 1:34
configure ports 1:34 auto off speed 10000 duplex full 
configure ports 2:2 auto off speed 1000 duplex full 
disable port 2:3
disable port 2:4
disable port 2:5
disable port 2:6
disable port 2:7
disable port 2:8
disable port 2:9
disable port 2:10
disable port 2:11
disable port 2:12
disable port 2:13
disable port 2:14
disable port 2:15
disable port 2:16
disable port 2:17
disable port 2:18
disable port 2:19
disable port 2:20
disable port 2:21
disable port 2:22
disable port 2:23
disable port 2:24
disable port 2:25
disable port 2:26
disable port 2:29
configure ports 2:29 auto off speed 10000 duplex full 
disable port 2:30
configure ports 2:30 auto off speed 10000 duplex full 
disable port 2:31
configure ports 2:31 auto off speed 10000 duplex full 
disable port 2:32
configure ports 2:32 auto off speed 10000 duplex full 
disable port 2:33
configure ports 2:33 auto off speed 10000 duplex full 
disable port 2:34
configure ports 2:34 auto off speed 10000 duplex full 
enable sharing 1:27 grouping 1:27, 2:27 algorithm address-based L3_L4 lacp
configure vlan Default add ports 1:1-26, 1:29-34 untagged  
configure vlan vlan110 add ports 1:27 tagged  
configure vlan vlan130 add ports 1:27 tagged  
configure vlan vlan132 add ports 1:27 tagged  
configure vlan vlan133 add ports 1:27 tagged  
configure vlan vlan219 add ports 2:1-2 tagged  
configure vlan Vlan447 add ports 1:3, 1:28 tagged  
configure vlan Vlan487 add ports 1:3, 2:1 tagged  
configure vlan Vlan60 add ports 2:1 tagged  
configure vlan vlan61 add ports 1:28 tagged  
configure vman vman140 add ports 1:2 tagged
configure vlan Loopback0 ipaddress 192.168.88.240 255.255.255.255
enable ipforwarding vlan Loopback0
configure ip-mtu 9000 vlan Loopback0
configure vlan Vlan60 ipaddress 192.168.89.244 255.255.255.248
enable ipforwarding vlan Vlan60
configure ip-mtu 9000 vlan Vlan60
configure vlan vman140 ipaddress 192.168.89.249 255.255.255.252
enable ipforwarding vlan vman140
configure ip-mtu 9000 vlan vman140
configure vlan vlan219 ipaddress 192.168.90.173 255.255.255.248
enable ipforwarding vlan vlan219
configure ip-mtu 9000 vlan vlan219
configure vlan vlan110 ipaddress 10.20.2.4 255.255.255.240
enable ipforwarding vlan vlan110
configure ip-mtu 9000 vlan vlan110
configure vlan vlan132 ipaddress 10.20.2.36 255.255.255.240
enable ipforwarding vlan vlan132
configure ip-mtu 9000 vlan vlan132
configure vlan vlan133 ipaddress 10.20.2.52 255.255.255.240
enable ipforwarding vlan vlan133
configure ip-mtu 9000 vlan vlan133
configure vlan vlan61 ipaddress 192.168.89.254 255.255.255.252
enable ipforwarding vlan vlan61
configure ip-mtu 9000 vlan vlan61
configure vlan Loopback10 ipaddress 10.20.1.122 255.255.255.255
enable ipforwarding vlan Loopback10
configure vlan vlan130 ipaddress 10.20.2.20 255.255.255.240
enable ipforwarding vlan vlan130
configure ip-mtu 9000 vlan vlan130
configure vlan Loopback20 ipaddress 10.20.2.241 255.255.255.255
enable ipforwarding vlan Loopback20
configure vlan Loopback30 ipaddress 10.20.2.242 255.255.255.255
enable ipforwarding vlan Loopback30
configure vlan Loopback40 ipaddress 10.20.2.243 255.255.255.255
enable ipforwarding vlan Loopback40
configure vr AAAA rd 45800:70
configure vr BBBB rd 45800:50
configure vr CCCC rd 45800:110
configure vr DDDD rd 45800:120
configure vr AAAA route-target both add 45800:70
configure vr BBBB route-target both add 45800:50
configure vr CCCC route-target both add 45800:110
configure vr DDDD route-target both add 45800:120

#
# Module fdb configuration.
#
configure iparp vr BBBB fast-convergence on

#
# Module rtmgr configuration.
#
enable iproute sharing vr VR-Default
enable iproute sharing vr AAAA
enable iproute sharing vr BBBB
enable iproute sharing vr CCCC
enable iproute sharing vr DDDD
enable iproute mpls-next-hop

#
# Module mcmgr configuration.
#
enable ipmcforwarding vlan "Loopback0"
enable ipmcforwarding vlan "Loopback10"
enable ipmcforwarding vlan "Loopback20"
enable ipmcforwarding vlan "Loopback30"
enable ipmcforwarding vlan "Loopback40"
enable ipmcforwarding vlan "vlan130"
enable ipmcforwarding vlan "vlan219"
enable ipmcforwarding vlan "Vlan60"
enable ipmcforwarding vlan "vlan61"
enable ipmcforwarding vlan "vman140"

#
# Module bgp configuration.
#
configure bgp AS-number 45800
configure bgp routerid 192.168.88.240
enable bgp community format AS-number:number
create bgp neighbor 192.168.88.225 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.225 source-interface ipaddress 191.168.88.240
create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.240
create bgp neighbor 192.168.88.241 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.241 source-interface ipaddress 192.168.88.240
enable bgp neighbor 192.168.88.241
configure bgp neighbor 192.168.88.225 send-community extended
disable bgp neighbor 192.168.225 capability ipv4-unicast
disable bgp neighbor 192.168.88.225 capability ipv4-multicast
configure bgp neighbor 192.168.88.225 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.225 capability vpnv4
enable bgp neighbor 192.168.88.225 address-family vpnv4 soft-in-reset
configure bgp neighbor 192.168.88.226 send-community extended
disable bgp neighbor 192.168.88.226 capability ipv4-unicast
disable bgp neighbor 192.168.88.226 capability ipv4-multicast
configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.226 capability vpnv4
enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
configure bgp neighbor 192.168.88.241 send-community extended
disable bgp neighbor 192.168.88.241 capability ipv4-unicast
disable bgp neighbor 192.168.88.241 capability ipv4-multicast
configure bgp neighbor 192.168.88.241 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.241 capability vpnv4
enable bgp export vr BBBB direct address-family vpnv4
enable bgp export vr BBBB static address-family vpnv4
enable bgp export vr AAAA direct address-family vpnv4
enable bgp export vr AAAA static address-family vpnv4
enable bgp export vr CCCC direct address-family vpnv4
enable bgp export vr CCCC static address-family vpnv4
enable bgp export vr DDDD direct address-family vpnv4
enable bgp export vr DDDD static address-family vpnv4
enable bgp

#
# Module lldp configuration.
#
enable lldp ports 1:2

#
# Module mpls configuration.
#
configure mpls add vlan "Loopback0"
enable mpls vlan "Loopback0"
enable mpls ldp vlan "Loopback0"
configure mpls add vlan "vlan219"
enable mpls vlan "vlan219"
enable mpls ldp vlan "vlan219"
configure mpls add vlan "Vlan60"
enable mpls vlan "Vlan60"
enable mpls ldp vlan "Vlan60"
configure mpls add vlan "vlan61"
enable mpls vlan "vlan61"
enable mpls ldp vlan "vlan61"
configure mpls add vlan "vman140"
enable mpls vlan "vman140"
enable mpls ldp vlan "vman140"
configure mpls lsr-id 192.168.88.240
enable mpls protocol ldp
enable mpls

#
# Module ospf configuration.
#
configure ospf routerid 192.168.88.240
enable ospf
enable ospf export direct cost 30 type ase-type-1
create ospf area 192.168.89.248
configure ospf add vlan Loopback0 area 0.0.0.0 
configure ospf add vlan vlan219 area 0.0.0.0 
configure ospf vlan vlan219 cost 40
configure ospf add vlan Vlan60 area 0.0.0.0 
configure ospf vlan Vlan60 cost 30
configure ospf add vlan vlan61 area 0.0.0.0 
configure ospf vlan vlan61 cost 30
configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point 
configure ospf vlan vman140 cost 5


X460-1

#
# Module vlan configuration.
#
configure vlan default delete ports all
configure vr VR-Default delete ports 1-34
configure vr VR-Default add ports 1, 3-27, 29-34
create vr "BBBB" type vpn-vrf vr "VR-Default" 
configure vr BBBB add ports 2
create vr "EEEE" 
configure vr EEEE add ports 28
configure vlan default delete ports 1-2, 28
configure vman ethertype 0x8100
create vlan "Inet-Mgmt-IPTP" vr EEEE
configure vlan Inet-Mgmt-IPTP protocol IP
create vlan "Loopback0"
configure vlan Loopback0 description "Loopback0" 
enable loopback-mode vlan Loopback0
create vlan "Loopback10" vr BBBB
enable loopback-mode vlan Loopback10
create vlan "vlan142" vr BBBB
configure vlan vlan142 tag 142
create vlan "vlan152" vr BBBB
configure vlan vlan152 tag 152
create vman "vman140"
configure vman vman140 tag 140
enable jumbo-frame ports 1
enable jumbo-frame ports 2
disable port 3
enable jumbo-frame ports 3
disable port 4
enable jumbo-frame ports 4
disable port 5
enable jumbo-frame ports 5
disable port 6
enable jumbo-frame ports 6
disable port 7
enable jumbo-frame ports 7
disable port 8
enable jumbo-frame ports 8
disable port 9
enable jumbo-frame ports 9
disable port 10
enable jumbo-frame ports 10
disable port 11
enable jumbo-frame ports 11
disable port 12
enable jumbo-frame ports 12
disable port 13
enable jumbo-frame ports 13
disable port 14
enable jumbo-frame ports 14
disable port 15
enable jumbo-frame ports 15
disable port 16
enable jumbo-frame ports 16
disable port 17
enable jumbo-frame ports 17
disable port 18
enable jumbo-frame ports 18
disable port 19
enable jumbo-frame ports 19
disable port 20
enable jumbo-frame ports 20
disable port 21
enable jumbo-frame ports 21
disable port 22
enable jumbo-frame ports 22
disable port 23
enable jumbo-frame ports 23
disable port 24
enable jumbo-frame ports 24
disable port 25
enable jumbo-frame ports 25
disable port 26
enable jumbo-frame ports 26
disable port 27
enable jumbo-frame ports 27
enable jumbo-frame ports 28
disable flooding all_cast port 28
configure ports 29 auto off speed 10000 duplex full 
configure ports 30 auto off speed 10000 duplex full 
configure ports 31 auto off speed 10000 duplex full 
configure ports 32 auto off speed 10000 duplex full 
configure ports 33 auto off speed 10000 duplex full 
configure ports 34 auto off speed 10000 duplex full 
configure mirror DefaultMirror to port 27 remote-tag 200
configure vlan Default add ports 3-27, 29-34 untagged  
configure vlan Inet-Mgmt-IPTP add ports 28 untagged  
configure vlan vlan142 add ports 2 tagged  
configure vlan vlan152 add ports 2 tagged  
configure vman vman140 add ports 1 tagged
configure vlan Loopback0 ipaddress 192.168.88.241 255.255.255.255
enable ipforwarding vlan Loopback0
configure ip-mtu 9000 vlan Loopback0
configure vlan vman140 ipaddress 192.168.89.250 255.255.255.252
enable ipforwarding vlan vman140
configure ip-mtu 9000 vlan vman140
configure vlan Inet-Mgmt-IPTP ipaddress 192.168.123.131 255.255.255.0
enable ipforwarding vlan Inet-Mgmt-IPTP
configure vlan vlan142 ipaddress 10.20.1.105 255.255.255.248
enable ipforwarding vlan vlan142
configure vlan Loopback10 ipaddress 10.20.1.121 255.255.255.255
enable ipforwarding vlan Loopback10
configure vlan vlan152 ipaddress 10.20.1.113 255.255.255.248
enable ipforwarding vlan vlan152
configure vr BBBB add protocol bgp
configure vr BBBB rd 45800:50
configure vr BBBB route-target both add 45800:50
configure mirror DefaultMirror add port 2 ingress-and-egress

#
# Module fdb configuration.
#
configure iparp vr BBBB fast-convergence on

#
# Module rtmgr configuration.
#
enable iproute sharing vr VR-Default
enable iproute sharing vr BBBB
configure iproute add default 192.168.123.254 vr EEEE
enable iproute mpls-next-hop

#
# Module mcmgr configuration.
#
enable ipmcforwarding vlan "vman140"

#
# Module bgp configuration.
#
configure bgp AS-number 45800
configure bgp routerid 192.168.88.241
configure bgp maximum-paths 8
enable bgp community format AS-number:number
create bgp neighbor 192.168.88.225 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.225 source-interface ipaddress 192.168.88.241
enable bgp neighbor 192.168.88.225
create bgp neighbor 192.168.88.226 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.226 source-interface ipaddress 192.168.88.241
enable bgp neighbor 192.168.88.226
create bgp neighbor 192.168.88.240 remote-AS-number 45800 multi-hop
configure bgp neighbor 192.168.88.240 source-interface ipaddress 192.168.88.241
enable bgp neighbor 192.168.88.240
configure bgp neighbor 192.168.88.225 send-community extended
disable bgp neighbor 192.168.88.225 capability ipv4-unicast
disable bgp neighbor 192.168.88.225 capability ipv4-multicast
configure bgp neighbor 192.168.88.225 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.225 capability vpnv4
enable bgp neighbor 192.168.88.225 address-family vpnv4 soft-in-reset
configure bgp neighbor 192.168.88.226 send-community extended
disable bgp neighbor 192.168.88.226 capability ipv4-unicast
disable bgp neighbor 192.168.88.226 capability ipv4-multicast
configure bgp neighbor 192.168.88.226 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.226 capability vpnv4
enable bgp neighbor 192.168.88.226 address-family vpnv4 soft-in-reset
configure bgp neighbor 192.168.88.240 send-community extended
disable bgp neighbor 192.168.88.240 capability ipv4-unicast
disable bgp neighbor 192.168.88.240 capability ipv4-multicast
configure bgp neighbor 192.168.88.240 address-family vpnv4 next-hop-self
enable bgp neighbor 192.168.88.240 capability vpnv4
enable bgp export vr BBBB direct address-family vpnv4
enable bgp export vr BBBB static address-family vpnv4
enable bgp export vr BBBB bgp address-family vpnv4
enable bgp

#
# Module bgp configuration on virtual router VR-SIGTRAN-VPN.
#
virtual-router BBBB
configure bgp AS-number 45800
configure bgp routerid 10.20.1.121
configure bgp maximum-paths 8
enable bgp fast-external-fallover
create bgp neighbor 10.20.1.108 remote-AS-number 4788
enable bgp neighbor 10.20.1.108
create bgp neighbor 10.20.1.116 remote-AS-number 4788
enable bgp neighbor 10.20.1.116
configure bgp neighbor 10.20.1.108 route-policy in AS4788-map-in
configure bgp neighbor 10.20.1.108 route-policy out AS4788-map-out
enable bgp neighbor 10.20.1.108 soft-in-reset
disable bgp neighbor 10.20.1.108 capability ipv4-multicast
configure bgp neighbor 10.20.1.116 route-policy in AS4788-map-in
configure bgp neighbor 10.20.1.116 route-policy out AS4788-map-out
enable bgp neighbor 10.20.1.116 soft-in-reset
disable bgp neighbor 10.20.1.116 capability ipv4-multicast
enable bgp export direct address-family ipv4-unicast
enable bgp export remote-vpn address-family ipv4-unicast
enable bgp
virtual-router VR-Default

#
# Module edp configuration.
#
disable edp ports 28

#
# Module lldp configuration.
#
enable lldp ports 1

#
# Module mpls configuration.
#
configure mpls add vlan "Loopback0"
enable mpls vlan "Loopback0"
enable mpls ldp vlan "Loopback0"
configure mpls add vlan "vman140"
enable mpls vlan "vman140"
enable mpls ldp vlan "vman140"
configure mpls lsr-id 192.168.88.241
enable mpls protocol ldp
enable mpls

#
# Module ospf configuration.
#
configure ospf routerid 192.168.88.241
enable ospf
enable ospf export direct cost 30 type ase-type-1
create ospf area 192.168.89.248
configure ospf add vlan Loopback0 area 192.168.89.248 
configure ospf add vlan vman140 area 192.168.89.248 link-type point-to-point 
configure ospf vlan vman140 cost 5

#
# Module pim configuration.
#
configure pim register-checksum-to include-data
configure pim ipv6 register-checksum-to include-data
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
The BGP routerid should be the same in the parent VR and in the VPN-VRF.
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
You mean thet I can't configure different routerid on different VRF?
If I want to configure few roureid what I have to do? Is this case will be successfull when I configure different routerid on different VR (created by me - not VR-Default)?
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
The VPN-VRF are children of the VR, and in that respect they are using the same BGP process. This is why you have to have the same BGP settings (ASN, RouterId).

You could create several VR (user VR as we say) and have different BGP process in each one, and then each would have a different RouterId.

Be aware that only one VR can have MPLS, though.
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
But there is processes BGP and BGP4.

Also in situation:
irtual-router BBBB
configure bgp AS-number 45800
configure bgp routerid 10.20.1.121
or chane to 
irtual-router BBBB
configure bgp AS-number 45800
configure bgp routerid 192.168.88.241
(or when I have previous config)

I have situation:
- From 192.168.88.241 I can ping 192.168.89.254 and 192.168.89.253, but can't ping 192.168.88.226

Thank you!
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
So now I have the same routerid but problem not gone.

Any ideas?
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
Not being able to ping means you have another issue than BGP. Your ping should work through the IGP (OSPF). If you can't ping the loopback of the Cisco, you won't be able to establish a BGP session with it.
Do you have a route to that loopback? ie is the loopback announced in OSPF by the Cisco router?
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
I can ping when configured mpls+ospf without bgp.
When enable bgp I can't ping (but routes is present)
Now I can ping 192.168.89.253 but can't ping 192.168.88.226

X460-1

-> show ospf neighbor Neighbor ID     Pri State              Up/Dead Time             Address         Interface
          BFD Session State 
==========================================================================================
192.168.88.240     1 FULL      /DROTHER 00:08:51:18/00:00:00:08  192.168.89.249   vman140   
          None    
         
-> show bgp neighbor detail 
IBGP Peer           : 192.168.88.226     AS                  : 45800 Enabled             : Yes               OperStatus          : Up
Weight              : 1                 Shutdown-Priority   : 1024
ConnectRetry        : 120               MinAsOrig           : 5
HoldTimeCfg         : 180               KeepaliveCfg        : 60
Source Interface    : 192.168.88.241     RRClient            : No
EBGP-Multihop       : Yes               Remove Private AS   : No 
Capabilities Config : 4-Byte-As,vpnv4,route-refresh (old & new)
Policy for NLRI Type ipv4-unicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : Extended
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
Policy for NLRI Type ipv4-multicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : No
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
Policy for NLRI Type vpnv4
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Enabled           Send Communities    : Standard, Extended
  Soft Input Recfg  : Enabled           Allow Looped AS-Path: No
Policy for NLRI Type ipv6-unicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : No
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
Policy for NLRI Type ipv6-multicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : No
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
State               : ESTABLISHED
FSM Up since        : Fri Oct 10 09:52:51 2014
 (Duration: 0:1:25:34)
Remote Addr         : 192.168.88.226     Local Addr          : 192.168.88.241
Remote Port         : 179               Local Port          : 51414
Remote RouterId     : 192.168.88.226     Local RouterId      : 192.168.88.241  
HoldTimeNegotiated  : 180               KeepAliveNegotiated : 60
FsmTransitions      : 3    
InUpdateElapsedTime : 00:00:00:25       InMsgElapsedTime    : 0:0:00:25  
InUpdates           : 25                OutUpdates (in TxQ) : 6 (0)
InTotalMsgs         : 140               OutTotalMsgs        : 131
InRouteRefreshes    : 0                 OutRouteRefreshes   : 0
Route Statistics for NLRI Type vpnv4
  Received          : 8                 Accepted            : 8
  Rejected          : 0                 Active              : 0
  Suppressed        : 0
Capabilities Tx     : 4-Byte-As,vpnv4,route-refresh (old & new)
Capabilities Rx     : 4-Byte-As,vpnv4,route-refresh (old & new),graceful-restart
NLRI for the session:  vpnv4
Last State          : ESTABLISHED       Last Event          : RX_KEEP
LastError           : 'Open Message - Unspecific error subcode' (RX) on: Fri Oct 10 09:52:36 2014

X460-2
-> show ospf neighbor Neighbor ID     Pri State              Up/Dead Time             Address         Interface
          BFD Session State 
==========================================================================================
192.168.90.226    10 FULL      /BDR     00:01:32:49/00:00:00:04  192.168.90.172   vlan219   
          None              

192.168.88.225     5 2WAY      /DROTHER 00:01:32:49/00:00:00:00  192.168.90.169   vlan219   
          None              

192.168.88.226     5 2WAY      /DROTHER 00:01:32:49/00:00:00:03  192.168.90.170   vlan219   
          None              

192.168.90.225    10 FULL      /DR      00:01:32:49/00:00:00:02  192.168.90.171   vlan219   
          None              

192.168.88.225     5 FULL      /BDR     00:01:32:51/00:00:00:01  192.168.89.241   Vlan60    
          None              

192.168.88.226     5 FULL      /BDR     00:10:47:27/00:00:00:03  192.168.89.253   vlan61    
          None              

192.168.88.241     1 FULL      /DROTHER 00:08:49:52/00:00:00:08  192.168.89.250   vman140   
          None              

Total number of neighbors: 7 (5 neighbors in Full state)

-> show bgp neighbor detail 
IBGP Peer           : 192.168.88.226     AS                  : 45800 Enabled             : No                OperStatus          : Down
Weight              : 1                 Shutdown-Priority   : 1024
ConnectRetry        : 120               MinAsOrig           : 5
HoldTimeCfg         : 180               KeepaliveCfg        : 60
Source Interface    : 192.168.88.240     RRClient            : No
EBGP-Multihop       : Yes               Remove Private AS   : No 
Capabilities Config : 4-Byte-As,vpnv4,route-refresh (old & new)
Policy for NLRI Type ipv4-unicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : Extended
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
Policy for NLRI Type ipv4-multicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : No
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
Policy for NLRI Type vpnv4
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Enabled           Send Communities    : Standard, Extended
  Soft Input Recfg  : Enabled           Allow Looped AS-Path: No
Policy for NLRI Type ipv6-unicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : No
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
Policy for NLRI Type ipv6-multicast
  In Policy         : None
  Out Policy        : None
  NextHopSelf       : Disabled          Send Communities    : No
  Soft Input Recfg  : Disabled          Allow Looped AS-Path: No
State               : IDLE
FSM Down since      : Fri Oct 10 11:20:31 2014
 (Duration: 0:0:00:00)
Remote Addr         : 192.168.88.226     Local Addr          : 192.168.88.240
Remote Port         : 0                 Local Port          : 0
Remote RouterId     : 192.168.88.226     Local RouterId      : 192.168.88.240  
HoldTimeNegotiated  : 0                 KeepAliveNegotiated : 0
FsmTransitions      : 0    
InUpdateElapsedTime : 00:00:00:00       InMsgElapsedTime    : 0:0:00:00  
InUpdates           : 0                 OutUpdates (in TxQ) : 0 (0)
InTotalMsgs         : 0                 OutTotalMsgs        : 0
InRouteRefreshes    : 0                 OutRouteRefreshes   : 0
Capabilities Tx     : None
Capabilities Rx     : None
NLRI for the session:  None
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
Can you give a "sh iproute" without BGP, then with BGP?
Photo of Alexandr P

Alexandr P, Embassador

  • 12,596 Points 10k badge 2x thumb
Stephan!

Routes is present:
X460-1
#mp  192.168.88.226/32   192.168.89.249   1    U--D---um-Lf- vman140    0d:22h:21m:15s or  192.168.88.226/32   192.168.89.249   36   UG-D---um---- vman140    0d:22h:21m:11s

X460-2

#mp  192.168.88.226/32   192.168.90.170   1    U--D---um-Lf- vlan219    0d:22h:31m:32s
#mp  192.168.88.226/32   192.168.89.253   1    U--D---um-L-- vlan61     0d:22h:31m:32s
     oa  192.168.88.226/32   192.168.89.253   31   UG-D---um---- vlan61     0d:22h:31m:28s
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
Hi,

I meant, if possible, can you give the "sh iproute" output result when BGP is disable, and on the same switch, give the same with BGP enable.
Photo of Brunno

Brunno

  • 94 Points 75 badge 2x thumb
Hello, 

As I could understand, we ́re facing the same issue here with a BD8100. IP traffic runs ok, but when I run "enable iproute mpls-next-hop", I lose connectivity between the BGP peer ́s loopback interfaces.

If I disable "enable iproute mpls-next-hop", I am able to establish BGP sessions OK, but not having MPLS forwarding enabled will not allow my MPLS VPN's to go through BD8100. We have tested this on EXOS 15.6.1.4 and 15.5.2.9, with same results.

We also have another similiar scenario (Cisco x Cisco BGP through Extreme Switch) using a X670 on version 15.4.1.3, and all works fine. I will repeat this scenario using X670 between CISCO routers and let you know the result. 

IGP and Label allocation is consistent on all routers/switches, but there ́s no connectivity. 

I am guessing that one possible cause is the information I found on EXOS Concept Guide 15.4 (page 1139), where it says:

"Multivendor Support for Calculated LSPsUnfortunately, some MPLS implementations do not support the ability to forward packets received on
an egress LSP to their OSPF router ID and/or BGP next hop address.
If your MPLS network includes equipment that does not support this type of IP forwarding, you can use
configuration commands to explicitly control the use of calculated LSP next hops."

If anyone has any clue on how to solve this, please share. 
Photo of PARTHIBAN CHINNAYA

PARTHIBAN CHINNAYA, Alum

  • 4,382 Points 4k badge 2x thumb
15.4.1.3 latest patch has many MPLS fixes
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
I have this running for a while with x670v and Cat6500. I'm running EXOS 15.3.1.
If you can afford some tests, I would try to set the BD8k to the latest 15.3.1 patch (p1-44 if I recall correctly) and see if it changes a thing.

What ever the result, please open a case.
Photo of Brunno

Brunno

  • 94 Points 75 badge 2x thumb
I have tried these versions without success. Whenever I isse the command "enable iproute mpls-next-hop", I lose connectivity through BD. Through X670 this issue is not present. I ́ve already opened a tech case for this. 
Photo of Grosjean, Stephane

Grosjean, Stephane, Employee

  • 13,346 Points 10k badge 2x thumb
Can you please share the case number?
Photo of Brunno

Brunno

  • 94 Points 75 badge 2x thumb
Sure. Case number is 01066137. It ́s about BGP process crash on BD and also MPLS traffic not passing through BD when "enable iproute mpls-next-hop" is enable. All help is welcome. 
(Edited)