miércoles, 21 de julio de 2010

Inter-AS RR Multihop 4ª

4ª Instancia VRF. IGP PE-CE. Redistribución IGP <->MP-iBGP.

AS1 solo acepta RT 1:1, pero AS2 exporta los prefios vpnv4 con el RT 1:2. Como el prefijo debe viajar desde el PE de AS2 (R7) al PE de AS1 (R2), en algun lugar del trayecto debemos reemplazar el RT 2:1 a 1:1 o el prefijo vpnv4 no se instalará el la tabla del Provider Edge R2.
De acuerdo, la sintaxis de la vrf es distinta, pero tiene sentido si queremos usar la misma VRF-RD para IPv4 e IPv6.
--------------------------------------------------------------------------

R2
vrf definition A
rd 1:1
!
address-family ipv4
route-target export 1:1
route-target import 1:1
exit-address-family

interface FastEthernet0/0
vrf forwarding A
ip address 172.16.12.2 255.255.255.0
ip ospf network point-to-point
ip ospf 100 area 0

router ospf 100 vrf A
log-adjacency-changes
redistribute bgp 1 subnets

router bgp 1
address-family ipv4 vrf A
no synchronization
redistribute ospf 100 vrf A match internal external 1 external 2
exit-address-family


R1
interface Loopback0
ip address 100.0.0.1 255.255.255.255
ip ospf 100 area 0

interface FastEthernet0/0
ip address 172.16.12.1 255.255.255.0
ip ospf 100 area 0
ip ospf network point-to-point

router ospf 100
router-id 100.0.0.1
log-adjacency-changes
passive-interface loopback 0



R1#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.12.2 0 FULL/ - 00:00:31 172.16.12.2 FastEthernet0/0

R2#show ip ospf neighbor fastEthernet 0/0
Neighbor ID Pri State Dead Time Address Interface
100.0.0.1 0 FULL/ - 00:00:33 172.16.12.1 FastEthernet0/0

R7
vrf definition A
rd 2:1
!
address-family ipv4
route-target export 2:1
route-target import 1:1
exit-address-family

interface FastEthernet0/0
vrf forwarding A
ip address 172.16.78.7 255.255.255.0
ip ospf network point-to-point
ip ospf 100 area 0

router ospf 100 vrf A
log-adjacency-changes
redistribute bgp 2 subnets

router bgp 2
address-family ipv4 vrf A
no synchronization
redistribute ospf 100 vrf A match internal external 1 external 2


R8
interface FastEthernet0/0
ip address 172.16.78.8 255.255.255.0
ip ospf network point-to-point
ip ospf 100 area 0

interface Loopback0
ip address 100.0.0.8 255.255.255.255
ip ospf 100 area 0

router ospf 100
router-id 100.0.0.8
log-adjacency-changes


R8#show ip ospf neighbor
Neighbor ID Pri State Dead Time Address Interface
172.16.78.7 0 FULL/ - 00:00:35 172.16.78.7 FastEthernet0/0

--------------------------------------------------------------------------

Como podemos apreciar, R3 es el RR del AS1 y está publicando los prefijos del Sitio 2 a R2. R2 no es capaz de instalarlos porque no coincide el route-target import configurado en la vrf A.

--------------------------------------------------------------------------

R3#show bgp vpnv4 unicast all neighbors 10.0.0.2 advertised-routes
BGP table version is 5, local router ID is 10.0.0.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Originating default network 0.0.0.0

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1
*>i100.0.0.1/32 10.0.0.2 2 100 0 ?
*>i172.16.12.0/24 10.0.0.2 0 100 0 ?
Route Distinguisher: 2:1
*> 100.0.0.8/32 10.0.0.7 0 2 ?
*> 172.16.78.0/24 10.0.0.7 0 2 ?

Total number of prefixes 4

R2#show bgp vpnv4 unicast all
BGP table version is 4, local router ID is 10.0.0.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf A)
*> 100.0.0.1/32 172.16.12.1 2 32768 ?
*> 172.16.12.0/24 0.0.0.0 0 32768 ?

--------------------------------------------------------------------------

R3 publica los prefijos desde AS2, pero R2 no lo instala porque no reconoce las actualizaciones que tengan un RT distinto de 1:1.

--------------------------------------------------------------------------

R3#show bgp vpnv4 unicast all 100.0.0.8
BGP routing table entry for 2:1:100.0.0.8/32, version 5
Paths: (1 available, best #1, no table)
Advertised to update-groups:
4
2
10.0.0.7 (metric 2) from 10.0.0.6 (10.0.0.6)
Origin incomplete, localpref 100, valid, external, best
Extended Community: RT:2:1 OSPF DOMAIN ID:0x0005:0x000000640200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.16.78.7:0
mpls labels in/out nolabel/717

R2#show bgp vpnv4 unicast all 100.0.0.8
No ha instalado el prefijo

--------------------------------------------------------------------------

La solución es reemplazar o reescribir (RT ReWrite)) el valor del RT publicado por R7 de 2:1 a 1:1. El lugar que escojamos dependerá de las políticas que tengan los ISP. Por ejemplo se ha establecido que el RT 2:1 solo puedas ser visible entre el RR y el PE de AS2.

--------------------------------------------------------------------------
R6
ip extcommunity-list 10 permit rt 2:1

route-map FILTRADO-RT permit 10
match extcommunity 10
set extcomm-list 10 delete
set extcommunity rt 1:1 additive

router bgp 2
address-family vpnv4
neighbor 10.0.0.3 route-map FILTRADO-RT out

--------------------------------------------------------------------------

R6 recibe el prefijo vpnv4 con el valor RT 2:1, y publica a R6 el mismo prefijo pero cambiando el RT de 2:1 a 1:1. R3 refleja el prefijo y lo publica a R2, este ve en la actualización el RT 1:1 e instala el prefijo en su tabla.

--------------------------------------------------------------------------
R6#show bgp vpnv4 unicast all 100.0.0.8
BGP routing table entry for 2:1:100.0.0.8/32, version 5
Paths: (1 available, best #1, no table)
Advertised to update-groups:
4 6
Local, (Received from a RR-client)
10.0.0.7 (metric 2) from 10.0.0.7 (10.0.0.7)
Origin incomplete, metric 2, localpref 100, valid, internal, best
Extended Community: RT:2:1 OSPF DOMAIN ID:0x0005:0x000000640200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.16.78.7:0
mpls labels in/out nolabel/717

R3#show bgp vpnv4 unicast all 100.0.0.8
BGP routing table entry for 2:1:100.0.0.8/32, version 7
Paths: (1 available, best #1, no table)
Advertised to update-groups:
4
2
10.0.0.7 (metric 2) from 10.0.0.6 (10.0.0.6)
Origin incomplete, localpref 100, valid, external, best
Extended Community: RT:1:1 OSPF DOMAIN ID:0x0005:0x000000640200
OSPF RT:0.0.0.0:2:0 OSPF ROUTER ID:172.16.78.7:0
mpls labels in/out nolabel/717

R2#show ip bgp vpnv4 rd 1:1
BGP table version is 15, local router ID is 10.0.0.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf A)
*> 100.0.0.1/32 172.16.12.1 2 32768 ?
*>i100.0.0.8/32 10.0.0.7 0 100 0 2 ?
*> 172.16.12.0/24 0.0.0.0 0 32768 ?
*>i172.16.78.0/24 10.0.0.7 0 100 0 2 ?
--------------------------------------------------------------------------

No hay comentarios:

Publicar un comentario