3ª eBGP y MP-BGP
Implementamos MP-iBGP en AS1 y AS2.
AS100 no necesita MP-iBGP porque actúa como AS intermedio (solo tráfico IPv4)
--------------------------------------------------------------------------
R2
router bgp 1
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
exit-address-family
R3
router bgp 1
address-family vpnv4
neighbor AS1 send-community extended
neighbor AS1 route-reflector-client
neighbor 10.0.0.2 activate
neighbor 10.0.0.4 activate
R3#show bgp vpnv4 unicast all summary
BGP router identifier 10.0.0.3, local AS number 1
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.2 4 1 16 16 1 0 0 00:11:16 0
10.0.0.4 4 1 12 11 1 0 0 00:09:00 0
R4
router bgp 1
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
exit-address-family
R5
router bgp 2
address-family vpnv4
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 send-community extended
exit-address-family
R6
router bgp 2
address-family vpnv4
neighbor AS2 send-community extended
neighbor AS2 route-reflector-client
neighbor 10.0.0.5 activate
neighbor 10.0.0.7 activate
exit-address-family
R7
router bgp 2
address-family vpnv4
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 send-community extended
exit-address-family
R6#show bgp vpnv4 unicast all summary
BGP router identifier 10.0.0.6, local AS number 2
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.5 4 2 6 6 1 0 0 00:02:16 0
10.0.0.7 4 2 4 3 1 0 0 00:01:23 0
--------------------------------------------------------------------------
- Debe existir Label Switching Path (LSP) entre los Provider Edges R2 y R7.
Ahora podemos formar el LSP extremo-extremo entre los Provider Edge R2 y R7. AS100 es intermedio y no participa en BGP VPN, pero si en IPv4 BGP.
En R4 especificamos los prefijos que serán parte del LSP. Como AS100 es un AS de tránsito envía prefijos y etiquetas asociadas a prefijos de ambos AS, en otras palabras, no usamos un route-map para limitar prefijos + label.
Es importante que el envío de labels a través en BGP se especifique en todo el trayecto, de otra forma el LSP quedará particionado.
Nota: Cuando se forma una sesión eBGP entre vecinos directamente conectados que intercambias prefijos IPv4 + labels, el proceso crea automáticamente el comando mpls bgp forwarding en la interface. Si usamos ebgp-multihop, por ejemplo al hacer load sharing eBGP debemos configurar manualmente el comando en la interface.
--------------------------------------------------------------------------
R2
router bgp 1
address-family ipv4
neighbor 10.0.0.3 send-label
R3
router bgp 1
address-family ipv4
neighbor AS1 send-label
R4
ip prefix-list AS1 seq 5 permit 10.0.0.2/32
ip prefix-list AS1 seq 10 permit 10.0.0.3/32
ip prefix-list AS1 seq 15 permit 10.0.0.4/32
!
route-map LABELS permit 10
match ip address prefix-list AS1
set mpls-label
router bgp 1
neighbor 10.1.49.9 remote-as 100
!
address-family ipv4
neighbor 10.1.49.9 activate
neighbor 10.1.49.9 route-map LABELS out
neighbor 10.1.49.9 send-label
neighbor 10.0.0.3 send-label
neighbor 10.0.0.3 next-hop-self
%BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding command has been configured on interface: FastEthernet0/1
R9
router bgp 100
neighbor 10.1.49.4 remote-as 1
!
address-family ipv4
neighbor 10.1.49.4 activate
neighbor 10.1.49.4 send-label
R7
router bgp 2
address-family ipv4
neighbor 10.0.0.6 send-label
R6
router bgp 2
address-family ipv4
neighbor AS2 send-label
R5
ip prefix-list AS2 seq 5 permit 10.0.0.5/32
ip prefix-list AS2 seq 10 permit 10.0.0.6/32
ip prefix-list AS2 seq 15 permit 10.0.0.7/32
!
route-map LABELS permit 10
match ip address prefix-list AS2
set mpls-label
router bgp 2
neighbor 10.1.105.10 remote-as 100
!
address-family ipv4
neighbor 10.1.105.10 activate
neighbor 10.1.105.10 route-map LABELS out
neighbor 10.1.105.10 send-label
neighbor 10.0.0.6 send-label
neighbor 10.0.0.6 next-hop-self
R10
router bgp 100
neighbor 10.1.105.5 remote-as 2
!
address-family ipv4
neighbor 10.1.105.5 activate
neighbor 10.1.105.5 send-label
--------------------------------------------------------------------------
Comprobamos que el LSP esté creado entre los PEs utilizando traceroute desde el PE R2 al PE R7.
--------------------------------------------------------------------------
R2#traceroute 10.0.0.7 source loopback 0 probe 1
1 10.1.23.3 [MPLS: Labels 304/407 Exp 0] 360 msec
2 10.1.34.4 [MPLS: Label 407 Exp 0] 408 msec
3 10.1.49.9 [MPLS: Label 907 Exp 0] 236 msec
4 10.1.119.11 [MPLS: Label 1110 Exp 0] 240 msec
5 10.1.110.10 396 msec
6 10.1.105.5 [MPLS: Label 18 Exp 0] 684 msec
7 10.1.56.6 [MPLS: Label 607 Exp 0] 588 msec
8 10.1.67.7 700 msec
--------------------------------------------------------------------------
Tenemos conectividad IP end-to-end pero el LSP se rompe en el AS100. Para resolver este problema los LSRs del AS100 deben enviar labels BGP en AS100.
--------------------------------------------------------------------------
R9
router bgp 100
address-family ipv4
neighbor AS100 send-label
R10
router bgp 100
address-family ipv4
neighbor AS100 send-label
R11
router bgp 100
address-family ipv4
neighbor AS100 send-label
R12
router bgp 100
address-family ipv4
neighbor AS100 send-label
--------------------------------------------------------------------------
Verificamos nuevamente el LSP entre los PEs R2 y R7. Como el LSP es unidireccional las pruebas debemos hacerlas desde cada extremo. Comprobamos que el LSP está funcionando correctamente desde ambos PEs.
Nota: En la tabla LFIB un campo label indicando No Label es un problema con los prefijos IPv4.
--------------------------------------------------------------------------
R2#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
203 Pop Label 10.0.0.3/32 0 Fa0/1 10.1.23.3
204 304 10.0.0.4/32 0 Fa0/1 10.1.23.3
205 405 10.0.0.5/32 0 Fa0/1 10.1.23.3
206 406 10.0.0.6/32 0 Fa0/1 10.1.23.3
207 407 10.0.0.7/32 0 Fa0/1 10.1.23.3
209 409 10.0.0.9/32 0 Fa0/1 10.1.23.3
210 410 10.0.0.10/32 0 Fa0/1 10.1.23.3
211 411 10.0.0.11/32 0 Fa0/1 10.1.23.3
212 412 10.0.0.12/32 0 Fa0/1 10.1.23.3
215 Pop Label 10.1.34.0/24 0 Fa0/1 10.1.23.3
R2#traceroute 10.0.0.7 source loopback 0 probe 1
1 10.1.23.3 [MPLS: Labels 304/407 Exp 0] 372 msec
2 10.1.34.4 [MPLS: Label 407 Exp 0] 884 msec
3 10.1.49.9 [MPLS: Label 907 Exp 0] 304 msec
4 10.1.119.11 [MPLS: Labels 1110/1007 Exp 0] 476 msec
5 10.1.110.10 [MPLS: Label 1007 Exp 0] 344 msec
6 10.1.105.5 [MPLS: Label 507 Exp 0] 412 msec
7 10.1.56.6 [MPLS: Label 607 Exp 0] 536 msec
8 10.1.67.7 496 msec
R7#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
702 502 10.0.0.2/32 0 Fa0/1 10.1.67.6
703 503 10.0.0.3/32 0 Fa0/1 10.1.67.6
704 504 10.0.0.4/32 0 Fa0/1 10.1.67.6
705 605 10.0.0.5/32 0 Fa0/1 10.1.67.6
706 Pop Label 10.0.0.6/32 0 Fa0/1 10.1.67.6
709 509 10.0.0.9/32 0 Fa0/1 10.1.67.6
710 510 10.0.0.10/32 0 Fa0/1 10.1.67.6
711 511 10.0.0.11/32 0 Fa0/1 10.1.67.6
712 512 10.0.0.12/32 0 Fa0/1 10.1.67.6
715 Pop Label 10.1.56.0/24 0 Fa0/1 10.1.67.6
R7#traceroute 10.0.0.2 source loopback 0 probe 1
1 10.1.67.6 [MPLS: Labels 605/502 Exp 0] 536 msec
2 10.1.56.5 [MPLS: Label 502 Exp 0] 416 msec
3 10.1.105.10 [MPLS: Label 1002 Exp 0] 396 msec
4 10.1.102.12 [MPLS: Labels 1209/902 Exp 0] 296 msec
5 10.1.129.9 [MPLS: Label 902 Exp 0] 460 msec
6 10.1.49.4 [MPLS: Label 402 Exp 0] 568 msec
7 10.1.34.3 [MPLS: Label 302 Exp 0] 408 msec
8 10.1.23.2 748 msec
--------------------------------------------------------------------------
Está formado el LSP, sin embargo queda un paso más: Establecer las sesiones EBGP-MULTIHOP entre RRs.
Podemos o no cambiar el next-hop de los prefijos vpnv4 que publiquen los RRs porque tenemos conectividad completa entre LSRs.
--------------------------------------------------------------------------
R3
router bgp 1
neighbor 10.0.0.6 remote-as 2
neighbor 10.0.0.6 ebgp-multihop 255
neighbor 10.0.0.6 update-source Loopback0
address-family vpnv4
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 send-community extended
neighbor 10.0.0.6 next-hop-unchanged
R6
router bgp 2
neighbor 10.0.0.3 remote-as 1
neighbor 10.0.0.3 ebgp-multihop 255
neighbor 10.0.0.3 update-source Loopback0
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
neighbor 10.0.0.3 next-hop-unchanged
R3#show bgp vpnv4 unicast all summary
BGP router identifier 10.0.0.3, local AS number 1
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.2 4 1 85 85 1 0 0 01:13:47 0
10.0.0.4 4 1 81 79 1 0 0 01:11:30 0
10.0.0.6 4 2 7 7 1 0 0 00:03:16 0
--------------------------------------------------------------------------
Implementamos MP-iBGP en AS1 y AS2.
AS100 no necesita MP-iBGP porque actúa como AS intermedio (solo tráfico IPv4)
--------------------------------------------------------------------------
R2
router bgp 1
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
exit-address-family
R3
router bgp 1
address-family vpnv4
neighbor AS1 send-community extended
neighbor AS1 route-reflector-client
neighbor 10.0.0.2 activate
neighbor 10.0.0.4 activate
R3#show bgp vpnv4 unicast all summary
BGP router identifier 10.0.0.3, local AS number 1
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.2 4 1 16 16 1 0 0 00:11:16 0
10.0.0.4 4 1 12 11 1 0 0 00:09:00 0
R4
router bgp 1
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
exit-address-family
R5
router bgp 2
address-family vpnv4
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 send-community extended
exit-address-family
R6
router bgp 2
address-family vpnv4
neighbor AS2 send-community extended
neighbor AS2 route-reflector-client
neighbor 10.0.0.5 activate
neighbor 10.0.0.7 activate
exit-address-family
R7
router bgp 2
address-family vpnv4
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 send-community extended
exit-address-family
R6#show bgp vpnv4 unicast all summary
BGP router identifier 10.0.0.6, local AS number 2
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.5 4 2 6 6 1 0 0 00:02:16 0
10.0.0.7 4 2 4 3 1 0 0 00:01:23 0
--------------------------------------------------------------------------
- Debe existir Label Switching Path (LSP) entre los Provider Edges R2 y R7.
Ahora podemos formar el LSP extremo-extremo entre los Provider Edge R2 y R7. AS100 es intermedio y no participa en BGP VPN, pero si en IPv4 BGP.
En R4 especificamos los prefijos que serán parte del LSP. Como AS100 es un AS de tránsito envía prefijos y etiquetas asociadas a prefijos de ambos AS, en otras palabras, no usamos un route-map para limitar prefijos + label.
Es importante que el envío de labels a través en BGP se especifique en todo el trayecto, de otra forma el LSP quedará particionado.
Nota: Cuando se forma una sesión eBGP entre vecinos directamente conectados que intercambias prefijos IPv4 + labels, el proceso crea automáticamente el comando mpls bgp forwarding en la interface. Si usamos ebgp-multihop, por ejemplo al hacer load sharing eBGP debemos configurar manualmente el comando en la interface.
--------------------------------------------------------------------------
R2
router bgp 1
address-family ipv4
neighbor 10.0.0.3 send-label
R3
router bgp 1
address-family ipv4
neighbor AS1 send-label
R4
ip prefix-list AS1 seq 5 permit 10.0.0.2/32
ip prefix-list AS1 seq 10 permit 10.0.0.3/32
ip prefix-list AS1 seq 15 permit 10.0.0.4/32
!
route-map LABELS permit 10
match ip address prefix-list AS1
set mpls-label
router bgp 1
neighbor 10.1.49.9 remote-as 100
!
address-family ipv4
neighbor 10.1.49.9 activate
neighbor 10.1.49.9 route-map LABELS out
neighbor 10.1.49.9 send-label
neighbor 10.0.0.3 send-label
neighbor 10.0.0.3 next-hop-self
%BGP_LMM-6-AUTOGEN1: The mpls bgp forwarding command has been configured on interface: FastEthernet0/1
R9
router bgp 100
neighbor 10.1.49.4 remote-as 1
!
address-family ipv4
neighbor 10.1.49.4 activate
neighbor 10.1.49.4 send-label
R7
router bgp 2
address-family ipv4
neighbor 10.0.0.6 send-label
R6
router bgp 2
address-family ipv4
neighbor AS2 send-label
R5
ip prefix-list AS2 seq 5 permit 10.0.0.5/32
ip prefix-list AS2 seq 10 permit 10.0.0.6/32
ip prefix-list AS2 seq 15 permit 10.0.0.7/32
!
route-map LABELS permit 10
match ip address prefix-list AS2
set mpls-label
router bgp 2
neighbor 10.1.105.10 remote-as 100
!
address-family ipv4
neighbor 10.1.105.10 activate
neighbor 10.1.105.10 route-map LABELS out
neighbor 10.1.105.10 send-label
neighbor 10.0.0.6 send-label
neighbor 10.0.0.6 next-hop-self
R10
router bgp 100
neighbor 10.1.105.5 remote-as 2
!
address-family ipv4
neighbor 10.1.105.5 activate
neighbor 10.1.105.5 send-label
--------------------------------------------------------------------------
Comprobamos que el LSP esté creado entre los PEs utilizando traceroute desde el PE R2 al PE R7.
--------------------------------------------------------------------------
R2#traceroute 10.0.0.7 source loopback 0 probe 1
1 10.1.23.3 [MPLS: Labels 304/407 Exp 0] 360 msec
2 10.1.34.4 [MPLS: Label 407 Exp 0] 408 msec
3 10.1.49.9 [MPLS: Label 907 Exp 0] 236 msec
4 10.1.119.11 [MPLS: Label 1110 Exp 0] 240 msec
5 10.1.110.10 396 msec
6 10.1.105.5 [MPLS: Label 18 Exp 0] 684 msec
7 10.1.56.6 [MPLS: Label 607 Exp 0] 588 msec
8 10.1.67.7 700 msec
--------------------------------------------------------------------------
Tenemos conectividad IP end-to-end pero el LSP se rompe en el AS100. Para resolver este problema los LSRs del AS100 deben enviar labels BGP en AS100.
--------------------------------------------------------------------------
R9
router bgp 100
address-family ipv4
neighbor AS100 send-label
R10
router bgp 100
address-family ipv4
neighbor AS100 send-label
R11
router bgp 100
address-family ipv4
neighbor AS100 send-label
R12
router bgp 100
address-family ipv4
neighbor AS100 send-label
--------------------------------------------------------------------------
Verificamos nuevamente el LSP entre los PEs R2 y R7. Como el LSP es unidireccional las pruebas debemos hacerlas desde cada extremo. Comprobamos que el LSP está funcionando correctamente desde ambos PEs.
Nota: En la tabla LFIB un campo label indicando No Label es un problema con los prefijos IPv4.
--------------------------------------------------------------------------
R2#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
203 Pop Label 10.0.0.3/32 0 Fa0/1 10.1.23.3
204 304 10.0.0.4/32 0 Fa0/1 10.1.23.3
205 405 10.0.0.5/32 0 Fa0/1 10.1.23.3
206 406 10.0.0.6/32 0 Fa0/1 10.1.23.3
207 407 10.0.0.7/32 0 Fa0/1 10.1.23.3
209 409 10.0.0.9/32 0 Fa0/1 10.1.23.3
210 410 10.0.0.10/32 0 Fa0/1 10.1.23.3
211 411 10.0.0.11/32 0 Fa0/1 10.1.23.3
212 412 10.0.0.12/32 0 Fa0/1 10.1.23.3
215 Pop Label 10.1.34.0/24 0 Fa0/1 10.1.23.3
R2#traceroute 10.0.0.7 source loopback 0 probe 1
1 10.1.23.3 [MPLS: Labels 304/407 Exp 0] 372 msec
2 10.1.34.4 [MPLS: Label 407 Exp 0] 884 msec
3 10.1.49.9 [MPLS: Label 907 Exp 0] 304 msec
4 10.1.119.11 [MPLS: Labels 1110/1007 Exp 0] 476 msec
5 10.1.110.10 [MPLS: Label 1007 Exp 0] 344 msec
6 10.1.105.5 [MPLS: Label 507 Exp 0] 412 msec
7 10.1.56.6 [MPLS: Label 607 Exp 0] 536 msec
8 10.1.67.7 496 msec
R7#show mpls forwarding-table
Local Outgoing Prefix Bytes Label Outgoing Next Hop
Label Label or Tunnel Id Switched interface
702 502 10.0.0.2/32 0 Fa0/1 10.1.67.6
703 503 10.0.0.3/32 0 Fa0/1 10.1.67.6
704 504 10.0.0.4/32 0 Fa0/1 10.1.67.6
705 605 10.0.0.5/32 0 Fa0/1 10.1.67.6
706 Pop Label 10.0.0.6/32 0 Fa0/1 10.1.67.6
709 509 10.0.0.9/32 0 Fa0/1 10.1.67.6
710 510 10.0.0.10/32 0 Fa0/1 10.1.67.6
711 511 10.0.0.11/32 0 Fa0/1 10.1.67.6
712 512 10.0.0.12/32 0 Fa0/1 10.1.67.6
715 Pop Label 10.1.56.0/24 0 Fa0/1 10.1.67.6
R7#traceroute 10.0.0.2 source loopback 0 probe 1
1 10.1.67.6 [MPLS: Labels 605/502 Exp 0] 536 msec
2 10.1.56.5 [MPLS: Label 502 Exp 0] 416 msec
3 10.1.105.10 [MPLS: Label 1002 Exp 0] 396 msec
4 10.1.102.12 [MPLS: Labels 1209/902 Exp 0] 296 msec
5 10.1.129.9 [MPLS: Label 902 Exp 0] 460 msec
6 10.1.49.4 [MPLS: Label 402 Exp 0] 568 msec
7 10.1.34.3 [MPLS: Label 302 Exp 0] 408 msec
8 10.1.23.2 748 msec
--------------------------------------------------------------------------
Está formado el LSP, sin embargo queda un paso más: Establecer las sesiones EBGP-MULTIHOP entre RRs.
Podemos o no cambiar el next-hop de los prefijos vpnv4 que publiquen los RRs porque tenemos conectividad completa entre LSRs.
--------------------------------------------------------------------------
R3
router bgp 1
neighbor 10.0.0.6 remote-as 2
neighbor 10.0.0.6 ebgp-multihop 255
neighbor 10.0.0.6 update-source Loopback0
address-family vpnv4
neighbor 10.0.0.6 activate
neighbor 10.0.0.6 send-community extended
neighbor 10.0.0.6 next-hop-unchanged
R6
router bgp 2
neighbor 10.0.0.3 remote-as 1
neighbor 10.0.0.3 ebgp-multihop 255
neighbor 10.0.0.3 update-source Loopback0
address-family vpnv4
neighbor 10.0.0.3 activate
neighbor 10.0.0.3 send-community extended
neighbor 10.0.0.3 next-hop-unchanged
R3#show bgp vpnv4 unicast all summary
BGP router identifier 10.0.0.3, local AS number 1
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
10.0.0.2 4 1 85 85 1 0 0 01:13:47 0
10.0.0.4 4 1 81 79 1 0 0 01:11:30 0
10.0.0.6 4 2 7 7 1 0 0 00:03:16 0
--------------------------------------------------------------------------
No hay comentarios:
Publicar un comentario