Re: L3VPN MPLS - Internal BGP between CE - PE

[Keegan Holley <keegan.holley () sungard com>]

Look at the route to 87.121.83.25.  It looks like that's the address of
your provider's PE router.  It is most likely not in your IGP and hence
does not have a FEC.  You should set next-hop self on the router that peers
with your ISP.  Also, I might be missing something but I don't usually set
next-hop self using a route map.  I usually just use the update source and
next-hop-self options direct under BGP.


2012/5/8 Javor Kliachev <jkliachev () neterra net>

> Dear Keegan,
>
> Thank you for your advice!
>
> Here is the output of my configuration and applied debug commands:
>
> #### PE router config:
>
> The session bellow is between PE and CE:
>
> router bgp 34224
> !
> address-family ipv4 vrf DEF
>   redistribute connected
>   redistribute static
>   neighbor 10.18.7.1 remote-as 34224
>   neighbor 10.18.7.1 description to_echo-sdc_CE
>   neighbor 10.18.7.1 activate
>   neighbor 10.18.7.1 send-community both
>   neighbor 10.18.7.1 prefix-list Permit_Default in
>   neighbor 10.18.7.1 route-map NEXT-HOP-SELF in
>   neighbor 10.18.7.1 route-map NEXT-HOP-SELF out
>   no synchronization
>  exit-address-family
> end
>
> *Hotel-st_PE#*show route-map NEXT-HOP-SELF
> route-map NEXT-HOP-SELF, permit, sequence 10
>   Match clauses:
>   Set clauses:
>     ip next-hop peer-address
>   Policy routing matches: 0 packets, 0 bytes
>
>
> *Hotel-st_PE*#show ip bgp vpnv4 vrf DEF summary
> Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down
> State/PfxRcd
> 10.18.7.1       4 34224      85      38   894079    0    0 00:00:02
> 1
>
> *Hotel-st_PE*#show ip bgp vpnv4 vrf DEF neighbors 10.18.7.1 routes
>
>    Network          Next Hop            Metric LocPrf Weight Path
> Route Distinguisher: 34224:151 (default for vrf DEF)
> *>i0.0.0.0          10.18.7.1                0    120      0 i
>
>
> *Hotel-st_PE*#show ip route vrf DEF
>
>      23.0.0.0/32 is subnetted, 1 subnets
> S       23.23.23.23 [1/0] via 10.18.7.1
>      24.0.0.0/32 is subnetted, 1 subnets
> C       24.24.24.24 is directly connected, Loopback30
>      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
> B       10.100.187.1/32 [200/0] via 10.1.7.253, 00:16:16
> C       10.18.7.0/29 is directly connected, Vlan187
> B*   0.0.0.0/0 [200/0] via 10.18.7.1, 00:08:40
>
>
> #### Bravo-plv is other test PE router which should receive and use
> "default route"
>
> *bravo-plv_PE*#show ip route vrf DEF
>
>      23.0.0.0/32 is subnetted, 1 subnets
> B       23.23.23.23 [200/0] via 10.1.1.253, 1w5d
>      24.0.0.0/32 is subnetted, 1 subnets
> B       24.24.24.24 [200/0] via 10.1.1.253, 2w0d
>      10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
> C       10.100.187.1/32 is directly connected, Loopback100
> B       10.18.7.0/29 [200/0] via 10.1.1.253, 1w6d
> B*   0.0.0.0/0 [200/0] via 10.18.7.1, 00:02:37
>
> ### this ping is OK because 10.18.7.0/29 is connected on the PE router.
>
> *bravo-plv_PE*#ping vrf DEF 10.18.7.1
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 10.18.7.1, timeout is 2 seconds:
> !!!!!
> Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
>
> ### 212.73.140.140.190 isn't in routing table. It is direct connected
> network on
> interface on CE and passing via "default route"
>
> *bravo-plv_PE*#ping vrf DEF 212.73.140.190
>
> Type escape sequence to abort.
> Sending 5, 100-byte ICMP Echos to 212.73.140.190, timeout is 2 seconds:
> .....
> Success rate is 0 percent (0/5)
>
> This is very strange:
>
> -------------------------------------------------------------------------------------------------
> ## this output showing that the router not set MPLS label for 0.0.0.0/0
>
> Only for static and the connected networks.
>
> *bravo-plv_PE**#*show ip cef vrf DEF 10.18.7.0/29
> 10.18.7.0/29
>   nexthop 10.1.7.1 Vlan15 label 76 43
>
> *bravo-plv_PE**#*show ip cef vrf DEF 0.0.0.0/0
> 0.0.0.0/0
>   recursive via 87.121.83.25 unusable: no label
>
> -------------------------------------------------------------------------------------------------
>
> Best~
>
>
> On 05/08/2012 01:29 PM, Keegan Holley wrote:
>
> What is the next hop of the route?  There should be an IGP route for
> the next hop in the iBGP default.  It should have a label or LSP
> attached to it.  How was the default generated?  Does it come from a
> provider?  If so you may have to set next hop self on the router that
> receives the default.  Your provider's PE router IP won't be in your
> IGP by default and hence won't be known to your label protocol.
>
> 2012/5/8 Javor Kliachev <jkliachev () neterra net> <jkliachev () neterra net>:
>
> Dear Members,
>
> We are ISP which use the same autonomous system to hold External BGP
> sessions
> and for implementing L3VPN MPLS ( as internal BGP )
>
> We have a internal office router that receives a "default route" via IBGP
> from our border router.
>
> I'll try to briefly explain the problem:
>
> This internal router named (CE) keeps IBGP session with PE router in VRF
> "def".
>
> CE ( GlobalTable ) - PE ( vrf "DEF" )
>
> The aim is "default route" IBGP received from the the ISP provider to be
> redistributed to PE in all vrf "DEF"
>
> After establishing the session we observe that actualy that "default route"
> is propagating successful
> in whole vrf "DEF" but MPLS does not set label of this route and the traffic
> is blackholed.
>
> When using another protocol as OSPF and EIGRP everything is OK.
>
> We opened case in Cisco TAC and they explaned that IOS official is not
> support IBGP between PE and CE. Only EBGP.
>
> I would like to know if any of you had similar problem and if there is any
> workaround in Cisco platform.
> I see for example Juniper has special commands for resolving this problem.
>
> Thanks in advance!
>
> Best~
> Javor Kliachev
>
>
>
>
>
> --
> ---
> *Javor Kliachev*
> IP engineer
>
> Neterra Ltd.
> Telephone: +359 2 975 16 16
> Fax: +359 2 975 34 36
> Mobile: +359 885 988 495
> www.neterra.net