BGP and MP-BGP

What is difference between BGP and MP-BGP? and what is the exact application of both?

Multiprotocol Extensions for BGP (MBGP), sometimes referred to as Multiprotocol BGP or Multicast BGP and defined in IETF RFC 4760, is an extension to Border Gateway Protocol that allows different types of addresses (known as address families) to be distributed in parallel. Whereas standard BGP supports only IPv4 unicast addresses, Multiprotocol BGP supports IPv4 and IPv6 addresses and it supports unicast and multicast variants of each. Multiprotocol BGP allows information about the topology of IP Multicast-capable routers to be exchanged separately from the topology of normal IPv4 unicast routers. Thus, it allows a multicast routing topology different from the unicast routing topology. Although MBGP enables the exchange of inter-domain multicast routing information, other protocols such as the Protocol Independent Multicast family are needed to build trees and forward multicast traffic.
Multiprotocol BGP is also widely deployed in case of MPLS L3 VPN, to exchange VPN labels learned for the routes from the customer sites over the MPLS network, in order to distinguish between different customer sites when the traffic from the other customer sites comes to the PE router for routing.

Similar Messages

MP-BGP and MPLS multipath load sharing

Hi,
I am trying to PoC MPLS multi path load sharing by using per-PE-per-VRF RDs in the network.
I have a simple lab setup with AS65000 which consists of SITE1 PE1&PE2 routers (10.250.0.101 and 10.250.0.102), route reflector RR in the middle (10.250.0.55) and SITE2 PE1&PE2 routers (10.250.0.201 and 10.250.0.202). PE routers only do iBGP peering with centralized route reflector and passing route to 10.1.1.0/24 prefix (learned from single CE router) with 100:1 and 100:2 RDs for specific VRF.
Route reflector gets routes with multiple RDs, makes copies of these routes in order to make local comparison to RD 55:55 configured, uses these routes and install multiple paths into its routing table (all PE routers and RR have "maximum-paths eibgp 4" configured):
RR#sh ip bgp vpnv4 all
BGP table version is 7, local router ID is 10.250.0.55
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 55:55 (default for vrf VRF-A) VRF Router ID 10.250.0.55
* i10.1.1.0/24      10.250.0.102             0    100      0 65001 i
*>i                 10.250.0.101             0    100      0 65001 i
Route Distinguisher: 100:1
*>i10.1.1.0/24      10.250.0.101             0    100      0 65001 i
Route Distinguisher: 100:2
*>i10.1.1.0/24      10.250.0.102             0    100      0 65001 i
RR#sh ip route vrf VRF-A
<output omitted>
     10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
B       10.1.1.0/24 [200/0] via 10.250.0.102, 00:45:52
                          [200/0] via 10.250.0.101, 00:46:22
BUT, for some reason RR doest reflects routes with multiple RDs down to SITE2 PE1&PE2 - its own clients:
RR#sh ip bgp vpnv4 all neighbors 10.250.0.201 advertised-routes
Total number of prefixes 0
RR#sh ip bgp vpnv4 all neighbors 10.250.0.202 advertised-routes
Total number of prefixes 0
Here comes RR BGP configuration:
router bgp 65000
no synchronization
bgp router-id 10.250.0.55
bgp cluster-id 1.1.1.1
bgp log-neighbor-changes
neighbor 10.250.0.101 remote-as 65000
neighbor 10.250.0.101 update-source Loopback0
neighbor 10.250.0.101 route-reflector-client
neighbor 10.250.0.101 soft-reconfiguration inbound
neighbor 10.250.0.102 remote-as 65000
neighbor 10.250.0.102 update-source Loopback0
neighbor 10.250.0.102 route-reflector-client
neighbor 10.250.0.102 soft-reconfiguration inbound
neighbor 10.250.0.201 remote-as 65000
neighbor 10.250.0.201 update-source Loopback0
neighbor 10.250.0.201 route-reflector-client
neighbor 10.250.0.201 soft-reconfiguration inbound
neighbor 10.250.0.202 remote-as 65000
neighbor 10.250.0.202 update-source Loopback0
neighbor 10.250.0.202 route-reflector-client
neighbor 10.250.0.202 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.101 activate
neighbor 10.250.0.101 send-community both
neighbor 10.250.0.102 activate
neighbor 10.250.0.102 send-community both
neighbor 10.250.0.201 activate
neighbor 10.250.0.201 send-community both
neighbor 10.250.0.202 activate
neighbor 10.250.0.202 send-community both
exit-address-family
address-family ipv4 vrf VRF-A
maximum-paths eibgp 4
no synchronization
bgp router-id 10.250.0.55
network 10.255.1.1 mask 255.255.255.255
exit-address-family
SITE1 PE1 configuration:
router bgp 65000
no synchronization
bgp router-id 10.250.0.101
bgp log-neighbor-changes
neighbor 10.250.0.55 remote-as 65000
neighbor 10.250.0.55 update-source Loopback0
neighbor 10.250.0.55 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.55 activate
neighbor 10.250.0.55 send-community both
exit-address-family
address-family ipv4 vrf VRF-A
neighbor 10.1.101.2 remote-as 65001
neighbor 10.1.101.2 activate
neighbor 10.1.101.2 soft-reconfiguration inbound
maximum-paths eibgp 4
no synchronization
bgp router-id 10.250.0.101
exit-address-family
SITE1 PE2 configuration is similar to SITE1 PE1. They both do eBGP peering with dualhomed CE router in AS65001 which announces 10.1.1.0/24 prefix into VRF-A table.
My question is: clearly, the issue is that RR doesn't reflect any routes to its clients (SITE2 PE1&PE2) for 10.1.1.0/24 prefix with 100:1 and 100:2 RDs that dont match it's locally configured RD 55:55 for VRF-A, although they are present in its BGP/RIB tables and used for multipathing. Is this an expected behavior or some feature limitation for specific platform or IOS version? Currently, in this test lab setup I run IOS 12.4(24)T8 on all the devices.
Please, let me know if any further details are needed to get an idea of why this well known and widely used feature is not working correctly in my case. Thanks a lot!
Regards,
Sergey

Hi Ashish,
I tried to remove VRF and address family configurations completely from RR.
router bgp 65000
no synchronization
bgp router-id 10.250.0.55
bgp cluster-id 1.1.1.1
bgp log-neighbor-changes
neighbor 10.250.0.101 remote-as 65000
neighbor 10.250.0.101 update-source Loopback0
neighbor 10.250.0.101 route-reflector-client
neighbor 10.250.0.101 soft-reconfiguration inbound
neighbor 10.250.0.102 remote-as 65000
neighbor 10.250.0.102 update-source Loopback0
neighbor 10.250.0.102 route-reflector-client
neighbor 10.250.0.102 soft-reconfiguration inbound
neighbor 10.250.0.201 remote-as 65000
neighbor 10.250.0.201 update-source Loopback0
neighbor 10.250.0.201 route-reflector-client
neighbor 10.250.0.201 soft-reconfiguration inbound
neighbor 10.250.0.202 remote-as 65000
neighbor 10.250.0.202 update-source Loopback0
neighbor 10.250.0.202 route-reflector-client
neighbor 10.250.0.202 soft-reconfiguration inbound
no auto-summary
address-family vpnv4
neighbor 10.250.0.101 activate
neighbor 10.250.0.101 send-community both
neighbor 10.250.0.102 activate
neighbor 10.250.0.102 send-community both
neighbor 10.250.0.201 activate
neighbor 10.250.0.201 send-community both
neighbor 10.250.0.202 activate
neighbor 10.250.0.202 send-community both
exit-address-family
After this, RR doesn't accept any routes at all from S1PE1&S1PE2 routers, thus not reflecting any routes down to its clients S2PE1&S2PE2 as well:
S1PE1#sh ip bgp vpnv4 all
BGP table version is 6, local router ID is 10.250.0.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF-A) VRF Router ID 10.250.0.101
*> 10.1.1.0/24      10.1.101.2               0             0 65001 i
S1PE1#sh ip bgp vpnv4 all neighbors 10.250.0.55 advertised-routes
BGP table version is 6, local router ID is 10.250.0.101
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf VRF-A) VRF Router ID 10.250.0.101
*> 10.1.1.0/24      10.1.101.2               0             0 65001 i
Total number of prefixes 1
S1PE2#sh ip bgp vpnv4 all
BGP table version is 6, local router ID is 10.250.0.102
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf VRF-A) VRF Router ID 10.250.0.102
*> 10.1.1.0/24      10.1.201.2               0             0 65001 i
S1PE2#sh ip bgp vpnv4 all neighbors 10.250.0.55 advertised-routes
BGP table version is 6, local router ID is 10.250.0.102
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
   Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:2 (default for vrf VRF-A) VRF Router ID 10.250.0.102
*> 10.1.1.0/24      10.1.201.2               0             0 65001 i
Total number of prefixes 1
RR#sh ip bgp vpnv4 all
RR#sh ip bgp vpnv4 all neighbors 10.250.0.101 routes
Total number of prefixes 0
RR#sh ip bgp vpnv4 all neighbors 10.250.0.102 routes
Total number of prefixes 0
Any feedback is appreciated. Thanks.
Regards,
Sergey

MP-BGP and MPLS

Hello all,
I've been experimenting recently with MP-BGP and MPLS. I have no issues with how it works and how to implement and have a fully working lab however I am wondering whether there is a solution that exists in order to create a full mesh without on every PE router having to specify the IP address of every other PE router in the VPNv4 configuration. So the ideal scenario would be that i could add another site to my MPLS which will receive all routes from every other site without updating any configuration at any other site.
Thanks

Hi Mathew,
You can choose P1 or P2 as RR and configure a single MP-BGP session from PE devices to RR. Any new PE that you want to include will need configuraion changes on RR and the new PE alone. You dont need to add configuration on other exisitng PEs.
You can also play around with bgp dynamic neighbor to further reduce the configuration. But I ahvent used it myself and not sure if VPNv4 is supported.
-Nagendra

BGP and ASA NAT

Hello Everyone,
I have a need to multihome out two MAN links to the same ISP. The two links will connect via an ISR and will participate in an eBGP adjacency. On the internal side, iBGP will be used to create the alternate default route to the ISP. Each of the ISR’s downstream ports participates on the same Ethernet subnet. On the same subnet/broadcast domain, there are two ASA5510 appliances that will use HSRP to advertise the public IPv4 addresses and will NAT them into the private network.
My question is, since the ASAs do not participate in BGP, and since we are going to NAT the traffic eliminating the need to use a route map to inject the default route into the downstream EIGRP network, would I simply build a static default route in the ASAs out the upsteam interfaces? My initial thought is to not worry about recursive lookups because they are connected via Ethernet.
ip route 0.0.0.0 0.0.0.0 fa0/0; and so on.
I’ve attached a simple topology for reference.
Thanks…Matt

Yes Jcarvaja, HSRP is not a feature on the ASAs, and yes HSRP is difficult to setup natively to support active/active load balancing on any device. That's not really the point though is it. FHRP's are typically used for distribution switches and finely tuned to access layer 2 and layer 3 convergence, unless using GLBP (and even then should be considered). My mistake for using the term HSRP and thank you for pointing it out.
As for the iBGP links, they represent the same subnet as I mentioned. The cat switches are there to facilitate physical restraints as each pair of ISRs and ASAs are two miles apart. Since the ASA's are performing NAT, they don't really participate in the BGP network and there is no need or capability to inject the BGP default route into the EIGRP network. They will participate in the downstream EIGRP network. If the MAN connection on one ISR goes down, then the iBGP route to the Internet will be graduated. I guess I could have indicated on the drawing that these were all a part of the same subnet.
How do I configure the ASA's static default route? Wouldn't I be able to inject a static default route in each ASA using the ASA's outside interface when using active/active? If I have to, I could see if we can use EIGRP on the network upstream of the ASAs if there is no other way of doing this, but this is not preferred.
Any help you can provide is greatly appreciated.
Thank you...Matt

BGP and VPN

Hi,
We need to setup BGP network at our branch office so i wanted some of your opinions. Here is what I’m looking to setup.

Here is what I’m looking to setup.
2 Bandwidth providers FastE 10/100 with 4mb commit on both (multi-home)BGP.
Routing a /27
Usage is VPN ( 5 tunnels)and HTTP inbound and out.
I would say a constant 30mb usage 24/7
Not looking to go beyond 2 ISP and or 10/100
1. How about a single 2821 Sec/K9 with 256 RAM for the route tables.
2. Two 2811's, one 2811 with 256 RAM for the BGP and another 2811 Sec/K9 with 256 RAM for VPN.
3. One 2811/2821 with 256 RAM for the BGP and another ASA for VPN

BGP and Graceful-restart

Hello colleagues!
I'm trying to figure out some details regarding BGP GR functionality.
The basic concept is pretty simple, but I cannot find answer to my question:
How BGP peers knows when SSO-performing router switches to standby supervisor?
BGP peers should somehow distinguish real supervisor fail from some other fails.
I think it's very important, because if not so - when 'other fail' occurs BGP peer will keep routes during `Restart Timer` that equal to 120 sec by default. It may cause a blackhole.
Also such a big pause (dead timer + restart timer) is not acceptable for HA infrastructure.
Does really BGP Peers each time when BGP TCP session timed out (no matter why) keeps routes during `Restart Timer`? Or how Restarter notify its peers?
On the other hand - when I simulate termination of the BGP session (add route to the neighbor to Null0 at the Restarter), peer just wait for the holdtime and does not mark routes as stale after. In other words it does not start NSF process. What should happen to start that process in the context of neighbors?
If the BGP session is lost during the RP switchover, the NSF-aware BGP peer marks all the routes associated with the NSF-capable router as stale; however, it continues to use these routes to make forwarding decisions for a set period of time. This functionality means that no packets are lost while the newly active RP is waiting for convergence of the routing information with the BGP peers.
After an RP switchover occurs, the NSF-capable router reestablishes the session with the BGP peer. In establishing the new session, it sends a new graceful restart message that identifies the NSF-capable router as having restarted.
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t15/feature/guide/ftbgpnsf.html
Regards, Konstantin.

I think I figured it out...
When new supervisor becomes active it receives BGP keepalives from BGP peers but ongoing TCP session is unknown for the new supervisor. That's why it abort the session with TCP RST.
This RST is a trigger to its peer to mark old routes as `stale` and continue NSF process as documented.

BGP and RIB

Hello,
Scenario:
Two data centers (Data Center A and B) in different states.
Company X owns x.x.1.0/24 and x.x.2.0/24 AS:1234
Data center A gets the full routing table for ISP1 and advertises x.x.1.0/24
Data center B gets DF only from ISP2 and advertises x.x.2.0/24
Issue:
Data center A is not getting x.x.2.0/24 from ISP2.   ISP2 does advertise x.x.2.0/24 but Company’s bgp peering router doesn’t see a route for x.x.2.0/24
ISP2 is sending x.x.2.0/route like this
Prefix                  Nexthop              MED     Lclpref    AS path
* x.x.2.0/24         Self                                    444 555 1234 I
Question?
Is the reason why the wan rt peering with ISP2 not seeing the route to x.x.2.0/24 because it sees its own AS number in the AS-path?
Thank you in advance for your input.
Cheers!

Clarification TYPO!!!
Issue:
Data center A is not getting x.x.2.0/24 from ISP1.   ISP1 does advertise x.x.2.0/24 but Company’s bgp peering router doesn’t see a route for x.x.2.0/24
ISP1 is sending x.x.2.0/route like this
Prefix                  Nexthop              MED     Lclpref    AS path
* x.x.2.0/24         Self                                    444 555 1234 I
Thank you!

Cisco 1700 with MP-BGP and VRF support

I have a Cisco 1721 with MP-BGP Support, you can create VRFs with it and every other MPLSVPN feature, but the commands for MPLS switching are not supported like Router(config-if)mpls ip , I read in some forums that you can create MPLS VPN without enabling MPLS at all, just with MPBGP, but I couldn't do it myself, Can someone tell me how to make it work or what can I do with a Cisco 1721 that supports MP-BGP?
thanks in advance

Here is an example. Take care about overhead for packets like VoIP. The overhead is 88 bytes.
The packet semms something like that.
IpHeader-pub@ - NAT-Tudp4500 - ESP - IpHeader-priv@(vrf discriminator) - GRE - Original IP Header - Data - Esp Trailer.
In this case you neet tunnel-mode because you use
private @ in order to determine vrf (vrf discriminator).
This is a LAB config, all other security parameters you need on a router are not configured. If you add access-list on the external interface of REMOTE you have to understand every encapsulation step in order to well tune it.
Good reading.
The PPT draw shows physically and logically views.
PS, take care about fragmentation issues, the problematic is still not well managed by the routers, I could not made Tunnel-path-mtu discovery work with vrf's. The workaround is to fragment packets. It's not good for performance but actually there is no other solution concerning that.
Kind Regards
Miguel

Troubleshooting with IOS BGP and IOS XR BGP - routing table Empty

Hi
actually we tried to make a neigborhood between ASR9000 and Cisco 7600, we have the neigborhood active but on routing tables from ASR only have the networks locals or connected doesn´t learn anything from BGP 7600
the diagram is this:
When try to know the routes on ASR9000 from Cisco 7609 happen the follow
the neighbor is UP from Cisco 7600 and ASR 9000 but the routing table is empty.
the config on cisco 7600 is:
router bgp 2006
neighbor 172.16.14.6 remote-as 64512
address-family ipv4
neighbor 172.16.14.6 activate
the config on cisco ASR9000 is:
router bgp 64512
bgp router-id 172.16.161.1
address-family ipv4 unicast
neighbor 172.16.14.5
remote-as 2006
address-family ipv4 unicast
Help us
Best Regards

Another important one is the fact that in XR you need to have RPL policies (even if they only have a "pass-all" functionality) to accept inbound/outbound routes in eBGP.
Check the article on the asr9000 unequal cost multipath that has some sample BGP outputs and show command verifications that may help also.
If not the case, get us the XR config from the A9K side.
Also what does the bgp table on teh IOS side look like? as Richard suggests, there doesnt seem to be anything injected by the 7600 itself.
regards
xander
Xander Thuijs
Principal Engineer CCIE#6775, ASR9000

Configuring BGP and OSPF to BGP always prefer.

Hi,
I´m configuring a VPNv4 between two sites. In principal site I receive some prefixes through OSPF and in the backup site the same prefixes through OSPF. I´m redistributing OSPF routes through BGP to backup site.
In summary, in backup site the ASR9K receives the same prefixes through OSPF (local) and BGP but ASR must prefer BGP routes
instead of OSPF.
How can I configure it?.
Thanks.

Hi Jaime,
a L3 network topology would possibly help to understand your goals and challenges. In general, in scenarios with OSPF and VPNv4 there's a challenge, that OSPF prefixes will be preferred indeed, if the two sites have a backdoor link. To overcome this, there's a feature in OSPF called 'sham-link', which makes the prefixes learned across the backbone(and hence via MP-BGP) more prefrred.
HTH,
Ivan.

MP-BGP and Route-Reflector

Hi All...
I have this topology:
CE2-->PE1-->P--->PE2-->CE2
.............\-->PE3-->CE2
In router "P" I want to configure MP-BGP, but I have many doubts with configurations this router. I need to do route-reflector too.
Anybody can help me?
CLRGomes

Thanks, look my configuration:
Router P
router bgp 65500
no synchronization
no bgp default route-target filter
bgp log-neighbor-changes
neighbor MPLS peer-group
neighbor MPLS remote-as 65500
neighbor MPLS ebgp-multihop 255
neighbor MPLS update-source Loopback0
neighbor MPLS route-reflector-client
neighbor MPLS allowas-in
neighbor MPLS soft-reconfiguration inbound
neighbor 10.10.10.2 peer-group MPLS
neighbor 10.10.10.3 peer-group MPLS
neighbor 10.10.10.4 peer-group MPLS
no auto-summary
address-family vpnv4
neighbor MPLS route-reflector-client
neighbor MPLS send-community both
neighbor 10.10.10.2 activate
neighbor 10.10.10.3 activate
neighbor 10.10.10.4 activate
exit-address-family
ok...working perfect, I did MP-BGP between PE routers and I configured RDs differents too...
Later I did between PE->CE with OSPF and working too, loadshare working.
Thanks a lot
CLRGomes
CCIE R&S

BGP and auto-summary enabled or disabled with "network" command

http://www.cisco.com/en/US/tech/tk365/technologies_q_and_a_item09186a00800949e8.shtml#five
I just modified the below quoted by adding numbers
My understanding is this:
A- I hope my numbering to the quoted above is right ,,,I numbered it to be easy to point to it.
B- What does it mean by locally originated, does it mean within AS ?
1- auto-summary is enabled it summarizes the locally originated BGP networks to their classfull boundaries without caring to check if there are any entry in IGP routing table,,,,Am I right ?
2- auto-summary is disabled, the routes introduced locally into the BGP table are not summarized to their classfull boundaries, without caring to check if there are any entry in IGP routing table,,,,Am I right ?
3- I could not match his example with his explanation
4- It is obvious.

Thanks hritter
I think you forgot to answer this :
1- Does that mean with "no auto-summary" we do not care about the exact match
The author says:
"3- When a subnet exists in the routing table and the following three conditions are satisfied, then any subnet of that classfull network in the local routing table will prompt BGP to install the classfull network into the BGP table.
* Classfull network statement for a network in the routing table
* Classfull mask on that network statement
* Auto-summary enabled "
Correct my understanding to the above quoted
The author says: For example, if the subnet in the routing table is 75.75.75.0 mask 255.255.255.0 {match the above quoted : When a subnet exists in the routing table}.
The author says : and you configure network 75.0.0.0 under the router bgp command (for my understanding it does not match the above quoted first comdition : Classfull network statement for a network in the routing table},,,,,,,he says 75.0.0.0 under bgp table and the above quoted says under routing table (IGP table)

BGP and ISIS

Hi,
Is there any relation between ISIS overload bit timer and BGP graceful restart timer. Does BGP timer should be always greater than ISIS overload bit timer.
Thanks,
Prakash

Prakash,
Setting the overload bit only prevents the router to be used as a transit router.
Directly connected subnets are still reachable to other routers. So if you had two routers configured with overload bit, you could still establish a BGP session between their respective loopback addresses assuming they are either directly connected or the routers in between do not have their overload bit set.
Regards,

Design Help with MPLS/BGP and Point to Point VPNs using OSPF as backup

I need some advice on the configuration I want to implement. Basically we have a MPLS cloud using BGP. We are using OSPF for internal routing. Everything is working fine. Now we want to add a Point to Point VPN using new Cisco ASA's for a backup path at all of our remote locations. We want it to be on standby. I want to use OSPF for this. Miami and LA are datacenters. I want the VPN's to go into both datacenters if possible running OSPF for backups. I have a feeling this will be very tricky. I also wanted to use floating routes. Now I know I get the VPN's up and running using OSPF with no problem. Here are my questions:
But being that I am using different areas, will OSPF through the VPN work correctly? I have the Cisco PDF on setting this up but it looks like they are using the same, AREA0, in the example.
Can I get both VPN's to work with no problems? Or will it be too much of a pain?
What would you guys suggest?
Thanks.

We are implementing the same solution, and was only able to make this work using HSRP one router for the MPLS connection and one for the VPN tunnel. I opened a TAC case and the tech couldn't get it to work either. I was able to establish the Lan-2-lan tunnel but triggering the route update was the problem. We ended up pulling our ASA5505's out and putting in 1841 routers.

IPV6 BGP and Neighbor Discovery

My understanding of IPv6 may not be accurate, so if there are any incorrect statements, please correct them.
We have a requirement that prohibits FE80::/10 addresses from passing from end sites to the provider network. FE80::/10 are the IPv6 link-local addresses. Since link-local addresses are required Neighbor Discovery Protocol, this blocks those operations that are part of it.
The sites use BGP with the provider network, so can IPv6 BGP work without link-local addresses? Is Neighbor Discovery necessary for reachability between BGP peers?

(The below messgage is just to address the concern whether blocking LL breaks all ND, it does not tie into rest of BGP configuration)
Larry,
Speaking of ND only... RFC (4861) only mandates that source IP is assigned address
http://tools.ietf.org/html/rfc4861#section-4.3
It does not mandate link-local, I have not read the updated RFC.
I did a simple test with two devices with assigned IP addresses.
Spoke2#ping vrf VRF 2001:db8::1 re 1Type escape sequence to abort.Sending 1, 100-byte ICMP Echos to 2001:DB8::1, timeout is 2 seconds:!Success rate is 100 percent (1/1), round-trip min/avg/max = 9/9/9 msSpoke2#*Nov 27 13:27:43.246: IPv6-Fwd: Destination lookup for 2001:DB8::1 : i/f=Ethernet0/0, nexthop=2001:DB8::1*Nov 27 13:27:43.246: IPv6-Fwd: SAS picked source 2001:DB8::FFFF for 2001:DB8::1 (Ethernet0/0)*Nov 27 13:27:43.246: ICMPv6: Sent echo request, Src=2001:DB8::FFFF, Dst=2001:DB8::1*Nov 27 13:27:43.246: IPV6: source 2001:DB8::FFFF (local)*Nov 27 13:27:43.246: dest 2001:DB8::1 (Ethernet0/0)*Nov 27 13:27:43.246: traffic class 0, flow 0x0, len 100+0, prot 58, hops 64, originating*Nov 27 13:27:43.246: IPv6-Fwd: Created tmp mtu cache entry for 2001:DB8::FFFF 2001:DB8::1 1E000001*Nov 27 13:27:43.246: IPv6-Fwd: Encapsulation postponed, performing resolution*Nov 27 13:27:43.250: ICMPv6: Sent N-Solicit, Src=2001:DB8::FFFF, Dst=FF02::1:FF00:1*Nov 27 13:27:43.250: IPV6: source 2001:DB8::FFFF (local)*Nov 27 13:27:43.250: dest FF02::1:FF00:1 (Ethernet0/0)*Nov 27 13:27:43.250: traffic class 224, flow 0x0, len 72+0, prot 58, hops 255, originating*Nov 27 13:27:43.250: IPv6-Fwd: Sending on Ethernet0/0*Nov 27 13:27:43.255: IPv6-Fwd: Destination lookup for 2001:DB8::FFFF : Local, i/f=Ethernet0/0, nexthop=2001:DB8::FFFF*Nov 27 13:27:43.255: IPV6: source 2001:DB8::1 (Ethernet0/0)*Nov 27 13:27:43.255: dest 2001:DB8::FFFF (Ethernet0/0)Spoke2#*Nov 27 13:27:43.255: traffic class 224, flow 0x0, len 72+14, prot 58, hops 255, forward to ulp*Nov 27 13:27:43.255: ICMPv6: Received N-Advert, Src=2001:DB8::1, Dst=2001:DB8::FFFF*Nov 27 13:27:43.255: IPv6-Fwd: Sending on Ethernet0/0*Nov 27 13:27:43.255: IPv6-Fwd: Destination lookup for 2001:DB8::FFFF : Local, i/f=Ethernet0/0, nexthop=2001:DB8::FFFF*Nov 27 13:27:43.255: IPV6: source 2001:DB8::1 (Ethernet0/0)*Nov 27 13:27:43.255: dest 2001:DB8::FFFF (Ethernet0/0)*Nov 27 13:27:43.255: traffic class 0, flow 0x0, len 100+14, prot 58, hops 64, forward to ulp*Nov 27 13:27:43.255: ICMPv6: Received echo reply, Src=2001:DB8::1, Dst=2001:DB8::FFFF
M.
Message was edited by: Marcin Latosiewicz, edited for clarity.

BGP and MP-BGP

Similar Messages

Maybe you are looking for