Maximum LSP on Inter-AS vpnv4/ipv4

Hi Luc
Thank you for your reply, in fact we are in the process of using Option B (ASBR-to-ASBR). We have all the configs in place just did not activate the neighbors pending confirmation. We are using Eng5; I would expect CAM/TFIB to be able to hold these prefixes, I seem to have noticed that the weakest processor can handle up to one million. Yet, it is not written anywhere on these specifics.
Thanks
FR

Hi Fernando,
In MPLS VPN networks, 17000 vpnv4 prefixes is not that much. You can have hundreds of thousand of vpnv4 prefixes.
You did not specifiy which option A,B, C or D you are running. For option A and D, the scalability could become an issue because you'll have many logical links between the ASBRs, one for every VPN shared between the 2 autonomous systems. This is a known limitation factor in these two designs and it is a pain to operate such a model, starting from a certain scale. Each new VPN shared between the 2 autonomous systems will lead to the creation of a new logical link on the ASBRs.
Option B and C do not have this and are hence more scalable and easier to maintain operationally. What inter-as MPLS VPN brings is the concentration of the LSPs on the ASBRs, instead of having them spread over many PE and P routers in a non-inter-as MPLS VPN network. But, 17000 prefixes should be ok on a 12k router.
Thanks,
Luc

Similar Messages

  • Inter as vpnv4

    Hello Folks,
    In inter AS VPNV4 we will form a egbp vpnv4 neighbor relation ship.
    In IOS XR what is the way to achieve it?
    Am I correct going this way
    route-policy EBGP (in both the routers)
    pass
    end-policy
    commit
    R1 (10.10.10.1)------------------------(10.10.10.2) R2
    conf t                                                                 conf t
    router bgp 1                                                       router bgp 10
    neighbor 10.10.10.2                                        neighbor 10.10.10.1
    remote-as 10                                                   remote-as 1
    address-family vpnv4 uni                                 address-family vpnv4 uni
    route-policy EBGP in                                      route-policy EBGP in
    route-policy EBGP out                                     route-policy EBGP out                                    
    exit-address-family                                           exit-address-family    
    commit                                                                commit                                
    Is ther any static route necessary here and if so then why?
    I Will rate all helpful posts
    Regards
    Thanveer
    "Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."       

    Hi Thanveer,
    Here's a rough working example:
    r1 (gi0/0/0/0) <++++++++> (gi0/0/0/0) r2
    r1:
    interface GigabitEthernet0/0/0/0
    ipv4 address 192.168.12.1 255.255.255.0
    route-policy accept-all
      pass
    end-policy
    router static
    address-family ipv4 unicast
      192.168.12.2/32 GigabitEthernet0/0/0/0
    router bgp 1
    mpls activate
      interface GigabitEthernet0/0/0/0
    address-family vpnv4 unicast
      retain route-target all
    neighbor 192.168.12.2
      remote-as 2
      address-family vpnv4 unicast
       route-policy accept-all in
       route-policy accept-all out
    r2:
    interface GigabitEthernet0/0/0/0
    ipv4 address 192.168.12.2 255.255.255.0
    route-policy accept-all
      pass
    end-policy
    router static
    address-family ipv4 unicast
      192.168.12.1/32 GigabitEthernet0/0/0/0
    router bgp 2
    mpls activate
      interface GigabitEthernet0/0/0/0
    address-family vpnv4 unicast
      retain route-target all
    neighbor 192.168.12.1
      remote-as 1
      address-family vpnv4 unicast
       route-policy accept-all in
       route-policy accept-all out
    Hope this helps

  • Do we can use Inter-as vpnv4/6 multipath with Option C ?

    Hello,
    I'm configuring the inter-as vpn with multipath. Reading documentation I understood the only method to do it is to change configuration on ASBR disabling rt-filter and set maximum path under vpnv4. So if I correctly understood we can use multipath only with option B inter-as.
    Correct ?
    Do you know if this is possible using option C (eBGP w RR)?
    Thanks
    Isacco

    Hi Issaco,
    Just few days ago I have tested option-B and option-C on GNS. I am attaching that document here which might be useful to you.
    Hope this helps.
    Regards # Mahesh

  • My T-Mobile Mobile Web not working on MacBookPro

    Yodels.
    I have a new T-Mobile Rocket 3.0 4G webstick and it will not work on my 13" MacBookPro running Snow Leopard 10.6.8
    When I start the software up, it seems to stall, run, stall, run, and then I have to force quit. When I go to Preferences, it says it's connected to the interent with an IPv4 address using DCHP. However, using any browser, I get a error message stating server not found.
    Talked with t-mo and they say it's a compatibility issue with my OS and that I need to take it to the Apple store to fix the problem. They say this as I am connected with the internet and they've pinged my computer. I get text messages, but that may just be using the carrie signal, not the 4G.
    I am wondering if anyone here has actually had the issue and what were the fixes.
    Notes:
    All my software is up to date:
         The T-Mobile WebConnect
         Firmware in the Rocket 3.0 4G updated
         Mac OSX fully updated including Java
    Turned off Firewall, including "Stealth Mode," to see if that was issue.
    Have 4G with 4 bars of signal
    No other apps but the Webconnect and Firefox
    Thanks in advance for the help.

    Hi Jesusv87,
    Thanks for using Apple Support Communities.  This article has some steps you can take for issues sending and receiving MMS messages:
    iOS: Troubleshooting Messages
    http://support.apple.com/kb/ts2755
    If you still can't send or receive MMS messages
    To send and receive MMS messages on your iPhone, verify that your wireless carrier supports MMS2.
    Ensure that MMS Messaging is turned on in Settings > Messages.
    Verify that your phone is able to access cellular data.
    Some carriers allow you to edit your APN (Access Point Name), which may prevent MMS from working.
    If you are roaming outside your calling area, make sure you have Data Roaming turned on in Settings > General > Cellular to send or receive MMS content.
    While on a phone call, you will be unable to send or receive MMS messages when using an EDGE, GPRS, or any CDMA cellular data network. After the phone call ends, you will receive any incoming messages. If you tried to send an MMS message, you may need to send it again.
    If the issue persists and your wireless carrier has confirmed that your wireless account is provisioned2 for MMS, restore the iPhone.
    If this doesn't help, please reply with any steps you are unable to complete and any additional information such as exact error messages or strange behavior.
    Cheers,
    - Ari

  • Socket connection - Available Port Numbers

    Hi,
    I am trying to connect to a server running on Unix through my NT client. This is being done via socket connection and by supplying IP Address of the machine plus the port number.
    My server is running on Unix, Solaris 8, Ultra 5 machine. I want to know if there is some allowable range of Port Numbers on the Unix machine?
    Or is it that I can use any number starting from 1 to infinite as my port number?
    Thanks.

    The ports below 1024 are reserver for only the "root" user and 65536 is usually the max port
    number available. Ports below 1024 are also reserved for a user in the Administrators group on NT and W2K.
    Actually, the maximum port number is 65535 since IPv4 port numbers are 16 bit quantities and that is the maximum value of a 16 bit quantity.

  • Annoying syntax error

    Greetings,
    I've bought a new HP Prime last year and I've decided to learn how to program in it. I've done the "Hello World" code, it runs well, but apparently most other codes that do run in other HP Primes, doesn't in mine due a "Syntax Error".
    I've already changed the Digit Grouping and the Entry (To all 3 possibilities) and nothing works.
    Software Version: 2014 7 2 (6031)
    Hardware Version: A
    CAS Version: 1.1.0-46
    And the code is: 
    INPUT(var, "Title", "Prompt", "Help Text", default)
    INPUT(
    {var1, var2, ..., varn},
    {"Prompt1", "Prompt2", ..., "Promptn"},
    {"Help1", "Help2", ..., "Helpn"},
    {"default1", "default2", ..., "defaultn"},
    ===================================
    EXPORT Newton()
    BEGIN
    LOCAL n, xold, xnew, err, N, f;
    N:=100; err:=.000001; xnew:=1;
    if input(
    {f, xnew, err, N},
    "Metodo de Newton"
    {"f(x)=", "Guess=", "Error=", "Max Inter.="},
    "Enter the function surrounded by single quotes",
    "Enter the initial guess",
    "Enter the tolerance",
    "Enter the maximum number of interations"
    {f, xnew, err, N}
    ) then
    F1:=f;
    CAS("F0:=id-F1/F1'");
    L1:={ }; L1(1):=xnew;
    for n from 2 to N+1 do
    xold:=xnew;
    xnew:=F0(xold);
    L1(n):=xnew;
    if abs(xnew-xold)<err then break; end;
    end;
    editlist(L1);
    end;
    END;
    Also, I've tried other codes in this forum, but they don't work due the same error.
    http://www.hpmuseum.org/forum/thread-455.html
    Thank You,
    Ihannah

    hello, how are you related to this user? could you check (or make him/her check again) if this specific extension is indeed not present in firefox/tools > addons > extensions...

  • L3VPN on Cisco ASR9001 IOS XF 4.3.1 (PE router)

    Hi all,
    I need to know if this configuration is correct on Cisco ASR 9001 to have L3VPN.
    This CISCO should be a PE router (other PE router is in another Autonomous System).
    RP/0/RSP0/CPU0:ASR9001-2#sh running-config
    Mon Oct  6 06:11:16.434 UTC
    Building configuration...
    !! IOS XR Configuration 4.3.1
    !! Last configuration change at Sun Oct  5 08:23:50 2014 by admin
    hostname ASR9001-2
    telnet vrf default ipv4 server max-servers 100
    ptp
     clock
      domain 1
     profile 1
      multicast
      transport ethernet
      port state slave-only
      clock operation two-step
     profile 2
      transport ethernet
    vrf vpnv4
     address-family ipv4 unicast
      import route-target
       65000:111
       65001:111
      export route-target
       65000:111
    interface Loopback0
     ipv4 address 10.85.0.67 255.255.255.255
    interface Loopback1
     vrf vpnv4
     ipv4 address 2.2.2.2 255.255.255.255
    interface MgmtEth0/RSP0/CPU0/0
     shutdown
    interface MgmtEth0/RSP0/CPU0/1
     ipv4 address 10.44.107.35 255.255.255.128
    interface GigabitEthernet0/0/0/0
     shutdown
    interface GigabitEthernet0/0/0/1
     ptp
      profile 2
     shutdown
    interface GigabitEthernet0/0/0/2
     shutdown
    interface GigabitEthernet0/0/0/3
     shutdown
    interface GigabitEthernet0/0/0/4
     shutdown
    interface GigabitEthernet0/0/0/5
     shutdown
    interface GigabitEthernet0/0/0/6
     shutdown
    interface GigabitEthernet0/0/0/7
     shutdown
    interface GigabitEthernet0/0/0/8
     shutdown
    interface GigabitEthernet0/0/0/9
     shutdown
    interface GigabitEthernet0/0/0/10
     shutdown
    interface GigabitEthernet0/0/0/11
     shutdown
    interface GigabitEthernet0/0/0/12
     shutdown
    interface GigabitEthernet0/0/0/13
     shutdown
    interface GigabitEthernet0/0/0/14
     shutdown
    interface GigabitEthernet0/0/0/15
     shutdown
    interface GigabitEthernet0/0/0/16
     shutdown
    interface GigabitEthernet0/0/0/17
     shutdown
    interface GigabitEthernet0/0/0/18
     shutdown
    interface GigabitEthernet0/0/0/19
     shutdown
    interface TenGigE0/0/1/0
     mtu 9216
     shutdown
    interface TenGigE0/0/1/1
     mtu 9000
     ptp
      profile p1
     ipv4 address 10.85.52.5 255.255.255.252
    interface TenGigE0/0/1/2
     shutdown
    interface TenGigE0/0/1/3
     mtu 9000
     ipv4 address 10.85.52.1 255.255.255.252
    interface TenGigE0/0/2/0
     shutdown
    interface TenGigE0/0/2/1
     shutdown
    interface TenGigE0/0/2/2
     shutdown
    interface TenGigE0/0/2/3
     shutdown
    router static
     address-family ipv4 unicast
      10.40.0.0/14 10.44.107.1
      141.0.0.0/8 10.44.107.1
    router ospf 1
     router-id 10.85.0.67
     mpls ldp sync
     mpls ldp auto-config
     area 0.0.0.0
      mtu-ignore enable
      interface Loopback0
       passive enable
      interface TenGigE0/0/1/1
      interface TenGigE0/0/1/3
    router bgp 65000
     bgp router-id 10.85.0.67
     address-family ipv4 unicast
      network 10.85.0.67/32
     address-family vpnv4 unicast
     neighbor 10.85.0.71
      remote-as 65000
      update-source Loopback0
      address-family ipv4 unicast
      address-family vpnv4 unicast
     neighbor 10.85.0.72
      remote-as 65000
      update-source Loopback0
      address-family ipv4 unicast
      address-family vpnv4 unicast
     vrf vpnv4
      rd 10.85.0.67:111
      address-family ipv4 unicast
       redistribute connected
       redistribute static
    mpls ldp
     router-id 10.85.0.67
     interface TenGigE0/0/1/1
     interface TenGigE0/0/1/3
    ssh server v2
    ssh server session-limit 100
    end

    "New pin mode is not supported if you are using the RSA native protocol."
    I am very aware of this.
    "Use the Radius protocol on the RSA Authentication Manager for features like New pin , next token mode etc."
    I am also very aware of this too.
    However, I do not want to use radius on the
    RSA Authentication Manager. I want to use
    tacacs+ in the ACS but off-load the
    authentication database piece to RSA. I
    want to use tacacs because I want to have
    separations between Authentication and
    Authorization, which is not possible with
    radius.
    From the router's perspective, it does not
    know anything about RSA, it only knows ACS.
    Are you saying that even though ACS passes the
    credentials to RSA, it is still RSA native
    protocol? i.e. udp port 5500?
    Thanks.

  • VLANs between aironet 1310 & catalyst 1912-A

    Hi Guys,
    Please help, can I have vlan on my wlan with catalyst 1912-A Enterprise Edition ?
    I read somewhere " The Cisco 1900 series does not support 802.1q, leaving ISL as the only option for creating trunk connections with other Cisco."
    Regards
    Saher

    Well it looks like you are correct... ISL is only supported for trunking. See the following notes froma doc:
    Supports a maximum of two trunks. The Catalyst 1900 switch supports a maximum of two Inter-Switch Link (ISL) trunks. The Catalyst 2820 switch supports both ISL and Asynchronous Transfer Mode (ATM) LAN emulation (LANE) trunk connections.
    http://www.cisco.com/en/US/docs/switches/lan/catalyst2900xl_3500xl/catalyst1900_2820/version6.x_7.x/eesw/sw_cfg/02vlans.html#wp15180
    Hope this helps.

  • InterAS MPLS Option C (BGP IPv4 + Labels) IOS XR with eBGP multihop session

    Hello,
    Right now we have InterAS MPLS Option C configured between 2 autonomous systems.
    Now we need to add more bandwith and would like to add another interface between the two routers establishing a multihop session using loopbacks to load share traffic.
    I know that IOS-XR does not automatically learn directly connected host routes so for the XR router to assign labels you'll need to configure a static host route to ensure MPLS forwarding to the neighboring AS.
    This works with directly connected neighbors but when I try to enable the multihop session, the XR does not assign labels even configuring the staic host route.
    Does anybody has a configuration like that working?
    Thanks!!
    Jose.

    Hello Jose
    There are basically two options in Option C L3VPN setup. I will discuss the first option for Multihop.
    Following are the key points that distinguish the InterAS Option C from previous options.
    1) External Multihop BGP address families are invoked between two different autonomous systems; however, these eBGP sessions are invoked between the route reflectors in each AS and not on the ASBR. The route reflector in each AS thus passes labeled ipv4 unicast VPN routes to the other AS. Note:- The route reflector in this case will have PE clients in the vpnv4 address family within that Autonomous System.
    2) ASBRs facilitate the creation of InterAS LSP by providing labeled /32s for PE and Route Reflector loopback.
    3) This option enhances scalability because ASBRs do not handle VPNv4 routes in fact this option gets rid of the extra L3VPN LFIB that is created as a result of option B . The LFIB size is minimal as we control the redistribution to the only 2 needed loopback addresses (remote ASBR and remote RR)
    Sample config of the RR:
    router bgp 102
    address-family ipv4 unicast
    address-family vpnv4 unicast
    neighbor-group ibgp
      remote-as 102
      update-source Loopback0
      address-family ipv4 unicast
       route-reflector-client
      address-family vpnv4 unicast
       route-reflector-client
    neighbor 192.168.253.3
      remote-as 101
      ebgp-multihop 255
      description eBGP-RR-PEER-AS101
      update-source Loopback0
      address-family vpnv4 unicast
       route-policy allow-all in
       route-policy allow-all out
       next-hop-unchanged
    neighbor 192.168.254.1
      use neighbor-group ibgp
    neighbor 192.168.254.3
      use neighbor-group ibgp
    neighbor 192.168.254.4
      use neighbor-group ibgp
    On the PE router, the config will look something like this:
    router bgp 102
    address-family ipv4 unicast
      redistribute ospf 1 metric 3333 route-policy interAS-optionc-out
      allocate-label route-policy interAS-optionc-out
    neighbor 65.10.20.1
      remote-as 101
      address-family ipv4 labeled-unicast
       route-policy interAS-optionc-in in
       route-policy interAS-optionc-out out
    neighbor 192.168.254.2
      remote-as 102
      update-source Loopback0
      address-family ipv4 unicast
    router static
    address-family ipv4 unicast
      65.10.20.1/32 TenGigE0/0/0/1
      192.0.2.0/24 Null0 tag 10
    route-policy interAS-optionc-in
      if destination in remote-RR-PE then
        pass
      else
        drop
      endif
    end-policy
    route-policy interAS-optionc-out
      if destination in local-RR-PE then
        pass
      else
        drop
      endif
    end-policy
    prefix-set local-RR-PE
      192.168.254.2/32,
      192.168.253.6/32,
      192.168.253.5/32
    end-set
    prefix-set remote-RR-PE
      192.168.253.2/32,
      192.168.253.3/32,
      192.168.253.3/32
    end-set
    Just for your clarification, 192.168.253.0/24 is the Remote AS networks and 192.168.254.0/24 is the local AS networks.
    Hope this clarifies your doubts.
    Cheers ... !!!
    Vinit

  • Inter-as option B summary vpnv4 route at ASBR boundary

    inter-as option B, can i summary vpnv4 route at asbr boundary.
    i create VRF at boundary asbr, and summary vpnv4 route from upstream PE, but i can't ping destination vrf pc.
    i trace,the traffic end at ASBR VRF interface. and ASBR vrf can't forward traffic back to destion PE.
    is there any solution i can summary vpn route at boundary ASBR.
    thank you!
    fly

    Fly,
    I am not sure what you mean by VRF interface. You don't really need a VRF interface. You only need to create a VRF context with the same RT import export as the VPN in question. The aggregation would be done at the "address-family ipv4 vrf xxx" level, not at the vpnv4 level. The aggregate will cause an aggregate label to be installed in the LFIB and advertised to the remote PEs via BGP vpnv4. The more specific routes will be installed in the FIB for the specific VRF context. When packets arrive at the ASBR with the aggregate label, the label will be removed and a second lookup will be performed against the FIB for the VRF context.
    Regards

  • What is the maximum number of ARP entries (IPv4) and ND entries (IPv6) supported in our controllers?

    Q: What is the maximum number of ARP entries (IPv4) and ND entries (IPv6) supported in Aruba controllers?
    A: The maximum number of static ARP entries supported is about 2048 for M3/72xx/70xx platforms.
    The maximum number of static ARP entries supported is about 128 for 6xx platforms.
    The maximum number of static ND entries supported is about 2048 for M3/72xx/70xx platforms.
    The maximum number of static ND entries supported is about 128 for 6xx platforms.

    a)It depends upon software level. b) 16,000 per card, With release 9.3:
    60K Connections Support on BXM-E—Provides the ability to support a maximum of 60K per card for VSI applications for the BPX 8600, for example, PNNI or MPLS, used on enhanced BXM-E cards.

  • ASR 9000 route-policy on ipv4 and vpnv4 neighbors

    Hi
    To reduce configuraton i would like to use the same route-policy for ipv4 and vpnv4 routes from the same neighbors on ASR 9000.
    I know that a "pass all" route-policy will work just fine, also a route-policy like this works fine:
    route-policy eBGP_NEIGHBORS
        set local-preference 50
      endif
    end-policy
    But why doesn´t this route-policy work?
    rd-set EXT_SERVICES_PRIMARY
      1.1.1.1:*
    end-set
    rd-set EXT_SERVICES_SECUNDARY
      2.2.2.2:*
    end-set
    route-policy eBGP_NEIGHBORS
      if rd in EXT_SERVICES_PRIMARY then
        set local-preference 120
      elseif rd in EXT_SERVICES_SECUNDARY then
        set local-preference 20
      else
        set local-preference 80
      endif
    end-policy
    The effect of this is that vpnv4 routes looks just fine but ipv4 routes is missing in bgp table. I have tryed all kind of configs but it just will not work, what am i missing?
    The idea of this route-policy is that routes advertised by rd 1.1.1.1 will act as primary and rd 2.2.2.2 as secundary.
    1.1.1.1 and 2.2.2.2 is handleing the same routes.
    1.1.1.1 is located in one AS and 2.2.2.2 in an other AS
    my ASR that i am working on is in a third AS
    And alla other routes will have a default local-pref of 80

    If you watch the if statement, you're challenging that if the RD is something, or else, else... but, maybe, it doesn't work if you don't have an RD.
    Based on the Mohit's answer I think that maybe, that's the reason.
    route-policy eBGP_NEIGHBORS
      if rd in EXT_SERVICES_PRIMARY then
        set local-preference 120
      elseif rd in EXT_SERVICES_SECUNDARY then
        set local-preference 20
      else   <<< So if not "EXT_SERVICES_PRIMARY" and not "EXT_SERVICES_SECUNDARY", but stills in "if rd.."
        set local-preference 80
      endif
    Mohit's:
    route-policy eBGP_NEIGHBORS
      if rd in EXT_SERVICES_PRIMARY then
        set local-preference 120
      elseif rd in EXT_SERVICES_SECUNDARY then
        set local-preference 20
      endif
        set local-preference 80 >>>> Outside the if statement!
      end-policy.
    Let us know if the Mohit's answer worked! Just to learn something new :)

  • About maximum ipv4 routes for GSR router

    Hi all,
    I am planning to install GSR 12404 router for Internet router to receive full BGP routing table. Just wondering what the maximum routes supported for GSR into the CEF?
    The hardware will be used is as below
    PRP-2
    SIP-400 w/ SPA-2x1GE
    Thanks,

    looshfoo wrote:thinking about it, could it be the dhcp lease on the local router going up and it running a dhcp request and getting the route again?
    Yes.
    Your lease is only valid for X minutes/hours, after that it has to be renewed, which will recreate the def route. There's probably a config option in your dhcp client to ignore the def route.

  • Issue with multipath load-sharing of VPNv4 routes

    Hi Sir,
    Below is output of "show ip bgp vpnv4 all 10.1.36.0/24" on a PE router in an MPLS VPN environment:
    KP1#sh ip bgp vpnv4 all 10.1.36.0/24
    BGP routing table entry for 65001:202:10.1.36.0/24, version 1732
    Paths: (2 available, best #1, no table)
    Not advertised to any peer
    Local
    172.18.254.56 (metric 31) from 172.18.254.54 (172.18.254.54)
    Origin incomplete, metric 0, localpref 100, valid, internal, best
    Extended Community: RT:65001:1200
    Originator: 172.18.254.56, Cluster list: 172.18.254.54
    Local
    172.18.254.56 (metric 31) from 172.18.255.254 (172.18.255.254)
    Origin incomplete, metric 0, localpref 100, valid, internal
    Extended Community: RT:65001:1200
    Originator: 172.18.254.56, Cluster list: 172.18.255.254
    BGP routing table entry for 65001:203:10.1.36.0/24, version 2439
    Paths: (2 available, best #2, no table)
    Not advertised to any peer
    Local
    172.18.255.4 (metric 21) from 172.18.255.254 (172.18.255.254)
    Origin incomplete, metric 0, localpref 100, valid, internal
    Extended Community: RT:65001:1200
    Originator: 172.18.255.4, Cluster list: 172.18.255.254
    Local
    172.18.255.4 (metric 21) from 172.18.254.54 (172.18.254.54)
    Origin incomplete, metric 0, localpref 100, valid, internal, best
    Extended Community: RT:65001:1200
    Originator: 172.18.255.4, Cluster list: 172.18.254.54
    BGP routing table entry for 65001:204:10.1.36.0/24, version 2441
    Paths: (2 available, best #2, table V1:TEST)
    Multipath: iBGP
    Not advertised to any peer
    Local, imported path from 65001:202:10.1.36.0/24
    172.18.254.56 (metric 31) from 172.18.254.54 (172.18.254.54)
    Origin incomplete, metric 0, localpref 100, valid, internal
    Extended Community: RT:65001:1200
    Originator: 172.18.254.56, Cluster list: 172.18.254.54
    Local, imported path from 65001:203:10.1.36.0/24
    172.18.255.4 (metric 21) from 172.18.254.54 (172.18.254.54)
    Origin incomplete, metric 0, localpref 100, valid, internal, best
    Extended Community: RT:65001:1200
    Originator: 172.18.255.4, Cluster list: 172.18.254.54
    KP1#
    There are two RRs on the network: RR1 (172.18.254.54) and RR2 (172.18.255.254). All PE routers peer with these two RRs.
    The VPNv4 prefix 10.1.36.0/24 is advertised by two PE routers; the first is 172.18.254.56 (hostname: SK1) using RD 65001:202, another is 172.18.255.4 (hostname: SK2) using RD 65001:203. This is an Intranet VPN with RT value of 65001:1200.
    I understand why KP1 selects the path via SK2 as the best because it matches the BGP best-path selection criteria: "Prefer the path with the lowest IGP metric to the BGP next hop".
    I want to load-balance traffic destined to 10.1.36.0/24 across SK1 and SK2. Thus, I modified the config on KP1 as follows:
    router bgp 65001
    address-family ipv4 vrf V1:TEST
    maximum-paths ibgp 2
    But still only one best path is selected and installed into the VRF routing tables, as follows:
    KP1#sh ip route vrf V1:TEST
    Routing Table: V1:TEST
    10.0.0.0/24 is subnetted, 6 subnets
    B 10.1.36.0 [200/0] via 172.18.255.4, 20:53:01
    KP1#sh ip bgp vpnv4 vrf V1:TEST
    Network Next Hop Metric LocPrf Weight Path
    Route Distinguisher: 10081:204 (default for vrf V1:TEST)
    * i10.1.36.0/24 172.18.254.56 0 100 0 ?
    *>i 172.18.255.4 0 100 0 ?
    KP1 only installs the two paths when I configured the following:
    router bgp 65001
    address-family ipv4 vrf V1:TEST
    maximum-paths ibgp unequal-cost 2 (I can't exactly remember the command. It should be this one.)
    Please advise if this is the correct way to install both routes.
    Thank you.
    B.Rgds,
    Lim TS

    Hi,
    "maximum-path ... unequal-cost" means install two pathes EVEN IF paths have unequal IGP metric. If the metric is identical then the BGP path selection is identical to not configuring "unequal-cost".
    This option is used to skip the normal BGP path selection step "closest IGP neighbor" when it comes to decide what to insert into the IP routing table.
    So typically you would use "unequal-cost" as for the VPN customer your core network is not interesting (not even visible). So routing decisions based on your core network metrics are (often) not in the customers interest. The customer is usually interested in loading the redundant access lines. This would potentially not be possible because of the SP BGP selection mechanism.
    Hope this helps!
    Regards, Martin

  • Inter-AS option B statistics

    Hello,
      we would like to measure the traffic per vrf in case of Inter-AS option B on the interconnecting links between the providers.
      How can we do it? AFAIK bgp-policy accounting supports only standard community-list, if it could support extcommunity-list, then we would have a solution.
    BR, Attila

    Fly,
    I am not sure what you mean by VRF interface. You don't really need a VRF interface. You only need to create a VRF context with the same RT import export as the VPN in question. The aggregation would be done at the "address-family ipv4 vrf xxx" level, not at the vpnv4 level. The aggregate will cause an aggregate label to be installed in the LFIB and advertised to the remote PEs via BGP vpnv4. The more specific routes will be installed in the FIB for the specific VRF context. When packets arrive at the ASBR with the aggregate label, the label will be removed and a second lookup will be performed against the FIB for the VRF context.
    Regards

Maybe you are looking for

  • Latest MacBook Pro 15" and two external monitors?

    Hi, I currently already have two Dell U2713HM monitors and was looking to purchase one of the latest model MacBook Pro 15" laptops. I was wondering if there would be any issues in connecting the two monitors via the two Thunderbolt/Mini DisplayPort c

  • Customer , vendor 0000049256 not known (EDI process)

    We are trying to send an IDoc type INVOIC from one SAP R/3 system to another using the SAP XI/PI. Right now we are experience an error “Customer , vendor 0000049256 not known”, after have check all ALE/EDI configuration between the source system (SAP

  • Help with form validation

    Hi, I am new to dreamweaver and I need to create a site for the cafe I work for. I tried to make a form for making reservations online. I made a table and put the fileds inside it. It looks great. However, when I preview it in the browser, a javascri

  • Discovery problem in LMS 4.0.1

    Hello all, I have a problem discovering some ASA firewalls on a network. I have several ASA firewalls on this /24 network, but some of them I can't discover e.g 149.x.x.107 is discovered ok, but 149.x.x.20 I can't discover. It seems that it's not eve

  • Urgent:Issue of Product Search

    Hi All, In customer Product Search , it return only 100 items. but in profile option value set IBE: No of Results in Search -->200(default) but I am able to view only 100 records in customer UI. please advise me how can i fix it ASAP Thanks