Route Reflector redundancy
In such a scenario where a commmon cluster-id is configured on the two RRs (R1,R2) is the iBGP session between the RRs required and if so why ?
Hi Darlington,
It is there in the below link:
http://cisco.iphelp.ru/faq/5/ch15lev2sec17.html
It is nothing but to provide redundancy if the R8 to R2 link goes down, R2 will not be able to reach R8.
Thanks,
Manjunath
Similar Messages
-
Hi
I have a Network with about 14 PE's and totally 800 vpnv4 Prefixes.
I thought about a design with redundant 7200 as Route Reflectors.
Now the question: Could i use two PE's (6500 Sup 720) as Route Reflector? So i wouldn't have to buy two 7200.
cheers patrickHello Patrick,
As you know that Route Reflectors as a concept is applicable for networks having heavy IBGP mesh, and also involves quite a burden on the processor.
Coming back to your question !!! Yes a couple of 6500 with SUP 720 can be used, you can try this new IOS release 12.2(17b)SXA.
Check this link further:
http://www.cisco.com/en/US/products/hw/switches/ps708/prod_bulletin09186a00801df1dd.html
sultan -
In a cluster of multiple route-reflector, is it necessary for the route-reflectors to be peers to each other? Does the use of the cluster id have any effect on this?
"Usually a cluster of clients will have a single route reflector. In that case, the cluster is identified by the router ID of the route reflector. To increase redundancy and avoid a single point of failure, a cluster might have more than one route reflector. In this case, all route reflectors in the cluster must be configured with the 4-byte cluster ID so that a route reflector can recognize updates from route reflectors in the same cluster. All the route reflectors serving a cluster should be fully meshed and all of them should have identical sets of client and nonclient peers.
If the cluster has more than one route reflector, configure the cluster ID by using the following command in router configuration mode: "
That is taken from
http://www.cisco.com/univercd/cc/td/doc/product/software/ios122/122cgcr/fipr_c/ipcprt2/1cfbgp.htm#wp1001965
But, if the route-reflectors are not meshed, can someone explain to me what could happen. Is this just a best practice, or a must configuration? -
BGP route-reflector next-hop issue
Hello,
I have a small GNS3 lab that is working with one exception: I cannot ping loopback0 on RRc2 and RRc3 from RRc1.
RRc1, RRc2 and RRc3 can all ping loopback0 on SmileyISP and RRc2 and RRc3 can ping each others loopback0
interfaces.
I am broken between the two route-reflectors: RRS1 and RRS2.
Given these conditions:
1) Do not configure any IGP.
2) No static routes
How do I get connectivity from RRc1's loopback0 interface to RRc2 loopback0 and RRc3 loopback0?
I used a route-map to set the next hop, but I am obviously doing something wrong.
I am providing relevant show command outputs, router configs, and the GNS3 topology.net config.
You will have to change the image and working directories to match your computer.
Not quite sure where I am going wrong.
Any help would be greatly appreciated.
Thanks.
-- Mark
RRc1#sh ip bgp
BGP table version is 53, local router ID is 172.16.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.25.5 0 100 0 100 i
*>i 10.1.12.0/24 10.1.26.2 0 100 0 i
*>i 10.1.13.0/24 10.1.12.1 0 100 0 i
*>i 10.1.14.0/24 10.1.12.1 0 100 0 i
*>i 10.1.15.0/24 10.1.12.1 0 100 0 i
*>i 10.1.25.0/24 10.1.26.2 0 100 0 i
* i 10.1.26.0/24 10.1.26.2 0 100 0 i
*> 0.0.0.0 0 32768 i
*> 172.16.1.0/24 0.0.0.0 0 32768 i
*>i 172.16.2.0/24 10.1.12.1 0 100 0 i
*>i 172.16.3.0/24 10.1.12.1 0 100 0 i
RRc1#
RRc1#ping 172.16.2.1 so lo0
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.2.1, timeout is 2 seconds:
Packet sent with a source address of 172.16.1.1
Success rate is 0 percent (0/5)
RRc1#
RRc2#sh ip bgp
BGP table version is 31, local router ID is 172.16.2.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found
Network Next Hop Metric LocPrf Weight Path
*>i 1.1.1.0/24 10.1.15.5 0 100 0 100 i
* i 10.1.12.0/24 10.1.12.2 0 100 0 i
* i 10.1.13.0/24 10.1.13.1 0 100 0 i
*> 0.0.0.0 0 32768 i
*>i 10.1.14.0/24 10.1.13.1 0 100 0 i
*>i 10.1.15.0/24 10.1.13.1 0 100 0 i
* i 10.1.25.0/24 10.1.12.2 0 100 0 i
* i 10.1.26.0/24 10.1.12.2 0 100 0 i
* i 172.16.1.0/24 10.1.12.2 0 100 0 i
*> 172.16.2.0/24 0.0.0.0 0 32768 i
*>i 172.16.3.0/24 10.1.14.4 0 100 0 i
RRc2#
SmileyISP#sh run
Building configuration...
Current configuration : 988 bytes
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname SmileyISP
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 1.1.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.5 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.5 255.255.255.0
speed auto
duplex auto
router bgp 100
bgp log-neighbor-changes
network 1.1.1.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor 10.1.15.1 remote-as 200
neighbor 10.1.25.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS1#sh run
Building configuration...
Current configuration : 1594 bytes
! Last configuration change at 19:24:34 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.15.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.12.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.13.1 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
ip address 10.1.14.1 255.255.255.0
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 10.1.14.0 mask 255.255.255.0
network 10.1.15.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.2 peer-group RouteReflectors
neighbor 10.1.13.3 peer-group RRClients
neighbor 10.1.14.4 peer-group RRClients
neighbor 10.1.15.5 remote-as 100
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRS2#sh ru
Building configuration...
Current configuration : 1542 bytes
! Last configuration change at 19:42:06 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRS2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.12.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
ip address 10.1.25.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/0
ip address 10.1.26.2 255.255.255.0
speed auto
duplex auto
interface FastEthernet2/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.12.0 mask 255.255.255.0
network 10.1.25.0 mask 255.255.255.0
network 10.1.26.0 mask 255.255.255.0
neighbor RouteReflectors peer-group
neighbor RouteReflectors remote-as 200
neighbor RouteReflectors route-map NEXTHOP out
neighbor RRClients peer-group
neighbor RRClients remote-as 200
neighbor RRClients route-reflector-client
neighbor 10.1.12.1 peer-group RouteReflectors
neighbor 10.1.25.5 remote-as 100
neighbor 10.1.26.6 peer-group RRClients
ip forward-protocol nd
no ip http server
no ip http secure-server
route-map NEXTHOP permit 10
set ip next-hop peer-address
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc1#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:43:57 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc1
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.1.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.26.6 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.26.0 mask 255.255.255.0
network 172.16.1.0 mask 255.255.255.0
neighbor 10.1.26.2 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc2#sh run
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:45:05 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc2
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.2.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.13.3 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.13.0 mask 255.255.255.0
network 172.16.2.0 mask 255.255.255.0
neighbor 10.1.13.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
RRc3#wr term
Building configuration...
Current configuration : 1005 bytes
! Last configuration change at 18:31:12 UTC Sat Feb 7 2015
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
hostname RRc3
boot-start-marker
boot-end-marker
no aaa new-model
ip cef
no ipv6 cef
multilink bundle-name authenticated
interface Loopback0
ip address 172.16.3.1 255.255.255.0
interface FastEthernet0/0
no ip address
shutdown
duplex half
interface FastEthernet1/0
ip address 10.1.14.4 255.255.255.0
speed auto
duplex auto
interface FastEthernet1/1
no ip address
shutdown
speed auto
duplex auto
router bgp 200
bgp log-neighbor-changes
network 10.1.14.0 mask 255.255.255.0
network 172.16.3.0 mask 255.255.255.0
neighbor 10.1.14.1 remote-as 200
ip forward-protocol nd
no ip http server
no ip http secure-server
control-plane
line con 0
logging synchronous
transport preferred none
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
end
autostart = False
version = 0.8.6
[127.0.0.1:7202]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10200
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2005
aux = 2100
cnfg = configs\SmileyISP.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/0
f1/1 = RRS2 f1/1
x = -24.0
y = -259.0
z = 1.0
hx = -1.5
hy = -24.0
console = 2015
aux = 2101
cnfg = configs\RRc1.cfg
slot1 = PA-2FE-TX
f1/0 = RRS2 f2/0
x = -292.0
y = 200.0
z = 1.0
hx = -5.5
hy = -25.0
[127.0.0.1:7200]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10000
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2012
aux = 2102
cnfg = configs\RRS1.cfg
slot1 = PA-2FE-TX
f1/0 = SmileyISP f1/0
f1/1 = RRS2 f1/0
slot2 = PA-2FE-TX
f2/0 = RRc2 f1/0
f2/1 = RRc3 f1/0
x = 197.0
y = 6.0
z = 1.0
hx = 42.5
hy = -20.0
console = 2013
aux = 2103
cnfg = configs\RRS2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f1/1
f1/1 = SmileyISP f1/1
slot2 = PA-2FE-TX
f2/0 = RRc1 f1/0
x = -239.0
y = 9.0
z = 1.0
hx = 1.5
hy = -24.0
[127.0.0.1:7201]
workingdir = C:\Users\Mark\AppData\Local\Temp
udp = 10100
image = C:\downloads\GNS3\c7200-adventerprisek9-mz.152-4.S5.image
idlepc = 0x62f1e4ec
ghostios = True
console = 2009
aux = 2104
cnfg = configs\RRc3.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/1
x = 337.0
y = 155.0
z = 1.0
hx = 17.5
hy = -25.0
console = 2008
aux = 2105
cnfg = configs\RRc2.cfg
slot1 = PA-2FE-TX
f1/0 = RRS1 f2/0
x = 149.0
y = 204.0
z = 1.0
hx = -13.5
hy = -23.0
[GNS3-DATA]
configs = configs
text = ".1"
x = 208.0
y = -23.0
text = "10.1.12.0/24"
x = -19.0
y = 5.0
text = ".1"
x = 153.0
y = 25.0
text = ".1"
x = 259.0
y = 33.0
text = "10.1.13.0/24"
x = 238.0
y = 84.0
rotate = 99
text = "10.1.25.0/24"
x = -188.0
y = -124.0
text = "l0: 172.16.2.1/24"
x = 125.0
y = 244.0
text = "l0:172.16.1.1/24"
x = -269.0
y = 240.0
text = "10.1.15.0/24"
x = 116.0
y = -127.0
text = "10.1.14.0/24"
x = 293.0
y = 53.0
rotate = 50
text = ".1"
x = 194.0
y = 68.0
text = "AS100"
x = -20.0
y = -342.0
text = ".2"
x = -148.0
y = 46.0
text = "AS200"
x = 33.0
y = 300.0
text = "l0: 1.1.1.1/24"
x = -42.0
y = -306.0
text = ".5"
x = 50.0
y = -213.0
text = ".2"
x = -248.0
y = 60.0
text = ".2"
x = -174.0
y = -52.0
text = ".5"
x = -54.0
y = -209.0
text = ".6"
x = -232.0
y = 189.0
text = "l0:172.16.3.1/24"
x = 299.0
y = 194.0
text = "10.1.26.0/24"
x = -274.0
y = 167.0
rotate = 290
text = ".3"
x = 208.0
y = 187.0
text = ".4"
x = 312.0
y = 155.0
type = ellipse
x = 50.0
y = -35.0
width = 385.0
height = 345.0
fill_color = "#ffff7f"
border_style = 2
z = -1.0
type = ellipse
x = -171.0
y = -346.0
width = 359.0
height = 200.0
fill_color = "#aaff7f"
border_style = 2
z = -1.0
type = ellipse
x = -407.0
y = -87.0
width = 883.0
height = 443.0
border_style = 2
z = -2.0
type = ellipse
x = -361.0
y = -29.0
width = 385.0
height = 326.0
fill_color = "#55aaff"
border_style = 2
z = -3.0BD,
Ahh...
OK. In the original article, the author states that the final piece with the route map
NEXTHOP was supposed to fix the reachability issue. Obviously it doesn't.
After reading your last post, I looked more carefully at the output from 'sh ip bgp'
on each of the client routers and I realized that several of the next hop addresses were
wrong for some of the prefixes.
1) I completely removed the 'neighbor RouteReflectors route-map NEXTHOP out'
from both RR's. Then I ran 'sh ip bgp' on the clients and noted a change in the next hop addresses. Still wrong, but it changed.
2) I then tried next-hop-self from the RR's to the clients, but it did not change from where
it was after I completed step 1. I am not sure why there was no change. (actually, see the very end of this post)
3) I then applied my version of the route map: route-map NEXTHOP permit 10
set ip next-hop peer-address
to the RR's with this: neighbor RRClients route-map NEXTHOP out
That fixed it. All three clients have as their next hop for all prefixes their respective
RR's (which is what they should have for this topology).
I have full connectivity everywhere, even loopback to loopback between all clients.
1) THANK YOU for pointing me in the right direction.
2) If I may ask, why did next hop self fail? More specifically, I saw no change at all
in the next hop for the advertised prefixes. Is it because next-hop-self should be used
for eBGP peers and all of the RR's and clients are all within the same AS? -
Hello,
i have this bgp topology all router running bgp and no igp is running. Now, the problem is R2 and R3 are route reflector, R1 and R4 are Rclient.
R3 has learn route from R4 (4.4.4.4) from its R client and it advertise to R2 but R2 not advertise (4.4.4.4) route to its client (R1).
R1#sh ip bgp
BGP table version is 5, local router ID is 192.168.12.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*> 1.1.1.1/32 0.0.0.0 0 32768 i
*>i2.2.2.2/32 192.168.12.2 0 100 0 i
* i3.3.3.3/32 192.168.23.3 0 100 0 i
R2#sh ip bgp
BGP table version is 8, local router ID is 192.168.12.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
*>i1.1.1.1/32 192.168.12.1 0 100 0 i
*> 2.2.2.2/32 0.0.0.0 0 32768 i
*>i3.3.3.3/32 192.168.23.3 0 100 0 i
* i4.4.4.4/32 192.168.34.4 0 100 0 iR3#sh ip bgp
BGP table version is 8, local router ID is 192.168.23.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
* i1.1.1.1/32 192.168.12.1 0 100 0 i
*>i2.2.2.2/32 192.168.23.2 0 100 0 i
*> 3.3.3.3/32 0.0.0.0 0 32768 i
*>i4.4.4.4/32 192.168.34.4 0 100 0
R3#sh run | se router bgp
router bgp 1
no synchronization
bgp log-neighbor-changes
network 3.3.3.3 mask 255.255.255.255
neighbor 192.168.23.2 remote-as 1
neighbor 192.168.23.2 next-hop-self
neighbor 192.168.34.4 remote-as 1
neighbor 192.168.34.4 route-reflector-client
no auto-summary -
Rt-filter or route-policy in a route-reflector
Hi,
I want to implement a route reflector that i will use in two differents networks with differents VPNL3. So i do not want that my route reflector advertise the prefixes form a network to the other. I am using an ASR9000 with IOS XR 4.3.2 as route reflector.
I tried two differents configurations in a testing enviroment and both work fine, one applying route-policy filtering by RD, and another using RT-filter. But i do not know what is better to implement on production. I will appreciate if somebody could help me to decide what is the best to implement in a production Network, thinking in the resources of the network and in the IPv6 deployment (i could not configure RT Filter with address-family ipv6)
With route-policy
rd-set RD_XXX
65000:*
end-set
route-policy to_XXX
if rd in RD_XXX then
pass
else
drop
endif
end-policy
route-policy to_YYY
if rd in RD_XXX then
drop
else
pass
endif
end-policy
router bgp 65001
neighbor-group XXX
remote-as 65001
address-family vpnv4 unicast
route-reflector-client
route-policy to_XXX out
neighbor-group YYY
remote-as 650001
update-source Loopback0
address-family vpnv4 unicast
route-reflector-client
route-policy to_YYY out
with RT-Filter
router bgp 65001
address-family ipv4 rt-filter
neighbor-group XXX
address-family ipv4 rt-filter
route-reflector-client
soft-reconfiguration inbound always
neighbor-group YYY
address-family ipv4 rt-filter
route-reflector-client
soft-reconfiguration inbound always
RegardsHi,
One benefit I see with rt-filter is, this feature provides considerable savings in CPU cycles and transient memory usage, generally this will be beneficial when you have large number of prefixes to be filtered, as you do not need to define route-policy for all the prefixes, and also it simple to configure (only one command )
Look at the Restrictions for BGP: RT Constrained Route Distribution in below document
http://www.cisco.com/en/US/docs/ios/ios_xe/iproute_bgp/configuration/guide/irg_rt_filter_xe.html
HTH
Regards,
Sandip -
Hi All...
I have this topology:
CE2-->PE1-->P--->PE2-->CE2
.............\-->PE3-->CE2
In router "P" I want to configure MP-BGP, but I have many doubts with configurations this router. I need to do route-reflector too.
Anybody can help me?
CLRGomesThanks, look my configuration:
Router P
router bgp 65500
no synchronization
no bgp default route-target filter
bgp log-neighbor-changes
neighbor MPLS peer-group
neighbor MPLS remote-as 65500
neighbor MPLS ebgp-multihop 255
neighbor MPLS update-source Loopback0
neighbor MPLS route-reflector-client
neighbor MPLS allowas-in
neighbor MPLS soft-reconfiguration inbound
neighbor 10.10.10.2 peer-group MPLS
neighbor 10.10.10.3 peer-group MPLS
neighbor 10.10.10.4 peer-group MPLS
no auto-summary
address-family vpnv4
neighbor MPLS route-reflector-client
neighbor MPLS send-community both
neighbor 10.10.10.2 activate
neighbor 10.10.10.3 activate
neighbor 10.10.10.4 activate
exit-address-family
ok...working perfect, I did MP-BGP between PE routers and I configured RDs differents too...
Later I did between PE->CE with OSPF and working too, loadshare working.
Thanks a lot
CLRGomes
CCIE R&S -
Hi,
I am having this design issue with route reflectors and could use some help.
I have 18 routers fully meshed in an MP-iBGP session and i am going to introduce route reflectors into the network to minimize the total number of TCP sessions
My problem is that some of these routers have outboud policies with one another. for example i have a route map on router 1 affecting only router 2 and would like to keep it this way
is there any way to do that through route reflectors ?
Thank you
HadiHi Riccardo,
I have 18 routers in a full MP-iBGP mesh topology. Some pairs of these routers have the following policy :
I have a route-map matching on Route Targets and i am setting the next hop to be different from the rest of the RT for that site.
This way, the prefixes originating from site A for example will reach site B with different next hops depending on how i set it in my route-map.
These policies are only between pairs of routers i.e. router#1 needs only to affect router#2
How can i achieve this using RRs
Thank you
Hadi -
Route-reflector-client inheritance-disable
Hi Folks,
I found the command route-reflector-client inheritance-disable here, why do we use it.
http://www.cisco.com/en/US/docs/routers/xr12000/software/xr12k_r3.9/routing/command/reference/b_rr39xr12kbook_chapter_01.html#wp1681856112
RP/0/0/CPU0:router(config)# router bgp 140
RP/0/0/CPU0:router(config-bgp)# af-group group1 address-family ipv4 unicast
RP/0/0/CPU0:router(config-bgp-afgrp)# route-reflector-client
RP/0/0/CPU0:router(config-bgp-afgrp)#exit
RP/0/0/CPU0:router(config-bgp)# neighbor 172.20.1.1
RP/0/0/CPU0:router(config-bgp-nbr)# remote-as 140
RP/0/0/CPU0:router(config-bgp-nbr)# address-family ipv4 unicast
RP/0/0/CPU0:router(config-bgp-nbr-af)# use af-group group1
RP/0/0/CPU0:router(config-bgp-nbr-af)# route-reflector-client inheritance-disable
I Will rate all helpful posts Thanks in advance
Regards
Thanveer
"Everybody is genius. But if you judge a fish by its ability to climb a tree, it will live its whole life believing that it is a stupid."Hello Muhammad,
As document says:
The following example disables the route-reflector client for neighbor 172.20.1.1, preventing this feature from being automatically inherited from address family group group1:
RP/0/RP0/CPU0:router(config)# router bgp 140
RP/0/RP0/CPU0:router(config-bgp)# af-group group1 address-family ipv4 unicast
RP/0/RP0/CPU0:router(config-bgp-afgrp)# route-reflector-client
RP/0/RP0/CPU0:router(config-bgp-afgrp)#exit
RP/0/RP0/CPU0:router(config-bgp)# neighbor 172.20.1.1
RP/0/RP0/CPU0:router(config-bgp-nbr)# remote-as 140
RP/0/RP0/CPU0:router(config-bgp-nbr)# address-family ipv4 unicast
RP/0/RP0/CPU0:router(config-bgp-nbr-af)# use af-group group1
RP/0/RP0/CPU0:router(config-bgp-nbr-af)# route-reflector-client inheritance-disable
Neighbor 172.20.1.1 si configured as member of group1. Members of group1 are configured as route-reflector-clients. But you want to disable neighbor 172.20.1.1 to become route-reflector-client so you need to configure route-reflector-client inheritance-disable.
Best Regards
Please rate all helpful posts and close solved questions -
I'm considering a limited IPv6 rollout using 6PE, and would like to know if the following configuration would be supported.
Our typical topology consists of customer aggregation routers connected to a pair of regional core routers. The cores are directly interconnected to other regions' cores via our long haul transport network. Our border routers are also connected to the closest pair of cores.
All the regional pairs of core routers are route reflectors, and the customer aggregation and border routers are route reflector clients of the closest pair of cores.
These are all 7600-class routers, and they're all running MPLS on the interconnects.
Can we use 6PE to exchange V6 routes between our dual-stack customer aggregation and border routers, and have those routes reflected through MPBGP sessions to the IPv4-only core routers?
customer_agg (dual v4/v6) ---> region1 core (v4 only) --->
<--- region2 core (v4 only) ---> border (dual v4/v6)
Thanks much...Stafford, yes you can run 6 PE in you distributed RR topology. Only thing is even though your RR's need not be dual stack but they definately need to support V6 Address Family for peering with the border PE's and reflecting the updates received.
Do note that when you enable ipv6 address family it makes it a dual stack router even though you do not aggregate customers over ipv6 link addresses.(7600'shave support for this, so should not be much of a concern here in terms of support)
Here is a reference for 6PE configuration.
http://www.cisco.com/en/US/products/sw/iosswrel/ps1835/products_data_sheet09186a008052edd3.html
Other option which you can think of is rather than creaing a full mesh of v6 peerings, if your dployment is limited to certain PE's you may want to form direct v6 ibgp between them.
HTH-Cheers,
Swaroop -
if i config mp-bgp vpnv4 reflector on a P router, does this P router become a PE router? Or keep P router role in mpls network?
thank you!Hello,
As I see it, how you do the route reflection process is more your own business than the customers'. How well you are doing it will of course affect the customers, but this is more an internal issue of the core, rather than something to discuss with the customer. Anyway, in this case the customers might have a point.
The problem when you have 2 PE's as your RR's is that if you want to perform a maintenance procedure on those PE's, it might also affect customers not even connected to the particular PE's. If on the other hand the core routers are the RR's, if you perform maintenance on them, few things in the network will be operational anyway since they stand in the middle, so no more harm done than expected. One could argue that in both cases there are 2 RR's, so things cannot be that bad. If one goes down we do have the other. (In the case of the P's however, if one goes down you might have a split network, so route reflection is the last thing that would concern you.)
You have 122 PE's and expect more. My guess is that your routers can handle the process if in most cases only a couple of routes are exchanged between VPN sites. Whether you choose to make RR's the P's or the PE's is more of a matter of style. I would prefer the PE's, because I would rather keep the P's "clean", doing what they are supposed to do, that is label switching traffic. MPLS is supposed to relief the core from running BGP, and we do not want to take risks in the P's by running something not absolutely necessary for them. In addition, route reflection is supposed to relief the PE's from having to peer with each other directly, so it looks more their own business to handle the route reflection process, which is coming to remedy the necessity for them (that is the PE's) to peer with every other PE in the network.
The bottom line is: Your P's are more important to you than any other router. This is for the customers' best interest as well. Keep functions where they belong more naturally.
Kind Regards,
M. -
Megacom Route Group Redundancy
I have a customer asking an interesting question about how to set up backup PRI's for a new AT&T megacom Long Distance PRI that was recently installed.
Currently, the PRI is configured as an MGCP gateway. In order for the gateway to support megacom, the customer is required to set the Route Pattern to use a "Network Service Protocol" of "PRI4ESS" and "Network Service" of "Long Distance".
The problem is that the customer would like to make this line the primary for LD calls with overflow going to their existing local PRIs. The local PRI's are MGCP 5ESS gateways and do not require the additional settings of the MEGACOM LD circuits. Since the LD route pattern is inserting information that the local gateways can't interpret, the calls are failing when routed to the local PRI's.
I've considered recommending the MEGACOM circuit be configured as H323 so we can configure MEGACOM settings in the router rather than the route pattern, but I am not sure that the calls will overflow from the h3232 gateway back to the CallManager as MGCP gateways do.
Any suggestions or ideas appreciated!Create two dialer interfaces, one for each isdn-backup-destination. Assign these interfaces to the dialer-pool used by the pri-serial. Have dialer 1track status of leased-line1-serial and have dialer 2 track status of leased-line2-serial.
-
MPLS issues with redundant PE routers
Hello,
i'd like to set up an mpls lab. the layout of the gear is attached (mpls.jpg) At site A i have to PE router R4 and R6 which should have knowledge of the network 10.0.129.0/24 from site B. Router R1 is configured as a route reflector. the configuration of R1, R4, R5 and R6 are attached as well.
with the configuration
Routing Table R6
O E2 10.0.129.0 [110/1] via 172.16.128.9, 00:04:37, FastEthernet0/1.200
Routing table R4
B 10.0.129.0 [200/11] via 150.1.5.5, 00:05:00
a traceroute shows the path goes through R4 instead direkt through R1
Tracing the route to 10.0.129.1
VRF info: (vrf in name/id, vrf out name/id)
1 172.16.128.9 4 msec 0 msec 4 msec
2 172.16.128.1 [MPLS: Labels 19/29 Exp 0] 96 msec 100 msec 96 msec
3 150.1.0.2 [MPLS: Labels 19/29 Exp 0] 68 msec 64 msec 68 msec
4 172.16.129.9 [MPLS: Label 29 Exp 0] 64 msec 64 msec 64 msec
5 172.16.129.10 40 msec * 36 msec
show bgp vpnv4 unicast all 10.0.129.0 indicates an error
Rack1R6# show bgp vpnv4 unicast all 10.0.129.0
BGP routing table entry for 200:1:10.0.129.0/24, version 63
Paths: (1 available, best #1, table CENTRAL, RIB-failure(17) - next-hop mismatch)
Not advertised to any peer
Local
150.1.5.5 (metric 67) from 150.1.1.1 (150.1.1.1)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:200:1 OSPF DOMAIN ID:0x0005:0x000000C80200
OSPF RT:0.0.0.0:3:0 OSPF ROUTER ID:172.16.129.242:0
Originator: 150.1.5.5, Cluster list: 150.1.1.1
mpls labels in/out nolabel/29
Rack1R4#show bgp vpnv4 unicast all 10.0.129.0
BGP routing table entry for 200:1:10.0.129.0/24, version 146
Paths: (1 available, best #1, table CENTRAL)
Not advertised to any peer
Local
150.1.5.5 (metric 67) from 150.1.1.1 (150.1.1.1)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:200:1 OSPF DOMAIN ID:0x0005:0x000000C80200
OSPF RT:0.0.0.0:3:0 OSPF ROUTER ID:172.16.129.242:0
Originator: 150.1.5.5, Cluster list: 150.1.1.1
mpls labels in/out nolabel/29
any ideas what i have to do in order to have a redundant path towards site B?
thanks in advanced
AlexHi Alex,
I think you still have redundancy via R6, but BGP route on R6 is not getting installed in routing table because it is having OSPF route with lesser AD value. If R4 goes down, R6 will loose OSPF route for 10.0.129.0/24 coming from R4, install BGP route ,redistribute this to OSPF and will advertise it to SW4.
Routing Table R6
O E2 10.0.129.0 [110/1] via 172.16.128.9, 00:04:37, FastEthernet0/1.200
Rack1R6# show bgp vpnv4 unicast all 10.0.129.0
BGP routing table entry for 200:1:10.0.129.0/24, version 63
Paths: (1 available, best #1, table CENTRAL, RIB-failure(17) - next-hop mismatch)
Not advertised to any peer
Local
150.1.5.5 (metric 67) from 150.1.1.1 (150.1.1.1)
Origin incomplete, metric 11, localpref 100, valid, internal, best
Extended Community: RT:200:1 OSPF DOMAIN ID:0x0005:0x000000C80200
OSPF RT:0.0.0.0:3:0 OSPF ROUTER ID:172.16.129.242:0
Originator: 150.1.5.5, Cluster list: 150.1.1.1
mpls labels in/out nolabel/29 -
Multiple vlans configuration issue with RV016 router and SG 300-10MP witch
Hi,
I have to configure multiple vlans served with a unique DCHP server . As first step, I just will The DHCP server to serve 2 vlans. The following is the hardware and configuration that I implemented :
Router (RV016 10/100 16-Port VPN Router) as gateway mode:
IP : 172.16.0.1/24
DHCP Server :
IP : 172.16.0.2/24 GW: 172.16.0.1
2 subnets :
172.16.1.0/24 GW: 172.16.1.1 to serve vlan 1
172.16.2.0/24 GW:172.16.2.1 to serve vlan 2
Switch (SG 300-10MP 10-Port Gigabit PoE Managed Switch) as layer 3 mode:
IP 172.16.0.254 (vlan 8 default)
Vlan 1 : 172.16.1.1
Vlan 2 : 172.16.2.1
1 device connected on each vlan
a workstation on the vlan 1
a laptop on the vlan 2
In this scenario (see the attached pdf file) the DHCP server is connected on a router, hosts on vlans dont receive any IP address.
But If I connect the DHCP server on a trunked switch port and adapt the DHCP server gateway 172.16.0.1 to 172.16.0.254, hosts receive ip address properly.
I have to connect the DHCP server directly to the router. How can I do that, what is wrong in the configuration ?
I hope the explanations are clear enough and my English too
Any help will be highly appreciated,
ZoubeirHi Eric, the small business group doesn't support the ASA config, but I can help with the switch.
A couple things I notice in your description-
48 port (192.168.1.254) and the other 24P (192.168.1.253) we have a second vlan 20 set up on the 24P switch (192.168.2.253) we have ports 1-12 set for vlan20 (untagged and trunk), the remaining ports on on the default vlan 1.
The connection between the switches, is it 1u, 2t?
The link between the switches should be 1u, 2t, the switches support the trunking and vlan tagging, meaning all communication will work fine.
We have the 24p and 48p switches connect using GE1 and GE1. We are unable to ping a device on vlan 20 ( on the 24p switch
The 24p switch should be in layer 2 mode, if you have the 48 port l3 switch upstream. Additionally, you need to have the default gateway set on the 24p switch.
We have a static route set on the 24p switch (0.0.0.0 192.168.1.0).
Between the switches, it shouldn't require any static routes, assuming you correctly trunk / tag your ge1 ports, with both switches operating in l3, the ip route table dynamically builds the connected routes, therefore a static route is redundant.
-Tom
Please rate helpful posts -
MP-BGP Router Reflectot (RR) Default Behaviour
Hi All,
I have a 7206VXR configured like RR for MPBGP (Afi/safi 1/128 L3VPN rfc 2547Bis).
My RR is configured with different peer-group towards its clients (PE).
I'd like to konw what is the RR's default behaviour when it receives an updata message type 'withdrawal' by its client.
I've observed that:
- When a PE send its update (withdrawal), it receive back by RR all its bgp table...with a lot NLRI that my PE doesn't need..Is it a normal behaviour?
- When a PE send its update (withdrawal), it receives back by RR its own update..I think that this is a normal behaviuor since he is configured within a peer-group on RR. Is it correct?
Many thanks in advance for your support.
GianlucaHello I'm trying to configure a lab with 4 7600-sup32-3b 12.2(2)-33.SRC. 2 of them as P routers and the rest as PE. P's are Route Reflector and PE are route reflector clients. If I create the same VRF in both PE routes are note not advertised between PEs.(show ip route vrf lab). Please could you give me a configuration example or a link where I could take a look.
Thanks in advance. Santiago.
Maybe you are looking for
-
Is there a temporary disconnect option for Prepaid?
We live in the USA half a year and in Canada the other half. In an effort to downsize to two phones, we are planning on cancelling our Canadian plans. We just got my wife a Prepaid and activated it complete with phone number and all. After reading ab
-
I can no longer watch online videos on my Ipod Touch
I used to watch videos online on youTubes and such but no longer it is possible. I get the message " Cannot connect to You Tube"
-
Aperture 3.4.5, OS 10.9. When making a PDF prior to ordering a book, I note that images look fine within Aperture book module, but about 10 out of 100 images look terrible in the PDF. Shall I ignore this and go ahead and order the book?
-
How to Add tokens to an email template?
Good morning Gurus, I am customizing an rfx award email template using tokens but I keep getting an error saying: "The RFX_INTEND_TO_RESPOND_DATE Token is invalid. Code-related." Please see attachment for further clarity. Regards, Sabelo.
-
Restrict the quantities during backflush in REM.
Hi , During MFBF , we can do the GR for a product without entering the planned order,for any quantity. Can we restrict the qty of GR during MFBF, so that any large number is not entered. I tried to control it with Lot size in the production version a