[GTER] RES: RES: RES: RES: RES: Res: Re: Res: RES: Duvida VRF + BGP
Luis Fernando Goncalves
lgoncalves at marcopolonetwork.com
Mon Dec 7 11:14:17 -02 2009
Então, do cliente ele consegue chegar até o meu router... mas no meu router ele morre... o que parece estar acontecendo é que da VRF-CLIENTE o pacote não consegue chegar na VRF-INTERNA...
Olha o show ip...
#sh ip route vrf 30_CLIENTE
192.168.104.0/30 is subnetted, 1 subnets
C 192.168.104.4 is directly connected, Vlan30
89.9.0.0/26 is subnetted, 1 subnets
B 89.9.6.92 [20/0] via 10.40.1.68 (10_UNTRD), 4d18h
95.10.49.0/27 is subnetted, 1 subnets
S 95.10.49.32 [1/0] via 192.168.104.5
# sh ip route vrf 10_UNTRD
192.168.104.0/30 is subnetted, 2 subnets
B 192.168.104.4 is directly connected, 4d18h, Vlan30
B 192.168.104.12 [200/0] via 10.40.1.98, 2d18h
89.9.0.0/26 is subnetted, 1 subnets
S 89.9.6.92 [1/0] via 10.40.1.68
95.10.49.0/27 is subnetted, 1 subnets
B 95.10.49.32 [20/10] via 192.168.104.5 (30_CLIENTE), 00:15:05
-----Mensagem original-----
De: gter-bounces at eng.registro.br [mailto:gter-bounces at eng.registro.br] Em nome de Alexandre Castro
Enviada em: segunda-feira, 7 de dezembro de 2009 11:03
Para: 'Grupo de Trabalho de Engenharia e Operacao de Redes'
Assunto: [GTER] RES: RES: RES: RES: Res: Re: Res: RES: Duvida VRF + BGP
Ok, vc vê suas rotas no seu backbone dos 2 lados correto?
Do PE <> Cliente é via BGP ou rota estática?
Pode ser que o pacote consiga ir mas não sabe retornar , para isso precisaria ver como está os roteadores clientes!
[]'s
Alexandre
-----Mensagem original-----
De: gter-bounces at eng.registro.br [mailto:gter-bounces at eng.registro.br] Em nome de Luis Fernando Goncalves
Enviada em: segunda-feira, 7 de dezembro de 2009 10:54
Para: Grupo de Trabalho de Engenharia e Operacao de Redes
Assunto: [GTER] RES: RES: RES: Res: Re: Res: RES: Duvida VRF + BGP
Sim, os labels estão ok.
Temos caminhos redundantes sim... tenho dois switches que se falam via iBGP porém os depois estão configurados "corretamente";
Tenho algumas rotas estáticas mas que servem para outras VRFs...
-----Mensagem original-----
De: gter-bounces at eng.registro.br [mailto:gter-bounces at eng.registro.br] Em nome de Alexandre Castro
Enviada em: segunda-feira, 7 de dezembro de 2009 10:23
Para: 'Grupo de Trabalho de Engenharia e Operacao de Redes'
Assunto: [GTER] RES: RES: Res: Re: Res: RES: Duvida VRF + BGP
Os labels que a origem e destino envia (PE's), estão corretos?
Existem caminhos redundantes no seu backbone, as vezes em algum link falta o MPLS , ai quebra o label e vc não consegue fazer nada!
É tudo BGP ou tem rotas estáticas nos PE's e depois isso é redistribuído?
[]'s
Alexandre
-----Mensagem original-----
De: gter-bounces at eng.registro.br [mailto:gter-bounces at eng.registro.br] Em nome de Luis Fernando Goncalves
Enviada em: segunda-feira, 7 de dezembro de 2009 10:09
Para: Grupo de Trabalho de Engenharia e Operacao de Redes
Assunto: [GTER] RES: Res: Re: Res: RES: Duvida VRF + BGP
Pessoal,
Adicionei na configuração do neighbor do cliente a opção de send-community both... todos os comandos passados pelo documento estão ok, ou seja, eu consigo visualizar para onde eu tenho que mandar o pacote em cada VRF, mas mesmo assim não está rolando...
Eu tinha uma access-list 80 com deny any... e adicionei uma outra com 79 permit any.... e nada...
Alguma outra idéia???
-----Mensagem original-----
De: gter-bounces at eng.registro.br [mailto:gter-bounces at eng.registro.br] Em nome de Luis Fernando Goncalves
Enviada em: domingo, 6 de dezembro de 2009 12:53
Para: gter at eng.registro.br
Assunto: [GTER] Res: Re: Res: RES: Duvida VRF + BGP
Gustavo,
Na VRF do cliente eu exporto a configurcao dessa VRF e importo a configuracao da VRF intera e vice-versa não uso essa opcao... Será q eh por isso? Vou fazer o teste hj a noite...
Obrigado,
Luis
----- Mensagem original -----
De: gter-bounces at eng.registro.br <gter-bounces at eng.registro.br>
Para: Grupo de Trabalho de Engenharia e Operacao de Redes <gter at eng.registro.br>
Enviada em: Sun Dec 06 09:32:10 2009
Assunto: Re: [GTER] Res: RES: Duvida VRF + BGP
Como está a configuração da AF vpnv4 unicast no bgp?
Incluiu send-community both na declaração do neighbor?
Tente seguir as orientações deste documento para detectar aonde está o
problema:
http://www.cisco.com/en/US/tech/tk436/tk428/technologies_tech_note09186a0080093fcd.shtml
Abs, Gustavo Albuquerque
2009/12/6 Luis Fernando Goncalves <lgoncalves at marcopolonetwork.com>
> Pessoal,
>
> A saga continua... Agora o cliente esta recebendo o anuncio de minhas rotas
> normalente, ou seja, atraves do comandos sh ip bgp e sh ip route dentro das
> VRF eu consigo visualizar corretamente tanto origem qto destino porem quando
> o cliente tenta acessar meu servidor ele chega ate eu router e para...
>
> Pelo eu pude entender meu router não esta conseguindo roter de uma VRF
> (cliente - interna) para outra (mesmo abas conhecendo as devidas rotas).
> Alguma ideia do que possa estar acontecendo?
>
> Obrigado,
> Luis Fernando
>
--
gter list https://eng.registro.br/mailman/listinfo/gter
This email message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and/ or privileged information. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. All market prices, data and other information are not warranted as to completeness or accuracy and are subject to change without notice. Any comments or statements made herein do not necessarily reflect the views of Marco Polo Network Inc., its affiliates, subsidiaries or agents (collectively Marco Polo). Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Marco Polo reserves the right to monitor and retain all incoming and outgoing communications as permitted by applicable law.
Email communications may contain viruses or other defects. Marco Polo does not accept liability nor does it warrant that email communications are virus or defect free.
--
gter list https://eng.registro.br/mailman/listinfo/gter
This email message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and/ or privileged information. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. All market prices, data and other information are not warranted as to completeness or accuracy and are subject to change without notice. Any comments or statements made herein do not necessarily reflect the views of Marco Polo Network Inc., its affiliates, subsidiaries or agents (collectively Marco Polo). Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Marco Polo reserves the right to monitor and retain all incoming and outgoing communications as permitted by applicable law.
Email communications may contain viruses or other defects. Marco Polo does not accept liability nor does it warrant that email communications are virus or defect free.
--
gter list https://eng.registro.br/mailman/listinfo/gter
--
gter list https://eng.registro.br/mailman/listinfo/gter
This email message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and/ or privileged information. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. All market prices, data and other information are not warranted as to completeness or accuracy and are subject to change without notice. Any comments or statements made herein do not necessarily reflect the views of Marco Polo Network Inc., its affiliates, subsidiaries or agents (collectively Marco Polo). Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Marco Polo reserves the right to monitor and retain all incoming and outgoing communications as permitted by applicable law.
Email communications may contain viruses or other defects. Marco Polo does not accept liability nor does it warrant that email communications are virus or defect free.
--
gter list https://eng.registro.br/mailman/listinfo/gter
--
gter list https://eng.registro.br/mailman/listinfo/gter
This email message including any attachments is for the sole use of the intended recipient(s) and may contain confidential and/ or privileged information. It is not intended as an offer or solicitation for the purchase or sale of any financial instrument or as an official confirmation of any transaction. All market prices, data and other information are not warranted as to completeness or accuracy and are subject to change without notice. Any comments or statements made herein do not necessarily reflect the views of Marco Polo Network Inc., its affiliates, subsidiaries or agents (collectively Marco Polo). Any unauthorized review, use, disclosure or distribution is prohibited. If you are not the intended recipient, please contact the sender by reply email and destroy all copies of the original message. Marco Polo reserves the right to monitor and retain all incoming and outgoing communications as permitted by applicable law.
Email communications may contain viruses or other defects. Marco Polo does not accept liability nor does it warrant that email communications are virus or defect free.
More information about the gter
mailing list