[GTER] VRF CISCO+Juniper
Bernardo Soares
bsoares.it at gmail.com
Wed Mar 18 06:28:41 -03 2020
A config tá certa. única coisa que pode tirar é esse neighbor dentro da vrf
no bgp - ali só vai neighbor do cliente que está nessa vrf (CE).
O redistribute que você adicionou antes fez com que o prefixo fosse
anunciado, e resolveu.
*Bernardo de Moraes Soares*
On Wed, Mar 18, 2020 at 2:35 AM Délsio Cabá <delsio at gmail.com> wrote:
> Alo
> Sim, ambos sao PE
> Abaixo ao config do CISCO:
>
>
> router bgp xxxx
> bgp router-id 10.200.0.253
> no bgp fast-external-fallover
> bgp always-compare-med
> no bgp enforce-first-as
> no bgp log-neighbor-changes
> bgp deterministic-med
> bgp bestpath as-path multipath-relax
> bgp maxas-limit 10
> neighbor 10.200.0.40 remote-as xxxx
> neighbor 10.200.0.40 update-source Loopback1
> !
> address-family ipv4
> bgp dampening
> no bgp nexthop trigger enable
> neighbor 10.200.0.40 activate
> exit-address-family
> !
> address-family vpnv4
> neighbor 10.200.0.40 activate
> neighbor 10.200.0.40 send-community both
> neighbor 10.200.0.40 next-hop-self
>
> exit-address-family
> !
> address-family vpnv6
> exit-address-family
> !
> address-family ipv4 vrf S1-EPC
> redistribute connected
> neighbor 10.200.0.40 remote-as xxx
> neighbor 10.200.0.40 activate
> exit-address-family
>
> On Wed, Mar 18, 2020 at 1:42 AM Bernardo Soares <bsoares.it at gmail.com>
> wrote:
> >
> > Delcio, boa noite.
> >
> > O Cisco é um PE também? Manda a config do bgp nele.
> >
> > um PE geralmente é assim:
> >
> > router bgp XXX
> > neighbor 1.2.3.4 remote-as xxx
> > address-family vpnv4 unicast
> > neighbor 1.2.3.4 activate
> > neighbor 1.2.3.4 send-community extended
> > address-family ipv4 unicast vrf VRF
> > redistribute connected
> >
> > *Bernardo de Moraes Soares*
> >
> >
> >
> >
> > On Tue, Mar 17, 2020 at 11:43 AM Délsio Cabá <delsio at gmail.com> wrote:
> >
> > > Caro,
> > >
> > > Unico jeito foi acrescentar no cisco isto:
> > > address-family ipv4 vrf S1-EPC
> > > redistribute connected
> > > neighbor 10.200.0.40 remote-as 37697
> > > neighbor 10.200.0.40 activate
> > >
> > > Mas a ideia nao me agrada muito
> > > Tem outra solucao mais elegante?
> > >
> > > On Tue, Mar 17, 2020 at 2:12 PM Diogo Montagner
> > > <diogo.montagner at gmail.com> wrote:
> > > >
> > > > As configuracoes das routing instances (VRF) estao ok. Voce deve
> estar
> > > com
> > > > problema no mpls e/ou mp-ibgp. Soh com os pedaços das configuracoes
> tu tu
> > > > enviou nao dah pra concluir muita coisa.
> > > >
> > > > Mas o show route table no JUNOS indica que tu nao estah recebendo as
> > > rotas
> > > > da VPN pelo mp-ibgp. Comece o troubleshooting por ai.
> > > >
> > > > On Tue, 17 Mar 2020 at 17:36, Délsio Cabá <delsio at gmail.com> wrote:
> > > >
> > > > > Caros,
> > > > >
> > > > > Estou enfrentando alguma dificuldade em ter uma vrf entre cisco e
> > > juniper
> > > > > abaixo partilho a configuracao efectuada
> > > > >
> > > > > CISCO:
> > > > > vrf definition S1-EPC
> > > > > rd 1.1.1.1:1
> > > > > route-target export 1.1.1.1:1
> > > > > route-target import 1.1.1.1:1
> > > > > !
> > > > > address-family ipv4
> > > > > route-target export 1.1.1.1:1
> > > > > route-target import 1.1.1.1:1
> > > > > exit-address-family
> > > > >
> > > > > interface GigabitEthernet0/0/0.101
> > > > > description S1
> > > > > encapsulation dot1Q 101
> > > > > vrf forwarding S1-EPC
> > > > > ip address 10.10.5.9 255.255.255.248
> > > > >
> > > > >
> > > > >
> > > > > JUNIPER:
> > > > > routing-instances {
> > > > > S1-EPC {
> > > > > instance-type vrf;
> > > > > interface lo0.2;
> > > > > route-distinguisher 1.1.1.1:1;
> > > > > vrf-target target:1.1.1.1:1;
> > > > > vrf-table-label;
> > > > > routing-options {
> > > > > auto-export;
> > > > > }
> > > > > }
> > > > > }
> > > > > routing-options {
> > > > > graceful-restart;
> > > > > router-id 10.200.0.40;
> > > > > route-distinguisher-id 10.200.0.40;
> > > > > autonomous-system xxxx
> > > > > }
> > > > > protocols {
> > > > > mpls {
> > > > > traffic-engineering {
> > > > > mpls-forwarding;
> > > > > }
> > > > > interface ge-1/0/2.0;
> > > > > interface lo0.0;
> > > > > interface xe-1/3/1.0;
> > > > > interface ge-1/0/0.0;
> > > > > interface ge-1/0/1.0;
> > > > > }
> > > > > bgp {
> > > > > local-address 10.200.0.40;
> > > > > no-advertise-peer-as;
> > > > > mtu-discovery;
> > > > > log-updown;
> > > > > export ibgp-export;
> > > > > peer-as xxxx
> > > > > local-as xxxx
> > > > > graceful-restart {
> > > > > restart-time 180;
> > > > > stale-routes-time 500;
> > > > > }
> > > > > group ibgp {
> > > > > type internal;
> > > > > export [ next-hop-self ibgp-export ];
> > > > > neighbor 10.200.0.253 {
> > > > > family inet-vpn {
> > > > > unicast;
> > > > > any;
> > > > > }
> > > > > }
> > > > >
> > > > >
> > > > >
> > > > >
> > > > > BGP table version is 70, local router ID is 10.200.0.253
> > > > > Status codes: s suppressed, d damped, h history, * valid, > best,
> i -
> > > > > internal,
> > > > > r RIB-failure, S Stale, m multipath, b backup-path, f
> > > > > RT-Filter,
> > > > > x best-external, a additional-path, c RIB-compressed,
> > > > > Origin codes: i - IGP, e - EGP, ? - incomplete
> > > > > RPKI validation codes: V valid, I invalid, N Not found
> > > > >
> > > > > Network Next Hop Metric LocPrf Weight Path
> > > > > Route Distinguisher: 1.1.1.1:1 (default for vrf S1-EPC)
> > > > > *>i 203.0.113.0 10.200.0.40 100 0 i
> > > > > *>i 203.0.113.2/32 10.200.0.40 100 0 i
> > > > >
> > > > >
> > > > > CORE-RTR#show ip route vrf S1-EPC
> > > > >
> > > > > Routing Table: S1-EPC
> > > > > Codes: L - local, C - connected, S - static, R - RIP, M - mobile,
> B -
> > > BGP
> > > > > D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter
> area
> > > > > N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external
> type 2
> > > > > E1 - OSPF external type 1, E2 - OSPF external type 2
> > > > > i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 -
> IS-IS
> > > > > level-2
> > > > > ia - IS-IS inter area, * - candidate default, U - per-user
> > > static
> > > > > route
> > > > > o - ODR, P - periodic downloaded static route, H - NHRP, l -
> > > LISP
> > > > > a - application route
> > > > > + - replicated route, % - next hop override, p - overrides
> from
> > > PfR
> > > > >
> > > > > Gateway of last resort is not set
> > > > >
> > > > > 10.0.0.0/8 is variably subnetted, 3 subnets, 2 masks
> > > > > C 10.10.5.8/29 is directly connected,
> GigabitEthernet0/0/0.101
> > > > > L 10.10.5.9/32 is directly connected,
> GigabitEthernet0/0/0.101
> > > > > C 10.10.100.1/32 is directly connected, Loopback2
> > > > > 203.0.113.0/24 is variably subnetted, 2 subnets, 2 masks
> > > > > B 203.0.113.0/24 [200/0] via 10.200.0.40, 00:00:02
> > > > > B 203.0.113.2/32 [200/0] via 10.200.0.40, 00:00:02
> > > > > CORE-RTR#ping vr
> > > > > CORE-RTR#ping vrf S1-EPC 203.0.113.2 sou
> > > > > CORE-RTR#ping vrf S1-EPC 203.0.113.2 source 10.10.5.9
> > > > > Type escape sequence to abort.
> > > > > Sending 5, 100-byte ICMP Echos to 203.0.113.2, timeout is 2
> seconds:
> > > > > Packet sent with a source address of 10.10.5.9
> > > > > .....
> > > > > Success rate is 0 percent (0/5)
> > > > >
> > > > > delsio at POP-PH1> show route table S1-EPC
> > > > >
> > > > > S1-EPC.inet.0: 2 destinations, 2 routes (2 active, 0 holddown, 0
> > > hidden)
> > > > > + = Active Route, - = Last Active, * = Both
> > > > >
> > > > > 203.0.113.0/24 *[Direct/0] 00:09:44
> > > > > > via lo0.2
> > > > > 203.0.113.2/32 *[Local/0] 00:09:44
> > > > > Local via lo0.2
> > > > >
> > > > > S1-EPC.inet6.0: 1 destinations, 1 routes (1 active, 0 holddown, 0
> > > hidden)
> > > > > + = Active Route, - = Last Active, * = Both
> > > > >
> > > > > ff02::2/128 *[INET6/0] 00:09:45
> > > > > MultiRecv
> > > > > --
> > > > > gter list https://eng.registro.br/mailman/listinfo/gter
> > > > >
> > > > --
> > > > ./diogo -montagner
> > > > JNCIE-SP 0x41A
> > > > --
> > > > gter list https://eng.registro.br/mailman/listinfo/gter
> > > --
> > > gter list https://eng.registro.br/mailman/listinfo/gter
> > >
> > --
> > gter list https://eng.registro.br/mailman/listinfo/gter
> --
> gter list https://eng.registro.br/mailman/listinfo/gter
>
More information about the gter
mailing list