Tag Archives: 3.7f

3.7.f Implement and troubleshoot multiproctocol BGP

3.7.f [i] IPv4, IPv6, VPN address-family

more on address families in bgp…

as explained before to upgrade your bgp sessions so that they include the pretty address-family structure for you, do this:

R1(config)#router bgp 100
R1(config-router)#bgp upgrade-cli
You are about to upgrade to the AFI syntax of bgp commands

Are you sure ? [yes]: y
R1(config-router)#neigh 192.168.24.2 remote-as 200
R1(config-router)#do sh run | sec bgp
router bgp 100
bgp log-neighbor-changes
neighbor 192.168.24.2 remote-as 200
!
address-family ipv4
neighbor 192.168.24.2 activate
no auto-summary
no synchronization
exit-address-family

however if you’ve forgotten to do that (and it’s only good for that session) you can do this:

bad bgp config session:

R1(config)#router bgp 100
R1(config-router)#neigh 192.168.24.2 remote-as 200
R1(config-router)#do sh run | sec bgp
router bgp 100
 no synchronization
 bgp log-neighbor-changes
 neighbor 192.168.24.2 remote-as 200
 no auto-summary

no address-family goodness…

good bgp config session:

R1(config)#router bgp 100
R1(config-router)#address-family ipv4
R1(config-router-af)#neigh 2.2.2.2 remote-as 200
R1(config-router-af)#neigh 2.2.2.2 up lo0
R1(config-router-af)#do sh run | sec bgp
router bgp 100
bgp log-neighbor-changes
 neighbor 2.2.2.2 remote-as 200
neighbor 2.2.2.2 update-source Loopback0
!
address-family ipv4
 neighbor 2.2.2.2 activate
no auto-summary
no synchronization
exit-address-family

that’s very pretty…

 

 

3.7.f Implement and troubleshoot multiproctocol BGP

3.7.f [i] IPv4, IPv6, VPN address-family

Border Gateway Protocol ( BGP) is one of the key protocols to use to achieve Internet connection redundancy. When you connect your network to two different Internet service providers (ISPs), it is called multi-homing. Multi-homing provides redundancy and network optimization. It selects the ISP which offers the best path to a resource. When you run BGP with more than one service provider, you run the risk that your autonomous system (AS) will become a transit AS. This causes Internet traffic to pass through your AS and potentially consume all of the bandwidth and resources on the CPU of your router.

The router using Multiprotocol BGP (MP-BGP) distributes the VPN routing information using the MP-BGP extended communities.

When BGP tries to install the best path prefix into Routing Information Base (RIB) (for example, the IP Routing table), RIB might reject the BGP route due to any of these reasons:

● Route with better administrative distance already present in IGP. For example, if a static route already exists in IP Routing table.

● Memory failure.

● The number of routes in VPN routing/ forwarding (VRF) exceeds the route-limit configured under the VRF instance.

In such cases, the prefixes that are rejected for these reasons are identified by “r RIB-failure” in the show ip bgp command output and are not advertised to the peers.

With Route Target Constraint (RTC), the RR sends only wanted VPN4/ 6 prefixes to the PE . The support is through a new address family rtfilter for both VPNv4 and VPNv6.

The Route Target (RT) filtering information is obtained from the VPN RT import list from all the VRFs on the PE router. The PE router sends this filtering information as a BGP update in the address family rtfilter to the RR. This filtering information or RT membership is encoded in the Network Layer Reachability Information (NLRI) of the MP_REACH_NLRI and MP_UNREACH_NLRI attributes. The receiving BGP peer translates this NLRI into a filter and installs this filter outbound to the sending peer. The receiving BGP peer uses this filter to decide which VPNv4/ 6 prefixes to send or not send, dependent upon the presence of attached RTs.

Adam, Paul (2014-07-12). All-in-One CCIE V5 Written Exam Guide (Kindle Locations 4072-4079).  . Kindle Edition.

http://ccie4all.wordpress.com/2012/10/25/when-to-use-bgp-address-family/

3.7.f Implement and troubleshoot multiproctocol BGP

3.7.f [i] IPv4, IPv6, VPN address-family

when you know you’re going to use multiprotocol bgp, as in mpls vpn, it is perhaps a good practice to define and place the specific address family commands in their proper cubicles as you configure…

for instance, note below the ipv4 config is not delimited, while the vpnv4 config necessarily is:

router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 7.7.7.7 remote-as 1
neighbor 7.7.7.7 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 send-community extended
exit-address-family

ivan has an instructive article about this here… http://blog.ioshints.info/2008/06/use-explicit-address-family-ipv4-in-bgp.html

further, it might prove useful when simply using plain bgp to get in the habit of using the address family configuration…

there is also a way to automatically convert this after the fact:

PE1(config-router)#bgp upgrade-cli
You are about to upgrade to the AFI syntax of bgp commands

Are you sure ? [yes]: y
PE1(config-router)#do sh run | b bgp
router bgp 1
bgp log-neighbor-changes
neighbor 7.7.7.7 remote-as 1
neighbor 7.7.7.7 update-source Loopback0
!
address-family ipv4
neighbor 7.7.7.7 activate
no auto-summary
no synchronization
exit-address-family
!
address-family vpnv4
neighbor 7.7.7.7 activate
neighbor 7.7.7.7 send-community extended
exit-address-family

how about that?