Routing

Dear Experts,

Recently I met an issue about BGP.

My topology list below, BGP-Labeled Unicast is enabled on all ASBR and PE since I want to use it to stitch the two LDP based LSP together. All the node is based on MX series. Junos 13.2 .

What I want to achieved is PE1 will receive the loopback of ASBR2,

And then I want to create eBGP peer between PE1 and ASBR2,  then PE3 and PE1 act as RR client of ASBR2, finally ASBR1 and ASBR 2 can refelect the vpn route from it's RR client (PE1 and PE3), then the vpn route from PE3 will present in the vpn routing table of PE1, and vice versa.

Am I right ?  is that possible ?

Now  PE1 can't learn the loopback of ASBR2, this trouble me a lot , since the ASBR6 will advertice the route learned from eBGP peer to it's iBGP peer, I think it's the default behavior. 

Thanks very much ! 

BR//Jeff

Hello,

If You are practicing InterAS VPN Option C then there is a handy guide available

http://www.juniper.net/techpubs/en_US/junos13.1/information-products/pathway-pages/nce/nce-mpls-vpn-opt3.html

and even config example

http://www.juniper.net/techpubs/en_US/junos14.1/topics/example/mpls-vpn-option3-configuration.html

As for Your specific problem, if You want to ASBR1 and ASBR2 to serve as VPN route reflectors, please make sure

1/ they use interface peering for BGP-LU and advertise all loopbacks from its AS including own lo0.0

2/ they use "mpls traffic engineering bgp-igp-both-ribs" configured so that /32 loopbacks received over BGP-LU go into both inet.3 and inet.0  

3/ they use loopbacks for family inet-vpn peering and

4/ they don't change NH to self for VPN routes

protocols {
    bgp {
        group RR-AS65394 {
            multihop {
                ttl 100;
                no-nexthop-change;
            }
            family inet-vpn {
                unicast;
            }
            peer-as 65394;
            neighbor 198.18.1.2 {
                local-address 198.18.0.1;
            }
        }

HTH

Thanks
Alex

Hi Alex, 

First, the link you posted is not valid anymore.  Could you please update it ?

Thank you for so detailed answer. But I still have question. 

1. Regarding item 2 """2/ they use "mpls traffic engineering bgp-igp-both-ribs" configured so that /32 loopbacks received over BGP-LU go into both inet.3 and inet.0""",   how to configure this keyword ?  under where ?

2.  Regarding item 3 """3/ they use loopbacks for family inet-vpn peering""",   I'm sorry I don't get it, how to use loopbacks for family int-vpn peering ?   

Looking forward your answer. 

BR//Jeff

Hello,

Links updated in my original post - there was an extra space added to the end of URL string, I removed it.

---

@euxyabe wrote:

Hi Alex, 

 

 

 

1. Regarding item 2 """2/ they use "mpls traffic engineering bgp-igp-both-ribs" configured so that /32 loopbacks received over BGP-LU go into both inet.3 and inet.0""",   how to configure this keyword ?  under where ?

 

 

---

Please see http://www.juniper.net/techpubs/en_US/junos14.1/topics/reference/configuration-statement/traffic-engineering-edit-protocols-mpls.html

Full CLI procedure (You have to login to the router first):

edit
set protocols mpls traffic-engineering bgp-igp-both-ribs
commit and-quit

---

@euxyabe wrote:

 

 

2.  Regarding item 3 """3/ they use loopbacks for family inet-vpn peering""",   I'm sorry I don't get it, how to use loopbacks for family int-vpn peering ?   

 

 

---

Please see http://www.juniper.net/techpubs/en_US/junos14.1/topics/reference/configuration-statement/local-address-edit-protocols-bgp.html

And also config snippet in my original post where I used "local-address" knob

HTH

Thanks

Alex

Hi Alex, 

Now I got it for my last two questions. But it would be great if you can explain the keyword

"bgp-igp-both-ribs    BGP and IGP destinations with routes in both routing tables" which is explained by Junos.

How to understand it  ? what kind of action will take place ?

All in all, thank you Alex, our distinguished expert, you have my Kudos.

BR//Jeff

Hello,

---

@euxyabe wrote:

 

 

"bgp-igp-both-ribs    BGP and IGP destinations with routes in both routing tables" which is explained by Junos.

 

How to understand it  ? what kind of action will take place ?

 

 

 

---

This option copies all LDP/RSVP routes usually placed only in inet.3 also into inet.0.

End result is You have LDP/RSVP routes also in inet.0 and available for export into BGP-LU.

This is useful if You have >1 hop between ASBR and PE and have to ensure there is a valid labeled path from ASBR to PE.

Otherwise, if Your LDP/RSVP breaks between, say, ASBR1 and PE3, and ASBR1 continues to announce PE3 loopback (seen as OSPF route on ASBR1) to AS65002, then VPN traffic from AS65002 destined to PE3 will exit ASBR1 single-labeled. This is not a problem with direct PE3-ASBR1 connection but if there is a intermediate router between PE3 and ASBR1, then Your VPN traffic will be blackholed on that intermediate router because it has no knowledge of PE3' VPN label.

In case You use "bgp-igp-both-ribs" knob AND have an intermediate router AND export LDP loopbacks from ASBR1 to AS65002, then if labeled path between PE3 and ASBR1 breaks, then VPN traffic from AS65002 destined to PE3 will fail over to ASBR2. 

Hope this makes sense,

Thanks

Alex

Hi Alex, 

Perfect answer, pretty clear now. I should put "bgp-igp-both-ribs" under protocol mpls traffic engineering on ASBR1 and ASBR2.

You are right, if there is a intermediate router between PE3 and ASBR1, then the VPN traffic will be blackholed on that intermediate router because it has no knowledge of PE3' VPN label.

I just login my lab, I add below command on PE1, and now all the routing information looks ok now. 

set protocols bgp group XXXiBGPpeerXXX family inet labeled-unicast resolve-vpn

Thanks again!

BR//Jeff