Problem
You want to use BGP to exchange routing information between CE and PE routers.
Solution
Once again, this problem is similar to the RIP, OSPF, and EIGRP examples in Recipes 26.5, 26.6, and 26.7. First we have to enable the routing protocol on the CE routers, which we do by configuring a new AS number on the CE routers. These devices are part of a different AS than the MPLS cloud, so they must have different AS numbers:
Router-CE-A1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router-CE-A1(config)#router bgp 65535 Router-CE-A1(config-router)#neighbor 192.168.1.1 remote-as 100 Router-CE-A1(config-router)#redistribute ospf 155 Router-CE-A1(config-router)#no synchronization Router-CE-A1(config-router)#no auto-summary Router-CE-A1(config-router)#exit Router-CE-A1(config)#router ospf 155 Router-CE-A1(config-router)#redistribute bgp 65535 subnets Router-CE-A1(config-router)#network 192.168.5.0 0.0.0.255 area 0 Router-CE-A1(config-router)#end Router-CE-A1#
At this site, we are using the same OSPF configuration as in Recipe 26.6 to facilitate routing within the site, so we must redistribute the OSPF routes into BGP, and vice versa.
We configure the other CE router similarly, but with a different AS number:
Router-CE-A2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router-CE-A2(config)#router bgp 65534 Router-CE-A2(config-router)#neighbor 192.168.3.1 remote-as 100 Router-CE-A2(config-router)#network 10.8.8.0 mask 255.255.255.0 Router-CE-A2(config-router)#network 192.168.3.0 Router-CE-A2(config-router)#no synchronization Router-CE-A2(config-router)#no auto-summary Router-CE-A2(config-router)#end Router-CE-A2#
Then the PE configurations are simply a matter of adding the appropriate neighbor commands to the BGP configuration:
Router-PE1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router-PE1(config)#router bgp 100 Router-PE1(config-router)#address-family ipv4 vrf NetworkA Router-PE1(config-router-af)#neighbor 192.168.1.5 remote-as 65535 Router-PE1(config-router-af)#neighbor 192.168.1.5 activate Router-PE1(config-router-af)#end Router-PE1#
The other PE router configuration is similar:
Router-PE2#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router-PE2(config)#router bgp 100 Router-PE2(config-router)#address-family ipv4 vrf NetworkA Router-PE2(config-router-af)#neighbor 192.168.3.8 remote-as 65534 Router-PE2(config-router-af)#neighbor 192.168.3.8 activate Router-PE2(config-router-af)#end Router-PE2#
Discussion
We need to stress that the BGP configurations of the PE routers given here are just the additional commands required to add this CE to PE functionality. The full BGP configuration required to share the VRF information throughout the MPLS cloud is considerably more complicated, and is given in Recipe 26.2. The same is true of the OSPF configuration on the CE router at Site 1. The full OSPF configuration is discussed in Recipe 26.6.
The important new commands here are the ones required for eBGP between the CE and PE routers. On the CE router, we just define a BGP process and include a neighbor command pointing to the PE router for this site:
Router-CE-A1(config)#router bgp 65535 Router-CE-A1(config-router)#neighbor 192.168.1.1 remote-as 100 Router-CE-A1(config-router)#redistribute ospf 155
On the PE router the BGP process is already defined, so we just need to add a neighbor command to the address-family configuration for this customer's VRF:
Router-PE1(config)#router bgp 100 Router-PE1(config-router)#address-family ipv4 vrf NetworkA Router-PE1(config-router-af)#neighbor 192.168.1.5 remote-as 65535 Router-PE1(config-router-af)#neighbor 192.168.1.5 activate
The neighbor activate command actually appears automatically by default. You can remove this command to temporarily deactivate this neighbor.
You use the usual show ip bgp summary command to view the BGP neighbors on the CE routers:
Router-CE-A1#show ip bgp summary BGP router identifier 192.168.5.1, local AS number 65535 BGP table version is 14, main routing table version 14 5 network entries using 485 bytes of memory 5 path entries using 180 bytes of memory 4 BGP path attribute entries using 240 bytes of memory 1 BGP AS-PATH entries using 24 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP using 929 total bytes of memory BGP activity 9/4 prefixes, 9/4 paths, scan interval 60 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.1.1 4 100 76 73 14 0 0 01:05:51 3 Router-CE-A1#
The corresponding command on the PE router must specify the VRF name associated with this customer network:
Router-PE1#show ip bgp vpnv4 vrf NetworkA summary BGP router identifier 10.0.0.2, local AS number 100 BGP table version is 32, main routing table version 32 5 network entries and 5 paths using 925 bytes of memory 8 BGP path attribute entries using 480 bytes of memory 1 BGP AS-PATH entries using 24 bytes of memory 2 BGP extended community entries using 48 bytes of memory 0 BGP route-map cache entries using 0 bytes of memory 0 BGP filter-list cache entries using 0 bytes of memory BGP activity 12/21 prefixes, 12/5 paths, scan interval 15 secs Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd 192.168.1.5 4 65535 73 76 32 0 0 01:05:02 2 Router-PE1#
The principle advantage to using BGP like this is that unlike the previous IGP examples, it provides some end-to-end information:
Router-CE-A1#show ip bgp BGP table version is 15, local router ID is 192.168.5.1 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.8.8.8/32 192.168.1.1 0 100 65534 i *> 192.168.1.0 192.168.1.1 0 0 100 ? *> 192.168.2.0 192.168.1.1 0 100 ? *> 192.168.3.0 192.168.1.1 0 100 ? *> 192.168.5.0 0.0.0.0 0 32768 ? *> 192.168.57.12/32 192.168.5.12 2 32768 ? Router-CE-A1#
In this case, you can see that the prefix 10.8.8.8/32 originates at the site with AS number 65534 before passing through the MPLS cloud, which has AS number 100. This prefix originates internally to BGP because it happens to be a loopback interface on the other CE router. The view from the other CE router is also instructive:
Router-CE-A2#show ip bgp BGP table version is 19, local router ID is 10.8.8.8 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path *> 10.8.8.8/32 0.0.0.0 0 32768 i *> 192.168.1.0 192.168.3.1 0 100 ? *> 192.168.2.0 192.168.3.1 0 100 ? * 192.168.3.0 192.168.3.1 0 0 100 ? *> 0.0.0.0 0 32768 i *> 192.168.5.0 192.168.3.1 0 100 65535 ? *> 192.168.57.12/32 192.168.3.1 0 100 65535 ? Router-CE-A2#
Here you can see that the prefix 192.168.57.12/32 originates from the site with AS number 65535 and is received via the MPLS cloud's AS number 100. However, this prefix has an origin code of incomplete because it was redistributed into BGP from OSPF at the other site.
This level of information can be useful in some networks. However, because most organizations don't run BGP for their internal routing protocol, you always need to do some route redistribution with this method. Consequently, the MPLS routers will always be Autonomous System Boundary Routers (ASBR), and you will always have to contend with awkward routing over your backup links between sites. For this reason, we generally favor using an IGP such as RIP, OSPF, or EIGRP, as discussed in Recipes 26.5, 26.6, and 26.7. Of these IGPs, OSPF tends to be the most useful because the combination of EIGRP and MPLS is only available in more recent IOS versions, and not on all hardware platforms.
However, some providers only offer a limited range of options for PE-CE routing protocols. And, because the provider has to run BGP inside the MPLS core anyway, it is not uncommon for them to offer BGP as the only PE-CE routing option. If this is the case, and if it presents problems for your IGP design, the only real option is to configure GRE tunnels between your CE routers, as shown in Recipe 26.12. As we note in that recipe, this solution doesn't scale well, but at least it allows you to keep your IGP intact.
See Also
Chapter 9; Recipe 26.2; Recipe 26.5; Recipe 26.6; Recipe 26.7
Router Configuration and File Management
Router Management
User Access and Privilege Levels
TACACS+
IP Routing
RIP
EIGRP
OSPF
BGP
Frame Relay
Handling Queuing and Congestion
Tunnels and VPNs
Dial Backup
NTP and Time
DLSw
Router Interfaces and Media
Simple Network Management Protocol
Logging
Access-Lists
DHCP
NAT
First Hop Redundancy Protocols
IP Multicast
IP Mobility
IPv6
MPLS
Security
Appendix 1. External Software Packages
Appendix 2. IP Precedence, TOS, and DSCP Classifications
Index