PE-CE Communication via BGP

Problem

You want to use BGP to exchange routing information between CE and PE routers.

Solution

Once again, this problem is similar to the RIP, OSPF, and EIGRP examples in Recipes 26.5, 26.6, and 26.7. First we have to enable the routing protocol on the CE routers, which we do by configuring a new AS number on the CE routers. These devices are part of a different AS than the MPLS cloud, so they must have different AS numbers:

Router-CE-A1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router-CE-A1(config)#router bgp 65535
Router-CE-A1(config-router)#neighbor 192.168.1.1 remote-as 100
Router-CE-A1(config-router)#redistribute ospf 155
Router-CE-A1(config-router)#no synchronization
Router-CE-A1(config-router)#no auto-summary
Router-CE-A1(config-router)#exit
Router-CE-A1(config)#router ospf 155
Router-CE-A1(config-router)#redistribute bgp 65535 subnets
Router-CE-A1(config-router)#network 192.168.5.0 0.0.0.255 area 0
Router-CE-A1(config-router)#end
Router-CE-A1#

At this site, we are using the same OSPF configuration as in Recipe 26.6 to facilitate routing within the site, so we must redistribute the OSPF routes into BGP, and vice versa.

We configure the other CE router similarly, but with a different AS number:

Router-CE-A2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router-CE-A2(config)#router bgp 65534
Router-CE-A2(config-router)#neighbor 192.168.3.1 remote-as 100
Router-CE-A2(config-router)#network 10.8.8.0 mask 255.255.255.0
Router-CE-A2(config-router)#network 192.168.3.0
Router-CE-A2(config-router)#no synchronization
Router-CE-A2(config-router)#no auto-summary
Router-CE-A2(config-router)#end
Router-CE-A2#

Then the PE configurations are simply a matter of adding the appropriate neighbor commands to the BGP configuration:

Router-PE1#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router-PE1(config)#router bgp 100
Router-PE1(config-router)#address-family ipv4 vrf NetworkA
Router-PE1(config-router-af)#neighbor 192.168.1.5 remote-as 65535
Router-PE1(config-router-af)#neighbor 192.168.1.5 activate
Router-PE1(config-router-af)#end
Router-PE1#

The other PE router configuration is similar:

Router-PE2#configure terminal
Enter configuration commands, one per line. End with CNTL/Z.
Router-PE2(config)#router bgp 100
Router-PE2(config-router)#address-family ipv4 vrf NetworkA
Router-PE2(config-router-af)#neighbor 192.168.3.8 remote-as 65534
Router-PE2(config-router-af)#neighbor 192.168.3.8 activate
Router-PE2(config-router-af)#end
Router-PE2#

 

Discussion

We need to stress that the BGP configurations of the PE routers given here are just the additional commands required to add this CE to PE functionality. The full BGP configuration required to share the VRF information throughout the MPLS cloud is considerably more complicated, and is given in Recipe 26.2. The same is true of the OSPF configuration on the CE router at Site 1. The full OSPF configuration is discussed in Recipe 26.6.

The important new commands here are the ones required for eBGP between the CE and PE routers. On the CE router, we just define a BGP process and include a neighbor command pointing to the PE router for this site:

Router-CE-A1(config)#router bgp 65535
Router-CE-A1(config-router)#neighbor 192.168.1.1 remote-as 100
Router-CE-A1(config-router)#redistribute ospf 155

On the PE router the BGP process is already defined, so we just need to add a neighbor command to the address-family configuration for this customer's VRF:

Router-PE1(config)#router bgp 100
Router-PE1(config-router)#address-family ipv4 vrf NetworkA
Router-PE1(config-router-af)#neighbor 192.168.1.5 remote-as 65535
Router-PE1(config-router-af)#neighbor 192.168.1.5 activate

The neighbor activate command actually appears automatically by default. You can remove this command to temporarily deactivate this neighbor.

You use the usual show ip bgp summary command to view the BGP neighbors on the CE routers:

Router-CE-A1#show ip bgp summary
BGP router identifier 192.168.5.1, local AS number 65535
BGP table version is 14, main routing table version 14
5 network entries using 485 bytes of memory
5 path entries using 180 bytes of memory
4 BGP path attribute entries using 240 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP using 929 total bytes of memory
BGP activity 9/4 prefixes, 9/4 paths, scan interval 60 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

192.168.1.1 4 100 76 73 14 0 0 01:05:51 3
Router-CE-A1#

The corresponding command on the PE router must specify the VRF name associated with this customer network:

Router-PE1#show ip bgp vpnv4 vrf NetworkA summary
BGP router identifier 10.0.0.2, local AS number 100
BGP table version is 32, main routing table version 32
5 network entries and 5 paths using 925 bytes of memory
8 BGP path attribute entries using 480 bytes of memory
1 BGP AS-PATH entries using 24 bytes of memory
2 BGP extended community entries using 48 bytes of memory
0 BGP route-map cache entries using 0 bytes of memory
0 BGP filter-list cache entries using 0 bytes of memory
BGP activity 12/21 prefixes, 12/5 paths, scan interval 15 secs

Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd

192.168.1.5 4 65535 73 76 32 0 0 01:05:02 2
Router-PE1#

The principle advantage to using BGP like this is that unlike the previous IGP examples, it provides some end-to-end information:

Router-CE-A1#show ip bgp
BGP table version is 15, local router ID is 192.168.5.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

 Network Next Hop Metric LocPrf Weight Path
*> 10.8.8.8/32 192.168.1.1 0 100 65534 i
*> 192.168.1.0 192.168.1.1 0 0 100 ?
*> 192.168.2.0 192.168.1.1 0 100 ?
*> 192.168.3.0 192.168.1.1 0 100 ?
*> 192.168.5.0 0.0.0.0 0 32768 ?
*> 192.168.57.12/32 192.168.5.12 2 32768 ?
Router-CE-A1#

In this case, you can see that the prefix 10.8.8.8/32 originates at the site with AS number 65534 before passing through the MPLS cloud, which has AS number 100. This prefix originates internally to BGP because it happens to be a loopback interface on the other CE router. The view from the other CE router is also instructive:

Router-CE-A2#show ip bgp
BGP table version is 19, local router ID is 10.8.8.8
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal
Origin codes: i - IGP, e - EGP, ? - incomplete

 Network Next Hop Metric LocPrf Weight Path
*> 10.8.8.8/32 0.0.0.0 0 32768 i
*> 192.168.1.0 192.168.3.1 0 100 ?
*> 192.168.2.0 192.168.3.1 0 100 ?
* 192.168.3.0 192.168.3.1 0 0 100 ?
*> 0.0.0.0 0 32768 i
*> 192.168.5.0 192.168.3.1 0 100 65535 ?
*> 192.168.57.12/32 192.168.3.1 0 100 65535 ?
Router-CE-A2#

Here you can see that the prefix 192.168.57.12/32 originates from the site with AS number 65535 and is received via the MPLS cloud's AS number 100. However, this prefix has an origin code of incomplete because it was redistributed into BGP from OSPF at the other site.

This level of information can be useful in some networks. However, because most organizations don't run BGP for their internal routing protocol, you always need to do some route redistribution with this method. Consequently, the MPLS routers will always be Autonomous System Boundary Routers (ASBR), and you will always have to contend with awkward routing over your backup links between sites. For this reason, we generally favor using an IGP such as RIP, OSPF, or EIGRP, as discussed in Recipes 26.5, 26.6, and 26.7. Of these IGPs, OSPF tends to be the most useful because the combination of EIGRP and MPLS is only available in more recent IOS versions, and not on all hardware platforms.

However, some providers only offer a limited range of options for PE-CE routing protocols. And, because the provider has to run BGP inside the MPLS core anyway, it is not uncommon for them to offer BGP as the only PE-CE routing option. If this is the case, and if it presents problems for your IGP design, the only real option is to configure GRE tunnels between your CE routers, as shown in Recipe 26.12. As we note in that recipe, this solution doesn't scale well, but at least it allows you to keep your IGP intact.

See Also

Chapter 9; Recipe 26.2; Recipe 26.5; Recipe 26.6; Recipe 26.7

Router Configuration and File Management

Router Management

User Access and Privilege Levels

TACACS+

IP Routing

RIP

EIGRP

OSPF

BGP

Frame Relay

Handling Queuing and Congestion

Tunnels and VPNs

Dial Backup

NTP and Time

DLSw

Router Interfaces and Media

Simple Network Management Protocol

Logging

Access-Lists

DHCP

NAT

First Hop Redundancy Protocols

IP Multicast

IP Mobility

IPv6

MPLS

Security

Appendix 1. External Software Packages

Appendix 2. IP Precedence, TOS, and DSCP Classifications

Index



Cisco IOS Cookbook
Cisco IOS Cookbook (Cookbooks (OReilly))
ISBN: 0596527225
EAN: 2147483647
Year: 2004
Pages: 505

Similar book on Amazon

Flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net