Configuring Inter-AS BGP/MPLS IP VPN in Option C: Implementation method 1

Configuring Inter-AS BGP/MPLS IP VPN in Option C: Implementation method 1

Martin Indeche Martin Indeche

Martin Indeche

MPBN PACO SME Engineer at Nokia | IP | EBK | Msc Computer Science I Mentor

发布日期: 2023年10月1日
+ 关注

We have looked at configuring Inter-AS BGP/MPLS IP VPN in Options A and B in our previous articles.

Check out option A implementation from this link https://www.dhirubhai.net/pulse/inter-as-bgpmpls-ip-vpn-option-set-up-configuration-huawei-indeche/?trackingId=ISUbn%2Bi%2Bj4mRZx%2FmKLb%2BDw%3D%3D

Check out option B implementation from this link

https://www.dhirubhai.net/pulse/bgp-inter-as-option-b-configuration-troubleshooting-huawei-indeche%3FtrackingId=xG3%252FVPdaph16cALUYhRpWA%253D%253D/?trackingId=xG3%2FVPdaph16cALUYhRpWA%3D%3D

Both Option A and Option B can meet inter-AS VPN communication requirements. Their main drawback is that ASBRs need to maintain and distribute VPN-IPv4 routes which may hinder network extension when each AS needs to exchange a large number of VPN routes. There are two implementations of Inter-AS BGP Option C:

  • The PE devices directly establish a multi-hop EBGP connection to exchange VPN-IPv4 routes. This is not scalable when you have many PEs and have to establish multi-hop EBGP peering between them.
  • Inter-Provider Backbones Option C with an RR. To improve network scalability, you can specify an RR in each AS. The RR stores all VPN-IPv4 routes and exchanges VPN-IPv4 routes with the PE devices in the local AS. The RRs in two ASs establish an MP-EBGP connection to advertise VPN-IPv4 routes.

In this article, we will focus on the first implementation. Below is our topology diagram.

Lab objective: Establish multi-hop EBGP peering between PE1 and PE2, ensure they are able to exchange customer routes, and test communication between the two customer sites.

Configuration Procedure:

  1. Configure IP address on interfaces, IGP, MPLS, and LDP in each AS. I have used OSPF as my IGP in AS 200 and ISIS as my IGP in AS 100. These are basic configurations and are similar to what we did in Option A and B hence not displayed. Let's verify our OSPF and ISIS are up and running in both AS.

OSPF adjacency is up to P and ASBR and we can ping the loopback IP of ASBR from PE01.

领英推荐

ISIS adjacency is up and we can ping PE02 from ASBR02.

  1. Configure BGP peering between PE01 and ASB01, ASBR01 and ASBR02, ASBR02 and PE02. You must enable these peers to exchange labeled ipv4 routes and you should configure route policy on ASBRs to make them apply MPLS labeled on route exchanged between them. Below are sample configs on PE01 and ASBR02.

PE01

bgp 200
 router-id 4.4.4.4
 peer 4.4.4.4 as-number 200
 peer 4.4.4.4 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  peer 4.4.4.4 enable
  peer 4.4.4.4 label-route-capability # ENABLE EXCHANGE OF LABELED ROUTES WITH ASBR
 #
 ipv4-family vpn-instance VRF1 ##### PEERING TO CUSTOMER
  peer 10.10.10.3 as-number 65500        
ASBR02

bgp 100
 peer 7.7.7.7 as-number 100
 peer 7.7.7.7 connect-interface LoopBack0
 peer 172.16.16.3 as-number 200
 #
 ipv4-family unicast
  undo synchronization
  network 7.7.7.7 255.255.255.255
  peer 7.7.7.7 enable
  peer 7.7.7.7 route-policy policy2 export #APPLY ROUTE POLICY TO PE01
  peer 7.7.7.7 label-route-capability
  peer 172.16.16.3 enable
  # APPLY ROUTE POLICY TO ASBR01 ##
  peer 172.16.16.3 route-policy policy1 export 
  peer 172.16.16.3 label-route-capability
#
route-policy policy1 permit node 1
 apply mpls-label
#
route-policy policy2 permit node 1
 if-match mpls-label
 apply mpls-label
#

  1. Configure Multi-hop EBGP between PE01 and PE02. You need to ensure the loopback 0 IPs for the PEs device are reachable from both PEs because we use them as the source interface. You also need to configure BGP-max-hop of more than one hop for the peering to come up.

PE01 configurations
bgp 200
 peer 7.7.7.7 as-number 100
 peer 7.7.7.7 ebgp-max-hop 10
 peer 7.7.7.7 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo peer 7.7.7.7 enable
 #
 ipv4-family vpnv4
  undo policy vpn-target
  peer 7.7.7.7 enable
#        
bgp 100
 peer 2.2.2.2 as-number 200
 peer 2.2.2.2 ebgp-max-hop 10
 peer 2.2.2.2 connect-interface LoopBack0
 #
 ipv4-family unicast
  undo synchronization
  undo peer 2.2.2.2 enable
 ipv4-family vpnv4
  peer 2.2.2.2 enable

  1. Verification:

Ping from PE01 to PE02 is OK
The peering to ASBR, PE02, and the customer is OK on PE01.
The peering to ASBR02, PE01 and customer is OK on PE02
Customer 01 has the routes of customer 02 and they can communicate.

This is how simple it is to set up Option C on Huawei routers. The lab setup and all the configurations are available on demand. Reach out to me if you want to try it in your simulation environment.


Franklin Mutisya

DevOps Engineer - Kubernetes -Ansible -Linux - Bash -Network Automation Huawei iMaster NCE Campus & Datacenter-Python - Cloudflare - Datadog - HCIP || CCNP

1 年

Kindly share the solution when Route Reflectors are involved I would appreciate it so much [email protected]

回复
1 次回应
Geoffrey Mochama

Co-Founder & CTO at MICROTECH CLOUD LIMITED |Business developer|

1 年

MPLS is a good way to create a redundant network -I would appreciate if you share the lab setup and configs

回复
1 次回应
查看更多评论

要查看或添加评论,请登录

Martin Indeche的更多文章

社区洞察

其他会员也浏览了