[c-nsp] BGP and VRFs[Scanned]

Alex Foster afoster at gammatelecom.com
Wed Mar 15 15:53:53 EST 2006



Bruce Pinsky wrote:
> Here do you mean you are running an IGP and that IGP is OSPF and you
are
> going to be using iBGP in addition to eBGP?

Yes - I tend to (albeit wrongly) group iBGP with IGP, because ordinarily
one works with the other (unless other policies are in place).

>If you want the BGP session and the associated routes in the VRF
context,
>they must be in the IPv4 VRF address family context.

So in my particular scenario the config. would be:

router bgp 2222
 no synchronization
 bgp router-id 88.215.63.217
 bgp log-neighbor-changes
 no auto-summary
 !
 address-family ipv4 vrf test
 neighbor 88.215.63.234 remote-as 1111
 neighbor 88.215.63.234 password test
 neighbor 88.215.63.234 version 4
 neighbor 88.215.63.234 activate
 neighbor 88.215.63.234 remove-private-as
 neighbor 88.215.63.234 route-map some in
 neighbor 88.215.63.234 route-map more out
 neighbor 88.215.63.218 remote-as 2222
 neighbor 88.215.63.218 version 4
 neighbor 88.215.63.218 activate
 neighbor 88.215.63.218 description other_router
 neighbor 88.215.63.218 update-source Loopback0
 neighbor 88.215.63.218 next-hop-self
 neighbor 88.215.63.218 password test
 no auto-summary
 no synchronization
 bgp dampening
 exit-address-family

Regards

Alex



----Original Message-----
From: Bruce Pinsky [mailto:bep at whack.org] 
Sent: 15 March 2006 19:44
To: Alex Foster
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] BGP and VRFs[Scanned]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Alex Foster wrote:
> All,
> 
> I am trying to work through a configuration that will allow me to run
> BGP to a service providers network.  I need to run the BGP and iBGP
> processes within a VRF, so that they do not become part of the default
> routing table - this is for a good reason.  This configuration is not
> for an uplink to an ISP but a bespoke project.
> 
> I have two routers running iBGP between them (OSPF) and both have
> uplinks (paths) to the service providers network (same AS), I have
some
> policies in place to prefer one path over the other and advertise a
> couple of /32s to the provider.
> 

Here do you mean you are running an IGP and that IGP is OSPF and you are
going to be using iBGP in addition to eBGP?

> What I am not clear on is where the iBGP neighbor statement should
> appear.  Should it appear as part of the global BGP config. or under
the
> address-family ipv4 vrf config.
>

If you want the BGP session and the associated routes in the VRF
context,
they must be in the IPv4 VRF address family context.

Here is a sample where iBGP sessions on the same router are in two
different contexts:

router bgp 1111
 bgp log-neighbor-changes
 neighbor 3.3.3.3 remote-as 1111
 !
 address-family ipv4
 neighbor 3.3.3.3 activate
 no auto-summary
 no synchronization
 network 6.6.6.0 mask 255.255.255.0
 exit-address-family
 !
 address-family ipv4 vrf foo
 neighbor 2.2.2.2 remote-as 1111
 neighbor 2.2.2.2 activate
 no synchronization
 network 5.5.5.0 mask 255.255.255.0
 exit-address-family

R1#sh ip bgp sum
BGP router identifier 1.1.1.1, local AS number 1111
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down
State/PfxRcd
3.3.3.3         4  1111       35       33        1    0    0 00:13:41 0

R1#sh ip bgp v v foo sum
BGP router identifier 1.1.1.1, local AS number 1111
BGP table version is 1, main routing table version 1

Neighbor        V    AS MsgRcvd MsgSent   TblVer  InQ OutQ Up/Down
State/PfxRcd
2.2.2.2         4  1111       47       51        1    0    0 00:15:23 0


- --
=========
bep

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFEGG5uE1XcgMgrtyYRAr8ZAJ4q+/6KzKexjlPbZt/2hZgEjuqeCQCdH48M
8VbFRinI5nsfUxJsYJoKpQc=
=lgu7
-----END PGP SIGNATURE-----


This message has been scanned for viruses by MailController -
www.MailController.altohiway.com


The information in this e-mail and any attachments is confidential and may be subject to legal professional privilege. It is intended solely for the attention and use of the named addressee(s). If you are not the intended recipient, or person responsible for delivering this information to the intended recipient, please notify the sender immediately. Unless you are the intended recipient or his/her representative you are prohibited from, and therefore must not, read, copy, distribute, use or retain this message or any part of it. The views expressed in this e-mail may not represent those of Gamma Telecom.

This message has been scanned for viruses by MailController



More information about the cisco-nsp mailing list