[c-nsp] BGP and VRFs[Scanned]
Alex Foster
afoster at gammatelecom.com
Wed Mar 15 15:53:53 EST 2006
Bruce Pinsky wrote:
> Here do you mean you are running an IGP and that IGP is OSPF and you
are
> going to be using iBGP in addition to eBGP?
Yes - I tend to (albeit wrongly) group iBGP with IGP, because ordinarily
one works with the other (unless other policies are in place).
>If you want the BGP session and the associated routes in the VRF
context,
>they must be in the IPv4 VRF address family context.
So in my particular scenario the config. would be:
router bgp 2222
no synchronization
bgp router-id 88.215.63.217
bgp log-neighbor-changes
no auto-summary
!
address-family ipv4 vrf test
neighbor 88.215.63.234 remote-as 1111
neighbor 88.215.63.234 password test
neighbor 88.215.63.234 version 4
neighbor 88.215.63.234 activate
neighbor 88.215.63.234 remove-private-as
neighbor 88.215.63.234 route-map some in
neighbor 88.215.63.234 route-map more out
neighbor 88.215.63.218 remote-as 2222
neighbor 88.215.63.218 version 4
neighbor 88.215.63.218 activate
neighbor 88.215.63.218 description other_router
neighbor 88.215.63.218 update-source Loopback0
neighbor 88.215.63.218 next-hop-self
neighbor 88.215.63.218 password test
no auto-summary
no synchronization
bgp dampening
exit-address-family
Regards
Alex
----Original Message-----
From: Bruce Pinsky [mailto:bep at whack.org]
Sent: 15 March 2006 19:44
To: Alex Foster
Cc: cisco-nsp at puck.nether.net
Subject: Re: [c-nsp] BGP and VRFs[Scanned]
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Alex Foster wrote:
> All,
>
> I am trying to work through a configuration that will allow me to run
> BGP to a service providers network. I need to run the BGP and iBGP
> processes within a VRF, so that they do not become part of the default
> routing table - this is for a good reason. This configuration is not
> for an uplink to an ISP but a bespoke project.
>
> I have two routers running iBGP between them (OSPF) and both have
> uplinks (paths) to the service providers network (same AS), I have
some
> policies in place to prefer one path over the other and advertise a
> couple of /32s to the provider.
>
Here do you mean you are running an IGP and that IGP is OSPF and you are
going to be using iBGP in addition to eBGP?
> What I am not clear on is where the iBGP neighbor statement should
> appear. Should it appear as part of the global BGP config. or under
the
> address-family ipv4 vrf config.
>
If you want the BGP session and the associated routes in the VRF
context,
they must be in the IPv4 VRF address family context.
Here is a sample where iBGP sessions on the same router are in two
different contexts:
router bgp 1111
bgp log-neighbor-changes
neighbor 3.3.3.3 remote-as 1111
!
address-family ipv4
neighbor 3.3.3.3 activate
no auto-summary
no synchronization
network 6.6.6.0 mask 255.255.255.0
exit-address-family
!
address-family ipv4 vrf foo
neighbor 2.2.2.2 remote-as 1111
neighbor 2.2.2.2 activate
no synchronization
network 5.5.5.0 mask 255.255.255.0
exit-address-family
R1#sh ip bgp sum
BGP router identifier 1.1.1.1, local AS number 1111
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
3.3.3.3 4 1111 35 33 1 0 0 00:13:41 0
R1#sh ip bgp v v foo sum
BGP router identifier 1.1.1.1, local AS number 1111
BGP table version is 1, main routing table version 1
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down
State/PfxRcd
2.2.2.2 4 1111 47 51 1 0 0 00:15:23 0
- --
=========
bep
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQFEGG5uE1XcgMgrtyYRAr8ZAJ4q+/6KzKexjlPbZt/2hZgEjuqeCQCdH48M
8VbFRinI5nsfUxJsYJoKpQc=
=lgu7
-----END PGP SIGNATURE-----
This message has been scanned for viruses by MailController -
www.MailController.altohiway.com
The information in this e-mail and any attachments is confidential and may be subject to legal professional privilege. It is intended solely for the attention and use of the named addressee(s). If you are not the intended recipient, or person responsible for delivering this information to the intended recipient, please notify the sender immediately. Unless you are the intended recipient or his/her representative you are prohibited from, and therefore must not, read, copy, distribute, use or retain this message or any part of it. The views expressed in this e-mail may not represent those of Gamma Telecom.
This message has been scanned for viruses by MailController
More information about the cisco-nsp
mailing list