[c-nsp] BGP quandry

Peter Rathlev peter at rathlev.dk
Thu Jun 18 06:50:57 EDT 2009


On Wed, 2009-06-17 at 22:54 -0500, Justin Shore wrote:
> So I did a little more playing around and found that if I added an vpnv4 
> activate on the DC #2 router for core #2's IP I got my vpnv4 routes.  I 
> only got those connected to core #2 though.  I had to add another 
> activate for core #1.  I'm assuming that core #2 sent those BGP routes 
> that it learned via iBGP from core #1 to DC #2 because of the RR config. 
>   Since I'm eliminating the iBGP RR config I have to complete the full 
> mesh to get the full set of routes.  That makes sense.

Core #2 doesn't have "route-reflector-client" configured towards the new
router, so it only sends it's own prefixes and prefixes from any RR
clients of it's own. That seems to make sense to me too.

> One thing that doesn't make sense at this point is why the ibgp-peer 
> peer-group config in the vpnv4 address-family wasn't sufficient enough 
> to enable the learning of vpnv4 routes.  Do peer-groups and vpnv4 config 
> not mix?  Trying to add the command "neighbor aaa.bbb.ccc.ddd 
> send-community extendeded" to any of the routers involved (where 
> aaa.bbb.ccc.ddd is a configured member of a peer-group) results in the 
> error:
> 
> % Invalid command for a peer-group member
> 
> To me that implies that some sort of interaction exists between vpnv4 
> config and peer-group config.  Can anyone add any input to this?

AFAIK you always have to activate the specific peers in the VPNv4
configuration for VPNv4 functionality. I.e. :

 router bgp 64512
  neighbor PG peer-group
  neighbor PG remote-as 65412
  neghibor 10.0.0.1 activate
  !
  address-family vpnv4
   neighbor 10.0.0.1 activate
   exit-address-family
  ! 
  exit
 !

VPNv4 and IPv4 mixes fine, but the activation is seperated so you can
run some IPv4 only peers, some VPNv4 only peers and some mixed peers.

Regards,
Peter




More information about the cisco-nsp mailing list