[c-nsp] BGP quandry
peter at rathlev.dk
Thu Jun 18 06:50:57 EDT 2009
On Wed, 2009-06-17 at 22:54 -0500, Justin Shore wrote:
> So I did a little more playing around and found that if I added an vpnv4
> activate on the DC #2 router for core #2's IP I got my vpnv4 routes. I
> only got those connected to core #2 though. I had to add another
> activate for core #1. I'm assuming that core #2 sent those BGP routes
> that it learned via iBGP from core #1 to DC #2 because of the RR config.
> Since I'm eliminating the iBGP RR config I have to complete the full
> mesh to get the full set of routes. That makes sense.
Core #2 doesn't have "route-reflector-client" configured towards the new
router, so it only sends it's own prefixes and prefixes from any RR
clients of it's own. That seems to make sense to me too.
> One thing that doesn't make sense at this point is why the ibgp-peer
> peer-group config in the vpnv4 address-family wasn't sufficient enough
> to enable the learning of vpnv4 routes. Do peer-groups and vpnv4 config
> not mix? Trying to add the command "neighbor aaa.bbb.ccc.ddd
> send-community extendeded" to any of the routers involved (where
> aaa.bbb.ccc.ddd is a configured member of a peer-group) results in the
> % Invalid command for a peer-group member
> To me that implies that some sort of interaction exists between vpnv4
> config and peer-group config. Can anyone add any input to this?
AFAIK you always have to activate the specific peers in the VPNv4
configuration for VPNv4 functionality. I.e. :
router bgp 64512
neighbor PG peer-group
neighbor PG remote-as 65412
neghibor 10.0.0.1 activate
neighbor 10.0.0.1 activate
VPNv4 and IPv4 mixes fine, but the activation is seperated so you can
run some IPv4 only peers, some VPNv4 only peers and some mixed peers.
More information about the cisco-nsp