Scribd
Upload
287 views21 pages

VRF MP BGP PDF

This document provides a summary of virtual routing and forwarding (VRF) configurations for campus networks. It discusses using area-based filtering in OSPF to control route advertisements between departments. It also covers creating VRF instances, assigning interfaces, and configuring OSPF processes within each VRF. The document explains how to set up route leaking between VRFs using MP-BGP, route targets, and extended communities. While BGP is recommended, the document notes static routing can also be used for basic route leaking. Finally, it discusses why MPLS is commonly used instead of frame relay for scaling to support more VLAN tags and stacked labels.

Uploaded by

jnahamed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
287 views21 pages

VRF MP BGP PDF

This document provides a summary of virtual routing and forwarding (VRF) configurations for campus networks. It discusses using area-based filtering in OSPF to control route advertisements between departments. It also covers creating VRF instances, assigning interfaces, and configuring OSPF processes within each VRF. The document explains how to set up route leaking between VRFs using MP-BGP, route targets, and extended communities. While BGP is recommended, the document notes static routing can also be used for basic route leaking. Finally, it discusses why MPLS is commonly used instead of frame relay for scaling to support more VLAN tags and stacked labels.

Uploaded by

jnahamed
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 21

The Lazy Man’s Guide…

1
…to Virtual Routing & Forwarding
(For Campus Engineers)
Dr. John S. Graham
(OARnet)
Example: Campus Departments
Chemistry

150.1.5.0/24 R5 192.168.5.0/24

R2
R4
150.1.4.0/24

150.1.3.0/24 R3 192.168.3.0/24

Physics 3
Security Specification
• Point-to-Point link subnets should not be
advertised by OSPF.
• Routing of the 150.1.0.0/16 subnets should be
unrestricted.
• The 192.168.0.0/16 subnets should not be
advertised to other departments; only to the
central administrative LAN.
• All security should be centrally controlled on
the hub router R2
4
Let’s Try Area-Based Filtering…

R2 Configuration
router ospf 1
area 1 filter-list CHEMISTRY_ROUTES out
!
ip prefix-list CHEMISTRY_ROUTES permit 150.1.5.0/24 5
ip prefix-list CHEMISTRY_ROUTES deny 0.0.0.0/0 le 32
(OSPF: Textbook Myths)
What the Textbooks Say What Actually Happens
• All inter-area traffic must • An ABR floods Type-3 LSAs
pass through Area 0. describing each area out
interfaces participating in all
other areas
• Routers with an active
adjacency in Area 0 will ignore
Summary LSAs that are
received on non-backbone
interfaces
• Ergo, OSPF downshifts to DV
behavior when all backbone
connectivity is lost.
6
OSPF Configuration
150.1.5.0/24 R5 192.168.5.0/24

Area 0
Area 0

R2 R4
150.1.4.0/24

Area 0

150.1.3.0/24 R3 192.168.3.0/24
7
VRF Configuration
1. Create VRF Instances
1. Pick Alphanumeric Name
2. Assign the Route Distinguisher (RD)
2. Assign Interfaces to a VRF
1. The interface IP address will need to be
reapplied after configuring: ip vrf
forwarding <VRF_NAME>
3. Create OSPF Processes
1. One per VRF

8
The Route Distinguisher (RD)
• A formatted 8-byte number
– <GLOBAL_ADMINISTRATOR>:<LOCAL_IDENTIFIER>

Type 0 ASN Identifier

Type 1 IP Address Identifier

Type 2 ASN Identifier

• Used to create new address family


– RD + IP Prefix à VPNV4 address (12-bytes)
• Allows multiple customers of a SP to advertise
same prefix
9
Hub Configuration So Far…
ip vrf BLUE
rd 10.0.23.3:1
!
interface Serial0/0
no ip address
encapsulation frame-relay
clock rate 2000000
no frame-relay inverse-arp
!
interface Serial0/0.1 point-to-point
ip vrf forwarding BLUE
ip address 10.0.23.2 255.255.255.0
frame-relay interface-dlci 203
!
router ospf 1 vrf BLUE
router-id 0.1.0.2
network 0.0.0.0 255.255.255.255 area 0
10
OSPF à MP_BGP Redistribution 1/2
R2 RIB

show ip route vrf {BLUE | GREEN | RED} ospf

1. Three disconnected VRF routing tables. Each filled with routes learned from OSFP neighbors.

R2 RIB

show ip bgp vpnv4 all

vpnv4 table

2. Add a BGP table containing VPNV4 addresses. Unique RD prevents duplicate IP prefixes from
clashing 11
OSPF à MP_BGP Redistribution 2/2
interface Loopback0
ip address 10.0.2.2 255.255.255.255
!
router bgp 65534
no bgp default ipv4-unicast
!
address-family ipv4 vrf BLUE
redistribute ospf 1 vrf BLUE route-map OSPF_TO_BGP
no synchronization
exit-address-family
!
ip prefix-list P2P_SUBNETS seq 5 permit 10.0.0.0/8 ge 24
!
route-map OSPF_TO_BGP deny 10
match ip address prefix-list P2P_SUBNETS
!
route-map OSPF_TO_BGP permit 20
12
Route Target – Export & Import
Export RT Import RT
• Assigned to Prefixes within • Assigned to VRF Instances
a VRF instance • Multiple Import tags per
• One RT per prefix instance permitted
• Export maps are a useful • Usually best to assign
tool statically

13
BGP Extended Communities
• A formatted 8-Byte value
– ‘Type’ field indicates format of the 6-Byte value
– ‘Subtype’ field indicates intrinsic meaning
• Route Target Community (0x02)
• OSPF Domain Identifier (0x05)

• See RFC 7153 for full details


14
Route Leaking Schema

15
Configuring the RT
ip vrf VRF_BLUE
rd 10.0.23.3:1
export map EXPORT_MAP-VRF_BLUE
route-target import 65534:3
route-target import 65534:4
!
ip prefix-list VLAN3 seq 5 permit 192.168.3.0/24
!
route-map EXPORT_MAP-VRF_BLUE permit 10
match ip address prefix-list VLAN3
set extcommunity rt 65534:2
!
route-map EXPORT_MAP-VRF_BLUE permit 20
set extcommunity rt 65534:1 16
MP_BGP à OSPF 1/2
• This final step causes ‘leaked’ routes to be
advertised to spoke routers
• Leaked routes perceived by OSPF as External
– This looks ugly and is not representative of reality
– Alternative routes may be preferred
• Setting an OSPF ‘domain-id’ will cause leaked
routes to appear as inter-area Type-III
– This tag is propagated through MP-BGP using the
OSPF Domain Identifier Extended Community

17
MP_BGP à OSPF 2/2
!
router ospf 1 vrf VRF_BLUE
router-id 0.1.0.2
domain-id 123.123.123.123
redistribute bgp 65534 subnets
network 0.0.0.0 255.255.255.255 area 0
!

18
But… I Hate BGP!
• Route leaking can be accomplished statically
– Between pairs of VRF
– Between a VRF and the Global RIB
• Useful for installing a Default route into a VRF
• Require two static routes
– One in VRF pointing to Global prefix
– One in Global RIB pointing to VRF (for return
traffic)
• Remember to redistribute Static à IGP!
19
So Why Do Folks Want to Use MPLS?
• A question of scale
• Only 961 DLCI are available (16 through 976)
• Rather more (4,089) VLAN tags
– Normal range = 1 through 1005
• Reserved numbers comprise 1, 1002 – 1005
– Extended range = 1006 to 4094
• Stacked MPLS labels
– Outer (aka ‘Transport’) label connects pairwise PE
routers
– Inner (aka ‘VPN’) label assigned per customer
20
21

You might also like