You have just received a nice job at a big enterprise that has multiple sites connected over their own managed MPLS Core. Each site runs EIGRP as the CE - PE routing protocol.
Two of these sites, Site-A and Site-B, have an additional direct link between each other as in the below diagram.
With the standard configuration, each site is reachable via its respective PE (for example, all traffic from MPLS cloud - other sites - to Site-A is via PE-1/CE-1 link), while the traffic between Site-A and Site-B uses the direct link between CE-1 and CE-2.
At this moment, traffic from PE-2 to Site-A's 192.168.1.55 will go
PE-2#traceroute vrf CUST_A 192.168.1.55 Type escape sequence to abort. Tracing the route to 192.168.1.55 1 10.0.0.6 [MPLS: Labels 16/19 Exp 0] 60 msec 60 msec 40 msec 2 192.168.1.1 [MPLS: Label 19 Exp 0] 36 msec 36 msec 40 msec 3 192.168.1.2 44 msec * 20 msec PE-2#
Because in the near future a new site will be connected to PE-2, you have been assigned the task of configuring the network in such a way that traffic from PE-2 to Site-A's 192.168.1.55 will go via Site-B (CE-2) instead of going over MPLS core!
How would you complete this task? - preferably only for prefix 192.168.1.55 !
You have checked the routing information on PE-2 and noticed that the prefix is learned from BGP over the MPLS cloud:
PE-2#sh ip route vrf CUST_A 192.168.1.55 Routing entry for 192.168.1.55/32Known via "bgp 100" , distance 200, metric 156160, type internal Redistributing via eigrp 100 Advertised by eigrp 100 metric 100000 10 255 1 1500 bgp 100 (self originated) Last update from 10.255.255.1 00:22:30 ago Routing Descriptor Blocks:* 10.255.255.1 (Default-IP-Routing-Table), from 10.255.255.1, 00:22:30 ago Route metric is 156160, traffic share count is 1 AS Hops 0 PE-2# PE-2#sh bgp vpnv4 uni all 192.168.1.55 BGP routing table entry for 100:1:192.168.1.55/32, version 22 Paths: (1 available, best #1, table CUST_A) Not advertised to any peer Local10.255.255.1 (metric 3) from 10.255.255.1 (10.255.255.1) Origin incomplete, metric 156160, localpref 100, valid, internal, best Extended Community: RT:100:1 Cost:pre-bestpath:128:156160 0x8800:32768:0 0x8801:100:130560 0x8802:65281:25600 0x8803:65281:1500 mpls labels in/out nolabel/19 PE-2#
You tried to influence the BGP path selection by setting a high local preference on the redistributed EIGRP routes, but unfortunately PE-2 still choses the prefix received over the MPLS as the best path:
ip access-list standard CE1_LOOPBACK permit 192.168.1.55 ! route-map SET_LP_500 permit 10 match ip address CE1_LOOPBACKset local-preference 500 route-map SET_LP_500 permit 999 ! router bgp 100 address-fam ipv4 vrf CUST_Aredistribute eigrp 100 route-map SET_LP_500
PE-2#sh bgp vpnv4 uni all 192.168.1.55 BGP routing table entry for 100:1:192.168.1.55/32, version 22 Paths: (1 available, best #1, table CUST_A) Not advertised to any peer Local10.255.255.1 (metric 3) from 10.255.255.1 (10.255.255.1) Origin incomplete, metric 156160, localpref 100, valid, internal, best Extended Community: RT:100:1 Cost:pre-bestpath:128:156160 0x8800:32768:0 0x8801:100:130560 0x8802:65281:25600 0x8803:65281:1500 mpls labels in/out nolabel/19!! !! the prefix received over MPLS (with default LP = 100) is still chosen as best !! !!
Why is that happening? How would you configure the network to achieve the desired result ?
hostname CE-1 ! ip cef ! ! interface Loopback0 ip address 192.168.1.55 255.255.255.255 ! interface FastEthernet0/0 ip address 192.168.1.2 255.255.255.252 speed 100 full-duplex ! interface FastEthernet0/1 ip address 192.168.12.1 255.255.255.252 speed 100 full-duplex ! router eigrp 100 network 192.168.0.0 0.0.255.255 no auto-summary !
hostname CE-2 ! ip cef ! ! interface Loopback0 ip address 192.168.2.55 255.255.255.255 ! interface FastEthernet0/0 ip address 192.168.2.2 255.255.255.252 speed 100 full-duplex ! interface FastEthernet0/1 ip address 192.168.12.2 255.255.255.252 speed 100 full-duplex ! router eigrp 100 network 192.168.0.0 0.0.255.255 no auto-summary !
hostname PE-1 ! ip cef ! ip vrf CUST_A rd 100:1 route-target export 100:1 route-target import 100:1 ! ! interface Loopback0 ip address 10.255.255.1 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding CUST_A ip address 192.168.1.1 255.255.255.252 speed 100 full-duplex ! interface FastEthernet0/1 ip address 10.0.0.1 255.255.255.252 speed 100 full-duplex mpls ip ! router eigrp 1 auto-summary ! address-family ipv4 vrf CUST_A redistribute bgp 100 metric 100000 10 255 1 1500 network 192.168.1.1 0.0.0.0 no auto-summary autonomous-system 100 exit-address-family ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 100 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 10.255.255.2 remote-as 100 neighbor 10.255.255.2 update-source Loopback0 ! address-family vpnv4 neighbor 10.255.255.2 activate neighbor 10.255.255.2 send-community extended exit-address-family ! address-family ipv4 vrf CUST_A redistribute eigrp 100 no synchronization exit-address-family !
hostname PE-2 ! ip cef ! ip vrf CUST_A rd 100:1 route-target export 100:1 route-target import 100:1 ! ! interface Loopback0 ip address 10.255.255.2 255.255.255.255 ! interface FastEthernet0/0 ip vrf forwarding CUST_A ip address 192.168.2.1 255.255.255.252 speed 100 full-duplex ! interface FastEthernet0/1 ip address 10.0.0.5 255.255.255.252 speed 100 full-duplex mpls ip ! router eigrp 1 auto-summary ! address-family ipv4 vrf CUST_A redistribute bgp 100 metric 100000 10 255 1 1500 network 192.168.2.1 0.0.0.0 no auto-summary autonomous-system 100 exit-address-family ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 ! router bgp 100 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 10.255.255.1 remote-as 100 neighbor 10.255.255.1 update-source Loopback0 ! address-family vpnv4 neighbor 10.255.255.1 activate neighbor 10.255.255.1 send-community extended exit-address-family ! address-family ipv4 vrf CUST_A redistribute eigrp 100 route-map SET_LP_500 no synchronization exit-address-family ! ip access-list standard CE1_LOOPBACK permit 192.168.1.55 ! route-map SET_LP_500 permit 10 match ip address CE1_LOOPBACK set local-preference 500 ! route-map SET_LP_500 permit 999 !
hostname P-CORE ! ip cef ! ! interface FastEthernet0/0 ip address 10.0.0.2 255.255.255.252 speed 100 full-duplex mpls ip ! interface FastEthernet0/1 ip address 10.0.0.6 255.255.255.252 speed 100 full-duplex mpls ip ! router ospf 1 log-adjacency-changes network 10.0.0.0 0.255.255.255 area 0 !
Post your answer in the 'Comments' section below and subscribe to this blog to get the detailed solution and more interesting quizzes.
Comments
comments powered by Disqus