Nexus: redistribution ospf-to-bgp and bgp-to-ospf with two VNF (VRF)

14.02 2024 | by massimiliano

Architettura di laboratorio Scenario 1: redistribution ospf-to-bgp and bgp-to-ospf with two VNF (VRF) R1 and R2 represent VNF100 ; R3, […]

Architettura di laboratorio Scenario 1: redistribution ospf-to-bgp and bgp-to-ospf with two VNF (VRF)

R1 and R2 represent VNF100 ; R3, R4, R5 and R6 represent VNF200 ;

R1 and R2 are the default gateway of subnet IP 172.16.100.0/24: this subnet is advertised via OSPF 100 process in area 0 backbone

R1 and R2 belong at VRF called VNF100 with own ospf process (VRF is configured only on BL devices);

R3, R4, R5 and R6 belong at VRF called VNF200 with different ospf process (VRF is configured only on BL devices)

R3, R4, R5 and R6 are the default gateway of second subnet IP 172.16.200.0/24; this subnet is advertised via OSPF200 process in area 0 backbone

BL1, BL2, BL3 and BL4 are the next stop L3 routing for each Routers (VNFs); BLs are involved on both OSPF process with an instance-tag called LAB and receiving the IP subnets from Routers; furthermore with a mutual redistribution OSPF – BGP, the BLs have the role to advertise the IP Prefix target external domain;

From OSPF domain broadcast we have setting the follow priority for DR and BDR (DR and BDR aren’t preemptive)

BL1 priority 255 (DR role)

BL2 priority 125 (BDR role)

BL3 priority 90 (for redundancy on case of fault DR/BDR)

BL4 priority 50 (for redundancy on case of fault DR/BDR)

all routers 0 (never role DR/BDR)

PE-A and PE-B are the edge routers which are BL1, BL2, BL3, BL4 established session EBGP to advertise IP Prefix from and to external domains

100.100.100.0/24 and 200.200.200.0/24 are the external IP Prefix and belonging at different VRF: target100 to VRF VNF100 and target 200 to VRF VNF200

Template Configuration Nexus Switch Cisco

# feature set

feature ospf
feature bgp
feature interface-vlan
feature lldp
!

#VRF Context

vrf context VNF100
!
vrf context VNF200

# Vlans subnet broadcast BL to Routers

vlan X
name VNF100
vlan Y
name VNF200

# Prefix-List to matching external subnets from EBGP and from Routers

ip prefix-list VNF100-IN description from-ext-domain_EBGP-VNF100
ip prefix-list VNF100-IN seq 5 permit < IP_subnet_exr_EBGP_VNF100 >
ip prefix-list VNF100-OUT description to-ext-domain_VNF100
ip prefix-list VNF100-OUT seq 5 permit < IP_subnet_ext_VNF100 >

ip prefix-list VNF200-IN description from-ext-domain_EBGP_VNF200
ip prefix-list VNF200-IN seq 5 permit < IP_subnet_ext_EBGP_VNF200 >
ip prefix-list VNF200-OUT description to-ext-domain_VNF200
ip prefix-list VNF200-OUT seq 5 permit < IP_subnet_ext_VNF200 >

ip prefix-list VNF100-PREPEND description VNF100-PREPEND
ip prefix-list VN100-PREPEND seq 5 permit < IP_subnet_ext_VNF100 >
ip prefix-list VNF200-PREPEND description VNF200-PREPEND
ip prefix-list VNF200-PREPEND seq 5 permit < IP_subnet_ext_VNF200 >
!

# route-map to redistribute bgp-to-ospf and set metric downstream traffic (to Router)

route-map VNF100-BGP-to-OSPF permit 10
match ip address prefix-list VNF100-IN
set metric + # multiple of ten (10 for BL1, 20 for BL2, 30 for BL3, 40 for BL4)

route-map VNF200-BGP-to-OSPF permit 10
match ip address prefix-list VNF200-IN
set metric + # multiple of ten (10 for BL1, 20 for BL2, 30 for BL3, 40 for BL4)

# route-map to redistribute ospf-to-bgp

route-map VNF100-OSPF-to-BGP permit 10
match ip address prefix-list VNF100-OUT

route-map VNF200-OSPF-to-BGP permit 10
match ip address prefix-list VNF200-OUT

# route-map to as-path prepend inbound traffic EBGP

route-map VNF100-PREPEND permit 10
match ip address prefix-list ip prefix-list VNF100-PREPEND
set as-path prepend < n. x-value-local-as-path > # BL1 path default; BL2 1x as-path; BL3 2x as-path; BL4 3x as-path

route-map VNF200-PREPEND permit 10
match ip address prefix-list ip prefix-list VNF200-PREPEND
set as-path prepend < n. x-value-local-as-path > # BL1 path default; BL2 1x as-path; BL3 2x as-path; BL4 3x as-path

# Interface L2

interface Ethernet1/a
description Downstream-Interconnect-SW2
switchport mode trunk
switchport trunk allowed vlan x,y

interface Ethernet1/b
description Downstream-Interconnect-SW1
switchport mode trunk
switchport trunk allowed vlan x,y

# Interface L3

interface Vlan X
description VNF100
no shutdown
vrf member VNF100
ip address
ip ospf dead-interval 3
ip ospf hello-interval 1
no ip ospf passive-interface
ip ospf priority # to set DR/BDR (250 for BL1, 200 for BL2, 150 for BL3, 100 for BL4)
ip router ospf < istance-tag > area 0.0.0.0
!
interface Vlan Y
description VNF200
no shutdown
vrf member VNF200
ip address
ip ospf dead-interval 3
ip ospf hello-interval 1
no ip ospf passive-interface
ip ospf priority # to set DR/BDR (250 for BL1, 200 for BL2, 150 for BL3, 100 for BL4)
ip router ospf < istance-tag > area 0.0.0.0
!

# OSPF Configuration

router ospf < instance-tag >
rfc1583compatibility !–> If Huawei routers running only RFC1583 compatible OSPF.
auto-cost reference-bandwidth 40 Gbps
timers throttle spf 10 100 1000
timers lsa-arrival 50
timers throttle lsa 10 100 1000
passive-interface default
!
vrf VNF100
router-id < ip_rid >
rfc1583compatibility !–> If Huawei routers running only RFC1583 compatible OSPF.
auto-cost reference-bandwidth 40 Gbps
redistribute bgp < instance-tag > route-map VNF100-BGP-to-OSPF
timers throttle spf 10 100 1000
timers lsa-arrival 50
timers throttle lsa 10 100 1000
maximum-paths 32
passive-interface default
!
vrf VNF200
router-id < ip_rid >
rfc1583compatibility !–> If Huawei routers running only RFC1583 compatible OSPF.
auto-cost reference-bandwidth 40 Gbps
redistribute bgp < instance-tag > route-map VNF200-BGP-to-OSPF
timers throttle spf 10 100 1000
timers lsa-arrival 50
timers throttle lsa 10 100 1000
maximum-paths 32
passive-interface default

# BGP Configuration

router bgp < instance-tag >
router-id < ip_bgp_loopback_rid >
!
vrf VNF100
local-as < local_as >
router-id < ip_address_loopback_rid_VNF100 >
address-family ipv4 unicast
redistribuite ospf < instance-tag > route-map VNF100-OSPF-to-BGP
neighbor < ip_address_remote_peer_vnf-100 >
remote-as < remote_as >
description EBGP-Peering-PE-VNF100
address-family ipv4 unicast
route-map VNF100-PREPEND out
!
vrf VNF200
local-as < local_as >
router-id < ip_address_loopback_rid_VNF200 >
address-family ipv4 unicast
redistribuite ospf < instance-tag > route-map VNF200-OSPF-to-BGP
neighbor < ip_address_remote_peer_vnf-200 >
remote-as < remote_as >
description EBGP-Peering-PE-VNF200
address-family ipv4 unicast
route-map VNF200-PREPEND out

VERIFICHE from BLs

BL1# sh ip route bgp-100 vrf VNF100 (scenario 1)

IP Route Table for VRF “VNF100”

‘*’ denotes best ucast next-hop

‘**’ denotes best mcast next-hop

‘[x/y]’ denotes [preference/metric]

‘%<string>’ in via output denotes VRF <string>

100.100.100.0/24, ubest/mbest: 1/0

*via 2.2.2.2, [20/0], 03:41:50, bgp-100, external, tag 200 → from ebgp PE1 (preferred)

via 192.168.10.20, Vlan10, [110/1], 03:41:31, ospf-LAB, type-2, tag 200 → from ospf-type2 BL4

via 192.168.10.2, Vlan10, [110/1], 03:41:31, ospf-LAB, type-2, tag 200 → from ospf-type2 BL2

via 192.168.10.10, Vlan10, [110/1], 03:41:31, ospf-LAB, type-2, tag 200 → from ospf-type2 BL3

BL1# sh ip route bgp-100 vrf VNF200 (scenario 1)

IP Route Table for VRF “VNF200”

‘*’ denotes best ucast next-hop

‘**’ denotes best mcast next-hop

‘[x/y]’ denotes [preference/metric]

‘%<string>’ in via output denotes VRF <string>

200.200.200.0/24, ubest/mbest: 1/0

*via 3.3.3.2, [20/0], 03:42:16, bgp-100, external, tag 200 → from ebgp PE1 (preferred)

via 192.168.20.2, Vlan20, [110/1], 03:41:57, ospf-LAB, type-2, tag 200 → from ospf-type2 BL2

via 192.168.20.20, Vlan20, [110/1], 03:41:57, ospf-LAB, type-2, tag 200 → from ospf-type2 BL4

via 192.168.20.10, Vlan20, [110/1], 03:41:57, ospf-LAB, type-2, tag 200 → from ospf-type2 BL3

Comment:

1) The above output is without set metric <value> to see the scenario with ecmp up (in case we have set metric setting up under the route-map, the BL1 receives the external IP Prefix from direct P2P EBGP more only one BL2 with metric lower (+20); fault-tolerance is always active in case of down BL or links.

2) BL1 receive into the own VRF (VNF100 and VNF200) the relative IP Prefix; 100.100.100.0/24 correctly from PE1 via EBGP and more from its ospf type-2 neighbors.

In case we don’t want to have all BL as ospf-type2 neighbors, we can configure set metric <value> under the route-map of ospf redistribution to bgp and resolve this output with the same behaviour seen on above table.

VERIFICHE from PE

PE1#sh ip route vrf VNF100 bgp (Scenario 1)

Routing Table: VNF100

Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

E1 – OSPF external type 1, E2 – OSPF external type 2

i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2

ia – IS-IS inter area, * – candidate default, U – per-user static route

o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP

a – application route

+ – replicated route, % – next hop override, p – overrides from PfR

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 1 subnets

B 172.16.100.0 [20/80] via 2.2.2.1, 06:53:29 → from ebgp BL1

PE1#sh ip bgp vpnv4 vrf VNF100 (Scenario 1)

BGP table version is 6, local router ID is 14.14.14.14

Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

x best-external, a additional-path, c RIB-compressed,

Origin codes: i – IGP, e – EGP, ? – incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 100:100 (default for vrf VNF100) VRF Router ID 14.14.14.14

*> 100.100.100.0/24 0.0.0.0 0 32768 I → from internal

* 172.16.100.0/24 6.6.6.1 80 0 100 100 100 ? → from ebgp BL3 (with prepend)>

*> 2.2.2.1 80 0 100 ? → from ebgp BL1 (preferred)

PE1#sh ip route vrf VNF200 (Scenario 1)

Routing Table: VNF200

Codes: L – local, C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area

N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2

E1 – OSPF external type 1, E2 – OSPF external type 2

i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2

ia – IS-IS inter area, * – candidate default, U – per-user static route

o – ODR, P – periodic downloaded static route, H – NHRP, l – LISP

a – application route

+ – replicated route, % – next hop override, p – overrides from PfR

Gateway of last resort is not set

172.16.0.0/24 is subnetted, 1 subnets

B 172.16.200.0 [20/80] via 3.3.3.1, 00:08:51 → from BL1

PE1#sh ip bgp vpnv4 vrf VNF200 (Scenario 1)

BGP table version is 25, local router ID is 15.15.15.15

Status codes: s suppressed, d damped, h history, * valid, > best, i – internal,

r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,

x best-external, a additional-path, c RIB-compressed,

Origin codes: i – IGP, e – EGP, ? – incomplete

RPKI validation codes: V valid, I invalid, N Not found

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 100:200 (default for vrf VNF200) VRF Router ID 15.15.15.15

* 172.16.200.0/24 7.7.7.1 80 0 100 100 100 ? → from ebgp BL3 (with prepend)

*> 3.3.3.1 80 0 100 ? → from ebgp BL1 (preferred)

* i 200.200.200.0 3.3.3.6 0 100 0 i

*> 0.0.0.0 0 32768 i