Date created: Sunday, January 12, 2014 1:21:40 PM. Last modified: Tuesday, June 28, 2022 4:32:56 PM
Route Reflector Scaling with Route Target Filtering
All Cisco 7206VXRs running c7200-jk9s-mz.124-14b, RR is running c7200-spservicesk9-mz.151-3.S6.
Route-maps can be used to add BGP communities to routes that are then passed on to a route reflector (do this on the PEs to save configuration on the RR and allow per VRF and/or per site communities for more granular tagging). The route reflector can then filter oubound updates to others PEs based on community route-map filter so PE1 wouldn't want to know about Vrf SiteC (CE3-1) routes.
PE2 - In this example, PE1 only advertises vrf SiteB (CE-2-2) routes to the RR
ip vrf SiteB rd 123:200 route-target export 123:200 route-target import 123:200 ! interface FastEthernet1/1 ip vrf forwarding SiteB ip address 10.62.0.6 255.255.255.0 ! router bgp 65000 no bgp default ipv4-unicast bgp log-neighbor-changes neighbor 10.0.0.2 remote-as 65000 neighbor 10.0.0.2 update-source Loopback0 ! address-family vpnv4 neighbor 10.0.0.2 activate neighbor 10.0.0.2 send-community extended neighbor 10.0.0.2 route-map RM-CustB-Out out exit-address-family ! address-family ipv4 vrf SiteB redistribute connected neighbor 10.62.0.2 remote-as 65200 neighbor 10.62.0.2 activate neighbor 10.62.0.2 next-hop-self neighbor 10.62.0.2 default-originate neighbor 10.62.0.2 route-map RM-CustB-In in no synchronization exit-address-family ! ! ip bgp-community new-format ip community-list 20 permit 65000:65200 ! route-map RM-CustB-Out permit 10 match community 20 ! route-map RM-CustB-In permit 10 set community 65000:65200 ! ! ! RR#show bgp vpnv4 unicast all neighbors 10.0.0.6 routes BGP table version is 30, local router ID is 10.0.0.2 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale, m multipath, b backup-path, x best-external, f RT-Filter, a additional-path Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 123:200 *>i10.14.1.1/32 10.0.0.6 0 100 0 65200 i Total number of prefixes 1
RR - "no bgp default ipv4-unicast" on RRs and clients means that MPLS VPN PEs don't have to carry all defaut table routes (which could be full Internet routing if the Internet is not in a VRF for example) - So we save on memory for PEs - Only carry VPN routes to scale up PEs and RR. The same route-map filtering applied on PE2 could be applied here for import/export too, otherwise its a basic RR config;
router bgp 65000 bgp log-neighbor-changes no bgp default ipv4-unicast neighbor 10.0.0.1 remote-as 65000 neighbor 10.0.0.1 update-source Loopback0 neighbor 10.0.0.6 remote-as 65000 neighbor 10.0.0.6 update-source Loopback0 ! address-family ipv4 exit-address-family ! address-family vpnv4 neighbor 10.0.0.1 activate neighbor 10.0.0.1 send-community extended neighbor 10.0.0.1 route-reflector-client neighbor 10.0.0.6 activate neighbor 10.0.0.6 send-community extended neighbor 10.0.0.6 route-reflector-client exit-address-family
The RR coud also use the "rtfilter" BGP address-family (in addition to VPNv4 family) but this is from IOS 15.1 onwards (and IOS XE), for automatic RT filtering on VRF VPN Route Targets;
router bgp 65000 address-family rtfilter unicast neighbor 10.0.0.1 activate neighbor 10.0.0.1 send-community extended neighbor 10.0.0.1 route-reflector-client neighbor 10.0.0.6 activate neighbor 10.0.0.6 send-community extended neighbor 10.0.0.6 route-reflector-client ! ! The same address-family must also be actived on the PEs obviously!
Previous page: IOS to IOS-XR eBGP MTU
Next page: 2960