BGP Session not Established when using Loopback Interface

Created: Feb 10, 2020 09:54:01Latest reply: Feb 16, 2020 11:35:18 166 6 1 0
  Rewarded HiCoins: 0 (problem resolved)

Hi!


I have an issue with my BGP Configuration. I have two Routers. Both are using MPLS and OSPF for general Connectivity. Both are supposed to be connected with iBGP in a VRF(VPN-Instance).

I want to use a Loopback-Interface as the Peer-Adress. I placed those Loopbacks in the same VRF as the physical Interface. It's not working. When i use the physical Interfaces as the Peers, it works fine.


Please have a look... i am talking about the "ACMS_Internet_Limited" VPN.

Router A:


[RouterA]dis curr conf bgp
#
bgp 65000
 router-id 10.178.16.254
 #
 ipv4-family unicast
  undo synchronization
 #
. . .
 #
 ipv4-family vpn-instance ACMS_Internet_Limited
  router-id 10.178.16.254
  peer 10.178.16.248 as-number 65000
#
return


[RouterA]displ curren interface LoopBack 1
#
interface LoopBack1
 ip binding vpn-instance ACMS_Internet_Limited
 ip address 10.178.16.254 255.255.255.255
#
return

[RouterA]dis current interface GigabitEthernet0/3/5.100
#
interface GigabitEthernet0/3/5.100
 vlan-type dot1q 100
 description "ER_Goslar_Oker GE0/3/0.100"
 ip binding vpn-instance ACMS_Internet_Limited
 ip address 10.178.16.5 255.255.255.252
#
return

[RouterA]disp curren conf vpn-instance
. . .
#
ip vpn-instance ACMS_Internet_Limited
 ipv4-family
  route-distinguisher 65000:10002
  vpn-target 65000:10002 export-extcommunity
  vpn-target 65000:10002 import-extcommunity
#
ip vpn-instance __LOCAL_OAM_VPN__
 ipv4-family
#
return
[RouterA]disp bgp all sum

 BGP local router ID : 10.178.16.254
 Local AS number : 65000

 Address Family:Vpnv4 All
 --------------------------------------------------------------------------------------------
 Total number of peers : 2                 Peers in established state : 1


  Peer of IPv4-family for vpn instance :

. . .
  VPN-Instance ACMS_Internet_Limited, Router ID 10.178.16.254:
  Peer                     AS  MsgRcvd  MsgSent  OutQ  Up/Down       State    RtRcv    RtAdv
  10.178.16.248         65000        0        0     0 00:09:11      Active        0        0
[RouterA]

Router B:


[RouterB]dis curr conf bgp
#
bgp 65000
 router-id 10.178.16.248
 #
 ipv4-family unicast
  undo synchronization
 #
 ipv4-family vpn-instance ACMS_Internet_Limited
  router-id 10.178.16.248
  peer 10.178.16.254 as-number 65000
#
return
[RouterB]displ curren interface LoopBack 1
#
interface LoopBack1
 ip binding vpn-instance ACMS_Internet_Limited
 ip address 10.178.16.248 255.255.255.255
#
return
[RouterB]dis current interface GigabitEthernet0/3/0.100
#
interface GigabitEthernet0/3/0.100
 vlan-type dot1q 100
 ip binding vpn-instance ACMS_Internet_Limited
 ip address 10.178.16.6 255.255.255.252
#
return
[RouterB]disp curren conf vpn-instance
#
ip vpn-instance ACMS_Internet_Limited
 ipv4-family
  route-distinguisher 65000:10002
  vpn-target 65000:10002 export-extcommunity
  vpn-target 65000:10002 import-extcommunity
#
ip vpn-instance __LOCAL_OAM_VPN__
 ipv4-family
#
return
[RouterB]dis bgp all sum

 BGP local router ID : 10.178.16.248
 Local AS number : 65000

 Address Family:Vpnv4 All
 --------------------------------------------------------------------------------------------
 Total number of peers : 1                 Peers in established state : 0


  Peer of IPv4-family for vpn instance :

  VPN-Instance ACMS_Internet_Limited, Router ID 10.178.16.248:
  Peer                     AS  MsgRcvd  MsgSent  OutQ  Up/Down       State    RtRcv    RtAdv
  10.178.16.254         65000        0        0     0 00:15:52      Active        0        0



  • x
  • convention:

Featured Answers
chenhui
Admin Created Feb 11, 2020 00:57:14 Helpful(0) Helpful(0)

Posted by poperator at 2020-02-10 11:34 I tried all that. The Loopback Adresses are not reachable from the peers. Is it because of the VLAN ...

Hi @poperator

there might be no routes towards the remote loopback. Please try add a static route on both routers, the corresponding command as below:

ip route-static vpn-instance ACMS_Internet_Limited 10.178.16.248 255.255.255.255 10.178.16.6

  • x
  • convention:

Recommended answer

Popeye_Wang
Admin Created Feb 10, 2020 11:19:31 Helpful(0) Helpful(0)

Hello,

Ensure that the route between the two loopback interfaces is reachable. 

And try to run the peer connect-interface command to specify the source interface for sending BGP packets.

For example, on router A, add  the command: 

 peer 10.178.16.248 connect-interface loopback 1

I hope this helps.

  • x
  • convention:

All Answers
wissal
wissal MVE Created Feb 10, 2020 10:01:53 Helpful(0) Helpful(0)

Hello,
When configuring BGP, set the router ID first to prevent the situation that no interface IP address is available by default.
Thanks
  • x
  • convention:

I%20would%20like%20to%20share%20with%20you%20my%20experience%2C%20I'm%20telecommunications%20engineer%2C%20currently%20senior%20project%20manager%20at%20an%20operator%2C%20partner%20of%20Huawei%2C%20in%20the%20radio%20access%20network%20department%2C%20for%2020%20years%20I%20managed%20several%20types%20of%20projects%2C%20for%20the%20different%20nodes%20of%20the%20network.%3Cbr%2F%3EAt%20the%20same%20time%2C%20I%20give%20courses%20in%20universities%20as%20a%20temporary%2C%20to%20bring%20the%20operational%20side%20of%20telecommunication%20technologies%20to%20students%2C%20for%20network%20supervision%20systems%2C%20mobile%20radio%20networks%20and%20access%20networks%20etc.
Popeye_Wang
Popeye_Wang Admin Created Feb 10, 2020 11:19:31 Helpful(0) Helpful(0)

Hello,

Ensure that the route between the two loopback interfaces is reachable. 

And try to run the peer connect-interface command to specify the source interface for sending BGP packets.

For example, on router A, add  the command: 

 peer 10.178.16.248 connect-interface loopback 1

I hope this helps.

  • x
  • convention:

poperator
poperator Created Feb 10, 2020 11:34:57 Helpful(0) Helpful(0)

I tried all that. The Loopback Adresses are not reachable from the peers. Is it because of the VLAN 100 that i'm using on the Subinterfaces? I put a network statement in BGP for the local loopbacks, stll not reachable.
  • x
  • convention:

HaseebAkhtar
HaseebAkhtar Created Feb 10, 2020 11:36:50 Helpful(0) Helpful(0)

You've not used the peer connect-interface command, whenever you want to makeBGP peer with loopback interfaces you've to use  peer connect-interface command with peer. then before establishing BGP, ping both ends of loopback interface IPs to verify connectivity. 

  • x
  • convention:

chenhui
chenhui Admin Created Feb 11, 2020 00:57:14 Helpful(0) Helpful(0)

Posted by poperator at 2020-02-10 11:34 I tried all that. The Loopback Adresses are not reachable from the peers. Is it because of the VLAN ...

Hi @poperator

there might be no routes towards the remote loopback. Please try add a static route on both routers, the corresponding command as below:

ip route-static vpn-instance ACMS_Internet_Limited 10.178.16.248 255.255.255.255 10.178.16.6

  • x
  • convention:

ViktorG
ViktorG Created Feb 16, 2020 11:35:18 Helpful(0) Helpful(0)

Hello @poperator !

Just a question here to clarify the situation:
- if you use MPLS + OSPF for general connectivity - why you connect iBGP peers in VPN-instance ?
Try to follow iBGP design rules - create general BGP session in Global routing table (GRT), namely:
- Activate OSPF on Direct interfaces - interface should be in GRT
- Announce loobacks to OSPF - interface should be in GRT
- Create General BGP session with peer connect-interface - General BGP session
- Activate MP-iBGP session between peers - ipv4-family vpnv4 or ipv6-family vpnv6
- Activate the required VPN-instances in BGP and announce the required routes to these VPn-instances

iBGP session assumes that you control IGP reachability inside your AS and announce all your routes (VPNs and GRT) over one TCP session in GRT but with different attributes, that defines the addressing families.

Hope it helps.
Take care and have a great day!
Viktor
  • x
  • convention:

Take%20care%20and%20have%20a%20great%20day!%3Cbr%2F%3E%3Cbr%2F%3EViktor

Comment

Reply
You need to log in to reply to the post Login | Register

Notice Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."
If the attachment button is not available, update the Adobe Flash Player to the latest version!

My Followers

Login and enjoy all the member benefits

Login and enjoy all the member benefits

Login