Got it
Huawei Enterprise Support Community
Community Forums Routing & Switching
BGP with VRF connection n...

BGP with VRF connection not established

Created: Dec 9, 2019 15:24:45Latest reply: Dec 10, 2019 01:34:37 619 2 0 0 0
  Rewarded HiCoins: 0 (problem resolved)
View the author 1#

Hi!


I am not really good at BGP and VRF's.

I want to have a BGP Connection between a CE and a PE, with BGP running in a VRF on both sides. I need the VR on the Customer Router to be able to seperate traffic there as well.


My Problem is: The Connection is not being established. Can you please have a look at my configuration?


I have two VRF's on the PE, one for Internet-Access that i want to make avialable to the customer VRF.


----------------------------------------------------------------------------------------------------------------

CE:

<CE>display curr conf bgp
#
bgp 65000
 router-id 10.178.10.1
 peer 10.178.100.1 as-number 208968
 #
 ipv4-family unicast
  undo synchronization
  peer 10.178.100.1 enable
 #
 ipv4-family vpn-instance 65000:200
  as-number 208968
  router-id 10.178.100.2
  network 10.178.100.0 255.255.255.252
  import-route direct
  peer 10.178.100.1 as-number 208968
  peer 10.178.100.1 connect-interface LoopBack2
#
return

<CE>disp curr conf vpn-instance
#
ip vpn-instance 65000:200
 description KundenVRF
 ipv4-family
  route-distinguisher 65000:200
  vpn-target 65000:200 export-extcommunity
  vpn-target 65000:200 import-extcommunity
#
ip vpn-instance __LOCAL_OAM_VPN__
 ipv4-family
#
ip dcn vpn-instance __dcn_vpn__
 ipv4-family
#
return

----------------------------------------------------------------------------------------------------------------


PE:

<PE>displ curr conf bgp
#
bgp 208968
 router-id 10.178.0.3
 peer 10.178.0.2 as-number 208968
 peer 10.178.100.2 as-number 65000
 #
 ipv4-family unicast
  undo synchronization
  peer 10.178.0.2 enable
  peer 10.178.100.2 enable
 #
 ipv4-family vpnv4
  policy vpn-target
  peer 10.178.0.2 enable
 #
 ipv4-family vpn-instance 65000:200
  router-id 10.178.100.1
  network 10.178.100.0 255.255.255.252
  import-route direct
  peer 10.178.100.2 as-number 65000
  peer 10.178.100.2 connect-interface LoopBack2

<PE>displ curr conf vpn-instance
#
ip vpn-instance 208968:100
 description internet_lite
 ipv4-family
  route-distinguisher 208968:100
  vpn-target 208968:100 export-extcommunity
  vpn-target 208968:100 import-extcommunity
#
ip vpn-instance 65000:200
 description KundenVRF
 ipv4-family
  route-distinguisher 65000:200
  vpn-target 65000:200 export-extcommunity
  vpn-target 65000:200 import-extcommunity
  vpn-target 208968:100 import-extcommunity
#
#
return
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Output from running BGP on PE (it has a session to a P-Router established):

<PE>display bgp all sum

 BGP local router ID : 10.178.0.3
 Local AS number : 3.12360

 Address Family:Ipv4 Unicast
 --------------------------------------------------------------------------------------------
 Total number of peers : 2                 Peers in established state : 1

  Peer                     AS  MsgRcvd  MsgSent  OutQ  Up/Down       State    RtRcv    RtAdv
  10.178.0.2          3.12360      200      205     0 02:50:54 Established        0        0
  10.178.100.2          65000        0        0     0 02:51:05        Idle        0        0
 Address Family:Vpnv4 All
 --------------------------------------------------------------------------------------------
 Total number of peers : 2                 Peers in established state : 1

  Peer                     AS  MsgRcvd  MsgSent  OutQ  Up/Down       State    RtRcv    RtAdv
  10.178.0.2          3.12360      200      205     0 02:50:54 Established        0        3

  Peer of IPv4-family for vpn instance :

  VPN-Instance 65000:200, Router ID 10.178.100.1:
  Peer                     AS  MsgRcvd  MsgSent  OutQ  Up/Down       State    RtRcv    RtAdv
  10.178.100.2          65000        0        0     0 02:51:05     Connect        0        0
<PE>

-------------------------------------------------------------------------------------------------------------------------------------------------------------------

Output from running BGP on CE:


<CE>disp bgp all sum

 BGP local router ID : 10.178.10.1
 Local AS number : 65000

 Address Family:Ipv4 Unicast
 --------------------------------------------------------------------------------------------
 Total number of peers : 1                 Peers in established state : 0

  Peer                     AS  MsgRcvd  MsgSent  OutQ  Up/Down       State    RtRcv    RtAdv
  10.178.100.1        3.12360        0        0     0 00:35:59        Idle        0        0
 Address Family:Vpnv4 All
 --------------------------------------------------------------------------------------------
 Total number of peers : 1                 Peers in established state : 0


  Peer of IPv4-family for vpn instance :

  VPN-Instance 65000:200, Router ID 10.178.100.2:
  Peer                     AS  MsgRcvd  MsgSent  OutQ  Up/Down       State    RtRcv    RtAdv
  10.178.100.1        3.12360        0        2     0 00:35:59     Connect        0        0
<CE>
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------


Thanks for any help on this,

Christian


eBGPbgpvpn-instance

Like (0) Dislike (0) Favorite(0) Share Report
Previous: Disable warning: "This command may cause confliction in netconf or cloud-managed mode. Continue? "
Next: Purchase of Huawei switchs.
Featured Answers

Best answer

Recommended answer

(1) (0)
chenhui
Admin Created Dec 10, 2019 01:34:37

@poperator hi,
on the PE, you set the peer 10.178.100.2 with as-number 65000, while you set the as-number of vpn-instance 65000:200 on CE to 208968, please modify the peer as-number to 208968 on PE.
what's more, you set the source interface on both PE and CE to loopback 2, but the peer ip belongs to the interconnection interface, please remove this command on both PE and CE.
View more
  • x
  • convention:
All Answers
(0) (0)
2#
LuizPuppin
LuizPuppin HCIE Author Created Dec 9, 2019 16:49:35

You need to include a interface between two routers on the VRF.
interface gi x/x/x
ip binding vpn-instance xxxx
View more
  • x
  • convention:
(1) (0)
3#
chenhui
chenhui Admin Created Dec 10, 2019 01:34:37

@poperator hi,
on the PE, you set the peer 10.178.100.2 with as-number 65000, while you set the as-number of vpn-instance 65000:200 on CE to 208968, please modify the peer as-number to 208968 on PE.
what's more, you set the source interface on both PE and CE to loopback 2, but the peer ip belongs to the interconnection interface, please remove this command on both PE and CE.
View more
  • x
  • convention:
Back to list

Comment

Advanced
B Color Image Link Quote Code Smilies
You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " User Agreement."

My Followers

Login and enjoy all the member benefits

Login
Huawei Website Support About Huawei Privacy User Agreement Terms of Use Cookies Cookie Settings
Huawei Enterprise Huawei Carrier Forum Training & Certification

Contact Us: e_online@huawei.com Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

APP

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.