Fault Symptom
An Route Reflector (RR) is configured to optimize BGP/MPLS VPN services. CE1 and CE2 are in the same VPN. After the configuration is complete, it is found that the RR can learn a VPNv4 route advertised by PE1 but PE2 fails to learn this route.
Fault Analysis
1. Run the display current-configuration configuration bgp command on the RR and PEs. It is found that route reflection relationships are correctly set up between the RR and two PEs.
2. Run the display bgp vpnv4 all peer command on the RR. It is found that the IBGP peer relationships between the RR and the PEs are in the Established state ( BGP current state: Established, Up for 00:21:15).
3. Run the display ip extcommunity-filter command on the RR to view information about the extended community attribute filter.
Extended Community filter Number 1
deny rt : 100:1
permit rt : 200:1
The output of the display ip extcommunity-filter command indicates that the routes with the RT being 100:1 are filtered out.
4. Run the display ip vpn-instance verbose command on PE1 to view detailed information about all VPN instances.
Total VPN-Instances configured : 1
VPN-Instance Name and ID : a, 1
Create date : 2010/06/23 20:18:40 UTC+08:00 DST
Up time : 0 days, 00 hours, 02 minutes and 27 seconds
Route Distinguisher : 1:1
Export VPN Targets : 100:1
Import VPN Targets : 111:1
Label Policy : label per route
Import Route Policy : p1
Export Route Policy : p2
The diffserv-mode Information is : uniform
The ttl-mode Information is : pipe
The VPN QoS configuration information : based on VPN
CIR: 10000000 PIR: 10000000 QoS-profile name: profile1
Tunnel Policy : tnlpolicy1
Description : This is a VPN for company1.
Maximum Routes Limit : 100
Log Interval : 5
Interfaces : GigabitEthernet1/0/0
The output of the display ip vpn-instance verbose command indicates that the packets with the Export VPN Targets field being 100:1 are filtered out on the RR. As a result, the RR does not reflect routes to PE2.
Procedure
1. Run the system-view command on the RR to enter the system view.
2. Run the ip extcommunity-filter 1 permit rt 100:1 command on the RR to make the Export RT on PE1 and the RT of the extended community filter on the RR the same.
3. Run the bgp as-number command on the RR to enter the BGP view.
4. Run the ipv4-family vpnv4 command on the RR to enter the BGP-VPNv4 address family view.
5. Run the undo rr-filter command on the RR to delete the original reflection policy of the RR.
6. Run the rr-filter 1 command on the RR to specify a new reflection policy for the RR.
After the preceding operations, PE2 can learn the VPNv4 routes advertised by PE1. The fault is rectified.
Summary
When configuring an RR, ensure that the Import VPN target and Export VPN target match the RTs on PE1 and PE2.
To minimize the impact of incorrect configurations, you can run the undo policy vpn-target command to permit all VPNv4 routes.
