Downloads |
 Feedback
|
Table Of Contents
Prerequisites for BGP Event-Based VPN Import
Information About BGP Event-Based VPN Import
How to Configure BGP Event-Based VPN Import
Configuring a Multiprotocol VRF
Configuring Event-Based VPN Import Processing for BGP Paths
Monitoring and Troubleshooting BGP Event-Based VPN Import Processing
Configuration Examples for BGP Event-Based VPN Import
Configuring Event-Based VPN Import Processing for BGP Paths: Example
Feature Information for BGP Event-Based VPN Import
BGP Event-Based VPN Import
First Published: October 2, 2009Last Updated: September 10, 2010The BGP Event-Based VPN Import feature introduces a modification to the existing Border Gateway Protocol (BGP) path import process. The enhanced BGP path import is driven by events; when a BGP path changes, all of its imported copies are updated as soon as processing is available. Convergence times are significantly reduced because there is no longer any delay in the propagation of routes due to the software waiting for a periodic scanner time interval before processing the updates. To implement the new processing, new command-line interface (CLI) commands are introduced.
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for BGP Event-Based VPN Import" section.
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Contents
•
Prerequisites for BGP Event-Based VPN Import
•
•
•
•
Prerequisites for BGP Event-Based VPN Import
Cisco Express Forwarding or distributed Cisco Express Forwarding must be enabled on all participating routers.
Information About BGP Event-Based VPN Import
BGP Event-Based VPN Import
The BGP Event-Based VPN Import feature introduces a modification to the existing BGP path import process. BGP Virtual Private Network (VPN) import provides importing functionality for BGP paths where BGP paths are imported from the BGP VPN table into a BGP virtual routing and forwarding (VRF) topology. In the existing path import process, when path updates occur, the import updates are processed during the next scan time which is a configurable interval of 5 to 15 seconds. The scan time adds a delay in the propagation of routes. The enhanced BGP path import is driven by events; when a BGP path changes, all of its imported copies are updated as soon as processing is available.
Using the BGP Event-Based VPN Import feature, convergence times are significantly reduced because provider edge (PE) routers can propagate VPN paths to customer edge (CE) routers without the scan time delay. Configuration changes such as adding imported route-targets to a VRF are not processed immediately, and are still handled during the 60-second periodic scanner pass.
Import Path Selection Policy
Event-based VPN import introduces three path selection policies:
•
•
•
Multipath and bestpath options can be restricted using an optional keyword to ensure that the selection is made only on the configured option. If the strict keyword is configured, the software disables the fall back safety option of choosing the best available path. If there are no paths appropriate to the configured option (bestpath or multipath) in the exporting net that match the RT of the VRF instance, then no paths are imported. This behavior matches the behavior of the software before the BGP Event-Based VPN Import feature was introduced.
When the restriction is not set, paths that are imported as the best available path are tagged. In show command output these paths are identified with the wording, "imported safety path."
The paths existing in an exporting net that are considered for import into a VRF instance may have been received from another peer router and were not subject to the VPN importing rules. These paths may contain the same route-distinguisher (RD) information because the RD information is local to a router, but some of these paths do not match the RT of the importing VRF instance and are marked as "not-in-vrf" in the show command output. Any path that is marked as "not-in-vrf" is not considered as a bestpath because paths not in the VRF appear less attractive than paths in the VRF.
Import Path Limit
To control the memory utilization, a maximum limit of the number of paths imported from an exporting net can be specified per importing net. When a selection is made of paths to be imported from one or more exporting net, the first selection priority is a bestpath, the next selection priority is for multipaths, and the lowest selection priority is for nonmultipaths.
How to Configure BGP Event-Based VPN Import
•
•
•
Configuring a Multiprotocol VRF
Perform this task to configure a multiprotocol VRF that allows you to share route-target policies (import and export) between IPv4 and IPv6 or to configure separate route-target policies for IPv4 and IPv6 VPNs. In this task, only the IPv4 address family is configured, but we recommend using the multiprotocol VRF configuration for all new VRF configurations.
Note
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
13.
14.
15.
DETAILED STEPS
Step 1
enable
Example:Router> enable
Enables privileged EXEC mode.
•
Step 2
configure terminal
Example:Router# configure terminal
Enters global configuration mode.
Step 3
vrf definition vrf-name
Example:Router(config)# vrf definition vrf-A
Configures a VRF routing table and enters VRF configuration mode.
•
Step 4
rd route-distinguisher
Example:Router(config-vrf)# rd 45000:1
Creates routing and forwarding tables and specifies the default route distinguisher for a VPN.
•
Step 5
route-target {import | export | both} route-target-ext-community
Example:Router(config-vrf)# route-target both 45000:100
Creates a route target extended community for a VRF.
•
•
•
•
Step 6
address-family ipv4 [unicast]
Example:Router(config-vrf)# address-family ipv4 unicast
Specifies the IPv4 address family and enters VRF address family configuration mode.
•
Step 7
exit-address-family
Example:Router(config-vrf-af)# exit-address-family
Exits VRF address family configuration mode and returns to VRF configuration mode.
Step 8
exit
Example:Router(config-vrf)# exit
Exits VRF configuration mode and enters global configuration mode.
Step 9
interface type number
Example:Router(config)# interface FastEthernet 1/1
Enters interface configuration mode.
Step 10
vrf forwarding vrf-name
Example:Router(config-if)# vrf forwarding vrf-A
Associates a VRF instance with the interface configured in Step 9.
•
Step 11
ip address ip-address mask
Example:Router(config-if)# ip address 10.4.8.149 255.255.255.0
Configures an IP address for the interface.
Step 12
no shutdown
Example:Router(config-if)# no shutdown
Restarts a disabled interface.
Step 13
exit
Example:Router(config-if)# exit
Exits interface configuration mode and enters global configuration mode.
Step 14
Repeat Step 3 through Step 13 to bind other VRF instances with an interface.
—
Step 15
end
Example:Router(config)# end
Exits global configuration mode and returns to privileged EXEC mode.
Configuring Event-Based VPN Import Processing for BGP Paths
Perform this task to reduce convergence times when BGP paths change by configuring event-based processing for importing BGP paths into a VRF table. Two new CLI commands allow the configuration of a maximum number of import paths per importing net and the configuration of a path selection policy.
Prerequisites
This task assumes that you have previously configured the VRF to be used with the VRF address family syntax. To configure a VRF, see the "Configuring a Multiprotocol VRF" section.
Complete BGP neighbor configuration is also assumed. For an example configuration, see the "Configuring Event-Based VPN Import Processing for BGP Paths: Example" section.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
DETAILED STEPS
Monitoring and Troubleshooting BGP Event-Based VPN Import Processing
Perform the steps in this task as required to monitor and troubleshoot the BGP event-based VPN import processing.
Only partial command syntax for the show commands used in this task is displayed. For more details, see the Cisco IOS IP Routing: BGP Command Reference.
SUMMARY STEPS
1.
2.
3.
4.
DETAILED STEPS
Step 1
Enables privileged EXEC mode. Enter your password if prompted.
Router> enableStep 2
In this example output, a safe import path selection policy is in effect because the strict keyword is not configured using the import path selection command. When a path is imported as the best available path (when the bestpath or multipaths are not eligible for import), the path is marked with "imported safety path," as shown in the output.
Router# show ip bgp vpnv4 all 172.17.0.0BGP routing table entry for 45000:1:172.17.0.0/16, version 10Paths: (1 available, best #1, table vrf-A)Flag: 0x820Not advertised to any peer2, imported safety path from 50000:2:172.17.0.0/1610.0.101.1 from 10.0.101.1 (10.0.101.1)Origin IGP, metric 200, localpref 100, valid, internal, bestExtended Community: RT:45000:100The paths existing in an exporting net that are considered for import into a VRF instance may have been received from another peer router and were not subject to the VPN importing rules. These paths may contain the same route-distinguisher (RD) information because the RD information is local to a router, but some of these paths do not match the RT of the importing VRF instance and are marked as "not-in-vrf" in the show command output.
In the following example output, a path was received from another peer router and was not subject to the VPN importing rules. This path, 10.0.101.2, was added to the VPNv4 table and associated with the vrf-A net because it contains a match of the RD information although the RD information was from the original router. This path is not, however, an RT match for vrf-A and is marked as "not-in-vrf." Note that on the net for vrf-A, this path is not the bestpath because any paths that are not in the VRF appear less attractive than paths in the VRF.
Router# show ip bgp vpnv4 all 172.17.0.0BBGP routing table entry for 45000:1:172.17.0.0/16, version 11Paths: (2 available, best #2, table vrf-A)Flag: 0x820Not advertised to any peer210.0.101.2 from 10.0.101.2 (10.0.101.2)Origin IGP, metric 100, localpref 100, valid, internal, not-in-vrfExtended Community: RT:45000:200mpls labels in/out nolabel/16210.0.101.1 from 10.0.101.1 (10.0.101.1)Origin IGP, metric 50, localpref 100, valid, internal, bestExtended Community: RT:45000:100mpls labels in/out nolabel/16Step 3
In this example output, information about the routing table for VRF vrf-A is displayed:
Router# show ip route vrf vrf-A 172.17.0.0Routing Table: vrf-ARouting entry for 172.17.0.0/16Known via "bgp 1", distance 200, metric 50Tag 2, type internalLast update from 10.0.101.33 00:00:32 agoRouting Descriptor Blocks:* 10.0.101.33 (default), from 10.0.101.33, 00:00:32 agoRoute metric is 50, traffic share count is 1AS Hops 1Route tag 2MPLS label: 16MPLS Flags: MPLS RequiredStep 4
Use this command to display debugging information related to the importing of BGP paths into a VRF instance table. The actual output depends on the commands that are subsequently entered.
Note
Router# debug ip bgp vpnv4 unicast import eventsBGP import events debugging is on
Configuration Examples for BGP Event-Based VPN Import
•
Configuring Event-Based VPN Import Processing for BGP Paths: Example
In this example configuration, a VRF (vrf-A) is configured and VRF forwarding is applied to Fast Ethernet interface 1/1. In address family mode the import path selection is set to all and the number of import paths is set to 3. Two BGP neighbors are configured under the IPv4 address family and activated under the VPNv4 address family.
vrf definition vrf-Ard 45000:1route-target import 45000:100address-family ipv4exit-address-family!interface FastEthernet1/1no ip addressvrf forwarding vrf-Aip address 10.4.8.149 255.255.255.0no shutexit!router bgp 45000network 172.17.1.0 mask 255.255.255.0neighbor 192.168.1.2 remote-as 40000neighbor 192.168.3.2 remote-as 50000address-family ipv4 vrf vrf-Aimport path selection allimport path limit 3exit-address-familyaddress-family vpnv4neighbor 192.168.1.2 activateneighbor 192.168.3.2 activateendWhere to Go Next
•
•
•
•
Additional References
The following sections provide references related to the BGP Event-Based VPN Import feature.
Related Documents
BGP commands: complete command syntax, command mode, defaults, command history, usage guidelines, and examples
Overview of Cisco BGP conceptual information with links to all the individual BGP modules
"Cisco BGP Overview" module of the Cisco IOS IP Routing: BGP Configuration Guide.
Conceptual and configuration details for basic BGP tasks.
"Configuring a Basic BGP Network" module of the Cisco IOS IP Routing Protocols Configuration Guide.
Command Lookup Tool
Cisco IOS Master Command List
http://www.cisco.com/en/US/docs/ios/mcl/allreleasemcl/all_book.html
Standards
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.
—
MIBs
RFCs
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.
—
Technical Assistance
Feature Information for BGP Event-Based VPN Import
Table 1 lists the release history for this feature.
Table 1 lists the features in this module and provides links to specific configuration information. Only features that were introduced or modified in Cisco IOS Releases 15.0(1)M, 12.2(33)SRE, or a later release appear in the table.
For information on a feature in this technology that is not documented here, see the "Cisco BGP Implementation Roadmap."
Not all commands may be available in your Cisco IOS software release. For release information about a specific command, see the command reference documentation.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which Cisco IOS and Catalyst OS software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2010 Cisco Systems, Inc. All rights reserved.
