Re: Loop Prevention MPLS VPN

Gents,

Thanks for your input. I wanted to share my findings with the group so here
goes. Pauls's previous comments got me wondering so I reviewed the config to
figure out what went wrong. I should kick myself for not seeing but on the
other hand I think it makes for a good troubleshooting exercise....

The redistribution statement I used on both PE-1 & 2
was
"redistribute bgp 1000 subnets tag 99"

I think I may have inadvertently removed the domain ID which the
redistribution from MBGP to OSPF would have added to the route when it's
sent into OSPF.

when I use

"redistribute bgp 11260 subnets"

without tags, the route loop does not occur.

This is an aspect I thought I knew well but I clearly need to read this
again.

Thanks guys.

On Wed, Dec 1, 2010 at 2:49 PM, Paul Negron <negron.paul_at_gmail.com> wrote:

> Look at the route in the database and see if the routing bit is set on the
> LSA.
>
> It SHOULD be SET when it is initially redistributed into the MPLS cloud and
> the DOWN-BIT should be set to "UPWARD".
>
> The second time the route is redistributed toward the other CE, the down
> bit
> should be set to "DOWNWARD" and the Routing bit should be cleared or NOT
> SET. This happens so that if the route is to be redistributed toward a
> redundant PE, the DOWNBIT being set to DOWNWARD will not allow this.
>
> However, if 2 CE's are connected to the PE and OSPF is used from both CE's,
> the routing bit was cleared to allow the route coming from MPBGP to be
> chosen over the native OSPF route.
>
> Make sense?
>
> I'm not sure if this is your problem but it's worth examining.
>
> Paul
> --
> Paul Negron
> CCIE# 14856 CCSI# 22752
> Senior Technical Instructor
> www.micronicstraining.com
>
>
>
> > From: David Mahler <dave.mahler_at_gmail.com>
> > Reply-To: David Mahler <dave.mahler_at_gmail.com>
> > Date: Wed, 1 Dec 2010 10:25:39 -0800
> > To: <iosluver_at_gmail.com>
> > Cc: <ccielab_at_groupstudy.com>
> > Subject: Re: Loop Prevention MPLS VPN
> >
> > Hello,
> >
> > This looked like an interesting scenario to test out so I did in
> dynamips.
> > I have a loopback (100.0.0.100/8) on PE3 being redistributed into vrf
> OSPF
> > with CE2 and into MP-BGP with PE1 and PE2. PE1 and PE2 are
> redistributing
> > from MP-BGP into OSPF vrf with CE1.
> >
> > What I found was that while CE1 does have the ospf route for
> > 100.0.0.0/8(type <http://100.0.0.0/8%28type> 5 E2 in the database) PE1
> and PE2 are only installing
> > the MP-BGP route
> > in their routing tables. PE1 and PE2 do have 100.0.0.0/8 in their OSPF
> > databases though - they are just not installing it in their routing
> tables
> > for the vrf at all.
> >
> > There may be something fundamental I am missing in this scenario or the
> > description, but there looks to be something inherent with MP-BGP and
> OSPF
> > that I don't yet know (rather new to MPLS L3 VPNs). Seems despite OSPFs
> > lower AD, the MP-BGP routes (AD 200) are still preferred on the PEs.
> > Logically this makes sense as a loop prevention mechanism though - I will
> > definitely research this more - but just throwing that out there if there
> is
> > further comment on it before I RTFM.
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html

Blogs and organic groups at http://www.ccie.net
Received on Wed Dec 01 2010 - 16:06:14 ART