< Home

Configuring MP-BGP

BGP Connection Diagram

Procedure

  • Configure SPEs.

    The following uses the configuration of Core_SPE1 on the core ring as an example. The configurations of Core_SPE2 and Core_SPE3 are similar to the configuration of Core_SPE1, and are not mentioned here.

    tunnel-selector TSel permit node 9
 if-match ip next-hop ip-prefix core_nhp    //Configure a tunnel policy selector to enable Core_SPE1 to select any tunnel to be iterated when the next-hop address of a VPNv4 route has the prefix of another SPE.
#
tunnel-selector TSel permit node 10    //Configure a tunnel policy selector to iterate a route received from an IBGP peer to a TE tunnel when the route needs to be forwarded to another IBGP peer and Core_SPE1 needs to modify the next hop of the route to itself.
 apply tunnel-policy TE
#
bgp 65000
 group devCore internal    //Create an IBGP peer group.
 peer devCore connect-interface LoopBack1     //Specify loopback interface 1 and its address as the source interface and address of BGP packets.
 peer 172.16.0.3 as-number 65000    //Set up a peer relationship between SPEs.
 peer 172.16.0.3 group devCore    //Add SPEs to the IBGP peer group.
 peer 172.16.0.4 as-number 65000
 peer 172.16.0.4 group devCore
 group devHost internal
 peer devHost connect-interface LoopBack1
 peer 172.16.2.50 as-number 65000
 peer 172.16.2.50 group devHost
 peer 172.16.2.51 as-number 65000
 peer 172.16.2.51 group devHost
 peer 172.16.2.86 as-number 65000
 peer 172.16.2.86 group devHost
 peer 172.16.2.87 as-number 65000
 peer 172.16.2.87 group devHost
 #
 ipv4-family unicast
  undo synchronization
  undo peer devCore enable
  undo peer devHost enable
  undo peer 172.16.2.50 enable
  undo peer 172.16.2.51 enable
  undo peer 172.16.0.3 enable
  undo peer 172.16.0.4 enable
  undo peer 172.16.2.86 enable
  undo peer 172.16.2.87 enable
 #
 ipv4-family vpnv4
  policy vpn-target
  tunnel-selector TSel    //An SPE advertises the default route to UPEs. The SPE modifies the next hop of UPEs' routes to itself and forwards the routes to other SPEs. Therefore, configure a tunnel policy selector to iterate BGP VPNv4 routes sent to UPEs to TE tunnels and to iterate BGP VPNv4 routes sent to other SPEs to LSPs.
  peer devCore enable
  peer devCore route-policy core-import import    //Configure Core_SPE1 to filter information about all routes of sites connected to Core_SPE1 when it receives routes from other SPEs.
  peer devCore advertise-community
  peer 172.16.0.3 enable
  peer 172.16.0.3 group devCore
  peer 172.16.0.4 enable
  peer 172.16.0.4 group devCore
  peer devHost enable
  peer devHost route-policy p_iBGP_RR_in import    //Configure Core_SPE1 to filter out host routes when receiving routes from UPEs; set the preferred value of the route between Core_SPE1 and its directly connected UPEs to 300, and set the preferred value of routes between Core_SPE1 and other UPEs to 200.
  peer devHost advertise-community    //Advertise community attributes to the IBGP peer group.
  peer devHost upe    //Configure the peer devHost as a UPE.
  peer devHost default-originate vpn-instance vpna    //Send the default route of VPN instance vpna to UPEs.
  peer 172.16.2.50 enable
  peer 172.16.2.50 group devHost
  peer 172.16.2.51 enable
  peer 172.16.2.51 group devHost
  peer 172.16.2.86 enable
  peer 172.16.2.86 group devHost
  peer 172.16.2.87 enable
  peer 172.16.2.87 group devHost
 #
#
route-policy p_iBGP_RR_in deny node 5    //Filter out host routes of all sites.
 if-match ip-prefix deny_host
 if-match community-filter all_site
#
route-policy p_iBGP_RR_in permit node 11    //Set the preferred value of the route between Core_SPE1 and its directly connected UPE to 300.
 if-match community-filter site1
 apply preferred-value 300
#
route-policy p_iBGP_RR_in permit node 12    //Set the preferred value of the route between Core_SPE1 and another UPE to 200.
 if-match community-filter site2
 apply preferred-value 200
#
route-policy p_iBGP_RR_in permit node 13    //Set the preferred value of the route between Core_SPE1 and another UPE to 200.
 if-match community-filter site3
 apply preferred-value 200
#
route-policy p_iBGP_RR_in permit node 20    //Permit all the other routes.
#
route-policy core-import deny node 5    //Deny all routes of sites directly connected to Core_SPE1.
 if-match community-filter site12
#
route-policy core-import deny node 6    //Deny all routes of sites directly connected to Core_SPE1.
 if-match community-filter site13
#
route-policy core-import permit node 10    //Permit all the other routes.
#
ip ip-prefix deny_host index 10 permit 0.0.0.0 0 greater-equal 32 less-equal 32    //Permit all 32-bit host routes and deny all the other routes.
ip ip-prefix core_nhp index 10 permit 172.16.0.3 32
ip ip-prefix core_nhp index 20 permit 172.16.0.4 32    //Permit routes to 172.16.0.3/32 and 172.16.0.4/32 and deny all the other routes.
#
ip community-filter basic site1 permit 100:100    //Create a community attribute filter site1 and set the community attribute to 100:100.
ip community-filter basic site2 permit 200:200
ip community-filter basic site3 permit 300:300
ip community-filter basic all_site permit 5720:5720
ip community-filter basic site12 permit 12:12
ip community-filter basic site13 permit 13:13
#

  • Configure UPEs.

    The following uses the configuration of Site1_UPE1 as an example. The configurations of Site1_UPE2, Site2_UPE3, Site2_UPE4, Site3_UPE5, and Site3_UPE6 are similar to the configuration of Site1_UPE1, and are not mentioned here.

    bgp 65000
 group devCore internal
 peer devCore connect-interface LoopBack1
 peer 172.16.0.3 as-number 65000
 peer 172.16.0.3 group devCore
 peer 172.16.0.5 as-number 65000
 peer 172.16.0.5 group devCore
 group devHost internal
 peer devHost connect-interface LoopBack1
 peer 172.16.2.50 as-number 65000
 peer 172.16.2.50 group devHost
 #
 ipv4-family unicast
  undo synchronization
  undo peer devCore enable
  undo peer devHost enable
  undo peer 172.16.2.50 enable
  undo peer 172.16.0.3 enable
  undo peer 172.16.0.5 enable
 #
 ipv4-family vpnv4
  policy vpn-target
  peer devCore enable
  peer devCore route-policy p_iBGP_host_ex export    //Configure the community attribute of routes that Site1_UPE1 sends to SPEs.
  peer devCore advertise-community
  peer 172.16.0.3 enable
  peer 172.16.0.3 group devCore
  peer 172.16.0.3 preferred-value 200    //Set the preferred value of the route between Site1_UPE1 and Core_SPE2 to 200.
  peer 172.16.0.5 enable
  peer 172.16.0.5 group devCore
  peer 172.16.0.5 preferred-value 300    //Set the priority of Core_SPE1 to 300 so that Site1_UPE1 preferentially selects routes advertised from Core_SPE1.
  peer devHost enable
  peer devHost advertise-community
  peer 172.16.2.50 enable
  peer 172.16.2.50 group devHost
 #
#
route-policy p_iBGP_host_ex permit node 0    //Add the community attribute for the route.
 apply community 100:100 5720:5720 12:12
#

Checking the Configuration

  • Run the display bgp vpnv4 all peer command to check the BGP VPNv4 peer status.

    Using Core_SPE1 as an example, if the value of State is Established, BGP peer relationships have been set up successfully.

    [Core_SPE1]display bgp vpnv4 all peer

 BGP local router ID : 172.16.0.5
 Local AS number : 65000
 Total number of peers : 4                Peers in established state : 4

  Peer            V          AS  MsgRcvd  MsgSent  OutQ  Up/Down       State PrefRcv

  172.16.2.51     4       65000     2102     1859     0 20:55:17 Established     550
  172.16.2.86     4       65000     3673     2989     0 0026h03m Established     550
  172.16.0.3      4       65000     1659     1462     0 20:57:05 Established     200
  172.16.0.4      4       65000     3421     2494     0 0026h03m Established     200
Parent Topic: Deploying L3VPN Services and Protection (HoVPN)
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >