[FROG] BGP L3VPN support

Lou Berger lberger at labn.net
Wed Jun 5 18:12:28 EDT 2019


per the example, vpn-policyonly worked under the BGP instance on 4.0:


router bgp 6552  vrf red <======== BGP instance 1
   vpn-policy ipv4
      label 1041
      rd 10:41
      rt both 51:100
     exit
exit

router bop 6552 vrf blue <===== BGP instance 2
    vpn-policy ipv4
      label 1042
      rd 10:42
      rt both 52:100
     exit

I'll need to check what syntax was supported under 5.0

Lou

On 6/5/2019 5:14 PM, Heidi net wrote:
> I tried in FRR4.0, got error:
> ASW-7001(config-router)# router bgp 65021
> ASW-7001(config-router)# add ipv4 vpn
> ASW-7001(config-router-af)# neighbor 11.11.11.2 activate
> ASW-7001(config-router-af)# exit
> ASW-7001(config-router)#  vrf-policy cust1
> % Unknown command.
> ASW-7001(config-router)#
>
> It looks like this “vpn-policy” was introduced in FRR5.0, which I am 
> not in.
> Even for 5.0, if i want to configure TWO VRFs (as shown in my IOX 
> configuration). In FRR, do I have to configure 2 BGP instances, and 
> each one has its own vpn-policy, like:
> router bgp 6552 vrf red <======== BGP instance 1
> vpn-policy ipv4
>>     label 1041
>>     rd 10:41
>>     rt both 51:100
>>    exit
>
>
> router bop 6552 vrf blue <===== BGP instance 2
>    vpn-policy ipv4
>>     label 1042
>>     rd 10:42
>>     rt both 52:100
>>    exit
>
>
> Can I just configure one BGP instance, and have 2 vpn-policy, one for 
> red, one for blue,  under the same BGP instance?
>
>
> thanks
> - Heidi
>
>
>
>> On Jun 5, 2019, at 12:36 PM, Lou Berger <lberger at labn.net 
>> <mailto:lberger at labn.net>> wrote:
>>
>> see the example in 
>> https://github.com/FRRouting/topotests/blob/98ced3d021ec0bf03607dc5e2922673f2c4b15d2/bgp_l3vpn_to_bgp_vrf/r4/bgpd.conf
>>
>> e.g., in the bgp vrf config section"
>>
>>
>>    vpn-policy ipv4
>>     label 1041
>>     rd 10:41
>>     rt both 52:100
>>    exit
>>
>> On 6/5/2019 2:24 PM, Heidi net wrote:
>>> Thanks for your replies, I actually went through the 
>>> document/examples for FRR 5.0, but wondering if I could do L3VPN on 
>>> 4.0, without VRF leaking.
>>>
>>> In order to do that, I need to attach RD/RT to each VRF, so looking 
>>> for configuration to configure RD/RT in FRR4.0.
>>>
>>>
>>> thanks
>>> - Heidi
>>>
>>>> On May 31, 2019, at 10:28 AM, Lou Berger <lberger at labn.net 
>>>> <mailto:lberger at labn.net>> wrote:
>>>>
>>>> Hi,
>>>>
>>>> Some good examples can also be found in topotest, e.g.,
>>>>
>>>> https://github.com/FRRouting/frr/blob/master/tests/topotests/bgp_l3vpn_to_bgp_vrf/r4/bgpd.conf
>>>>
>>>> but this uses the current RD/RT syntax but I'm unsure of the syntax 
>>>> for 4.0.
>>>>
>>>> Looking back, I suggest trying the following the example from a 
>>>> correspondingly old version of topotest:
>>>>
>>>> https://github.com/FRRouting/topotests/blob/98ced3d021ec0bf03607dc5e2922673f2c4b15d2/bgp_l3vpn_to_bgp_vrf/r4/bgpd.conf
>>>>
>>>> Lou
>>>>
>>>> On 5/30/2019 7:23 PM, Heidi net wrote:
>>>>> Hello,
>>>>>
>>>>> I am trying to migrate from IOX to FRR4.0.   I have a simple 
>>>>> configuration of 2 VRFs: red and blue. No VRF route leaking is needed.
>>>>>
>>>>> I know VRF route leaking was added to FRR5.0. But since I don’t do 
>>>>> that.  Can FRR4.0 be used to
>>>>>
>>>>> - Configure 2 VRFs for routes,  attach different RD/RT to routes, 
>>>>> and advertise routes into corresponding VPNs with FRR4.0?
>>>>> - Any configuration examples?
>>>>>
>>>>>
>>>>> Below is the current Cisco configuration.
>>>>>
>>>>> ip vrf red
>>>>>  rd 100:101
>>>>>  route-target export 200:101
>>>>>  route-target import 200:101
>>>>> !
>>>>> ip vrf blue
>>>>>  rd 100:201
>>>>>  route-target export 200:201
>>>>>  route-target import 200:201
>>>>> !
>>>>> interface Loopback101
>>>>> ip vrf forwarding red
>>>>> !
>>>>> interface Loopback102
>>>>>  ip vrf forwarding blue
>>>>> !
>>>>> router bgp 100
>>>>>  neighbor 10.10.10.2 remote-as 200
>>>>>  neighbor 10.10.10.2 update-source Loopback0
>>>>> !
>>>>>  address-family vpnv4
>>>>>   neighbor 10.10.10.2 activate
>>>>>   neighbor 10.10.10.2 send-community both
>>>>>   exit-address-family
>>>>> !
>>>>>  address-family ipv4 vrf red
>>>>>  redistribute connected
>>>>>  exit-address-family
>>>>> !
>>>>>  address-family ipv4 vrf blue
>>>>>  redistribute connected
>>>>>  exit-address-family
>>>>>
>>>>>
>>>>> thanks
>>>>> - Heidi
>>>>> _______________________________________________
>>>>> frog mailing list
>>>>> frog at lists.frrouting.org
>>>>> https://lists.frrouting.org/listinfo/frog
>>>
>



More information about the frog mailing list