Knowledge Search


×
 

BGP not advertising the directly connected network to the remote PE router in L3VPN

  [KB12430] Show Article Properties


Summary:

BGP will not advertise the directly connected network to the remote PE router in L3VPN without vrf-table-label or some other route to advertise.

Symptoms:

In a VRF, when the directly connected interface towards the CE is a broadcast-type interface (i.e., Ethernet), BGP does not  advertise the directly connected interface network to the peer PE router.

This behavior can be verified with the following command and example:

lab# show routing-instances
L3VPN_TO_CE1 {
    instance-type vrf;
    interface fe-1/2/3.0;
    route-distinguisher 5555:1;
    vrf-target target:5555:1;
    }

lab# show interfaces fe-1/2/3
unit 0 {
    family inet {
        address 172.16.1.2/30;
    }
}

lab# show protocols bgp
group VPN-GROUP {
    type internal;
    local-address 2.2.2.2;
    family inet-vpn {
        unicast;
    }
    neighbor 4.4.4.4;
}
Note above that the routing instance is not configured with any protocol and the interface in this instance is fe-1/2/3.0, configured with 172.16.1.0/30. This /30 network should be advertised to the remote BGP PE peer.

lab@router> show route advertising-protocol bgp 4.4.4.4             
L3VPN_TO_CE1.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
  Prefix                  Nexthop              MED     Lclpref    AS path
* 172.16.1.0/30           Not advertised               100        I
The output above shows that the network is not advertised to the remote PE.

The details show that it cannot assign the VPN label to this network since it can't find a next-hop address in the LAN (broadcast network), and hence the network is not advertised to the peer.
lab@router> show route advertising-protocol bgp 4.4.4.4 extensive
L3VPN_TO_CE1.inet.0: 4 destinations, 4 routes (4 active, 0 holddown, 0 hidden)
* 172.16.1.0/30 (1 entry, 1 announced)
 BGP group VPN-GROUP type Internal
     Route Distinguisher: 5555:1
     BGP label allocation failure: Need a nexthop address on LAN
     Nexthop: Not advertised
     Flags: Nexthop Change
     Localpref: 100
     AS path: I
     Communities: target:5555:1
Solution:

This is the default behavior, as BGP doesn't allocate a VPN label to a network for which it doesn't have a learned next hop via any means (statically or via any protocol). Hence for a  network of the broadcast type interface which  doesn't have a valid contributing route in the routing instance, the VPN label is not assigned.

There are three workarounds for this scenario:

  • Learn at least one prefix from the IGP protocol neighbor in the routing instance.

  • Configure the vrf-table-label command under the routing-instance stanza.

[edit routing-instances L3VPN_TO_CE1]
lab# show
instance-type vrf;
interface fe-1/2/3.0;
route-distinguisher 5555:1;
vrf-target target:5555:1;
vrf-table-label;

  • Configure a contributing route statically.
For example, a static route can be configured for the other end interface with the next hop as the same interface:
[edit routing-instances L3VPN_TO_CE1]
lab# show
instance-type vrf;
interface fe-1/2/3.0;
route-distinguisher 5555:1;
vrf-target target:5555:1;
routing-options {
    static {
        route 172.16.1.1/32 next-hop 172.16.1.1;
    }
}
lab@router> show route advertising-protocol bgp 4.4.4.4      
L3VPN_TO_CE1.inet.0: 5 destinations, 5 routes (5 active, 0 holddown, 0 hidden)
  Prefix                  Nexthop              MED     Lclpref    AS path
* 172.16.1.0/30           Self                         100        I
* 172.16.1.1/32           Self                         100        I
See that now the network is advertised.
Related Links: