PIC Edge for VPNv4

Topology: ine-spv4

Load bgp.pic.init.cfg

#IOS-XE
config replace flash:bgp.pic.init.cfg
 
#IOS-XR
configure
load bootflash:bgp.pic.init.cfg
commit replace
y

VPNv4 is currently setup in the network. R2 is a dual-homed CE that announces 1.1.1.1/32 and 2.2.2.2/32 to R3 and R4. XR1 is singled homed to R5, announcing 19.19.19.19/32 and 20.20.20.20/32. R6 is the RR.

Configure PIC for the L3VPN so that R5 pre-installs a backup route in the FIB for 1.1.1.1/32 and 2.2.2.2/32 for VRF A.

Answer

#R3
vrf def A
 no rd 100:1
!
! Wait ~30 seconds
!
 rd 100:3
 route-target both 100:1
!
router bgp 100
 add ipv4 uni vrf A
  neighbor 20.2.3.2 remote-as 65000

#R5
router bgp 100
 add ipv4 uni vrf A
  bgp additional-paths install

Explanation

In this lab, we must use per-PE VRF RD values to get R6 to reflect the multiple paths to R5. IOS-XE does not support sending additional paths for VPNv4. Only IOS-XR supports this. So if IOS-XR was the RR, and the PE we want to run PIC was also IOS-XR, we could have used the add-path capability for this instead.

However, VPNv4 gives us an easy way to make prefixes unique, which is to use a different RD per PE. When you change the RD value, you must wait a while for the router to deconfigure the VRF. Then when it is done, you must put in the new RD value, re-add the RTs, and reconfigure the CE as a neighbor under BGP.

#R3
vrf def A
 no rd 100:1
!
! Wait ~30 seconds
!
 rd 100:3
 route-target both 100:1
!
router bgp 100
 add ipv4 uni vrf A
  neighbor 20.2.3.2 remote-as 65000

At this point R5 should have two paths to 1.1.1.1/32 and 2.2.2.2/32. All that is left is to tell R5 to install additional paths as backup routes using the command bgp additional-paths install under the customer VRF under BGP.

#R5
router bgp 100
 add ipv4 uni vrf A
  bgp additional-paths install

Verification

Before we make any changes, we can see that R5 only has one route to prefixes advertised by R2.

This is because the RR will only select the bestpath to reflect to clients:

When we change the RD on R3, the RR sees this as a completely separate prefix due to the unique RD value. Therefore it reflects both paths to its clients.

On R5, we now have multiple paths, but we still have not enabled PIC yet.

We enable PIC for a VRF under the BGP VRF config:

#R5
router bgp 100
 add ipv4 uni vrf A
  bgp additional-paths install

Once PIC is enabled, we should see a b next to the backup paths:

We also see the backup/repair path in the FIB:

This can also be seen in the RIB using the following command:

Further Reading

https://learningnetwork.cisco.com/s/question/0D53i00000Kt0rfCAB/multipath-in-bgp-vpnv4-network

PreviousPIC Edge TroubleshootingNextAIGP

Last updated