Configure inter-AS option A using the following guidelines:
Globomantics is AS65001 and Wired Brain is AS65002
XR11 must set LP to 50 for the following prefixes received from CSR3:
2001:DB8:3::102/128, 2001:DB8:3::103/128
192.0.2.2, 192.0.2.3
XR11 must prepend the customer’s AS path three times towards CSR3 for prefixes originated from CSR1’s AS65101
VRF L3B and L3C on R8/R10 are currently importing/exporting different RTs. On R3, routes from both VRFs must be imported/exported as if they are in one single VRF.
Use outer-VLAN 3888 inner-VLAN 311 for the XR11-R3 link
Use 10.3.11.0/24 and fc00:10:3:11::/64
Use outer-VLAN 3777 inner-VLAN 23 for the R2-R3 link
Use 10.2.3.0/24 and fc00:10:2:3::/64
All IGP/BGP peerings are already setup (except for the ASBR-ASBR peerings for option A).
Answer
#R3
vrf definition L3BC
rd 65000:123
route-target export 65000:103
route-target import 65000:102
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
int gi2.3113888
encapsulation dot1q 3888 second-dot1q 311
vrf forward L3BC
ip add 10.3.11.3 255.255.255.0
ipv6 add fc00:10:3:11::3/64
!
int gi2.233777
encapsulation dot1q 3777 second-dot1q 23
vrf forward L3BC
ip add 10.2.3.3 255.255.255.0
ipv6 add fc00:10:2:3::3/64
!
router bgp 65002
add ipv4 vrf L3BC
neighbor 10.3.11.11 remote-as 65001
neighbor 10.2.3.2 remote-as 65001
add ipv6 vrf L3BC
neighbor fc00:10:3:11::11 remote-as 65001
neighbor fc00:10:2:3::2 remote-as 65001
#R2
vrf definition L3A
rd 65000:101
route-target export 65000:101
route-target import 65000:101
!
address-family ipv4
exit-address-family
!
address-family ipv6
exit-address-family
!
int gi2.233777
encapsulation dot1q 3777 second-dot1q 23
vrf forward L3A
ip add 10.2.3.2 255.255.255.0
ipv6 add fc00:10:2:3::2/64
!
router bgp 65001
add ipv4 vrf L3A
neighbor 10.2.3.3 remote-as 65002
add ipv6 vrf L3A
neighbor fc00:10:2:3::3 remote-as 65002
#XR11
vrf L3A
add ipv4 unicast
import route-target 65000:101
export route-target 65000:101
add ipv6 unicast
import route-target 65000:101
export route-target 65000:101
!
int gi0/0/0/0.3113888
encapsulation dot1q 3888 second-dot1q 311
vrf L3A
ip add 10.3.11.11 255.255.255.0
ipv6 add fc00:10:3:11::11/64
!
prefix-set PS_L3A_V4
192.0.2.2/32,
192.0.2.3/32
end-set
!
prefix-set PS_L3A_V6
2001:db8:3::102/128,
2001:db8:3::103/128
end-set
!
route-policy RPL_L3A_V4_IN
if destination in PS_L3A_V4 then
set local-preference 50
endif
pass
end-policy
!
route-policy RPL_L3A_V6_IN
if destination in PS_L3A_V6 then
set local-preference 50
endif
pass
end-policy
!
route-policy RPL_L3A_OUT
if as-path originates-from '65101' then
prepend as-path most-recent 3
endif
pass
end-policy
!
router bgp 65001
vrf L3A
rd 65000:101
add ipv4 uni
add ipv6 uni
!
nei 10.3.11.3
remote-as 65002
add ipv4 uni
route-policy RPL_L3A_V4_IN in
route-policy RPL_L3A_OUT out
!
nei fc00:10:3:11::3
remote-as 65002
add ipv6 uni
route-policy RPL_L3A_V6_IN in
route-policy RPL_L3A_OUT out
Explanation
Inter-AS option A is the simplest option, in which the ASBRs treat each other as CEs. The simplest design is a basic PE-CE setup with no policies. For example, the config for R2:
By looking at the config above, you cannot tell whether R2 is connecting to a true CE or an ASBR. There is no difference.
There is some slight complexity within the Wired Brain (AS65002) network. The L3B and L3C VRFs use different RTs for import and export. This means that R8 and R10 do not import routes learned from the other PE:
Next, we have two ASBR-ASBR links (XR11-R3 and R2-R3). This task asks us to configure policies on XR11 so that this link is only used if the R2-R3 link fails.
First we setup an outbound policy which matches routes originated from 65101 and prepends the customer’s AS three time. Since this is address-familiy independent, this same RPL can be used for both IPv4 and IPv6 outbound routes.
#XR11
route-policy RPL_L3A_OUT
if as-path originates-from '65101' then
prepend as-path most-recent 3
endif
pass
end-policy
!
router bgp 65001
vrf L3A
nei 10.3.11.3
remote-as 65002
add ipv4 uni
route-policy RPL_L3A_OUT out
!
nei fc00:10:3:11::3
remote-as 65002
add ipv6 uni
route-policy RPL_L3A_OUT out
On R3 we can confirm that the routes are prepended from XR11:
To influence AS65001 to prefer the R2-R3 link, XR11 sets local preference low for prefixes received from R3:
#XR11
prefix-set PS_L3A_V4
192.0.2.2/32,
192.0.2.3/32
end-set
!
prefix-set PS_L3A_V6
2001:db8:3::102/128,
2001:db8:3::103/128
end-set
!
route-policy RPL_L3A_V4_IN
if destination in PS_L3A_V4 then
set local-preference 50
endif
pass
end-policy
!
route-policy RPL_L3A_V6_IN
if destination in PS_L3A_V6 then
set local-preference 50
endif
pass
end-policy
!
router bgp 65001
vrf L3A
nei 10.3.11.3
remote-as 65002
add ipv4 uni
route-policy RPL_L3A_V4_IN in
!
nei fc00:10:3:11::3
remote-as 65002
add ipv6 uni
route-policy RPL_L3A_V6_IN in
We can confirm that LP is set to 50 for these prefixes.
Notice that XR11 hides this alternative path because only the best path is sent to its iBGP peers. For example, if we look at the RR, we only see one path for 192.0.2.2/32. This can prevent fast convergence and load sharing.
Even if XR11 uses a unique RD, this would not solve the issue. In addition, XR11 would have to use a technique such as advertise-best-external.
Moving on, when we trace from R1’s L3A to L3B or L3C, we see that traffic takes the R2-R3 link. Notice that the traceroute has an unlabeled hop in the middle at the L3 NNI. This is a characteristic of inter-AS option A.
