BGP L3VPN and Backdoor

JoseBejaranoJoseBejarano Member Posts: 8 ■□□□□□□□□□
Hi all,

You are providing L3VPN Services and PE-CE protocol is BGP. CE are using private AS number and as-override is configured. Customer is using some backdor p-t-p links. How to be sure no routing loop is formed without using communities ( i.e. soo ) ?

Thanks,
Jose

Comments

  • JoseBejaranoJoseBejarano Member Posts: 8 ■□□□□□□□□□
    Ok, solved using Site of Origin communities, it didnt work at the begining but configuring within VRF like
    Route Origin for VPNs - JUNOS 9.5 VPNs Configuration Guide

    Cheers anyway,
    Jose
  • IOS2JUNOSIOS2JUNOS Member Posts: 56 ■■□□□□□□□□
    Ok, solved using Site of Origin communities, it didnt work at the begining but configuring within VRF like
    Route Origin for VPNs - JUNOS 9.5 VPNs Configuration Guide

    Cheers anyway,
    Jose

    is there any other way to do this without using BGP communities?
  • JoseBejaranoJoseBejarano Member Posts: 8 ■□□□□□□□□□
    Hi,

    Just using extended community Site of Origin should work. Other solution may be tagging prefixes and using export/import policy under BGP protocol routing-instances. I didnt lab up this option...

    Jose
  • IOS2JUNOSIOS2JUNOS Member Posts: 56 ■■□□□□□□□□
    I get the solution using SOO but unclear on the scenarios. Will the customer be using the backdoor link as the primary path between two CEs and if the backdoor links goes down then use VPN link? If you filter these routes on the PE, what happens if the backdoor link is down...how would the CEs learn these routes..
  • SettSett Member Posts: 187
    I think you can achieve same result if you configure higher local-preference on PE-1 for the prefixes that belong to CE-2 and are learned vie PE-2. You should mirror it on PE-2 as well. Then the PEs will advertise the routes to CEs which will have two paths for the remote prefixes (via the MPLS cloud and via the direct peering), you can setup higher preference for the PE neighbour and they will follow this route while keeping the backup routes in their BGP tables.
    Solution with communities is better though
    Non-native English speaker
Sign In or Register to comment.