Hello everyone!
Right now I am going to show how to use EIGRP as a PE-CE routing protocol when using MPLS VPNs.
Here is our topology (same topology like with the other protocols used):
Given:
– a small MPLS backbone with SPCORE as P-Router (MPLS only, no BGP), SPEDGE routers as PE-Routers with MP-BGP enabled
– fa0/1 of the SPEDGE routers are in vrf “CUSTOMER”
– on the SP routers there is an OSPF process “1” which is used for backbone connectivity for the MP-BGP routers and for LDP
– some loopback interfaces which simulate networks connected to the SITE routers
Challenge:
– configure EIGRP as the PE-CE routing protocol and make sure that the networks of SITE1 and SITE2 can reach each other via the MPLS VPN backbone.
Here is the config part of the SP routers (the routing protocol part):
SPCORE (MPLS and OSPF “1” only for backbone connectivity)
SPCORE#sh run | sec router
router ospf 1
router-id 10.10.10.1
log-adjacency-changes
SPEDGE1 (MPLS, OSPF backbone and MP-BGP)
SPEDGE1(config)#do sh run | sec router
router ospf 1
router-id 10.10.10.2
log-adjacency-changes
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 10.10.10.3 remote-as 1
neighbor 10.10.10.3 update-source Loopback0
neighbor 10.10.10.3 next-hop-self
neighbor 10.10.10.3 send-community both
no auto-summary
!
address-family vpnv4
neighbor 10.10.10.3 activate
neighbor 10.10.10.3 send-community both
neighbor 10.10.10.3 next-hop-self
exit-address-family
!
address-family ipv4 vrf CUSTOMER
no synchronization
exit-address-family
SPEDGE2 (MPLS, OSPF backbone and MP-BGP)
SPEDGE2#sh run | sec router
router ospf 1
router-id 10.10.10.3
log-adjacency-changes
router bgp 1
no synchronization
bgp log-neighbor-changes
neighbor 10.10.10.2 remote-as 1
neighbor 10.10.10.2 update-source Loopback0
neighbor 10.10.10.2 next-hop-self
neighbor 10.10.10.2 send-community extended
no auto-summary
!
address-family vpnv4
neighbor 10.10.10.2 activate
neighbor 10.10.10.2 send-community both
neighbor 10.10.10.2 next-hop-self
exit-address-family
!
address-family ipv4 vrf CUSTOMER
no synchronization
exit-address-family
So lets start with configuring EIGRP (we use AS100 for our AS number) on the SITE-routers.
SITE1(config)#router eigrp 100
SITE1(config-router)#no auto
SITE1(config-router)#network 10.10.11.0 0.0.0.255
SITE1(config-router)#redistribute connected metric 10000 10 255 1 1500
!
SITE2(config)#router eigrp 100
SITE2(config-router)#no auto
SITE2(config-router)#network 10.10.22.0 0.0.0.255
SITE2(config-router)#redistribute connected metric 10000 10 255 1 1500
Ok good. Now we need to do the same on the SPEDGE routers to build an adjacency between the SITE and the SPEDGE routers. Here you can see again that the configuration is like BGP, you can use address families.
SPEDGE1(config)#router eigrp 100
SPEDGE1(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE1(config-router-af)#network 10.10.11.0 0.0.0.255
SPEDGE1(config-router-af)#no auto
!
SPEDGE2(config)#router eigrp 100
SPEDGE2(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE2(config-router-af)#no auto
SPEDGE2(config-router-af)#network 10.10.22.0 0.0.0.255
Ok configuration seems to be complete, lets check the adjacencies.
SPEDGE1#sh ip eigrp neigh
IP-EIGRP neighbors for process 100
SPEDGE1#
Hmm nothing…lets check SITE1 for EIGRP hellos.
SITE1#debug ip eigrp 100
IP-EIGRP Route Events debugging is on
SITE1#debug ip eigrp summ
IP-EIGRP Summary route processing debugging is on
SITE1#debug ip pack
IP packet debugging is on
SITE1#
*Mar 1 03:35:42.459: IP: s=10.10.11.2 (local), d=224.0.0.10 (FastEthernet0/0), len 60, sending broad/multicast
SITE1#
*Mar 1 03:35:46.791: IP: s=10.10.11.2 (local), d=224.0.0.10 (FastEthernet0/0), len 60, sending broad/multicast
SITE1#
*Mar 1 03:35:51.575: IP: s=10.10.11.2 (local), d=224.0.0.10 (FastEthernet0/0), len 60, sending broad/multicast
Hmm strange…the SITE router is sending EIGRP hellos to 224.0.0.10 but we are not receiving hellos from the SPEDGE1 router (same behaviour we can see between SITE2 and SPEDGE2). Lets do a debug on SPEDGE1.
SPEDGE1#
*Mar 1 03:37:07.327: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.2, len 62, rcvd 0
SPEDGE1#
*Mar 1 03:37:08.779: IP: s=172.16.10.2 (local), d=224.0.0.2 (FastEthernet0/0), len 62, sending broad/multicast
*Mar 1 03:37:09.435: IP: s=172.16.10.2 (local), d=224.0.0.5 (FastEthernet0/0), len 80, sending broad/multicast
SPEDGE1#
*Mar 1 03:37:11.335: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.2, len 62, rcvd 0
*Mar 1 03:37:12.071: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.5, len 80, rcvd 0
SPEDGE1#
*Mar 1 03:37:13.175: IP: s=172.16.10.2 (local), d=224.0.0.2 (FastEthernet0/0), len 62, sending broad/multicast
SPEDGE1#
*Mar 1 03:37:15.999: IP: tableid=0, s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), routed via FIB
*Mar 1 03:37:15.999: IP: s=10.10.10.2 (local), d=10.10.10.1 (FastEthernet0/0), len 58, sending
*Mar 1 03:37:16.099: IP: tableid=0, s=10.10.10.1 (FastEthernet0/0), d=10.10.10.2 (Loopback0), routed via RIB
*Mar 1 03:37:16.099: IP: s=10.10.10.1 (FastEthernet0/0), d=10.10.10.2, len 40, rcvd 4
*Mar 1 03:37:16.103: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.2, len 62, rcvd 0
SPEDGE1#
*Mar 1 03:37:17.167: IP: s=172.16.10.2 (local), d=224.0.0.2 (FastEthernet0/0), len 62, sending broad/multicast
SPEDGE1#
*Mar 1 03:37:18.811: IP: s=172.16.10.2 (local), d=224.0.0.5 (FastEthernet0/0), len 80, sending broad/multicast
SPEDGE1#
*Mar 1 03:37:20.211: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.2, len 62, rcvd 0
SPEDGE1#
*Mar 1 03:37:21.215: IP: s=172.16.10.2 (local), d=224.0.0.2 (FastEthernet0/0), len 62, sending broad/multicast
*Mar 1 03:37:21.515: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.5, len 80, rcvd 0
SPEDGE1#
*Mar 1 03:37:24.227: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.2, len 62, rcvd 0
SPEDGE1#
*Mar 1 03:37:26.135: IP: s=172.16.10.2 (local), d=224.0.0.2 (FastEthernet0/0), len 62, sending broad/multicast
SPEDGE1#
*Mar 1 03:37:28.299: IP: s=172.16.10.1 (FastEthernet0/0), d=224.0.0.2, len 62, rcvd 0
*Mar 1 03:37:28.519: IP: s=172.16.10.2 (local), d=224.0.0.5 (FastEthernet0/0), len 80, sending broad/multicast
Nothing about EIGRP. Well this has a specific reason. Although we used AS100 in the “router eigrp” command we need to specify the AS number for each address family and so for each VRF! without an AS number configured under the address-family the router will do nothing!
SPEDGE1(config-router)#router eigrp 100
SPEDGE1(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE1(config-router-af)#autonomous-system 100
!
SPEDGE2(config)#router eigrp 100
SPEDGE2(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE2(config-router-af)#autonomous-system 100
Now lets have a look at the adjacency-tables:
SPEDGE1#sh ip eigrp vrf CUSTOMER neigh
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.10.11.2 Fa0/1 14 00:01:45 129 774 0 3
!
SPEDGE2#sh ip eigrp vrf CUSTOMER neigh
IP-EIGRP neighbors for process 100
H Address Interface Hold Uptime SRTT RTO Q Seq
(sec) (ms) Cnt Num
0 10.10.22.2 Fa0/1 14 00:01:05 140 840 0 3
There we go! Now we need to configure mutual redistribution. EIGRP into BGP and backwards.
SPEDGE1(config)#router bgp 1
SPEDGE1(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE1(config-router-af)#redistribute eigrp 100 metric 200
SPEDGE1(config-router-af)#router eigrp 100
SPEDGE1(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE1(config-router-af)#redistribute bgp 1 metric 10000 10 255 1 1500
!
SPEDGE2(config)#router bgp 1
SPEDGE2(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE2(config-router-af)#redistribute eigrp 100 metric 200
SPEDGE2(config-router-af)#router eigrp 100
SPEDGE2(config-router)#address-family ipv4 unicast vrf CUSTOMER
SPEDGE2(config-router-af)#redistribute bgp 1 metric 10000 10 255 1 1500
Now all prefixes should be present in the BGP VPNv4 table.
SPEDGE1#sh ip bgp vpnv4 all
BGP table version is 249, local router ID is 10.10.10.2
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf CUSTOMER)
*> 1.1.1.1/32 10.10.11.2 200 32768 ?
*>i2.2.2.2/32 10.10.10.3 200 100 0 ?
*> 10.10.11.0/30 0.0.0.0 0 32768 ?
*>i10.10.22.0/30 10.10.10.3 0 100 0 ?
*> 11.11.11.11/32 10.10.11.2 200 32768 ?
*> 11.11.11.12/32 10.10.11.2 200 32768 ?
*> 11.11.11.13/32 10.10.11.2 200 32768 ?
*>i22.22.22.21/32 10.10.10.3 200 100 0 ?
*>i22.22.22.22/32 10.10.10.3 200 100 0 ?
*>i22.22.22.23/32 10.10.10.3 200 100 0 ?
*>i192.168.11.0/30 10.10.10.3 200 100 0 ?
!
SPEDGE2#sh ip bgp vpnv4 all
BGP table version is 249, local router ID is 10.10.10.3
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf CUSTOMER)
*>i1.1.1.1/32 10.10.10.2 200 100 0 ?
*> 2.2.2.2/32 10.10.22.2 200 32768 ?
*>i10.10.11.0/30 10.10.10.2 0 100 0 ?
*> 10.10.22.0/30 0.0.0.0 0 32768 ?
*>i11.11.11.11/32 10.10.10.2 200 100 0 ?
*>i11.11.11.12/32 10.10.10.2 200 100 0 ?
*>i11.11.11.13/32 10.10.10.2 200 100 0 ?
*> 22.22.22.21/32 10.10.22.2 200 32768 ?
*> 22.22.22.22/32 10.10.22.2 200 32768 ?
*> 22.22.22.23/32 10.10.22.2 200 32768 ?
*> 192.168.11.0/30 10.10.22.2 200 32768 ?
Looks nice! Lets check the SITE routers for EIGRP networks.
SITE1#sh ip route eigrp
2.0.0.0/32 is subnetted, 1 subnets
D EX 2.2.2.2 [170/309760] via 10.10.11.1, 00:01:20, FastEthernet0/0
22.0.0.0/32 is subnetted, 3 subnets
D EX 22.22.22.22 [170/309760] via 10.10.11.1, 00:01:20, FastEthernet0/0
D EX 22.22.22.23 [170/309760] via 10.10.11.1, 00:01:20, FastEthernet0/0
D EX 22.22.22.21 [170/309760] via 10.10.11.1, 00:01:20, FastEthernet0/0
10.0.0.0/30 is subnetted, 2 subnets
D 10.10.22.0 [90/307200] via 10.10.11.1, 00:01:20, FastEthernet0/0
!
SITE2#sh ip route eigrp
1.0.0.0/32 is subnetted, 1 subnets
D EX 1.1.1.1 [170/309760] via 10.10.22.1, 00:01:38, FastEthernet0/0
10.0.0.0/30 is subnetted, 2 subnets
D 10.10.11.0 [90/307200] via 10.10.22.1, 00:01:38, FastEthernet0/0
11.0.0.0/32 is subnetted, 3 subnets
D EX 11.11.11.11 [170/309760] via 10.10.22.1, 00:01:38, FastEthernet0/0
D EX 11.11.11.13 [170/309760] via 10.10.22.1, 00:01:38, FastEthernet0/0
D EX 11.11.11.12 [170/309760] via 10.10.22.1, 00:01:38, FastEthernet0/0
Looks good. The routes of the opposite SITE router are marked with “EX” for EXTERNAL. This is because we are injecting the loopback addresses with the “redistribute connected” command, so for EIGRP this means that the routes come from an EXTERNAL routing protocol (in our case “static /connected routing”).
Lets do the final connectivity check to see if the VPN labels are working fine!
SITE1#ping 22.22.22.22 so lo1
!
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 22.22.22.22, timeout is 2 seconds:
Packet sent with a source address of 11.11.11.11
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 104/139/156 ms
Looks good!
I hope you enjoyed this post! Feel free comment!
Regards!
Markus
:: Markus´ journey to the CCIE R&S :: 
nice to help tshoot my issue,but let me know why default redistribution was working