6 Replies Latest reply: Apr 22, 2019 5:26 AM by Prashant RSS

    BGP rt-filter

    nammon

      Hi all,

      I have a question related to BGP rt-filter.

      Topo: (1.1.1.1/32)R1(12.12.12.1/24)-----(12.12.12.2/24)R2(2.2.2.2/32)

      Config:

      R1

      conf t

       

       

      ip vrf MOT

      rd 10:100

      route-target import 10:101

      route-target export 10:100

      exit

       

       

      int f0/0

      no shut

      ip add 12.12.12.1 255.255.255.0

      exit

       

       

      int loopback0

      no shut

      ip vrf forwarding MOT

      ip add 1.1.1.1 255.255.255.255

      exit

       

       

      router bgp 10

      bgp router-id 1.1.1.1

      neighbor 12.12.12.2 remote-as 10

      address-family vpnv4 unicast

        neighbor 12.12.12.2 activate

        exit

      address-family rtfilter unicast

        neighbor 12.12.12.2 activate

      address-family ipv4 unicast vrf MOT

        network 1.1.1.1 mask 255.255.255.255

      exit

       

       

      *************************************

       

       

      R2

      conf t

       

       

      ip vrf MOT

      rd 10:100

      route-target import 10:100

      route-target export 10:101

      exit

       

       

      int f0/0

      no shut

      ip add 12.12.12.2 255.255.255.0

      exit

       

       

      int loopback0

      no shut

      ip vrf forwarding MOT

      ip add 2.2.2.2 255.255.255.255

      exit

       

       

      router bgp 10

      bgp router-id 2.2.2.2

      neighbor 12.12.12.1 remote-as 10

      address-family vpnv4 unicast

        neighbor 12.12.12.1 activate

        exit

      #address-family rtfilter unicast

      # neighbor 12.12.12.1 activate

      address-family ipv4 unicast vrf MOT

        network 2.2.2.2 mask 255.255.255.255

      exit

       

      ***********************************

      I only config rt-filter on R1, but don't config in R2.

      R1#show ip bgp rtfilter all

       

       

          Network          Next Hop            Metric LocPrf Weight Path

      *>  10:2:10:101      0.0.0.0                            32768 i

      R1 have just local import RT (10:101) on this rt-filter table.

       

      R1#show ip bgp vpnv4 all

       

       

          Network          Next Hop            Metric LocPrf Weight Path

      Route Distinguisher: 10:100 (default for vrf MOT)

      *>  1.1.1.1/32      0.0.0.0                  0        32768 i

      *>i 2.2.2.2/32      12.12.12.2              0    100      0 i

      R1 learns 2.2.2.2/32 from R2.

       

       

      ===============================================================================

      R2#show ip bgp rtfilter all

      Nothing here!

       

      R2#show ip bgp vpnv4 all

       

       

          Network          Next Hop            Metric LocPrf Weight Path

      Route Distinguisher: 10:100 (default for vrf MOT)

      *>i 1.1.1.1/32      12.12.12.1              0    100      0 i

      *>  2.2.2.2/32      0.0.0.0                  0        32768 i

      R2 learns 1.1.1.1/32 from R1.



      In this case, both routers still learn route advertised by each other.

      I think only R1 should learn route from R2 but R1 should not. Am I right?

       

      Thank for your help!

         
        • 1. Re: BGP rt-filter
          Sergey

          Nam Nguyen,

           

          No, you are incorrect. In your case, both routers should learn all the routes, as they are all relevant.

           

          R1 wants to learn all routes with RT 10:101

          R2 wants to learn all routes with RT 10:100

           

          R1 advertises prefixes with RT 10:101

          R2 advertises prefixes with RT 10:100

           

          Both routers want to learn what other is advertising. Address family rtfilter helps you filter out irrelevant routes, i.e. the ones for which there are no import RTs configured on the local router. In your case, R1 advertises what R2 wants to learn and vice versa. If you had R3 in the scheme and it would have VRF with RT import 20:200, then it would not learn these prefixes. This feature helps route reflector routers minimise what they send to the route reflector clients, limiting the updates to only relevant ones.

          • 2. Re: BGP rt-filter
            nammon

            Thank you, What you said is the same as the result I got when I lab in GNS3.

             

            R1 advertises prefixes with RT 10:1010

            R2 advertises prefixes with RT 10:1001

            • 3. Re: BGP rt-filter
              Sergey

              Sorry Nam,

               

              I've got typos in my previous post. The RTs that R1 and R2 advertise are 10:100 and 10:101 respectively, but I think you go the idea

              • 4. Re: BGP rt-filter
                Prashant

                MP-BGP Route Target Constraint

                check out my lab on Route-Target Constraint to understand better. Try it out in GNS3.

                • 5. Re: BGP rt-filter
                  Prashant

                  On R1 in the VRF you have route-target import 10:101 and on R2 you have route-target export 10:101. This is the reason why you are seeing the 2.2.2.2/32 network on R1. When R2 learns the 2.2.2.2/32 route in the VRF it looks at the route-target export value and includes that when it redistributes that information in VPNv4 MP-BGP. When R1 receives it as a VPNv4 MP-BGP update it looks at the route-target value in the extended community field of the VPNv4 update. It finds 10:101. Then it looks at the route-target value configured locally for the vrf. It finds route-target import 10:101 and so it imports 2.2.2.2/32 into the vrf on R1. Route-target constraint is a feature that helps to reduce BGP control plane traffic; if the LOCAL PE does not have the relevant route-target import value the router will send a message to its peers saying that hey I don't have this route target configured under any of my VRFs so please do not send me updates about prefixes that have that route-target value.