Commit 945d7771 authored by Thomas Holterbach's avatar Thomas Holterbach
Browse files

Added Task 2 and 3 for the BGP MPLS VPN exercise

parent 6c533aad
......@@ -564,15 +564,14 @@ When you have updated your configuration, you can verify your solution in multip
Besides providing L3VPN, Swisscom is also providing basic L3 connectivity to its customers. For instance, Credit Suisse owns the public prefix `20.0.0.0/8` and would like Swisscom to advertise it to the rest of the mini-Internet. Same for SWITCH, who would like its prefix `30.0.0.0/8` to be reachable by the other ASes in the mini-Internet.
**Goal**: configure the routers in the mini-Internet such that SWITCH and the central branch of Credit Suisse can talk to each other. Here, only the public prefixes (i.e., `20.0.0.0/8` for Credit Suisse and `30.0.0.0/8` for SWITCH) must be advertised in the mini-Intenret.
**Goal**: configure the routers in the mini-Internet such that SWITCH and the central branch of Credit Suisse can talk to each other. Here, only the public prefixes (i.e., `20.0.0.0/8` for Credit Suisse and `30.0.0.0/8` for SWITCH) must be advertised in the mini-Internet.
**Challenge**: the interface in router `R1` connected to the central branch of Credit Suisse (AS20) is in the VRF `VRF_CS`. This leads to two problems:
1. `R1` learns the prefix `20.0.0.0/8` (advertised by AS20) in the vrf `VRF_CS`, and thus that prefix will not be advertised to `R2`, `R3` and `R4` via iBGP.
2. The public prefix learnt by `R1` via iBGP (here only `30.0.0.0/8`) are in the `default` vrf only, and thus not advertised to
the `AS20`.
2. The public prefix learnt by `R1` via iBGP (here only `30.0.0.0/8`) is in the `default` vrf only, and thus not advertised to `AS20`.
To solve these two problems, we will leak routes from the vrf `VRF_CS` to the `default` vrf and vice versa.
To do that you can use the capabilities provided by BGP VPN. You can `import` and `export` vpn routes in the bgp instance of the **`default`** vrf (i.e., in `router bgp 1`). More precisely:
To do that you can use the capabilities provided by BGP VPN. You can `import` and `export` vpn routes in the bgp instance of the **`default`** vrf (i.e. in `router bgp 1`). More precisely:
- To leak routes from the vrf `VRF_CS` to the `default` vrf, you can `import` routes with a route target equal to `20:1`.
- To leak routes from the `default` vrf to the vrf `VRF_CS`, you can `export` the routes with a route distinguisher and a route target equal to `1:1`. Then, in the bgp instance of the vrf `VRF_CS`, make sure to import the vpn routes with a route target equal to `1:1`.
......
Supports Markdown
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment