Matt I was asking the same question. I cannot think of an instance (i have not yet seen it in ipexpert labs) when one will need to peer with one self.
On Nov 25, 2011, at 2:39 AM, Matt Hill <[email protected]> wrote: > Why are you trying to do this? > > Do you have other interfaces in each VRF? Are there customers who > only need to see their own prefixes and not the other? Why cant you > talk to Mr AS{2|3} and just tell them your ASN is X? > > Cheers, > Matt > > CCIE #22386 > CCSI #31207 > > On 25 November 2011 15:56, Amir Khalili <[email protected]> wrote: >> Thanks for your responses - however this is what I am trying to acheive: >> >> using a single router - single BGP process - peering the vrfs using in vrf >> bgp router id feature. This is possible when you use ibgp >> >> however, in some cases, you will need to use ebgp - >> >> ip vrf red >> rd 1:1 >> >> ip vrf blue >> rd 1:2 >> >> int l1 >> ip vrf forw red >> ip address 1.1.1.1 255.255.255.255 >> >> int l2 >> ip vrf forw blue >> ip address 2.2.2.2 255.255.255.255 >> >> router bgp 1. >> >> address-f ipv4 vrf red >> bgp router-id 1.1.1.1 >> neib 2.2.2.2 remote-as 2 >> >> address-f ipv4 vrf blue >> bgp router-id 2.2.2.2 >> neib 1.1.1.1 remote-as 3 >> >> in the above you will need to fake the as and send it to the peer!! is it >> possible in cisco? >> >> Cheers >> Amir >> >> >> >> >> >> >> On Thu, Nov 24, 2011 at 4:57 PM, Matthew Mengel >> <[email protected]>wrote: >> >>> Assuming that the attached image is what you are trying to do, sure. >>> >>> R1: >>> >>> ip vrf BLUE >>> rd 1:1 >>> ! >>> ip vrf RED >>> rd 101:1 >>> ! >>> ! >>> interface Loopback0 >>> ip address 1.1.1.1 255.255.255.0 >>> ! >>> interface FastEthernet0/0 >>> ip vrf forwarding BLUE >>> ip address 10.2.2.1 255.255.255.0 >>> ! >>> interface FastEthernet0/1 >>> ip vrf forwarding RED >>> ip address 10.3.3.1 255.255.255.0 >>> ! >>> ! >>> router bgp 1 >>> no bgp default ipv4-unicast >>> bgp log-neighbor-changes >>> ! >>> address-family ipv4 vrf RED >>> neighbor 10.3.3.3 remote-as 3 >>> neighbor 10.3.3.3 local-as 101 >>> neighbor 10.3.3.3 activate >>> no synchronization >>> exit-address-family >>> ! >>> address-family ipv4 vrf BLUE >>> neighbor 10.2.2.2 remote-as 2 >>> neighbor 10.2.2.2 activate >>> no synchronization >>> exit-address-family >>> ! >>> >>> R2: >>> >>> ! >>> interface Loopback0 >>> ip address 2.2.2.2 255.255.255.255 >>> ! >>> interface FastEthernet0/0 >>> ip address 10.2.2.2 255.255.255.0 >>> >>> ! >>> router bgp 2 >>> no synchronization >>> bgp log-neighbor-changes >>> network 2.2.2.2 mask 255.255.255.255 >>> neighbor 10.2.2.1 remote-as 1 >>> no auto-summary >>> ! >>> >>> >>> R3: >>> >>> ! >>> interface Loopback0 >>> ip address 3.3.3.3 255.255.255.255 >>> ! >>> interface FastEthernet0/1 >>> ip address 10.3.3.3 255.255.255.0 >>> ! >>> router bgp 3 >>> no synchronization >>> bgp log-neighbor-changes >>> network 3.3.3.3 mask 255.255.255.255 >>> neighbor 10.3.3.1 remote-as 101 >>> no auto-summary >>> ! >>> >>> You see the routes in the VRFs and in the VPV4 address-family: >>> >>> R1#sho ip bgp vpnv4 all >>> BGP table version is 5, local router ID is 1.1.1.1 >>> Status codes: s suppressed, d damped, h history, * valid, > best, i - >>> internal, >>> r RIB-failure, S Stale >>> Origin codes: i - IGP, e - EGP, ? - incomplete >>> >>> Network Next Hop Metric LocPrf Weight Path >>> Route Distinguisher: 1:1 (default for vrf BLUE) >>> *> 2.2.2.2/32 10.2.2.2 0 0 2 i >>> Route Distinguisher: 101:1 (default for vrf RED) >>> *> 3.3.3.3/32 10.3.3.3 0 0 101 3 i >>> >>> >>> Note that the route in the RED VRF includes the AS for the local-as in the >>> path. >>> >>> Matthew >>> >>> >>> >>> >>> >>> >>> On Fri, Nov 25, 2011 at 10:08 AM, Amir Khalili <[email protected]>wrote: >>> >>>> Thanks guys. I am using address family under the same process. >>>> Trying to peer using a diff AS number. Kind of eBGP approach. Would >>>> local AS serve the purpose? >>>> >>>> On 11/24/11, Matthew Mengel <[email protected]> wrote: >>>>> Not sure if the firewall or the VRF are really important (just as to >>>>> whether you are needing to use address-family or not). >>>>> >>>>> Also, not exactly sure what you mean by "fake" an AS. However, if what >>>> you >>>>> mean is that you have a situation where RouterB is expecting to peer >>>> with >>>>> AS 5, but you are running AS 1: >>>>> >>>>> RouterB#sho run | sec bgp >>>>> router bgp 2 >>>>> no synchronization >>>>> bgp log-neighbor-changes >>>>> neighbor 10.0.0.1 remote-as 5 >>>>> no auto-summary >>>>> >>>>> You can masquerade as AS 5 while remaining configured as AS 1 using the >>>>> "local-as" command: >>>>> >>>>> RouterA#sho run | sec bgp >>>>> router bgp 1 >>>>> no synchronization >>>>> bgp log-neighbor-changes >>>>> neighbor 10.0.0.2 remote-as 2 >>>>> neighbor 10.0.0.2 local-as 5 >>>>> no auto-summary >>>>> >>>>> If, however, you mean that you have two VRFs on the same router, >>>> hairpinned >>>>> through a firewall, then I think you are sunk, as this uses >>>>> address-families under the bgp process, and unless I am mistaken, it is >>>> one >>>>> process with one AS per router. >>>>> >>>>> M. >>>>> >>>>> >>>>> >>>>> On Fri, Nov 25, 2011 at 8:09 AM, Amir Khalili <[email protected]> >>>> wrote: >>>>> >>>>>> Hello >>>>>> >>>>>> How can we fake AS # for a bgp neighbor to make ebgp peer? This is >>>> using >>>>>> in vrf bgp router id in a vrf. >>>>>> >>>>>> BGP vrf A -> FW -> BGP vrf B ( ebg peer ) >>>>>> >>>>>> Cheers >>>>>> Amir >>>>>> _______________________________________________ >>>>>> For more information regarding industry leading CCIE Lab training, >>>> please >>>>>> visit www.ipexpert.com >>>>>> >>>>>> Are you a CCNP or CCIE and looking for a job? Check out >>>>>> www.PlatinumPlacement.com >>>>>> >>>>>> To Unsubscribe from this list please visit the following link and >>>> follow >>>>>> the directions to unsubscribe. >>>>>> http://onlinestudylist.com/mailman/listinfo/ccie_rs >>>>>> >>>>> >>>>> >>>>> >>>>> -- >>>>> Matthew Mengel >>>>> [email protected] >>>>> >>>> >>>> -- >>>> Sent from my mobile device >>>> >>> >>> >>> >>> -- >>> Matthew Mengel >>> [email protected] >>> >>> >>> >>> >> _______________________________________________ >> For more information regarding industry leading CCIE Lab training, please >> visit www.ipexpert.com >> >> Are you a CCNP or CCIE and looking for a job? Check out >> www.PlatinumPlacement.com >> >> To Unsubscribe from this list please visit the following link and follow the >> directions to unsubscribe. >> http://onlinestudylist.com/mailman/listinfo/ccie_rs >> > _______________________________________________ > For more information regarding industry leading CCIE Lab training, please > visit www.ipexpert.com > > Are you a CCNP or CCIE and looking for a job? Check out > www.PlatinumPlacement.com > > To Unsubscribe from this list please visit the following link and follow the > directions to unsubscribe. http://onlinestudylist.com/mailman/listinfo/ccie_rs _______________________________________________ For more information regarding industry leading CCIE Lab training, please visit www.ipexpert.com Are you a CCNP or CCIE and looking for a job? Check out www.PlatinumPlacement.com To Unsubscribe from this list please visit the following link and follow the directions to unsubscribe. http://onlinestudylist.com/mailman/listinfo/ccie_rs
