RARE user and assistance email list

[Maria Del Carmen Misa Moreira <>]

Hi Csaba,

Yes, I’m currently taking a look to the topology that you mentioned and the BGP CTP.

However, I tried to build the simulation with VPNV4 and VPNV6 but BGP is only up for IPv4 and IPv6 if it’s directly connected.

R1#show ipv6 bgp 10 summary

neighbor             as     ready  learn  sent  uptime

fd00:51e5::a:1:12:2  20965  false  0      0     never

fd01:30::2           293    true   2      2     00:42:22

fd01:30::3           20965  false  0      0     never

The first problem is that I cannot ping to fd00:51e5::a:1:12:2 from R1 and it is directly connected but OSPF shows an init state and not a full state.

R1#show ipv6 ospf 10 neighbor

interface  area  address              routerid   state  uptime

ethernet1  0     fd00:51e5::a:1:12:2  10.4.30.4  init   00:53:05

ethernet2  0     fd00:51e5::a:1:14:2  10.2.30.2  full   00:53:05

For BGP I have two processes configured with vpnuni for IPv4 and ovpnuni for IPv6 

router bgp4 10

 description [IPv4 iBGP/eBGP FOR R1 VLAN 10]

 vrf VRF_DEFAULT

 local-as 293

 router-id 10.1.30.1

 no safe-ebgp

 address-family vpnuni

 neighbor 10.2.30.2 remote-as 293

 neighbor 10.2.30.2 description [VLAN ID = 30] [R1@ETH2] -> [R2@ETH3]

 neighbor 10.2.30.2 local-as 293

 neighbor 10.2.30.2 address-family vpnuni

 neighbor 10.2.30.2 distance 200

 neighbor 10.2.30.2 additional-path-rx vpnuni

 neighbor 10.2.30.2 additional-path-tx vpnuni

 neighbor 10.2.30.2 update-source loopback30

 neighbor 10.2.30.2 send-community both

 neighbor 10.3.30.3 remote-as 20965

 neighbor 10.3.30.3 description [VLAN ID = 30] [R1] -> [R2/R4] -> [R3]

 neighbor 10.3.30.3 local-as 293

 neighbor 10.3.30.3 address-family vpnuni

 neighbor 10.3.30.3 distance 20

 neighbor 10.3.30.3 additional-path-rx vpnuni

 neighbor 10.3.30.3 additional-path-tx vpnuni

 neighbor 10.3.30.3 update-source loopback30

 neighbor 10.3.30.3 send-community both

 neighbor 10.1.12.2 remote-as 20965

 neighbor 10.1.12.2 description [VLAN ID = 30] [R1@ETH1] -> [R4@ETH1]

 neighbor 10.1.12.2 local-as 293

 neighbor 10.1.12.2 address-family vpnuni

 neighbor 10.1.12.2 distance 20

 neighbor 10.1.12.2 additional-path-rx vpnuni

 neighbor 10.1.12.2 additional-path-tx vpnuni

 neighbor 10.1.12.2 update-source ethernet1

 neighbor 10.1.12.2 send-community both

 readvertise 10.1.30.1/32

 ecmp

 afi-vrf VRF_CMS enable

 afi-vrf VRF_CMS redistribute connected

 afi-vrf VRF_ATLAS enable

 afi-vrf VRF_ATLAS redistribute connected

 exit

!

router bgp6 10

 description [IPv6 iBGP FOR R1 VLAN 10]

 vrf VRF_DEFAULT

 local-as 293

 router-id 10.1.30.1

 no safe-ebgp

 address-family ovpnuni

 neighbor fd01:30::2 remote-as 293

 neighbor fd01:30::2 description [VLAN ID = 30] [R1@ETH2] -> [R2@ETH3]

 neighbor fd01:30::2 local-as 293

 neighbor fd01:30::2 address-family ovpnuni

 neighbor fd01:30::2 distance 200

 neighbor fd01:30::2 additional-path-rx ovpnuni

 neighbor fd01:30::2 additional-path-tx ovpnuni

 neighbor fd01:30::2 update-source loopback30

 neighbor fd01:30::2 send-community both

 neighbor fd01:30::3 remote-as 20965

 neighbor fd01:30::3 description [VLAN ID = 30] [R1] -> [R2/R4] -> [R3]

 neighbor fd01:30::3 local-as 293

 neighbor fd01:30::3 address-family ovpnuni

 neighbor fd01:30::3 distance 20

 neighbor fd01:30::3 additional-path-rx ovpnuni

 neighbor fd01:30::3 additional-path-tx ovpnuni

 neighbor fd01:30::3 update-source loopback30

 neighbor fd01:30::3 send-community both

 neighbor fd00:51e5::a:1:12:2 remote-as 20965

 neighbor fd00:51e5::a:1:12:2 description [VLAN ID = 30] [R1@ETH1] -> [R4@ETH1]

 neighbor fd00:51e5::a:1:12:2 local-as 293

 neighbor fd00:51e5::a:1:12:2 address-family ovpnuni

 neighbor fd00:51e5::a:1:12:2 distance 20

 neighbor fd00:51e5::a:1:12:2 additional-path-rx ovpnuni

 neighbor fd00:51e5::a:1:12:2 additional-path-tx ovpnuni

 neighbor fd00:51e5::a:1:12:2 update-source ethernet1

 neighbor fd00:51e5::a:1:12:2 send-community both

 readvertise fd01:30::1/128 

 ecmp

 afi-ovrf VRF_CMS enable

 afi-ovrf VRF_CMS redistribute connected

 afi-ovrf VRF_ATLAS enable

 afi-ovrf VRF_ATLAS redistribute connected

 exit

Any idea or suggestion?

Best regards,

Carmen Misa

On 11 Mar 2023, at 09:57, mc36 via groups.io <> wrote:

also you really should take a look on the topologies i've sent for the juniper guys about the colorful labeled unicast.... :)

"
-------- Forwarded Message --------
Subject: Re: [rare-dev] BGP CT interop - Colorful Resolution
Date: Sat, 11 Mar 2023 08:02:39 +0100
From: mc36 <>
To: , Kaliraj Vairavakkalai <>, Natrajan Venkataraman <>, Krzysztof Szarkowicz <>, Anton Elita <>
CC: Reshma Das <>
"

is the tread, just "star it" in your mailer then try the new topologies that'll arrive soon.... :)

also dig into your mailing and try the previous topologies (3 were there already) also, one of them was a "red-blue vpns over rsvp-te"

br,
cs




On 3/11/23 08:15, mc36 wrote:

hihi
could someone please take a look on carmen's topology?
thx,
cs
-------- Forwarded Message --------
Subject:   Re: http://temp.nop.hu/VID_20230309_185727.mp4
Date:   Fri, 10 Mar 2023 20:06:55 +0000
From:   Maria Del Carmen Misa Moreira <>
To:   mc36 <>
Thanks Csaba! I have a simulation that is more or less working... I have the routes for R1, R3 and R4 but not for R2 I don't know why because I have the same. Anyway, it was enough for today Enjoy your weekend
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*From:* mc36 <>
*Sent:* 10 March 2023 18:44
*To:* Maria Del Carmen Misa Moreira <>
*Subject:* Re: http://temp.nop.hu/VID_20230309_185727.mp4
well the less the more sometimes....
3 ospf processes for 1 bgp per topology seeems a bit overkill...
you need 1 ospf and 1 bgp per router and it'll be dual stack all     the way per tology
have you seeen frederic's validated design? almost the same but with rsvp-te to have
"traffic engineering" capabilities offloaded to hardware....
On 3/10/23 14:34, Maria Del Carmen Misa Moreira wrote:

I'm building a simulation. I need 3 OSPF and 3 BGP processes for each VRF, right?
I remove them and I got this warning:

info cfgInit.executeSWcommands:cfgInit.java:768 line 105: "neighbor fd01:10::1 update-source loopback10" : % in other vrf

Because fd01:10::1     if the loopback of the neighbor that belongs to VRF_ATLAS.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*From:* mc36 <>
*Sent:* 10 March 2023 09:56
*To:* Maria Del Carmen Misa Moreira <>
*Subject:* Re: http://temp.nop.hu/VID_20230309_185727.mp4 <http://temp.nop.hu/VID_20230309_185727.mp4>
vc time

On 3/10/23 09:55, mc36 wrote:

with some crazy cheats (implicit null between the adjacent nodes, penultimate hop popping, ...)

it's just the service label (4 bytes) which selects the egress interface & nexthop & ethertype

On 3/10/23 09:53, mc36 wrote:

and comparative in mtu:

vlans = 4 bytes

mpls = 2*4 bytes: the outer target node label, and the inner service label


On 3/10/23 09:52, mc36 wrote:

it's just that you dont have to build parallel infrastructure with 3 parallel ospfs and bgps,

but a single core

an mp-bgp in vpnv4/vpnv6 over loopbacks

and vrfs with route-target export-imports

and kaboom, you have 3 parallel topologies and you can concentrate on pbr if mpls-vpn-extranet is not better...



On 3/10/23 09:49, Maria Del Carmen Misa Moreira wrote:

I think so... you enable it in that profile, maybe you can check but it should have both features enabled.
I have never worked with this MPLS Layer3 VPN, maybe I should take a look
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*From:* mc36 <>
*Sent:* 10 March 2023 09:47
*To:* Maria Del Carmen Misa Moreira <>
*Subject:* Re: http://temp.nop.hu/VID_20230309_185727.mp4 <http://temp.nop.hu/VID_20230309_185727.mp4> <http://temp.nop.hu/VID_20230309_185727.mp4 <http://temp.nop.hu/VID_20230309_185727.mp4>>
btw why the vlan subinterfaces and not mpls layer3 vpn?

          >>>>

https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16/mp-l3-vpns-xe-16-book.html 

<https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16/mp-l3-vpns-xe-16-book.html>

<https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16/mp-l3-vpns-xe-16-book.html 

<https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16/mp-l3-vpns-xe-16-book.html>>

<https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16/mp-l3-vpns-xe-16-book.html

<https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16/mp-l3-vpns-xe-16-book.html 

<https://www.cisco.com/c/en/us/td/docs/ios-xml/ios/mp_l3_vpns/configuration/xe-16/mp-l3-vpns-xe-16-book.html>>>

On 3/10/23 09:46, mc36 wrote:

normally bridge-filter (acl to count) could be run in paralell with pbr...

these are disjoint controls so i dont think they cannot coexist:

https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_pbr.p4 

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_pbr.p4>

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_pbr.p4 

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_pbr.p4>>

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_pbr.p4

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_pbr.p4 

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_pbr.p4>>>

https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_acl_in.p4 

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_acl_in.p4>

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_acl_in.p4 

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_acl_in.p4>>

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_acl_in.p4

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_acl_in.p4 

<https://bitbucket.software.geant.org/projects/RARE/repos/rare/browse/p4src/include/ig_ctl_acl_in.p4>>>

are you sure that profile have both enabled?

On 3/10/23 09:40, Maria Del Carmen Misa Moreira wrote:

Badddd.
I'm able to do PBR or BRIDGE-FILTER but not both at the same time even with the profile CERN_FLOW that you created the last time for us. Then, in some links we only have 1 VLAN
to use and I would like 3 VRFs (for example AMS -> CHI because they use sense-o) so my supervisor mentioned that there is one technique call QinQ to encapsulate VLANs.
------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
*From:* mc36 <>
*Sent:* 10 March 2023 09:37
*To:* Maria Del Carmen Misa Moreira <>
*Subject:* Re: http://temp.nop.hu/VID_20230309_185727.mp4 <http://temp.nop.hu/VID_20230309_185727.mp4> <http://temp.nop.hu/VID_20230309_185727.mp4 <http://temp.nop.hu/VID_20230309_185727.mp4>> 

<http://temp.nop.hu/VID_20230309_185727.mp4 <http://temp.nop.hu/VID_20230309_185727.mp4<http://temp.nop.hu/VID_20230309_185727.mp4>>>

someone mentioned p4 stuff? how is your experiment is going?

On 3/10/23 09:14, Maria Del Carmen Misa Moreira wrote:

This song always gives motivation to do P4 stuff 

-=-=-=-=-=-=-=-=-=-=-=-
Groups.io Links: You receive all messages sent to this group.
View/Reply Online (#1149): https://groups.io/g/freertr/message/1149
Mute This Topic: https://groups.io/mt/97537895/7436820
Group Owner: 
Unsubscribe: https://groups.io/g/freertr/unsub []
-=-=-=-=-=-=-=-=-=-=-=-

Attachment: smime.p7s
Description: S/MIME cryptographic signature