EMAIL SUPPORT

dclessons@dclessons.com

LOCATION

NZ

Configure Unicast Overlay Routing

Configure Unicast Overlay Routing

Posted on Jan 27, 2020 (0)

Configure Unicast Overlay Routing

In Cisco SD-WAN Viptela, it support BGP and OSPF routing protocols. It establish routing on vEdge, on one VPN or multiple VPN, you must configured the interface under that VPN and a routing protocol under that VPN. On vSmart we don’t configure any routing protocols as this never participate in local site network.
OSPF configuration on vEdge:

Configure a VPN for the OSPF network:

vEdge(config)# vpn vpn-id

VPN ID except VPN 0 and VPN512

Configure OSPF area 0 and the interfaces that participate in that area:

vEdge(config-vpn)# router ospf
vEdge(config-ospf)# area 0
vEdge(config-area-0)# interface interface-name
vEdge(config-interface)# ip-address address
vEdge(config-interface)# no shutdown
vEdge (ospf-if)# exit

Redistribute OMP routes into OSPF:

vEdge(config-ospf)# redistribute omp

By default, OMP routes are not redistributed into OSPF. Also if required configure OMP to advertise any BGP and OSPF external routes that the vEdge router has learned to the vSmart controller:

vEdge(config)# omp
vEdge(config-omp)# advertise bgp
vEdge(config-omp)# advertise ospf external

Example: configuration sets up VPN 20 with two interfaces, ge4/0 and ge5/0. It enables OSPF routing on those interfaces in area 0, and it redistributes the OMP routes from the vSmart controller into OSPF.

vpn 20
router
ospf
redistribute omp
area 0
interface ge4/0
exit
interface g53/0
exit
exit
!
!
interface ge4/0
ip address 10.0.5.12/24
no shutdown
!
interface ge5/0
ip address 10.0.2.12/24
no shutdown
!

BGP configuration on vEdge:

Configure a VPN:

vEdge(config)# vpn vpn-id

vpn-id can be any service-side VPN,

Configure BGP to run in the VPN | Configure the local AS number:

vEdge(config-vpn)# router bgp local-as-number (1 through 65535)

Configure the BGP peer, specifying its address and AS number (the remote AS number), and enable the
connection to the peer:

vEdge(config-bgp)# neighbor address remote-as remote-as-number
vEdge(config-bgp)# no shutdown

Configure a system IP address for the vEdge router:

vEdge(config)# system system-ip address

Example :

vEdge# show running-config system
system
system-ip 10.10.10.10
!
vEdge# show running-config vpn 1
vpn 10
router
bgp 10
neighbor 11.1.2.3
no shutdown
remote-as 11
!
!
!
ip route 0.0.0.0/0 10.10.10.11
!

Redistribute BGP Routes and AS Path Information

By default any routes learned from any other routing protocol are not redistributed to BGP. To redistribute OMP routes to BGP so that these prefixes are advertise to all BGP router present in service side network redistribution configuration is required except on VPN 0 and VPN 512

vEdge(config)# vpn vpn-id router bgp
vEdge(config-bgp)# address-family ipv4-unicast redistribute omp [route-policy policy-name]

You can also redistribute routes learned from other protocols into BGP:

vEdge(config-bgp)# address-family ipv4-unicast redistribute (connected | nat | natpool-outside | ospf |
static) [route-policy policy-name]

You can control redistribution of routes on a per-neighbor basis:

vEdge(config-bgp)# neighbor ip-address
vEdge(config-neighbor)# address-family ipv4-unicast redistribute (connected | nat | natpool-outside | omp | ospf | static)
vEdge(config-neighbor)# route-policy policy-name (in | out)

It is also possible to configure vEdge is such a way that it advertise BGP routes through OMP from vSmart controller. You can advertise BGP routes either globally or for a specific VPN.

vEdge(config)# omp advertise bgp
vEdge(config)# vpn vpn-id omp advertise bgp

By default , When BGP advertises routes in to OMP , it advertise each Prefix metric, it is also possible to configure so that BGP can also advertise the AS path.

vEdge(config)# vpn vpn-id router bgp
vEdge(config-bgp)# propagate-aspath

Configure BGP Transport-Side Routing

Configure a physical interface in VPN 0:

vEdge(config)# vpn 0 interface geslot/port ip address address
vedge(config-interface)# no shutdown

Configure a loopback interface in VPN 0:

vEdge(config)# vpn 0 interface loopbacknumber ip address address
vEdge(config-interface)# no shutdown
vEdge(config-interface)# tunnel-interface color color

Configure a BGP instance in VPN 0:

vEdge(config)# vpn 0 router bgp local-as-number

Create a policy for BGP to advertise the loopback interface address to its neighbors:

vEdge(config)# policy lists prefix-list prefix-list-name ip-prefix prefix

prefix is the IP address of the loopback interface.
Configure a route policy that affects the loopback interface's prefix:

vEdge(config)# policy route-policy policy-name sequence number match address prefixlist-name
vEdge(config)# policy route-policy policy-name sequence number action accept
vEdge(config)# policy route-policy policy-name default-action reject

Reference the policy in the BGP instance. To apply the policy such that the loopback address is advertised to all BGP neighbors:

vEdge(config)# vpn 0 router bgp local-as-number address-family ipv4-unicast
redistribute connected route-policy policy-name

To apply the policy only to a specific neighbor:

vEdge(config)# vpn 0 router bgp local-as-number neighbor neighbor-address addressfamily ipv4-unicast redistribute connected route-policy policy-name out

Specify out in the second command so that BGP advertises the loopback prefix out to the neighbor.

Example:

BGP transport-side routing configuration in which the loopback address is advertised to all the vEdge router's BGP neighbors. Note that even though we did not configure any services on the tunnel interface, these services are associated with the tunnel by default and are included in the configuration. Because services affect only physical interfaces, you can ignore them on loopback interfaces

vEdge# show running-config vpn 0
vpn 0
router
bgp 2
router-id 172.16.255.18
timers
keepalive 1
holdtime 3
!
address-family ipv4-unicast
redistribute connected route-policy export_loopback
!
neighbor 10.20.25.16
no shutdown
remote-as 1
timers
connect-retry 2
advertisement-interval 1
!
!
!
!
interface ge0/1
ip address 10.20.25.18/24
no shutdown
!
interface loopback
ip address 172.16.255.118/32
tunnel-interface
color lte
allow-service dhcp
allow-service dns
allow-service icmp
no allow-service sshd
no allow-service ntp
no allow-service stun
!
no shutdown
!
!
policy
lists
prefix-list loopback_prefix
ip-prefix 172.16.255.118/32
!
!
route-policy export_loopback
sequence 10
match
address loopback_prefix
!
action accept
!
!
default-action reject
!
!

Configure OSPF Transport-Side Routing

Configure a physical interface in VPN 0:

vEdge(config)# vpn 0 interface geslot/port ip address address
vEdge(config-interface)# no shutdown

Configure a loopback interface in VPN 0 as a tunnel interface:

vEdge(config)# vpn 0 interface loopbacknumber ip address address
vEdge(config-interface)# no shutdown
vEdge(config-interface)# tunnel-interface color color

Configure an OSPF instance in VPN 0:

vEdge(config)# vpn 0 router ospf

Add the physical and loopback interfaces to the OSPF area:

vEdge(config-ospf)# area number interface geslot/port
vEdge(config-area)# interface loopbacknumber

Example:

vEdge# show running-config vpn 0
vpn 0
router
ospf
router-id 172.16.255.11
timers spf 200 1000 10000
area 0
interface ge0/1
exit
interface loopback1
exit
exit
!
!
interface ge0/1
ip address 10.0.26.11/24
no shutdown
!
interface loopback1
ip address 10.0.101.1/32
tunnel-interface
color lte
allow-service dhcp
allow-service dns
allow-service icmp
no allow-service sshd
no allow-service ntp
no allow-service stun
!
no shutdown
!
!


Comment

    You are will be the first.

LEAVE A COMMENT

Please login here to comment.