Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

BGP PIC for Layer 3 VPNs

 

Configuring BGP PIC Edge for MPLS Layer 3 VPNs

In an MPLS VPN Layer 3 environment, it is common for customers to multihome their networks to provide link redundancy. Although the interior gateway protocol (IGP) can provide fast convergence, in certain instances, the time to resolve a link failure and provide an alternate route can be time consuming. For example, a provider edge (PE) router might be configured with 200,000 or more IP prefixes, and a PE router failure could affect many of those prefixes.

BGP Prefix-Independent Convergence (PIC) Edge allows you to install a Layer 3 VPN route in the forwarding table as an alternate path, enabling fast failover when a PE router fails or you lose connectivity to a PE router. This already installed path is used until global convergence through the IGP is resolved. Using the alternative VPN route for forwarding until global convergence is complete reduces traffic loss.

BGP PIC Edge supports multiprotocol BGP IPv4 or IPv6 VPN network layer reachability information (NLRI) resolved using any of these IGP protocols:

  • OSPF

  • IS-IS

  • LDP

  • RSVP

BGP PIC Edge does not support multicast traffic.

Before you begin:

  1. Configure LDP or RSVP.
  2. Configure an IGP: either OSPF or IS-IS.
  3. Configure a Layer 3 VPN.
  4. Configure multiprotocol BGP for either an IPv4 VPN or an IPv6 VPN.

To configure BGP PIC Edge in an MPLS Layer 3 VPN:

  1. Enable BGP PIC Edge:
    Note

    The BGP PIC edge feature is supported on ACX Universal Metro routers and on MX Series 5G Universal Routing Platforms with MPC interfaces.

  2. Configure per-packet load balancing:
  3. Apply the per-packet load balancing policy to routes exported from the routing table to the forwarding table:
  4. Verify that BGP PIC Edge is working.

    From operational mode, enter the show route extensive command:

    user@host> show route 192.0.2.6 extensive

    The output lines that contain Indirect next hop: weight follow next hops that the software can use to repair paths where a link failure occurs. The next-hop weight has one of the following values:

    • 0x1 indicates active next hops.

    • 0x4000 indicates passive next hops.

Best Practice

On MX Series 5G Universal Routing Platforms with Modular Port Concentrators (MPCs), we strongly recommend that you enable enhanced IP network services.

To enable enhanced IP network services:

Example: Configuring BGP PIC Edge for MPLS Layer 3 VPNs

This example shows how to configure BGP prefix-independent convergence (PIC) edge, which allows you to install a Layer 3 VPN route in the forwarding table as an alternate path. This enables fast failover when a provider edge (PE) router fails or you lose connectivity to a PE router. This already installed path is used until global convergence through the interior gateway protocol (IGP) is resolved. Using the alternative VPN route for forwarding until global convergence is complete reduces traffic loss.

Requirements

No special configuration beyond device initialization is required before configuring this example.

This example uses the following hardware and software components:

  • One MX Series 5G Universal Routing Platforms with MPC interfaces to configure the BGP PIC edge feature.

  • Five routers that can be a combination of M Series Multiservice Edge Routers, MX Series 5G Universal Routing Platforms, or T Series Core Routers.

  • Junos OS Release 13.2 or later on the device with BGP PIC edge configured.

Overview

In an MPLS VPN Layer 3 environment, it is common for customers to multihome their networks to provide link redundancy. Although the interior gateway protocol (IGP) can provide fast convergence, in certain instances, the time to resolve a link failure and provide an alternate route can be time consuming. For example, a provider edge (PE) router might be configured with 200,000 or more IP prefixes, and a PE router failure could affect many of those prefixes.

This example shows two customer edge (CE) routers, Device CE1 and Device CE2. Devices PE1, PE2, and PE3 are PE routers. Device P1 is a provider core router. Only Device PE1 has BGP PIC edge configured. The example uses the P1-PE2 link (P-PE) link to simulate the loss of a section of the network.

For testing, the address 172.16.1.5/24 is added as a loopback interface address on Device CE2. The address is announced to Device PE2 and Device PE3 and is relayed by way of internal BGP (IBGP) IBGP to Device PE1. On Device PE1, there are two paths to the 172.16.1.5/24 network. These are the primary and a backup path.

Topology

Figure 1 shows the sample network.

Figure 1: BGP PIC Edge Scenario
BGP PIC Edge Scenario

CLI Quick Configuration shows the configuration for all of the devices in Figure 1.

The section Step-by-Step Procedure describes the steps on Device PE1.

Configuration

CLI Quick Configuration

To quickly configure this example, copy the following commands, paste them into a text file, remove any line breaks, change any details necessary to match your network configuration, and then copy and paste the commands into the CLI at the [edit] hierarchy level.

Device CE1

Device CE2

Device P1

Device PE1

Device PE2

Device PE3

Step-by-Step Procedure

The following example requires that you navigate various levels in the configuration hierarchy. For information about navigating the CLI, see Using the CLI Editor in Configuration Mode in the CLI User Guide.

To configure Device R1:

  1. Configure the device interfaces.
  2. Configure MPLS and LDP on the core-facing interfaces.
  3. Configure an IGP on the core-facing interfaces.
  4. Configure IBGP connections with the other PE devices.
  5. Configure the load-balancing policy.
  6. (Optional) Configure a next-hop self policy.
  7. Configure the routing-instance to create the CE-PE EBGP connection.
  8. Enable the BGP PIC edge feature.
  9. Apply the load-balancing policy.
  10. Assign the router ID and autonomous system (AS) number.

Results

From configuration mode, confirm your configuration by entering the show interfaces, show protocols, show policy-options, show routing-instances, and show routing-options commands. If the output does not display the intended configuration, repeat the instructions in this example to correct the configuration.

If you are done configuring the device, enter commit from configuration mode.

Verification

Confirm that the configuration is working properly.

Displaying Extensive Route Information

Purpose

Confirm that BGP PIC Edge is working.

Action

From Device PE1, run the show route extensive table customer1.inet.0 172.16.1/24 command.

user@PE1> show route extensive table customer1.inet.0 172.16.1/24

Meaning

The Indirect next hop output lines that contain weight follow next hops that the software can use to repair paths where a link failure occurs.

The next-hop weight has one of the following values:

  • 0x1 indicates active next hops.

  • 0x4000 indicates passive next hops.

Displaying the Forwarding Table

Purpose

Check the forwarding and kernel routing-table state by using show route forwarding-table.

Action

From Device PE1, run the show route forwarding-table table customer1 destination 172.16.1.0/24 command.

user@PE1> show route forwarding-table table customer1 destination 172.16.1.0/24

Meaning

in addition to the forwarding and kernel routing-table state, this command shows the unilist index (262147) used by the Packet Forwarding Engine.

Displaying the OSPF Routes

Purpose

Show the OSPF route state.

Action

From Device PE1, run the show (ospf | ospf3) route detail command.

user@PE1> show ospf route detail

Meaning

The output shows the tracked session IDs for the loopback interface addresses on Devices PE2 and PE3.