Topology description:
R3 , R4 = Provider Routers / Core network for ISP [P]
R1, R5 = Provider Edge Routers [PE]
R6, R7 = Customer Edge Routers [CE]
MPLS is running across ISP network, starting from PE left side to P routers in core to PE on Right side
ISP is running OSPF as IGP, so PE's inter E0/1 and R3 and R4 all running OSPF to exchange Routes
iBGP is running between R1 and R5 to establish mBGP VPN through ISP Network MPLS
the iBGP is using R1 and R5 Loopback interfaces to establish the connection
in this Lab i used eBGP Connection between CE and PE routers
from PE side we have to configure VRF toward the CE just in case we have more than CE with same IP ranges
BGP configuration on PE will be under Address-family IPv4 VRF
BGP configuration on CE side will be normal and under global routing table
on the PE we have the redistribution if we are using other than BGP between PE and CE
but since we are running EBGP [CE to PE] and iBGP [PE to PE] then there is no need to redistribute
on the Customer edges [sites] we are using BGP with AS 250 on both CE routers
when CE [left] sends prefixes to PE [left] it will include the path attributes, PE left will send to PE right and PE [right] will send to CE [right], CE [right] will check the prefixes and finds the Path attributes of itself on the routes so it will consider it as loop and BGP loop prevention mechanism is to drop any routes that has my AS in the path to the destination [default behavior] so what to do in this case to make both CE sites connects with each other?
there are two ways:
1. Allow AS IN [implemented on CE routers to allow self AS numbers to be with the incoming routes]
2. AS override [implemented on PE sides toward the CE neighbor and it will change the AS number with AS number similar to PE AS number]
3. BGP Site of Origin [tagging routes]
check the configuration below:
PE-LEFT#show run | section router bgp
router bgp 100
bgp log-neighbor-changes
neighbor 5.5.5.5 remote-as 100
neighbor 5.5.5.5 update-source Loopback0
!
address-family vpnv4
neighbor 5.5.5.5 activate
neighbor 5.5.5.5 send-community extended
exit-address-family
!
address-family ipv4 vrf vpn
neighbor 10.0.17.7 remote-as 250
neighbor 10.0.17.7 activate
neighbor 10.0.17.7 as-override
exit-address-family
=========================================
same will be on right side PE
PE-RIGHT# show run | section router bgp
router bgp 100
bgp log-neighbor-changes
neighbor 1.1.1.1 remote-as 100
neighbor 1.1.1.1 update-source Loopback0
!
address-family vpnv4
neighbor 1.1.1.1 activate
neighbor 1.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf vpn
neighbor 10.0.56.6 remote-as 250
neighbor 10.0.56.6 activate
neighbor 10.0.56.6 as-override
exit-address-family
PE-RIGHT#
now checking the BGP table on the CE will be like the picture below:
as you can see, we have path contains 100 100 which is the PE BGP AS number.
reachability check from CE right side to CE left side:
