Cisco SD-WAN 018 - Service VPN1 BGP Localized Route Policy

Video Statistics and Information

Video

Captions Word Cloud

Reddit Comments

Captions

how's it going everybody in this video we're going to continue our bgp process by taking a look at how to develop the policies that we're going to roll out the policies themselves are actually kind of interesting they're not quite as straightforward as they are in regular ios but they follow the similar logic you have the match capability through either an access list or a prefix list you have the ability of creating a route policy in v edge so if you're familiar with ios xr they also use a raw policy and then you take that you call the pre acl or the prefix list from the route policy and then you apply that route policy to whatever it is that you're going to try to affect so it's not terribly complicated but it's still something that you definitely kind of have to use the flow logic for so let's go ahead and take a look at exactly what we're going to go do my goal here is if we look at the the cli real quick and we look at something like switch 16 and we do a show ip route what you're going to see in here is you'll notice that router 1 seems to be our egress point and if we do a show ipbgp we see a bunch of routes coming from both but you'll see that like we have the mac the metric that's coming in um the local preference is pointing us towards router one and stuff like that so we're focusing on router one because the local preference in this case here now we have the routes were actually learned if we look at the show ipbgp summary the older neighbor is actually router 1. that's why we're preferring that considering all the variables are pretty much the same so the if we look at something like this neighbor right here we're learning it from both but we're preferring router 1 because his uh let's see this particular prefix right here when we learn it from router router one that's weird why are we learning it that way let's look at something like show ipbgp and we'll take a look at 10.3.130.0 so we look at this one here and the since we have it's kind of an interesting situation because the metric is so much higher than this well the lower metric so it's kind of interesting how this works because of the way that everything comes through so normally you would use local preference would be your preferred path so you would take local prophet v edge2 metric is higher local preference is higher i'm actually not really sure why it's preferring this one because it should be preferring this one other than the fact that it's the older of the two neighbors but that really only goes for um ebgp i think it's been a little while i'd have to go back and investigate but what i want to do is i want you to see if you were to manipulate some values so for example uh right here we're affecting um we're choosing to go over your router one other than it's all the older of the two neighbors so if we were to say clear ipbgp star and do this let's clear the neighbors take down the adjacencies so we're learning routes in both at the same time right so we should learn trap again from vh1 and vh2 at the same time okay let's let it figure itself out okay and so if we do a show ipbgp summary now they both came in router two router one's technically a little bit older but if we look at this once it figures itself out it's still choosing to go via router 1 with the higher local preference the higher metric internal route it's just a little it looks a little odd but the the point being here isn't so much to understand the bgp aspect of it but the point that i want to try to make is that you can affect which way you send the traffic so i should be able to um for pretty much anything i should be able to go ahead and say you know what take the path be a router one because it's going to have the lower administrative the loc the lower um local preference so we can do that where that's actually what we're going to go do me go and get out of the way type in admin and uh go to global config and now in order to affect this you have to actually go underneath the policy command so policy and underneath here you have a number of capabilities so what i'm going to do is i'm not going to create a prefix list or anything like that because i don't need to match anything because i want to basically say i want to forward traffic through router 1 out of the gate and use a i want to effect because if you look right here i'm sorry on switch 16. if you look right here you can see that the local preference for all routes from router 1 is coming in at 100 so i want to lower that to be uh actually no i see oh you know what never mind i completely had a brain fart my my bad higher local preference wins okay so i'm going to affect this to where the higher local preference i completely forgot about that person i don't for some reason i was thinking that the lower a perfect local pre-prep the higher local pro local preference would win my apologies so i'm going to make this to be let's say a thousand we'll do that so what i'm going to do is on vh1 i'm going to go ahead and type in route dash policy and i'm going to give it a name i'm going to type in the route policy for bgp routes and underneath here i'm going to set the sequence sequence value of one underneath here i'm gonna actually scoot this up a little bit so we're not i wish it wouldn't kick so much information out but it's whatever i'm going to say i'm not going to match on any specific prefix but i'm going to set the action underneath here is going to be accept and then underneath here i'm going to set the local preference to be let's say 1000. okay so we do a show config we created a route a policy called route policy rp bgp routes sequence one action is to accept the routes we're going to set local preference of 1000 the default action is reject so literally every prefix that flows through v edge one that goes and gets redistributed to bgp or any routes to get propagated to bgp will automatically so routes are going to get redistributed from ospf into bgp those routes are going to get tagged when they get redistributed into bgp with a default local preference of 1000 and get pushed to um the switch 16 and then you'll see the the value of 1000 show up so now what i have to do is i have to come out of here i have to come out multiple levels deep now i'm underneath policy now i need to type in the command i have to go underneath bgp so it's going to be let me exit out one more time i'll type in vpn 1 router bgps bgp 65012 and then address family ipv4 unicast and it's going to be neighbor actually this is done underneath the neighbor so neighbor of 10.1.0.16 going to go ahead and hit the enter key and then address family ipv4 unicast we're going to say route policy and we can just grab this policy right here and we're going to say outbound so any routes that are going towards that neighbor are going to get tagged with the local preference of 1000 i'm going to go ahead and commit that so what should happen is switch 16 should automatically receive those updates so we're going to give that a couple seconds to do its thing and then once it receives those updates we should be able to go in here on switch 16 and do a show ipbgp and we should see 1000 being tagged so we're forcing the traffic via one of the local preference of 1000 towards the edge one okay so that's basically how you would affect it that way now if i wanted to be more specific for a particular set of prefixes i could do that as well so i can mix and match it however i really want to it's just basically how you would apply it now that was all done locally on the v edge the cool thing is is i can take that same logic on the v manage and do the same thing except for it's more steps it's a little more complicated so let's go ahead and take a look at that what we're going to do is we're going to affect it to where we're going to apply a policy on vh2 for all routes that are redistributed into bgp from omp or ospf or whatever any redistributed routes into bgp will get tagged with a local preference of 2000 and be sent down towards switch 16 and so router 2 will be the default so if we do a show ip route we're going to see everything go via 10 1 0 2 not 10 1 0 1. so let's go ahead and pull up the pull up va manager real quick we're going to go ahead and log in so admin and admin excellent so now we're going to go to underneath here we're going to click on policies and we need to go on to under custom options i'm going to come underneath here and create a route policy that's a localized policy so the route policy i'm just going to come in here say create new i'm going to give it a name i'm going to call rp underscore bgp routes something simple right copy and paste that in and then i'm going to give it a sequence type and sequence rule i'm not going to imagine anything but i um the match is going to basically just be everything right what i'm going to do is i'm going to set the actions to accept and then underneath the local preference i'm going to set that value i'm going to put 2 000 in here and that's it the default action i'm going to go ahead and save matching actions i'm going to click the default action it's going to be to reject so let's just recap what we did we created a name and a description i created a sequence type and then a sequence rule right because right now it's raw policy that's all we have and then what i did is i said match ever match anything we don't care what it is and then we're going to accept and the actions we're going to accept whatever routes are coming in and by default we're going to tag every route with a local preference of 2000 simple as that i'm going to end in the default action we're going to reject anything else i'm going to go ahead and save route policy so now it's been saved right it's right there now because the fact has been saved i have to go now to the configuration of the def device template and now i have to tag route rp bgp routes i have to go to if i was to go to like local policy and then add a policy i can go through next next next next and if i was to go back one to say add a route policy and import existing it's in here click on import right and then i click on next and then on the policy name so you create a route but you create a route policy with whatever configuration you need okay that's going to be your that's basically going to be the same thing as me doing this right here uh let me go back to the edge one and let me jump out of global config and do a show run uh policy okay underneath here i create the policy right and the policy says route policy bgp route sequence one i'm good to go there so now what i get to go do on here is the policy name you need to create a policy name which is going to basically be an overarching capability and the policy name is called from actually no let me do it this way let me go back to templates we go and get out of the way real quick we go to templates and then the dual site device template edit this and then i'm going to come down to additional templates and we have the policy and see you see it's nothing nothing shows up right we have to create a policy and then call the bgp routes policy we have to create that that was like i don't think you can just do it without it so under policies localized policies add a policy so i'm going to go ahead and next next next to here i'm going to actually let me back up one i'm going to add route policy import existing one i'm going to grab the route policy bgp routes i'm going to import it and then i'm going to say next i'm going to give it a name i'll type in policy is going to be bgp underscore routes copy and paste that down there i'm not going to do anything else with it and i'm just going to go ahead and save policy now the policy has been saved right now i can go to templates default uh dual site device template edit that and then i can come down to additional templates and under policy there it is policy bgp routes i'm going to go ahead and click on update and what's going to end up happening is that policy is going to get pushed down to vh2 so we're going to go ahead and click next and then i'm going to go to check the deployment option and so i'm actually going to keep this right here and then we're going to look at the config diff real quick because i'm curious to see what it's going to look like too config diff come down here a little bit and we're going to see that a policy it's the same exact config right um we're pushing this policy down right and then we had to go underneath the bgp config in order to associate it so basically this is what you're doing right so we're going to go ahead and configure devices so it's going to push that config down to vh2 and then we're going to go into the hurry up and wait state i'm going to go ahead and pause until it's there okay so now it's there so we can go back to vh2 and type in admin admin and then show run policy and we can see that the policy is there right and it matches the edge one i mean it's the same thing except for um a different value right so what i'm going to do now is on vmanage i'm going to go back to the templates i'm going to click on feature templates and then i'm going to choose bgp for dual side vpn one so which is this guy i'm going to go in here and edit it and what i'm going to do is underneath the neighbor config i'm going to go ahead and edit this and then i'm going to where it says the route policy part right here i'm going to come in here and say global click on and then the policy name is i'm going to come in here and the policy name itself is this name right here so i'm going to just call rp bgp routes i'm going to paste that right here globally and i'm going to say save changes and then update and then we'll check the configuration once we go to click next we'll do a config diff give that a couple seconds for it to do its push so go to config div come down here and under bgp we'll see that route policy rp bgp routes is that outbound so i'm gonna go ahead and configure devices it's gonna push that config we'll give that a few seconds to do its push okay the config was pushed so if we come in here and do a show run vpn 1 router bgp 65012 we can see that the bgp routes have been updated if we go over here to switch 16 we can see a bunch of updates has happened and guess what all of our routes have now been updated right so we come in here and we do a show ipbgp summary actually i meant to say this we can see now that the routes are going to be a router 2 with a higher local preference we do a show ip route and we can see our next top is now pointing towards vh2 so that is how you affect local preference in this particular case so it's going to be routes going outbound so that just gets the routes to the edge right so internal routing properties and policies and whatever all that stuff still needs to be applied right and you can affect how the traffic gets to the particular v edge so in this case here vh2 was to die vh1 would take over because there is a backup path and all that type of good stuff that goes along with it but as you can see not too terribly difficult to get up and running so that's basically what i wanted to show you guys in this video we're going to go and start transitioning over into nat and take a look at how that comes into play and then talk about propagating a default route over the omp process so we can have a backup path via we're talking about local internet breakout and all that good stuff that goes along with that so until next time guys thanks so much for stopping by and i'll catch all of you guys in the next video

Info

Channel: Rob Riker's Tech Channel

Views: 1,762

Rating: undefined out of 5

Keywords: cisco, sd-wan, sd, wan, viptela, ibgp, network, local, route, policy

Id: EG47WIgaxlo

Channel Id: undefined

Length: 18min 43sec (1123 seconds)

Published: Sat Oct 03 2020