Airheads Community

last person joined: 7 hours ago

Access network design for branch, remote, outdoor, and campus locations with HPE Aruba Networking access points and mobility controllers.

Back to discussions

Expand all | Collapse all

Aruba 6300M BGP / VRF

Jump to Best Answer

This thread has been viewed 9 times

1. Aruba 6300M BGP / VRF

0 Kudos
DominikGy
Posted May 04, 2020 02:09 AM
| view attached

Reply Reply Privately
Hi there

I try to set up a vsf stack (2x 6300m ArubaOS CX) but have some troubles with the routing config.
Because it is necessary to split the subnets to different vrf and route them separately to the next hop I need your help.

there are different VLANs:
vlan 10 - name MANAGEMENT
vlan 20 - name CLIENTS
vlan 30 - name PRINTER
vlan 40 - name GUEST
vlan 50 - name PRODUCTION

Different VRFs (only VLAN20 and VLAN30 are in the same VRF):
interface vlan10
vrf attach Mgmt
ip address 172.16.10.1/24

interface vlan20
vrf attach Office
ip address 172.16.20.1/24

interface vlan30
vrf attach Office
ip address 172.16.30.1/24

interface vlan40
vrf attach Guest
ip address 172.16.40.1/24

interface vlan50
vrf attach Production
ip address 172.16.50.1/24

Lets make the sample with VRF "Office" and "Mgmt":
There are 2 routers (primary and backup) for the next hop.
We definded the next hop addresses:
Office:
primary: 172.16.255.10 / backup: 172.16.255.14

Mgtm:
primary: 172.16.255.18 / backup: 172.16.255.22

The ArubaSwitch interfaces for this VRF should be: (--> but there are other Interfaces on the same switch and on the same ports.)
Office:
primary: 172.16.255.9 / backup: 172.16.255.13

Mgmt:
primary: 172.16.255.17 / backup: 172.16.255.21

I would like to have only one primary and one backup link between the ArubaSwitch and the Router.
Can I create somethink like a routing interface with one IP per VRF?
Does anyone have an example configuration for me or can help me with this?

Thanks for your help and have a good day.
2. RE: Aruba 6300M BGP / VRF

0 Kudos
DominikGy
Posted May 04, 2020 11:26 AM
| view attached

Reply Reply Privately
Hi there
In the meantime I discussed the config with another technician and now the configuration look like this --> see the attached image.
Does anyone have suggestions for improvement?
!!At the moment its only configured in the lab and we didn's tested it, so I hope you can give me some help/suggestions.... !!

We made transfer VLANs between the Coreswitch and the Router and add them to the VRFs. Then we made a trunk port with all this transfer VLANs between the two devices.

Local VLAN Config:
----------------------------
interface vlan10
vrf attach Mgmt
ip address 172.16.10.1/24

interface vlan20
vrf attach Office
ip address 172.16.20.1/24

interface vlan30
vrf attach Office
ip address 172.16.30.1/24

interface vlan40
vrf attach Guest
ip address 172.16.40.1/24

interface vlan50
vrf attach Production
ip address 172.16.50.1/24

BGP Transfer vlan Config (example MGMT and Office):
----------------------------
interface vlan1010 --> MGMT_Primary
vrf attach Mgmt
ip address 172.16.255.9/30

interface vlan1011 --> MGMT_Backup
vrf attach Mgmt
ip address 172.16.255.13/30

interface vlan1020 --> Office_Primary
vrf attach Office
ip address 172.16.255.17/30

interface vlan1021 --> Office_Backup
vrf attach Office
ip address 172.16.255.21/30

BGP Config
----------------------------
router bgp 65001
vrf Mgmt
neighbor 172.16.255.10 remote-as xxxxxx
neighbor 172.16.255.10 password xxxxxx
neighbor 172.16.255.14 remote-as xxxxxx
neighbor 172.16.255.14 password xxxxxx
address-family ipv4 unicast
network 172.16.10.0/24
exit-address-family

vrf Office
neighbor 172.16.255.18 remote-as xxxxxx
neighbor 172.16.255.18 password xxxxxx
neighbor 172.16.255.22 remote-as xxxxxx
neighbor 172.16.255.22 password xxxxxx
address-family ipv4 unicast
network 172.16.20.0/24
network 172.16.30.0/24
exit-address-family

Trunk Port Config -> Connection between Core Switch and router
----------------------------
interface x/x/x
Description Router_Primary
vlan trunk allowed 1010,1011,1020,1021,....

interface x/x/x
Description Router_Backup
vlan trunk allowed 1010,1011,1020,1021,....

Thanks for all suggestions and help.
3. RE: Aruba 6300M BGP / VRF
Best Answer

0 Kudos
DominikGy
Posted May 06, 2020 02:10 AM

Reply Reply Privately
Hi there

After a lab session where I could test the BGP configuration there is one thing to be changed and now BGP works.
I have to activate the neighbor address in the "address-family ipv4 unicast" command context.
The BGP config looks like this now.

BGP Config
----------------------------
router bgp 65001

vrf Mgmt
neighbor 172.16.255.10 remote-as xxxxxx
neighbor 172.16.255.10 password xxxxxx
neighbor 172.16.255.14 remote-as xxxxxx
neighbor 172.16.255.14 password xxxxxx
address-family ipv4 unicast
neighbor 172.16.255.10 activate
neighbor 172.16.255.14 activate
network 172.16.10.0/24
exit-address-family

vrf Office
neighbor 172.16.255.18 remote-as xxxxxx
neighbor 172.16.255.18 password xxxxxx
neighbor 172.16.255.22 remote-as xxxxxx
neighbor 172.16.255.22 password xxxxxx
address-family ipv4 unicast
neighbor 172.16.255.18 activate
neighbor 172.16.255.22 activate
network 172.16.20.0/24
network 172.16.30.0/24
exit-address-family

If someone has suggestions please let me know. If not I will doing it like this because it was working in my Lab.

Kind regards

Wireless Access

Aruba 6300M BGP / VRF

1. Aruba 6300M BGP / VRF

2. RE: Aruba 6300M BGP / VRF

3. RE: Aruba 6300M BGP / VRF Best Answer

3. RE: Aruba 6300M BGP / VRF
Best Answer