MikroTik MP-BGP L3VPN with Route Reflectors (Full Lab)

  Рет қаралды 13,132

The Network Berg

The Network Berg

Күн бұрын

Пікірлер: 65
@mishasawangwan6652
@mishasawangwan6652 Жыл бұрын
keep it up, you’re the best resource for us homelabbers dedicated to mikrotik
@JaroslavVazac
@JaroslavVazac 2 ай бұрын
Awesome tutorial, man! Thanks
@slogiranaveverica
@slogiranaveverica Жыл бұрын
Excited as much as you are! I have proposal for some next video: dual route reflectors with l3vpn and failover. Thank you so much for sharing your passion. 🍻
@Wubbadub2219
@Wubbadub2219 Жыл бұрын
Also looking for some guidance on using a pair of router reflectors for redundancy. Trouble is, I cannot get the reflectors toadvertise to each other. All route reflector clients are working as expected. Literally just the 2 reflectors that wont advertise
@Liviu.B
@Liviu.B 6 ай бұрын
Hello Mr Berg and everyone, i just tested the lab made from scratch, with version 7.6 i had a problem after setting up the L3VPN, the new routes (dy) they was appiring and disappiring every few seconds, ping also failed, i double checked the config on all devices, everything was fine, then I used version 7.13 (with eveng) and its working perfectly! i used "role=ibgp-rr-client" from begining, i saw the comment referring to that. Keep up the good work, best regards!
@sabdielisstech5049
@sabdielisstech5049 5 ай бұрын
Great video!!
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Hey guys, just some reference material and a link to download the EVE-NG Lab file. I'm really super happy with this change! One thing that I have absolutely incorrect and I really need to amend is that the local.role for ibgp-rr-client works, I recall having issues with this before, but this is not the case anymore since I just tested this after publishing the video. Providing MPLS Services to Customers: kzbin.info/www/bejne/rKXCYXV4a9SJZ9k BGP CE-PE Configuration: kzbin.info/www/bejne/aZK3aZ14YpxrbLM MikroTik BGP Docs: help.mikrotik.com/docs/display/ROS/BGP MikroTik VRF Docs: help.mikrotik.com/docs/pages/viewpage.action?pageId=328206 Lab File: t.co/lqGt4ZlVuT
@mikkio5371
@mikkio5371 Жыл бұрын
Thank you Mr berg . Although I was able to get it working but not by this method . Now I know this method . Also I grew up to this stage because of your help .and I say Thank you
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Thank you for watching! If my work has helped you to grow in any way then that makes me feel happy, I hope that it can help others grow as well :D!
@drumaddict89
@drumaddict89 Жыл бұрын
thank you SO MUCH for that video! also loved the troubleshooting with the subnet typo on PE2 ;) those things happen all the time everywhere if one is not careful - and i had those issues myself at work too by myself as by coworkers too xD 25:37 ... haha i do know that feeling when things start to work and i feel you there. awesome and sick xD
@kongpanha1816
@kongpanha1816 Жыл бұрын
big thanks for your sharing always new content, always watch you videos. 🙏
@sliddjur
@sliddjur Жыл бұрын
Thank you for providing your labfile!! SUPER useful! Looking forward to lab this asap.
@cybersrb
@cybersrb Жыл бұрын
I had the exact same happiness feeling few days ago when 7.9 got out, so I completely understand your excitement 😁 Thanks for informing the Mtik users!!! ...I can smell BFD in the air
@enderst81
@enderst81 Жыл бұрын
On Linux I use a Winbox docker container instead of installing Wine. IIRC there is a Winbox container for eve-ng as well.
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Hmmmmm pretty wicked idea, might do it myself too.
@Ton_DayTrader
@Ton_DayTrader Жыл бұрын
how to reject some as-path ?
@nikolashuminosky6987
@nikolashuminosky6987 Жыл бұрын
nice, we are waiting now for VPN6, on v7.10
@mrfran1
@mrfran1 Жыл бұрын
I’m able to redistribute all kinds of routes dynamic and static from the VRF/VPN except the default route (redistributed from RR)
@romanmikhalev3518
@romanmikhalev3518 Жыл бұрын
Thx for this guide! Can you show a video where MPLS Per-VRF NAT for internet access to L3VPNs is implemented in this example?
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
I can definitely suggest a few solutions. Some people tend to use route leaking, although it's probably easier to just put in a Firewall where all VRFs can connect to and this firewall will connect to an "Internet Router" where CGNAT etc can be performed if required. Will see if I can make a separate video for this, some of my past live streams have covered it but I am not sure which video exactly.
@mrfran1
@mrfran1 Жыл бұрын
In this scenario should the P1-RR mark the default-originate=always to ALL of his intra AS peers?
@manishgovindji7341
@manishgovindji7341 Жыл бұрын
Thank you, this is great stuff, one question how do I add internet breakout for CE1/CE2. Thank you.
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Few ways to achieve this, but this is where we start looking at things like CGNAT and route leaking or pushing traffic out to an "internet" router and having VLANs in the different VRFs connected to this internet traffic Could create a video on the subject as well.
@manishgovindji7341
@manishgovindji7341 Жыл бұрын
@@TheNetworkBerg Would be great if you can spare some time for a video, as cust to cust is great, now if the cust 1 wants to go out, they cannot, I tried to use vrf on CE1, but failed. :)
@m-electronics5977
@m-electronics5977 Жыл бұрын
4:43 I must add the interfaces also under "/mpls/interfaces"? Is that not necessary?
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
For LDP to work, no, you do not need to specify MPLS interfaces. I've never really had to use them in my own network, but from the MikroTik docs it appears to be more or less to set MTU values and assign labels yourself help.mikrotik.com/docs/display/ROS/MPLS+MTU%2C+Forwarding+and+Label+Bindings
@m-electronics5977
@m-electronics5977 Жыл бұрын
@@TheNetworkBerg ok, I was told that it would doesn't work without that, because we are doing MPLS?
@m-electronics5977
@m-electronics5977 Жыл бұрын
Starts the series for this MPLS and BGP and all the stuff on ROSv7 now? 🙂
@johnlauro6498
@johnlauro6498 Жыл бұрын
i have a question, whats the difference with mpls and vxlan? when to use mpls and vxlan? thanks
@amvk_999
@amvk_999 9 ай бұрын
Great video, may i ask what is your system specs to run eve-ng so smooth 🙂.
@mostrakt
@mostrakt Жыл бұрын
Hi, Berg! Could you tell me what a CCIE network engineer needs to know? What distinguishes him from a network engineer with CCNP consciousnesses? It would be interesting to make a separate video about this.
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Well, I guess it's that little I in the CCIE that makes all the difference between it and a CCNP. CCIE's are expected to be able to understand how (I)nternetworking works. This means understanding not only the routing inside your own networks, but also how the internet and other network providers function. For routing and switching this may be intricate knowledge of how stuff like BGP functions so that you can manage inter-connects and cross-connects between other network operators and implementing these solutions in a clear and concise manner. Or Layer-2 technologies like VPLS or EVPN to deliver services between datacenters that might be in different locations. I am not a CCIE though, but any vendor that has an internetworking engineer certificate expects this type of knowledge for its highest level certification, like MikroTiks MTCINE or Juniper's JNCIE. CCNP's will also learn about many of these technologies, but aren't always expected to deliver the same service that a CCIE can.
@pedromartinezdeaguilar9187
@pedromartinezdeaguilar9187 Жыл бұрын
Congratulations and thanks
@LampJustin
@LampJustin Жыл бұрын
That's indeed very awesome!! But couldn't you still do BGP EVPN (vxlan) and use FRR at the edge? Will ROS forward the Type 2/5 routes?
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
MikroTik still doesn't really do EVPN, unlike VPLS that can create dynamic and scalable tunnels using BGP, you cannot do that with MikroTik at the moment. But I suppose it could be done, will need to test myself (Could also change out the provider equipment with something else like VYOS if we want EVPN)
@LampJustin
@LampJustin Жыл бұрын
@@TheNetworkBerg that's unfortunate! But yeah VyOS is pretty awesome too
@cb_q
@cb_q Жыл бұрын
Hello, thanks! Is there way to setup PE/CE routers without using output.default-originate=yes, i.e. push nets on ether2 between CE1/CE2? I try to enable output.redistribute=bgp-mpls-vpn, but it add route on CE1/CE2 to net PE1-CE1/PE2-CE2 only (without network 192.0.*.0/24 on CE1/CE2 ether2).
@cb_q
@cb_q Жыл бұрын
interesting. if I setup ospf in PE1-CE1 and enable redistribute=bgp-mpls-vpn on PE1 ospf instance than CE1 import all 192.0.*.0/24 routes from CE2, but if I use ebgp on PE1-CE1 this option has different behavior
@m-electronics5977
@m-electronics5977 Жыл бұрын
And can you make a video about VPLS with BGP? I don´t looking over that stuff
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Sure, someone else also asked for a similar video as they couldn't get VPLS working on v7.
@xtlmeth
@xtlmeth Жыл бұрын
That you for this!
@mrfran1
@mrfran1 Жыл бұрын
hoping to see a L2 Solution is vpls replaced by vxlan ?
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
I think VXLAN (and EVPN) is definitely the evolution of VPLS and can potentially replace it, biggest factor is not needing to run MPLS underneath it. I'm hoping MT brings in EVPN into the mix which makes VXLAN just a much more scalable solution, think of it as VPLS tunnels spanned using BGP but now with VXLAN.
@sjnlim3925
@sjnlim3925 Жыл бұрын
Can you please make a video on lpsec/ikev2 rsa vpn configuration in mikrotik?
@m-electronics5977
@m-electronics5977 Жыл бұрын
45:51 On my Lab it works when I set it to ibgp-rr-client
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Yeah I mentioned that in the pinned comment as well, it seems to work with both ibgp and ibgp-rr-client
@m-electronics5977
@m-electronics5977 Жыл бұрын
@@TheNetworkBerg there are different redistributing rules, when a prefix or other stuff come from a non-rr-client than from an rr-client
@genefrances4816
@genefrances4816 Жыл бұрын
Thank u sir
@m-electronics5977
@m-electronics5977 Жыл бұрын
How fast you can type?
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
I don't know, I haven't used any type programs to check in a while. I don't think I type very fast, but I don't think I type slow either.
@m-electronics5977
@m-electronics5977 Жыл бұрын
@@TheNetworkBerg you type very fast, i type with the 10 finger system and be slower
@HeikoRehm
@HeikoRehm Жыл бұрын
Great Video I Love your Mikrotik topics. Nevertheless, BGP signaled L3VPN/VRF were working (with some caveats) already in 6.x. RR's not though maybe?
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Yeah we currently use BGP to span VRFs in our v6 production environment, since this and BFD hasn't worked on v7 we have had no plans to upgrade to v7 until it met all of our current requirements. Just a couple of more updates and I will be more than happy to upgrade (more likely replace with 2k hardware)
@m-electronics5977
@m-electronics5977 Жыл бұрын
And L2VPN/BGP Signaled VPLS doesn't work over RR yet!
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Yeah I tested again and this still doesn't work, can only get VPLS to work properly between direct neighborships. Not ideal.
@m-electronics5977
@m-electronics5977 Жыл бұрын
@@TheNetworkBerg the VPLS packets are send to the RR instead to the other neighbor say's my wireshark😅
@alimibrahem8120
@alimibrahem8120 Жыл бұрын
Hello Mr. Berg..! Great as always..! i will be very createful if you guide me on a BGP and MPLS videos tutorials, so i can really go deep on those topic. 1000 like.
@m-electronics5977
@m-electronics5977 Жыл бұрын
But this with the Route Leaking will doesn´t run in my Lab. 😒
@BattousaiHBr
@BattousaiHBr Жыл бұрын
fyi, bgp connect and listen default to "yes", so no need to explicitly configure them.
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
Thanks for the info, I have seen ported config from 6 to 7 explicitly have this set and I do not recall it being set during the betas so it's just out of habit I do it I guess, but didn't know it was set explicitly so thanks again 😄
@BattousaiHBr
@BattousaiHBr Жыл бұрын
@@TheNetworkBerg i think export config arguments do not dynamically pull from a checklist of default values. for example, when adding a route it's always by default routing-table=main scope=30 target-scope=10 suppress-hw-offload=no but it'll still explicitly show up in exported config anyway.
@TheNetworkBerg
@TheNetworkBerg Жыл бұрын
@@BattousaiHBr Hmmm I just tested in EVE and listen and connect is not explicitly set (unless it is hidden) though exporting verbose configs it is still hidden. Very interesting, wonder if it actually works with "broadcast" BGP if you do not set connect and listen.
@proxymoxylinks
@proxymoxylinks Жыл бұрын
first comment, go Network Berg !
@xerck
@xerck Жыл бұрын
OMG, i suffer a lot with the local role BGP, RR the server and ibgp for the clients, thats not intuitive. thanks
@mrfran1
@mrfran1 Жыл бұрын
hi thanks for your videos im having a hard time differentiating this Setup vs the one without RR made by you previously kzbin.info/www/bejne/rKXCYXV4a9SJZ9k you actually made one session to PE1 from P1 (RR) and another session to PE2 from P1 (RR)
Basic introduction to BGP - Ft. MikroTik ROSv7
50:25
The Network Berg
Рет қаралды 38 М.
Providing MPLS services to customers on MikroTik ROSv7 | FULL LAB
40:39
The Network Berg
Рет қаралды 29 М.
Tuna 🍣 ​⁠@patrickzeinali ​⁠@ChefRush
00:48
albert_cancook
Рет қаралды 148 МЛН
Арыстанның айқасы, Тәуіржанның шайқасы!
25:51
QosLike / ҚосЛайк / Косылайық
Рет қаралды 700 М.
DO NOT design your network like this!! // FREE CCNA // EP 6
19:36
NetworkChuck
Рет қаралды 3,4 МЛН
MikroTik CLI: A Basic Introduction to It for New Users
27:33
The Network Berg
Рет қаралды 14 М.
MikroTik FINALLY Supports BFD in v7!!! (BGP & OSPF Setup)
32:03
The Network Berg
Рет қаралды 13 М.
Full MikroTik MTCRE - VRF (Basic Overview & Lab)
19:23
The Network Berg
Рет қаралды 19 М.
Learning BGP, Module 1 Lesson 4: Intra-AS Models And Route Reflectors
15:31
Mastering VLAN Configuration on MikroTik, Step-by-Step Guide
34:56
The Network Berg
Рет қаралды 120 М.
INE Live Webinar: Understanding Inter-AS L3VPN - Option A/B/C
2:00:16
BGP Attributes & Route Filters, Ft. MikroTik ROSv7
42:59
The Network Berg
Рет қаралды 15 М.
Mastering MikroTik LACP Configuration: A Step-by-Step Guide
17:58
The Network Berg
Рет қаралды 15 М.
Tuna 🍣 ​⁠@patrickzeinali ​⁠@ChefRush
00:48
albert_cancook
Рет қаралды 148 МЛН