.. _ip-l3vpn-family:
IP L3VPN Family
===============
The BGP/MPLS IP Virtual Private Networks (BGP L3VPN) Multiprotocol extension can be used to exchange particular VPN (customer) routes among the provider's routers attached to that VPN.
Also, routes are distributed to specific VPN remote sites.
.. contents:: Contents
:depth: 2
:local:
Configuration
^^^^^^^^^^^^^
This section shows a way to enable IPv4 and IPv6 L3VPN family in BGP speaker and peer configuration.
BGP Speaker
'''''''''''
To enable IPv4 and IPv6 L3VPN support in BGP plugin, first configure BGP speaker instance:
**URL:** ``/rests/data/openconfig-network-instance:network-instances/network-instance=global-bgp/protocols``
**Method:** ``POST``
.. tabs::
.. tab:: XML
**Content-Type:** ``application/xml``
**Request Body:**
.. code-block:: xml
<protocol xmlns="http://openconfig.net/yang/network-instance">
<name>bgp-example</name>
<identifier xmlns:x="http://openconfig.net/yang/policy-types">x:BGP</identifier>
<bgp xmlns="urn:opendaylight:params:xml:ns:yang:bgp:openconfig-extensions">
<global>
<config>
<router-id>192.0.2.2</router-id>
<as>65000</as>
</config>
<afi-safis>
<afi-safi>
<afi-safi-name xmlns:x="http://openconfig.net/yang/bgp-types">x:L3VPN-IPV4-UNICAST</afi-safi-name>
</afi-safi>
<afi-safi>
<afi-safi-name xmlns:x="http://openconfig.net/yang/bgp-types">x:L3VPN-IPV6-UNICAST</afi-safi-name>
</afi-safi>
<afi-safi>
<afi-safi-name xmlns:x="http://openconfig.net/yang/bgp-types">x:L3VPN-IPV4-MULTICAST</afi-safi-name>
</afi-safi>
<afi-safi>
<afi-safi-name xmlns:x="http://openconfig.net/yang/bgp-types">x:L3VPN-IPV6-MULTICAST</afi-safi-name>
</afi-safi>
</afi-safis>
</global>
</bgp>
</protocol>
.. tab:: JSON
**Content-Type:** ``application/json``
**Request Body:**
.. code-block:: json
{
"protocol": [
{
"identifier": "openconfig-policy-types:BGP",
"name": "bgp-example",
"bgp-openconfig-extensions:bgp": {
"global": {
"config": {
"router-id": "192.0.2.2",
"as": 65000
},
"afi-safis": {
"afi-safi": [
{
"afi-safi-name": "openconfig-bgp-types:L3VPN-IPV4-UNICAST"
},
{
"afi-safi-name": "openconfig-bgp-types:L3VPN-IPV6-UNICAST"
},
{
"afi-safi-name": "openconfig-bgp-types:L3VPN-IPV4-MULTICAST"
},
{
"afi-safi-name": "openconfig-bgp-types:L3VPN-IPV6-MULTICAST"
}
]
}
}
}
}
]
}
BGP Peer
''''''''
Here is an example for BGP peer configuration with enabled IPv4 and IPv6 L3VPN family.
**URL:** ``/rests/data/openconfig-network-instance:network-instances/network-instance=global-bgp/openconfig-network-instance:protocols/protocol=openconfig-policy-types:BGP,bgp-example/bgp-openconfig-extensions:bgp/neighbors``
**Method:** ``POST``
.. tabs::
.. tab:: XML
**Content-Type:** ``application/xml``
**Request Body:**
.. code-block:: xml
<neighbor xmlns="urn:opendaylight:params:xml:ns:yang:bgp:openconfig-extensions">
<neighbor-address>192.0.2.1</neighbor-address>
<afi-safis>
<afi-safi>
<afi-safi-name xmlns:x="http://openconfig.net/yang/bgp-types">x:L3VPN-IPV4-UNICAST</afi-safi-name>
</afi-safi>
<afi-safi>
<afi-safi-name xmlns:x="http://openconfig.net/yang/bgp-types">x:L3VPN-IPV6-UNICAST</afi-safi-name>
</afi-safi>
</afi-safis>
</neighbor>
.. tab:: JSON
**Content-Type:** ``application/json``
**Request Body:**
.. code-block:: json
{
"neighbor": [
{
"neighbor-address": "192.0.2.1",
"afi-safis": {
"afi-safi": [
{
"afi-safi-name": "openconfig-bgp-types:L3VPN-IPV4-UNICAST"
},
{
"afi-safi-name": "openconfig-bgp-types:L3VPN-IPV6-UNICAST"
}
]
}
}
]
}
IP L3VPN API
^^^^^^^^^^^^
Following trees illustrate the BGP IP L3VPN routes structures.
IPv4 L3VPN Unicast Route
''''''''''''''''''''''''
.. code-block:: console
:(vpn-ipv4-routes-case)
+--ro vpn-ipv4-routes
+--ro vpn-route* [route-key path-id]
+--ro route-key string
+--ro path-id path-id
+--ro label-stack*
| +--ro label-value? netc:mpls-label
+--ro prefix? inet:ip-prefix
+--ro path-id? path-id
+--ro route-distinguisher? bgp-t:route-distinguisher
+--ro attributes
...
IPv6 L3VPN Unicast Route
''''''''''''''''''''''''
.. code-block:: console
:(vpn-ipv6-routes-case)
+--ro vpn-ipv6-routes
+--ro vpn-route* [route-key path-id]
+--ro route-key string
+--ro path-id path-id
+--ro label-stack*
| +--ro label-value? netc:mpls-label
+--ro prefix? inet:ip-prefix
+--ro path-id? path-id
+--ro route-distinguisher? bgp-t:route-distinguisher
+--ro attributes
...
IPv4 L3VPN Multicast Route
''''''''''''''''''''''''''
.. code-block:: console
:(l3vpn-mcast-routes-ipv4-case)
+--ro l3vpn-mcast-routes-ipv4
+--ro l3vpn-mcast-route* [route-key path-id]
+--ro prefix? inet:ip-prefix
+--ro route-distinguisher? bgp-t:route-distinguisher
IPv6 L3VPN Multicast Route
''''''''''''''''''''''''''
.. code-block:: console
:(l3vpn-mcast-routes-ipv6-case)
+--ro l3vpn-mcast-routes-ipv6
+--ro l3vpn-mcast-route* [route-key path-id]
+--ro prefix? inet:ip-prefix
+--ro route-distinguisher? bgp-t:route-distinguisher
Usage
^^^^^
IPv4 L3VPN Unicast
''''''''''''''''''
The IPv4 L3VPN Unicast table in an instance of the speaker's Loc-RIB can be verified via REST:
**URL:** ``/rests/data/bgp-rib:bgp-rib/rib=bgp-example/loc-rib/tables=bgp-types:ipv4-address-family,bgp-types:mpls-labeled-vpn-subsequent-address-family/bgp-vpn-ipv4:vpn-ipv4-routes?content=nonconfig``
**Method:** ``GET``
.. tabs::
.. tab:: XML
**Response Body:**
.. code-block:: xml
<vpn-ipv4-routes xmlns="urn:opendaylight:params:xml:ns:yang:bgp-vpn-ipv4">
<vpn-route>
<path-id>0</path-id>
<route-key>cAXdYQABrBAALABlCgIi</route-key>
<label-stack>
<label-value>24022</label-value>
</label-stack>
<attributes>
<extended-communities>
<transitive>true</transitive>
<route-target-extended-community>
<global-administrator>65000</global-administrator>
<local-administrator>AAAAZQ==</local-administrator>
</route-target-extended-community>
</extended-communities>
<origin>
<value>igp</value>
</origin>
<as-path></as-path>
<local-pref>
<pref>100</pref>
</local-pref>
<ipv4-next-hop>
<global>127.16.0.44</global>
</ipv4-next-hop>
</attributes>
<route-distinguisher>172.16.0.44:101</route-distinguisher>
<prefix>10.2.34.0/24</prefix>
</vpn-route>
</vpn-ipv4-routes>
.. tab:: JSON
**Response Body:**
.. code-block:: json
{
"bgp-vpn-ipv4:vpn-ipv4-routes": {
"vpn-route": {
"route-key": "cAXdYQABrBAALABlCgIi",
"path-id": 0,
"label-stack": {
"label-value":24022
},
"attributes": {
"extended-communities": {
"transitive": true,
"route-target-extended-community": {
"global-administrator": "65000",
"local-administrator": "AAAAZQ=="
}
},
"origin": {
"value": "igp"
},
"local-pref": {
"pref": 100
},
"ipv4-next-hop": {
"global": "127.16.0.44"
}
},
"route-distinguisher": "172.16.0.44:101",
"prefix":"10.2.34.0/24"
}
}
}
IPv6 L3VPN Unicast
''''''''''''''''''
The IPv6 L3VPN Unicast table in an instance of the speaker's Loc-RIB can be verified via REST:
**URL:** ``/rests/data/bgp-rib:bgp-rib/rib=bgp-example/loc-rib/tables=bgp-types:ipv6-address-family,bgp-types:mpls-labeled-vpn-subsequent-address-family/bgp-vpn-ipv6:vpn-ipv6-routes?content=nonconfig``
**Method:** ``GET``
.. tabs::
.. tab:: XML
**Response Body:**
.. code-block:: xml
<vpn-ipv6-routes xmlns="urn:opendaylight:params:xml:ns:yang:bgp-vpn-ipv6">
<vpn-route>
<path-id>0</path-id>
<route-key>mAXdcQABrBAALABlKgILgAAAAAE=</route-key>
<label-stack>
<label-value>24023</label-value>
</label-stack>
<attributes>
<local-pref>
<pref>100</pref>
</local-pref>
<extended-communities>
<route-target-extended-community>
<global-administrator>65000</global-administrator>
<local-administrator>AAAAZQ==</local-administrator>
</route-target-extended-community>
<transitive>true</transitive>
</extended-communities>
<ipv6-next-hop>
<global>2a02:b80:0:2::1</global>
</ipv6-next-hop>
<origin>
<value>igp</value>
</origin>
<as-path></as-path>
</attributes>
<route-distinguisher>172.16.0.44:101</route-distinguisher>
<prefix>2a02:b80:0:1::/64</prefix>
</vpn-route>
</vpn-ipv6-routes>
.. tab:: JSON
**Response Body:**
.. code-block:: json
{
"bgp-vpn-ipv6:vpn-ipv6-routes": {
"vpn-route": {
"route-key": "mAXdcQABrBAALABlKgILgAAAAAE=",
"path-id": 0,
"label-stack": {
"label-value":24023
},
"attributes": {
"extended-communities": {
"transitive": true,
"route-target-extended-community": {
"global-administrator": "65000",
"local-administrator": "AAAAZQ=="
}
},
"origin": {
"value": "igp"
},
"local-pref": {
"pref": 100
},
"ipv6-next-hop": {
"global": "2a02:b80:0:2::1"
}
},
"route-distinguisher": "172.16.0.44:101",
"prefix":"2a02:b80:0:1::/64"
}
}
}
IPv4 L3VPN Multicast
''''''''''''''''''''
The IPv4 L3VPN Multicast table in an instance of the speaker's Loc-RIB can be verified via REST:
**URL:** ``/rests/data/bgp-rib:bgp-rib/rib=bgp-example/loc-rib/tables=bgp-types:ipv4-address-family,bgp-types:mcast-mpls-labeled-vpn-subsequent-address-family/bgp-l3vpn-mcast:l3vpn-mcast-routes?content=nonconfig``
**Method:** ``GET``
.. tabs::
.. tab:: XML
**Response Body:**
.. code-block:: xml
<l3vpn-mcast-routes xmlns="urn:opendaylight:params:xml:ns:yang:bgp:l3vpn:mcast">
<l3vpn-mcast-route>
<path-id>0</path-id>
<route-key>mAXdcQABrBAALABlKgILgAAAAAE=</route-key>
<route-distinguisher>172.16.0.44:101</route-distinguisher>
<prefix>10.2.34.0/24</prefix>
<attributes>
<local-pref>
<pref>100</pref>
</local-pref>
<extended-communities>
<transitive>true</transitive>
<vrf-route-import-extended-community>
<inet4-specific-extended-community-common>
<global-administrator>10.0.0.1</global-administrator>
<local-administrator>123=</local-administrator>
</inet4-specific-extended-community-common>
</vrf-route-import-extended-community>
</extended-communities>
<ipv4-next-hop>
<global>127.16.0.44</global>
</ipv4-next-hop>
<origin>
<value>igp</value>
</origin>
<as-path></as-path>
</attributes>
</l3vpn-mcast-route>
</l3vpn-mcast-routes>
.. tab:: JSON
**Response Body:**
.. code-block:: json
{
"bgp:l3vpn:mcast:l3vpn-mcast-routes": {
"l3vpn-mcast-route": {
"route-key": "mAXdcQABrBAALABlKgILgAAAAAE=",
"path-id": 0,
"attributes": {
"extended-communities": {
"transitive": true,
"vrf-route-import-extended-community": {
"inet4-specific-extended-community-common": {
"global-administrator": "10.0.0.1",
"local-administrator": "123="
}
}
},
"origin": {
"value": "igp"
},
"local-pref": {
"pref": 100
},
"ipv4-next-hop": {
"global": "127.16.0.44"
}
},
"route-distinguisher": "172.16.0.44:101",
"prefix":"10.2.34.0/24"
}
}
}
IPv6 L3VPN Multicast
''''''''''''''''''''
The IPv4 L3VPN Multicast table in an instance of the speaker's Loc-RIB can be verified via REST:
**URL:** ``/rests/data/bgp-rib:bgp-rib/rib=bgp-example/loc-rib/tables=bgp-types:ipv6-address-family,bgp-types:mcast-mpls-labeled-vpn-subsequent-address-family/bgp-l3vpn-mcast:l3vpn-mcast-routes?content=nonconfig``
**Method:** ``GET``
.. tabs::
.. tab:: XML
**Response Body:**
.. code-block:: xml
<l3vpn-mcast-routes xmlns="urn:opendaylight:params:xml:ns:yang:bgp:l3vpn:mcast">
<l3vpn-mcast-route>
<path-id>0</path-id>
<route-key>mAXdcQABrBAALABlKgILgAAAAAE=</route-key>
<route-distinguisher>172.16.0.44:101</route-distinguisher>
<prefix>2a02:b80:0:1::/64</prefix>
<attributes>
<local-pref>
<pref>100</pref>
</local-pref>
<extended-communities>
<transitive>true</transitive>
<vrf-route-import-extended-community>
<inet4-specific-extended-community-common>
<global-administrator>10.0.0.1</global-administrator>
<local-administrator>123=</local-administrator>
</inet4-specific-extended-community-common>
</vrf-route-import-extended-community>
</extended-communities>
<ipv6-next-hop>
<global>2a02:b80:0:2::1</global>
</ipv6-next-hop>
<origin>
<value>igp</value>
</origin>
<as-path></as-path>
</attributes>
</l3vpn-mcast-route>
</l3vpn-mcast-routes>
.. tab:: JSON
**Response Body:**
.. code-block:: json
{
"bgp:l3vpn:mcast:l3vpn-mcast-routes": {
"l3vpn-mcast-route": {
"route-key": "mAXdcQABrBAALABlKgILgAAAAAE=",
"path-id": 0,
"attributes": {
"extended-communities": {
"transitive": true,
"vrf-route-import-extended-community": {
"inet4-specific-extended-community-common": {
"global-administrator": "10.0.0.1",
"local-administrator": "123="
}
}
},
"origin": {
"value": "igp"
},
"local-pref": {
"pref": 100
},
"ipv6-next-hop": {
"global": "2a02:b80:0:2::1"
}
},
"route-distinguisher": "172.16.0.44:101",
"prefix":"2a02:b80:0:1::/64"
}
}
}
Programming
^^^^^^^^^^^
This examples show how to originate and remove IPv4 L3VPN Unicast route via programmable RIB.
Make sure the *Application Peer* is configured first.
**URL:** ``/rests/data/bgp-rib:application-rib/10.25.1.9/tables=bgp-types:ipv4-address-family,bgp-types:mpls-labeled-vpn-subsequent-address-family/bgp-vpn-ipv4:vpn-ipv4-routes``
**Method:** ``POST``
.. tabs::
.. tab:: XML
**Content-Type:** ``application/xml``
**Request Body:**
.. code-block:: xml
<vpn-route xmlns="urn:opendaylight:params:xml:ns:yang:bgp-vpn-ipv4">
<path-id>0</path-id>
<route-key>vpn1</route-key>
<label-stack>
<label-value>123</label-value>
</label-stack>
<route-distinguisher>429496729:1</route-distinguisher>
<prefix>2.2.2.2/32</prefix>
<attributes>
<ipv4-next-hop>
<global>199.20.166.41</global>
</ipv4-next-hop>
<as-path/>
<origin>
<value>igp</value>
</origin>
<extended-communities>
<route-target-extended-community>
<global-administrator>65000</global-administrator>
<local-administrator>AAAAZQ==</local-administrator>
</route-target-extended-community>
<transitive>true</transitive>
</extended-communities>
</attributes>
</vpn-route>
.. tab:: JSON
**Content-Type:** ``application/json``
**Request Body:**
.. code-block:: json
{
"vpn-route": [
{
"route-key": "vpn1",
"path-id": 0,
"label-stack": [
{
"label-value": 123
}
],
"route-distinguisher": "429496729:1",
"attributes": {
"extended-communities": [
{
"transitive": true,
"route-target-extended-community": {
"global-administrator": 65000,
"local-administrator": "AAAAZQ=="
}
}
],
"ipv4-next-hop": {
"global": "199.20.166.41"
},
"origin": {
"value": "igp"
}
},
"prefix": "2.2.2.2/32"
}
]
}
-----
To remove the route added above, following request can be used:
**URL:** ``/rests/data/bgp-rib:application-rib/10.25.1.9/tables=bgp-types:ipv4-address-family,bgp-types:mpls-labeled-vpn-subsequent-address-family/bgp-vpn-ipv4:vpn-ipv4-routes/vpn-route/vpn1/0``
**Method:** ``DELETE``
References
^^^^^^^^^^
* `BGP/MPLS IP Virtual Private Networks (VPNs) <https://tools.ietf.org/html/rfc4364>`_
* `BGP-MPLS IP Virtual Private Network (VPN) Extension for IPv6 VPN <https://tools.ietf.org/html/rfc4659>`_
* `BGP/MPLS VPN Virtual PE <https://tools.ietf.org/html/draft-ietf-bess-virtual-pe-00>`_