Cisco Community
English
Register
Community will be in Read-only Mode from April 11 at 11:00 PM PT to Monday April 12 at 9:00 PM PT - READ DETAILS HERE
Register
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
390
Views
0
Helpful
1
Replies
andrew.butterworth
Rising star
Rising star
‎02-18-2021 08:07 AM
‎02-18-2021 08:07 AM

Import IPv6 prefixes from Global into VRF - platform limitation Catalyst 3750x?

I am in the process of building a SD Access Lab.  My Fusion routers are Cisco Catalyst 3750X's running the latest IOS 15.2(4)E10 with IP Services Licenses and the dual IPv4, IPv6 SDM template (sdm prefer dual-ipv4-and-ipv6 default).

We currently have three routing tables - the GRT and two VRFs; one for Shared-Services and one for the Underlay.  There is a link to a firewall in the GRT that has IPv4 & IPv6 addresses.  The IPv4 is NAT'd by the Firewall but the IPv6 address is unique (we have a /56 prefix and the link to the firewall uses a /64 from this).

We seem to have hit a platform limitation with the Catalyst 3750X in that it can't import IPv6 prefixes from the GRT to the VRF like we can with IPv4.

If you look at the following snippet of config:

vrf definition SHARED-SERVICES
 rd 111:111
 route-target export 111:111
 route-target import 111:111
 route-target import 222:222
 !
 address-family ipv4
  import ipv4 unicast map GLOBAL-TO-VRF
  export ipv4 unicast map VRF-TO-GLOBAL
 exit-address-family
 !
 address-family ipv6
  import map GLOBAL-TO-VRF-IPv6
  export ipv6 unicast map VRF-TO-GLOBAL-IPv6
 exit-address-family
!
vrf definition UNDERLAY
 rd 222:222
 route-target export 222:222
 route-target import 222:222
 route-target import 111:111
 !
 address-family ipv4
 exit-address-family
 !
 address-family ipv6
 exit-address-family

Under the address-family ipv6 for the VRF SHARED-SERVICES we can add 'export ipv6 unicast map xxx', however for the import there is no option for 'ipv6', there is just the 'map' option.  Se we can export IPv6 prefixes from this VRF to the GRT but can't import them.

With IPv4 we have the option to import and export 'ipv4'.

 

I have tried this on a Catalyst 3650 and the 'import ipv6 map xxx' command is available under the address-family ipv6 so I'm pretty sure it is a platform limitation.

 

Other than putting the link to the firewall in another VRF is there a way around this?

 

Cheers

Andy

Labels:
0 Helpful
1 REPLY 1
ngkin2010
Enthusiast
Enthusiast
‎02-28-2021 01:35 AM
‎02-28-2021 01:35 AM

Hi,

 

How about using static route like:

 

ipv6 route vrf A ::/0 2000::1 nexthop-vrf default
0 Helpful
Latest Contents
Living on the Edge with the Secure Cats
Created by almuench on 04-07-2021 01:34 PM
0
0
0
0
The cat's out of the bag! In October 2020, Cisco announced the Next Generation of Enterprising Routing Platforms: the Catalyst 8000 Edge Platforms Family including the Catalyst 8200, Catalyst 8300, Catalyst 8500, and Catalyst 8000V. The new family of Cats... view more
Community Live- Smart Licensing Using Policy (Routing) – A S...
Created by Cisco Moderador on 04-06-2021 06:31 AM
0
0
0
0
Community Live- Smart Licensing Using Policy (Routing) – A Simplified Licensing Approach (Live event -  Tuesday, 18 May, 2021 at 9:00 am Pacific/ 1:00 pm Eastern / 7:00 pm Paris) This event will have place on Tuesday 18th, May 2021 at 9:00 hrs PDT&nb... view more
Networking and Data Center Products Overview (Spring 2021)
Created by Kelli Glass on 03-31-2021 12:46 PM
0
0
0
0
Welcome to the overview guide that covers the latest in Cisco Networking and Data Center innovations and new product introductions. You'll find information on Intent Based Networking updates, special promotions and free trials, as well as exclusive upcom... view more
**New Episode** Cisco Champion Radio: S8|E13 Build Your IT F...
Created by aalesna on 03-30-2021 02:52 PM
0
0
0
0
Listen: https://smarturl.it/CCRS8E13 99% of organizations use certifications to make hiring decisions. The reason is simple: Cisco certifications bring valuable, measurable rewards to certified IT professionals and the organizations that employ them.... view more
Cisco AI Endpoint Analytics - Deployment Guide
Created by kthiruve on 03-29-2021 06:15 PM
0
5
0
5
Cisco AI Endpoint Analytics – Deployment guide This deployment guide is meant for Cisco AI Endpoint Analytics adoption for customers, partners and everyone focusing on Endpoint Visibility and to how achieve it with Endpoint Analytics. It has sections that... view more
Content for Community-Ad

This widget could not be displayed.