I tried this command and it did not help. I am still not able to ping the PC IP address from router using VRF. 

Check the arp table on the router - "show ip arp vrf A" to be sure you have L2 connectivity between the router and the PC in VRF "A" over Gi 0/1/1.123 subinterface  

I did ran the command "show ip arp vrf A" and I do not see the entry for the PC IP address (X.Y.100.1) that I am pinging in there. 

Here are the IPs

PC: X.Y.100.1

Router (Gi 0/0/0, Global): X.Y.100.254

Router (Gi 0/0/1.123, VRF A): A.B.100.2

When pinging global to X.Y.100.1, it is working fine. When pinging using vrf to the same address, it is not working. 

Hope this helps!

Share config you use.

On Router:

int Gi 0/0/0

ip vrf receive A

ip address X.Y.100.254 255.255.255.0

ip policy route-map GRT_TO_VRF

ip access list standard Leak_Route

permit X.Y.100.1 

route-map GRT_TO_VRF permit 10

match ip address Leak_Route

set ip vrf A next-hop A.B.100.3

I apologize, I will take my words back. I don't see an arp entry for the PC IP address under "show ip arp vrf A" table. However, I do see the entry in the regular arp table. 

Hi @jhonnywblue ,

> I don't see an arp entry for the PC IP address under "show ip arp vrf A" table. However, I do see the entry in the regular arp table.

This is normal, as the PC is connected to the interface that belongs to the GRT, hence ARP will take place in the GRT for the PC.

Do you have a route in the VRF for the GRT subnet?

Do you have a route in the GRT for the VRF subnet?

If not, it will not work.

Try the following:

1. remove the "ip vrf receive" that is currently configured.

2. add "ip route A.B.100.0 <A.B.100.0 subnet mask> Gi0/1/1.123

3. add "ip route vrf A X.Y.100.1 255.255.255.255 Gi 0/0/0 X.Y.100.1

4. make sure the PC has a default gateway pointing to X.Y.100.254

Regards,

Thank you for the reply. I will give a shot. Yes, I do see a route inside VRF for the GRT subnet. I added a static route for the VRF subnet into GRT, but that did not work, so I deleted that static route. 

Currently, I don't have a route inside GRT for VRF subnet. 

Hi Harold,

It still did not resolve the issue after I applied the recommended steps on the router. I couldn't ping the PC IP address using VRF. I even lost the pings for the router IP X.Y.100.254 using VRF. 

Hi @jhonnywblue ,

Can you source the ping from the Gi0/1/1.123 interface as follow:

ping vrf A X.Y.100.1 source Gi0/1/1.123

Regards,

I tried that and it did not work. 

Can you run "deb ip icmp" on the router, run the ping again and see what messages you get.

Regards,

After running "debug ip icmp" command on the router and initiating pings, I don't see any logs on the screen. I see logs of successful pings to different interfaces though.