Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1480
Views
0
Helpful
1
Replies

IP VRF to VRF Definition Import-Map behaviour changes

neil grant
Level 1
Level 1

‎09-03-2014 01:41 AM

Have the import rules changed from IP VRF syntax (IPV4 only) to VRF Definitions (IPV4&6)?

 

The issue being we have a management VRF which is used for access, monitoring, archiving.  which works well in the IP vrf sytnax example:   

 

ip vrf A-IPVPN
 rd 9282:1002
 import map Customer-Mgmt-Infrastructure
 route-target export 9282:1002
 route-target import 9282:1002
 route-target import 9282:1999

 

ip vrf Customer-Mgmt
 rd 9282:1999
 import map Import-Customer-Mgmt
 route-target export 9282:1999
 route-target import 9282:1999
 route-target import 9282:2010
 route-target import 9282:1002
 route-target import 9282:2011
 route-target import 9282:1005

 

route-map Import-Customer-Mgmt permit 10
 match ip address prefix-list Customer-Mgmt-CPE

ip prefix-list Customer-Mgmt-CPE: 2 entries
   seq 5 deny 169.254.254.0/24
   seq 10 permit 169.254.0.0/16 le 32

 

This allows all PE's to learn Customers Routes and import and export management details, I believe I have followed best practice and the result is what I would expect, however since creating some new customers with the vrf definition syntax it appears that the Import-Customer-Mgmt now filters out BGP routes within the Local VRF PE-PE, however the the routes are visible via :

 

show ip bgp vpnv4 rd  

 

 but not imported into BGP table.

 

Vrf definition 

rf definition S-C-IPVPN
 rd 9282:1005
 route-target export 9282:1005
 route-target import 9282:1005
 route-target import 9282:1999

 !
 address-family ipv4
  import map Customer-Mgmt-Infrastructure
 exit-address-family

 

After hitting my head against a wall for longer than I would like to admit, I removed the import map and routes in the RD are installed into the BGP Table?

 

My question is, is this now default behaviour or is it a bug in our particular version (asr1002x-universalk9.03.09.01.S.153-2.S1.SPA.bin)

 

I had been considering upgrading our syntax using the vrf upgrade-cli, glad i didnt as this would have caused a major outage as we use the a fair amount of import maps with our Internet transit circuits.

 

If this is normal behaviour what it the best way to match and permit Local vrf RD? baring in mind I would like ideally to reuse the same route-map.    

 

I will continue to investigate,  but if anyone has had experience of this behaviour I would appropriate there input 

 

Regard Neil 

 

 

Regards Neil http://uk.linkedin.com/pub/neil-grant/20/5b0/267
Labels:
0 Helpful
1 Reply 1

neil grant
Level 1
Level 1

‎09-03-2014 02:54 AM

The following route map has no impact:

 

route-map Customer-Mgmt-Infrastructure-2 permit, sequence 10
  Match clauses:
    community (community-list filter): S-C-IPVPN
  Set clauses:
  Policy routing matches: 0 packets, 0 bytes

 

Named Community expanded list S-C-IPVPN
    permit RT:9282:1005

 

Think i will need to lab up.

 

Neil

Regards Neil http://uk.linkedin.com/pub/neil-grant/20/5b0/267
0 Helpful
Customers Also Viewed These Support Documents