Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2307
Views
6
Helpful
3
Replies

Two VRF to exchange routes... except default

Go to solution
steven.crutchley
Level 1
Level 1

‎08-09-2014 05:35 PM

I have two vrfs configured on my PE routers (within GNS3). The original setup is pretty simple, as follows:

 

ip vrf VRF_A
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
ip vrf VRF_B
 rd 100:2
 route-target export 100:2
 route-target import 100:2
!

 

I want these two VRFs to exchange routes, except for their default routes. As such I have done the following:

 

ip prefix-list blockDefault seq 5 deny 0.0.0.0/0
ip prefix-list blockDefault seq 50 permit 0.0.0.0/0 le 32

route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10
 match ip address prefix-list blockDefault
 set extcommunity rt 100:10

route-map ALL_EXCEPT_DEFAULT_VPN_B  permit 10
 match ip address prefix-list blockDefault
 set extcommunity rt 100:20


ip vrf VRF_A
 rd 100:1
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target export 100:1
 route-target import 100:20
 route-target export 100:20
!
ip vrf VRF_B
 rd 100:2
 export map ALL_EXCEPT_DEFAULT_VRF_B
 route-target import 100:2
 route-target export 100:2
 route-target import 100:10
 route-target export 100:10
!

 

Now I am finding that, even thoughI can see the routes from VRF_A in VRF_B, I am actually losing routes that were once in VRF_A from the routing table (and vica versa).

 

Can someone advise if I have the above configuration correct?

 

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rolf Fischer
Level 9
Level 9

‎08-10-2014 03:23 AM

Hi Steven,

the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.

There are several ways to accomplish the task, e.g.:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0
!
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10
 match ip address prefix-list DEFAULT-ROUTE
 ! do nothing
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20
 ! every other prefix
 set extcommunity rt 100:10 additive
!
ip vrf VRF_A
 rd 100:1 
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target import 100:20 
 route-target export 100:1
! 
(...)

Result:

R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2
R1#! a prefix originated in VRF_A
R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1 RT:100:10
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:1 RT:100:10
R1#! a prefix originated in VRF_B
R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:2 RT:100:20
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2 RT:100:20

 

HTH

Rolf

View solution in original post

3 Replies 3

Go to solution
Rolf Fischer
Level 9
Level 9

‎08-10-2014 03:23 AM

Hi Steven,

the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.

There are several ways to accomplish the task, e.g.:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0
!
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10
 match ip address prefix-list DEFAULT-ROUTE
 ! do nothing
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20
 ! every other prefix
 set extcommunity rt 100:10 additive
!
ip vrf VRF_A
 rd 100:1 
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target import 100:20 
 route-target export 100:1
! 
(...)

Result:

R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2
R1#! a prefix originated in VRF_A
R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1 RT:100:10
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:1 RT:100:10
R1#! a prefix originated in VRF_B
R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:2 RT:100:20
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2 RT:100:20

 

HTH

Rolf

Go to solution
Rolf Fischer
Level 9
Level 9
In response to Rolf Fischer

‎08-10-2014 03:23 AM

Also have a look at your route-map names (VPN <> VRF):

route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10
!
ip vrf VRF_A
 export map ALL_EXCEPT_DEFAULT_VRF_A

 

HTH

Rolf

0 Helpful
Customers Also Viewed These Support Documents