08-09-2014 05:35 PM
I have two vrfs configured on my PE routers (within GNS3). The original setup is pretty simple, as follows:
ip vrf VRF_A
rd 100:1
route-target export 100:1
route-target import 100:1
!
ip vrf VRF_B
rd 100:2
route-target export 100:2
route-target import 100:2
!
I want these two VRFs to exchange routes, except for their default routes. As such I have done the following:
ip prefix-list blockDefault seq 5 deny 0.0.0.0/0
ip prefix-list blockDefault seq 50 permit 0.0.0.0/0 le 32
route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10
match ip address prefix-list blockDefault
set extcommunity rt 100:10
route-map ALL_EXCEPT_DEFAULT_VPN_B permit 10
match ip address prefix-list blockDefault
set extcommunity rt 100:20
ip vrf VRF_A
rd 100:1
export map ALL_EXCEPT_DEFAULT_VRF_A
route-target import 100:1
route-target export 100:1
route-target import 100:20
route-target export 100:20
!
ip vrf VRF_B
rd 100:2
export map ALL_EXCEPT_DEFAULT_VRF_B
route-target import 100:2
route-target export 100:2
route-target import 100:10
route-target export 100:10
!
Now I am finding that, even thoughI can see the routes from VRF_A in VRF_B, I am actually losing routes that were once in VRF_A from the routing table (and vica versa).
Can someone advise if I have the above configuration correct?
Solved! Go to Solution.
08-10-2014 03:23 AM
Hi Steven,
the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.
There are several ways to accomplish the task, e.g.:
ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0 ! route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10 match ip address prefix-list DEFAULT-ROUTE ! do nothing route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20 ! every other prefix set extcommunity rt 100:10 additive ! ip vrf VRF_A rd 100:1 export map ALL_EXCEPT_DEFAULT_VRF_A route-target import 100:1 route-target import 100:20 route-target export 100:1 ! (...)
Result:
R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT Paths: (1 available, best #1, table VRF_A) Extended Community: RT:100:1 Paths: (1 available, best #1, table VRF_B) Extended Community: RT:100:2 R1#! a prefix originated in VRF_A R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT Paths: (1 available, best #1, table VRF_A) Extended Community: RT:100:1 RT:100:10 Paths: (1 available, best #1, table VRF_B) Extended Community: RT:100:1 RT:100:10 R1#! a prefix originated in VRF_B R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT Paths: (1 available, best #1, table VRF_A) Extended Community: RT:100:2 RT:100:20 Paths: (1 available, best #1, table VRF_B) Extended Community: RT:100:2 RT:100:20
HTH
Rolf
08-10-2014 03:23 AM
Hi Steven,
the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.
There are several ways to accomplish the task, e.g.:
ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0 ! route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10 match ip address prefix-list DEFAULT-ROUTE ! do nothing route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20 ! every other prefix set extcommunity rt 100:10 additive ! ip vrf VRF_A rd 100:1 export map ALL_EXCEPT_DEFAULT_VRF_A route-target import 100:1 route-target import 100:20 route-target export 100:1 ! (...)
Result:
R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT Paths: (1 available, best #1, table VRF_A) Extended Community: RT:100:1 Paths: (1 available, best #1, table VRF_B) Extended Community: RT:100:2 R1#! a prefix originated in VRF_A R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT Paths: (1 available, best #1, table VRF_A) Extended Community: RT:100:1 RT:100:10 Paths: (1 available, best #1, table VRF_B) Extended Community: RT:100:1 RT:100:10 R1#! a prefix originated in VRF_B R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT Paths: (1 available, best #1, table VRF_A) Extended Community: RT:100:2 RT:100:20 Paths: (1 available, best #1, table VRF_B) Extended Community: RT:100:2 RT:100:20
HTH
Rolf
08-10-2014 03:23 AM
Also have a look at your route-map names (VPN <> VRF):
route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10 ! ip vrf VRF_A export map ALL_EXCEPT_DEFAULT_VRF_A
HTH
Rolf
04-15-2017 12:28 PM
Remove and reattach the map.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: