cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1132
Views
6
Helpful
3
Replies
Highlighted

Two VRF to exchange routes... except default

I have two vrfs configured on my PE routers (within GNS3). The original setup is pretty simple, as follows:

 

ip vrf VRF_A
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
ip vrf VRF_B
 rd 100:2
 route-target export 100:2
 route-target import 100:2
!

 

I want these two VRFs to exchange routes, except for their default routes. As such I have done the following:

 

ip prefix-list blockDefault seq 5 deny 0.0.0.0/0
ip prefix-list blockDefault seq 50 permit 0.0.0.0/0 le 32

route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10
 match ip address prefix-list blockDefault
 set extcommunity rt 100:10

route-map ALL_EXCEPT_DEFAULT_VPN_B  permit 10
 match ip address prefix-list blockDefault
 set extcommunity rt 100:20


ip vrf VRF_A
 rd 100:1
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target export 100:1
 route-target import 100:20
 route-target export 100:20
!
ip vrf VRF_B
 rd 100:2
 export map ALL_EXCEPT_DEFAULT_VRF_B
 route-target import 100:2
 route-target export 100:2
 route-target import 100:10
 route-target export 100:10
!

 

Now I am finding that, even thoughI can see the routes from VRF_A in VRF_B, I am actually losing routes that were once in VRF_A from the routing table (and vica versa).

 

Can someone advise if I have the above configuration correct?

 

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
Engager

Hi Steven,

Hi Steven,

the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.

There are several ways to accomplish the task, e.g.:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0
!
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10
 match ip address prefix-list DEFAULT-ROUTE
 ! do nothing
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20
 ! every other prefix
 set extcommunity rt 100:10 additive
!
ip vrf VRF_A
 rd 100:1 
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target import 100:20 
 route-target export 100:1
! 
(...)
 

Result:

R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2
R1#! a prefix originated in VRF_A
R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1 RT:100:10
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:1 RT:100:10
R1#! a prefix originated in VRF_B
R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:2 RT:100:20
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2 RT:100:20

 

HTH

Rolf

View solution in original post

3 REPLIES 3
Highlighted
Engager

Hi Steven,

Hi Steven,

the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.

There are several ways to accomplish the task, e.g.:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0
!
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10
 match ip address prefix-list DEFAULT-ROUTE
 ! do nothing
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20
 ! every other prefix
 set extcommunity rt 100:10 additive
!
ip vrf VRF_A
 rd 100:1 
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target import 100:20 
 route-target export 100:1
! 
(...)
 

Result:

R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2
R1#! a prefix originated in VRF_A
R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1 RT:100:10
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:1 RT:100:10
R1#! a prefix originated in VRF_B
R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:2 RT:100:20
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2 RT:100:20

 

HTH

Rolf

View solution in original post

Highlighted
Engager

Also have a look at your

Also have a look at your route-map names (VPN <> VRF):

route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10
!
ip vrf VRF_A
 export map ALL_EXCEPT_DEFAULT_VRF_A

 

HTH

Rolf

Highlighted
Beginner

Remove and reattach the map.

Remove and reattach the map.

CCNA Training in Marathahalli

CreatePlease to create content
Content for Community-Ad

Cisco COVID-19 Survey