Is there another way of filtering the routes you want to import into a vrf because the 'route-target export' and 'route-target import' imports ALL the routes tagged with the given 'asn:xx'. I wanted to have only selected routes imported from one vrf to another. Vrf 'import map' command does not work for me?
Does filtering makes sense or practical at vrf-vrf level? Where do you use 'import map' command?
Actually my needs are a little different. Instead of leaking between 2 VRFs, I need to leak to global. Have a default in my VRF that gets imported to global table.
Goals: 1. At hub and spoke both sites, let ISP connection run in a separate VRF. Gets a little extra security from internet.
2. When ISP connection is active, let each site route its traffic out to internet directly. However when the local ISP connection fails, remove the default route that points to ISP so that OSPF learned default from the hub site routes all traffic to hub and puts on internet.
What's working: DMVPN tunnels work fine across INET VRF.
What's not working: 1. The IP SLA tracked route leak to global VRF is not working. Traffic doesn't go out to internet directly using local connection.
I followed following example for this configuration. http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/multiprotocol-label-switching-vpns-mpls-vpns/47807-routeleaking.html
Any suggestions? Is it possible or supported configuration?
Below is a diagram of my setup.
Below is my relevant config snapshot. 220.127.116.11 is actually my another FW in front in the lab that does all NAT and provides internet connection to this lab.
ip sla auto discovery ip sla 1 icmp-echo 18.104.22.168 source-ip 22.214.171.124 vrf INET ip sla schedule 1 life forever start-time now ! ip route 0.0.0.0 0.0.0.0 GigabitEthernet0/1 126.96.36.199 track 1 ip route vrf INET 0.0.0.0 0.0.0.0 188.8.131.52
Cisco Champion Radio · S8|E9 Innovations to Achieve a Trustworthy Infrastructure
How do you know for certain that a router in your network has not been altered with since you deployed it? Wouldn’t it be great if you can cryptographically challenge your r...
IOS upgrade on asr9xx mandates rommon upgrades sometimes while they can be optional at other times. You may land up in unwanted situation if proper procedure is not followed during upgrades.
This article will include complete details about rommon ...
In some situation NCS560 RP become unresponsive after reload or powercycle.
In many deployments NCS560 far edge, deployment is large and human intervention should be kept at minimum
Engineering team have been working on a strategy to have functi...
In simple terms, 'Route Churn' is defined as the 'rate of change of prefixes'. Different XR versions across 4.x to 7.x have differing behavior & support for the BGP churn handling and some enhancements made from 6.5.3 onwards (listed in appendix) mak...
Prior to Cisco IOS XR Software Release 7.1.2, XR dual RP devices did not support file mirroring from active RP to standby RP. Administrators had to manually perform the task or use EEM scripts to sync files across active RP and stand...