cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
4493
Views
5
Helpful
17
Replies

Why are the routes imported from Global NOT advertivsed ?

gongya001
Level 1
Level 1

I have the following configuration:

ip vrf CustA
 rd 100:1
 import ipv4 unicast map global2vrf
 route-target export 1:1
 route-target import 1:1
 route-target import 2:2

router bgp 65008
 bgp log-neighbor-changes
 no bgp default ipv4-unicast
 neighbor 140.142.41.9 remote-as 4500
 neighbor 192.168.1.5 remote-as 65005
 neighbor 192.168.1.5 ebgp-multihop 255
 !
 address-family ipv4
  network 0.0.0.0
  network 140.142.41.0 mask 255.255.255.0
  neighbor 140.142.41.9 activate
 exit-address-family
 !
 address-family vpnv4
  neighbor 192.168.1.5 activate
  neighbor 192.168.1.5 send-community both
 exit-address-family
 !
 address-family ipv4 vrf CustA
  network 128.208.90.0 mask 255.255.255.252
  redistribute connected
 exit-address-family

 

ip prefix-list global-acl seq 5 permit 0.0.0.0/0
ip prefix-list global-acl seq 10 permit 140.142.41.0/24
!
route-map global2vrf permit 10
 match ip address prefix-list global-acl

 

ip route 0.0.0.0 0.0.0.0 140.142.41.9

---------------------------------------------------------------------------------

mixing#show ip bgp vpnv4 vrf CustA
BGP table version is 27, local router ID is 6.6.6.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf CustA)
Import Map: global2vrf, Address-Family: IPv4 Unicast, Pfx Count/Limit: 2/1000
Export Map: vrf2global, Address-Family: IPv4 Unicast, Pfx Count/Limit: 0/1000
 *>  0.0.0.0          140.142.41.9             0         32768 i
 *>  1.1.1.0/24       192.168.1.5         409600             0 65005 ?
 *>  10.1.1.0/24      192.168.1.5              0             0 65005 ?
 *>  10.2.1.0/24      192.168.1.5              0             0 65005 ?
 *>  10.10.10.0/24    192.168.1.5         409600             0 65005 ?
 *>  30.30.30.0/24    192.168.1.5         409600             0 65005 ?
 *>  128.208.90.0/30  0.0.0.0                  0         32768 i
 *>  128.208.90.4/30  0.0.0.0                  0         32768 i
 *>  140.142.41.0/24  0.0.0.0                  0         32768 i

 

mixing#show ip bgp vpnv4 all neighbors 192.168.1.5 advertised-routes
BGP table version is 27, local router ID is 6.6.6.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
              r RIB-failure, S Stale, m multipath, b backup-path, f RT-Filter,
              x best-external, a additional-path, c RIB-compressed,
Origin codes: i - IGP, e - EGP, ? - incomplete
RPKI validation codes: V valid, I invalid, N Not found

     Network          Next Hop            Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf CustA)
Import Map: global2vrf, Address-Family: IPv4 Unicast, Pfx Count/Limit: 2/1000
Export Map: vrf2global, Address-Family: IPv4 Unicast, Pfx Count/Limit: 0/1000
 *>  128.208.90.0/30  0.0.0.0                  0         32768 i
Route Distinguisher: 200:2 (default for vrf CustB)
 *>  128.208.90.4/30  0.0.0.0                  0         32768 i

Total number of prefixes 2

 

Why is 0.0.0.0/0 NOT advertised to its peer ?

 

17 Replies 17

Nagendra Kumar Nainar
Cisco Employee
Cisco Employee
Hi
Any route imported from other VRF or GRT will be treated as iBGP learnt and so will not be advertised back to other BGP neighbors. So this is an expected behavior

Any customized way to advertise the prefix imported into vrf, route-reflector?

how is this configured to achieve this ?

https://mellowd.co.uk/ccie/?p=3645

 

thanks !!

My bgp is eBGP, but any routes imported from global are not advertised to neighbors.

any ideas ?

thanks for your help !!

can you provide a "show bgp vpnv4 uni all <prefix>" for the prefix that is not getting sent to the ebgp neighbor. In principle, these routes should sent over the eBGP session in the VRF.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Topology
mixing-router (AS 65008) ---- P router ------ PE1
On mixing-router
router bgp 65008
bgp log-neighbor-changes
no bgp default ipv4-unicast
neighbor 140.142.41.9 remote-as 4500
neighbor 192.168.1.5 remote-as 65005
neighbor 192.168.1.5 ebgp-multihop 255
!
address-family ipv4
network 0.0.0.0
network 140.142.41.0 mask 255.255.255.0
neighbor 140.142.41.9 activate
exit-address-family
!
address-family vpnv4
neighbor 192.168.1.5 activate
neighbor 192.168.1.5 send-community both
neighbor 192.168.1.5 next-hop-self
exit-address-family
!
address-family ipv4 vrf CustA
network 128.208.90.0 mask 255.255.255.252
redistribute connected
exit-address-family
mixing#show ip bgp vpnv4 all summary | b Neighbor
Neighbor V AS MsgRcvd MsgSent TblVer InQ OutQ Up/Down State/PfxRcd
192.168.1.5 4 65005 8 8 13 0 0 00:02:44 2

mixing#show ip bgp vpnv4 all | b Network
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf CustA)
Import Map: global2vrf, Address-Family: IPv4 Unicast, Pfx Count/Limit: 3/1000
Export Map: vrf2global, Address-Family: IPv4 Unicast, Pfx Count/Limit: 2/1000
*> 0.0.0.0 140.142.41.9 0 32768 i
*> 1.1.1.0/24 192.168.1.5 409600 0 65005 ?
*> 9.9.9.9/32 140.142.41.9 0 0 4500 i
*> 10.1.1.0/24 192.168.1.5 0 0 65005 ?
*> 128.208.90.0/30 0.0.0.0 0 32768 i
*> 128.208.90.4/30 0.0.0.0 0 32768 i
*> 140.142.41.0/24 0.0.0.0 0 32768 i
mixing#$ vpnv4 all neighbors 192.168.1.5 advertised-routes | b Network
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 100:1 (default for vrf CustA)
Import Map: global2vrf, Address-Family: IPv4 Unicast, Pfx Count/Limit: 3/1000
Export Map: vrf2global, Address-Family: IPv4 Unicast, Pfx Count/Limit: 2/1000
*> 128.208.90.0/30 0.0.0.0 0 32768 i
mixing#show bgp vpnv4 uni all 0.0.0.0/0
BGP routing table entry for 100:1:0.0.0.0/0, version 2
Paths: (1 available, best #1, table CustA)
Not advertised to any peer
Refresh Epoch 1
Local, imported path from 0.0.0.0/0 (global)
140.142.41.9 (via default) from 0.0.0.0 (6.6.6.1)
Origin IGP, metric 0, localpref 100, weight 32768, valid, external, no-import, no-import, best
rx pathid: 0, tx pathid: 0x0

thanks so much for help !!



I thought you meant that the eBGP session was ipv4 unicast in a VRF. This would have worked. But on a eBGP with address family vpnv4, it will definitely not work. The reason is that routes that are imported in the VRF from VPNv4 or from global can not be exported back into VPNv4.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

thanks so much for explanation.
I came across this link where it shows how it works, but the author did not have the configuration.
https://mellowd.co.uk/ccie/?p=3645
Can you take a look ?

Hi,

 

In the URL you provided, the session between R4 and R6 and the one between R5 and R6 are actually ipv4 unicast eBGP sessions under address family ipv4 vrf CUS1. So in this case it will definitely work, as stated in my previous post.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

In my understanding, the author imported a route into R2, then R2 advertised it to R4.

 

R2#sh run | sec router bgp

router bgp 100

!

 address-family ipv4

  network 10.0.12.0 mask 255.255.255.0

 

R4#sh ip route vrf CUS1 10.0.12.0

 

Routing Table: CUS1

Routing entry for 10.0.12.0/24

  Known via "bgp 100", distance 200, metric 0, type internal

  Last update from 2.2.2.2 00:00:35 ago

  Routing Descriptor Blocks:

  * 2.2.2.2 (default), from 2.2.2.2, 00:00:35 ago

      Route metric is 0, traffic share count is 1

      AS Hops 0

      MPLS label: none

 

Anything I missed ?

 

thanks !!

Copying global routes to VRF

First, let’s check the VRF route-table on R4 to make sure we don’t have any global routes in the vrf yet. R1’s address is 10.0.12.1/24

After leaking R1 's prefix into R2, the R2 advertised it to R4, right ?

R4#sh ip route vrf CUS1 10.0.12.0

Routing Table: CUS1

Routing entry for 10.0.12.0/24

  Known via "bgp 100", distance 200, metric 0, type internal

  Last update from 2.2.2.2 00:00:35 ago

  Routing Descriptor Blocks:

  * 2.2.2.2 (default), from 2.2.2.2, 00:00:35 ago

      Route metric is 0, traffic share count is 1

      AS Hops 0

      MPLS label: none

 

thanks so much !!

R1 route (10.0.12.0/24) is injected in BGP (global), it is then received by R4 (and R5 I suppose) and R4 imports it in the VRF. You should then be able to propagate it to R6 if you run an eBGP session (AF ipv4 unicast) withing the VRF context towards R6.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

thanks so much for patient explanation to me.

I thought I misunderstood what the author said in his post.

 

Have a nice weekend !!

> In my understanding, the author imported a route into R2, then R2 advertised it to R4.

 

This is correct. It looks ike it is also advertised to R5. These two routers act as PEs and in turn propagate the route to R6.

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Harold:

     Did you have a chance to take a look at what I posted last night ?

 

thanks so much for your help !!