Solved: Re: Why one RT is exported successful, another isn't? - Page 2

CSCO11020330 · ‎12-08-2011

Hi all

Does anyone here have an idea to why i couldn't export one network prefix from VRF A to VRF B, but I could successfully export a prefix from VRF B into VRF A?

I have attached the stats and config here.

Any advices are welcome and appreciated for your help.

Kishore Chennupati · ‎12-10-2011

Hi Guys,

My 10 cents here.

Robo,

After I read all sorts of articles relating to VRF lite, VRF route leaks are not easily perform by export map with additive keyword. it can accept the RT exchange between VRFs via the first RT or original RT.

As it is a form of VRF-lite, the extended communities are not exchanged by MPLS Core ( it is lack of "neighb xxxx send-community extended/both" under AF vpnv4 pointing towards core), the 2nd additive extended community RT should not be exported successfully. However, I have my half "successful" example there..... why....?

This is not true. whether its a VRF-Lite or a full blown L3 MPLS VPN, the way the communites work in BGP are the same. Allow me to explain a bit here.

With VRF-Lite although you dont have VPNV4 peering with another BGP speaker the route-targets still end up in the sAFI table(vpnv4) as these RT's are extended communities and must be available in MP-BGP to be picked up by other VRF's by using import option.

You would use the "neighb xxxx send-community" only when you have vpnv4 bgp peers . but in this since we are talking about VRF-Lite this is not needed unless these prefixes need to be transported to a another router elsewhere.

I have labbed this for you to show what I mean and pasting it here

R1#sh run

hostname R1

ip cef

ip vrf A

rd 100:1

route-target export 100:1

route-target import 100:1

route-target import 300:3

!

ip vrf B

rd 200:1

export map B-to-A

route-target export 200:1

route-target import 200:1

!

interface Loopback1

ip address 1.1.1.1 255.255.255.255

!

interface Loopback22

ip vrf forwarding B

ip address 22.22.22.22 255.255.255.255

!

interface GigabitEthernet2/0.10

encapsulation dot1Q 10

ip vrf forwarding A

ip address 10.1.1.1 255.255.255.0

!

interface GigabitEthernet2/0.20

encapsulation dot1Q 20

ip vrf forwarding B

ip address 20.1.1.1 255.255.255.0

!

router bgp 6500

no synchronization

bgp log-neighbor-changes

no auto-summary

!

address-family ipv4 vrf B

redistribute connected

no synchronization

exit-address-family

!

address-family ipv4 vrf A

redistribute connected

no synchronization

exit-address-family

access-list 10 permit 22.22.22.22

route-map B-to-A permit 10

match ip address 10

set extcommunity rt 300:3 additive

!

end

R1# sh ip bgp vpnv4 vrf B 22.22.22.22

BGP routing table entry for 200:1:22.22.22.22/32, version 8

Paths: (1 available, best #1, table B)

Not advertised to any peer

Local

0.0.0.0 from 0.0.0.0 (1.1.1.1)

Origin incomplete, metric 0, localpref 100, weight 32768, valid, sourced, best

Extended Community: RT:200:1 RT:300:3 <<< Has the additive RT added

mpls labels in/out 18/nolabel(B)

R1#

R1#sh ip route vrf A

Routing Table: A

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

22.0.0.0/32 is subnetted, 1 subnets

B 22.22.22.22 is directly connected, 00:12:58, Loopback22 << imported here

10.0.0.0/24 is subnetted, 1 subnets

C 10.1.1.0 is directly connected, GigabitEthernet2/0.10

R1#

R1#sh ip route vrf B

Routing Table: B

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

20.0.0.0/24 is subnetted, 1 subnets

C 20.1.1.0 is directly connected, GigabitEthernet2/0.20

22.0.0.0/32 is subnetted, 1 subnets

C 22.22.22.22 is directly connected, Loopback22 <<<< Exporting this prefix

R1#

R1#sh route-map

route-map B-to-A, permit, sequence 10

Match clauses:

ip address (access-lists): 10

Set clauses:

extended community RT:300:3 additive <<< Additive keyword for exporting this to vpnv4 table

Policy routing matches: 0 packets, 0 bytes

R1#sh ip access-lists

Standard IP access list 10

10 permit 22.22.22.22 (2 matches)

R1#

BTW: Robo , I am just going thru your config now.

HTH

Kishore

Kishore Chennupati · ‎12-10-2011

umm strange. I tried using bgp as well just like your case and it works for me.

R1#sh ip route vrf B 50.50.50.50

Routing entry for 50.50.50.50/32

Known via "bgp 6500", distance 20, metric 0

Tag 6501, type external

Last update from 20.1.1.2 00:15:54 ago

Routing Descriptor Blocks:

* 20.1.1.2, from 20.1.1.2, 00:15:54 ago

Route metric is 0, traffic share count is 1

AS Hops 1

Route tag 6501

R1#sh ip bgp vpnv4 vrf B 50.50.50.50

BGP routing table entry for 200:1:50.50.50.50/32, version 31

Paths: (1 available, best #1, table B)

Flag: 0x820

Not advertised to any peer

6501

20.1.1.2 from 20.1.1.2 (50.50.50.50)

Origin IGP, metric 0, localpref 100, valid, external, best

Extended Community: RT:200:1 RT:300:3

mpls labels in/out 19/nolabel

Vaibhava Varma · ‎12-10-2011

Hi Kishore

Yes even that what surprises me too..I also labbed it and everything works cool..My earlier explaination in the start of the post was on a different context I was thikning off which did not hold good here

Hi Robo

The alternative solution which you are thinking is a lot more same as the current setup except for instead of using additivie extcommunity we want to use just replace the community value . Well we can try it for sure but I think its better to find out why the additive community was not being applied to the eBGP route in the first place..

Also I was thinking why don't we use an import-map with two terms-one to select the local VRF's targetted RTs and other to select the other VRF's RT with selective prefix list..It will solve our purpose with ease and also get us rid from the export-map config under VRFs

E.G

ip vrf CEA

rd 6413:1

import map CEA_IN

route-target export 64513:100

route-target import 64513:100

route-target import 64513:200

!

ip vrf CEB

rd 64513:2

import map CEB_IN

route-target export 64513:200

route-target import 64513:200

route-target import 64513:100

!

route-map CEA_IN permit 10

match extcommunity CEA

!

route-map CEA_IN permit 20

match ip address prefix-list 100

match extcommunity CEB

!

route-map CEB_IN permit 10

match extcommunity CEB

!

route-map CEB_IN permit 20

match ip address prefix-list 200

match extcommunity CEA

ip extcommunity-list standard CEA permit rt 64513:100

ip extcommunity-list standard CEB permit rt 64513:200

!

ip prefix-list 100 seq 5 permit 10.0.201.1/32

!

ip prefix-list 200 seq 5 permit 10.0.101.1/32

R2#sh ip route vrf CEA

Routing Table: CEA

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 5 subnets, 2 masks

C 10.0.10.0/30 is directly connected, FastEthernet0/0

C 10.0.111.1/32 is directly connected, Loopback10

B 10.0.101.1/32 [20/0] via 10.0.10.2, 00:04:49

S 10.0.151.1/32 [1/0] via 10.0.10.2

B 10.0.201.1/32 [20/0] via 10.0.20.2 (CEB), 00:04:34

R2#sh ip route vrf CEB

Routing Table: CEB

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

10.0.0.0/8 is variably subnetted, 4 subnets, 2 masks

C 10.0.20.0/30 is directly connected, FastEthernet0/1

B 10.0.101.1/32 [20/0] via 10.0.10.2 (CEA), 00:04:52

B 10.0.201.1/32 [20/0] via 10.0.20.2, 00:04:37

S 10.0.251.1/32 [1/0] via 10.0.20.2

R2#

As shown above this helps to get the eBGP routes learnt in another VRF to be imported in separate VRF woth ease..

Hope this helps to provide more clarity on this issue. Please let me know for any clarifications.

Regards

Varma

CSCO11020330 · ‎12-11-2011

Oh my dear Mr. V and Mr. Kishore, you guys rock!! Kishore, so much appreciation for showing me with a lab stats, you pulled me out from a dirty swamp. Mr. V, you are a star! I am 100% sure the import map will work, 100%!! So sad, I won't have a chance to touch the router again recently. But it definitely will work. Thank you so much!!

I learnt so much from you both. You earned my respects. THANK you! Now I can have a real good night and sleep:) (I was in a bad bed time last night for dreaming the stupid solutions...)

Best regards

Robo

Vaibhava Varma · ‎12-11-2011

HI Robo

Great to hear that the solutions solves the confusion and puts us all on the same page

Regards

Varma

Peter Paluch · ‎12-11-2011

Kishore, Vaibhava,

Good work! It's good to have you guys on CSC.

Best regards,

Peter

Vaibhava Varma · ‎12-11-2011

Hi Peter

Thanks a lot for the appreciation

Regards

Varma