cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
12264
Views
10
Helpful
1
Comments
jpl861
Level 4
Level 4

EIGRP Inter-VRF Redistribution

 

This document will describe on how to redistribute EIGRP routes between different VRF instances on a single router. There are cases wherein a router would sit in multiple EIGRP domains (although not a good design) and would need to redistribute routes without affecting the entire routing table of multiple routers especially R1 which is the hub.

EIGRPs 50, 100, and 200 were all configured in R1. AS100 and AS200 should be able to communicate with each other but AS50 should be a standalone EIGRP domain. Let’s say for example R4 and R5 are newly acquired networks that were connected through R1 for routing.

 

First, we need to configure R1 interfaces and VRFs (I added loopback interfaces so there will be more networks to be advertised):

 

R1:

ip vrf EIGRP100

 rd 100:100

!

ip vrf EIGRP200

 rd 200:200

!

ip vrf EIGRP50

 rd 50:50

 

interface Loopback100

 ip vrf forwarding EIGRP100

 ip address 10.100.0.1 255.255.255.0

!

interface Loopback200

 ip vrf forwarding EIGRP200

 ip address 10.200.0.1 255.255.255.0

!

interface FastEthernet0/0

 ip vrf forwarding EIGRP100

 ip address 10.100.1.1 255.255.255.0

 

!

interface Serial0/0

 ip vrf forwarding EIGRP50

 ip address 10.50.1.1 255.255.255.0

 clock rate 2000000

!

interface FastEthernet0/1

 ip vrf forwarding EIGRP200

 ip address 10.200.1.1 255.255.255.0

!

interface Serial0/1

 ip vrf forwarding EIGRP50

 ip address 10.50.2.1 255.255.255.0

 clock rate 2000000

 

The left hand side of the network belongs to AS100 which is using 10.100.0.0/16 network. The right side is 10.200.0.0/16 which is AS200 and the bottom part is 10.50.0.0/16 which is AS50.

 

We first need to create the EIGRP process to enable EIGRP peering to spoke routers. All spoke routers were configured with standard and straightforward EIGRP configuration.

 

R1:

router eigrp 6000

 no auto-summary

 !

 address-family ipv4 vrf EIGRP50

  network 10.50.0.0 0.0.255.255

  no auto-summary

  autonomous-system 50

 exit-address-family

 !

 address-family ipv4 vrf EIGRP200

  network 10.200.0.0 0.0.255.255

  no auto-summary

  autonomous-system 200

 exit-address-family

 !

 address-family ipv4 vrf EIGRP100

  network 10.100.0.0 0.0.255.255

  no auto-summary

  autonomous-system 100

 exit-address-family

 

R2:

interface Loopback100

 ip address 10.100.3.2 255.255.255.0

!

interface FastEthernet0/0

 ip address 10.100.1.2 255.255.255.0

!

!

router eigrp 100

 network 0.0.0.0

 no auto-summary

 

R3:

interface Loopback200

 ip address 10.200.3.3 255.255.255.0

!

interface FastEthernet0/0

 ip address 10.200.1.3 255.255.255.0

!

!

router eigrp 200

 network 0.0.0.0

 no auto-summary

!

 

R4:

interface Loopback50

 ip address 10.50.5.4 255.255.255.0

!

!

interface Serial0/0

 ip address 10.50.1.4 255.255.255.0

!

!

router eigrp 50

 network 0.0.0.0

 no auto-summary

!

 

R5:

interface Loopback50

 ip address 10.50.3.5 255.255.255.0

!

!

interface Serial0/0

 ip address 10.50.2.5 255.255.255.0

!

!

router eigrp 50

 network 0.0.0.0

 no auto-summary

!

 

 

From R1’s point of view, the EIGRP peering to spoke routers are active.

 

R1#show ip eigrp vrf EIGRP50 neighbor

IP-EIGRP neighbors for process 50

H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq

                                            (sec)         (ms)       Cnt Num

1   10.50.1.4               Se0/0             11 00:15:33   39   234  0  6

0   10.50.2.5               Se0/1             13 00:15:43   38   228  0  4

R1#show ip eigrp vrf EIGRP100 neighbor

IP-EIGRP neighbors for process 100

H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq

                                            (sec)         (ms)       Cnt Num

0   10.100.1.2              Fa0/0             13 00:20:37  423  2538  0  10

R1#show ip eigrp vrf EIGRP200 neighbor

IP-EIGRP neighbors for process 200

H   Address                 Interface       Hold Uptime   SRTT   RTO  Q  Seq

                                            (sec)         (ms)       Cnt Num

0   10.200.1.3              Fa0/1             10 00:20:42  607  3642  0  8

 

We now need to enable the communication between EIGRP100 and EIGRP200. We need to use BGP and route-targets to enable the communication between the two VRFs.

 

R1:

ip vrf EIGRP100

 rd 100:100

 route-target export 100:100

 route-target import 200:200

!

ip vrf EIGRP200

 rd 200:200

 route-target export 200:200

 route-target import 100:100

 

router bgp 6000

 no synchronization

 bgp router-id 1.1.1.1 (I just configured this to ensure BGP will run with RID)

 bgp log-neighbor-changes

 no auto-summary

 !

 address-family ipv4 vrf EIGRP200

  redistribute eigrp 200

  no synchronization

 exit-address-family

 !

 address-family ipv4 vrf EIGRP100

  redistribute eigrp 100

  no synchronization

 exit-address-family

 

Using BGP, we have redistributed EIGRP100 routes to BGP with RD of 100:100 and with an RT of 100:100. Same goes with EIGRP200 where RD and RT are 200:200.

 

As you can see, both 10.100.0.0/16 and 10.200.0.0/16 networks are now present in the BGP table.

 

R1#show bgp vpnv4 unicast all

BGP table version is 32, local router ID is 1.1.1.1

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

              r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

 

   Network          Next Hop            Metric LocPrf Weight Path

Route Distinguisher: 100:100 (default for vrf EIGRP100)

*> 10.100.0.0/24    0.0.0.0                  0         32768 ?

*> 10.100.1.0/24    0.0.0.0                  0         32768 ?

*> 10.100.3.0/24    10.100.1.2          409600         32768 ?

*> 10.200.0.0/24    0.0.0.0                  0         32768 ?

*> 10.200.1.0/24    0.0.0.0                  0         32768 ?

*> 10.200.3.0/24    10.200.1.3          409600         32768 ?

Route Distinguisher: 200:200 (default for vrf EIGRP200)

*> 10.100.0.0/24    0.0.0.0                  0         32768 ?

*> 10.100.1.0/24    0.0.0.0                  0         32768 ?

*> 10.100.3.0/24    10.100.1.2          409600         32768 ?

*> 10.200.0.0/24    0.0.0.0                  0         32768 ?

*> 10.200.1.0/24    0.0.0.0                  0         32768 ?

*> 10.200.3.0/24    10.200.1.3          409600         32768 ?

 

Both networks can now be seen in the BGP topology and all we need to do is to redistribute BGP back to EIGRP so that spoke routers can receive the prefix information. This will also inject the external routes to EIGRP topology table.

 

R1:

router eigrp 6000

 no auto-summary

!

address-family ipv4 vrf EIGRP200

  redistribute bgp 6000 metric 1000 100 255 1 1500

!

 address-family ipv4 vrf EIGRP100

  redistribute bgp 6000 metric 1000 100 255 1 1500

 

During this process, BGP table for EIGRP100 VRF would pick the routes with route-target of 200:200 (since we configured 200:200 to be imported in EIGRP100VRF) and redistribute it to EIGRP AS100 topology. R1 can now advertise the 10.200.0.0/16 routes to R2.

 

BGP table for EIGRP200 VRF would also pick the 100:100 route-target routes and inject it to EIGRP AS200 topology so it can be advertised to R3.

 

R1#show ip eigrp vrf EIGRP100 topology

IP-EIGRP Topology Table for AS(100)/ID(10.100.0.1) Routing Table: EIGRP100

 

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

 

P 10.100.3.0/24, 1 successors, FD is 409600

        via 10.100.1.2 (409600/128256), FastEthernet0/0

P 10.100.0.0/24, 1 successors, FD is 128256

        via Connected, Loopback100

P 10.100.1.0/24, 1 successors, FD is 281600

        via Connected, FastEthernet0/0

P 10.200.3.0/24, 1 successors, FD is 2585600

        via Redistributed (2585600/0)

P 10.200.0.0/24, 1 successors, FD is 2585600

        via Redistributed (2585600/0)

P 10.200.1.0/24, 1 successors, FD is 2585600

        via Redistributed (2585600/0)

R1#show ip eigrp vrf EIGRP200 topology

IP-EIGRP Topology Table for AS(200)/ID(10.200.0.1) Routing Table: EIGRP200

 

Codes: P - Passive, A - Active, U - Update, Q - Query, R - Reply,

       r - reply Status, s - sia Status

 

P 10.100.3.0/24, 1 successors, FD is 2585600

        via Redistributed (2585600/0)

P 10.100.0.0/24, 1 successors, FD is 2585600

        via Redistributed (2585600/0)

P 10.100.1.0/24, 1 successors, FD is 2585600

        via Redistributed (2585600/0)

P 10.200.3.0/24, 1 successors, FD is 409600

        via 10.200.1.3 (409600/128256), FastEthernet0/1

P 10.200.0.0/24, 1 successors, FD is 128256

        via Connected, Loopback200

P 10.200.1.0/24, 1 successors, FD is 281600

        via Connected, FastEthernet0/1

 

R2 can now see the 10.200.x.x routes as EIGRP EX routes.

 

R2#show ip route | begin Gateway

Gateway of last resort is not set

 

     10.0.0.0/24 is subnetted, 6 subnets

C       10.100.3.0 is directly connected, Loopback100

D       10.100.0.0 [90/409600] via 10.100.1.1, 00:35:10, FastEthernet0/0

C       10.100.1.0 is directly connected, FastEthernet0/0

D EX    10.200.3.0 [170/2611200] via 10.100.1.1, 00:34:20, FastEthernet0/0

D EX    10.200.0.0 [170/2611200] via 10.100.1.1, 00:34:05, FastEthernet0/0

D EX    10.200.1.0 [170/2611200] via 10.100.1.1, 00:34:05, FastEthernet0/0

 

R3 can now see 10.100.x.x routes as EIGRP EX routes as well.

 

R3#show ip route | b Gateway

Gateway of last resort is not set

 

     10.0.0.0/24 is subnetted, 6 subnets

D EX    10.100.3.0 [170/2611200] via 10.200.1.1, 00:35:06, FastEthernet0/0

D EX    10.100.0.0 [170/2611200] via 10.200.1.1, 00:34:51, FastEthernet0/0

D EX    10.100.1.0 [170/2611200] via 10.200.1.1, 00:34:51, FastEthernet0/0

C       10.200.3.0 is directly connected, Loopback200

D       10.200.0.0 [90/409600] via 10.200.1.1, 00:35:57, FastEthernet0/0

C       10.200.1.0 is directly connected, FastEthernet0/0

 

R4 should not be able to see any of the AS100 or 200 networks. It can only see AS50 networks.

 

R4#show ip route | b Gateway

Gateway of last resort is not set

 

     10.0.0.0/24 is subnetted, 4 subnets

C       10.50.1.0 is directly connected, Serial0/0

D       10.50.2.0 [90/2681856] via 10.50.1.1, 00:00:05, Serial0/0

D       10.50.3.0 [90/2809856] via 10.50.1.1, 00:31:52, Serial0/0

C       10.50.5.0 is directly connected, Loopback50

 

R2 can now reach R3 via R1.

 

R2#ping 10.200.3.3 source loopback 100

 

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.200.3.3, timeout is 2 seconds:

Packet sent with a source address of 10.100.3.2

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 28/41/64 ms

 

 

 

 

Comments
james.betts
Level 1
Level 1

Outstanding solution, the only place on the internet where I've seen a good description of how to leak routes between EIGRP autonomous systems.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: