Buy or Renew
Buy or Renew
Cisco + Splunk: Itā€™s a new day for your data. Learn more.
Ā 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
975
Views
0
Helpful
5
Replies

Clarification of VRF Route Leaking

AvidPontoon1
Level 1
Level 1

ā€Ž01-02-2022 08:11 AM - edited ā€Ž01-02-2022 08:11 AM


After confirming MPLS L3VPNs and doing some internet breakout tasks. I wanted to have a look at leaking routes between VRFs away from L3VPNs.

 

I have been able to use a import map within the VRF to import specific routes using a route-map and prefix lists. However want to import routes based on their RT Value within BGP. As these are already on the routes it negates extra complexity with a second route-map so would like to do it that way. Also means less admin overhead on updating prefix lists rather than adding an RT.

I have routes in the IPv4 BGP RIB on a router with ā€˜RT:1:1ā€™. Having set the ā€˜route-target import 1:1ā€™ command within the VRF for IPv4 unicast. None of the routes are being imported imported using this method.

I had a feeling that this is because the routes are in the IPv4 Unicast BGP RIB and not the VPNv4 BGP RIB.

 

Is that a correct assumption? Or should what Iā€™m doing work and Iā€™m doing something wrong?

 

The routes Iā€™m wanting to import into the VRF arenā€™t coming from within a VRF on the other side. Iā€™m using a route map to set the extended community RT to 1:1 on export from a BGP neighbour command. However, looking at the routes in the BGP IPv4 RIB do have the RT set to 1:1.

 

Iā€™m using standard Cisco IOS.

Labels:
0 Helpful
5 Replies 5

Harold Ritter
Cisco Employee
Cisco Employee

ā€Ž01-02-2022 08:33 AM

Hi @AvidPontoon1 ,

 

Happy New Year!

 

> Is that a correct assumption? Or should what Iā€™m doing work and Iā€™m doing something wrong?

 

That is correct. A route in address family ipv4 unicast will not be imported into a VRF, even though it has the proper RT set. The route leaking feature is the only way to do this.

 

Regards,

 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
MĆ©xico mĆ³vil: +52 1 55 8312 4915
Cisco MĆ©xico
Paseo de la Reforma 222
Piso 19
CuauhtƩmoc, JuƔrez
Ciudad de MĆ©xico, 06600
MĆ©xico
0 Helpful

AvidPontoon1
Level 1
Level 1
In response to Harold Ritter

ā€Ž01-02-2022 08:36 AM

Thanks Harold,


Happy New Year to you too!

 

How would I go about getting this working then? Do I just have to use an import route-map? Or is it better to get the routes into the VPNv4 table and do it that way using the RTs? Not sure what best practice is here?

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to AvidPontoon1

ā€Ž01-02-2022 10:33 AM - edited ā€Ž01-02-2022 10:44 AM

Hi @AvidPontoon1 ,

 

If the goal is to mutually leak the routes from global to vrf and vice versa, you can do something like this.

 

vrf definition test

 rd 2:1

 !

 address-family ipv4

  import ipv4 unicast map Global2VRF

  export ipv4 unicast map VRF2Global

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
MĆ©xico mĆ³vil: +52 1 55 8312 4915
Cisco MĆ©xico
Paseo de la Reforma 222
Piso 19
CuauhtƩmoc, JuƔrez
Ciudad de MĆ©xico, 06600
MĆ©xico
0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

ā€Ž01-02-2022 11:36 PM

Could you share configuration and bgp output here? A few questions are not clear.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card