Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
951
Views
0
Helpful
5
Replies

Clarification of VRF Route Leaking

AvidPontoon1
Level 1
Level 1

‎01-02-2022 08:11 AM - edited ‎01-02-2022 08:11 AM


After confirming MPLS L3VPNs and doing some internet breakout tasks. I wanted to have a look at leaking routes between VRFs away from L3VPNs.

 

I have been able to use a import map within the VRF to import specific routes using a route-map and prefix lists. However want to import routes based on their RT Value within BGP. As these are already on the routes it negates extra complexity with a second route-map so would like to do it that way. Also means less admin overhead on updating prefix lists rather than adding an RT.

I have routes in the IPv4 BGP RIB on a router with ‘RT:1:1’. Having set the ‘route-target import 1:1’ command within the VRF for IPv4 unicast. None of the routes are being imported imported using this method.

I had a feeling that this is because the routes are in the IPv4 Unicast BGP RIB and not the VPNv4 BGP RIB.

 

Is that a correct assumption? Or should what I’m doing work and I’m doing something wrong?

 

The routes I’m wanting to import into the VRF aren’t coming from within a VRF on the other side. I’m using a route map to set the extended community RT to 1:1 on export from a BGP neighbour command. However, looking at the routes in the BGP IPv4 RIB do have the RT set to 1:1.

 

I’m using standard Cisco IOS.

Labels:
0 Helpful
5 Replies 5

Harold Ritter
Cisco Employee
Cisco Employee

‎01-02-2022 08:33 AM

Hi @AvidPontoon1 ,

 

Happy New Year!

 

> Is that a correct assumption? Or should what I’m doing work and I’m doing something wrong?

 

That is correct. A route in address family ipv4 unicast will not be imported into a VRF, even though it has the proper RT set. The route leaking feature is the only way to do this.

 

Regards,

 

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

AvidPontoon1
Level 1
Level 1
In response to Harold Ritter

‎01-02-2022 08:36 AM

Thanks Harold,


Happy New Year to you too!

 

How would I go about getting this working then? Do I just have to use an import route-map? Or is it better to get the routes into the VPNv4 table and do it that way using the RTs? Not sure what best practice is here?

0 Helpful

Harold Ritter
Cisco Employee
Cisco Employee
In response to AvidPontoon1

‎01-02-2022 10:33 AM - edited ‎01-02-2022 10:44 AM

Hi @AvidPontoon1 ,

 

If the goal is to mutually leak the routes from global to vrf and vice versa, you can do something like this.

 

vrf definition test

 rd 2:1

 !

 address-family ipv4

  import ipv4 unicast map Global2VRF

  export ipv4 unicast map VRF2Global

 

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Deepak Kumar
VIP Alumni
VIP Alumni

‎01-02-2022 11:36 PM

Could you share configuration and bgp output here? A few questions are not clear.

Regards,
Deepak Kumar,
Don't forget to vote and accept the solution if this comment will help you!
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card