Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3304
Views
0
Helpful
21
Replies

EIGRP Redistribution into BGP VRF MPLS Tunnel

Go to solution
jebowling
Level 1
Level 1

‎12-14-2015 04:10 PM - edited ‎03-05-2019 02:56 AM

I have a WAN that is terminated from BGP VRF MPLS Tunnel and I need to redistribute into EIGRP.  The ip vrf LAN  rd 2828:101 needs to redistribute into EIGRP 1 that connects on interface GigabitEthernet0/2. 

GatewayXO#
GatewayXO#show ip vrf LAN
Name Default RD Interfaces
LAN 2828:101 Gi0/1.101
Gi0/2

GatewayXO#show ip eigrp vrf LAN interfaces
IP-EIGRP interfaces for process 2828
Xmit Queue Mean Pacing Time Multicast Pending
Interface Peers Un/Reliable SRTT Un/Reliable Flow Timer Routes
Gi0/1.101 0 0/0 0 0/1 0 0

GatewayXO#show ip eigrp vrf LAN neighbors
IP-EIGRP neighbors for process 2828
GatewayXO#

BGPGateway#show run

Building configuration...

 

Current configuration : 3065 bytes

!

version 12.4

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

!

hostname BGPGateway

!

boot-start-marker

boot system flash disk2:c7200-a3jk9s-mz.124-25f.bin

boot bootldr bootflash:c7200-kboot-mz.124-25g.bin

boot-end-marker

!

enable password ******

!

no aaa new-model

!

!

ip cef

!

!

ip vrf LAN

 rd 2828:101

 route-target export 2828:101

 route-target import 2828:101

!

ip vrf VLAN

 rd 2828:100

!

!

!

interface Loopback20

 ip address 20.20.20.20 255.255.255.255

!

interface GigabitEthernet0/1

 description XO BGP Gateway to WAN Systems

 no ip address

 load-interval 30

 duplex auto

 speed auto

 media-type rj45

 no negotiation auto

!

interface GigabitEthernet0/1.100

 description description DMZ-VLAN-100 (Company Current IP Blocks)

 encapsulation dot1Q 100

 ip vrf forwarding VLAN

 ip address 64.55.218.238 255.255.255.252

 no cdp enable

!

interface GigabitEthernet0/1.101

 description DMZ-VLAN-101 (route to Private IPs to WEB Filter at the end of MPLS Tunnel)

 encapsulation dot1Q 101

 ip vrf forwarding LAN

 ip address 64.55.216.246 255.255.255.252

 no cdp enable

!

interface GigabitEthernet0/2

 description Connected to Cisco 6509 EIGRP 20 VLANS

 ip vrf forwarding LAN

 ip address 172.19.1.1 255.255.255.0

 duplex auto

 speed auto

 media-type rj45

 no negotiation auto

 no keepalive

!

interface GigabitEthernet0/3

 ip vrf forwarding VLAN

 ip address 209.116.238.33 255.255.255.248

 duplex auto

 speed auto

 media-type rj45

 no negotiation auto

 no keepalive

!

!

router eigrp 1

 redistribute static

 redistribute bgp 7014 1

 network 20.0.0.0

 network 172.19.0.0

 no auto-summary

 !

 address-family ipv4 vrf LAN

  redistribute bgp 7014 1

  network 172.19.0.0

  default-metric 10000 1 255 1 1500

  no auto-summary

  autonomous-system 2828

 exit-address-family

!

router eigrp 10

 network 172.19.0.0

 no auto-summary

!

router bgp 7014

 bgp router-id 64.55.218.238

 no bgp default ipv4-unicast

 bgp log-neighbor-changes

 neighbor 64.55.216.245 remote-as 1

 !

address-family ipv4 vrf VLAN

  redistribute connected

  redistribute static

  neighbor 64.55.218.237 remote-as 2828

  neighbor 64.55.218.237 description VLAN

  neighbor 64.55.218.237 activate

  no synchronization

 exit-address-family

 !

 address-family ipv4 vrf LAN

  redistribute connected

  redistribute static

  redistribute eigrp 1

  neighbor 64.55.216.245 remote-as 2828

  neighbor 64.55.216.245 description LAN

  neighbor 64.55.216.245 activate

  neighbor 64.55.216.245 soft-reconfiguration inbound

  no synchronization

 exit-address-family

!

ip forward-protocol nd

ip route 10.0.0.0 255.0.0.0 172.19.1.2

ip route vrf LAN 0.0.0.0 0.0.0.0 64.55.216.245

ip route vrf VLAN 0.0.0.0 0.0.0.0 64.55.218.237

!

no ip http server

no ip http secure-server

!

!

control-plane

!

!

gatekeeper

 shutdown

!

!

line con 0

 stopbits 1

line aux 0

 stopbits 1

line vty 0 4

 password *******

 login

!

!

end

 

BGPGateway#

Labels:
0 Helpful
21 Replies 21

Go to solution
jebowling
Level 1
Level 1
In response to Masoud Pourshabanian

‎12-15-2015 08:37 AM

I am doing it on a backup 6509.  Will actually have to setup PBR (Policy Based Routing). to send all but two VLANs to this route.

This is a very interesting problem.

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to jebowling

‎12-15-2015 08:44 AM

It is simple.

Something like this. Just example.

access-list 50 deny 10.1.100.0 0.0.0.255  [except VLAN]

access-list 50 deny 10.2.100.0 0.0.0.255.  [except VLAN]

access-list 50 permit 10.0.0.0  0.255.255.255   [match others]

route-map to-fortigate

match ip address 50

set ip next hop  172.19.1.1

under the interface

ip policy route-map to-fortigate

0 Helpful

Go to solution
jebowling
Level 1
Level 1
In response to Masoud Pourshabanian

‎12-15-2015 08:47 AM

thanks...I have to drive 2 hrs to make physical changes and will add PBR.  I will post actual after I add it.

0 Helpful

Go to solution
jebowling
Level 1
Level 1
In response to jebowling

‎12-15-2015 08:33 AM

Thank you so much for the help.  I am trying now how to give this a 5 Star Rating.

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to jebowling

‎12-15-2015 12:38 PM

You are most welcome.

Masoud

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to jebowling

‎12-15-2015 07:19 AM

Make sure you can ping 6509 IP address from your router.

Ping vrf LAN [6509 IP address]  it should be 172.19.1.X.

0 Helpful

Go to solution
Masoud Pourshabanian
VIP Alumni
VIP Alumni
In response to jebowling

‎12-15-2015 06:43 AM

Adding to my previous comment.

Make sure 6509 only connected to interface under VRF LAN. Otherwise, configuration of EIGRP may cause routing loop.

Masoud

0 Helpful
Customers Also Viewed These Support Documents