10-13-2015 03:24 PM - edited 03-05-2019 06:57 AM
Hi,
In order to achieve Internet Connection for CE1 e CE2 that belong to the same VPN
I configured the router GW2 with this command
ip route vrf PA 0.0.0.0 0.0.0.0 99.99.99.99 global, where 99.99.99.99 is the internet router
and than i redistribute it in MPBGP to PE1 and PE2 with
router bgp 1
address-family ipv4 vrf PA
network 0.0.0.0 mask 0.0.0.0
When i type, on PE1, show ip route vrf PA it show a default route via 4.4.4.4 that is the loopback of GW2,
so it's unreachable becouse there are no route for 4.4.4.4. How can i solve it?
Gateway of last resort is 4.4.4.4 to network 0.0.0.0
172.16.0.0/32 is subnetted, 2 subnets
O 172.16.1.1 [110/11] via 10.0.10.2, 00:05:26, FastEthernet0/0
B 172.16.2.1 [200/11] via 2.2.2.2, 00:04:59
10.0.0.0/24 is subnetted, 2 subnets
C 10.0.10.0 is directly connected, FastEthernet0/0
B 10.0.20.0 [200/0] via 2.2.2.2, 00:04:59
B* 0.0.0.0/0 [200/0] via 4.4.4.4, 00:04:59
PE1#
Thanks a lot
P.
10-13-2015 06:39 PM
GW2 is a BGP neighbor of PE1 and PE2? Which interface did you use to establish BGP neighboring? Did you advertise loopback0 on GW2 by OSPF?
If you advertise loopback0 on GW2 by OSPF, all PE routers will see loopback0 and then PE can establish BGP neighboring with GW2 on loopback0.
By doing so, default route is reachable by PE routers.
Please share a little more detail about what you did.
Masoud
10-16-2015 12:31 AM
I resolved in this way:
i've configured vrf internet on GW2 and associated it with f1/0, than i've putted a default-route in vrf internet that point to internet router, than i've imported this default-route on the vrf of CE1 and vrf of CE2. Than i've imported on vrf internet the route of vrf CE1 and vrf CE2, and that's it. The loopbacks of the router are advirtised with normal IGP process. Now it's work. I've utilized the so called Internet in a VRF method.
PS: I've enabled NAT on CE1 and CE2 instead of enale it per vrf on GW2
Paolo
10-16-2015 06:11 AM
The only drawback of this method is you need to import the routes of all vrfs to Internet vrf . Imagine you have so many VRFs.
You said you enabled NAT on CE1 and CE2. Did you advertise public IPs to PE?
Masoud
10-16-2015 07:01 AM
Sorry Masoud
i forgot to say that i have changed the ip address scheme on PE-CE link. Now i use the public ip address, so the public IP are inserted automatically in the vrf table on PE.
10-16-2015 08:07 AM
Just a small change you can make to avoid wasting IP.
1-Put private IP on PE-CE link.
2- Route public IP (you have it already on the interface) toward CE within each VRF.
3-Redistribute that route to GW2.
4-Nat private IP to public IP on CE( you can either put the Public IP on CE interface or Just doing NAT without putting that Public IP).
Masoud
10-15-2015 10:00 PM
Where is the 99.99.99.99 router? Is it global or in the VRF? If it is global then internet traffic should be moved to the global routing table at the PE routers if that's where the VRF interfaces are.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide