cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2519
Views
0
Helpful
1
Replies

Nexus 5K Route Leaking 6.0(2)N1(1)

robinson
Level 4
Level 4

Anyone,

      I have had a TAC case opened on this for at least a month and a half.  I am trying to perform routing leaking in a multi-Tenant environment on a Cisco N5K running the "Route Leaking Capable" version of Code 6.0(2)N1(1), released earlier this year.

I've got it working where local networks are being advertised from Tenant1 VRF to the SharedVoice VRF and vice versa, but learned routes within the tenant1-VRF are not being distributed to the sharedVoice-VRF.  For example Tenant 1 runs EIGRP within their VRF, and that VRF is learning routes from their remote office.  I need to leak those learned routes into the shared VRF.  I and TAC are getting no where fast.  Any Help would be appreciated.  Here is what I can give, in the below example tenant 1 is learning 10.128.5.0/24 and .6.0/24 in eigrp, but those learned routes never make it into the sharedvoice VRF routing table.

vrf context vrf-Tenant1

  ip route 0.0.0.0/0 Vlan2211 172.22.11.254

  ip route 172.24.251.0/24 Vlan2211 172.22.11.254

  address-family ipv4 unicast

    route-target import 65000:2201

    route-target export 65000:2211

vrf context vrf-SharedVoice

  ip route 0.0.0.0/0 Vlan2201 172.22.1.254

  address-family ipv4 unicast

    route-target import 65000:2211

    route-target export 65000:2201

route-map rm-BgpToEigrp-Clients permit 10

  match as-number 65000

  set metric 100000 1 255 1 1500

ip prefix-list pl-vrf-Tenant1 seq 10 permit 10.128.5.0/24

ip prefix-list pl-vrf-Tenant1 seq 15 permit 10.128.6.0/24

route-map rm-vrf-Tenant1 permit 10

  match ip address prefix-list pl-vrf-Tenant1

ip access-list acl-SharedVoice-StaticToEigrp

  10 permit ip any anyip access-list acl-SharedVoice-StaticToEigrp
  10 permit ip any any

route-map rm-acl-SharedVoice-StaticToEigrp permit 10

  match ip address acl-SharedVoice-StaticToEigrp

                  

interface Vlan2201

  description SharedVoice Production Vlan

  no shutdown

  vrf member vrf-SharedVoice

  no ip redirects

  ip address 172.22.1.2/24

  ip router eigrp Clients

  hsrp version 2

  hsrp delay reload 120

  hsrp 2201

    preempt delay minimum 30

    priority 110

    timers  1  5

    ip 172.22.1.1

interface Vlan2211

  description Tennant 1 Production Vlan

  no shutdown

  vrf member vrf-Tenant1

  no ip redirects

  ip address 172.22.11.2/24

  ip router eigrp Clients

  hsrp version 2

  hsrp delay reload 120

  hsrp 2211

    preempt delay minimum 30

    priority 110

    timers  1  5

    ip 172.22.11.1

router eigrp Clients

vrf vrf-Tenant1

    autonomous-system 2211

    redistribute bgp 65000 route-map rm-BgpToEigrp-Clients

    maximum-paths 1

    address-family ipv4 unicast

      router-id 172.22.11.2

  vrf vrf-SharedVoice

    autonomous-system 2201

    redistribute static route-map rm-acl-SharedVoice-StaticToEigrp

    redistribute bgp 65000 route-map rm-BgpToEigrp-Clients

    maximum-paths 1

    address-family ipv4 unicast

      router-id 172.22.1.2

router bgp 65000

vrf vrf-Tenant1

    address-family ipv4 unicast

      network 172.22.11.0/24

      redistribute eigrp 2211 route-map vrf-Tenant1

  vrf vrf-SharedVoice

    router-id 172.22.1.2

    address-family ipv4 unicast

      network 172.22.1.0/24

      redistribute direct route-map rm-vrf-SharedVoice

sho ip route vrf vrf-Tenant1

IP Route Table for VRF "vrf-Tenant1"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0
    *via 172.22.11.254, Vlan2211, [1/0], 4w1d, static
10.128.5.0/24, ubest/mbest: 1/0
    *via 172.22.11.253, Vlan2211, [90/38912], 2w2d, eigrp-Clients, internal
10.128.6.0/24, ubest/mbest: 1/0
    *via 172.22.11.253, Vlan2211, [90/38912], 2w2d, eigrp-Clients, internal
172.22.1.0/24, ubest/mbest: 1/0, attached
    *via 172.22.1.2%vrf-SharedVoice, Vlan2201, [20/0], 4w1d, bgp-65000, external, tag 65000

172.22.11.0/24, ubest/mbest: 1/0, attached
    *via 172.22.11.2, Vlan2211, [0/0], 4w1d, direct
172.22.11.1/32, ubest/mbest: 1/0
    *via 172.22.11.1, Vlan2211, [0/0], 1w6d, hsrp
172.22.11.2/32, ubest/mbest: 1/0, attached
    *via 172.22.11.2, Vlan2211, [0/0], 4w1d, local
172.24.251.0/24, ubest/mbest: 1/0
    *via 172.22.11.254, Vlan2211, [1/0], 4w1d, static
172.24.252.0/24, ubest/mbest: 1/0
    *via 172.22.11.252, Vlan2211, [90/77056], 4w1d, eigrp-Clients, internal
172.24.253.0/24, ubest/mbest: 1/0
    *via 172.22.11.253, Vlan2211, [90/38656], 4w1d, eigrp-Clients, internal

sho ip route vrf vrf-sharedVoice
IP Route Table for VRF "vrf-SharedVoice"
'*' denotes best ucast next-hop
'**' denotes best mcast next-hop
'[x/y]' denotes [preference/metric]
'%<string>' in via output denotes VRF <string>

0.0.0.0/0, ubest/mbest: 1/0
    *via 172.22.1.254, Vlan2201, [1/0], 4w1d, static
172.22.1.0/24, ubest/mbest: 1/0, attached
    *via 172.22.1.2, Vlan2201, [0/0], 4w1d, direct
172.22.1.1/32, ubest/mbest: 1/0
    *via 172.22.1.1, Vlan2201, [0/0], 1w6d, hsrp
172.22.1.2/32, ubest/mbest: 1/0, attached
    *via 172.22.1.2, Vlan2201, [0/0], 4w1d, local
172.22.10.0/24, ubest/mbest: 1/0, attached
    *via 172.22.10.2%vrf-Tenant2, Vlan2210, [20/0], 00:36:02, bgp-65000, external, tag 65000

172.22.11.0/24, ubest/mbest: 1/0, attached
    *via 172.22.11.2%vrf-Tenant1, Vlan2211, [20/0], 00:41:02, bgp-65000, external, tag 65000
172.22.12.0/24, ubest/mbest: 1/0, attached
    *via 172.22.12.2%vrf-Tenant3, Vlan2212, [20/0], 00:36:36, bgp-65000, external, tag 65000
172.22.13.0/24, ubest/mbest: 1/0, attached
    *via 172.22.13.2%vrf-Tenant4, Vlan2213, [20/0], 00:37:16, bgp-65000, external, tag 65000
172.22.99.0/24, ubest/mbest: 1/0, attached
    *via 172.22.99.2%vrf-Tenant5, Vlan2299, [20/0], 00:37:49, bgp-65000, external, tag 65000

Thanks in advance for your help!

The secret to succeeding at technology is to say yes you can, and to not be afraid of change. Forget the words, "That's how we always do it"
1 Reply 1

robinson
Level 4
Level 4

I solved this problem, Cisco TAC did not find the answer at all, even after 4 months. I found the answer to my problem at Cisco Live, when I sat down with an Engineer for lunch Arkaidy Shapiro, The Nexus Technical Marketing Engineer. The resolution was that I was incorrectly redistributing Eigrp into BGP.  I used the Eigrp Process number in the command (redistribute eigrp 2211 route-map vrf-Tenant1)  I should have used the Eigrp Process name "Eigrp Clients"  So the command should have been (redistribute eigrp Clients route-map vrf-Tenant1).

The secret to succeeding at technology is to say yes you can, and to not be afraid of change. Forget the words, "That's how we always do it"
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco