Solved: NXOS - Traffic redirection to another next-hop - Tunnel interface

leodlsrt · ‎04-01-2024

Hi,

I want to make a GRE Tunnel to another site to establish a BGP session with an another ASN, on Cisco Nexus 9396PX.

I have create a tunnel interface in my default VRF (EBGP are running on), but the traffic going on to my first default route.

Actually my configuration :

feature pbr
ip route 0.0.0.0/0 100.23.1.90
ip route 0.0.0.0/0 10.10.20.10 2 

ip prefix-list PFX-AS1234-CUST-V4 seq 10 permit 1.2.3.0/24
ip prefix-list PFX-AS1234-CUST-V4 seq 11 permit 4.5.6.0/24 
ip prefix-list PFX-AS1234-CUST-V4 seq 95 deny 0.0.0.0/0 ge 32 
ip prefix-list PFX-AS1234-CUST-V4 seq 100 deny 0.0.0.0/0 le 32 
route-map RPL-AS1234-CUST-IN-V4 permit 100
route-map RPL-AS1234-CUST-OUT-V4 permit 100
  match ip address prefix-list PFX-AS1234-CUST-V4 

interface Tunnel100
  ip address 100.30.2.1/30
  tunnel source 37.XXX.XXX.XXX
  tunnel destination 193.XXX.XXX.XXX
  no shutdown

router bgp MY_ASN_NUMBER
  template peer TP-AS1234-CUST-V4
    remote-as 1234
    remove-private-as
    address-family ipv4 unicast
      send-community
      route-map RPL-AS1234-CUST-IN-V4 in
      route-map RPL-AS1234-CUST-OUT-V4 out
      maximum-prefix 5
      default-originate
      soft-reconfiguration inbound

  neighbor 100.30.2.2
    inherit peer TP-AS1234-CUST-V4
    no shutdown

I've tried this configuration using VRF but it seems that not worked, the BGP session broke.

vrf context test-sym
  ip route 0.0.0.0/0 10.10.20.10 vrf default
  ip route 193.XXX.XXX.XXX/32 100.23.1.90 vrf default

interface Tunnel100
  vrf member test-sym
  ip address 100.30.2.1/30
  tunnel source 37.XXX.XXX.XXX
  tunnel destination 193.XXX.XXX.XXX
  no shutdown

How can i set the next hop to 10.10.20.10 for the traffic coming only from this tunnel?

ip policy route-map doesn't exist on interface type tunnel on my side (feature PBR is enabled)

Thanks,

MHM Cisco World · ‎04-01-2024

AD for ebgp is 20

AD for static is 1

*>e0.0.0.0/0          100.23.1.90                                 0 49434 i
*>e83.150.217.0/24  100.30.2.2                                      0 1234 i

0.0.0.0/0, ubest/mbest: 1/0
    *via 100.23.1.90, [1/0], 9w4d, static

So two prefix learn from ebgp

Defualt and 83.x.x.x

The 83.x.x.x is add add to RIB since NSK d0nt have any other same prefix with lower AD

Defualt not add since NSK have defualt prefix with AD 1 as static

So what you see it normal' you need to change the AD of default static to be more than 20.

MHM

View solution in original post

MHM Cisco World · ‎04-01-2024

Can you more elaborate

Also do you receive any prefix via bgp?

Can I see

show ip route

Show ip bgp

MHM

leodlsrt · ‎04-01-2024

Hi,
Yes I receive all my prefixes advertised by the peer.

edge01.par3 (config)# sh ip r

0.0.0.0/0, ubest/mbest: 1/0
    *via 100.23.1.90, [1/0], 9w4d, static
10.10.20.10/30, ubest/mbest: 1/0, attached
    *via 10.10.20.9, Tunnel1, [0/0], 9w4d, direct
10.10.20.9/32, ubest/mbest: 1/0, attached
    *via 10.10.20.9, Tunnel1, [0/0], 9w4d, local
100.23.1.90/31, ubest/mbest: 1/0, attached
    *via 100.23.1.91, Vlan900, [0/0], 9w4d, direct
100.23.1.91/32, ubest/mbest: 1/0, attached
    *via 100.23.1.91, Vlan900, [0/0], 9w4d, local
100.30.2.0/30, ubest/mbest: 1/0, attached
    *via 100.30.2.1, Tunnel5, [0/0], 14:17:09, direct
100.30.2.1/32, ubest/mbest: 1/0, attached
    *via 100.30.2.1, Tunnel5, [0/0], 14:17:09, local
83.150.217.0/24, ubest/mbest: 1/0
    *via 100.30.2.2, [20/0], 00:14:46, bgp-52073, external, tag 1234


edge01.par3(config)# sh ip bgp
BGP routing table information for VRF default, address family IPv4 Unicast
BGP table version is 3305, Local Router ID is 100.23.1.91
Status: s-suppressed, x-deleted, S-stale, d-dampened, h-history, *-valid, >-best
Path type: i-internal, e-external, c-confed, l-local, a-aggregate, r-redist, I-injected
Origin codes: i - IGP, e - EGP, ? - incomplete, | - multipath, & - backup, 2 - best2

   Network            Next Hop            Metric     LocPrf     Weight Path
*>e0.0.0.0/0          100.23.1.90                                 0 49434 i
*>e83.150.217.0/24  100.30.2.2                                      0 1234 i

MHM Cisco World · ‎04-01-2024