Problem leaking route from VRF to global table on CSR 1000V

Elliott Willink · ‎06-25-2014

Hi Guys,

So I have a problem with VRF's on a CSR 1000V, specifically exporting a connected subnet from a VRF into the global routing table.

My config, very abbreviated, is as follows:

Router:
GE1: 10.0.0.1/31 VRF TEST
GE2: 172.30.20.1/24 (No VRF, BGP neighbor to 172.30.20.2, receiving 0.0.0.0/0 (default route))

Now sh ip route displays:
0.0.0.0/0 (BGP)
172.30.20.1/24 (Connected)

sh ip route vrf TEST displays:
0.0.0.0/0 (BGP)
10.0.0.1/31 connected

My VRF config is as follows:

ip vrf TEST
rd 1:1
import ipv4 unicast map GLOBAL
export ipv4 unicast map CONNECTED-SUBNET
!
ip prefix-list CONNECTED seq 1 permit 10.0.0.1/31
ip prefix-list DEFAULT seq 1 permit 0.0.0.0/0
!
route-map CONNECTED-SUBNET permit 10
match ip address prefix-list CONNECTED
route-map GLOBAL permit 10
match ip address prefix-list DEFAULT

Now my import command works perfectly (0.0.0.0/0 is imported from BGP into the VRF's routing table), however my export command does not function - seemingly at all.

Even though my prefix list is an exact match, I do not see 10.0.0.1/31 appearing in the global routing table, or the BGP table at all (show ip bgp 10.0.0.1 shows only the 0.0.0.0/0 default route)

Any thoughts on what is going on here? Am I misunderstanding the export command for VRF's? I was under the impression this will export directly to the BGP table, and then be imported to the global routing table if applicable?

Any thoughts/input would be appreciated!

paul driver · ‎06-25-2014

Hello

10.0.0.1/31 - Shouldn't this be /30 or 32 host address?

you could also try adding a static and redistribute it to the non vrf bgp neighbor
ip route 10.0.0.1 255.255.255.255 (vrf interface)

router bgp xx
redistribute static

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Elliott Willink · ‎06-25-2014

Hi Paul,

Yeah the 31 was just an example, it doesn't matter what I put in here - It does not appear in the BGP table/global routing table.

I even changed the route-map to match any and still nothing is imported.

Is there any configuration to do with BGP that might be stopping it from accepting these exports perhaps?

I just replicated the problem on a C1900 on my desk, same thing, making me think this is 100% operator error!

I could do the routes statically, however for this configuration I need dynamic routing updates.

Elliott Willink · ‎06-26-2014

Solution! I was thinking this leaked routes directly into the global BGP table. Rather, I had to specify to redistribute routes for the particular VRF.

router bgp 12345

address family ipv4 vrf TEST

redistribute connected

Can this be done another way? I don't suppose there is a bgp command to automatically redistribute vrf routes, or leak directly from the vrf into the global BGP table, or something similar?

paul driver · ‎06-26-2014

Hello

"GE1: 10.0.0.1/31 VRF TEST
GE2: 172.30.20.1/24 (No VRF, BGP neighbor to 172.30.20.2, receiving 0.0.0.0/0 (default route))"

I must have misunderstood somewhere I was assuming you had no vrf bgp between GE1-2 , and just vrf on subnet 10.0.0.0/x which needed to be advertised in the global routing table hence my last post suggested you redistribute into bgp,

So assuming you are accepting a default route from GE2 it went like this

GE1
int fa0/1
ip vrf forwading TEST
ip addresses 10.0.0.1 255.255.255.255

int xx
ip address 172.30.20.1 255.255.255.0

router bgp xy
neighbour 172.30.20.2 remote-as yx
redistribute static ( to advertised the vrf subnet to GE2)

ip route 10.0.0.1 255.255.255.255 fa0/1 ( this is tell the global rib where to go for the vrf route)

ip prefix-list VRF permit 0.0.0.0/0
route-map VRF_rm
match ip address prefix VRF ( match on the default route advertised from GE2 which is in the global rib)

ip vrf TEST
import-map ipv4 vrf VRF-rm ( import the default from global rib into the vrf rib)

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Elliott Willink · ‎06-26-2014

Hi Paul,

Thanks for the reply. You would be right in thinking I did not have VRF BGP, and your solution would work however I do not want to use static routes to achieve it as I need dynamic updating.

Where I fell over, is that I didn't realise I had to use VRF BGP to leak routes into the global table with the 'export ipv4 unicast map' command (I thought the export would directly export from the VRF routing table to the global BGP table - Rather, it appears to export from the VRF BGP table to the global BGP table, so if I did not have VRF BGP set up it does nothing at all.

Thanks again,

Elliott