Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4498
Views
0
Helpful
3
Replies

Route Leaking between VRF's on same router(with MPLS)

Go to solution
Jason Mann
Level 1
Level 1

‎01-11-2009 12:50 PM - edited ‎03-04-2019 03:25 AM

Actually have two questions on the below config. We are trying to share a single route between two vrf's on the same router. The below config is not workig. Also does an export map pertain to the whole vrf or just the rt is if it is set in the route-map? Thanks!

ip vrf PUB

rd 20:7

export map PUBvrf-export

route-target export 20:7

route-target import 20:7

route-target import 10:10

!

ip vrf USERS

rd 20:2

export map STATEvrf-export

route-target export 20:2

route-target import 20:2

route-target import 10:99

!

interface FastEthernet0/1.10

description USERS VRF

encapsulation dot1Q 10

ip vrf forwarding USERS

ip address 10.144.230.1 255.255.255.0

!

interface FastEthernet0/1.99

description PUB VRF

encapsulation dot1Q 99

ip vrf forwarding PUB

ip address 172.26.2.1 255.255.255.0

!

router ospf 3482

router-id 10.194.184.20

log-adjacency-changes detail

auto-cost reference-bandwidth 100000

area 500 authentication message-digest

area 500 stub

network 10.0.0.0 0.255.255.255 area 500

!

router bgp XXXX

no synchronization

bgp log-neighbor-changes

neighbor ALL_RR peer-group

neighbor ALL_RR remote-as XXXX

neighbor ALL_RR update-source Loopback0

neighbor ALL_RR send-community both

neighbor 10.194.184.1 peer-group ALL_RR

neighbor 10.194.184.2 peer-group ALL_RR

neighbor 10.194.184.3 peer-group ALL_RR

no auto-summary

!

address-family vpnv4

neighbor ALL_RR send-community both

neighbor 10.194.184.1 activate

neighbor 10.194.184.2 activate

neighbor 10.194.184.3 activate

exit-address-family

!

!

address-family ipv4 vrf USERS

redistribute connected

no synchronization

exit-address-family

!

address-family ipv4 vrf PUB

redistribute connected

no synchronization

exit-address-family

!

!

ip prefix-list PUBvrf-nets seq 5 permit 172.16.2.10/32

ip prefix-list USERSvrf-nets seq 5 permit 10.144.230.200/32

!

route-map PUBvrf-export permit 10

match ip address prefix-list PUBvrf-nets

set extcommunity rt 10:99 additive

!

route-map USERSvrf-export permit 10

match ip address prefix-list USERSvrf-nets

set extcommunity rt 10:10 additive

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Harold Ritter
Level 12
Level 12
In response to Jason Mann

‎01-12-2009 05:52 AM

Jason,

you could configure a static host route for each host and then redistribute the static route in the VRF context as follow:

ip route vrf USERS 10.144.230.200 255.255.255.255 FastEthernet0/1.10 10.144.230.200

router bgp xxx

address-family ipv4 vrf USERS

redistribute static

The other prefix (172.26.2.10) does not seem to be directly connected, so the static route will be accordingly.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Harold Ritter
Level 12
Level 12

‎01-11-2009 02:29 PM

Jason,

Looking at the prefix-lists, the only routes you allow are 172.16.2.10/32 (vrf PUB) and 10.144.230.200/32 (vrf USERS). Where do they come from, as you only redistribute the connected routes in the VRF context under the BGP process and none of the connected routes (10.144.230.0/24 and 172.26.2.0/24) match these prefixes.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful

Go to solution
Jason Mann
Level 1
Level 1
In response to Harold Ritter

‎01-11-2009 03:17 PM

That is what I was afraid of. What has happened is that 172.26.2.10 needs to talk with 10.144.230.200. Both of the user's intiate the conversation. The PUB vrf runs to a firewall back at our main building and the USER vrf runs to an aggregate router in our main building. We are trying to alleviate the hops that these two users take to talk to each other but we don't want to distribute all of the routes between the two VRF's so that is why we put in the export maps. Is there a way to export a single host so that each of the vrf's will know it about the hot but not the rest of the network? Thanks!

0 Helpful

Go to solution
Harold Ritter
Level 12
Level 12
In response to Jason Mann

‎01-12-2009 05:52 AM

Jason,

you could configure a static host route for each host and then redistribute the static route in the VRF context as follow:

ip route vrf USERS 10.144.230.200 255.255.255.255 FastEthernet0/1.10 10.144.230.200

router bgp xxx

address-family ipv4 vrf USERS

redistribute static

The other prefix (172.26.2.10) does not seem to be directly connected, so the static route will be accordingly.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card