Solved: Single Cisco router with 2 VRF's. Route leak

Maxim Bezzubov · ‎03-19-2014

Hi.

have 2911 with ISP DSL link and fiber. 2 DMVPN tunnels with these source. For those was created 2 VRF.

Now have need to establish BGP session to neighbor which is located behind the fiber (GE 0/0 int). Need to export route from vrf to global.

interface ATM0/0/0
ip vrf forwarding vrf1
no ip address
no atm ilmi-keepalive
pvc 0/35
encapsulation aal5snap
pppoe-client dial-pool-number 1
!
!
interface Dialer1
ip vrf forwarding vrf1

interface GigabitEthernet0/0
description Fiber

ip vrf forwarding vrf2
ip address 172.30.149.2 255.255.255.252
duplex auto
speed auto
no cdp enable

router bgp 65149
bgp router-id 172.30.149.2
bgp log-neighbor-changes
network 172.30.149.0 mask 255.255.255.252
neighbor 172.30.149.1 remote-as 65149

ip route 172.30.149.0 255.255.255.252 GigabitEthernet0/0
ip route vrf vrf1 0.0.0.0 0.0.0.0 Dialer1
ip route vrf vrf2 0.0.0.0 0.0.0.0 172.30.149.1 - next hop is behind the GigabitEthernet0/0

I have tring this http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/multiprotocol-label-switching-vpns-mpls-vpns/47807-routeleaking.html#global

to add a static route

sh ip route vrf vrf2

Gateway of last resort is 172.30.149.1 to network 0.0.0.0

S*    0.0.0.0/0 [1/0] via 172.30.149.1
      172.30.0.0/16 is variably subnetted, 2 subnets, 2 masks
C        172.30.149.0/30 is directly connected, GigabitEthernet0/0
L        172.30.149.2/32 is directly connected, GigabitEthernet0/0

static route is added successfully

sh ip route

S 172.30.149.0/30 is directly connected, GigabitEthernet0/0

but ping wasn't successful. Whats wrong?

paul driver · ‎03-21-2014

Hello

MBGP requrie the use of address family identifiers - can you try this?

no router bgp 65149

router bgp 65149
no synchronization
bgp log-neighbor-changes
no auto-summary

address-family ipv4 vrf vrf2
neighbor 172.30.149.1 remote-as 65149
neighbor 172.30.149.1 activate
no synchronization
network 172.30.149.0 mask 255.255.255.252
exit-address-family

sh bgp all summary
sh bgp vpnv4 unicast all

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

Richard Burts · ‎03-19-2014

What were you pinging? Are you sure that whatever you were pinging has a route back to your address?

HTH

Rick

HTH

Rick

Maxim Bezzubov · ‎03-19-2014

I have tring to ping IP 172.30.149.1 (that was behind the 172.30.149.0/30 GigabitEthernet0/0, connected directly to that interface) but has no success.

ping IP of interface is ok:

#ping 172.30.149.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.30.149.2, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

ping 172.30.149.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.30.149.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)

have only 1 static route:

ip route 172.30.149.0 255.255.255.252 GigabitEthernet0/0

Richard Burts · ‎03-20-2014

Can you post the output of show arp

HTH

Rick

HTH

Rick

Steven Williams · ‎03-20-2014

traceroute might help too. I thought you achieve VRF route leak with route import and exports?

Maxim Bezzubov · ‎03-20-2014

I trying this http://www.cisco.com/c/en/us/support/docs/multiprotocol-label-switching-mpls/multiprotocol-label-switching-vpns-mpls-vpns/47807-routeleaking.html#global

import-export and MP-BGP I thought inter-VRF only. BHW I trying this - no success.

I need to route leak from VRF to global.

It is funnu but in this case traceroute is successfull but no ping and no bgp establish from this interface.

Maxim Bezzubov · ‎03-20-2014

it is an emply. trying to make a static arp - no success.

Richard Burts · ‎03-20-2014

If 172.30.149.1 is an address on a connected interface and if the arp table is empty then that suggests that there is a layer 2 issue with connectivity. If arp request and arp response are not working then there is no way that ping can work.

HTH

Rick

HTH

Rick

Maxim Bezzubov · ‎03-20-2014

it is an emply. trying to make a static arp - no success.

paul driver · ‎03-21-2014

Hello

MBGP requrie the use of address family identifiers - can you try this?

no router bgp 65149

router bgp 65149
no synchronization
bgp log-neighbor-changes
no auto-summary

address-family ipv4 vrf vrf2
neighbor 172.30.149.1 remote-as 65149
neighbor 172.30.149.1 activate
no synchronization
network 172.30.149.0 mask 255.255.255.252
exit-address-family

sh bgp all summary
sh bgp vpnv4 unicast all

res

Paul

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Maxim Bezzubov · ‎03-23-2014

Yeah! Great! No need to do a route leak. Bgp on vrf is working as well as in 'normal' mode, just a 'show' command looks a slight different.