Re: VRF Default Gateway missing

Thomas Johnston · ‎10-30-2018

I'm testing some things out in VIRL and having some issues. I'm not a routing expert and am just getting started with VRFs. My issue is I cannot get the VRF default route to populate no matter what I'm doing. I do plan on putting this into place in production eventually.

In my simple test setup I have 2 IOSvL2 switches (which allow VRF) connected together with a /24 network. I can ping between them. I then have a test VLAN and VRF setup. I put a route in to VRF from Switch 1 to switch 2 over the shared link.

I know this is something stupid easy to figure out...

Switch 1

!
ip vrf Guest
 description Guest VLANs
!
!
interface GigabitEthernet0/1
 description to Switch-2
 no switchport
 ip address 192.168.1.1 255.255.255.0
 negotiation auto
!
!
interface GigabitEthernet0/2
 description (to unmanaged switch to get vlan up)
 switchport access vlan 321
 switchport mode access
 media-type rj45
 negotiation auto
!
!
interface Vlan321
 description Guest Test
 ip vrf forwarding Guest
 ip address 192.168.2.1 255.255.255.0
 no ip redirects
 no ip unreachables
 no ip proxy-arp
!
!
ip route 0.0.0.0 0.0.0.0 192.168.1.2
ip route vrf Guest 0.0.0.0 0.0.0.0 192.168.1.2
!
!
switch-1#sh ip route vrf Guest

Routing Table: Guest
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set <--------WHY?

      192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.2.0/24 is directly connected, Vlan321
L        192.168.2.1/32 is directly connected, Vlan321

switch-1#show int vlan321
Vlan321 is up, line protocol is up 
 Hardware is Ethernet SVI, address is 5e00.0000.8141 (bia 5e00.0000.8141)
 Description: Guest Test

Switch 2

!
interface GigabitEthernet0/1
 no switchport
 ip address 192.168.1.2 255.255.255.0
 negotiation auto
!
switch-2#ping 192.168.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 192.168.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 3/5/9 ms
switch-2#

Why isn't the VRF populating a default gateway in the system?

Thanks for any help!

paul driver · ‎10-30-2018

Hello

try adding global to the end of the default vrf route

Ip vrf Guest 0.0.0.0 0.0.0.0 192.168.1.2 global

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Thomas Johnston · ‎10-31-2018

Unforuntly that did not work for me. Same end results.

switch-1#show ip route vrf Guest

Routing Table: Guest
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
       a - application route
       + - replicated route, % - next hop override

Gateway of last resort is not set

      192.168.2.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.2.0/24 is directly connected, Vlan321
L        192.168.2.1/32 is directly connected, Vlan321

paul driver · ‎10-31-2018

Hello

That should populate your vrf Guest rib - wondering if this is VIRL related?

Is that svi up?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Harold Ritter · ‎10-31-2018

The command Paul suggested should be:

ip route vrf Guest 0.0.0.0 0.0.0.0 192.168.1.2 global

Bear in mind that you will need a route in the other direction, as traffic coming back will require a lookup in the global routing table.

ip route 192.168.2.0 255.255.255.0 vlan321

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

paul driver · ‎11-01-2018

Hello harold

@Harold Ritter wrote:

The command Paul suggested should be:

ip route vrf Guest 0.0.0.0 0.0.0.0 192.168.1.2 global

Bear in mind that you will need a route in the other direction, as traffic coming back will require a lookup in the global routing table.

ip route 192.168.2.0 255.255.255.0 vlan321

This would be for the return traffic to know how to reach the vrf network, but it shouldn't be needed to populate the vrf rib with a default route should it?

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

paul driver · ‎11-01-2018

Hello

For my own sanity --

test#sh run | sec ip route
ip route vrf stan 0.0.0.0 0.0.0.0 10.1.12.2 global

test#sh ip route static

test#sh ip route vrf stan static
S*   0.0.0.0/0 [1/0] via 10.1.12.2

test#sh ip route vrf stan | b Ga
Gateway of last resort is 10.1.12.2 to network 0.0.0.0
     10.0.0.0/24 is subnetted, 1 subnets
C       10.1.13.0 is directly connected, FastEthernet0/1
S*   0.0.0.0/0 [1/0] via 10.1.12.2

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Harold Ritter · ‎11-01-2018

Hi Paul,

That is correct.

I was just stating that this would be needed for a complete solution.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

a.alekseev · ‎10-31-2018

!
ip vrf Guest
 rd 1:1
!

Harold Ritter · ‎10-31-2018

There is no need for a route distinguisher in a VRF lite scenario.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México