Hi, Do you have IP

paul amaral · ‎03-30-2015

Hi I'm trying to figure out how to propagate VRF routes between two routers and I'm hoping someone can clue me in.

I have two routers directly connected via IGP(ospf/eigrp) and iBGP. I have one interface per router as a member of a VRF and im having problems import/exporting routes from one VRF to another.

R1:

interface Vlan204
ip vrf forwarding VRF1
ip address x.x.x.x 255.255.255.252
end

sh ip vrf
Name                             Default RD          Interfaces
VRF1                10271:100           Vl203
                                                       Vl204

VRF Table ID = 4
Export VPN route-target communities
RT:xx271:110
Import VPN route-target communities
RT:xx271:100

--------------------------------------------------------------------------------

R2:

interface Vlan305
ip vrf VRF1
ip address x.x.x.x 255.255.255.252
end

sh ip vrf
Name Default RD Interfaces
VRF1 10271:110 Vl305

VRF Table ID = 4
Export VPN route-target communities
RT:xx271:100
Import VPN route-target communities
RT:xx271:110

------------------------------------------------------------------------------

At this point all is working, connected routes appear in the correct VRF instance on each router, my problem is how to I get R1 VRF to share its routes with R2 VRF and vice versa.

I tried using iBGP since i already have it running but it didnt work, I had the following on both routers.

address-family ipv4 vrf VRF1

redistribute connected

no synchronization

exit-address-family

how can i pass routes from one VRF to another with two directly connected routers?

also for internet connectivity i have one bgp upstream on each router do i have to inject a default route for each VRF or can it use my global routing table to make a decision on which bgp peer to use ?

thanks paul

dangleminh · ‎03-30-2015

Hi,

Do you have IP reachability between Vlan204 R1 & Vlan305 R2?

1) If yes, you can use any protocol as said to exchange the routes.

2) If no, fix the connectivity first and go back to step 1.

paul amaral · ‎03-31-2015

I was going about this wrong. I fixed the issue by running VRF ospf to exchange routes between routers on the corresponding VRF.

BGP without neighbor statements is relevant on the local router only and is used to leak routes from one VRF to another via BGP to leak routes. BGP uses the RT, route target VRF configuration to do this.

after creating the VRF i ran ospf to redistribute routes from one router to another on the same VRF

router ospf 100 VRF
router-id 100.100.100.1
log-adjacency-changes
redistribute connected subnets
redistribute static subnets
network 100.100.100.0 0.0.0.3 area 0
default-information originate always

interface Tunnel100
description IGP route distribution for VRF
ip vrf forwarding VRF
ip address 100.100.100.1 255.255.255.252
ip ospf network point-to-point
load-interval 30
tunnel source x.x.x.225
tunnel destination x.x.x.226
tunnel path-mtu-discovery
end

To add internet connectivity you can add a static route with the global keyword.

ip route vrf VRF 0.0.0.0.0 0.0.0.0. X.X.X.X global

note that you need static routes on your global table pointing to the ip you want to have internet access.

interface Vlan305
ip vrf forwarding VRF
ip address x.x.x.81 255.255.255.252

add

ip route x.x.x.80 255.255.255.252 vlan 305.

so when packets come back form the internet they know how to get to the ip that is part of the VRF. Remember anything on the VRF is hiding from the global routing table you need to add static routes for VRF ips to pass traffic between global and VRF.

thanks, P

VRF lite