VRF / Route Leaking / BGP Administrative distance / 6500

Surya ARBY · ‎12-18-2012

Hello all.

Another issue with BGP administrative distance

I have two VRFs; a few connected VLANs interfaces and a BGP process to leak routes between these VRFs. Everything works fine.

Now I want to change the administrative distance of BGP in order to get a leaked route only of the route is not natively learnt through an IGP; the "leaking" is only used as a backup path.

Hardware : Cat6500 / VSS / IOS 12.2(33)SXI6

ip vrf Green
 rd 65000:2
 route-target export 65000:2
 route-target import 65000:2
 route-target import 65000:3
!
ip vrf Red
 rd 65000:3
 route-target export 65000:3
 route-target import 65000:3
 route-target import 65000:2

router bgp 65000

no synchronization

bgp log-neighbor-changes

distance bgp 200 200 200

distance mbgp 199 199 199

no auto-summary

!

address-family ipv4 vrf Red

redistribute connected metric 500

no synchronization

exit-address-family

!

address-family ipv4 vrf Green

redistribute connected metric 500

no synchronization

exit-address-family

CORE-01#show ip route vrf Red
Routing Table: Red
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area 
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
     10.0.0.0/24 is subnetted, 6 subnets
B       10.0.10.0 is directly connected, 00:04:31, Vlan10
C       10.0.8.0 is directly connected, Vlan8
C       10.0.6.0 is directly connected, Vlan6
B       10.0.11.0 is directly connected, 00:03:12, Vlan11
B       10.0.9.0 is directly connected, 00:04:31, Vlan9
C       10.0.7.0 is directly connected, Vlan7

CORE-01#show ip route vrf Red 10.0.10.0

Routing entry for 10.0.10.0/24

Known via "bgp 65000", distance 20, metric 500 (connected, via interface), type external

Routing Descriptor Blocks:

* directly connected, via Vlan10

Route metric is 500, traffic share count is 1

AS Hops 0

MPLS label: none

CORE-01#show ip bgp vpnv4 all

BGP table version is 19, local router ID is 172.16.201.2

Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,

r RIB-failure, S Stale

Origin codes: i - IGP, e - EGP, ? - incomplete

Network Next Hop Metric LocPrf Weight Path

Route Distinguisher: 65000:2 (default for vrf Green)

*> 10.0.6.0/24 0.0.0.0 500 32768 ?

*> 10.0.7.0/24 0.0.0.0 500 32768 ?

*> 10.0.8.0/24 0.0.0.0 500 32768 ?

*> 10.0.9.0/24 0.0.0.0 500 32768 ?

*> 10.0.10.0/24 0.0.0.0 500 32768 ?

*> 10.0.11.0/24 0.0.0.0 500 32768 ?

Route Distinguisher: 65000:3 (default for vrf Red)

*> 10.0.6.0/24 0.0.0.0 500 32768 ?

*> 10.0.7.0/24 0.0.0.0 500 32768 ?

*> 10.0.8.0/24 0.0.0.0 500 32768 ?

*> 10.0.9.0/24 0.0.0.0 500 32768 ?

*> 10.0.10.0/24 0.0.0.0 500 32768 ?

*> 10.0.11.0/24 0.0.0.0 500 32768 ?

Surya ARBY · ‎12-19-2012

Nobody ?

Peter Paluch · ‎12-19-2012

Hello Surya,

I haven't done this before, but my immediate thought is to simply use the distance command in the appopriate BGP's address-family ipv4 section to modify the leaked route's AD to be higher than the IGP's AD. You will need to configure an ACL that describes the prefix whose AD you need to modify (like a classic distance command).

Best regards,

Peter

Surya ARBY · ‎12-19-2012

ok thank you.

I'll try

Peter Paluch · ‎12-19-2012

Hi Surya,

Sure. Do you need any assistance with configuring that?

Best regards,

Peter

David Carrasco · ‎02-26-2018

I would like some assistance as I'm having the same issue. Your method does work, however in my situation it won't work since I need to ensure that specifically leaked routes have the administrative distance changed, and not BGP in general, since I have BGP Peers that need to have their administrative distance remain default.