Hey Masoud thanks for replying back. I guess that is what I am not sure of, would you need to run MP-BGP on both swithces and form a neighbor relationship between the two switches? Or will you run a single seperate BGP instance on each switch?

Hello,

I suppose you do not have any IGP between two switches.

If you need to just leak interfaces IPs into VRF, two stand alone BGPs on both switches work.

Masoud

Would it be better to run an IGP like OSPF between the switches with seperate MP-BGP instances on each switch? Or would the seperate BGP instances as the only dynamic protocol be better?

It depends on your topology and your need. In MPLS VPN,  BGP is usuallly configured on a network which is already converged by IGP. What is the reason of leaking routes between two VRFs? Are you just leaking interfece IPs ?

What do you use those VRFs for?

Masoud

Hey Masoud thanks for the reply back, the purpose of this design is to terminte different customers in seperate VRFs, but give them all access to a shared common VRF. So for instance three different customers in there own seperate VRFs are isolated, but then  can all access a shared VRF where a data backup solution will reside.

I therefore need the ability to route from the customer VRFs to the shared VRF, keep the different customer VRFs isolated from each other, and also allow the shared VRF to be able to reach any of the customer VRFs.

Since we want a redundant solution we will have two switches (for example two 5600 switches) and each customer will have a vlan with a SVI running HSRP and that customer will be assigned their own VRF. So with a design using HSRP aware VRFs I was confused on how to implement the best way to leak routes between the VRFs and the second part is how do you deal with route leaking with two switches?

The span of VRF is only between two 6500s or 6500s are going to be PE and then you have P router? Shared resources will be in a VRF in 6500 or they are in another router? Sketch of network topology would be helpful.

Masoud

Hey Masoud sorry about the delay, but I found the answer to my problem. We decided to use a VSS pair of switches with the 2T Sups. Using VSS allowed me to have the same control plane shared across both switches where I can create all my VRFs. It was easy then to just do the route leaking using BGP based on your recommendation.

To add to my last comment, it seems from what I researched MP-BGP is best to leak routes using import / export route maps and maybe a neighboe peering is needed between the switches so both have the same route tables (VRF or global). I appreciate you taking the time to answer my questions on this also. Thoughts on the neighbor peering?

Adding to my previous comment.

Let me give you one example.

IGP is used in MPLS VPN for global routing table advertisement. Because BGP neighbor IP must be known. If the network is small, static route can be configured on routers for BGP reachability.

Suppose you configure an static route in VRF A on R1 in my previous example.

Ip route VRF A x.x.x.x x.x.x.x nexthop

Then If you configure ,

address-family ipv4 vrf A
 redistribute connected

redistribute static

That static route will be sit in both VRF A and B on R1; however, it does not propagate to R2.

If you need that static route to propagate to R2 as well, you need to have BGP neighborship between two routers.

Hope it helps,

Masoud