cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2123
Views
0
Helpful
8
Replies

VRF import/export single host/address via MP-BGP

Mohammed Islam
Level 1
Level 1

Hi everyone,

Excuse my ignorance, but I am pretty new to MP-BGP and VRF technology.

My question is very simple, I am attempting to import a single host address from one VRF into another via MP-BGP.

I understand route-maps are used for granular filtering, however I have tried this using standard ACL, extended ACL and prefix list and it does not seems to work.  However when I try importing/exporting the whole subnet the communication works as expected from one VRF into the other.  Am I missing a trick?!  Sample configs can be posted if required but is there a restriction in how BGP imports/exports?

Your help is very much appreciated.

8 Replies 8

Peter Paluch
Cisco Employee
Cisco Employee

Hi Mohammed,

When you try to import a single host address, is that host address present as a standalone /32 route in the source VRF? To my best knowledge, you can only import entire routing table entries, not their parts or subnets. If the host address you are trying to import is not present as a routing table entry in the source VRF then I do not believe you can import it.

Best regards,

Peter

Harold Ritter
Level 12
Level 12

Hi Mohammed,

The import map is used to further refine the filtering of prefixes that have already been imported into a VRF, therefore it will only work if the route has already been imported using the "route-target import" statement under the specific VRF.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Thanks for the speedy responses!

So Harold, what I have understood from your reply is I would need to provide two seperate imports for the respective VRF.  One import for the whole subnet and than another one to further filter the host I want and that would 'restrict' to the single host.  Is that correct?

Mohammed,

Let me clarify a bit. Let's say you have a host route (a.a.a.a/32) in VRF A that you want to import in VRF B and that the "route-target export" statement for VRF A is configured for 1:1. For this host route to be imported in VRF B, "route-target import 1:1" would first need to be configured under "ip vrf B". In addition, you can configure an "import map" to further filter which routes, that have already been imported from VRF A, will actually be installed in VRF B routing table. Bear in mind that without the "import map" all routes with a route-target of 1:1 will be imported and installed in VRF B routing table.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Got you.

My only next issue would be there is no host route of /32.  My setup is as follows:-

PE device < export from here where the subnet/host reside

|

|

P Device

|

|

PE Device < import into here where other VRF needs access

How would this be best achievable?

Many thanks in advance.

Mohammed,

The host route was just an example. The same could apply to any route with any mask. Obviously, you can only import route/mask combinations that exist in the source VRF.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Once again thanks for the quick response.

Finally, if a route of /24 exists in the source VRF can the filtering/restriction be achieved to a single host by 'double imports' like you explained earlier?

Mohammed,

No, the import process does not generate new route/mask combinations. A route/mask combination can only be imported if it exists in the source VRF.

Regards

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México
Review Cisco Networking for a $25 gift card