09-30-2017 10:51 AM - edited 03-08-2019 12:13 PM
I'm doing a Lab and it's very simple. it's just like I need to confirm some commands but I'm really getting upset.
here is my lab. I configured a vrf and a loopback interface which I apply it under the vrf. the loopback has been disappeared from the global table and it's inserted in the vrf table. so I added a static route to be able to ping the interface from the global table. Now I can see the loopback interface in the global table inserted as static but i can't ping it.
I feel there is something silly missing becasue everything seems ok and it should work. the output of my router configuratuion is shown below:
!
ip vrf HQ
rd 40:30
!
no ip domain lookup
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
!
multilink bundle-name authenticated
!
!
archive
log config
hidekeys
!
!
!
!
ip tcp synwait-time 5
!
!
!
!
interface Loopback1
ip vrf forwarding HQ
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
ip forward-protocol nd
ip route 1.1.1.1 255.255.255.255 Loopback1
!
!
no ip http server
no ip http secure-server
!
HQ#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
S 1.1.1.1 is directly connected, Loopback1
HQ#
HQ#sh ip route vrf HQ
Routing Table: HQ
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback1
HQ#
I really need someone to enlighten me with this..
Thank you ,,,
Solved! Go to Solution.
10-01-2017 12:56 AM
Hello,
odd, I am using the exact same configuration in GNS3, and ping works fine. What device is this on ? Can you try a 15.x IOS ?
Here is my config:
Current configuration : 1659 bytes
!
! Last configuration change at 00:36:19 UTC Sun Oct 1 2017
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
ip vrf HQ
rd 40:30
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
ip tcp synwait-time 5
!
interface Loopback1
ip vrf forwarding HQ
ip address 1.1.1.1 255.255.255.255
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip route 1.1.1.1 255.255.255.255 Loopback1
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end
R1#sh ip route vrf HQ
Routing Table: HQ
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback1
R1#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R1#ping vrf HQ 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
09-30-2017 11:10 AM
Hello,
odd indeed, I labbed your config in GNS3 and I can ping 1.1.1.1 just fine. Can you post the full config of your router ?
10-01-2017 12:12 AM
Hi,
Just for confirmation. I need to ping the loopback interface from the glopal table not from within the VRF. it's really annoying me.
it's very simple configuration no trick in there.
Below the full configuration with pinging results
Building configuration...
Current configuration : 1169 bytes
!
upgrade fpd auto
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HQ
!
boot-start-marker
boot-end-marker
!
logging message-counter syslog
!
no aaa new-model
ip source-route
ip cef
!
!
ip vrf HQ
rd 40:30
!
!
!
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
archive
log config
hidekeys
!
!
!
!
!
!
!
!
!
interface Loopback1
ip vrf forwarding HQ
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
no ip address
shutdown
duplex half
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
media-type rj45
negotiation auto
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
media-type rj45
negotiation auto
!
interface GigabitEthernet0/3
no ip address
shutdown
duplex auto
speed auto
media-type rj45
negotiation auto
!
ip forward-protocol nd
ip route 1.1.1.1 255.255.255.255 Loopback1
no ip http server
no ip http secure-server
!
!
!
!
!
!
!
!
!
control-plane
!
!
!
!
!
!
!
line con 0
logging synchronous
stopbits 1
line aux 0
stopbits 1
line vty 0 4
login
!
end
HQ#
HQ#sh ip route
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
S 1.1.1.1 is directly connected, Loopback1
HQ#sh ip ro
HQ#sh ip route vrf HQ
Routing Table: HQ
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback1
HQ#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
HQ#ping vrf HQ 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/4 ms
HQ#
10-01-2017 12:56 AM
Hello,
odd, I am using the exact same configuration in GNS3, and ping works fine. What device is this on ? Can you try a 15.x IOS ?
Here is my config:
Current configuration : 1659 bytes
!
! Last configuration change at 00:36:19 UTC Sun Oct 1 2017
!
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
!
hostname R1
!
boot-start-marker
boot-end-marker
!
no aaa new-model
no ip icmp rate-limit unreachable
ip cef
!
ip vrf HQ
rd 40:30
!
no ip domain lookup
no ipv6 cef
!
multilink bundle-name authenticated
!
ip tcp synwait-time 5
!
interface Loopback1
ip vrf forwarding HQ
ip address 1.1.1.1 255.255.255.255
!
ip forward-protocol nd
!
no ip http server
no ip http secure-server
ip route 1.1.1.1 255.255.255.255 Loopback1
!
control-plane
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
!
end
R1#sh ip route vrf HQ
Routing Table: HQ
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
C 1.1.1.1 is directly connected, Loopback1
R1#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/2/4 ms
R1#ping vrf HQ 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms
10-01-2017 01:01 AM
10-01-2017 01:25 AM
10-01-2017 05:04 AM
10-02-2017 01:16 AM
Hello,
quick question: is this a lab setup or a live environment ? The easiest way to get this to work is to create two OSPF VRFs and then redistribute between those. Would that be an option, or are you limited to just that one VRF ?
10-02-2017 01:41 AM - edited 10-02-2017 01:43 AM
Hi,
Actually, this is a side part of quiet long setup. I configured this small lab only for test purpose here just to confirm that it's working.
So now I'm stuck at this point and I'm scratching my head how should this work since everything seem ok. the route is injected in the second router via ospf so when pinging the packet arrive HQ router loopback interface and then I guess it's dropped there but why since the source is the exit ip interface of second router and it's already in the table as point-to-point connected route.
What am I missing?
Here is the configuration
First Router whcih having the loobpack interface as static
Current configuration : 1131 bytes
!
! Last configuration change at 00:33:48 UTC Mon Oct 2 2017
upgrade fpd auto
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname HQ
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
!
!
ip vrf HQ
rd 40:30
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
interface Loopback1
ip vrf forwarding HQ
ip address 1.1.1.1 255.255.255.255
!
interface FastEthernet0/0
ip address 10.1.1.1 255.0.0.0
duplex full
!
router ospf 1
redistribute static subnets
network 10.1.1.1 0.0.0.0 area 0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
ip route 1.1.1.1 255.255.255.255 Loopback1
!
!
!
!
control-plane
!
!
!
mgcp profile default
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
transport input all
!
!
end
HQ#
HQ#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
S 1.1.1.1 is directly connected, Loopback1
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/8 is directly connected, FastEthernet0/0
L 10.1.1.1/32 is directly connected, FastEthernet0/0
HQ#
Second Router
Current configuration : 961 bytes
!
! Last configuration change at 00:33:36 UTC Mon Oct 2 2017
upgrade fpd auto
version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname branch
!
boot-start-marker
boot-end-marker
!
!
!
no aaa new-model
no ip icmp rate-limit unreachable
!
!
!
!
!
!
no ip domain lookup
ip cef
no ipv6 cef
!
multilink bundle-name authenticated
!
!
!
!
!
!
!
!
!
!
redundancy
!
!
ip tcp synwait-time 5
!
!
!
!
!
!
!
!
!
!
interface FastEthernet0/0
ip address 10.2.2.2 255.0.0.0
duplex full
!
router ospf 1
network 10.2.2.2 0.0.0.0 area 0
!
ip forward-protocol nd
no ip http server
no ip http secure-server
!
!
!
!
!
!
control-plane
!
!
!
mgcp profile default
!
!
!
gatekeeper
shutdown
!
!
line con 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line aux 0
exec-timeout 0 0
privilege level 15
logging synchronous
stopbits 1
line vty 0 4
login
transport input all
!
!
end
branch#
branch#sh ip route
Codes: L - local, C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route, H - NHRP, l - LISP
+ - replicated route, % - next hop override
Gateway of last resort is not set
1.0.0.0/32 is subnetted, 1 subnets
O E2 1.1.1.1 [110/20] via 10.1.1.1, 00:06:38, FastEthernet0/0
10.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C 10.0.0.0/8 is directly connected, FastEthernet0/0
L 10.2.2.2/32 is directly connected, FastEthernet0/0
branch#ping 1.1.1.1
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 1.1.1.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
branch#
10-02-2017 04:49 AM - edited 10-02-2017 04:51 AM
Hello,
the only way I get this to work is with the VRF receive feature. Add the two lines in bold to the FastEthernet0/0 configuration on the first router:
interface FastEthernet0/0
ip address 10.1.1.1 255.0.0.0
ip vrf select source
ip vrf receive HQ
duplex full
Depending on your IOS version, your router may or may not support this command. You also can remove the 'redistribute static suubnets' from your OSPF process, as this is not needed anymore...
10-02-2017 05:44 AM
10-02-2017 07:28 AM
Actually, I am doing this in GNS3. I am using the 7200 router and the image below:
R1#sh ver
Cisco IOS Software, 7200 Software (C7200-ADVIPSERVICESK9-M), Version 15.2(4)S5, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2014 by Cisco Systems, Inc.
Compiled Thu 20-Feb-14 06:51 by prod_rel_team
ROM: ROMMON Emulation Microcode
BOOTLDR: 7200 Software (C7200-ADVIPSERVICESK9-M), Version 15.2(4)S5, RELEASE SOFTWARE (fc1)
10-05-2017 01:31 AM
04-12-2018 07:39 AM
Hi Asemmoqbel
As you already know, routing happens on per-hop basis. Hence, for ping to work, each hop, need to know how to forward query and how to return the response.
So, from branch router, you are able to send query to HQ router and then to HQ VRF. But HQ VRF, doesn't have route to return the query. If you remove "ip route vrf HQ 10.0.0.0 255.0.0.0 10.2.2.2.2 global" and do "sh ip route vrf HQ 10.0.0.0", you will get nothing.
Hence adding "ip route vrf HQ 10.0.0.0 255.0.0.0 10.2.2.2.2 global" completes the return path for ICMP query.
HTH.
Regards
Bharat
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide