01-23-2013 03:00 AM
Hello.
Trying to route traffic from vrf to global (at 7600 this possible).
Trying to route traffic between:
RP/0/RSP1/CPU0:zip#sh run int tenGigE 0/0/0/0.173
Wed Jan 23 18:49:55.235 UTC
interface TenGigE0/0/0/0.173
vrf kappa
ipv4 address 10.0.0.2 255.255.255.252
encapsulation dot1q 173
!
RP/0/RSP1/CPU0:zip#sh run int tenGigE 0/0/0/0.5
Wed Jan 23 18:50:02.285 UTC
interface TenGigE0/0/0/0.5
ipv4 address 8.8.8.1 255.255.255.0
encapsulation dot1q 5
!
Have this loopbacks:
RP/0/RSP1/CPU0:zip#sh run int loopback 0
Wed Jan 23 18:50:38.665 UTC
interface Loopback0
ipv4 address 17.17.191.6 255.255.255.255
!
RP/0/RSP1/CPU0:zip#sh run int loopback 1
Wed Jan 23 18:50:39.795 UTC
interface Loopback1
vrf kappa
ipv4 address 17.17.191.7 255.255.255.255
!
Add static routes:
RP/0/RSP1/CPU0:zip#sh run router static
Wed Jan 23 18:52:36.308 UTC
router static
address-family ipv4 unicast
10.0.0.0/30 vrf kappa Loopback1
!
vrf kappa
address-family ipv4 unicast
0.0.0.0/0 vrf default Loopback0
!
!
!
And view routes:
RP/0/RSP1/CPU0:zip#sh route
Wed Jan 23 18:52:26.039 UTC
Codes: C - connected, S - static, R - RIP, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
U - per-user static route, o - ODR, L - local, G - DAGR
A - access/subscriber, - FRR Backup path
Gateway of last resort is not set
L 2.2.2.2/32 is directly connected, 2d00h, Loopback100
C 8.8.8.0/24 is directly connected, 04:03:47, TenGigE0/0/0/0.5
L 8.8.8.1/32 is directly connected, 04:03:47, TenGigE0/0/0/0.5
S 10.0.0.0/30 is directly connected, 00:00:37, Loopback1 (nexthop in vrf kappa)
L 17.17.191.6/32 is directly connected, 04:41:28, Loopback0
RP/0/RSP1/CPU0:zip#sh route vrf kappa
Wed Jan 23 18:52:29.031 UTC
Codes: C - connected, S - static, R - RIP, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2, E - EGP
i - ISIS, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, su - IS-IS summary null, * - candidate default
U - per-user static route, o - ODR, L - local, G - DAGR
A - access/subscriber, - FRR Backup path
Gateway of last resort is 0.0.0.0 to network 0.0.0.0
S* 0.0.0.0/0 is directly connected, 00:00:05, Loopback0 (nexthop in vrf default)
C 10.0.0.0/30 is directly connected, 04:45:11, TenGigE0/0/0/0.173
L 10.0.0.2/32 is directly connected, 04:45:11, TenGigE0/0/0/0.173
L 17.17.191.7/32 is directly connected, 02:32:56, Loopback1
But this doesn't work:
RP/0/RSP1/CPU0:zip#ping vrf kappa 8.8.8.1
Wed Jan 23 18:54:01.004 UTC
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 8.8.8.1, timeout is 2 seconds:
.....
Success rate is 0 percent (0/5)
01-23-2013 04:14 AM
hi Stanislav,
Afaik that feature is coming in the 4.3.1 It's called "Interafi import (global import) feature" Release.
Details as follows:
Configuration CLI: The following two new CLIs are defined.
The user can configure following under global VRF config to enable importing default-VRF routes to VRF foo.
import from default-vrf route-policy
Example:
vrf foo
address-family ipv4 unicast
import from default-vrf route-policy mypolicyimport
(ii) The user can configure following under global VRF config to enable exporting VRF foo routes into the default-VRF table.
export to default-vrf route-policy
Example:
vrf foo
address-family ipv4 unicast
export to default-vrf route-policy mypolicyexport
These above configurations are per address-family (ipv4 unicast and ipv6 unicast). The new config coexists with the existing VPN import config based on route-targets and route-policy.
Example: When all import/export configurations are enabled:
vrf foo
address-family ipv4 unicast
import route-policy myvpnimportpolicy
import from default-vrf route-policy passall
import route-target
1:1
2:2
!
export route-policy myvpnexportpolicy
export to default-vrf route-policy passall
export route-target
2:2
4:4
5:1
!
!
!
end
regards,
David
01-29-2013 09:19 AM
Hi David,
i've been looking for a similar solution and this appears to be what we've been looking for.
So if i'm to understand correctly what you've said, this way we'll be able to "automate" the import/export of routes
from vrf->global and vice versa, correct?
Could we then apply the same logic to a hub and spoke internet access vpn, where we have the VPN_to_Internet hub vrf that
will eventually leak/export customer VPN routes to default-vrf and import only 0/0 (default route)? This way we can "automate" even more export of customer routes to the global table, and for all customer VPNs with internet access, only use standard import/export or RTs with this hub vrf?
Regards
Themis
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: