cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
321
Views
10
Helpful
6
Replies

VRF export with nexthop filter

pat.boehm
Beginner
Beginner

Hi guys,

I try to attach an extended community to a prefix selected by its

next-hop

While this works perfectly with a

route-map

attached to a BGP neighbor, when trying to use it as an export map the router attaches the extended community to all prefixes in his BGP table. And thus the other vrf imports all of them.
As you can see in the attachment I tried it with a

nexthop-prefix-list

a

nexthop-access-list

and plain prefix-list to confirm.

Has anybody else had this problem and knows why it does not work? I know I could write a prefix-list with the prefixes themeselves instead of the next hop ip's. But this is a reallife problem with a growing list of static routes to be exported. So I'd like to avoid listing them all again. I could also set the ext community with the

 route-map

at every route. But still I'm curious why I can't use this more elegant solution.

Many thanks,
Patrick

1 Accepted Solution

Accepted Solutions

Harold Ritter
Cisco Employee
Cisco Employee

Hi @pat.boehm ,

The only match condition supported in the context of the

export map

is "match ip address", hence the results you are seeing.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

View solution in original post

6 Replies 6

Harold Ritter
Cisco Employee
Cisco Employee

Hi @pat.boehm ,

The only match condition supported in the context of the

export map

is "match ip address", hence the results you are seeing.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

Hi Harold,

thanks for the quick reply. That's what I thought. But it was just a feeling. I couldn't find that restriction anywhere in the documentation. Where could I have found that information?

many thanks again,
Patrick

Hi @pat.boehm ,

I could find it in the IOS documentation either. I will report it to our documentation team.

Regards,

Harold Ritter
Sr Technical Leader
CCIE 4168 (R&S, SP)
harold@cisco.com
México móvil: +52 1 55 8312 4915
Cisco México
Paseo de la Reforma 222
Piso 19
Cuauhtémoc, Juárez
Ciudad de México, 06600
México

I will check export map match and set.

solution I just think about, 
first any prefix from specific neighbor will get special community, 
then 
using

export-map

instead match

next-hop

we will match community. 
but I need time to do lab. 
tonight is football match of Portugal, after it I will do lab and update you in both case if I success and if not. 

 

I do lab and success 

i use community to tag any prefix from R2 and using

import-map

match this community to deny prefix.
please check below photo
Screenshot (45).pngScreenshot (46).png

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers