cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2050
Views
0
Helpful
12
Replies

route leaking between global table and vrf in the same router

mathieu.ploton
Level 1
Level 1

Hi,

In my PE, i would like to access a computer 10.50.0.1 in vrf A from the global routing table.

I have this configuration :

int loopback0

ip address 10.0.0.1 255.255.255.255

int vlan 1

ip vrf forwarding A

ip route 10.50.0.1 255.255.255.255 Vlan1

ip route vrf A 10.0.0.1 255.255.255.255 loopback 0 10.0.0.1

ping 10.0.0.1 = 100%!!

ping vrf A 10.0.0.1 = 0%

ping 10.50.0.1 = 0%!!

ping vrf A 10.50.0.1 = 100%!!

sh ip route 10.50.0.1

Routing entry for 10.50.0.1/32

Known via "static", distance 1, metric 0 (connected)

Redistributing via ospf 1

Advertised by ospf 1 metric 20000 metric-type 1 subnets

Routing Descriptor Blocks:

* directly connected, via Vlan1

Route metric is 0, traffic share count is 1

sh ip route vrf Intranet 10.0.0.1

Routing entry for 10.0.0.1/32

Known via "static", distance 1, metric 0

Redistributing via bgp 65000

Advertised by bgp 65000

Routing Descriptor Blocks:

* 10.0.0.1, via Loopback0

Route metric is 0, traffic share count is 1

Did i miss something ?

12 Replies 12

lee.reade
Level 4
Level 4

Hi,

Since the next hop of the vrf static route is the global routing table and not the vrf routing table, then this next hop wont resolve, you need to put the global keyword on the static route, ie;

ip route vrf A 10.0.0.1 255.255.255.255 loopback 0 10.0.0.1 global

Let me know if this works.

Cheers,

LR

When i try to add global to my command line, i have the error : invalid next hop adress (it's this router), how can i avoid this issue ?

Thank you again !

shivlu jain
Level 5
Level 5

When ever you want to access the routes except the vrf table then at the end of the route use the global keyword; by addding the global keyword we catually tell the router if it is not able to find the toute in the vrf table thn please search in the global routing table.

regards

shivlu

If you check the document you sent me (and that i had already seen in the cisco website), they never add the global keyword, do you know why ?

Hi,

What is it that you are trying to achieve by this? Just access to the loopback0 interface?

Can you try this instead,

ip route vrf A 10.0.0.1 255.255.255.255 loopback 0 global

Let me know,

Cheers,

LR

Ok it's working if I use another router as the next hop, now i'm trying to do the same with multicast adress. My computer is my broadcast system.

From the global routing table, i want to be able to subscripe to multicast streams from the broadcast system in the vrf A.

You want to be able to subscribe to multicast sources that are in the VRF, from the global routing table?

Hmm, ive never seen that done, so cant comment on whether or not it would work, but in theory I 'spose is should!

Cheers,

LR

Yep i would like,

So I need to use mroute to do that ?

Well wouldnt need mroutes, since you have statics in place and the traffic would come from where the statics point to.

However, I am not sure about the mcast state information, because you would be crossing a boundary, from vrf-global etc.

Where are the clients that wish to receive the mcast flows? Can they not be put into another vrf? If so things would be much easier and we could config mVPN.

Maybe Harold Ritter (from Cisco) could comment on getting mcast from a vrf into the global table?? Is it possible etc?

Cheers,

LR

Actually we want to avoid multicast into mpls vpn because we have a 2800 as a PE and it crashed when we activate multicast routing on VPN. So we setup a second router (not MPLS) so it can only get the global routing table and the clients are behind this router.

So now from a client desktop i can ping my broadcast station but not recieve a multicast stream, seem that i need to add something again...

I really cant see it working natively, ie from vrf into global table, i think you may need to config a GRE tunnel from the secondary router to the PE VRF interface and then run pim across it.

This will transport it across the core without the need for mcast in the core.

This should work,

Cheers,

LR

secondary router

int tu0

ip unn loopback0 (where loopback0 is reachabel from remote vrf, using the static route with global keyword)

tun source loopback0

tun destination REMOTE PE Loopback (this is also static on remote PE and redistributed into core IGP)

ip pim dense

IP MROUTE 0.0.0.0 0.0.0.0 tu 0

remote VRF PE router

int tu0

ip unn loopbac0

tun so loopback0

tun des REMOTE secondary LOOPBACK

IP PIM DENSE

Ok thank you again ! I can see it's quite a tricky configuration. I should probably retry to make multicast working through MPLS, it's the easiest way. Dun know why my 2800 crash in that case !

Thank you all !

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: