Having 'ip vrf sitemap <route-map>' applied to an interface?

Answered Question
Mar 18th, 2009

Hi,

What exactly does this command do when added to an interface..?

Thank you in advance

MS

I have this problem too.
0 votes
Correct Answer by Giuseppe Larosa about 7 years 8 months ago

Hello Mehboob,

I was meaning the

ip vrf sitemap TELECOM

comand not the the PBR.

Sorry for the confusion!

Your further findings confirm the need for PBR

Hope to help

Giuseppe

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
Loading.
Giuseppe Larosa Wed, 03/18/2009 - 07:04

Hello Mehboob,

according to MPLS command reference it allows to set the extended BGP community of type Site of Origin

see

http://www.cisco.com/en/US/docs/ios/mpls/command/reference/mp_e1.html#wp1015238

The SoO extended community is a BGP extended community attribute that is used to identify routes that have originated from a site so that the re-advertisement of that prefix back to the source site can be prevented. The SoO extended community attribute uniquely identifies the site from which a PE router has learned a route.

It can be useful for VPN sites that are multihomed to avoid unwanted route reinjection.

Hope to help

Giuseppe

mvsheik123 Wed, 03/18/2009 - 07:29

Thank you Giuseppe . Our infrastructure used to have a satellite office having a router interface set up with ebgp (pvt AS#) via VPN tunnel (via DSL line), but when Iam going thru the setup (for my knowledge) I do not see the all the recomended steps from Cisco docs. below are the configs, don't carrier is involved to do anyuthing...

Going thru below, I think only policy routing isused than the VRF/SoO. Any suggestions..?

******************************

interface FastEthernet0/1

Description:INSIDE

ip vrf sitemap TELECOM

ip address 10.129.25.2 255.255.255.0

ip virtual-reassembly

ip policy route-map TELECOM

!

!

interface Serial0/3/0:0

description RCN: T1 to HQ

dampening 30 2000 300 10

ip vrf sitemap TELECOM

ip address 10.129.10.2 255.255.255.0

!

router bgp 65129

bgp log-neighbor-changes

neighbor 192.168.100.2 remote-as 65529

neighbor 192.168.100.2 ebgp-multihop 4

neighbor 192.168.100.2 timers 20 60

!

address-family ipv4

neighbor 192.168.100.2 activate

neighbor 192.168.100.2 next-hop-self

neighbor 192.168.100.2 soft-reconfiguration inbound

no auto-summary

synchronization

bgp dampening 45

network 10.129.25.0 mask 255.255.255.0

network 10.129.100.0 mask 255.255.255.0

exit-address-family

!

route-map BGP-Dampening permit 10

match ip address 25 BGP-Dampening

!

route-map TELECOM permit 150

match ip address 150

match policy-list TELECOM

set ip next-hop 10.129.10.1

!

ip policy-list TELECOM permit

match ip address 150 TELECOM

!

access-list 150 permit ip 10.129.150.0 0.0.0.255 10.40.101.0 0.0.0.255

access-list 150 permit ip 10.129.150.0 0.0.0.255 10.40.102.0 0.0.0.255

access-list 150 permit ip 10.129.150.0 0.0.0.255 10.40.103.0 0.0.0.255

!

access-list 25 remark BGP-Dampening

access-list 25 permit 192.168.100.0 0.0.0.255

!

*********************************

Thank you

MS

Giuseppe Larosa Wed, 03/18/2009 - 07:45

Hello Mehboob,

I agree the route-map TELECOM is used for PBR.

the other command

ip vrf sitemap TELECOM

should be not effective: based on the example in commad reference it should be used if the route-map would set soo not next-hop

probably someone tried to use it and he/she dindn't remove the command

What happens if you remove it ?

Hope to help

Giuseppe

mvsheik123 Wed, 03/18/2009 - 08:50

Thanks again Giuseppe. This config added to force the data (10.129.100.0/25.0)traffic to go via VPN than T1 and automatic failover to T1 incase of vpn tunnel (internet)goes down. The site is decoed and iam reviewing the configs just to get idea of what of it.

So with out vrf commands as well,

1. the traffic from subnets: 10.129.100.0/25.0 will pass via the VPN tunnel due to the reason EBGP advertising and other protocol OSPF is having higher admin distance and

2. The TELECOM subnet 10.129.150.0 always being forced via the

10.129.10.1 due to policy map.

But as the the advertised subnets via BGP is not included 10.129.150.0, always OSPF learned path via T1 (via 10.129.10.1) is prefereed and in case if the T1 goes down all the traffic should follow unknown route path (to internet and via VPN).

So in this case Iam not sure if the policy map is really needed as BGP take over for only couple of subnets.

is My understanding is correct..?

Thank you

MS

Thank you

mvsheik123 Wed, 03/18/2009 - 09:44

apologies.. spoke too early. Reviewed the configs further and observed that this router does not have 10.129.150.0 subnet for OSPF..

************************

router ospf 100

router-id 10.129.222.1

log-adjacency-changes

passive-interface FastEthernet0/0

network 10.129.10.0 0.0.0.3 area 0.0.0.11

network 10.129.25.0 0.0.0.255 area 0.0.0.11

network 10.129.222.0 0.0.0.255 area 0.0.0.11

distance ospf external 220

***************************

Not sure why not added but looks like policy map is needed to force the traffic.

TIA

MS

Correct Answer
Giuseppe Larosa Wed, 03/18/2009 - 11:33

Hello Mehboob,

I was meaning the

ip vrf sitemap TELECOM

comand not the the PBR.

Sorry for the confusion!

Your further findings confirm the need for PBR

Hope to help

Giuseppe

mvsheik123 Wed, 03/18/2009 - 11:44

Nope..Looks like I confused you.. Thank you for your time in this.

MS

Actions

This Discussion