Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1247
Views
0
Helpful
1
Replies

VRF - Import Map Not Working - Nexus 9k

Fazal E Rasool Khan
Level 1
Level 1

‎01-19-2017 08:50 AM - edited ‎03-08-2019 08:59 AM

Hello Everyone, 

I am trying to filtering in VRF using import map on nexus 9000 switch. First i tried on catalyst switch and it worked perfectly but same concept not working on nexus. NX-OS version is 7.2

In switch two VRF's are created GEN_SERVER & IPT_SERVER. i am doing import and export using rt between this vrf. 

But IPT_SERVER VRF has two subnet but i want to import only 1 subnet into GEN_SERVERS VRF. Below config is not working for this purpose.

vrf context GEN_SERVERS
address-family ipv4 unicast
import map GEN_SRV
!
route-map GEN_SRV permit 10
match ip address 10
!
ip access-list 10
10 deny ip 10.18.244.0/24 10.18.190.0/24
20 deny ip 10.18.190.0/24 10.18.244.0/24
30 permit ip any any

Below is full configuration for two VRF's

vrf context GEN_SERVERS
rd 65111:212
address-family ipv4 unicast
route-target import 65111:201
route-target import 65111:212
route-target export 65111:212
import map GEN_SRV
!
vrf context IPT_SERVERS
rd 65111:201
address-family ipv4 unicast
route-target import 65111:201
route-target import 65111:212
route-target export 65111:201
!
vlan 30
vlan 990
vlan 983
!
interface Vlan30
no shutdown
vrf member IPT_SERVERS
ip address 192.168.30.251/24
ip router ospf 1 area 0.0.0.0
hsrp version 2
hsrp 30
preempt
priority 110
ip 192.168.30.254
!
interface Vlan983
no shutdown
vrf member IPT_SERVERS
no ip redirects
ip address 10.18.244.251/24
ip router ospf 1 area 0.0.0.0
hsrp version 2
hsrp 983
preempt
priority 110
ip 10.18.244.254
!
interface Vlan990
no shutdown
vrf member GEN_SERVERS
no ip redirects
ip address 10.18.190.251/24
ip router ospf 1 area 0.0.0.0
hsrp version 2
hsrp 990
preempt
priority 110
ip 10.18.190.254
!
router bgp 1
vrf GEN_SERVERS
address-family ipv4 unicast
redistribute direct route-map vpn-route-leaking
vrf IPT_SERVERS
address-family ipv4 unicast
redistribute direct route-map vpn-route-leaking
!

show version output

Software
BIOS: version 07.45
NXOS: version 7.0(3)I4(2)
BIOS compile time: 12/04/2015
NXOS image file is: bootflash:///nxos.7.0.3.I4.2.bin
NXOS compile time: 7/21/2016 8:00:00 [07/21/2016 16:09:32]

Kindly advise what could be the problem with this

Labels:
0 Helpful
1 Reply 1

Fazal E Rasool Khan
Level 1
Level 1

‎01-20-2017 08:33 AM

Any advise for the above from experts Please. 

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card