Complex VPN configuration before configuring BGP: ================================================= ! ip vrf a rd 1:1 route-target export 1:1 route-target import 1:1 route-target import 2:2 route-target import 3:3 ! ip vrf b rd 2:2 route-target export 2:2 route-target import 2:2 route-target import 1:1 ! ip vrf c rd 3:3 route-target export 3:3 route-target import 3:3 route-target import 1:1 ! interface Loopback1 ip vrf forwarding a ip address 1.1.1.1 255.255.255.255 ! interface Loopback2 ip vrf forwarding b ip address 2.2.2.2 255.255.255.255 ! interface Loopback3 ip vrf forwarding c ip address 3.3.3.3 255.255.255.255 ip route vrf a 10.10.10.0 255.255.255.0 Null0 ip route vrf b 20.20.20.0 255.255.255.0 Null0 ip route vrf c 30.30.30.0 255.255.255.0 Null0 R5(config)#do sh ip route vrf a Routing Table: a Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback1 10.0.0.0/24 is subnetted, 1 subnets S 10.10.10.0 is directly connected, Null0 R5(config)#do sh ip route vrf b Routing Table: b Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 2.0.0.0/32 is subnetted, 1 subnets C 2.2.2.2 is directly connected, Loopback2 20.0.0.0/24 is subnetted, 1 subnets S 20.20.20.0 is directly connected, Null0 R5(config)#do sh ip route vrf c Routing Table: c Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 3.0.0.0/32 is subnetted, 1 subnets C 3.3.3.3 is directly connected, Loopback3 30.0.0.0/24 is subnetted, 1 subnets S 30.30.30.0 is directly connected, Null0 Complex VPN Configuration with BGP: =================================== To achieve route leaking between VRFs using the import functionality of route-target, we must enable BGP on the router (a BGP neighbor is not required, it'll work even if no neighbor is configured at all), and redistribute connected and static under the address-families as illustrated below: router bgp 1 no synchronization bgp log-neighbor-changes no auto-summary ! address-family ipv4 vrf c redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf b redistribute connected redistribute static no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf a redistribute connected redistribute static no auto-summary no synchronization exit-address-family This can be also done via network commands under the address-families rather than redistribution (the only difference is that now the origin of the routes is going to be "i" IGP rather than "?" incomplete): router bgp 1 no synchronization bgp log-neighbor-changes no auto-summary ! address-family ipv4 vrf c network 3.3.3.3 mask 255.255.255.255 network 30.30.30.0 mask 255.255.255.0 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf b network 2.2.2.2 mask 255.255.255.255 network 20.20.20.0 mask 255.255.255.0 no auto-summary no synchronization exit-address-family ! address-family ipv4 vrf a network 1.1.1.1 mask 255.255.255.255 network 10.10.10.0 mask 255.255.255.0 no auto-summary no synchronization exit-address-family Show commands output in case of using redistribution under the address-families: ================================================================================ R5# R5# R5#sh ip route vrf a Routing Table: a Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback1 2.0.0.0/32 is subnetted, 1 subnets B 2.2.2.2 is directly connected, 00:00:00, Loopback2 3.0.0.0/32 is subnetted, 1 subnets B 3.3.3.3 is directly connected, 00:00:00, Loopback3 20.0.0.0/24 is subnetted, 1 subnets B 20.20.20.0 is directly connected, 00:00:00, Null0 10.0.0.0/24 is subnetted, 1 subnets S 10.10.10.0 is directly connected, Null0 30.0.0.0/24 is subnetted, 1 subnets B 30.30.30.0 is directly connected, 00:00:02, Null0 R5# R5# R5#sh ip route vrf b Routing Table: b Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets B 1.1.1.1 is directly connected, 00:00:06, Loopback1 2.0.0.0/32 is subnetted, 1 subnets C 2.2.2.2 is directly connected, Loopback2 20.0.0.0/24 is subnetted, 1 subnets S 20.20.20.0 is directly connected, Null0 10.0.0.0/24 is subnetted, 1 subnets B 10.10.10.0 is directly connected, 00:00:06, Null0 R5# R5# R5# R5#sh ip route vrf c Routing Table: c Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets B 1.1.1.1 is directly connected, 00:00:09, Loopback1 3.0.0.0/32 is subnetted, 1 subnets C 3.3.3.3 is directly connected, Loopback3 10.0.0.0/24 is subnetted, 1 subnets B 10.10.10.0 is directly connected, 00:00:09, Null0 30.0.0.0/24 is subnetted, 1 subnets S 30.30.30.0 is directly connected, Null0 R5#sh ip bgp vpnv4 vrf a BGP table version is 21, local router ID is 100.10.10.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 1:1 (default for vrf a) *> 1.1.1.1/32 0.0.0.0 0 32768 ? *> 2.2.2.2/32 0.0.0.0 0 32768 ? *> 3.3.3.3/32 0.0.0.0 0 32768 ? *> 10.10.10.0/24 0.0.0.0 0 32768 ? *> 20.20.20.0/24 0.0.0.0 0 32768 ? *> 30.30.30.0/24 0.0.0.0 0 32768 ? R5# R5# R5# R5#sh ip bgp vpnv4 vrf b BGP table version is 21, local router ID is 100.10.10.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 2:2 (default for vrf b) *> 1.1.1.1/32 0.0.0.0 0 32768 ? *> 2.2.2.2/32 0.0.0.0 0 32768 ? *> 10.10.10.0/24 0.0.0.0 0 32768 ? *> 20.20.20.0/24 0.0.0.0 0 32768 ? R5# R5# R5# R5#sh ip bgp vpnv4 vrf c BGP table version is 21, local router ID is 100.10.10.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 3:3 (default for vrf c) *> 1.1.1.1/32 0.0.0.0 0 32768 ? *> 3.3.3.3/32 0.0.0.0 0 32768 ? *> 10.10.10.0/24 0.0.0.0 0 32768 ? *> 30.30.30.0/24 0.0.0.0 0 32768 ? Show commands output in case of using network under the address-families: ========================================================================= R5#sh ip route vrf a Routing Table: a Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets C 1.1.1.1 is directly connected, Loopback1 2.0.0.0/32 is subnetted, 1 subnets B 2.2.2.2 is directly connected, 00:05:54, Loopback2 3.0.0.0/32 is subnetted, 1 subnets B 3.3.3.3 is directly connected, 00:05:54, Loopback3 20.0.0.0/24 is subnetted, 1 subnets B 20.20.20.0 is directly connected, 00:05:54, Null0 10.0.0.0/24 is subnetted, 1 subnets S 10.10.10.0 is directly connected, Null0 30.0.0.0/24 is subnetted, 1 subnets B 30.30.30.0 is directly connected, 00:05:56, Null0 R5#sh ip route vrf b Routing Table: b Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets B 1.1.1.1 is directly connected, 00:08:05, Loopback1 2.0.0.0/32 is subnetted, 1 subnets C 2.2.2.2 is directly connected, Loopback2 20.0.0.0/24 is subnetted, 1 subnets S 20.20.20.0 is directly connected, Null0 10.0.0.0/24 is subnetted, 1 subnets B 10.10.10.0 is directly connected, 00:08:05, Null0 R5#sh ip route vrf c Routing Table: c Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2 E1 - OSPF external type 1, E2 - OSPF external type 2 i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2 ia - IS-IS inter area, * - candidate default, U - per-user static route o - ODR, P - periodic downloaded static route Gateway of last resort is not set 1.0.0.0/32 is subnetted, 1 subnets B 1.1.1.1 is directly connected, 00:08:30, Loopback1 3.0.0.0/32 is subnetted, 1 subnets C 3.3.3.3 is directly connected, Loopback3 10.0.0.0/24 is subnetted, 1 subnets B 10.10.10.0 is directly connected, 00:08:30, Null0 30.0.0.0/24 is subnetted, 1 subnets S 30.30.30.0 is directly connected, Null0 R5#sh ip bgp vpnv4 vrf a BGP table version is 21, local router ID is 150.1.5.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 1:1 (default for vrf a) *> 1.1.1.1/32 0.0.0.0 0 32768 i *> 2.2.2.2/32 0.0.0.0 0 32768 i *> 3.3.3.3/32 0.0.0.0 0 32768 i *> 10.10.10.0/24 0.0.0.0 0 32768 i *> 20.20.20.0/24 0.0.0.0 0 32768 i *> 30.30.30.0/24 0.0.0.0 0 32768 i R5#sh ip bgp vpnv4 vrf b BGP table version is 21, local router ID is 150.1.5.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 2:2 (default for vrf b) *> 1.1.1.1/32 0.0.0.0 0 32768 i *> 2.2.2.2/32 0.0.0.0 0 32768 i *> 10.10.10.0/24 0.0.0.0 0 32768 i *> 20.20.20.0/24 0.0.0.0 0 32768 i R5#sh ip bgp vpnv4 vrf c BGP table version is 21, local router ID is 150.1.5.5 Status codes: s suppressed, d damped, h history, * valid, > best, i - internal, r RIB-failure, S Stale Origin codes: i - IGP, e - EGP, ? - incomplete Network Next Hop Metric LocPrf Weight Path Route Distinguisher: 3:3 (default for vrf c) *> 1.1.1.1/32 0.0.0.0 0 32768 i *> 3.3.3.3/32 0.0.0.0 0 32768 i *> 10.10.10.0/24 0.0.0.0 0 32768 i *> 30.30.30.0/24 0.0.0.0 0 32768 i