I run a city network in Sweden with a lot of different service providers. The service providers assign a IP network to us for use with their service. Ex. an ISP assign a /19 to us and its up to us to mask it and run DHCP to the customers. To make things easy I put the DHCP server (and som other stuff like a customer portal) in a, lets call it service vrf. My plan was then to take the /19 null route (its originated in the RR) and export it to the service vrf, and the other way around, export a null summary from the service vrf to all other SP vrf:s. I want to do this to keep it as simple as possible and the routing table as small as possible. And of course since I'm postning here it does not work. So I thought there might be the null interface that were the problem so I did a static to an other interface /19 -> 184.108.40.206. Now it works a tad better, the route comes into the service vrf and I have connectivity with localy connected interfaces within the /19. Interfaces connected elswhere are not reachable. Anybody have any ideas ?
To add a /19 to the service VRF BGP table you could use
ip vrf test
route-target import 65000:1
route-target export 65000:1
ip route vrf test 10.0.0.0 255.255.224.0 Null0
router bgp 65000
address-family ipv4 vrf test
network 10.0.0.0 mask 255.255.224.0
Obviously addresses and names need to be adjusted to your environment.
Be aware, that the router you configure this on, will get all traffic following the /19. To access the more specifics an IP lookup is required. Thus you need the more specific networks in the VRF, where the /19 is created. Also be aware that likely you need a default route for the return traffic.
Martin's approach is a correct/scalable solution to generate the blackhole you need.
You can import the blackhole in customer vrf on PE router, by using
ip vrf customer_A
router-target import 65000:1
you wrote: My plan was then to take the /19 null route (its originated in the RR) and export it to the service vrf, and the other way around, export a null summary from the service vrf to all other SP vrf:s
It means the blackhole is not generated in service vrf but in another vrf?
"service" vrf cannot export blackhole if "service" import it from another vrf! ....but I think I miss some requirement.
I see your point, I do not have any problem getting the /19 route distributed within the vrf I originated it in (the service vrf for example). I do redistribute static in bgp so it's in all the boxes. The thing is that I wanted to do export instead of import since import is local to the router where it's made, and I have a few routers. Export on the other hand is global so if I do export I can do it on the route reflector and then it's done. Much easier to be on top of things if it's a simple config.
Import works like a charm but it has to be done in all routers.
This document is an early notification of a behaviour change that will be introduced in IOS XR release 6.5.
IOS XR configuration principles relevant for this article are:
On router platforms all interfaces must be by defaul...
With XR 4.2.0 the ASR9000 is releasing a new line of hardware models. This amongst others is the RSP440, the next generation RSP with faster switch fabric along with Typhoon based Linecards, the next generation network processor.
The Cisco EPN system incorporates a network architecture designed to consolidate multiples services on a single Multiprotocol Label Switching (MPLS) transport network. This network is designed primarily based on Application ...