Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1481
Views
2
Helpful
4
Replies

Route Leaking in MPLS/VPN Networks

norlink
Level 1
Level 1

‎02-26-2006 06:39 PM

Hi All,

I have been looking at the example in http://www.cisco.com/en/US/tech/tk436/tk832/technologies_configuration_example09186a0080231a3e.shtml

My implementation is almost identical, I have a Netflow Collector sitting in my Management vrf.

The global route is working fine and my flows are getting to the collector, but my issue is the return path.

My source interface is a loopback address and whenever I try to add a route to it I get:

ip route vrf vpn2 10.1.1.1 255.255.255.255 Loopback0

% For VPN routes, must specify a next hop IP address if not a point-to-point interface.

My question is:

What should the next hop address be in this case.

I have also tried:

ip route vrf vpn2 10.1.1.1 255.255.255.255 Loopback0 10.1.1.1

with no success.

Sorry if I havnt explained the problem too well, please let me know if you need any more information.

Thanks,

Aaron

Labels:
0 Helpful
4 Replies 4

mheusinger
Level 10
Level 10

‎02-26-2006 08:54 PM

Hello Aaron,

Your config should look similar to this:

ip route vrf vpn2 10.1.1.1 255.255.255.255 10.1.1.1 global

assuming your Loopback is in the global IP routing table.

Hope this helps! Please rate all posts.

Regards, Martin

norlink
Level 1
Level 1
In response to mheusinger

‎02-26-2006 09:30 PM

Hi Martin,

I gave that a shot too,

I get the following:

ip route vrf vpn2 10.1.1.1 255.255.255.255 10.1.1.1 global

%Invalid next hop address (it's this router)

myrouter(config)#

Thanks,

Aaron

0 Helpful

mheusinger
Level 10
Level 10
In response to norlink

‎02-26-2006 10:21 PM

Hello Aaron,

the route example works for all routers except the one, where the VRF vpn2 is configured. What you can do for management purposes is either to connect through a neighbor router using packet leaking or configure another Loopback into VRF vpn2.

The last option (and my recommendation) is to establish another separate IP connection from your NMS to the MPLS core. Once VRFs are failing (for whatever reason, f.e. erroneously deleted) you might just not get connectivity to your backbone anymore to repair what went wrong.

So I would create an "interconnection router" with an interface in the VRF vpn2 and one interface in global IP routing table. This way you will still be able to access PEs, even if VRFs or MBGP is gone.

Hope this helps! Please rate all posts.

Regards, Martin

0 Helpful

ahamin
Level 1
Level 1

‎02-27-2006 02:58 AM

Hi There Aron

I can only imagine your Collector connected to the PE either directly or via a CE (!). In either case, I do not see how traffic can reach the Collector if the static route is pointed to Loopback0? with this logic the static route should be pointed to either a physical interface, subinterface or VSI

You also need to make sure reachability is advertised beyond the CE and/or PE where applicable

Regards

Ahmed

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents