Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Two VRF to exchange routes... except default

I have two vrfs configured on my PE routers (within GNS3). The original setup is pretty simple, as follows:

 

ip vrf VRF_A
 rd 100:1
 route-target export 100:1
 route-target import 100:1
!
ip vrf VRF_B
 rd 100:2
 route-target export 100:2
 route-target import 100:2
!

 

I want these two VRFs to exchange routes, except for their default routes. As such I have done the following:

 

ip prefix-list blockDefault seq 5 deny 0.0.0.0/0
ip prefix-list blockDefault seq 50 permit 0.0.0.0/0 le 32

route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10
 match ip address prefix-list blockDefault
 set extcommunity rt 100:10

route-map ALL_EXCEPT_DEFAULT_VPN_B  permit 10
 match ip address prefix-list blockDefault
 set extcommunity rt 100:20


ip vrf VRF_A
 rd 100:1
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target export 100:1
 route-target import 100:20
 route-target export 100:20
!
ip vrf VRF_B
 rd 100:2
 export map ALL_EXCEPT_DEFAULT_VRF_B
 route-target import 100:2
 route-target export 100:2
 route-target import 100:10
 route-target export 100:10
!

 

Now I am finding that, even thoughI can see the routes from VRF_A in VRF_B, I am actually losing routes that were once in VRF_A from the routing table (and vica versa).

 

Can someone advise if I have the above configuration correct?

 

Everyone's tags (3)
1 ACCEPTED SOLUTION

Accepted Solutions

Hi Steven,

Hi Steven,

the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.

There are several ways to accomplish the task, e.g.:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0
!
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10
 match ip address prefix-list DEFAULT-ROUTE
 ! do nothing
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20
 ! every other prefix
 set extcommunity rt 100:10 additive
!
ip vrf VRF_A
 rd 100:1 
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target import 100:20 
 route-target export 100:1
! 
(...)
 

Result:

R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2
R1#! a prefix originated in VRF_A
R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1 RT:100:10
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:1 RT:100:10
R1#! a prefix originated in VRF_B
R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:2 RT:100:20
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2 RT:100:20

 

HTH

Rolf

3 REPLIES

Hi Steven,

Hi Steven,

the problem with your route-map is, that the "set extcommunity rt" clause without the "additive" keyword will replace all the existing RTs (100:1/100:2 as well) with the new RT.

There are several ways to accomplish the task, e.g.:

ip prefix-list DEFAULT-ROUTE permit 0.0.0.0/0
!
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 10
 match ip address prefix-list DEFAULT-ROUTE
 ! do nothing
route-map ALL_EXCEPT_DEFAULT_VRF_A permit 20
 ! every other prefix
 set extcommunity rt 100:10 additive
!
ip vrf VRF_A
 rd 100:1 
 export map ALL_EXCEPT_DEFAULT_VRF_A
 route-target import 100:1
 route-target import 100:20 
 route-target export 100:1
! 
(...)
 

Result:

R1#show ip bgp vpnv4 all 0.0.0.0 0.0.0.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2
R1#! a prefix originated in VRF_A
R1#show ip bgp vpnv4 all 172.16.12.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:1 RT:100:10
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:1 RT:100:10
R1#! a prefix originated in VRF_B
R1#show ip bgp vpnv4 all 172.16.13.0 | i VRF|RT
Paths: (1 available, best #1, table VRF_A)
      Extended Community: RT:100:2 RT:100:20
Paths: (1 available, best #1, table VRF_B)
      Extended Community: RT:100:2 RT:100:20

 

HTH

Rolf

Also have a look at your

Also have a look at your route-map names (VPN <> VRF):

route-map ALL_EXCEPT_DEFAULT_VPN_A permit 10
!
ip vrf VRF_A
 export map ALL_EXCEPT_DEFAULT_VRF_A

 

HTH

Rolf

New Member

Remove and reattach the map.

Remove and reattach the map.

CCNA Training in Marathahalli

494
Views
6
Helpful
3
Replies
CreatePlease login to create content