This is the real conf:

ip vrf B

rd 1:5

route-target export 1:5

route-target export 1:4

route-target import 1:4

route-target import 1:5

!

ip vrf A

rd 1:4

route-target export 1:4

route-target export 1:5

route-target import 1:4

route-target import 1:5

!

ip cef

!

interface GigabitEthernet0/1

ip address x.y.z.k

ip vrf forwarding A

!

interface GigabitEthernet0/3

description TRUNK DOT1Q

!

interface GigabitEthernet0/3.1

ip address 192.168.222.2 255.255.255.0

encapsulation dot1Q 36

ip vrf forwarding B

standby use-bia scope interface

standby 1 ip 192.168.222.1

standby 1 priority 110

standby 1 preempt

standby 1 name B

!

router eigrp 3000

no auto-summary

!

address-family ipv4 vrf A

network x.y.z.k

distance 255 192.168.230.4 0.0.0.0

no auto-summary

autonomous-system 1799

exit-address-family

!

router bgp 1

no bgp default ipv4-unicast

bgp log-neighbor-changes

!

address-family ipv4 vrf A

redistribute connected

redistribute static

redistribute eigrp 1799 metric 200

no auto-summary

no synchronization

exit-address-family

!

address-family ipv4 vrf B

redistribute connected

redistribute static

no auto-summary

no synchronization

exit-address-family

!

ip route vrf B 0.0.0.0 0.0.0.0 GigabitEthernet0/1 192.168.230.1

ip route vrf A 192.168.222.0 255.255.255.0 GigabitEthernet0/3.1 192.168.222.1

!

7204B_NAT#sh ip ro vrf B

Routing Table: B

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.230.1 to network 0.0.0.0

C 192.168.222.0/24 is directly connected, GigabitEthernet0/3.1

S* 0.0.0.0/0 [1/0] via 192.168.230.1, GigabitEthernet0/1

7204B_NAT#sh ip ro vrf A

Routing Table: A

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

192.168.230.0/27 is subnetted, 1 subnets

C 192.168.230.0 is directly connected, GigabitEthernet0/1

10.0.0.0/8 is variably subnetted, 19 subnets, 5 masks

D EX 10.99.3.64/27

[170/540160] via 192.168.230.2, 01:08:26, GigabitEthernet0/1

[170/540160] via 192.168.230.1, 01:08:26, GigabitEthernet0/1

D EX 10.99.3.32/27

[170/540160] via 192.168.230.2, 01:08:26, GigabitEthernet0/1

[170/540160] via 192.168.230.1, 01:08:26, GigabitEthernet0/1

S 192.168.222.0/24 [1/0] via 192.168.222.1, GigabitEthernet0/3.1

7204B_NAT#sh ip vrf

Name Default RD Interfaces

B 1:5 GigabitEthernet0/3.1

A 1:4 GigabitEthernet0/1

VRF B; default RD 1:5; default VPNID

Interfaces:

GigabitEthernet0/3.1

Connected addresses are not in global routing table

Export VPN route-target communities

RT:1:4 RT:1:9

Import VPN route-target communities

RT:1:4 RT:1:9

No import route-map

No export route-map

VRF A; default RD 1:4; default VPNID

Interfaces:

GigabitEthernet0/1

Connected addresses are not in global routing table

Export VPN route-target communities

RT:1:4 RT:1:5 RT:1:9

Import VPN route-target communities

RT:1:4 RT:1:5 RT:1:9

No import route-map

No export route-map

The VRF tables look like they should provide connectivity between the client PC and the server assuming that they are directly connected. Are these two devices directly connected and configured with a default gateway pointing to the router?

The PC (customer B) is directly connected to router

The Server (customer A) isn't directly connected but eigrp in vrf A is working fine.

***PC****

7204B_NAT#ping vrf B 192.168.222.10

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 192.168.222.10, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

*****SERVER******

7204B_NAT#ping vrf A 10.99.3.1

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 10.99.3.1, timeout is 2 seconds:

!!!!!

Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/4 ms

7204B_NAT#traceroute vrf A ip

Target IP address: 10.99.3.1

Source address: 192.168.230.3

Numeric display [n]:

Resolve AS number in (G)lobal table, (V)RF or(N)one [G]:

Timeout in seconds [3]:

Probe count [3]:

Minimum Time to Live [1]:

Maximum Time to Live [30]:

Port Number [33434]:

Loose, Strict, Record, Timestamp, Verbose[none]:

Type escape sequence to abort.

Tracing the route to 10.99.3.1

1 192.168.230.1 0 msec

192.168.230.2 0 msec

192.168.230.1 0 msec

2 10.99.3.1 0 msec 4 msec 0 msec

Given the server is not connected you need to redistribute the static route for ip route vrf A 192.168.222.0/24 in eigrp then. Make sure you have you include the default-metric statement for the redistribution to work properly.

Hope this helps,

Hi,

thanks but I didn't understand your sentence.

Where do I have to apply the default-metric command ?

under bgp vrf A or under eigrp vrf A ?

I've two (static routes):

ip route vrf A 192.168.222.0 255.255.255.0 GigabitEthernet0/3.1 192.168.222.1

ip route vrf B 0.0.0.0 0.0.0.0 GigabitEthernet0/1 192.168.230.1

with sh ip route vrf command I can see both statics:

7204B_NAT#sh ip ro vrf A

Routing Table: A

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is not set

192.168.230.0/27 is subnetted, 1 subnets

C 192.168.230.0 is directly connected, GigabitEthernet0/1

10.0.0.0/8 is variably subnetted, 19 subnets, 5 masks

D EX 10.99.3.0/28

[170/540160] via 192.168.230.2, 23:46:33,

S 192.168.222.0/24 [1/0] via 192.168.222.1, GigabitEthernet0/3.1

AND

7204B_NAT#sh ip ro vrf B

Routing Table: B

Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP

D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area

N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2

E1 - OSPF external type 1, E2 - OSPF external type 2

i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2

ia - IS-IS inter area, * - candidate default, U - per-user static route

o - ODR, P - periodic downloaded static route

Gateway of last resort is 192.168.230.1 to network 0.0.0.0

C 192.168.222.0/24 is directly connected, GigabitEthernet0/3.1

S* 0.0.0.0/0 [1/0] via 192.168.230.1, GigabitEthernet0/1

Sorry for the nebulous message, early in the morning ;o)

You have to include the default-metric under eigrp as well as the redistribute static.

At the moment your server or the router it connects to propably don't know the path back to 192.168.222.0/24.

Let me know if that works for you.

Hi,

I made.

With traceroute from server the stop is the router vrf

With traceroute from pc the stop is the same router vrf

follow the conf:

!

no ip domain lookup

!

ip vrf B

rd 1:9

route-target export 1:4

route-target export 1:9

route-target import 1:4

route-target import 1:9

ip vrf A

rd 1:4

route-target export 1:4

route-target import 1:4

route-target import 1:9

route-target export 1:9

!

ip cef

!

interface GigabitEthernet0/1

ip vrf forwarding A

ip address 192.168.230.3 255.255.255.224

standby 4 ip 192.168.230.5

standby 4 priority 110

standby 4 preempt

standby 4 track GigabitEthernet0/3 20

!

interface GigabitEthernet0/3

description - TRUNK DOT1Q

no ip address

duplex auto

speed 100

media-type rj45

no negotiation auto

!

interface GigabitEthernet0/3.1

encapsulation dot1Q 36

ip vrf forwarding B

ip address 192.168.222.2 255.255.255.0

standby use-bia scope interface

standby 1 ip 192.168.222.1

standby 1 priority 110

standby 1 preempt

standby 1 name B

!

router eigrp 3000

no auto-summary

!

address-family ipv4 vrf A

redistribute static

network 192.168.230.0

default-metric 100000 100 255 1 1500

distance 255 192.168.230.4 0.0.0.0

no auto-summary

autonomous-system 1799

exit-address-family

!

router bgp 1

no bgp default ipv4-unicast

bgp log-neighbor-changes

!

address-family ipv4

redistribute connected

redistribute eigrp 1799

no auto-summary

no synchronization

exit-address-family

!

address-family ipv4 vrf A

redistribute connected

redistribute static

redistribute eigrp 1799 metric 200

no auto-summary

no synchronization

exit-address-family

!

address-family ipv4 vrf B

redistribute connected

redistribute static

no auto-summary

no synchronization

network 192.168.222.0

exit-address-family

!

ip classless

ip route vrf A 192.168.222.0 255.255.255.0 GigabitEthernet0/3.1 192.168.222.1

ip route vrf B 0.0.0.0 0.0.0.0 GigabitEthernet0/1 192.168.230.1

no ip http server

!

ip bgp-community new-format

The only thing I can see is that the static route in vrf A is pointing at the HSRP address (192.168.222.1) instead of the next-hop 192.168.222.10. Could you try changing that and see if that solves the issue.

One more thought,

Ultimately, you should even need to define a static route for 192.168.222.0 in vrf A since that route should be imported from vrf B to vrf A. But if you want to configure a static route, then I would suggest not to use a next-hop and just to point to the physical interface as follow:

ip route vrf A 192.168.222.0 255.255.255.0 GigabitEthernet0/3.1

Let me know if that works for you.

I meant you shouldn't even need to define a static route...

Sorry for the confusion.

Hi,

I fond the problem !!!

After command "clear int gi0/3" the vrf-lite feature and bgp process stop run; so I can't see bgp routes redistributed into VRFs A and B.

I due:

no ip cef and after I lose the vrf's configuration only on trunk under giga0/3 but not under giga0/1.

So I reloaded the router and I reconfigured ip cef and VRF on trunk under giga0/3.1.

Now it's working.

After I typed "clear int gi0/3" and I seen SAME PROBLEM !!!!

I think a BUG !!!

Have you tried changing your static route as follow:

ip route vrf A 192.168.222.0 255.255.255.0 GigabitEthernet0/3.1

I'm not sure pointing the next-hop at the local HSRP address is actually supported.

Hi,

I found this problem:

The real problem is related on BGP. The BGP don't work correctly because we don't see bgp routes inside VRF but only inside bgp table (show ip bgp vpnv4 all) !!!

After every reload the bgp table isn't populated correctly (routes are valid (*) only but not best (>); so the VRF lite don't work because the bgp don't install routes inside of vrf.

To work fine BGP I MUST unconfigure and configure one VRF interface.

After this practice the bgp see the routes valid and best (*>) and install the routes inside vrf.

I don't known why ?