Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
800
Views
0
Helpful
0
Replies

VRF Interleaking - Transit ?

gianluca.bianchi
Level 1
Level 1

‎09-26-2013 06:16 AM - edited ‎03-04-2019 09:09 PM

Hi All,

1- my problem is to understand if a vrf can be used on a router to learn routes from a second vrf, and propagate them to a 3rd one. Here is an example:

PE1

ip vrf Cust-A

rd 100:1

route-target export 100:1

route-target import 100:1

ip vrf CoreVRF

rd 100:2

route-target export 100:2

route-target import 100:2

route-target import 100:1

ip vrf Cust-B

rd 100:3

route-target export 100:3

route-target import 100:3

route-target import 100:2

interface Loopback1

ip vrf forwarding Cust-A

ip address 1.1.1.1 255.255.255.255

interface Loopback2

ip vrf forwarding CoreVRF

ip address 2.2.2.2 255.255.255.255

interface Loopback3

ip vrf forwarding Cust-B

ip address 3.3.3.3 255.255.255.255

Now, let's start with the statements I believe to be correct:

sh ip route vrf Cust-A should show only 1.1.1.1/32 , right?

sh ip route vrf CoreVRF should show 1.1.1.1/32 (imported from Cust-A), and 2.2.2.2 right?

Now the tricky bit: what should I see on show ip route vrf Cust-B ?

3.3.3.3/32 (surely, as Cust-B vrf owns this route!)

2.2.2.2/32 (surely, as Cust-B vrf imports all routes from Core vrf)

1.1.1.1/32 ??  Some Cisco documentation says NO, because Core vrf has learned that route via leaking (from Cust-A vrf), therefore it will not leak it back out onto Cust-B vrf. But in my network, that is a mix of several Cisco routers on different IOS, I think I observed it happen at times, not in all instances. I am not toally sure, given the complexity of interleaking in my network, and that is why I am asking for help.

2- The second point is: would it make any difference if some of those routes were resident on a different PE (say PE2) and be learned by PE1 via MP-BGP ?

For example if this piece of config was removed from PE1, and added to PE2:

PE2

interface Loopback1

ip vrf forwarding Cust-A

ip address 1.1.1.1 255.255.255.255

Keeping all the remaining config on PE1 as above, would it make any difference to my question's answer?

3- And if this Lo1 network was on PE2 (like just shown in my point 2- ), but the import statement from Cust-A into Core vrf was set on PE2 only (and not on PE1), would I see all the 3 routes on PE1's show ip route vrf Cust-B?

Basically with these changes as compared to the config shown in point 1- :

PE1

no int lo1

ip vrf CoreVRF

rd 100:2

no route-target import 100:1

PE2

ip vrf Cust-A

rd 100:1

route-target export 100:1

route-target import 100:1

ip vrf CoreVRF

rd 100:2

route-target export 100:2

route-target import 100:2

route-target import 100:1

interface Loopback1

ip vrf forwarding Cust-A

ip address 1.1.1.1 255.255.255.255

4- And the last point, which is maybe the crucial one, is: is anyone aware of different default behavior set by Cisco from one router platform (and IOS) to another? I suspect that this "transit behavior" of a vrf is allowed by default on my 2901 -- 15.1(4)M2, while not allowed on my 7206 -- 12.4  (I can be more specific later on this IOS, if it's needed).

I am not in the position to replicate this in a lab, because its results may depend on the platforms used (and IOS), so whichever outcome I'd obtain wouldn't be 100% reliable.

Whoever can give some input, and also develop the topic further, would do me a big favor

Thanks in advance,

Luca

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card