Configs as requested.
R7------------------------R3-----------------------R1--------------R2-----------------R4----------------R5--------------R6----------------R8
CE PE P ASBR(123)
ASBR(456) P PE CE
VRF MAN
LOOPBACK10
!
VRF 78 on R6 PE gives error of unsupported feature when doing import map,
but normal route-target import for RT 100:100 works fine. Below are the
configurations.
Thanks
R7#sh run
Building configuration...
Current configuration : 1190 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R7
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip multicast-routing
no ip ips deny-action ips-interface
!
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 10.1.7.7 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 10.1.37.7 255.255.255.0
ip pim sparse-mode
ip igmp join-group 236.6.6.6
half-duplex
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
router ospf 1
log-adjacency-changes
network 10.1.7.7 0.0.0.0 area 0
network 10.1.37.7 0.0.0.0 area 0
!
ip http server
no ip http secure-server
ip classless
!
!
ip pim send-rp-announce Loopback0 scope 10
ip pim send-rp-discovery Loopback0 scope 10
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
!
!
R3#sh run
Building configuration...
Current configuration : 2472 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R3
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip domain lookup
no ip dhcp use vrf connected
!
!
ip vrf 78
rd 78:78
route-target export 78:78
route-target import 78:78
bgp next-hop Loopback0
mdt default 237.7.7.7
!
ip vrf man
rd 10:10
export map MAN
route-target export 10:10
route-target import 10:10
!
ip multicast-routing
ip multicast-routing vrf 78
no ip ips deny-action ips-interface
!
mpls label protocol ldp
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 150.1.3.3 255.255.255.255
ip pim sparse-mode
!
interface Loopback10
ip vrf forwarding man
ip address 10.10.10.10 255.255.255.255
!
interface Ethernet0/0
ip vrf forwarding 78
ip address 10.1.37.3 255.255.255.0
ip pim sparse-mode
half-duplex
!
interface Ethernet0/1
ip address 150.1.13.3 255.255.255.0
ip pim sparse-mode
half-duplex
tag-switching ip
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
router ospf 78 vrf 78
domain-id 36.36.36.36
log-adjacency-changes
redistribute bgp 123 subnets
network 10.1.37.3 0.0.0.0 area 0
!
router ospf 1
log-adjacency-changes
network 150.1.3.3 0.0.0.0 area 0
network 150.1.13.3 0.0.0.0 area 0
!
router bgp 123
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 150.1.1.1 remote-as 123
neighbor 150.1.1.1 update-source Loopback0
!
address-family vpnv4
neighbor 150.1.1.1 activate
neighbor 150.1.1.1 send-community extended
exit-address-family
!
address-family ipv4 vrf man
redistribute connected
no auto-summary
no synchronization
exit-address-family
!
address-family ipv4 vrf 78
redistribute connected
redistribute static
redistribute ospf 78 vrf 78 match internal external 1 external 2
no auto-summary
no synchronization
network 37.37.37.37 mask 255.255.255.255
exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
ip pim autorp listener
ip pim ssm default
!
!
ip prefix-list MAN seq 5 permit 10.10.10.10/32
!
route-map MAN permit 10
match ip address prefix-list MAN
set extcommunity rt 100:100 additive
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
!
!
R1#sh run
Building configuration...
Current configuration : 2228 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R1
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip multicast-routing
no ip ips deny-action ips-interface
!
mpls label protocol ldp
no tag-switching ip propagate-ttl
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 150.1.1.1 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 150.1.13.1 255.255.255.0
ip pim sparse-mode
half-duplex
tag-switching ip
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface Serial1/0
ip address 150.1.12.1 255.255.255.0
ip pim sparse-mode
tag-switching ip
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
router ospf 1
log-adjacency-changes
network 150.1.1.1 0.0.0.0 area 0
network 150.1.12.1 0.0.0.0 area 0
network 150.1.13.1 0.0.0.0 area 0
!
router bgp 123
no synchronization
bgp router-id 150.1.1.1
bgp log-neighbor-changes
neighbor 150.1.2.2 remote-as 123
neighbor 150.1.2.2 update-source Loopback0
neighbor 150.1.3.3 remote-as 123
neighbor 150.1.3.3 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 150.1.2.2 activate
neighbor 150.1.2.2 send-community extended
neighbor 150.1.2.2 route-reflector-client
neighbor 150.1.3.3 activate
neighbor 150.1.3.3 send-community extended
neighbor 150.1.3.3 route-reflector-client
exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
ip pim autorp listener
ip pim ssm default
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
!
!
R2#term len 0
R2#sh ru
% Ambiguous command: "sh ru"
R2#sh run
Building configuration...
Current configuration : 2549 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R2
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip multicast-routing
no ip ips deny-action ips-interface
!
mpls label protocol ldp
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 150.1.2.2 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 150.1.24.2 255.255.255.0
ip pim bsr-border
ip pim sparse-mode
half-duplex
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface Serial1/0
ip address 150.1.12.2 255.255.255.0
ip pim sparse-mode
tag-switching ip
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
router ospf 1
log-adjacency-changes
redistribute connected subnets route-map AS456
redistribute bgp 123
network 150.1.2.2 0.0.0.0 area 0
network 150.1.12.2 0.0.0.0 area 0
!
router bgp 123
no bgp default route-target filter
bgp log-neighbor-changes
neighbor 150.1.1.1 remote-as 123
neighbor 150.1.1.1 update-source Loopback0
neighbor 150.1.24.4 remote-as 456
!
address-family ipv4
neighbor 150.1.1.1 activate
neighbor 150.1.24.4 activate
no auto-summary
no synchronization
network 150.1.3.3 mask 255.255.255.255
exit-address-family
!
address-family vpnv4
neighbor 150.1.1.1 activate
neighbor 150.1.1.1 send-community extended
neighbor 150.1.24.4 activate
neighbor 150.1.24.4 send-community extended
exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
ip pim autorp listener
ip pim bsr-candidate Loopback0 0
ip pim rp-candidate Loopback0
ip pim ssm default
ip msdp peer 150.1.24.4 remote-as 456
!
!
ip prefix-list R6_LOOP seq 5 permit 150.1.6.6/32
!
route-map AS456 permit 10
match ip address prefix-list AS456 R6_LOOP
!
route-map R6_LOOP permit 10
match ip address prefix-list R6_LOOP
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
!
!
R4#sh run
Building configuration...
Current configuration : 2663 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R4
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip domain lookup
no ip dhcp use vrf connected
!
!
ip multicast-routing
no ip ips deny-action ips-interface
!
mpls label protocol ldp
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 150.1.4.4 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 150.1.24.4 255.255.255.0
ip pim sparse-mode
half-duplex
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface Serial1/0
ip address 150.1.45.4 255.255.255.0
ip pim sparse-mode
tag-switching ip
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
router ospf 1
log-adjacency-changes
redistribute connected subnets route-map AS123
redistribute bgp 456
network 150.1.4.4 0.0.0.0 area 0
network 150.1.45.4 0.0.0.0 area 0
!
router bgp 456
no bgp default route-target filter
bgp log-neighbor-changes
neighbor 150.1.5.5 remote-as 456
neighbor 150.1.5.5 update-source Loopback0
neighbor 150.1.24.2 remote-as 123
!
address-family ipv4
neighbor 150.1.5.5 activate
neighbor 150.1.24.2 activate
no auto-summary
no synchronization
network 150.1.6.6 mask 255.255.255.255
exit-address-family
!
address-family vpnv4
neighbor 150.1.5.5 activate
neighbor 150.1.5.5 send-community extended
neighbor 150.1.24.2 activate
neighbor 150.1.24.2 send-community extended
exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
ip pim autorp listener
ip pim send-rp-announce Loopback0 scope 10
ip pim send-rp-discovery Loopback0 scope 10
ip pim ssm default
ip msdp peer 150.1.24.2 remote-as 123
!
!
ip prefix-list R3_LOOP seq 5 permit 150.1.3.3/32
access-list 1 deny 224.0.1.39
access-list 1 deny 224.0.1.40
access-list 1 permit any
!
route-map R3_LOOP permit 10
match ip address prefix-list R3_LOOP
!
route-map AS123 permit 10
match ip address prefix-list AS123 R3_LOOP
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
!
!
R5#sh run
Building configuration...
Current configuration : 2193 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip multicast-routing
no ip ips deny-action ips-interface
!
mpls label protocol ldp
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 150.1.5.5 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 150.1.56.5 255.255.255.0
ip pim sparse-mode
half-duplex
tag-switching ip
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
interface Serial1/0
ip address 150.1.45.5 255.255.255.0
ip pim sparse-mode
tag-switching ip
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/1
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/2
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
interface Serial1/3
no ip address
shutdown
serial restart-delay 0
no dce-terminal-timing-enable
!
router ospf 1
log-adjacency-changes
network 150.1.5.5 0.0.0.0 area 0
network 150.1.45.5 0.0.0.0 area 0
network 150.1.56.5 0.0.0.0 area 0
!
router bgp 456
no synchronization
bgp router-id 150.1.5.5
bgp log-neighbor-changes
neighbor 150.1.4.4 remote-as 456
neighbor 150.1.4.4 update-source Loopback0
neighbor 150.1.6.6 remote-as 456
neighbor 150.1.6.6 update-source Loopback0
no auto-summary
!
address-family vpnv4
neighbor 150.1.4.4 activate
neighbor 150.1.4.4 send-community extended
neighbor 150.1.4.4 route-reflector-client
neighbor 150.1.6.6 activate
neighbor 150.1.6.6 send-community extended
neighbor 150.1.6.6 route-reflector-client
exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
ip pim autorp listener
ip pim ssm default
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
!
!
R6#sh run
Building configuration...
Current configuration : 2195 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R6
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip domain lookup
no ip dhcp use vrf connected
!
!
ip vrf 78
rd 78:78
import map man-import
route-target export 78:78
route-target import 78:78
bgp next-hop Loopback0
mdt default 237.7.7.7
!
ip multicast-routing
ip multicast-routing vrf 78
no ip ips deny-action ips-interface
!
mpls label protocol ldp
no tag-switching ip propagate-ttl
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 150.1.6.6 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 150.1.56.6 255.255.255.0
ip pim sparse-mode
half-duplex
tag-switching ip
!
interface Ethernet0/1
ip vrf forwarding 78
ip address 10.1.68.6 255.255.255.0
ip pim sparse-mode
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
router ospf 78 vrf 78
domain-id 36.36.36.36
log-adjacency-changes
redistribute bgp 456 subnets
network 10.1.68.6 0.0.0.0 area 0
!
router ospf 1
log-adjacency-changes
network 150.1.6.6 0.0.0.0 area 0
network 150.1.56.6 0.0.0.0 area 0
!
router bgp 456
no bgp default ipv4-unicast
bgp log-neighbor-changes
neighbor 150.1.5.5 remote-as 456
neighbor 150.1.5.5 update-source Loopback0
!
address-family vpnv4
neighbor 150.1.5.5 activate
neighbor 150.1.5.5 send-community extended
exit-address-family
!
address-family ipv4 vrf 78
redistribute connected
redistribute static
redistribute ospf 78 vrf 78 match internal external 1 external 2
no auto-summary
no synchronization
network 73.73.73.73 mask 255.255.255.255
exit-address-family
!
ip http server
no ip http secure-server
ip classless
!
!
ip extcommunity-list expanded man permit 100:100
ip pim autorp listener
ip pim ssm default
!
!
route-map man-import permit 10
match extcommunity man
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
!
!
R8#sh run
Building configuration...
Current configuration : 1228 bytes
!
version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname R8
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
!
!
ip multicast-routing
no ip ips deny-action ips-interface
!
no ftp-server write-enable
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
!
no crypto isakmp ccm
!
!
!
!
interface Loopback0
ip address 10.1.8.8 255.255.255.255
ip pim sparse-mode
!
interface Ethernet0/0
ip address 10.1.68.8 255.255.255.0
ip pim sparse-mode
ip igmp join-group 227.7.7.7
ip igmp join-group 232.1.2.3
half-duplex
!
interface Ethernet0/1
no ip address
shutdown
half-duplex
!
interface Ethernet0/2
no ip address
shutdown
half-duplex
!
interface Ethernet0/3
no ip address
shutdown
half-duplex
!
router ospf 1
log-adjacency-changes
network 0.0.0.0 255.255.255.255 area 0
!
ip http server
no ip http secure-server
ip classless
ip route 0.0.0.0 0.0.0.0 10.1.68.6
!
!
ip pim send-rp-announce Loopback0 scope 10
ip pim send-rp-discovery Loopback0 scope 10
!
!
!
!
control-plane
!
!
!
!
!
!
!
!
!
!
line con 0
exec-timeout 0 0
line aux 0
line vty 0 4
login
!
!
end
On Sat, Jan 23, 2010 at 7:32 AM, Bryan Bartik <bbartik_at_ipexpert.com> wrote:
> Can you post your config?
>
> On Fri, Jan 22, 2010 at 10:25 PM, Service Provider <
> service.providersa_at_gmail.com> wrote:
>
> > Hi All
> >
> > I have a Inter-AS scenario with 2 VRFs (VRF 78 and MAN) residing on on
> the
> > one AS (as100) and one AS (200) on the other AS. The VRF that is on AS200
> > must import routes from VRF MAN from AS100. When I use route-target
> import
> > xx:xx, these being MAN RT, everything works fine. But when I configure a
> > route-map, matching the extended community i configured to match the MAN
> > rt,
> > I get errors when debugging ip bgp vpnv4 unicast update that this is not
> > supported. Why is this feature not supported?
> >
> > Regards
> > SP
> >
> >
> > Blogs and organic groups at http://www.ccie.net
> >
> > _______________________________________________________________________
> > Subscription information may be found at:
> > http://www.groupstudy.com/list/CCIELab.html
> >
> >
> >
> >
> >
> >
> >
> >
>
>
> --
> Bryan Bartik
> CCIE #23707 (R&S, SP), CCNP
> Sr. Support Engineer - IPexpert, Inc.
> URL: http://www.IPexpert.com
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Sat Jan 23 2010 - 07:54:46 ART
This archive was generated by hypermail 2.2.0 : Thu Feb 04 2010 - 20:28:42 ART