RE: Best way to leak routes into SHARED vrf without IGP from Ryan West on 2010-04-26 (Ccielab archives 04/2010)

From: Ryan West <rwest_at_zyedge.com>
Date: Mon, 26 Apr 2010 13:07:54 +0000

Frog,

> -----Original Message-----
> Sent: Monday, April 26, 2010 8:55 AM
> To: Cisco certification
> Subject: Best way to leak routes into SHARED vrf without IGP
>
> Folks,
>
> Here is what I am trying to do but without IGP on IOS-XE 12.2.
>
> http://www.netcraftsmen.net/component/content/article/68-network-
> infrastructure/696-using-bgp-with-vrf-lite-for-shared-service-support.html
>
>
> Scenario:
> =========
> same scenario as above netcraftsmen link but without EIGRP.
>
> PE-----(MPLS cloud--------Customer10
> | |
> | |-------------------VRF-Customer10-----|SW|---customer10's machiens
> | vrf-Shared
> |1.1.1.1/30
> |
> |
> |1.1.1.2/30
> |
> CE-RTR
> |
> |2.2.2.1/30
> |
> |vlan10
> |
> |2.2.2.2/30
> |Outside
> |
> Firewall
> |
> |inside
> |
> 200.200.200.0/24
>
> I have 2 vrf's on R1:
>
> VRF2 = customer10
> VRF3 = shared vrf (Customer10 should be able to access this)
>
> CUSTOMER10 IP = 100.0.0.0/16
> Shared VRF = 200.200.200.0/24
>
> VRF2 i.e. customer10 is peered with CE using BGP.
>
>
> ----------CE config-------------
>
> ip vrf CUSTOMER10
> rd 10:10
> route-target export 10:10
> route-target import 20:20
>
> ip vrf SHARED
> rd 20:20
> route-target export 20:20
> route-target import 10:10
>
> I have this static routes:
> ip route vrf SHARED 200.200.200.0 255.255.255.0 2.2.2.2 (2.2.2.2. is PIX
> firewall outside interface)
>
> I can see routes 200.200.200.0 on SHARED vrf on CE router.
>
> show ip route vrf SHARED 200.200.200.0
>
> Routing Table: SHARED
> Routing entry for 200.200.200.0/24
> Known via "static", distance 1, metric 0
> Routing Descriptor Blocks:
> * 2.2.2.2
> Route metric is 0, traffic share count is 1
>
>
> But can't see routes in the CUSTOMER10's vrf
>
> show ip route vrf CUSTOMER10 200.200.200.0
>
> Routing Table: CURTIN
> % Network not in table <------------------this is the issue
>
>
> How can I access 200.200.200.0 from Customer10's VRF without IGP?
>
> I have tried:
>
> access-list 88 permit 200.200.200.0
>
> route-map SHARED permit 10
> match ip 88
>
> and then re-distributed it on BGP
>
> router bgp 300
> address-family ipv4 vrf SHARED
> redistribute connected route-map SHARED
>
>

Wouldn't it be 'redistribute static' ? Doesn't seem to be a connected route.

-ryan

Blogs and organic groups at http://www.ccie.net
Received on Mon Apr 26 2010 - 13:07:54 ART

This archive was generated by hypermail 2.2.0 : Sat May 01 2010 - 09:49:57 ART