Bilal,
when you do a show ip bgp vpnv4 all, the show is *not* listing the
routes open by VRF, but the routes open by RD, corresponding to the
VRFs.
When you receive a route coming from elsewhere (e.g. the 192.168.6.0/24
@ R5 which is originated from R6) it is in the vpnv4 table with its
original RD (100:2).
But as you are importing it to VPN_B_at_R5, it gets also copied
with the associated RD, 100:1. That's why you see it with both RDs.
The import process assigns a new RD in the vpnv4 table.
-Carlos
Bilal Hansrod @ 13/06/2011 07:35 -0300 dixit:
> Hello,
>
> I was configuring export map for vrf and saw results which I am unable to
> understand. I used export map to match particular prefix from VPN_A (R5) and
> imported on R6 router in VPN_B. I can see in VPN_B routing table the prefix
> from R5 and don't see same prefix in VPN_A vrf. It seems good, but why do I
> see matched prefix on R6 on both vrf when I run show ip bgp vpnv4 all. It
> seems it imported on R6 in both vrf, but only installed in vrf VPN_B routing
> table due to export map.
>
> Anyone can explain this behaviour.
>
> Feel free to read in detail with configuration and output if you want to
> understand the topology.
>
>
> Thanks,
>
> Bilal Hansrod
>
>
>
>
>
> Topology:
>
> R6 connected to R4 via Ethernet and R4 is also connected to R5 via FR and
> Serial
>
> R4 is BGP Route Reflector and R5 and R6 as clients
>
> R6 � R4 � R5
>
> |
>
> R5
>
> A loopback interface is configured on R5 VRF VPN_A � 172.16.5.5/24
>
> A loopback interface is configured on R6 VRF VPN_B � 192.168.6.6/24
>
> Both VRF exist on R5 and R6.
>
> Task: R6 VPN_A doesn't see prefix-list 172.16.5.0/24 and R5 does not see
> the prefix 192.168.6.0/24
>
> Solution Configuration:
>
> R5:
>
> ip vrf VPN_A
>
> rd 100:1
>
> export map R5
>
> route-target export 100:1
>
> route-target import 100:1
>
> route-target import 100:66
>
> !
>
> ip vrf VPN_B
>
> rd 100:2
>
> route-target export 100:2
>
> route-target import 100:2
>
>
> ip prefix-list VPN_A seq 10 permit 172.16.5.0/24
>
>
> route-map R5 permit 10
>
> match ip address prefix-list VPN_A
>
> set extcommunity rt 100:55
>
> !
>
> route-map R5 permit 20
>
> set extcommunity rt 100:1
>
>
> R6:
>
>
> ip vrf VPN_A
>
> rd 100:1
>
> route-target export 100:1
>
> route-target import 100:1
>
> !
>
> ip vrf VPN_B
>
> rd 100:2
>
> export map R6
>
> route-target export 100:2
>
> route-target import 100:2
>
> route-target import 100:55
>
>
> ip prefix-list VPN_B seq 10 permit 192.168.6.0/24
>
>
> route-map R6 permit 10
>
> match ip address prefix-list VPN_B
>
> set extcommunity rt 100:66
>
> !
>
> route-map R6 permit 20
>
> set extcommunity rt 100:2
>
>
> Results: The below results ensure that R5 VPN_B does not see 192.168.6.0
> from R6 and R6 VPN_A does not see 172.16.5.0/24 from R5.
>
>
> R5#show ip route vrf VPN_A 192.168.6.0
>
> Routing entry for 192.168.6.0/24
>
> Known via "bgp 100", distance 200, metric 0, type internal
>
> Last update from 150.1.6.6 00:32:17 ago
>
> Routing Descriptor Blocks:
>
> * 150.1.6.6 (Default-IP-Routing-Table), from 150.1.4.4, 00:32:17 ago
>
> Route metric is 0, traffic share count is 1
>
> AS Hops 0
>
>
> R5#show ip route vrf VPN_B 192.168.6.0
>
> % Network not in table
>
>
> R6#show ip route vrf VPN_A 172.16.5.0
>
> % Subnet not in table
>
>
> R6#show ip route vrf VPN_B 172.16.5.0
>
> Routing entry for 172.16.5.0/24
>
> Known via "bgp 100", distance 200, metric 0, type internal
>
> Last update from 150.1.5.5 00:35:49 ago
>
> Routing Descriptor Blocks:
>
> * 150.1.5.5 (Default-IP-Routing-Table), from 150.1.4.4, 00:35:49 ago
>
> Route metric is 0, traffic share count is 1
>
> AS Hops 0
>
> Now when I run show ip bgp vpnv4 all on R5 and R6, I still see routes in
> both VPN tables.
>
> For instance, R sees 192.168.6.0 in vrf VPN_A and VPN_B. Can anyone please
> explain why I can't see in routing table of vrf but still see in VPNV4
> table.
>
> R5#show ip bgp vpnv4 all
>
> BGP table version is 37, local router ID is 150.1.5.5
>
> Status codes: s suppressed, d damped, h history, * valid, > best, i -
> internal,
>
> r RIB-failure, S Stale
>
> Origin codes: i - IGP, e - EGP, ? - incomplete
>
> Network Next Hop Metric LocPrf Weight Path
>
> Route Distinguisher: 100:1 (default for vrf VPN_A)
>
> *> 155.1.58.0/24 0.0.0.0 0 32768 ?
>
> *>i155.1.67.0/24 150.1.6.6 0 100 0 ?
>
> *> 172.16.5.0/24 0.0.0.0 0 32768 ?
>
> *>i172.16.7.0/24 150.1.6.6 0 100 0 ?
>
> *>i192.168.6.0 150.1.6.6 0 100 0 ?
>
> Route Distinguisher: 100:2 (default for vrf VPN_B)
>
> *> 155.1.5.0/24 0.0.0.0 0 32768 ?
>
> *>i155.1.76.0/24 150.1.6.6 0 100 0 ?
>
> *>i192.168.6.0 150.1.6.6 0 100 0 ?
>
> *>i192.168.7.0 150.1.6.6 0 100 0 ?
>
> Thanks,
>
>
> Blogs and organic groups at http://www.ccie.net
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
>
>
>
>
>
>
>
--
Carlos G Mendioroz <tron_at_huapi.ba.ar> LW7 EQI Argentina
Blogs and organic groups at http://www.ccie.net
Received on Mon Jun 13 2011 - 09:49:06 ART