[c-nsp] How not to redistribute statics into VRFs/BGP
ChrisSerafin
chris at chrisserafin.com
Mon Mar 30 13:48:31 EDT 2009
David Freedman wrote:
>
> >ip route vrf Chmbr-General 0.0.0.0 0.0.0.0 10.120.24.2 ! This is an ASA
> >on the 'LAN' for this site
> >ip route vrf Chmbr-General 10.0.0.0 255.0.0.0 Serial0/1/0.310
>
> Right, got you so far
>
> >So I remove the static route pointing to 10.120.24.2 and point it to the
> >remote MPLS spoke, 10.120.24.2.
>
> You mean 10.120.112.2?
>
Yes, I'm sorry
>
>
> >ip route vrf Chmbr-General 0.0.0.0 0.0.0.0 10.120.112.2 ! This is a
> >different FW at a remote MPLS spoke
> >ip route vrf Chmbr-General 10.0.0.0 255.0.0.0 Serial0/1/0.310
>
> So both 10.120.24.2 and 10.120.112.2 are at the remote site?
> any chance you can knock up a small ascii diagram else it gets a bit
> confusing.
>
> >Traceroutes after the change show that it is using the main egress route
> >going out the US, which is a gateway of last resort being propagated via
> >BGP/VRF.
>
> US?
>
USA
>
>
> How are you tracerouting? using "traceroute vrf Chmbr-General x.x.x.x"
> command?
>
Yes I am doing this.
>
>
> Also worth noting that since you are doing what is called "recursive"
> routing here
> (i.e point default at something which is also pointed at an interface)
> your traffic
> will always go via Serial0/1/0.310 and onto your MPLS provider ,
> anything past this
> you have no direct influence over (usually) and hence you will need to
> have them change the
> way the default is advertised into their VRF as well.
>
> Does this make sense?
>
Yes/Maybe :) .......All 10.x.x.x traffic should be thrown out the
serial0/1/0.310 interface, out to the MPLS cloud. I'm engaging the ISP
to see if 'we' are advertising the default route or the ISP is.
THANKS for your comments!
More information about the cisco-nsp
mailing list