[c-nsp] IOS XR vrf export route-policy

Aaron aaron1 at gvtc.com
Thu Feb 18 22:40:56 EST 2016 

I may have found the answer to this...

vrf export route-policy doesn't seem to directly deny prefixes from
advertisement... but according to this one site you can indirectly deny
prefixes... it seems that vrf export route-policy is mainly used to more
granularly assign rt's and add rt's to rt's (additive).

http://www.akbintel.com/mediawiki/index.php/VRF/Config#export_map

http://nagendrakumar-nagendra.blogspot.com/2011/09/mpls-vpn-vrf-export-map.h
tml

I thought it was pretty clever to not put a route-target export x:x and then
whichever prefixes are denied in the export route-policy will drop out of
the route-map logic, and this will not be advertised since there isn't a
route-target export statement in the vrf.  Cool.

Aaron


-----Original Message-----
From: cisco-nsp [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of
Aaron
Sent: Thursday, February 18, 2016 4:40 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] IOS XR vrf export route-policy

Shouldn't the following block 192.168.252.0/24 from being exported ?  What
am I not understanding about vrf export maps ?

 

I have bounced BVI200 on this PE and I see the route get removed from remote
PE's, but when I no shut bvi200 that route is readvertised and the export
map doesn't seem to drop that route like I'm trying to do.
I have bounced bgp also on this PE, and still don't see that route being
dropped like I'm trying to accomplish.

 

vrf one

address-family ipv4 unicast

  import route-target

   1:1

  !

  export route-policy routes-export

  export route-target

   1:1

  !

!

!

 

 

route-policy routes-export

  if destination in export-1to1-all-routes then

    drop

  endif

end-policy

!

 

prefix-set export-1to1-all-routes

  192.168.252.0/24

end-set

!

 

 

RP/0/RSP0/CPU0:eng-lab-9k-1#sh route vrf one connected | in BVI

C    192.168.252.0/24 is directly connected, 00:05:53, BVI200

 

 

 

Aaron

 

 

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list