[c-nsp] multi-vrf CE - importing and exporting via ibgp with a RR PE

Anton Smith anton at huge.geek.nz
Thu Feb 23 21:10:27 EST 2006 

Hi all,

Imagine the following setup:


--- CE --- PE --- VPN-ipv4 core

The =s represent vlans.

The PE has a VRF configured on it that contains at least two interfaces 
(the two vlans between CE and PE). IBGP sessions are configured between 
the CE and PE, and the PE has route reflection enabled.

Humour me and imagine that I want the two vrfs on the CE to route 
traffic to each other via the VPN rather than leaking routes to each 
other locally.

The problem is that the two vrfs on the CE receive all routes from the 
PE from the rest of the VPN, and install them, but *NOT* routes from 
each other. Keep in mind that I have route reflection running on the PE 
and it is working (other 'normal' CE hanging off the PE are able to 
exchange routes using IBGP).

Routes from each VRF on the CE are successfully being advertised to the 
PE, and are being installed in the VPN's routing table. I have also 
checked that they are being advertised correctly to each vrf on the CE 
from the PE. I.e. the PE is advertising 10.13.0.0/24 to vrf 2 (via it's 
IBGP session with 10.0.0.0) and 10.13.1.0/24 to vrf 1 (via it's IBGP 
session with 10.0.0.2).

I can't see anything different about the routes whatsoever. The PE 
strips extended communities inbound, and actually I'm not sure if I need 
the route-target export/import statements on the CE, since it should be 
straight ipv4 (although I do notice that it is sticking route target 
extended communities on the routes it sends to the PE).

I have turned on soft reconfiguration, and run:
show ip bgp vpnv4 vrf vrf2 neighbors 10.0.0.3 received-routes - but I 
still don't see anything that originated from the other vrf.

Is there something obvious that I am missing here? Any help would be 
much appreciated (and yes, I appreciate that what I am trying to do is a 
little bit strange but as I mentioned earlier, please humour me).

Regards,
Anton

There are two vrfs are configured on the CE, like so:

ip vrf vrf1
  rd 100:1
  route-target export 1:1
  route-target import 1:1
!
ip vrf vrf2
  rd 200:2
  route-target export 1:2
  route-target import 1:2

interface GigabitEthernet0/0.130
  description vrf 1 LAN interface
  encapsulation dot1Q 130
  ip vrf forwarding vrf1
  ip address 10.13.0.1 255.255.255.0

interface GigabitEthernet0/0.131
  description vrf 2 LAN interface
  encapsulation dot1Q 131
  ip vrf forwarding vrf2
  ip address 10.13.1.1 255.255.255.0

interface GigabitEthernet0/1.274
  description vrf 1 WAN interface
  encapsulation dot1Q 274
  ip vrf forwarding vrf1
  ip address 10.0.0.0 255.255.255.254

interface GigabitEthernet0/1.292
  description vrf 2 WAN interface
  encapsulation dot1Q 292
  ip vrf forwarding vrf2
  ip address 10.0.0.2 255.255.255.254

router bgp XXXXX
bgp router-id x.x.x.x
bgp log-neighbor-changes

address-family ipv4 vrf vrf1
  redistribute connected
  redistribute static
  neighbor 10.0.0.1 remote-as XXXXX
  neighbor 10.0.0.1 activate
  neighbor 10.0.0.1 send-community
  no auto-summary
  exit-address-family


address-family ipv4 vrf vrf2
  redistribute connected
  redistribute static
  neighbor 10.0.0.3 remote-as XXXXX
  neighbor 10.0.0.3 activate
  neighbor 10.0.0.3 send-community
  no auto-summary
  exit-address-family

More information about the cisco-nsp mailing list