[c-nsp] 3560 vrf unwanted leaking when using tracked static route
jcovini at free.fr
jcovini at free.fr
Fri Feb 6 08:28:36 EST 2009
I would love you to be right, but it is indeed tracking inside the right vrf
I am changing the @IP in the paste below voluntarily (public ips...)
I have pretty similar config running on 6509 12.2.33sxh without this behavior.
The only difference is my 6509 use newer style config (ip sla monitor foo)
instead of former one (rtr foo)
rtr 2
type echo protocol ipIcmpEcho 1.2.3.4
timeout 1000
vrf Internet
frequency 5
rtr schedule 2 life forever start-time now
track 2 rtr 2 reachability
o#sho rtr config 2
SA Agent, Infrastructure Engine-II.
Entry number: 2
Owner:
Tag:
Type of operation to perform: echo
Target address: 1.2.3.4
Source address: 0.0.0.0
Request size (ARR data portion): 28
Operation timeout (milliseconds): 1000
Type Of Service parameters: 0x0
Verify data: No
Vrf Name: Internet
Operation frequency (seconds): 5
Next Scheduled Start Time: Start Time already passed
Group Scheduled : FALSE
Life (seconds): Forever
Entry Ageout (seconds): never
Recurring (Starting Everyday): FALSE
Status of entry (SNMP RowStatus): Active
Threshold (milliseconds): 5000
Number of statistic hours kept: 2
Number of statistic distribution buckets kept: 1
Statistic distribution interval (milliseconds): 20
Number of history Lives kept: 0
Number of history Buckets kept: 15
History Filter Type: None
Enhanced History:
Selon Wouter Prins <wp at null0.nl>:
> Okay then i guess it happens because you didnt specify the vrf in your sla
> configuration.
>
> ip sla monitor 1
> type xx
> vrf x
>
> I dont know if the 3560 can do that (my guess is no) :)
>
> Can you post your sla config?
>
> 2009/2/6 <jcovini at free.fr>
>
> > Just tried : it still installs the route with "global" flag
> > ip route vrf Internet 192.168.0.0 255.255.255.0 Vlan999 9.9.9.9 global
> > track 2
> >
> >
> >
> > Selon Wouter Prins <wp at null0.nl>:
> >
> > > Can you try to specify the outgoing interface in your static vrf route
> > and
> > > test again?
> > >
> > > 2009/2/6 <jcovini at free.fr>
> > >
> > > > Hey,
> > > >
> > > > Got a strange behavior on a C3560 12.2(35)SE5.
> > > >
> > > > I am locally attached interface to 9.9.9.0/24 network where my next
> > hop
> > > > 9.9.9.9
> > > > is. This interface is member of vrf Internet
> > > >
> > > > I have a vrf static route, working perfect :
> > > > ip route vrf Internet 192.168.0.0 255.255.255.0 9.9.9.9
> > > >
> > > >
> > > > As soon as I remove and replace this route by a tracked one, the IOS
> > adds
> > > > the
> > > > "global" keyword.
> > > > I input this :
> > > > ip route vrf Internet 192.168.0.0 255.255.255.0 9.9.9.9 track 2
> > > > and got this in the show run output :
> > > > ip route vrf Internet 192.168.0.0 255.255.255.0 9.9.9.9 global track 2
> > > >
> > > > Leaking then occurs, traffic is not reaching next-hop 9.9.9.9, but
> > rather
> > > > goes
> > > > to some router defined in the global routing table, which has a
> > > 9.0.0.0/8entry.
> > > > My tracker object is correctly defined inside the vrf Internet and is
> > > > flagged
> > > > UP.
> > > >
> > > > I rollback to a non-tracked route : no global keayword added, no
> > leaking,
> > > > everything is fine.
> > > >
> > > > Have no idea what's happening here. Got the same config on a 6509
> > > > 12.2.33sxh,
> > > > works like a charm. What error did I do ?
> > > >
> > > > Jerome Covini
> > > > _______________________________________________
> > > > cisco-nsp mailing list cisco-nsp at puck.nether.net
> > > > https://puck.nether.net/mailman/listinfo/cisco-nsp
> > > > archive at http://puck.nether.net/pipermail/cisco-nsp/
> > > >
> > >
> >
> >
> >
>
More information about the cisco-nsp
mailing list