[c-nsp] How not to redistribute statics into VRFs/BGP

David Freedman david.freedman at uk.clara.net
Tue Mar 24 13:51:39 EDT 2009 

Chris, the key thing here are the vrf address-families
"> address-family ipv4 vrf xxxx-Voice" e.g

Imagine these like the equivalent of the normal ipv4 address-family, but
for each VRF process.

These do not currently have "redistribute static" in them so you can
quite safely install "ip route vrf xxxx-Voice 0.0.0.0 0.0.0.0 x.x.x.x"
and then this will not be injected into the VRF through BGP until you
add "redistribute static" into the appropriate address-family

if I'm reading your post right?



ChrisSerafin wrote:
> I have a Sprint MPLS cloud for which they extend the VRF configs down to
> the CE. I am in the middle of divesting a section of these MPLS
> routers/subnets off of the main cloud and onto their own VRFs. I
> essentially want to start by making a handfull of the sites, change
> their default route for Internet. Normally I would just add a new static
> route and then NOT use 'redistribute static' in the BGP config, but this
> whole VRF is new to me.
> 
> Any thoughts would be great! Thanks:
> 
> ip cef
> !
> !
> ip vrf xxxx-General
> rd 1:10
> route-target export 1:10
> route-target import 1:10
> !
> ip vrf xxxx-Guest
> rd 1:30
> route-target export 1:30
> route-target import 1:30
> !
> ip vrf xxxx-Voice
> rd 1:20
> route-target export 1:20
> route-target import 1:20
> !
> 
> !
> !
> !
> !
> !
> !
> interface Loopback0
> ip address 10.10.10.10 255.255.255.255
> !
> !
> interface GigabitEthernet0/0
> description [ Link to Core Switch ]
> no ip address
> duplex auto
> speed auto
> !
> interface GigabitEthernet0/0.1
> description [ VLAN 1 - General xxxx Data VLAN ]
> encapsulation dot1Q 1 native
> ip vrf forwarding xxxx-General
> ip address 10.120.64.1 255.255.255.0
> ip virtual-reassembly
> !
> interface GigabitEthernet0/0.100
> description [ VLAN 100 - General xxxx Voice VLAN ]
> encapsulation dot1Q 100
> ip vrf forwarding xxxx-Voice
> ip address 10.121.64.1 255.255.255.0
> !
> interface GigabitEthernet0/0.200
> description [ VLAN 200 - General xxxx Guest VLAN ]
> encapsulation dot1Q 200
> ip vrf forwarding xxxx-Guest
> ip address 172.16.10.1 255.255.255.0
> !
> !
> interface Serial0/0/0:1
> no ip address
> encapsulation frame-relay
> shutdown
> frame-relay lmi-type ansi
> !
> interface Serial0/1/0
> description [ Sprint MPLS Circuit ]
> no ip address
> encapsulation frame-relay
> frame-relay lmi-type ansi
> service-policy output VOIP-WAN
> !
> interface Serial0/1/0.310 point-to-point
> description [ MPLS VRF - Data VLAN ]
> ip vrf forwarding xxxx-General
> ip address 10.150.1.37 255.255.255.252
> snmp trap link-status
> frame-relay interface-dlci 310  !
> interface Serial0/1/0.410 point-to-point
> description [ MPLS VRF - Voice VLAN ]
> ip vrf forwarding xxxx-Voice
> ip address 10.151.1.37 255.255.255.252
> snmp trap link-status
> frame-relay interface-dlci 410  !
> interface Serial0/1/0.510 point-to-point
> description [ MPLS VRF - Guest VLAN ]
> ip vrf forwarding xxxx-Guest
> ip address 10.152.1.37 255.255.255.252
> snmp trap link-status
> frame-relay interface-dlci 510  !
> router eigrp 217
> no auto-summary
> !
> address-family ipv4 vrf xxxx-General
>  network 10.11.0.0 0.0.0.255
>  network 10.120.64.0 0.0.0.255
>  no auto-summary
>  autonomous-system 19
> exit-address-family
> eigrp router-id 1.1.1.2
> eigrp event-logging
> !
> router bgp 65010
> bgp log-neighbor-changes
> neighbor 10.150.1.38 remote-as 1803
> neighbor 10.150.1.38 password 7 153E020A1xx373C3627
> neighbor 10.150.1.38 version 4
> !
> address-family ipv4
>  neighbor 10.150.1.38 activate
>  no auto-summary
>  no synchronization
> exit-address-family
> !
> address-family ipv4 vrf xxxx-Voice
>  neighbor 10.151.1.38 remote-as 1803
>  neighbor 10.151.1.38 password 7 0328520Dxx205F5A0C0B
>  neighbor 10.151.1.38 version 4
>  neighbor 10.151.1.38 activate
>  no synchronization
> exit-address-family
> !
> address-family ipv4 vrf xxxx-Guest
>  neighbor 10.152.1.38 remote-as 1803
>  neighbor 10.152.1.38 password 7 013F0F024xx071C35495C
>  neighbor 10.152.1.38 version 4
>  neighbor 10.152.1.38 activate
>  no synchronization
> exit-address-family
> !
> address-family ipv4 vrf xxxx-General
>  neighbor 10.150.1.38 remote-as 1803
>  neighbor 10.150.1.38 password 7 047702001xx4D5D1D1C17
>  neighbor 10.150.1.38 version 4
>  neighbor 10.150.1.38 activate
>  no synchronization
>  network 10.120.64.0 mask 255.255.255.0
> exit-address-family
> 
> 
> thanks,
> 
> Chris
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list