[c-nsp] How not to redistribute statics into VRFs/BGP
ChrisSerafin
chris at chrisserafin.com
Tue Mar 24 14:01:55 EDT 2009
That does sound correct, I will schedule some testing time, thanks for
your input!
David Freedman wrote:
> Chris, the key thing here are the vrf address-families
> "> address-family ipv4 vrf xxxx-Voice" e.g
>
> Imagine these like the equivalent of the normal ipv4 address-family, but
> for each VRF process.
>
> These do not currently have "redistribute static" in them so you can
> quite safely install "ip route vrf xxxx-Voice 0.0.0.0 0.0.0.0 x.x.x.x"
> and then this will not be injected into the VRF through BGP until you
> add "redistribute static" into the appropriate address-family
>
> if I'm reading your post right?
>
>
>
> ChrisSerafin wrote:
>
>> I have a Sprint MPLS cloud for which they extend the VRF configs down to
>> the CE. I am in the middle of divesting a section of these MPLS
>> routers/subnets off of the main cloud and onto their own VRFs. I
>> essentially want to start by making a handfull of the sites, change
>> their default route for Internet. Normally I would just add a new static
>> route and then NOT use 'redistribute static' in the BGP config, but this
>> whole VRF is new to me.
>>
>> Any thoughts would be great! Thanks:
>>
>> ip cef
>> !
>> !
>> ip vrf xxxx-General
>> rd 1:10
>> route-target export 1:10
>> route-target import 1:10
>> !
>> ip vrf xxxx-Guest
>> rd 1:30
>> route-target export 1:30
>> route-target import 1:30
>> !
>> ip vrf xxxx-Voice
>> rd 1:20
>> route-target export 1:20
>> route-target import 1:20
>> !
>>
>> !
>> !
>> !
>> !
>> !
>> !
>> interface Loopback0
>> ip address 10.10.10.10 255.255.255.255
>> !
>> !
>> interface GigabitEthernet0/0
>> description [ Link to Core Switch ]
>> no ip address
>> duplex auto
>> speed auto
>> !
>> interface GigabitEthernet0/0.1
>> description [ VLAN 1 - General xxxx Data VLAN ]
>> encapsulation dot1Q 1 native
>> ip vrf forwarding xxxx-General
>> ip address 10.120.64.1 255.255.255.0
>> ip virtual-reassembly
>> !
>> interface GigabitEthernet0/0.100
>> description [ VLAN 100 - General xxxx Voice VLAN ]
>> encapsulation dot1Q 100
>> ip vrf forwarding xxxx-Voice
>> ip address 10.121.64.1 255.255.255.0
>> !
>> interface GigabitEthernet0/0.200
>> description [ VLAN 200 - General xxxx Guest VLAN ]
>> encapsulation dot1Q 200
>> ip vrf forwarding xxxx-Guest
>> ip address 172.16.10.1 255.255.255.0
>> !
>> !
>> interface Serial0/0/0:1
>> no ip address
>> encapsulation frame-relay
>> shutdown
>> frame-relay lmi-type ansi
>> !
>> interface Serial0/1/0
>> description [ Sprint MPLS Circuit ]
>> no ip address
>> encapsulation frame-relay
>> frame-relay lmi-type ansi
>> service-policy output VOIP-WAN
>> !
>> interface Serial0/1/0.310 point-to-point
>> description [ MPLS VRF - Data VLAN ]
>> ip vrf forwarding xxxx-General
>> ip address 10.150.1.37 255.255.255.252
>> snmp trap link-status
>> frame-relay interface-dlci 310 !
>> interface Serial0/1/0.410 point-to-point
>> description [ MPLS VRF - Voice VLAN ]
>> ip vrf forwarding xxxx-Voice
>> ip address 10.151.1.37 255.255.255.252
>> snmp trap link-status
>> frame-relay interface-dlci 410 !
>> interface Serial0/1/0.510 point-to-point
>> description [ MPLS VRF - Guest VLAN ]
>> ip vrf forwarding xxxx-Guest
>> ip address 10.152.1.37 255.255.255.252
>> snmp trap link-status
>> frame-relay interface-dlci 510 !
>> router eigrp 217
>> no auto-summary
>> !
>> address-family ipv4 vrf xxxx-General
>> network 10.11.0.0 0.0.0.255
>> network 10.120.64.0 0.0.0.255
>> no auto-summary
>> autonomous-system 19
>> exit-address-family
>> eigrp router-id 1.1.1.2
>> eigrp event-logging
>> !
>> router bgp 65010
>> bgp log-neighbor-changes
>> neighbor 10.150.1.38 remote-as 1803
>> neighbor 10.150.1.38 password 7 153E020A1xx373C3627
>> neighbor 10.150.1.38 version 4
>> !
>> address-family ipv4
>> neighbor 10.150.1.38 activate
>> no auto-summary
>> no synchronization
>> exit-address-family
>> !
>> address-family ipv4 vrf xxxx-Voice
>> neighbor 10.151.1.38 remote-as 1803
>> neighbor 10.151.1.38 password 7 0328520Dxx205F5A0C0B
>> neighbor 10.151.1.38 version 4
>> neighbor 10.151.1.38 activate
>> no synchronization
>> exit-address-family
>> !
>> address-family ipv4 vrf xxxx-Guest
>> neighbor 10.152.1.38 remote-as 1803
>> neighbor 10.152.1.38 password 7 013F0F024xx071C35495C
>> neighbor 10.152.1.38 version 4
>> neighbor 10.152.1.38 activate
>> no synchronization
>> exit-address-family
>> !
>> address-family ipv4 vrf xxxx-General
>> neighbor 10.150.1.38 remote-as 1803
>> neighbor 10.150.1.38 password 7 047702001xx4D5D1D1C17
>> neighbor 10.150.1.38 version 4
>> neighbor 10.150.1.38 activate
>> no synchronization
>> network 10.120.64.0 mask 255.255.255.0
>> exit-address-family
>>
>>
>> thanks,
>>
>> Chris
>> _______________________________________________
>> cisco-nsp mailing list cisco-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/cisco-nsp
>> archive at http://puck.nether.net/pipermail/cisco-nsp/
>>
>>
>
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
> ------------------------------------------------------------------------
>
>
> No virus found in this incoming message.
> Checked by AVG - www.avg.com
> Version: 8.0.238 / Virus Database: 270.11.26/2020 - Release Date: 03/24/09 09:19:00
>
>
More information about the cisco-nsp
mailing list