[c-nsp] vpnv4 export map question

Fri Nov 18 03:46:33 EST 2011

Good morning,

I have a peering PE router with a VRF for internet use. This peering router
has between 8 and 25 routes in V999:INTERNET at any given time, it is not
taking a full feed, just default plus a few specifics.

vrf definition V999:INTERNET
 address-family ipv4
  export map RM_PERMIT_DEFAULT_ROUTE_SET_RT999
  route-target import 649X:999
  maximum routes 500 80
 exit-address-family

ip prefix-list PREFIX_MATCH_DEFAULT_ROUTE seq 10 permit 0.0.0.0/0

route-map RM_PERMIT_DEFAULT_ROUTE_SET_RT999 permit 10
 match ip address prefix-list PREFIX_MATCH_DEFAULT_ROUTE
 set extcommunity rt 649X:999 additive
route-map RM_PERMIT_DEFAULT_ROUTE_SET_RT999 deny 20
 ! This should be implicit, but added to clarity.

The intent of the configured export map is to ensure that it only sends the
default route to the route reflector, for import at downstream PE routers.

The default route is correctly advertised with the RT specified in the route
map:

RR# show ip bgp vpnv4 rd X.X.X.X:999 0.0.0.0 

  7018
    12.89.169.XX from 12.89.169.XX (12.122.124.XX)
      Origin IGP, metric 0, localpref 100, valid, external, best
      Extended Community: RT:649X:999
      mpls labels in/out 106/nolabel

However the PE is actually advertising ALL of its routes in the VRF to the
VPNv4 RR’s, without a route target extended community value:

RR#show ip bgp vpnv4 rd X.X.X.X:999 32.0.0.0

  7018 2686, (received & used)
    12.89.169.xx from 12.89.169.xx (12.122.124.xx)
      Origin IGP, localpref 100, valid, external, best
      mpls labels in/out 227/nolabel

Is there some misconfiguration with the export map? Why is the 32.0.0.0/8
prefix being advertised to the RR? Why doesn’t the export map filter it out?

I apologies if I am misunderstanding the purpose of an export map. Perhaps
there is another mechanism to accomplish this?

As always I appreciate your time. Thanks,

John