[c-nsp] 7600 VRF BGP dynamic route leaking

William Jackson william.jackson at gibtele.com
Fri Jul 26 09:19:18 EDT 2013


I have a dynamic route leaking working ** in that the routes seem to propagate properly. But traffic doesn't flow across the vrf boundary.

I have a 7600 with a VRF and a CPE router downstream in the VRF.
The global learns a default BGP route from an upstream iBGP peer =

I have in my VRF an import policy that will import ONLY that default into the VRF:
vrf definition CPE-Management
Rd 200:123456
address-family ipv4
  import ipv4 unicast map default-route-only
  route-target export 200:989898
  route-target import 200:989898

This does indeed works and imports the route into my VRF:

sh ip bgp vpnv4 vrf CPE-Management
BGP routing table entry for 8301:989898:, version 77
Paths: (1 available, best #1, table CPE-Management)
  Not advertised to any peer
  Refresh Epoch 1
  65535 8301, imported path from (global) (metric 10) from (
      Origin IGP, metric 0, localpref 100, valid, internal, no-import, no-import, best
      rx pathid: 0, tx pathid: 0x0

I then leak a loopback I have inside the VRF to the default table.
sh ip bgp
BGP routing table entry for, version 93881
Paths: (1 available, best #1, table default)
Multipath: iBGP
  Advertised to update-groups:
     1          16
  Refresh Epoch 1
  Local, imported path from 200:989898: (CPE-Management) from (
      Origin incomplete, metric 0, localpref 100, weight 32768, valid, external, best
      Extended Community: RT:200:989898
      rx pathid: 0, tx pathid: 0x0

There are no ACLs involved.
Inside the VRF I can ping freely between CPE and PE.

But from inside the VRF I cannot ping against an IP in the global table even setting the source as the exported loopback.

Any ideas?


More information about the cisco-nsp mailing list