[c-nsp] Learning routes in global , but installing them into a VRF

Pavel Stefanov p.stefanov at v6horizons.net
Sat Dec 13 16:52:37 EST 2014


On IOS, you can use the "import ipv4 unicast map" under the VRF AFI 
definition to accomplishthis and on IOS XR it is "import from 
default-vrf route-policy".

On 13/12/2014 18:55, f287cd76 at opayq.com wrote:
> Hello
> Is it possible to learn routes via BGP in the global route table, but actually install them into another VRF?I can identify these routes with a community, but the 'set vrf' route-map is not supported as an in-bound route-map with BGP
> What I'm really trying to do is harden some Cisco DMVPN branch routers.These routers have an I-BGP session up for Enterprise routes in the global route tableHowever, their Internet facing interface is in a separate 'Front Door' VRF.    This isolates the Enterprise and Internet from each other.
> For extra security, I'd like to send bogon and known 'bad' routes to the router over it's existing BGP connection But I want to install those routes into the Internet VRF.
> Thanks in advanc 		 	   		
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/



More information about the cisco-nsp mailing list