[c-nsp] route leak from main to vrf
James Bensley
jwbensley+cisco-nsp at gmail.com
Fri Jan 8 13:09:58 EST 2021
On Fri, 8 Jan 2021 at 10:44, BASSAGET Cédric
<cedric.bassaget.ml at gmail.com> wrote:
>
> Hello,
> I'm trying to leak routes from my main routing table to a VRF.
>
> Using Cisco IOS XE Software, Version 16.09.05 on a ASR1001-X
>
> I've done this config :
>
> ip prefix-list BT_LNS-out seq 5 permit x.x.x.3/32
> ip prefix-list BT_LNS-out seq 10 permit x.x.x.4/32
>
> ip prefix-list BT_radius-out seq 5 permit x.x.x.5/32
> ip prefix-list BT_radius-out seq 10 permit x.x.x.6/32
>
> route-map BT_bgp-out permit 10
> match ip address prefix-list BT_LNS-out BT_radius-out
>
> ip vrf interco_BT
> rd 12844:1
> import ipv4 unicast map BT_bgp-out
>
> ip route x.x.x.3 255.255.255.255 Loopback0
> ip route x.x.x.4 255.255.255.255 <next-hop>
> ip route x.x.x.5 255.255.255.255 <next-hop>
> ip route x.x.x.6 255.255.255.255 <next-hop>
>
> so my main routing table has routes to x.x.x.[3-6]/32 but I'm unable to see
> the routes in the VRF "interco_BT".
>
> Tried to add route in the vrf :
> ip route vrf interco_BT x.x.x.3 255.255.255.255 loopback 0
> % For VPN or topology routes, must specify a next hop IP address if not a
> point-to-point interface
>
> I guess I'm missing something.
> Can somebody tell my where I am wrong please ?
Hi Cedric,
I haven't tried route leaking between a VRF and the GRT in ages, so I
can't really remember the caveats. With regards to the static route, I
can remember that you can have a static from a VRF to the GRT, but not
from the GRT to a VRF (so you'll have no return route):
ip route vrf interco_BT x.x.x.3 255.255.255.255 y.y.y.y global
The "global" keyword is needed for a static route inside a VRF with a
next hop in the GRT. I don't believe there is an equivalent method for
GRT to VRF though.
It looks like you're trying to route leak loopback interface IP's
though - if that is accurate, you can create another loopback
interface within the VRF with the same IP(s) as your GRT loopback.
Cheers,
James.
More information about the cisco-nsp
mailing list