Search This Blog

Thursday, February 28, 2013

VRF route-map


 This lab I will use the following topology:

 
R1 to R4 are all SP routers where R1, R3 and R4 are PE routers and R2 is P router. R5 and R6 are CE routers running EIGRP as PE-to-CE routing protocol.

R5 and R6 belong to the same VRF name RED with both configured with RT100:100 as import and export communities.

So first let’s look on R1 VRF RED routing table:

R1#sh ip route vrf RED
 
Routing Table: RED
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
 
Gateway of last resort is 10.1.16.6 to network 0.0.0.0
 
     10.0.0.0/24 is subnetted, 2 subnets
C       10.1.16.0 is directly connected, FastEthernet1/1
B       10.1.34.0 [200/0] via 3.3.3.3, 00:00:02
B    192.168.53.0/24 [200/156160] via 3.3.3.3, 00:00:02
B    192.168.52.0/24 [200/156160] via 3.3.3.3, 00:00:02
B    192.168.51.0/24 [200/156160] via 3.3.3.3, 00:00:02
S*   0.0.0.0/0 [1/0] via 10.1.16.6

 

We can see that R1 is learning subnets 192.168.51.0/24, 192.168.52.0/24 and 192.168.53.0/24 from R3, which in turn learns those from R5.

R1 uses RT 100:100 to import and export routes from VRF RED:

R1# sh running-config | s ip vrf RED
ip vrf RED
 rd 1:100
 route-target export 100:100
 route-target import 100:100

 
Now I have configured the following route-map on R3:

ip prefix-list PL_NET51 permit 192.168.51.0/24
!
ip prefix-list PL_NET52 permit 192.168.52.0/24
!
ip prefix-list PL_NET53 permit 192.168.53.0/24
!
route-map RM_VRF_RED_EXPORT permit 10
  match ip address prefix-list PL_NET51
  set extcommunity rt 100:51
 exit
  route-map RM_VRF_RED_EXPORT permit 20
  match ip address prefix-list PL_NET52
  set extcommunity rt 100:52 additive
 exit
  ip vrf RED
  export map RM_VRF_RED_EXPORT

 

Clearing the BGP peering on R2 and let’s have a look on R1 VRF RED routing table:

R1#sh ip route vrf RED
 
Routing Table: RED
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
       D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
       N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
       E1 - OSPF external type 1, E2 - OSPF external type 2
       i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
       ia - IS-IS inter area, * - candidate default, U - per-user static route
       o - ODR, P - periodic downloaded static route
 
Gateway of last resort is 10.1.16.6 to network 0.0.0.0
 
     10.0.0.0/24 is subnetted, 2 subnets
C       10.1.16.0 is directly connected, FastEthernet1/1
B       10.1.34.0 [200/0] via 3.3.3.3, 00:00:05
B    192.168.53.0/24 [200/156160] via 3.3.3.3, 00:00:05
B    192.168.52.0/24 [200/156160] via 3.3.3.3, 00:00:05
B    192.168.51.0/24 [200/156160] via 4.4.4.4, 00:00:05
S*   0.0.0.0/0 [1/0] via 10.1.16.6

 

Ok, subnet 192.168.51.0/24 wasn’t learned from R3 due to changing in the extended community, note that I didn’t add the additive option so the extended community has changed for this subnet and R1 isn’t importing it.

Subnet 192.168.52.0/24 was learned as its holds both extended communities:

R1# show ip bgp vpnv4 vrf RED 192.168.52.0/24 bestpath
BGP routing table entry for 1:100:192.168.52.0/24, version 97
Paths: (2 available, best #2, table RED)
  Not advertised to any peer
  Local, imported path from 3:100:192.168.52.0/24
    3.3.3.3 (metric 3) from 2.2.2.2 (2.2.2.2)
      Origin incomplete, metric 156160, localpref 100, valid, internal, best
      Extended Community: RT:100:52 RT:100:100 Cost:pre-bestpath:128:156160
        0x8800:32768:0 0x8801:100:130560 0x8802:65281:25600 0x8803:65281:1500
      Originator: 3.3.3.3, Cluster list: 2.2.2.2
      mpls labels in/out nolabel/24

 
Subnet 192.168.53.0/24 is also learned via R3 although it’s not matched to any statement in the route-map.

As with access lists, there must be a default action for the route map to take in the event that a route or packet passes through every statement without a match. An implicit deny exists at the end of every route map. Routes that pass through a redistribution route map without a match are not redistributed, and packets that pass through a policy route map without a match are sent to the normal routing process.  

[CCIE Professional Development Routing TCPIP Volume I ch 14 lev1 sec 2]

The route-map doesn’t make any change to this subnet so it bound to the route-target import/export extended communities.

 

 

 

 

 

 
Posted by at
Labels: ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)