Официален блог на WebEKM EKM очаквайте сайта онлайн скоро.

Download Free Templates http://bigtheme.net/ free full Wordpress, Joomla, Mgento - premium themes.

VRF VPN and route leaking between VRFs and VRF and global routing table

vrfDiagramIf you use VRFs, sometimes you may want to use something what is being called “route leaking”. Route leaking consists in importing and exporting prefixes between VRFs or between VRF and global routing table. In this article I’ll show you how to implement route leaking in 5 different ways.

Here is a simple topology of the lab that we will be using, 2 VRFs GREEN and PINK or just GREEN VRF and global routing table on the right. I only assigned ip addresses and default routes on R1 and R3 that point out to the R2 router of course.Before you go over configuration you have to be familiar with VRF and MP-BGP  concept.

vrf route leaking
 

1. Static Routing vrf-vrf or global-vrf

vrf-global

ip vrf GREEN

ip int g0/0
ip vrf forwarding GREEN
ip add 192.168.1.2 255.255.255.0

in global routing table:
ip route 192.168.1.0 255.255.255.0 gigabitEthernet0/0

injecting route into vrf GREEN routing table:
ip route vrf GREEN 172.16.1.0 255.255.255.0 gigabitEthernet 0/1 172.16.1.3 global

add a static route to 172.16.1.0 network via gig0/1 interface with next hop 172.16.1.3 address that is placed in global routing table

vrf-vrf

ip vrf GREEN

ip int g0/0
ip vrf forwarding GREEN
ip add 192.168.1.2 255.255.255.0

ip vrf PINK
ip int g0/1
ip vrf forwarding PINK
ip add 171.16.1.2 255.255.255.0

in global routing table:
ip route 192.168.1.0 255.255.255.0 gigabitEthernet0/0
ip route 172.16.1.0 255.255.255.0 gigabitEthernet0/1

injecting route into vrf GREEN routing table:
ip route vrf GREEN 172.16.1.0 255.255.255.0 gigabitEthernet 0/1 172.16.1.3 global

injecting route into vrf PINK routing table:
ip route vrf PINK 192.168.1.0 255.255.255.0 gigabitEthernet 0/0 192.168.1.1 global

2. VRF Receive and route maps global-vrf

ip vrf GREEN

ip int g0/0
ip vrf forwarding GREEN
ip add 192.168.1.2 255.255.255.0

we want to leak traffic from global  to GREEN VRF

access-list 101 permit ip 172.16.1.0 0.0.0.255 192.168.1.0 0.0.0.255

route map that says: for the traffic from global to VRF GREEN use the next hop address of GREEN VRF edge interface from the Customer Edge point of view

route-map GLOBAL_TO_GREEN permit 10
match ip address 101
set ip vrf GREEN next-hop 192.168.1.1

assigning route map to the interface

interface g0/1
ip policy route-map GLOBAL_TO_GREEN
ip vrf receive GREEN

Before implementation of route map

vrf receive no routemap

After implementation of route map

 

vrf receive routemap
 

3. GRE tunnels vrf-global

ip vrf GREEN

interface g0/0
ip vrf forwarding GREEN
ip address 192.168.1.2 255.255.255.0

creating loopbacks for GRE tunnel

interface loopback0
ip address 1.1.1.1 255.255.255.255

interface loopback1
ip address 3.3.3.3 255.255.255.255

creating the tunnel

interface tunnel0
ip vrf forwarding GREEN
ip address 10.0.0.1 255.255.255.0
tunnel source loopback0
tunnel destination 3.3.3.3

interface tunnel1
ip address 10.0.0.3 255.255.255.0
tunnel source loopback1
tunnel destination 1.1.1.1

running IGP routing protocol through the tunnel and adding network to global routing table and to GREEN VRF table

router ospf 1
network 10.0.0.0 0.0.0.255 area 0     – tunnel interface
network 172.16.1.0 0.0.0.255 area 0   – link between R2 and R3

router ospf 2 vrf GREEN
network 10.0.0.0 0.0.0.255 area 0   – tunnel interface
network 192.168.1.0 0.0.0.255 area 0 – link between R2 and R1

4. MP-BGP vrf-vrf

ip vrf GREEN
rd 100:1
route-target export 100:1
route-target import 100:1
route-target import 100:2

ip vrf PINK
rd 100:2
route-target export 100:2
route-target import 100:2
route-target import 100:1

interface g0/0
ip vrf forwarding GREEN
ip address 192.168.1.2 255.255.255.0
no shut

interface g0/1
ip vrf forwarding PINK
ip address 172.16.1.2 255.255.255.0
no shut

router bgp 100
bgp router-id 2.2.2.2

address-family ipv4 vrf GREEN
redistribute connected

address-family ipv4 vrf PINK
redistribute connected

Verification

let’s check mp-bgp table 

mpbgp vrf 1
 

let’s check routing tables of VRF’s GREEN and PINK we see the static routes injected into BGP process

mpbgp vrf route leaking ip route
 

5. with using OSPF and replication vrf-vrf

ip vrf GREEN
ip vrf PINK

interface g0/0
ip vrf forwarding GREEN
ip address 192.168.1.2 255.255.255.0
no shut

interface g0/1
ip vrf forwarding PINK
ip address 172.16.1.2 255.255.255.0
no shut

ip vrf GREEN
route-replicate from vrf PINK unicast all

ip vrf PINK
route-replicate from vrf GREEN unicast all

router ospf 1 vrf GREEN
redistribute vrf PINK ospf 2 subnets
network 192.168.1.0 0.0.0.255 area 0

router ospf 2 vrf PINK
redistribute vrf GREEN ospf 1 subnets
network 172.16.1.0 0.0.0.255 area 0

 

,

Onlain bookmaker bet365.com - the best bokie

Menu