Dynamic route leaking enables routes that are configured in the default or a nondefault VRF instance to be made available to another VRF instance. You can leak routes from a source VRF instance to a destination VRF instance.
OS10 supports leaking routes for static and dynamic routes. The leaked routes retain the type of the route, whether they are static, OSPF, BGP, or connected routes in the destination VRF. For example, leaked OSPF routes from one VRF are imported as OSPF routes in the destination VRF. You can use a route map for route filtering when importing routes to a VRF.
The routes must be leaked in both source and destination VRFs to achieve end-to-end traffic flow.
NOTE: Dell Technologies recommends configuring unique route targets in every VRF.
Restrictions for route leaking
BFD attributes are not carried over to a leaked static route. If BFD removes a static route from the VRF that leaks the route, the leaked route is removed from the VRF that imports it. When the static route is restored in the VRF that leaks the route, the leaked route is restored in the VRF that imports it.
Using route targets does not leak /32 prefixes on loopback interfaces. You can use static route leaking to leak /32 prefixes on loopback interfaces.
The following lists the maximum number of leaked routes supported by the system with ECMP:
4000 IPv4 routes and 2000 IPv6 routes with 64 ECMP paths.
2000 IPv4 routes and 1000 IPv6 routes with 128 ECMP paths.
Table 1. Unsupported export and import route map attributesOS10 does not support the following export and import route map attributes:
Route map option
Attribute
Protocol
set
as-path
BGP
set
community
BGP
set
comm-list
BGP
set
tag
OSPF
set
extcommunity
BGP
set
extcomm-list
BGP
set
local-preference
BGP
set
origin
BGP
set
metric-type
BGP
set
weight
BGP
set
route-type local
BGP
Table 2. List of supported
set attributes in a route map at exportOS10 carries the following protocol attributes to the leaked VRF:
Route map option
Attribute
set
ip next-hop
set
ipv6 next-hop
set
ip vrf next hop
set
ipv6 vrf next hop
Table 3. Supported match attributes for importing and exporting routesOS10 supports the following
match attributes for importing and exporting routes using route maps:
Route map option
Attribute
Protocol
match
route-type
OSPF
match
tag
OSPF
match
ip
IP prefix list
match
ipv6
IPv6 prefix list
match
origin
BGP
match
metric
routes matched against route's metric
match
interface
routes matched against Source VRF egress interface of the domain
match
source-protocol
routes matched against Source Protocol
Table 4. Supported routing protocol attributes in leaked routeOS10 supports the following routing protocol attributes in the leaked route:
Attribute
Routing protocol
route-type
OSPF
tag
OSPF
origin
BGP
metric
OSPF
Prerequisites for dynamic route leaking
When BGP route is leaked from a parent VRF to child VRF, a BGP instance must be present in the child VRF for route leaking to work. This prerequisite is applicable to OSPF and EVPN routes as well.
Table 5. Behavior of dynamic route leaking featureBehavior of dynamic route leaking feature
Protocol
Dynamic routing protocol instance configuration in parent VRF
Dynamic routing protocol instance configuration in child VRF
Behavior of dynamic route leaking feature
BGP
Configure route leaking from the default VRF to the child VRF, DELL.
!
ip vrf default
ip route-export 1:1
!
ip vrf dell
ip route-import 1:1
Configure BGP instance in the default VRF.
!
router bgp 100
!
neighbor 10.1.1.2
remote-as 100
no shutdown
!
neighbour 100::2
remote-as 100
no shut
!
Configure BGP instance in the child VRF.
!
router bgp 100
!
vrf dell
When BGP instance is not configured in the child VRF, BGP routes in the default VRF are not leaked to the child VRF. However, when the child VRF is configured under router BGP, the leaked BGP routes are installed in the child routing table manager (RTM).
NOTE:
An active BGP session is not required to honor the leaked BGP routes in the child VRF. Configuration of BGP instance in the child VRF is sufficient for the route leaking feature to install the BGP routes in RTM.
An active BGP session is required to redistribute leaked BGP routes in the child VRF.
OSPFv2
Configure route leaking from default VRF to the child VRF, DELL.
!
ip vrf default
ip route-export 1:1
!
ip vrf red
ip route-import 1:1
Configure OSPF instance in the default VRF.
router ospf 10
Configure OSPF instance in the child VRF.
router ospf 11 vrf dell
In this scenario, when OSPF routes in the default VRF are leaked to the child VRF, they are not honored in the child VRF. When OSPF instance is configured in the child VRF, the leaked OSPF routes are installed in the child RTM.
NOTE:
An active OSPF session is not required to honor the leaked OSPF routes in the child VRF. Configuration of OSPFv2 instance in the child VRF is sufficient for the route leaking feature to install the routes in RTM.
An active OSPF session is required to redistribute the leaked OSPF routes in the child VRF.
OSPFv3
Configure route leaking from the default VRF to the child VRF, DELL.
!
ip vrf default
ip route-export 1:1
!
ip vrf red
ip route-import 1:1
Configure OSPFv3 instance in the default VRF.
router ospfv3 10
Configure OSPFv3 instance in the child VRF.
router ospfv3 11 vrf dell
In this scenario, when OSPFv3 routes in the default VRF are leaked to the child VRF, the leaked routes are not honored in the child VRF. When OSPFv3 instance is configured in the child VRF, the leaked OSPFv3 routes are installed in the child RTM.
NOTE:
An active OSPFv3 session is not required to honor the leaked OSPFv3 routes in the child VRF. Configuration of OSPFv3 instance in the child VRF is sufficient for the route leaking feature to install the routes in RTM.
An active OSPFv3 session is required to redistribute the leaked OSPFv3 routes in the child VRF.
EVPN
Configure route leaking from default VRF to the child VRF.
!
ip vrf default
ip route-export 1:1
!
ip vrf red
ip route-import 1:1
Configure a EVPN instance in the child VRF.
evpn
!
vrf dell
When a child VRF is configured under EVPN, the leaked EVPN routes are installed in the child RTM.
NOTE:
Configuration of EVPN instance in the child VRF is sufficient for the route leaking feature to install the EVPN routes in RTM.
An active EVPN instance is required to redistribute leaked EVPN routes in the child VRF.
Route selection in the leaked VRF
If a route is present in the local VRF and the same route is leaked from another VRF, OS10 prefers the route with the lowest administrative distance.
If a route is present in the local VRF and the same route is leaked from another VRF with the same administrative distance, OS10 prefers the local route.
When OS10 compares routes that are received from different sources, the software prefers routes with the lowest administrative distance. If the administrative distance is the same, the software prefers the route with lowest metric value. If the metric is also the same, the software prefers the local route, if available.
If a VRF receives the same route from multiple VRFs, OS10 prefers the route that it received first. When the active route fails, OS10 applies the route that it received after the first route to the routing table.
If a VRF receives the same route from multiple VRFs with the same route target values, OS10 prefers the route that it received first.
If a VRF receives ECMP paths from another VRF, the VRF that receives the routes treats the routes as ECMP paths.
Redistribution of leaked routes
After you configure the system to leak routes from one VRF instance to another VRF instance, you can redistribute the leaked routes to the same routing protocol. The following lists the commands that you use for redistribution of leaked routes:
Redistribute leaked BGP routes to BGP—Use the
redistribute imported-bgp-routes vrf
vrf-name command.
Redistribute leaked OSPF routes to OSPF—Use the
redistribute imported-ospf-routes command.
Redistribute leaked BGP EVPN routes to the BGP peer—Use the
redistribute l2vpn evpn command.
Leak all IPv4 routes from one VRF to another VRF
Use the following procedure to export (leak) all IPv4 routes from all routing protocols from one VRF instance to another VRF instance:
Enter the VRF from which you want to leak routes in CONFIGURATION mode.
ip vrf source-vrf-name
Export all routes that belong to one VRF instance in VRF-CONFIGURATION mode.
ip route-export route-target
Enter the VRF instance to which you want to leak routes in CONFIGURATION mode.
ip vrf destination-vrf-name
Import routes from another VRF instance in VRF-CONFIGURATION mode using the same route target.
ip route-import route-target
Export routes from the second VRF instance to the first VRF instance in VRF-CONFIGURATION mode using a different route target.
ip route-import route-target
Import routes to the first VRF instance from the second VRF instance in VRF-CONFIGURATION mode using the same route target that you use to export from the second VRF instance.
ip route-import route-target
Example - Leak all IPv4 routes
OS10(config)# ip vrf vrf1
OS10(conf-vrf)# ip route-export 1:1
OS10(conf-vrf)# ip route-import 2:2
OS10(conf-vrf)# exit
OS10(config)# ip vrf vrf2
OS10(conf-vrf)# ip route-import 1:1
OS10(conf-vrf)# ip route-export 2:2
Leak all IPv6 routes from one VRF to another VRF
Use the following procedure to export (leak) all IPv6 routes from all routing protocols from one VRF instance to another VRF instance:
Enter the VRF from which you want to leak routes in CONFIGURATION mode.
ip vrf source-vrf-name
Export all routes that belong to one VRF instance in VRF-CONFIGURATION mode.
ipv6 route-export route-target
Enter the VRF instance to which you want to leak routes in CONFIGURATION mode.
ip vrf destination-vrf-name
Import routes from another VRF instance in VRF-CONFIGURATION mode using the same route target.
ipv6 route-import route-target
Export routes from the second VRF instance to the first VRF instance in VRF-CONFIGURATION mode using a different route target.
ipv6 route-import route-target
Import routes to the first VRF instance from the second VRF instance in VRF-CONFIGURATION mode using the same route target that you use to export from the second VRF instance.
Use any of the supported
match or
set attributes as required.
Import routes to the first VRF instance from the second VRF instance in VRF-CONFIGURATION mode using the same route target that you use to export from the second VRF instance.
ip route-import route-target route-map route-map-name
Use any of the supported
match or
set attributes as required.
Import routes to the first VRF instance from the second VRF instance in VRF-CONFIGURATION mode using the same route target that you use to export from the second VRF instance.
ip route-import route-target [route-map route-map-name]
Example - Route leaking across VRFs in a VXLAN BGP EVPN symmetric IRB topology
The following VXLAN with BGP EVPN example uses a Clos leaf-spine topology to show how to set up route leaking across VRF in a symmetric IRB topology.
The following explains how the network is configured:
All VTEPs perform symmetric IRB routing. In this example, all spine nodes are in one autonomous system and each VTEP in the leaf network belongs to a different autonomous system. Spine switch 1 is in AS 101. Spine switch 2 is in AS 101. For leaf nodes, VLT domain 1 is in AS 201; VLT domain 2 is in AS 202. VLT domain 2 is a border leaf VTEP.
The individual switch configuration shows how to configure VRFs in the VTEPs and configure route leaking between VRFs. For other VXLAN and BGP EVPN configuration, see other examples and the VXLAN section.
Route leaking is performed on the Border Leaf VTEP.
There are three nondefault VRFs present in the network – Yellow, Green, and Red.
Route leaking is done between:
VRF-Yellow and VRF-Green.
VRF-Yellow and VRF-Red.
VRF-Yellow and VRF-default (underlay with external router)
NOTE: Route leaking is not performed between VRF-Green and VRF-Red.
On VTEPs 1 and 2, two VRFs are present – VRF-Yellow and VRF-Green. VN10001 is part of VRF-Yellow and VN20001 is part of VRF-Green.
On VTEPs 3 and 4, three VRFs are present – VRF-Yellow, VRF-Green and VRF-Red. VN10001 is part of VRF-Yellow and VN30001 is part of VRF-Red. VRF-Green does not have local VNs.
On all VTEPs, symmetric IRB is configured in EVPN mode using a unique, dedicated VXLAN VNI, and Auto RD/RT values for each tenant VRF.
On all VTEPs, the
disable-rt-asn command is used to autoderive the RT that does not include the ASN in the RT value. This allows auto RT to be used even if there are separate ASNs for each leaf node.
A VLAN to an external network is configured on VTEPs 3 and 4 in the VLT domain that serves as the border-leaf gateway.
Leaf 1 configuration
Configure VRFs Yellow and Green.
OS10(config)# ip vrf Yellow
OS10(conf-vrf)# exit
OS10(config)# ip vrf Green
OS10(conf-vrf)# exit
Configure Layer 3 virtual-network interfaces with VRFs and IP addresses.
OS10(config)# interface virtual-network 10001
OS10(conf-if-vn-10001)# ip vrf forwarding Yellow
OS10(conf-if-vn-10001)# ip address 10.1.0.1/24
OS10(conf-if-vn-10001)# ip virtual-router address 10.1.0.254
OS10(conf-if-vn-10001)#
OS10(config)# interface virtual-network 20001
OS10(conf-if-vn-20001)# ip vrf forwarding Green
OS10(conf-if-vn-20001)# ip address 10.2.0.1/24
OS10(conf-if-vn-20001)# ip virtual-router address 10.2.0.254
NOTE: For creating the virtual-networks with access ports, check the relevant sections.
Configure the border-leaf to advertise the default route into the EVPN in each VRF. From the other VTEPs, any traffic to an external network and also to networks which are not within the local VRF reaches the Border Leaf router using this default route.
If the border-leaf is already getting a default route from an external router for each VRF: Advertise the BGP route using the
advertise ipv4 bgp command for each VRF in the EVPN.
If the border-leaf does not get a default route from an external router: Configure a static null default route in each VRF and advertise it using
advertise ipv4 static command for each VRF in the EVPN.
OS10(config)# ip route vrf Yellow 0.0.0.0/0 interface null 0
OS10(config)# ip route vrf Green 0.0.0.0/0 interface null 0
OS10(config)# evpn
OS10(config-evpn)# vrf Yellow
OS10(config-evpn-vrf-Yellow)# advertise ipv4 static
OS10(config-evpn-vrf-Yellow)# exit
OS10(config-evpn)# vrf Green
OS10(config-evpn-vrf-Green)# advertise ipv4 static
OS10(config-evpn-vrf-Green)# exit
(Optional) Configure route-maps with a prefix-list to leak selective routes from each VRF.
OS10(config)# ip prefix-list PrefixList_DefaultVrf_Export permit 10.10.0.0/24
OS10(config)# ip prefix-list PrefixList_YellowVrf_Export permit 10.1.0.0/24 le 32
OS10(config)# ip prefix-list PrefixList_GreenVrf_Export permit 10.2.0.0/24
OS10(config)# ip prefix-list PrefixList_RedVrf_Export permit 10.3.0.0/24
OS10(config)# route-map RouteMap_DefaultVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_DefaultVrf_Export
OS10(config-route-map)# exit
OS10(config)# route-map RouteMap_YellowVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_YellowVrf_Export
OS10(config-route-map)# exit
OS10(config)# route-map RouteMap_GreenVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_GreenVrf_Export
OS10(config-route-map)# exit
OS10(config)# route-map RouteMap_RedVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_RedVrf_Export
OS10(config-route-map)# exit
NOTE: While leaking EVPN routes, only the subnet routes must be leaked. Host routes (/32) need not be leaked and could be blocked using route-maps. But, if you have certain VNs stretched on the border-leaf as well (like in Yellow VRF), you must leak the host routes as well.
Configure route leaking between:
Yellow VRF and
default VRF.
Yellow VRF and
Green VRF.
Yellow VRF and
Red VRF.
OS10(config)# ip vrf default
OS10(conf-vrf)# ip route-export 0:0 route-map RouteMap_DefaultVrf_Export
OS10(conf-vrf)# ip route-import 1:1
OS10(conf-vrf)# exit
OS10(config)# ip vrf Yellow
OS10(conf-vrf)# ip route-export 1:1 route-map RouteMap_YellowVrf_Export
OS10(conf-vrf)# ip route-import 0:0
OS10(conf-vrf)# ip route-import 2:2
OS10(conf-vrf)# ip route-import 3:3
OS10(conf-vrf)# exit
OS10(config)# ip vrf Green
OS10(conf-vrf)# ip route-export 2:2 route-map RouteMap_GreenVrf_Export
OS10(conf-vrf)# ip route-import 1:1
OS10(conf-vrf)# exit
OS10(config)# ip vrf Red
OS10(conf-vrf)# ip route-export 3:3 route-map RouteMap_RedVrf_Export
OS10(conf-vrf)# ip route-import 1:1
OS10(conf-vrf)# exit
(Optional) For advertising leaked routes from
Yellow VRF only to an external router on the
default VRF and not to an underlay network, use route-maps on spine-facing eBGP neighbors and also on the iBGP neighbor between the VLT peers.
OS10(config)# ip prefix-list PrefixList_Deny_YellowVrfRoutes deny 10.1.0.0/24 le
OS10(config)# ip prefix-list PrefixList_Deny_YellowVrfRoutes permit 0.0.0.0/0 le 32
OS10(config)#
OS10(config)# route-map RouteMap_Deny_YellowVrfRoutes
OS10(config-route-map)# match ip address prefix-list PrefixList_Deny_YellowVrfRoutes
OS10(config-route-map)#
OS10(config-route-map)# router bgp 202
OS10(config-router-bgp-202)# address-family ipv4 unicast
OS10(configure-router-bgpv4-af)# redistribute l2vpn evpn
OS10(configure-router-bgpv4-af)# redistribute connected
OS10(configure-router-bgpv4-af)# exit
OS10(config-router-bgp-202)# neighbor 192.168.2.0
OS10(config-router-neighbor)# address-family ipv4 unicast
OS10(config-router-bgp-neighbor-af)# route-map RouteMap_Deny_YellowVrfRoutes out
OS10(config-router-bgp-neighbor-af)# exit
OS10(config-router-neighbor)# exit
OS10(config-router-bgp-202)# neighbor 192.168.2.2
OS10(config-router-neighbor)# address-family ipv4 unicast
OS10(config-router-bgp-neighbor-af)# route-map RouteMap_Deny_YellowVrfRoutes out
OS10(config-router-bgp-neighbor-af)# exit
OS10(config-router-neighbor)# exit
OS10(config-router-bgp-202)# neighbor 192.168.2.241
OS10(config-router-neighbor)# address-family ipv4 unicast
OS10(config-router-bgp-neighbor-af)# route-map RouteMap_Deny_YellowVrfRoutes out
OS10(config-router-bgp-neighbor-af)# exit
OS10(config-router-neighbor)# exit
OS10(config-router-bgp-202)# neighbor 10.10.0.3
OS10(config-router-neighbor)# remote-as 301
OS10(config-router-neighbor)# no shutdown
OS10(config-router-neighbor)# exit
Leaf 4 configuration
Configure VRFs Yellow, Green, and Red.
OS10(config)# ip vrf Yellow
OS10(conf-vrf)# exit
OS10(config)# ip vrf Green
OS10(conf-vrf)# exit
OS10(config)# ip vrf Red
OS10(conf-vrf)# exit
Configure Layer 3 virtual-network interfaces with VRFs and IP addresses.
OS10(config)# interface virtual-network 10001
OS10(conf-if-vn-10001)# ip vrf forwarding Yellow
OS10(conf-if-vn-10001)# ip address 10.1.0.4/24
OS10(conf-if-vn-10001)# ip virtual-router address 10.1.0.254
OS10(conf-if-vn-10001)#
OS10(config)# interface virtual-network 30001
OS10(conf-if-vn-30001)# ip vrf forwarding Red
OS10(conf-if-vn-30001)# ip address 10.3.0.2/24
OS10(conf-if-vn-30001)# ip virtual-router address 10.3.0.254
Configure a border-leaf to advertise the default route into the EVPN in each VRF. From the other VTEPs, any traffic to external network and also to networks which are not within the local VRF reaches the Border-Leaf router using this default route.
If the border-leaf is already getting a default route from an external router for each VRF: Advertise the BGP route using the
advertise ipv4 bgp command for each VRF in the EVPN.
If the border-leaf does not get a default route from an external router: Configure a static null default route in each VRF and advertise it using the
advertise ipv4 static command for each VRF in the EVPN.
OS10(config)# ip route vrf Yellow 0.0.0.0/0 interface null 0
OS10(config)# ip route vrf Green 0.0.0.0/0 interface null 0
OS10(config)# evpn
OS10(config-evpn)# vrf Yellow
OS10(config-evpn-vrf-Yellow)# advertise ipv4 static
OS10(config-evpn-vrf-Yellow)# exit
OS10(config-evpn)# vrf Green
OS10(config-evpn-vrf-Green)# advertise ipv4 static
OS10(config-evpn-vrf-Green)# exit
(Optional) Configure route-maps with a prefix-list to leak selective routes from each VRF.
OS10(config)# ip prefix-list PrefixList_DefaultVrf_Export permit 10.10.0.0/24
OS10(config)# ip prefix-list PrefixList_YellowVrf_Export permit 10.1.0.0/24 le 32
OS10(config)# ip prefix-list PrefixList_GreenVrf_Export permit 10.2.0.0/24
OS10(config)# ip prefix-list PrefixList_RedVrf_Export permit 10.3.0.0/24
OS10(config)#
OS10(config)# route-map RouteMap_DefaultVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_DefaultVrf_Export
OS10(config-route-map)# exit
OS10(config)# route-map RouteMap_YellowVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_YellowVrf_Export
OS10(config-route-map)# exit
OS10(config)# route-map RouteMap_GreenVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_GreenVrf_Export
OS10(config-route-map)# exit
OS10(config)# route-map RouteMap_RedVrf_Export
OS10(config-route-map)# match ip address prefix-list PrefixList_RedVrf_Export
OS10(config-route-map)# exit
NOTE: While leaking EVPN routes, only the subnet routes must be leaked. Host routes (/32) need not be leaked and could be blocked using route-maps. But, if you have certain VNs stretched on border leaf as well (like in Yellow VRF), you must leak the host routes as well.
Configure route leaking between:
Yellow VRF and
default VRF.
Yellow VRF and
Green VRF.
Yellow VRF and
Red VRF.
OS10(config)# ip vrf default
OS10(conf-vrf)# ip route-export 0:0 route-map RouteMap_DefaultVrf_Export
OS10(conf-vrf)# ip route-import 1:1
OS10(conf-vrf)# exit
OS10(config)# ip vrf Yellow
OS10(conf-vrf)# ip route-export 1:1 route-map RouteMap_YellowVrf_Export
OS10(conf-vrf)# ip route-import 0:0
OS10(conf-vrf)# ip route-import 2:2
OS10(conf-vrf)# ip route-import 3:3
OS10(conf-vrf)# exit
OS10(config)# ip vrf Green
OS10(conf-vrf)# ip route-export 2:2 route-map RouteMap_GreenVrf_Export
OS10(conf-vrf)# ip route-import 1:1
OS10(conf-vrf)# exit
OS10(config)# ip vrf Red
OS10(conf-vrf)# ip route-export 3:3 route-map RouteMap_RedVrf_Export
OS10(conf-vrf)# ip route-import 1:1
OS10(conf-vrf)# exit
(Optional) For advertising leaked routes from the
Yellow VRF only to an external router in the default VRF and not to an underlay network, use route-maps on spine facing eBGP neighbors and also on the iBGP neighbor between the VLT peers.
OS10(config)# ip prefix-list PrefixList_Deny_YellowVrfRoutes deny 10.1.0.0/24 le 32
OS10(config)# ip prefix-list PrefixList_Deny_YellowVrfRoutes permit 0.0.0.0/0 le 32
OS10(config)#
OS10(config)# route-map RouteMap_Deny_YellowVrfRoutes
OS10(config-route-map)# match ip address prefix-list PrefixList_Deny_YellowVrfRoutes
OS10(config-route-map)#
OS10(config-route-map)# router bgp 202
OS10(config-router-bgp-202)# address-family ipv4 unicast
OS10(configure-router-bgpv4-af)# redistribute l2vpn evpn
OS10(configure-router-bgpv4-af)# redistribute connected
OS10(configure-router-bgpv4-af)# exit
OS10(config-router-bgp-202)# neighbor 192.168.2.4
OS10(config-router-neighbor)# address-family ipv4 unicast
OS10(config-router-bgp-neighbor-af)# route-map RouteMap_Deny_YellowVrfRoutes out
OS10(config-router-bgp-neighbor-af)# exit
OS10(config-router-neighbor)# exit
OS10(config-router-bgp-202)# neighbor 192.168.2.5
OS10(config-router-neighbor)# address-family ipv4 unicast
OS10(config-router-bgp-neighbor-af)# route-map RouteMap_Deny_YellowVrfRoutes out
OS10(config-router-bgp-neighbor-af)# exit
OS10(config-router-neighbor)# exit
OS10(config-router-bgp-202)# neighbor 192.168.2.240
OS10(config-router-neighbor)# address-family ipv4 unicast
OS10(config-router-bgp-neighbor-af)# route-map RouteMap_Deny_YellowVrfRoutes out
OS10(config-router-bgp-neighbor-af)# exit
OS10(config-router-neighbor)# exit
OS10(config-router-bgp-202)# neighbor 10.10.0.3
OS10(config-router-neighbor)# remote-as 301
OS10(config-router-neighbor)# no shutdown
OS10(config-router-neighbor)# exit
Verify leaked routes using show outputs on the the Border-Leaf switch:
OS10# show ip route vrf Yellow
Codes: C - connected
S - static
B - BGP, IN - internal BGP, EX - external BGP, EV - EVPN BGP
O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1,
E2 - OSPF external type 2, * - candidate default,
+ - summary route, > - non-active route
Gateway of last resort is Direct to network 0.0.0.0
Destination Gateway Dist/Metric Last Change
----------------------------------------------------------------------------------------------------------
*S 0.0.0.0/0 Direct null0 0/0 00:38:51
C 10.1.0.0/24 via 10.1.0.3 virtual-network10001 0/0 00:47:11
B EV 10.1.0.1/32 via 192.168.0.1 200/0 00:48:55
B EV 10.1.0.2/32 via 192.168.0.1 200/0 00:48:55
B EV 10.2.0.0/24 via 192.168.0.1,Green 200/0 00:35:48
C 10.3.0.0/24 via 10.3.0.1,Red virtual-network30001 0/0 00:35:48
C 10.10.0.0/24 via 10.10.0.1,default vlan100 0/0 00:25:42
OS10# show ip route vrf Green
Codes: C - connected
S - static
B - BGP, IN - internal BGP, EX - external BGP, EV - EVPN BGP
O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1,
E2 - OSPF external type 2, * - candidate default,
+ - summary route, > - non-active route
Gateway of last resort is Direct to network 0.0.0.0
Destination Gateway Dist/Metric Last Change
----------------------------------------------------------------------------------------------------------
*S 0.0.0.0/0 Direct null0 0/0 00:39:24
C 10.1.0.0/24 via 10.1.0.3,Yellow virtual-network10001 0/0 00:36:22
B EV 10.1.0.1/32 via 192.168.0.1,Yellow 200/0 00:36:22
B EV 10.1.0.2/32 via 192.168.0.1,Yellow 200/0 00:36:22
B EV 10.2.0.0/24 via 192.168.0.1 200/0 00:41:47
B EV 10.2.0.1/32 via 192.168.0.1 200/0 00:41:47
B EV 10.2.0.2/32 via 192.168.0.1 200/0 00:41:47
B EV 10.2.0.254/32 via 192.168.0.1 200/0 00:41:47
OS10# show ip route vrf Red
Codes: C - connected
S - static
B - BGP, IN - internal BGP, EX - external BGP, EV - EVPN BGP
O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1,
E2 - OSPF external type 2, * - candidate default,
+ - summary route, > - non-active route
Gateway of last resort is not set
Destination Gateway Dist/Metric Last Change
----------------------------------------------------------------------------------------------------------
C 10.1.0.0/24 via 10.1.0.3,Yellow virtual-network10001 0/0 00:36:26
B EV 10.1.0.1/32 via 192.168.0.1,Yellow 200/0 00:36:26
B EV 10.1.0.2/32 via 192.168.0.1,Yellow 200/0 00:36:26
C 10.3.0.0/24 via 10.3.0.1 virtual-network30001 0/0 00:45:44
Verify routes on the external router
OS10# show ip route
Codes: C - connected
S - static
B - BGP, IN - internal BGP, EX - external BGP, EV - EVPN BGP
O - OSPF, IA - OSPF inter area, N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, E1 - OSPF external type 1,
E2 - OSPF external type 2, * - candidate default,
+ - summary route, > - non-active route
Gateway of last resort is not set
Destination Gateway Dist/Metric Last Change
----------------------------------------------------------------------------------------------------------
B EX 10.1.0.0/24 via 10.10.0.1 20/0 00:13:49
via 10.10.0.2
B EX 10.1.0.1/32 via 10.10.0.1 20/0 00:14:22
via 10.10.0.2
B EX 10.1.0.2/32 via 10.10.0.1 20/0 00:14:24
via 10.10.0.2
C 10.10.0.0/24 via 10.10.0.3 vlan100 0/0 00:23:16
B EX 172.16.1.1/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 172.16.1.2/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 172.16.1.3/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 172.16.1.4/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 172.16.1.201/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 172.16.1.202/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 192.168.0.1/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 192.168.0.2/32 via 10.10.0.1 20/0 00:22:58
via 10.10.0.2
B EX 192.168.2.0/31 via 10.10.0.1 20/0 00:14:11
via 10.10.0.2
B EX 192.168.2.2/31 via 10.10.0.1 20/0 00:14:11
via 10.10.0.2
B EX 192.168.2.4/31 via 10.10.0.1 20/0 00:13:49
via 10.10.0.2
B EX 192.168.2.6/31 via 10.10.0.1 20/0 00:13:49
via 10.10.0.2
B EX 192.168.2.240/31 via 10.10.0.1 20/0 00:14:11
via 10.10.0.2
Data is not available for the Topic
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please provide ratings (1-5 stars).
Please select whether the article was helpful or not.
Comments cannot contain these special characters: <>()\