Distribution of default route of four different ISP in a WAN MPLS

Similar Messages

• ASA 5505 - 2 Internet Connections, Problems with the Default Route

  Hey there,
  i have a Problem at a Customer Site at the moment. The customer uses an ASA 5505 with two internet connections attached to it. On the first connection (which is the only one in use at the moment) he has some Static-PAT's from Outside to Inside where he translates different services to the internal servers. He also has a site-2-site VPN terminating there and AnyConnect.
  He now wants to switch the Internet Traffic from Inside to the new Internet Connection. Therefore changing the default route to that new ISPs Gateway. The problem now is, that no traffic recieved on the old "outside" Interface is transmitted back out of that old "outside" Interface. And this happens although the "same-security permit intra-interface" command is set.
  Can you tell me what's wrong here? For every Static-PAT from outside to inside there is also a dynamic PAT from inside to outside. But the ASA seems to ignore this. I have not looked into the Logs yet, was too busy finding the problem because i had no real time window to test on the productive ASA.
  Can it be achieved in any way? Having a default route on the ASA which leads any traffic to the second internet connection while still having connections on the first internet connection where no explicit route can be set? Because connections arrive from random IPs?
  Many thanks for your help in advance!
  Steffen

  Phillip, indeed , I have as well read may comments,it all depends on your environment as they all differ from one another, you best bet is to have a good solid plan for upgrade and fall back. You do have a justification to upgrade for features needed, so I would suggest the following:
  1- Do a search again in forum for ASA code upgrades and look at comments from users that have gone through this process and note their impact in fuctionality if any. I believe this is good resource to collect information .
  2- Very important , look into release notes for a particular version. For example version 8.0, look into open CAVEATS usually at the end of the link page, reading the open bugs gives you clues what has not yet been resolved for that particular code and if in fact could impact you in your environment, it is possible that a particular bug does not realy apply to your environment becuase you have yet not implemented that particualr configuration. Usually we all try to aim towards a GD (General Deployment) code which is what we all understand is most stable but not necesarily means you have to be stack in that code waiting for another GD release, in my personal experience I have upgraded our firewall from 7.2 to 8.0(3) long ago and had no issues, and recently upgraded to 8.0(4)when it was first release in August this year.
  Release notes
  http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html
  3- AS a good practice precaution -
  a-Backup firewall configs in clear text as well as via tftp code.
  b-Backup running code and ASDM version code currently running in firewall.
  c- Save the output of " show version " to have as reference for all the feature licenses you currently have running as asll as activation keys - good info to have to compare with after upgrade.
  d- Ensure that the code you will be using to upgrade also uses correct ASDM version code.
  I think with thorough assesment and preparation you can indeed minimize impact.
  Rgds
  Jorge

• Where does the default route come from ?

  Dear All 
  As we know, the edge router in client side gets default route from ISP' edge router. Where does the default route come from in ISP? If the ISP edge router has full route table, it produces there. If not, it comes from its upstream router until full routes table(only BGP). Please correct me if I am wrong. Thank you. 

  Hello.
  While establishing BGP with ISP, there are three options for a client:
  > Default route (used in general) - client router forwards every request (for destination route) to ISP router.
  > Full route - ISP router's complete routing table would be received and maintained in client router.
  > Partial route - Only specific route would be received from ISP (Head office - Branch office scenario)
  ISP generate default route from their peering router that should have full routing table or knowledge of the router having it. A local ISP may generate default to their client and have one received from their upstream or global / larger ISP. Hope this helps.

• I've set up email on my iPad (talk mails when connected to my home router and ISP. When connected to a router at another location with a different ISP I can receive mail but not send it. Is there any way round this

  I've set up email on my iPad (talktalk.net) and can send and receive mails when connected to my home router and ISP. When connected to a router at another location with a different ISP I can receive mail but not send it. Is there any way round this?

  I've set up email on my iPad (talktalk.net) and can send and receive mails when connected to my home router and ISP. When connected to a router at another location with a different ISP I can receive mail but not send it. Is there any way round this?

• How to set-up my home intranet using 2 different ISP's ?

  I have had so much trouble recently with my main (8 years now!) internet provider "ABC" (not the real name) Cable Modem here in Belgium that I made the decision to pay another bunch each month to have a second ISP for my home and home office. "XYZ" (also not the real name) will start on Monday 26 July. It is a DSL line, linked to my TV and fixed telephone. Great, except I'm not really sure how to set-up this 2nd ISP.
  First, I want this 2nd ISP to (at least for now) be an emergency backup. So if ABC shuts down again (as it has done a lot recently, but no technician can come until 30 July- poor service there!) - I want to immediately be able to use the XYZ server.
  OK the XYZ has a kinda built-in router in that the DSL Modem has built-in WiFi and also 2 cable to computer out ports. I believe I can first just configure the WiFi: Apparently I have to attach my MBP-13" via cable in order to change / add a security code; maybe change the name of the WiFi from its default "XYZ-WiFi" (not the real name) to something I want like SteveXYZ and then add a security protection code.
  But how to configure my eMail using MAIL? And can I still keep getting my eMail from my main "[email protected]" (not the real address) even when connected via XYZ? And what about SENDING from ABC when connected via the server XYZ?
  Also: I currently have my ABC Modem going to a 4-port D-Link DI604 Router. From there, one cable goes to my MacBook Pro-13"; one to the Apple LaserWriter 12/640PS (great printer- 13 years old and still super); one to my Canon MP640 and one upstairs to another router: D-Link DIR-635 wired and wireless. From there, one cable goes to my wife's eMac; and another is available for guests; another unused and then the WiFi for when I compute in the garden and of course for my iTouch.
  So now let's say that on 28 July the ABC is down. Ideally I'd like to pull the cable from the ABC Modem that goes into the DI604 Router and plug-in a cable going to the XYZ DSL Modem and voilà have internet back via my backup XYZ. BUT can I print? Do I have to reboot the Router since it will have to reassign those 192.168.0.123 type numbers, won't it? (I believe those numbers are called the "IP Addresses").
  Thanks for any comments or references here.
  Best regards,
  Steve Schulte
  Wednesday 21 July 2010

  In your Network Preferences you can set up more than one method of connecting - i.e., Airport, Ethernet, Dial-up (heaven forbid). If, for example, you place Ethernet at the top of the list, then Airport, your Mac will try to connect to Ethernet first. If it can't, it will fall back to Airport.
  So if you can have Airport connected to one ISP and Ethernet connected to another, you will be able to pick one or the other by imply pulling the Ethernet cord. What you can't do is set up two Ethernet connections (or Airport connections) each with a different ISP (though if I read you aright this isn't what you want anyway).
  Another method is to set up 'Locations'. You could set up one with Airport only, and one with Ethernet only, and switch between them using Apple Menu>Locations: this would save you physically pulling cables and is just as quick, it takes only a few seconds.
  As to mail, it depends on your ISP. Some ISPs demand that you are connected directly to them to send mail, and possibly also to receive mail: some rely entirely on the password. In the latter case you can use the same settings in both locations or methods: in the former you can't get round that - if you're not connected you can't send/receive as relevant.

• Load balancing using multiple default routes

  Hi Guys,
  I just want to ask does creating multiple default routes on my router provides load-balancing on my WAN side? As far as i know, for example if I have two default routes on my router and let say I have two users connecting to the internet, the first one might go to the first WAN link while the second user might go to the second WAN link.
  Thank you so much
  Rex

  there are the difference between, load balancing and load sharing..which we need to understand.
  load sharing means you have 2 users, user A and User B, user A wants to use ISP1 and user B wants to use ISP2. this is called load sharing. and can be achieved via PBR (Policy based routing).
  we should not try to use load balancing for Internet traffic with 2 different ISPs.

• ASR1k default routes load-balancing.

  Hi cisco community team,
  I would like to balance outgoing traffic forwarding to the standalone NAT servers.
  Does anyone try to balance by default routes with the same metric on ASR1k?
  For example:
  0.0.0.0 0.0.0.0 x.x.x.x
  0.0.0.0 0.0.0.0 y.y.y.y
  0.0.0.0 0.0.0.0 z.z.z.z
  Regards,
  Konstantin

  there are the difference between, load balancing and load sharing..which we need to understand.
  load sharing means you have 2 users, user A and User B, user A wants to use ISP1 and user B wants to use ISP2. this is called load sharing. and can be achieved via PBR (Policy based routing).
  we should not try to use load balancing for Internet traffic with 2 different ISPs.

• How to set the default route on a RVS4000 to point to a gateway in the LAN

  Hi
  The dialog in the RVS4000 for static routes does not allow to set the default route to point to a gateway in the LAN. Clearly this is either a bug or a feature of the web-interface and not a restriction of the box, which runs some kind of linux. So my question is there a way around this problem rather then defining routes to n-class A networks to cover the internet? Like a terminal access to set the default route?
  Thanks and cheers
  Frank

  Hi David
  Thanks for your reply. I did already the first part and it seems that I presumed wrongly that the RVS4000 can be used as a layer 3 switch, instead it is only a 1-port gateway. Not that there is a technical limitation from the hardware or the OS of the box. It does layer 3 routing e.g. for its VLAN's. The only point to stop it from having the capability which I expect from something called router is to set its default route to the right gateway independant which port might be connected. The reason why I want a LAN port pointing to the gateway and do not use the WAN port without firewall is of course the VLAN capability of the LAN ports. The idea of the RVS is to bundle two nets, including the one where the gateway is on, and send it to a WAP4410N box, which nicely makes them wireless with different SSID's. Actually I have two ports connetced to the core network, if I am forced to have only the WAN port connected to the core, due to this artificial limitation, I would have to reconfigure a bit. Therefore I try to find an easier solution setting the route by "hand".
  Cheers Frank

• Setting The Default Route in a Jumpstart Install with Multiple Interfaces

  Greetings,
  I'm performing a Jumpstart install on a SPARC v240 server, which has multiple network interfaces. I'm trying to configure all of the interfaces as part of the Jumpstart setup. However, Jumpstart doesn't like the default route that I'm supplying. If I add the default_route parameter anywhere but under the first interface, Jumpstart complains that the default route is missing (by making me add it after it dumps out to the suninstall screens. If I add the default route under the first interface, Jumpstart dumps me to the suninstall screen which says that the route could not be added.
  What am I doing wrong ? Am I trying to get Jumpstart to do something that it won't do ?
  Here is my sysidcfg file. The file shown below will cause Jumpstart to dump to the suninstall screen, which will indicate that the route cannot be added:
  Please wait while the system information is loaded... /
  Please wait while the system is configured with your settings...
  The route provided could not be added at this time. If you wish to accept the
  route provided, press 'Accept' and the address will be added for reboot,
  otherwise press 'Cancel' and provide another address.
  1. Accept
  2. Cancel
  Enter the number corresponding to your choice [1]
  Here is the sysidcfg file:
  name_service=NONE
  network_interface=bge0
  {hostname=conwe125
  ip_address=10.15.8.122
  netmask=255.255.0.0
  default_route=158.73.175.254
  protocol_ipv6=no}
  network_interface=bge1
  {ip_address=10.15.9.122
  netmask=255.255.0.0
  protocol_ipv6=no}
  network_interface=bge3
  {ip_address=158.73.175.117
  netmask=255.255.0.0
  protocol_ipv6=no}
  network_interface=ce0
  {ip_address=10.16.0.208
  netmask=255.255.0.0
  protocol_ipv6=no}
  network_interface=ce3
  {ip_address=158.73.175.118
  netmask=255.255.255.0
  protocol_ipv6=no}
  root_password=5Z5XTytD2Eddo
  security_policy=NONE
  terminal=vt100
  system_locale=en_US.ISO8859-1
  timezone=US/Eastern
  timeserver=localhost
  Thanks In Advance,
  Chris Hanrahan

  That sysidcfg seems a bit odd anyway, have you by any chance put the different interfaces of your jumpstart server into it? Normally you won't need to specify a default router since the jumpstart will figure it out anyway.. Does your jumpstart server have an interface on each network you want to jumpstart?
  7/M.

• Response Groups - Duplicate "Built In" Services - Multiple Default Routing Endpoints

  Hello,
  I have a Lync 2013 deployment that has been migrated from OCS 2007, to OCS 2007 R2, to Lync 2010, and now to Lync 2013. I am including that information as that may be important for the following discussion.
  When the Response Group Service starts, it logs four error messages which I will place at the bottom of this post. The error messages point to duplicate routing endpoints for the same service. Upon review, it appears to me that I have duplicates of the following
  two services, when I look up the below SIP addresses with Get-CSApplicationEndpoint.
  Announcement Service
  RGS Presence Watcher
  My guess is that during one of these migrations, we ended up with a duplicate service. The problem is - how do I get rid of the duplicate, and how do I know which is the duplicate and which I want to keep? Error messages below.
  Lync Server 2013, Response Group Service was not able to establish the application endpoint.
  The following exception occurred when establishing application endpoint associated with 'sip:RtcApplication-9ebda80c-12e1-4db6-b5f3-f0dc9585ad4d@<scrubbed>.com': System.InvalidOperationException - The ChannelDispatcher at 'net.tcp://<server scrubbed>:8404/'
  with contract(s) '"IAgentSignInOut", "IMatchMaking"' is unable to open its IChannelListener..
  Cause: Failed to connect to Front End server or the Front End server is misconfigured.
  Resolution:
  Check the Front End server for errors.
  Application endpoint for Contact object cannot be created.
  The following exception was thrown during application endpoint creation for Contact object 'sip:RtcApplication-8e1e15ac-09d4-4271-b961-6757feabd621@<scrubbed>.com'. The Response Group associated with this endpoint will not be available.
  Exception: System.ArgumentException - Only one default routing endpoint is allowed per platform. The platform already contains a default routing Endpoint.
  Inner Exception: ~
  Cause: Networking problems with the Front End server, or Front End server configuration problems.
  Resolution:
  Check for eventual SIP errors on the Front End servers.
  Lync Server 2013, Response Group Service was not able to establish the application endpoint.
  The following exception occurred when establishing application endpoint associated with 'sip:RtcApplication-11e8fb5c-9847-460c-9e60-0f34834f8b37@<scrubbed>.com': System.InvalidOperationException - The ChannelDispatcher at 'net.tcp://<scrubbed>:8404/'
  with contract(s) '"IAgentSignInOut", "IMatchMaking"' is unable to open its IChannelListener..
  Cause: Failed to connect to Front End server or the Front End server is misconfigured.
  Resolution:
  Check the Front End server for errors.
  Application endpoint for Contact object cannot be created.
  The following exception was thrown during application endpoint creation for Contact object 'sip:RtcApplication-1c871209-add1-40a6-87bb-07884eb879b5@<scrubbed>.com'. The Response Group associated with this endpoint will not be available.
  Exception: System.ArgumentException - Only one default routing endpoint is allowed per platform. The platform already contains a default routing Endpoint.
  Inner Exception: ~
  Cause: Networking problems with the Front End server, or Front End server configuration problems.
  Resolution:
  Check for eventual SIP errors on the Front End servers.

  Hi,
  Have you reviewed this blog? You may check the ownerpoolID in rgsconfig database.
  http://blog.lync2013.org/tag/lync/
  Note: Microsoft is providing this information as a convenience to you. The sites are not controlled by Microsoft. Microsoft cannot make any representations regarding the quality, safety, or suitability of any software or information found there. Please make
  sure that you completely understand the risk before retrieving any suggestions from the above link.
  We
  are trying to better understand customer views on social support experience, so your participation in this
  interview project would be greatly appreciated if you have time.
  Thanks for helping make community forums a great place.

• NAT and Routed Network with Two ISP's on one router

  I'm sure this has been done covered many times, but I am not finding it.
  I have two ISP connections.
  With ISP-A I have a /30 between us and 200.100.100.0/24 is routed to me via the /30 for thsi example we will say the /30 is 1.1.1.1 on isp end and 1.1.1.2 on my end
  With ISP-B I have a 100.0.0.0/29 subnet. and the ISP gateway is on that subnet at 100.0.0.1
  On the inside of my network I have devices using both 200.100.100.x addresses and devices on 192.168.100.x that need to use NAT.
  I would like all of the devices on 200.100.100.x addresses to continue using ISP-A as their gateway.
  Everything on 192.168.100.x should use NAT and go out ISP-B
  I have tried
  ip nat inside source route-map ISP-A interface GigabitEthernet0/1 overload
  route-map ISP-B permit 10
   match ip address 101
   match interface GigabitEthernet0/1
   set ip next-hop 100.0.0.1
  route-map ISP-A permit 10
   match ip address 111
   match interface Multilink1
   set ip next-hop 1.1.1.1
  The problem comes when I have default routes to ISP-A in the router than none of the ISP-B traffic works, and vice versa.

  I think for this to work correctly and be able to split traffic between the 2 ISPs, you would need to use BGP, because default is going to use one ISP or the other.
  If you can use BGP, this link will help you in load shearing between multiple ISPs when you have one router.
  http://www.cisco.com/c/en/us/support/docs/ip/border-gateway-protocol-bgp/13762-40.html#conf4
  HTH

• IP SLA Default Route state down to much

  Hello,
  I am attempting to use IP SLA trackers to dynamically set the default route going out over a DSL connection.  if the sla trackers are down the default route learned from the WAN will take over, but normally we want to send internet/default route bound traffic out over the DSL connection.  
  ip route 208.67.220.220 255.255.255.255 1.2.3.4
  ip route 208.67.222.222 255.255.255.255 1.2.3.4
  ip route 0.0.0.0 0.0.0.0 1.2.3.4 track 3
  track 1 ip sla 1
   delay down 60 up 60
  track 2 ip sla 2
   delay down 60 up 60
  track 3 list boolean or
   object 1
   object 2
  ip sla 1
   icmp-echo 208.67.222.222 source-ip 1.2.3.5
   threshold 1000
   frequency 10
  ip sla schedule 1 life forever start-time now
  ip sla 2
   icmp-echo 208.67.220.220 source-ip 1.2.3.5
   threshold 1000
   frequency 10
  ip sla schedule 2 life forever start-time now
  the issue we are having is if the SLA threshold is breached, it immediately sends the trackers into a delay down state.  the tracker delays down for 60 seconds, then very quickly comes back up.  What we want to accomplish is only if the sla tracker has breached the threshold or is down for 60 seconds, then put the tracker into a down state.
  Thanks.

  The configuration seems to be correct: IP SLA change as soon as the icmp fail but the tracker delay should ensure the it changes its state after 60seconds of icmp failure. Do you experience a different behaviour ?
  What I'm worried about is that, after the default router through the WAN is in routing table,  the ip sla ping will be successful and therefore the static route 
  ip route 0.0.0.0 0.0.0.0 71.32.39.46 track 3
  will be used but, at that point, which is the path to 71.32.39.46 ? 
  Another thing is that, in case of DSL link failure, this configuration will not automatically revert to WAN link because 71.32.39.46 will be still up and running, isn't it ?
  Let me know,
  enrico

• Can I use two default route in a router

  Hi
  I have a router which have two isp line.
  I want connected two differnt remote site by two isp line.
  now i have one default and another static.
  i can use two default route like this ?
  0.0.0.0 0.0.0.0 201.222.103.x 0
  0.0.0.0 0.0.0.0 201.221.102.y 1
  Thanks
  [email protected]

  hi
  I feel you wanted to know if you have 2 default routes already in place and about the impact if you put network specific routes.
  In this case you can have both the default routes in place in addition to the network specific static routes as i mentioned in my first mail.
  Since the most specific route will be used the traffic destined to your remote networks will flow accordingly as per your ip route statements.
  If your first link goes down the default route pointing the ISP-1 and the network sepcific route pointing the ISP-1 will go off and by default all the traffic will flow via the second interface which is connected to ISP-2 the behaviour is viceversa if your link to ISP-2 goes down.
  By this you will be atleast having some kinda reachability in case of any issues with the corresponding ISPs which is being used to reach the remote network than getting totally disconnected from the remote sites.
  regds

• Management to VRF Interface on 1841 relying on default route

  I couldn't find this in any of the bug lists, has anyone come across this scenario before:
  I have an 1841 router, running: c1841-advipservicesk9-mz.124-25f
  This router has multiple loopbacks in different VRFs, loopback 0 is in the global context, loopback 1 is in the "ADMIN" VRF (there are multiple other VRFs, but there is nothing special or unique in the config between them, so I'll just stick with loop1, the behaviour is the same for all VRFs)
  The routing table contains an all-zeros route:
  show ip route vrf ADMIN
  Routing Table: ADMIN
  Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
         D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
         N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
         E1 - OSPF external type 1, E2 - OSPF external type 2
         i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
         ia - IS-IS inter area, * - candidate default, U - per-user static route
         o - ODR, P - periodic downloaded static route
  Gateway of last resort is 10.254.144.13 to network 0.0.0.0
       10.0.0.0/8 is variably subnetted, 330 subnets, 7 masks
  B       10.254.156.104/30 [20/0] via 10.254.144.13, 3d23h
  [etc etc]
  10.254.144.13 is the next hop for all networks in the ADMIN VRF, this router is not dual attached.
  My PC sits behind a firewall outside the MPLS network, the VRFs in the MPLS network rely on a default all-zeros route into the firewall - hence there is not specific route for the subnet my PC is on.
  From my PC, I can ping the Loopback1 address, however I cannot get to any management services (ssh, telnet, http or https) via loopback1. When I add a static route for my PC (/32) (or for the entire 10.0.0.0/8 network - which is my current work around), I can then ssh or telnet etc to Loopback1.
  Loopback0 (in the global context) works fine regardless of if it's relying on the all zeros route or not.
  Anyone seen this before? It appears to be a bug in the IOS that management services do not look at the default route within a VRF?

  You can generate a default route with the following command:
  neighbor 1 default-originate
  and you need to have a default route in the routing table. This will get the PE to generate a default route to the CE.

• Changing default route after import route-target

  Hi there,
  Before I import route-target, the default route is set to 192.168.0.22 . After import the vrf, suddently it change to another PE, which is 192.168.0.19 . How do I force the default route to use 192.168.0.22 ?
  before adding route-target import 4000:1
  PE#sh ip route vrf customer 0.0.0.0
  Routing entry for 0.0.0.0/0, supernet
  Known via "bgp 100", distance 200, metric 0, candidate default path,
  type internal
  Last update from 192.168.0.22 00:14:08 ago
  Routing Descriptor Blocks:
  * 192.168.0.22 (Default-IP-Routing-Table), from 192.168.0.3, 00:14:08 ago
  Route metric is 0, traffic share count is 1
  AS Hops 0
  PE#sh ip bgp vpnv4 vrf customer 0.0.0.0
  BGP routing table entry for 100:239:0.0.0.0/0, version 335256
  Paths: (2 available, best #2, table customer)
  Not advertised to any peer
  Local
  192.168.0.22 (metric 4) from 192.168.0.45 (192.168.0.45)
  Origin incomplete, metric 0, localpref 100, valid, internal
  Extended Community: RT:100:120
  Originator: 192.168.0.50, Cluster list: 192.168.0.45
  Local
  192.168.0.22 (metric 4) from 192.168.0.3 (192.168.0.3)
  Origin incomplete, metric 0, localpref 100, valid, internal, best
  Extended Community: RT:100:120
  Originator: 192.168.0.50, Cluster list: 192.168.0.3
  after adding route-target import 4000:1
  PE#sh ip route vrf customer 0.0.0.0
  Routing entry for 0.0.0.0/0, supernet
  Known via "bgp 100", distance 200, metric 0, candidate default path,
  type internal
  Last update from 192.168.0.19 00:00:09 ago
  Routing Descriptor Blocks:
  * 192.168.0.19 (Default-IP-Routing-Table), from 192.168.0.3, 00:00:09 ago
  Route metric is 0, traffic share count is 1
  AS Hops 0
  PE#sh ip bgp vpnv4 vrf customer 0.0.0.0
  BGP routing table entry for 100:239:0.0.0.0/0, version 335386
  Paths: (3 available, best #1, table customer)
  Flag: 0x1820
  Not advertised to any peer
  Local, imported path from 4000:1:0.0.0.0/0
  192.168.0.19 (metric 2) from 192.168.0.3 (192.168.0.3)
  Origin incomplete, metric 0, localpref 100, valid, internal, best
  Extended Community: RT:4000:1
  Originator: 192.168.0.19, Cluster list: 192.168.0.3
  Local
  192.168.0.22 (metric 4) from 192.168.0.45 (192.168.0.45)
  Origin incomplete, metric 0, localpref 100, valid, internal
  Extended Community: RT:100:120
  Originator: 192.168.0.50, Cluster list: 192.168.0.45
  Local
  192.168.0.22 (metric 4) from 192.168.0.3 (192.168.0.3)
  Origin incomplete, metric 0, localpref 100, valid, internal
  Extended Community: RT:100:120
  Originator: 192.168.0.50, Cluster list: 192.168.0.3
  thanks in advance.
  maher

  Maher,
  Here's an example:
  router bgp xx
  address-family vpnv4
  nei x.x.x.x route-map localpref in
  ip extcommunity 1 permit rt 4000:1
  route-map localpref permit 10
  match extcommunity 1
  set local-preference 110
  route-map localpref permit 20
  BTW: if the route with RT 4000:1 had a different RD both routes would get imported in the VRF and you could set the local-pref using an import map instead of an inbound route-map on the VPNv4 session.
  Hope this helps,