OSPFv3 AF NSSA default-information-originate
Hi,
I'm having trouble injecting a default route into OSPFv3 AF NSSA using this config:
router ospfv3 1520
auto-cost reference-bandwidth 100000
address-family ipv6 unicast vrf CUST-1
redistribute connected route-map SET-TAG-LOCAL
router-id 100.64.20.9
capability vrf-lite
area 1520 nssa default-information-originate
exit-address-family
ipv6 route vrf CUST-1 ::/0 2A01:79A0:3000:F8BB::5
The default route does not get injected into the database. I have to clear the process for this VRF for it to appear in the database:
ROUTER# sh ospfv3 ipv6 vrf CUST-1 dat | in ::|Type-7
Type-7 AS External Link States (Area 1520)
100.64.20.9 632 0x80000004 2A01:79A0:3000:F8BB::/125
ROUTER#clear ospfv3 ipv6 vrf CUST-1 process
Reset selected OSPFv3 processes? [no]: yes
ROUTER# sh ospfv3 ipv6 vrf I-ST-INSIDE-1 dat | in ::|Type-7
Type-7 AS External Link States (Area 1520)
100.64.20.9 1 0x80000001 ::/0
100.64.20.9 1 0x80000001 2A01:79A0:3000:F8BB::/125
ROUTER#
Any help is greatly appreciated.
Thanks.
/JZ
Hi,
A quick check of the config guide shows that their examples of default origination in OSPFv3 use the 'default information-originate' command, this can be tied in with a route-map, in order to match a certain condition. i.e. statement is configured under the process, not using the 'area' command.
1. create prefix -list matching routes (these form the matching condition)
2. create a route-map - with a permit statement matching the prefix-list.
3. default information-originate route-map [map name]
HTH
Mike
Similar Messages
-
Ospf no summary and default information originate
Hi all,
I have very simple question and I would like to have your opinion.
I can inject default route in to a nssa area in two way
- no-summary (to be used in to the NSSA ABR or NSSA ASBR)
-default-information originate (To be used in to the NSSA ABR)
Doubts (alle the below query are referred to a nssa area)
- Case no-summary: what will happen if the nssa abr does not have a default route?
-Case default-information originate: what will happen if the nssa abr does not have a default route?
- When do I have to use no-summary and when default information originate?
-What is the benefit to use the following command area xx nssa no-summary default information originate?
Thanks!!Hi,
have a look at this document:
http://www.cisco.com/en/US/tech/tk365/technologies_tech_note09186a0080094a88.shtml#defaultnssa
- no-summary (to be used in to the NSSA ABR or NSSA ASBR)-default-information originate (To be used in to the NSSA ABR or NSSA ASBR)
- Case no-summary: what will happen if the nssa abr does not have a default route?
A (summary) default-route will be injected by the NSSABR; the backbone area is supposed to have detailed routing information.
-Case default-information originate: what will happen if the nssa abr does not have a default route?
A default-route will be injected by the NSSABR; the backbone area is supposed to have detailed routing information.
- When do I have to use no-summary and when default information originate? -What is the benefit to use the following command area xx nssa no-summary default information originate?
The no-summary option defines a NSSA totally stub; the NSSABR doesn't translate Backbone Area's LSAs (more precisely: their corresponding routing-table entries) into NSSA summary-LSAs, instead it injects a (summary) default route. If you want the NSSABR to do the summary-translation and also inject a default-route, you can use the default-information-originate option. A NSSABR the will inject a type-7 LSA for the default-route, which is not translated to type-5. This option can also be used on a NSSA ASBR, but in this case a non-OSPF default-route is required and a type-5 translation is possible.
[EDIT] :
Perhaps this discussion is also helpful to understand some of the design aspects of different area types:
https://supportforums.cisco.com/message/3977926#3977926
HTH
Rolf -
Using the OSPF default-information originate command with two ISPs
I am working for a company that has two Internet circuits with different ISPs at two different locations for redundancy, and both Internet circuits run at different speeds. I'd like to be able to direct the majority (but not all) of the traffic through the ISP with the larger bandwith, but then failover all traffic to one ISP when the other goes down. We're currently using the "default-information originate" command, which fails over OK, but I haven't figured out how to do the load balancing. I'd appreciate your thoughts. Thank you.
One thing that you could consider is advertising the default route as and
external 1 route instead of an external 2 route(cisco default). If you advertise it as an E1
route, all routers will take into consideration the cost associated with the
default route to the router advertising the default route plus the cost of the
default route itself. Whereas if it is an E2 route, the routers just use the
cost associated with the external cost and not the path to get to the router
advertising the default route.
If you made the default route E1, then the routers closest to the advertised
routers will prefer the closest default route and their preference could then be
tweaked by adjusting the interface costs for the default route with a routemap.
By using this method, you could then control which routers use which internet
connection on a per router basis because you could control the cost the internal router
sees for the path from the internal router to the ASBR advertising the default route. The
path with the lowest cost will be prefered.
router ospf 1
default-information originate metric-type 1 -
The default-information originate and blackhole
I have read an article :
(((1- The default-information originate OSPF routing process subcommand will generate a default route into the OSPF domain.
2- By default this default cannot be advertised unless the local device actually has a default route installed
in the routing table.
3- This stipulation is added to prevent the case where default reachability is lost from an upstream peer, but default reachability is still advertised into the OSPF domain.
4- An example of this case is as follows.
Suppose that your OSPF domain has two or more connections to an upstream Internet provider. At these exit points from your internal network the border routers are learning a default from the ISP.
5- Additionally these border routers are generating default routes into the OSPF domain by issuing the default-information originate routing process subcommand.
6- Now suppose that one of these connections to the upstream provider is lost. If the border router with the lost upstream connection is still advertising default reachability into the OSPF domain some of the traffic will be blackholed.
7- Instead the router with the
lost connection should withdraw the default route from the OSPF domain, which
in turn would cause all internal devices to reroute out a still valid exit point from the network))).
Regarding to point 6 how does it make a blackhole ?Because the router still anounces default route into ospf domain, and the packets which prefer this route will be blackholed. because the link to isp is broken. and the router will drop these packets.but the packets those prefer the other default route will go through the second router cause its link to isp is still up.
is it clear? -
Saving "Default " information in contacts
Hi All
I'm hoping that someone has the answer because my fingers are starting to sting, this is the third time that I have had to go through the 150 contacts on my E71, and set the Default for Text Message, Call, email, Video call etc, It happened when I sync'd with Ovi.
All my contacts are sync'd with Mail for Exchange, and normally I switch all the other syncs off because of this problem, the other night I noticed that Ovi didnt have the correct handset so I mistakingly sync'd it and it wiped all my defaults off.
Surely there is some way of saving the default contact information? - on my backups - none of the default information is saved there either.
Any ideas appreciated.
Shunts...
I will mostly be communicating with a Nokia E72 Zodium Black
Nokia E72-1 with Vr 051.018.207.04 Software
If this post helped... Add some kudos!!Interesting... have same problem, and same date!!! But have not found out what caused nor how to fix it!
-
How do I add default information to the Notes section of each new vm created: Basically want these 3 questions answered in the notes after the VM is created. Owner: Application: Prod/Dev: Can this be done in the GUI/Console? If so, how?Ho
So you just want the labels to be there, not the actual values.
Then you could use the Notes parameter on the New-VM cmdlet, something like this:
New-VM -Name TestVM -VMHost $esx -Datastore $ds -Notes "Field1: dummy`nField2: dummy`nField3: dummy"
The <back-tick>-n in the string is a new-line -
Change default information after Work Inbox
Hi,
So I’m not sure if I’m asking the right questions but I’m trying to understand what configuration or program is responsible for the information I
see after clicking on a Work Inbox request. Basically I did all the configuration (workflow) for EAM and the problem I’m having is that after I submit the Access Request and the request gets to the FF Owner and after I click on the request a the window to submit request to next stage opens but with no relevant information (screenshot attach), can someone let me know how to add info to this screen? We want to add at least the reason for the request but in general I think some configuration step is missing.Hi Jonathan
Was there a setting for "display" e.g. "Display Revw Screen
Also, check your authorisations for the user such as GRAC_REQ
I saw this error on SCN before but I can't find the thread where the solution was given
Regards
Colleen -
Modify the preference value of the default route
Hi
How to achieve the Below ? any configuration example?
1)How to modify the preference value of the default route to be less prefered than OSPF External route
2)how to redistribute the default route as type 2 external route
3)how to redistribute the default route as type 1 external route
thanksHi Ibrahim,
See below:
1) Can you elaborate on this a bit? Can you explain, specifically, what your trying to accomplish? I don't think you can get a default route into the OSPF RIB that is not external as the default is injected as a Type-5 LSA (e1 or e2). If your talking about getting a router to use the OSPF learned default over the default router learned via some other source (e.g. static, BGP, etc), then it depends on the source because of the Administrative Distance when comparing the two defaults ( the one default learned via OSPF has AD=110, and the other default is AD=X, where X is the Administrative Distance assigned to the protocol).
2) Use the "default-information originate metric-type 2" command under "router ospf" -- Note this is the default
3) Use the "default-information originate metric-type 1" command under "router ospf" -- Note, you don't need this in Totally Stubby Area.
4) For NSSA area you have to use the "area nssa <area_num> default information-originate metric-type <type>" router subcommand. Note your NSSA should have a Type-7 LSA for the default route
Rate if helpful.
Joe -
Import EIGRP default route only with network command
Hi,
Does anyone know why I can only import the default route learned by EIGRP (from a CE router) in the VPNV4 table with the command ?network 0.0.0.0? under the address family? Is this the correct behavior?
router bgp 100
address-family ipv4 vrf red
redistribute eigrp 200
no synchronization
network 0.0.0.0
exit-address-family
PE9(config-router-af)#do show ip route vrf red 0.0.0.0
Routing entry for 0.0.0.0/0, supernet
Known via "eigrp 200", distance 90, metric 547840, candidate default path, type internal
Redistributing via bgp 100, eigrp 200
Last update from 91.91.91.1 on FastEthernet0/0.91, 00:04:11 ago
Routing Descriptor Blocks:
* 91.91.91.1, from 91.91.91.1, 00:04:11 ago, via FastEthernet0/0.91
Route metric is 547840, traffic share count is 1
Total delay is 20400 microseconds, minimum bandwidth is 100000 Kbit
Reliability 255/255, minimum MTU 1500 bytes
Loading 1/255, Hops 4
PE9(config-router-af)#do show ip bgp vpnv4 vrf red 0.0.0.0
% Network not in table
PE9(config-router-af)#
PE9(config-router-af)#network 0.0.0.0
PE9(config-router-af)#
PE9(config-router-af)#do show ip bgp vpnv4 vrf red 0.0.0.0
BGP routing table entry for 91:91:0.0.0.0/0, version 1068
Paths: (1 available, best #1, table red)
Flag: 0x820
Advertised to update-groups:
2
Local
91.91.91.1 (via red) from 0.0.0.0 (9.9.9.9)
Origin IGP, metric 547840, localpref 100, weight 32768, valid, sourced, local, best
Extended Community: RT:118:118 Cost:pre-bestpath:128:547840
0x8800:32768:0 0x8801:200:522240 0x8802:65284:25600 0x8803:65281:1500
mpls labels in/out 28/nolabel
PE9(config-router-af)#
Thanks,
MarceloHi Marcelo,
Yes this is normal, a default route unlike any other routes is not redistributed between routing protocols by default, in the case of BGP you have 2 options, either use a network command and make sure that the route is in the routing table (via EIGRP in your case), or use redistribute + default-information originate, you can test this by removing the network command and adding the default-information originate under the address family.
HTH,
Mohammed Mahmoud. -
BGP default route advertisement - change preference
hi guys,
I would appreciate some assistance here. We have a primary head office & a DR site. Routers at both sites connect to our carrier for an IP VPN service using BGP. BGP configs on each router advertise a default route 0.0.0.0.
#sh ip bgp neighbors x.x.x.x advertised-routes
BGP table version is 358, local router ID is x.x.x.x
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Originating default network 0.0.0.0
Issue is, some of our remote sites prefer the DR router path for traffic destined to internet.
We are advertising multiple default routes to our carrier, and based on feedback from carrier, route with lowest MED is preferred.
This brings me to what i need to change from my side. Need to change the route preference so that from our remote offices, only the route to head office is preferred with DR site the least preferred route. I know there are multliple ways of doing this, however keen to get input from the experts out there.
DR site router has this BGP config currently applied:
router bgp XXXXX
bgp log-neighbor-changes
redistribute connected
redistribute ospf 1 match internal external 1 external 2
neighbor x.x.x.x remote-as XXXX
neighbor x.x.x.x default-originate
neighbor x.x.x.x soft-reconfiguration inbound
neighbor x.x.x.x route-map IMPORT-POLICY in
neighbor x.x.x.x route-map OPI-route-advertisement out
default-information originate
Removing the "neighbor x.x.x.x default-originate" is not an option, as we need to have the ability to failover to DR at any point.
Thanks in advance & if you need any further info pls advise.
RamaHi Milan,
Thanks. Answers below:
Does it provide an MPLS backbone to you? YES
Are you using the same AS number on all your sites or different ones? Same AS
Any way, what about advertising the default route from your DR site with the site AS number prepended several times (5 times, e.g.)? That's the thing I am struggling to understand as the route-map OPI-route-advertisement already has it prepended 2 times. Shouldn't that be enough to influence which route is least preferred?
route-map OPI-route-advertisement permit 20
match ip address prefix-list xxx default-route
set as-path prepend XXXXX XXXXX
If your provider would permit that and hasn't configured his routers to ignore the AS_PATH length (as him a question), it should make the default route advertised from your DR less preferred within your backbone. Will ask.
Given this, any other thoughts/questions?
Thanks, Rama -
ASA receiving two default routes to internet via OSPF
I am trying to test something for a client. If I have an ASA that receives two default routes to the internet via OSPF, will it load balance those connections? I have a feeling the answer is 'no.' If that is the case, would the ASA would be at least able use the second internet connection if the primary one becomes saturated?
TIA,
DanYes, I know that the ASA cannot have default routes on multiple interfaces. Both of the default routes are coming into the ASA's outside interface. There would be two routers and the ASA in area 0 for OSPF. The routers would have the default-information originate command in their OSPF configuration to push the default route out to the ASA.
-
Cascaded network unable to access default gateway att 5031nv
Hello - I have a Cisco 3750 sitting behind an ATT 5031 NV. The Cisco device has the following networks 'living' on it: 10.1.1.1 /2410.1.2.1 /2410.1.3.1 /24 All of these have DHCP pools living on the Cisco device. The default gateway they had out is the IP of the SVI (mentioned above). I am using OSPF between those networks - and they can all talk fine. I am using the 'default-information originate' command to obtain default route information. I have port Gi1/0/3 on the cisco device plugged into LAN port 4 on the ATT 5031 NV. Port Gi 1/0/3 is configured with a static IP in the 192.168.1.x network as follows:
ip address 192.168.1.2 255.255.255.0 On the ATT 5031 NV: Settings > broadband > link configuration, I have the 'cascaded network' option selected: Network Address: 10.1.0.0 Subnet Mask: 255.255.0.0 Choose the router that will host the secondary subnet: [Cisco Device Hostname] 192.168.1.2 (IP of Gi1/0/3 on cisco device) When i do this - i can ping from the 10.x.x.x networks to both 192.168.1.2 and 192.168.1.254 IP's - but i cannot get out to the Internet (neither by IP or hostname). I should metion that I have tried the DMZ pinhole option - where i made my Gi1/0/3 get an IP by DHCP > rebooted it > and I got my device to show up with a 108.225.x.x external IP (which again, my 10.x.x.x's could ping) but I could not ping the default gateway for that network. What am i missing here? anyone have any ideas? Config to follow: !interface GigabitEthernet1/0/3
description DMZ to WAN
no switchport
ip address 192.168.1.2 255.255.255.0!interface Vlan1
no ip address
interface Vlan100
description MANAGEMENT
ip address 10.1.1.1 255.255.255.0
interface Vlan120
description xxxx WIFI
ip address 10.1.2.1 255.255.255.0
interface Vlan130
description xxxx DATA
ip address 10.1.3.1 255.255.255.0!router ospf 1
network 10.1.1.0 0.0.0.255 area 1
network 10.1.2.0 0.0.0.255 area 1
network 10.1.3.0 0.0.0.255 area 1
default-information originate!ip default-gateway 192.168.1.254!ip route 0.0.0.0 0.0.0.0 192.168.1.254 Any help would be greatly appricated.Hi ,
With the cascaded router option, the purpose of that option is to pass over your static IPs so that your gateway handles the traffic. If you do have a set of static IPs available, the only thing you want to change is the cascaded router IP. The network address should be the IP of your router, so it would be 192.168.1.2 according to your setup.
If you are just trying to do a router behind router setup, you actually do not need to use the cascaded router option, and just putting it in DMZ should take care of everything.
Hope this helps.
-ATTU-verseCare -
Generating an OSPF default-route within Area0
Guys,
Are there any rules relating to generating a 0.0.0.0 0.0.0.0 within a backbone area.
As then a BB router would become an ASBR?
Also, is it possible to use a redist static to acheive the same result. On testing I cant seem to acheive that.
Many thx indeed,
Ken
router ospf 10
log-adjacency-changes
network 10.0.0.0 0.255.255.255 area 0
default-information originate
ip classless
ip route 0.0.0.0 0.0.0.0 10.192.67.2
S2Rtr1#sh ip int brief
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 10.192.66.1 YES NVRAM up up
Serial0/0 unassigned YES NVRAM administratively down down
BRI0/0 unassigned YES NVRAM administratively down down
BRI0/0:1 unassigned YES unset administratively down down
BRI0/0:2 unassigned YES unset administratively down down
FastEthernet0/1 10.192.67.1 YES NVRAM up up
Serial0/1 unassigned YES NVRAM administratively down down
Hssi1/0 10.192.1.2 YES NVRAM up up
S2Rtr1#I can't think of a good reason why a core router couldn't be an ASBR and inject the default route in the ospf domain. I have seen many customer doing it.
The only way to inject the default route in ospf is to use the "default-information originate" statement. The redistribute static won't do it.
Hope this helps, -
hy guys,
we have a border router in our network who originate the default. the border is running ldp and it is positioned as a PE. the idea is that on the directly connected P router the 0.0.0.0/0 prefix appears as tagged instead of having a PHP for it.
the configuration on the PE is :
router isis
net 49.0193.0231.0103.0055.00
metric-style wide
max-lsp-lifetime 65535
lsp-refresh-interval 63000
no hello padding
log-adjacency-changes
redistribute connected
default-information originate route-map Metric_Default
interface POS1/0
ip address 80.231.64.6 255.255.255.252
route-map Metric_Default permit 10
match ip address 15
set metric 10000
set metric-type external
access-list 15 permit 80.231.64.4 0.0.0.3
ip route 0.0.0.0 0.0.0.0 POS1/0Marius,
You need to configure "mpls ip default-route" if you want to enable label distribution for the default route.
Hope this helps, -
Route Leaking between VRF:s (Shared services)
Hi,
I'm a bit confused by this setup that i'm trying to achieve.
The setup is classic though, I have one VRF for education (EDU), one for administrators (ADM) and then a shared VRF (GEM) like this:
ip vrf ADM
description *** ADMIN NET ***
rd 2:2
export map ADM-to-EDU
route-target export 2:2
route-target import 1:1
route-target import 2:2
ip vrf EDU
description *** ELEV NET ***
rd 3:3
route-target export 3:3
route-target import 1:1
route-target import 33:33
route-target import 3:3
ip vrf GEM
description *** GEMENSAM NET ***
rd 1:1
route-target export 1:1
route-target import 2:2
route-target import 3:3
route-target import 1:1
As you can see, i have also configured an export map for vrf ADM, which i'm then importing routes from.
the Map looks as follows:
access-list 1 permit 172.18.254.37
route-map ADM-to-EDU permit 10
match ip address 1
set extcommunity rt 33:33 additive
A relevant part of the ip setup is as follows:
interface Loopback3
ip vrf forwarding EDU
ip address 3.3.3.3 255.255.255.255
interface Loopback37
ip vrf forwarding ADM
ip address 172.18.254.37 255.255.255.255
I'm running BGP:
router bgp 65235
no synchronization
bgp log-neighbor-changes
no auto-summary
address-family ipv4 vrf GEM redistribute connected
redistribute static
default-information originate
no synchronization
exit-address-family
address-family ipv4 vrf EDU
redistribute connected
redistribute static
default-information originate
no synchronization
exit-address-family
address-family ipv4 vrf ADM
redistribute connected
redistribute static
default-information originate
no synchronization
exit-address-family
Now, the thing is, the leaking is working, i can see the leaked route in the EDU routing table below,
Router#sh ip route vrf EDU
Routing Table: EDU
Codes: C - connected, S - static, R - RIP, M - mobile, B - BGP
D - EIGRP, EX - EIGRP external, O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, su - IS-IS summary, L1 - IS-IS level-1, L2 - IS-IS level-2
ia - IS-IS inter area, * - candidate default, U - per-user static route
o - ODR, P - periodic downloaded static route
Gateway of last resort is 172.19.16.5 to network 0.0.0.0
1.0.0.0/32 is subnetted, 1 subnets
B 1.1.1.1 is directly connected, 04:53:31, Loopback1
3.0.0.0/32 is subnetted, 1 subnets
C 3.3.3.3 is directly connected, Loopback3
172.19.0.0/32 is subnetted, 1 subnets
B 172.19.16.5 is directly connected, 02:27:51, Loopback0
172.18.0.0/32 is subnetted, 1 subnets
B 172.18.254.37 is directly connected, 00:32:14, Loopback37
B* 0.0.0.0/0 [20/0] via 172.19.16.5 (GEM), 02:08:42
but i cannot reach it:
Router#ping vrf EDU 172.18.254.37
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.254.37, timeout is 2 seconds:
Success rate is 0 percent (0/5)
But if i run "debug ip packet" and the perform another ping, i get this result which i think is a bit weird? to me it seems as if it works.
Router#ping vrf EDU 172.18.254.37
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.254.37, timeout is 2 seconds:
*Mar 1 05:42:40.562: IP: tableid=2, s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:40.566: IP: s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), len 100, sending
*Mar 1 05:42:40.574: IP: tableid=2, s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:40.578: IP: s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), len 100, rcvd 3
*Mar 1 05:42:40.578: IP: tableid=2, s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:40.578: IP: s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), len 100, sending
*Mar 1 05:42:40.578: IP: tableid=2, s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:40.578: IP: s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), len 100, rcvd local pkt.
*Mar 1 05:42:42.562: IP: tableid=2, s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:42.566: IP: s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), len 100, sending
*Mar 1 05:42:42.574: IP: tableid=2, s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:42.578: IP: s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), len 100, rcvd 3
*Mar 1 05:42:42.582: IP: tableid=2, s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:42.586: IP: s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), len 100, sending
*Mar 1 05:42:42.590: IP: tableid=2, s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:42.590: IP: s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), len 100, rcvd local pkt.
*Mar 1 05:42:44.562: IP: tableid=2, s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:44.566: IP: s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), len 100, sending
*Mar 1 05:42:44.570: IP: tableid=2, s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:44.574: IP: s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), len 100, rcvd 3
*Mar 1 05:42:44.578: IP: tableid=2, s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:44.578: IP: s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), len 100, sending
*Mar 1 05:42:44.578: IP: tableid=2, s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:44.578: IP: s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), len 100, rcvd local pkt.
*Mar 1 05:42:46.566: IP: tableid=2, s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:46.570: IP: s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), len 100, sending
*Mar 1 05:42:46.570: IP: tableid=2, s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:46.570: IP: s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), len 100, rcvd 3
*Mar 1 05:42:46.570: IP: tableid=2, s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:46.570: IP: s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), len 100, sending
*Mar 1 05:42:46.570: IP: tableid=2, s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:46.574: IP: s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), len 100, rcvd local pkt.
*Mar 1 05:42:48.562: IP: tableid=2, s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:48.566: IP: s=3.3.3.3 (local), d=172.18.254.37 (Loopback37), len 100, sending
*Mar 1 05:42:48.566: IP: tableid=2, s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), routed via RIB
*Mar 1 05:42:48.570: IP: s=3.3.3.3 (Loopback37), d=172.18.254.37 (Loopback37), len 100, rcvd 3
*Mar 1 05:42:48.574: IP: tableid=2, s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:48.574: IP: s=172.18.254.37 (local), d=3.3.3.3 (Loopback0), len 100, sending
*Mar 1 05:42:48.582: IP: tableid=2, s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), routed via RIB
*Mar 1 05:42:48.582: IP: s=172.18.254.37 (Loopback0), d=3.3.3.3 (Loopback0), len 100, rcvd local pkt.
Success rate is 0 percent (0/5)
Router#
However, if i add leaking for 3.3.3.3 in ADM vrf like this:
access-list 2 permit 3.3.3.3
route-map EDU-to-ADM permit 10
match ip address 2
set extcommunity rt 22:22 additive
ip vrf ADM
description *** ADMIN NET ***
rd 2:2
export map ADM-to-EDU
route-target export 2:2
route-target import 1:1
route-target import 22:22 < - added line
route-target import 2:2
ip vrf EDU
description *** ELEV NET ***
rd 3:3
export map EDU-to-ADM < - added line
route-target export 3:3
route-target import 1:1
route-target import 33:33
route-target import 3:3
Then it will work:
Router#ping vrf EDU 172.18.254.37
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.254.37, timeout is 2 seconds:
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/4/16 ms
So actually, my big question is, am i doing this the right or wrong way? i'm a bit confused.
Sorry about the rant, maybe it will clarify some things for others who are confused, or maybe just make it worse!
Some additional thoughts:
Why can't i perform this ping, shouldnt this work?
Router#ping vrf GEM 172.18.254.37
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.18.254.37, timeout is 2 seconds:
Success rate is 0 percent (0/5)
Router#
bgp info:
Router#sh ip bgp vpnv4 all
BGP table version is 79, local router ID is 1.1.1.1
Status codes: s suppressed, d damped, h history, * valid, > best, i - internal,
r RIB-failure, S Stale
Origin codes: i - IGP, e - EGP, ? - incomplete
Network Next Hop Metric LocPrf Weight Path
Route Distinguisher: 1:1 (default for vrf GEM)
*> 0.0.0.0 172.19.16.5 0 32768 ?
*> 1.1.1.1/32 0.0.0.0 0 32768 ?
*> 2.2.2.2/32 0.0.0.0 0 32768 ?
*> 3.3.3.3/32 0.0.0.0 0 32768 ?
*> 172.18.254.37/32 0.0.0.0 0 32768 ?
*> 172.19.16.5/32 0.0.0.0 0 32768 ?
Route Distinguisher: 2:2 (default for vrf ADM)
*> 0.0.0.0 172.19.16.5 0 32768 ?
*> 1.1.1.1/32 0.0.0.0 0 32768 ?
*> 2.2.2.2/32 0.0.0.0 0 32768 ?
*> 3.3.3.3/32 0.0.0.0 0 32768 ?
*> 172.18.254.37/32 0.0.0.0 0 32768 ?
*> 172.19.16.5/32 0.0.0.0 0 32768 ?
Route Distinguisher: 3:3 (default for vrf EDU)
*> 0.0.0.0 172.19.16.5 0 32768 ?
*> 1.1.1.1/32 0.0.0.0 0 32768 ?
Network Next Hop Metric LocPrf Weight Path
*> 3.3.3.3/32 0.0.0.0 0 32768 ?
*> 172.18.254.37/32 0.0.0.0 0 32768 ?
*> 172.19.16.5/32 0.0.0.0 0 32768 ?
Router#Thank you for your answer Aravala.
Ok, so i think i'm beginning to understand this now after several hours..
Below is my setup now, and it works, but the thing is that it ONLY works from nets that are actually configured on interfaces.
What i mean by this is,
i want to reach ONLY the ip 172.18.254.37(ADM net) from ANY adress on 172.19.0.0/16 (EDU net)
so naturally i try and change the prefix list to:
ip prefix-list 1 seq 5 permit 172.18.254.37/32
ip prefix-list 2 seq 5 permit 172.19.0.0/16
But this doesnt work, i would be very grateful if someone could explain why and how to get around it..! i dont want to define every subnet on 172.19.0.0/16 and at the same time leave all of the 172.18.254.0/24 network open.
working setup:
ip vrf ADM
description *** ADMIN NET ***
rd 2:2
export map ADM-to-EDU
route-target export 2:2
route-target import 1:1
route-target import 22:22
route-target import 2:2
ip vrf EDU
description *** ELEV NET ***
rd 3:3
export map EDU-to-ADM
route-target export 3:3
route-target import 1:1
route-target import 33:33
route-target import 3:3
ip vrf GEM
description *** GEMENSAM NET ***
rd 1:1
route-target export 1:1
route-target import 2:2
route-target import 3:3
route-target import 1:1
ip prefix-list 1 seq 5 permit 172.18.254.0/24
ip prefix-list 2 seq 5 permit 172.19.64.0/21
route-map ADM-to-EDU permit 10
match ip address prefix-list 1
set extcommunity rt 33:33 additive
route-map EDU-to-ADM permit 10
match ip address prefix-list 2
set extcommunity rt 22:22 additive
Maybe you are looking for
-
What Folders Should Install?
I'm trying to figure out what samples should install and what instruments should install? As it seems like after upgrading to 8 from Logic 7, all the files have not installed. In the Media Browser for Loops I have 19210 Loops (which seems right) In t
-
So I'm having a couple of issues with my ipod 2g connecting with my computer (running windows 7). Initially 'My Computer' would not recognize my iPod, but iTunes would. Google told me to go to Device Manager and uninstall/reinstall and it worked! Onl
-
Problem Transforming modified in-memory XML doc
In a web app, I'm using javascript to load an XML document and an XSL stylesheet. The XML data is presented in html with <input> tags to allow the user to modify the in-memory XML document. Whenever a user modifies the data, the in-memory XML documen
-
DBMS_LOB.GETLENGTH Bytes? K? MB? GB?
What is size of a BLOB or LOB returned with DBMS_LOB.GETLENGTH? Is it bytes? K? MB?
-
Did being able to use the same data in multiple apps get added?
In the new iOS 4.2, did Apple include the ability to use the same data, eg PDF files in multiple apps? I have several hundred PDF files that I want to use in three different apps. Or is it still the same, that you have to load up (and use valuable sp