Redistribution of "global" OSPF into a VRF

Similar Messages

• Import IP Prefix from Global Table into a VRF Table

  Hello,
  Is it possible to import IP Prefix from Global Table into a VRF Table on ASR9001 with Version 4.3.0? Thanks.
  Regards,
  Eric

  hi Eric,
  In 4.3.1 there is a feature that will allow you to do this.
  The Border Gateway Protocol (BGP) dynamic route leaking feature provides the ability to import routes
  between the default-vrf (Global VRF) and any other non-default VRF, to provide connectivity between a
  global and a VPN host. The import process installs the Internet route in a VRF table or a VRF route in the
  Internet table, providing connectivity.
  You can follow the ASR9000 blog here to monitor when 4.3.1 will be posted to Cisco.com
  https://supportforums.cisco.com/blogs/asr9k
  or watch for the 4.3.1 Release Notes here
  http://www.cisco.com/en/US/products/ps5845/prod_release_notes_list.html
  regards,
  David

• BGP Support for IP Prefix Import from Global Table into a VRF Table

  Hi,
  is any ever tried this. When i uses a such a route-map for import ipv4 prefix from the global route table, it also filters the ipv4 prefix'es from the vrf route table. So I lost vrf routes from the other routers. I have tried to allow wiht a extcommunity list but I didnt worked. Is this a bug or am I missing something.

  Hi Tarj,
  First of all, i'd recommend you to start a new thread in case you have your own problem to solve, unless your problem is related to the original post.
  As for you question, what you have described is the exact behavior of a service provider with a MPLS backbone, it is a BGP free core, the P routers need not run BGP, since the PE routers will have LSP tunnels using label switching over the backbone and the P routers will just do label swapping and not IP lookups, accordingly the P routers needs not learn the BGP routes, but however you need all the routers (PEs and Ps) to run an IGP in order to be able to build the forwarding plane tables.
  I hope that i've been informative.
  BR,
  Mohammed Mahmoud.

• Inject BGP Default Routes into Multiple VRF before Best Path Selection

  Hello, 
  I have the following setup:
  Multiple Border Routers with eBGP sessions to external AS. We receive a default route from this multiple AS to keep the Table manageable. We noticed an important part of our traffic was been SW routed instead of CEF when we had the Full Internet table. Router Resources came to the ground when we changed to a default. 
  Now I want to separate this default routes into different VRF. Attached is the Diagram. 
  My question is,  the multiple default route all go into the BGP Table. The BGP table then select the best route and place it on the RIB and then to the FIB. 
  I want to redistribute the different Route on the BGP table prior to the Best path selection algorithm and placed on the RIB. 
  How can I achieve this?

  Hi,
  Redistribution of multiple routes to same prefix is not possible. Even if you have configured BGP multipath and all different bgp routes got installed into routing table, during redistribution only route will be redistributed. 
  Also would like to understand the requirement of redistributing multiple BGP routes in to IGP. As per your diagram, 3 different eBGP sessions are on three different routers, so you can prefer eBGP route over iBGP received from other routers and can distribute eBGP route to IGP from each router. Thus you will have three different default routes in to IGP in core.
  Please don't forget to rate this post if it has been helpful
  - Akash

• Export global classes into program

  Hello,
  it is possible to import local classes from program into
  class builder.
  I would like to export global classes into program. Is there such a thing (4.6C)?
  Thank you, in advance for your responses.
  Best regards
  Sergej

  Sure, via [SAPlink|http://code.google.com/p/saplink/]
  Regards
  Marcin

• Ending a global transaction into WB

  Hi,
  today when I tried ton connect to my OWB project through the client, I get the following error:
  PRS-00322:internal error, started new global transaction without ending existing global transaction.
  I suppose there would be an "appended" global transaction into a still open procedure/session. I tried to kill all open sessions from the enterprie manager, but the error still exists.
  Does anyone has any suggestions about this, or knows how to solve it?
  Best regards,
  Alessandro

  have u tried this
  alter system session kill immediate""..
  else
  login as sys and check status of OWB design user...see if that is locked
  or at last
  if possible reboot the database server

• Redistribution from ospf into eigrp

  If I have 3 routers running ospf and want to redistribute eigrp into this, what metrics do I need to use ?
  thanks

  I'm assuming you are wanting one way redistribute. If you are wanting to redistribute EIGRP into OSPF you will need to use a COST based metric such as;
  redistribute eigrp 65001 metric 100 subnets
  -or-
  redistribute eigrp 65001 subnets
  default-metric 100
  A metric is not required for OSPF, however, if you redistribute an IGP into OSPF without specifying a default-metric, it will be assigned a metric of 20. The OSPF metric is based on the 10 to the 8th / bandwidth of the link. For example, Ethernet cost is 10.
  Please rate post if it helped.
  Thanks!

• BGP Session drops when loading routes into a VRF

  I've configured a small MPLS network with 4 P routers (ASR 1002s) 4 PE routers (6509s) and two Cisco 7206s as route reflectors.  I'm using OSPF as the routing protocol on the PE-CE interfaces and have sham links configured between PE routers.  I currently have two VRFs configured on this network, one is working fine, and there are approximately 150 routes in this VRF. 
  The second vrf is configured, it also has ospf sham links configured, neighbors up, etc.
  The problem I have is that when I bring up the first PE-CE link and load about 7000 routes into the second vrf my BGP sessions between the other PEs and route-reflectors start timing out.  I do show the vpnv4 routes show up in the route-reflectors "sh ip bgp vpnv4 rd 14017:2" I believe the debug outputs below indicate the issue is in the route-reflectors, but was curious if anyone else had seen this issue.  The BGP peering IP address for one of the route-reflectors is 10.2.0.7 and one of the session dropping PEs is 10.2.0.13.
  Normal output from "unloaded" debug ip bgp vpnv4 unicast keepalives:
  Route-reflector output:
  May 16 09:35:31   2329: May 16 09:35:30.718 CDT: BGP: ses global 10.2.0.13 (0xA0519C0:1) Keep alive timer fired.
  May 16 09:35:31   2330: May 16 09:35:30.718 CDT: BGP: 10.2.0.13 KEEPALIVE requested (bgp_keepalive_timer_expired)
  May 16 09:35:31   2331: May 16 09:35:30.718 CDT: BGP: ses global 10.2.0.13 (0xA0519C0:1) service keepalive IO request.
  May 16 09:35:31   2332: May 16 09:35:30.718 CDT: BGP: 10.2.0.13 KEEPALIVE write request serviced in BGP_IO
  PE output:
  May 16 09:35:38.421 CDT: BGP: 10.2.0.7 KEEPALIVE requested (bgp_keepalive_timer_expired)
  May 16 09:35:38.421 CDT: BGP: 10.2.0.7 KEEPALIVE sent
  Route-reflector output:
  May 16 09:35:39   2341: May 16 09:35:38.427 CDT: BGP: 10.2.0.13 received KEEPALIVE, length (excl. header) 0
  Same output but during a "loaded" condition:
  Route-reflector output:
  May 15 20:41:31   774: May 15 20:41:31.015 CDT: BGP: ses global 10.2.0.13 (0xA091324:1) Keep alive timer fired.
  May 15 20:41:31   775: May 15 20:41:31.015 CDT: BGP: 10.2.0.13 KEEPALIVE requested (bgp_keepalive_timer_expired)
  May 15 20:41:31   778: May 15 20:41:31.015 CDT: BGP: ses global 10.2.0.13 (0xA091324:1) service keepalive IO request.
  May 15 20:42:29   793: May 15 20:42:28.363 CDT: BGP: ses global 10.2.0.13 (0xA091324:1) Keep alive timer fired.
  May 15 20:42:29   794: May 15 20:42:28.363 CDT: BGP: 10.2.0.13 KEEPALIVE requested (bgp_keepalive_timer_expired)
  May 15 20:43:23   805: May 15 20:43:22.638 CDT: BGP: ses global 10.2.0.13 (0xA091324:1) Keep alive timer fired.
  May 15 20:43:23   806: May 15 20:43:22.638 CDT: BGP: 10.2.0.13 KEEPALIVE requested (bgp_keepalive_timer_expired)
  May 15 20:43:33   813: May 15 20:43:33.934 CDT: %BGP-3-NOTIFICATION: received from neighbor 10.2.0.13 4/0 (hold time expired) 0 bytes
  PE output:
  May 15 20:43:33.927 CDT: %BGP-3-NOTIFICATION: sent to neighbor 10.2.0.7 4/0 (hold time expired) 0 bytes
  May 15 20:43:33.927 CDT: %BGP-5-ADJCHANGE: neighbor 10.2.0.7 Down BGP Notification sent
  Route-reflector output:
  May 15 20:43:34   814: May 15 20:43:33.934 CDT: %BGP-5-ADJCHANGE: neighbor 10.2.0.13 Down BGP Notification received
  It appears to me that we are missing "BGP: 10.2.0.13 KEEPALIVE write request serviced in BGP_IO"
  For full disclosure there are other BGP keep-alive events going on to the other PEs at this time, some passing, some failing.
  route-reflector info:
  route-reflector1#sh inv
  NAME: "Chassis", DESCR: "Cisco 7206VXR, 6-slot chassis"
  PID: CISCO7206VXR      , VID:    , SN: 37050753
  NAME: "NPE-G2 0", DESCR: "Cisco 7200 Series Network Processing Engine NPE-G2"
  PID: NPE-G2            , VID: V03 , SN: JAF1410AADM
  NAME: "disk2", DESCR: "256MB Compact Flash Disk for NPE-G2"
  PID: MEM-NPE-G2-FLD256 , VID:    , SN:
  NAME: "Power Supply 1", DESCR: "Cisco 7200 AC Power Supply"
  PID: PWR-7200-AC       , VID:    , SN:
  NAME: "Power Supply 2", DESCR: "Cisco 7200 AC Power Supply"
  PID: PWR-7200-AC       , VID:    , SN:
  route-reflector1#sh ver
  Cisco IOS Software, 7200 Software (C7200P-ADVIPSERVICESK9-M), Version 15.1(4)M5, RELEASE SOFTWARE (fc1)
  Technical Support: http://www.cisco.com/techsupport
  Copyright (c) 1986-2012 by Cisco Systems, Inc.
  Compiled Tue 04-Sep-12 19:41 by prod_rel_team
  ROM: System Bootstrap, Version 12.4(12.2r)T, RELEASE SOFTWARE (fc1)
  BOOTLDR: Cisco IOS Software, 7200 Software (C7200P-BOOT-M), Version 15.1(4)M5, RELEASE SOFTWARE (fc1)
  route-reflector1 uptime is 15 weeks, 20 hours, 43 minutes
  System returned to ROM by reload at 11:03:48 UTC Thu Jan 31 2013
  System restarted at 12:37:52 CST Thu Jan 31 2013
  System image file is "disk2:c7200p-advipservicesk9-mz.151-4.M5.bin"
  Any thoughts on this problem would be greatly appreciated.

  Hi again,
  did you check this?
  http://www.cisco.com/en/US/tech/tk365/technologies_configuration_example09186a008010a28a.shtml
  I honestly do not remember the defaults in Cisco but I had a very similar issue working with Juniper because of this value was set @ about 4500 prefixes at once.
  Take care
  Alessio
  Sent from Cisco Technical Support iPad App

• Sharing global routing table with vrf for intra-as traffic

  We have a network block of 10.201.0.0/16 which is divided into two subnet 10.201.0.0/18 and 10.201.192.0/18. We are getting a internet feed for each subnet.
  10.201.192.0/18 is in global routing table, and 10.201.0.0/18 is in a vrf-lite green.
  I am thinking doing the following:
  ...........HUB
  VL199/....\VL198
  SPOKE1 SPOKE2
  Hub and spoke are from perspective of vrf green.
  For vrf green in the HUB:
  ip route vrf green 10.201.0.0 255.255 255.192 vlan 199
  ip route vrf green 10.201.64.0 255.255.255.192 vlan198
  SPOKE1
  ip route 0.0.0.0 0.0.0.0 vlan199
  SPOKE2
  ip route 0.0.0.0 0.0.0.0 vlan198
  Suppose we already get the 2 internet feeds to HUB route with vrf green and global routing table. This should get vrf green going.
  But we also have global routing table on the HUB router.
  We would like to have 10.201.0.0/16 communicating with each other, and only keep internet default separated.
  How should we get to 10.201.0.0/18 from global routing table and how should we get to 10.201.192.0/18 from SPOKE[12]?

  In my lab, I have 2 ports configured.
  int gi1/2
  ip vrf forward green
  ip address 10.201.192.253 255.255.255.252
  int gi1/1
  ip address 10.201.192.254 255.255.255.252
  ip route 10.201.0.0 255.255.192.0 gi1/2
  ip route vrf 10.201.192.0 255.255.192.0 gi1/1 10.201.192.254
  This way, from vrf green to global has go through HUB. and vrf greens will also go through greens.
  Is there any other much elegant way for this purpose?

• VRF Best Practice: LAN only VRF, Mgmt VRF, Global Routing table or VRF?

  I am setting up a routed LAN (not a WAN) environment on two 6500 switches (sup-720). My goal is to create 32 routed environments separated by logical firewalls (multi-context ASA's). So I want a “core” router in each environment, and don't want to buy 32 pairs of 6500's-sorry Cisco.
  Each of these environments are tied together by a core routing environment, running on the same pair of 6500's. No WAN MPLS is going on and I am trying to use VRF for each of the routed environments core router. The management functions of the 6500 shall run off the VRF Core router and ip range (the one that ties all the other VRF's together. Here is a simple diagram:
  VRF1
  ||
  FW1
  ||
  VRFCOR
  ||
  FW2
  ||
  VRF2
  So to go from VRF1 to VRF2, you traverse two firewalls and VRFCOR.
  Several questions related to this design:
  1) Am I nuts to use VRF's in this application?
  2) Is there a better choice than VRF's to do what I want?
  3) Should VRFCOR be the global routing table (IOW, not a VRF)? Or should be its own VRF? Another way to ask this is: Shall a router ever run entirely in VRF tables, or should there be at least one global table in use?
  4) Are there problems with any management protocols on a VRF, such as NTP, AAA, SNMP, LOGGING, TELNET? Or have all those been worked out?
  5) Any other suggestions?
  TIA, Will

  VRF is suited for such kind of an application. Refer to URL http://cisco.com/application/pdf/en/us/guest/netsol/ns171/c649/ccmigration_09186a0080851cc6.pdf to get an idea about the

• How to build labview global variable into dll?And how to use it in vc++ program?

  Hi!
     I want to build labview application into dll and use vc++ to call it.The labview program is a little complex,for it has many interface to vc++ and has while loop in it.When I use vc++ to call it,I must use vc++ to do other things.That is to say,vc++ creates a new thread to provide for the labview dll to run.the vc main thread goes on to other things.But the vc++ main thread must communicate with the labview dll by setting its inputs' parameters and get the results of running labview dll.Can you advise me how to realize it?
     I think global variable of labview could be useful when realizing the communication betweeb vc thread and labview dll.So I want to ask whether the labview global variable could also be built into dll and use it.Could you please tell me how to realize my idea?
     Thank you!

  [email protected] wrote:
  Hi!
  I want to build labview application into dll and use vc++ to call
  it.The labview program is a little complex,for it has many interface to
  vc++ and has while loop in it.When I use vc++ to call it,I must use
  vc++ to do other things.That is to say,vc++ creates a new thread to
  provide for the labview dll to run.the vc main thread goes on to other
  things.But the vc++ main thread must communicate with the labview dll
  by setting its inputs' parameters and get the results of running
  labview dll.Can you advise me how to realize it?
     I
  think global variable of labview could be useful when realizing the
  communication betweeb vc thread and labview dll.So I want to ask
  whether the labview global variable could also be built into dll and
  use it.Could you please tell me how to realize my idea?
     Thank you!
  You
  can't access LabVIEW globals directly from a caller to the LabVIEW DLL.
  However there is no problem in providing specific accessor VI functions
  to that global and export them as additional functions from the DLL.
  Rolf Kalbermatter
  Rolf Kalbermatter
  CIT Engineering Netherlands
  a division of Test & Measurement Solutions

• RIP redistribution in to OSPF breaks when 1OSPF path goes down

  Hi All,
  I'm failing to understand why the RIP redistribution is breaking when I shutdown interface 0/0 on the mpls-usa router (mpls is just a naming convention). When 0/0 is up RIP is redistributed by when it is down I get nothing. See diagram below:
  The topology:
  Show ip route on mpls-2 and mpls-3 when interface 0/0 is down on mpls-usa
  show ip route on mpls-2 and mpls-3 with eth 0/0 down
  And this is my config on MPLS-USA

  Hi,
  First of all , please mention interfaces in your topology. Second in all routing table snapshot you cut the router hostname that also creates confusion.
  Now in the last output, i am not sure that output is from MPLS-2 or MPLS-3 and where E0/1 is connected to. Regarding your question related to number of routes, i guess you would have only one route in routing table because in OSPF external routes other than route metric, metric to ASBR also comes in to picture.
  When you shut one interface, route should not get disappeared. You can shut interface between MPLS-2 and MPLS-USA and share ospf lsa database output from MPLS-USA and MPLS-3. Also "show ip ospf nei" on MPLS-USA router.

• OSPF neighbors in VRF

  What is the command to check all ospf nieghbors in a VRF in a Cisco 6509 switch

  Hi,
  I believe IOS supports the 'vrf' keyword in show-commands only for OSPFv3 with AFI-support.
  But you can use the process ID instead, which also is easier to type:
  (config-rtr)# router ospf 5 vrf VRF-5
  # show ip ospf 5 neighbor
  HTH
  Rolf

• VPDN PPTP server doesn't work after put it into an VRF instance

  Originally we have one internet connection for our router which served as a PPTP server at the same time and everything worked well. Recently we got another internet connection, and we want it as a dedicated PPTP server interface. That means all the traffic except the PPTP data goes to the first internet connection. So we decide to use VRF (virtual routing forwarding) for the PPTP.
  First attachment is the configuration that worked,
  then is the broken configuration.
  When connecting from a Windows client, the process would hang up at "verifying username and password". What's more, I used Wireshark and found that for the broken config, after pptp negotiations, the GRE data that contain ppp data cannot be exchanged, it seems the router cannot find way back for the GRE.

  Thank you for your reminding me of this. I'am newly here, and I am really sorry that I've made you uneasy. But firstly, I doesn't think GFW is something officially documented in China's legislation. In fact, it is something the government tried to conceal but already known to all. So breaking through it is not illegal.
  And what I want is just to get access to gmail, wikipedia, twitter, facebook, instagram and so on. And what's more, GFW has once blocked github and now, it blocks google entirely. I am a technical ecstasy not a politician. I just want to learn more freely.
  Thank you all the way. And I feel fairly good with such a warm-hearted community. The arch wiki has really teached me a lot. Thank you.

• VBScript to add users form Global group into Universal Group

  HI,
  I am looking for help in creating a script to read all of the members of all of the global groups within a universal group and add the members to the universal group directly. I would then need to have a function to remove the global groups form the universal
  group. Is this possible? I have been searching for help as I am stumped.
  thank you,

  Hi Tom,
  sure this can be done. There's a useful command in Powershell named "Get-ADGroupMember" which will list you the members of your universal group.
  After you have those, you can check those members out ("Get-ADGroup" might come in handy). When you have found all the groups that are global, you can then check their members (Say hello to your old pal "Get-ADGroupMember"),
  remove them from the global group and add them to the universal group (Say hello to his two old buddies "Remove-ADGroupMember" and "Add-ADGroupMember").
  Cheers,
  Fred
  Edit: Oh, just noticed you asked for VBScript - Sorry, don't know how to do this in VBS. If you need to run this against a Win 2k3 DC, you can install the Gateway service for it, that allows you to run Powershell cmdlets against it.
  There's no place like 127.0.0.1