Hi all
I've got myself into a muddle about VRF-Lite route leaking. I'm trying to offer a shared service (one subnet now, but several in the future) to both customers.
I've got a router with 3 VRFs, lets call them APN, CUSTA and CUSTB
CustA and CUSTB are part of the same BGP process, I've split them off into their own VRF:
router bgp 64535
bgp router-id 192.168.68.34
bgp log-neighbor-changes
!
address-family ipv4 vrf CUSTA
network 192.168.68.32 mask 255.255.255.252
neighbor 192.168.68.33 remote-as 65000
neighbor 192.168.68.33 activate
exit-address-family
address-family ipv4 vrf CUSTB
network 192.168.68.36 mask 255.255.255.252
neighbor 192.168.68.37 remote-as 65000
neighbor 192.168.68.37 activate
exit-address-family
I've also got my own OSPF process where I've got my Shared service. The shared service is not adjacent to this router, but is a couple hops away.
router ospf 222 vrf APN
capability vrf-lite
network 10.64.222.4 0.0.0.3 area 0
I've defined route targets,
vrf definition APN
rd 33:33
route-target export 33:33
!
address-family ipv4
exit-address-family
!
vrf definition CUSTA
rd 400272:1
route-target export 400272:1
!
address-family ipv4
exit-address-family
vrf definition CUSTB
rd 400272:2
route-target export 400272:2
!
address-family ipv4
exit-address-family
show ip route APN gets me:
O E2 33.33.33.33 [110/1] via 10.64.222.5, 01:40:37, GigabitEthernet0/0/0
I can also get routes from both BGP CUSTA and CUSTB, so I've got at least the VRF set up correctly, with the right interfaces in the right VRFs.
How do I get CUSTA and CUSTB to see routes from APN, but not from each other?
Sorry if this doesn't sound like I've tried - I've been on this all day. I've managed to get routes one way, from BGP to OSPF but never the other way round. I'm asking for a bit of a bump in the right direction!
Thanks in advance!
No comments:
Post a Comment