VRF import/export

2023年9月15日 07:52

前提

・iosv-1側はOSPFでCEと接続
・iosv-5側はEIGRPでCEと接続
・iosv-6,8はLoopback0,1を持つ
・Loopback0: x.x.x.x/32
・Loopback1: xx.xx.xx.xx/32

import

Before

iosv-6#sh run | s router ospf
router ospf 100
 network 0.0.0.0 255.255.255.255 area 0

iosv-6#sh ip ro | b Gate
Gateway of last resort is not set

      6.0.0.0/32 is subnetted, 1 subnets
C        6.6.6.6 is directly connected, Loopback0
      8.0.0.0/32 is subnetted, 1 subnets
O E2     8.8.8.8 [110/1] via 16.1.1.1, 00:07:50, GigabitEthernet0/0
      16.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        16.1.1.0/24 is directly connected, GigabitEthernet0/0
L        16.1.1.6/32 is directly connected, GigabitEthernet0/0
      58.0.0.0/24 is subnetted, 1 subnets
O E2     58.1.1.0 [110/1] via 16.1.1.1, 00:09:39, GigabitEthernet0/0
      66.0.0.0/32 is subnetted, 1 subnets
C        66.66.66.66 is directly connected, Loopback1
      88.0.0.0/32 is subnetted, 1 subnets
O E2     88.88.88.88 [110/1] via 16.1.1.1, 00:07:50, GigabitEthernet0/0

iosv-8#sh run | s router eigrp
router eigrp 100
 network 0.0.0.0

iosv-8#sh ip ro | b Gate
Gateway of last resort is not set

      6.0.0.0/32 is subnetted, 1 subnets
D EX     6.6.6.6 [170/2560000512] via 58.1.1.5, 00:00:13, GigabitEthernet0/0
      8.0.0.0/32 is subnetted, 1 subnets
C        8.8.8.8 is directly connected, Loopback0
      16.0.0.0/24 is subnetted, 1 subnets
D EX     16.1.1.0 [170/2560000512] via 58.1.1.5, 00:00:13, GigabitEthernet0/0
      58.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        58.1.1.0/24 is directly connected, GigabitEthernet0/0
L        58.1.1.8/32 is directly connected, GigabitEthernet0/0
      66.0.0.0/32 is subnetted, 1 subnets
D EX     66.66.66.66 
           [170/2560000512] via 58.1.1.5, 00:00:13, GigabitEthernet0/0
      88.0.0.0/32 is subnetted, 1 subnets
C        88.88.88.88 is directly connected, Loopback1

設定

iosv-1(config)#ip prefix PRE permit 8.8.8.8/32
iosv-1(config)#route-map MAP permit 10
iosv-1(config-route-map)#match ip address prefix PRE
iosv-1(config-route-map)#exit
iosv-1(config)#vrf def bbb
iosv-1(config-vrf)#add ipv4
iosv-1(config-vrf-af)#import map MAP

iosv-5(config)#ip prefix PRE permit 6.6.6.6/32
iosv-5(config)#route-map MAP permit 10
iosv-5(config-route-map)#match ip add prefix PRE
iosv-5(config-route-map)#exit
iosv-5(config)#vrf def bbb
iosv-5(config-vrf)#add ipv4
iosv-5(config-vrf-af)#import map MAP

After

iosv-6#sh ip ro | b Gate
Gateway of last resort is not set

      6.0.0.0/32 is subnetted, 1 subnets
C        6.6.6.6 is directly connected, Loopback0
      8.0.0.0/32 is subnetted, 1 subnets
O E2     8.8.8.8 [110/1] via 16.1.1.1, 00:00:00, GigabitEthernet0/0
      16.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        16.1.1.0/24 is directly connected, GigabitEthernet0/0
L        16.1.1.6/32 is directly connected, GigabitEthernet0/0
      66.0.0.0/32 is subnetted, 1 subnets
C        66.66.66.66 is directly connected, Loopback1

iosv-8#sh ip ro | b Gate
Gateway of last resort is not set

      6.0.0.0/32 is subnetted, 1 subnets
D EX     6.6.6.6 [170/2560000512] via 58.1.1.5, 00:00:21, GigabitEthernet0/0
      8.0.0.0/32 is subnetted, 1 subnets
C        8.8.8.8 is directly connected, Loopback0
      58.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        58.1.1.0/24 is directly connected, GigabitEthernet0/0
L        58.1.1.8/32 is directly connected, GigabitEthernet0/0
      88.0.0.0/32 is subnetted, 1 subnets
C        88.88.88.88 is directly connected, Loopback1

OSPFでもEIGRPでもclearする必要があるので注意。
route-mapもといprefix-listで指定したアドレスのみimportし、その他はドロップ。

export

importの設定は削除する。

設定

iosv-1(config)#ip prefix PRE_2 permit 6.6.6.6/32    
iosv-1(config)#route-map MAP_2 permit 10
iosv-1(config-route-map)#match ip add prefix PRE_2
iosv-1(config-route-map)#set extcommunity 1:300
iosv-1(config-route-map)#exit
iosv-1(config)#vrf def bbb
iosv-5(config-vrf)#route-target import 1:300
iosv-1(config-vrf)#add ipv4
iosv-1(config-vrf-af)#export map MAP_2

iosv-5(config)#ip prefix PRE_2 permit 8.8.8.8/32
iosv-5(config)#route-map MAP_2 permit 10
iosv-5(config-route-map)#match ip add prefix PRE_2
iosv-1(config-route-map)#set extcommunity 1:300
iosv-5(config-route-map)#exit
iosv-5(config)#vrf def bbb
iosv-5(config-vrf)#route-target import 1:300
iosv-5(config-vrf)#add ipv4
iosv-5(config-vrf-af)#export map MAP_2

After

iosv-1#sh bgp vpnv4 uni all 6.6.6.6 | i Extended
      Extended Community: RT:1:300 OSPF DOMAIN ID:0x0005:0x000000640200 
iosv-1#sh bgp vpnv4 uni all 66.66.66.66 | i Extended
      Extended Community: RT:1:200 OSPF DOMAIN ID:0x0005:0x000000640200 
iosv-1#sh bgp vpnv4 uni all 8.8.8.8 | i Extended    
      Extended Community: RT:1:300 
iosv-1#sh bgp vpnv4 uni all 88.88.88.88 | i Extended
      Extended Community: RT:1:200

iosv-5#sh bgp vpnv4 uni all 6.6.6.6 | i Extended    
      Extended Community: RT:1:300 OSPF DOMAIN ID:0x0005:0x000000640200 
iosv-5#sh bgp vpnv4 uni all 66.66.66.66 | i Extended
      Extended Community: RT:1:200 OSPF DOMAIN ID:0x0005:0x000000640200 
iosv-5#sh bgp vpnv4 uni all 8.8.8.8 | i Extended    
      Extended Community: RT:1:300 
iosv-5#sh bgp vpnv4 uni all 88.88.88.88 | i Extended
      Extended Community: RT:1:200

route-mapもといprefix-listで指定したアドレスに1:300のroute-targetを付与して送り出す。vrf importで書き換えたroute-targetを受け入れる設定を入れないとbgpテーブルにインストールしないので注意。

参考

CCIE Enterprise Infrastructure Foundation, 2nd Edition

この記事が気に入ったらサポートをしてみませんか？