Does not seem to be doable for the time being.
There are some hacks using tunnels, but nothing clean.
This sure is the reason for your using all VRF and no global :)
-Carlos
Damian Higgins @ 06/01/2011 15:05 -0300 dixit:
> I didn't read the article carefully, I just did a lab ( using
> fastethernet interfaces ) and it does work :). How about dynamic
> leaking from VRFs to global ( no static routes in global ), is it
> possible ?
>
>
> On Thu, Jan 6, 2011 at 5:57 PM, Carlos G Mendioroz <tron_at_huapi.ba.ar> wrote:
>> Damian,
>> I've just changed Marko's sample to leak R2-R4 (192.168.24.0/24, global)
>> into vrf red and R2-R5 (10.0.25.0/24, vrf red) into global and it works.
>>
>> @ R2, just:
>>
>> ip prefix-list R4-Loopback0 seq 20 permit 192.168.24.0/24
>>
>> (should have changed the list name :)
>> and red knows the R2-R4.
>>
>> ip route 10.0.25.0 255.255.255.0 Serial1/0.205
>>
>> and R2 knows R2-R5 at global.
>>
>> BTW, the sample uses point to point, so AFAIK there is no need to set next
>> hops, no need for the global for vrf statics if used.
>>
>> I can ping from R5 to R2's serial w/o going through R4. That's what is being
>> looked for, right ?
>>
>> Marcin,
>> would you post relevant config ?
>> -Carlos
>>
>> Damian Higgins @ 06/01/2011 07:22 -0300 dixit:
>>> Hi Marko,
>>>
>>> That's because in your example you needed reachability only between
>>> the router's loopbacks. Let's say that R2-R6 10.0.26.0/24 is in global
>>> and R2-R5 10.0.25.0/24 is into a VRF and you need to have reachability
>>> between these two subnets. Can you give an example routing between
>>> these two without having to use R4 ?
>>>
>>> Regards.
>>>
>>> On Thu, Jan 6, 2011 at 11:06 AM, Marko Milivojevic <markom_at_ipexpert.com>
>>> wrote:
>>>> Please, re-read the article :-). It shows the example of leaking
>>>> between global table and VRF using BGP - no next hops involved. I had
>>>> to build to that point though.
>>>>
>>>> --
>>>> Marko Milivojevic - CCIE #18427
>>>> Senior Technical Instructor - IPexpert
>>>>
>>>> FREE CCIE training: http://bit.ly/vLecture
>>>>
>>>> Mailto: markom_at_ipexpert.com
>>>> Telephone: +1.810.326.1444
>>>> Web: http://www.ipexpert.com/
>>>>
>>>> On Thu, Jan 6, 2011 at 12:14, Damian Higgins <linnewbye_at_gmail.com> wrote:
>>>>> I don't think your example will help Marcin, you used next-hops, so
>>>>> you depend on the upstream router to route between global and VRFs.
>>>>> You can have bidirectional route leaking without next-hops only
>>>>> between VRFs ( using MP-BGP ) on the same box, but not between global
>>>>> and a VRF. Although in global you can add directly connected routes (
>>>>> using exit interface instead of next-hop ) into a VRF, the other way
>>>>> around doesn't work since you need to specify a next-hop. This is a
>>>>> very annoying limitation :(.
>>>>>
>>>>>
>>>>> @Marcin, to avoid this limitation I'm using only VRFs for routing on
>>>>> my 6500's, and I use the global table only for management in case
>>>>> something goes wrong in the VRFs.
>>>>>
>>>>>
>>>>> Regards.
>>>>>
>>>>>
>>>>> On Thu, Jan 6, 2011 at 7:59 AM, Marko Milivojevic <markom_at_ipexpert.com>
>>>>> wrote:
>>>>>> Marcin,
>>>>>>
>>>>>> I wrote the blog on the subject of the route leaking between VRF and
>>>>>> the main table sometime ago. I think you will find the solution there:
>>>>>>
>>>>>> http://blog.ipexpert.com/2010/12/01/vrf-route-leaking/
>>>>>>
>>>>>> Short answer to your last question: yes :-)
>>>>>>
>>>>>> --
>>>>>> Marko Milivojevic - CCIE #18427
>>>>>> Senior Technical Instructor - IPexpert
>>>>>>
>>>>>> FREE CCIE training: http://bit.ly/vLecture
>>>>>>
>>>>>> Mailto: markom_at_ipexpert.com
>>>>>> Telephone: +1.810.326.1444
>>>>>> Web: http://www.ipexpert.com/
>>>>>>
>>>>>> On Thu, Jan 6, 2011 at 06:03, Marcin Zgola <MZgola_at_netrixllc.com>
>>>>>> wrote:
>>>>>>> Problem, I want to be able to communicate between VRF and global on
>>>>>>> the same router.
>>>>>>>
>>>>>>> I can leak routes but I need to specify next hop to be another router.
>>>>>>>
>>>>>>> Basically packet hits the router on VRF interface, and then it sends
>>>>>>> it to upstream router, and upstream router sends it back.
>>>>>>>
>>>>>>> Can this be avoided?????
>>>>>> Blogs and organic groups at http://www.ccie.net
>>>>>>
>>>>>> _______________________________________________________________________
>>>>>> Subscription information may be found at:
>>>>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>> Blogs and organic groups at http://www.ccie.net
>>>
>>> _______________________________________________________________________
>>> Subscription information may be found at:
>>> http://www.groupstudy.com/list/CCIELab.html
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>> --
>> Carlos G Mendioroz <tron_at_huapi.ba.ar> LW7 EQI Argentina
>>
-- Carlos G Mendioroz <tron_at_huapi.ba.ar> LW7 EQI Argentina Blogs and organic groups at http://www.ccie.netReceived on Thu Jan 06 2011 - 16:36:43 ART
This archive was generated by hypermail 2.2.0 : Tue Feb 01 2011 - 07:39:17 ART