Route-leaking(VRF-Global)

目的

・iosv-2にてVRF⇔GRT双方でルーティングできるようにルートリークする

先置き結論

◎双方向にStaticを書く時はVRF import/exportやBGPは一切必要ない

コンフィグ

1.GlobalのRIBにVRFの経路を載せる

◎GlobalのStaticルートで、VRF向きのNW(192.168.12.0/24)宛ネクストホップVRF向きインターフェース(gi0/0)にする。

iosv-2(config)# ip route 192.168.12.0 255.255.255.0 gi0/0

RIB

iosv-2#sh ip ro | b Gate
Gateway of last resort is not set

      100.0.0.0/8 is variably subnetted, 2 subnets, 2 masks
C        100.2.2.0/24 is directly connected, Loopback0
L        100.2.2.2/32 is directly connected, Loopback0
S     192.168.12.0/24 is directly connected, GigabitEthernet0/0
      192.168.23.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.23.0/24 is directly connected, GigabitEthernet0/1
L        192.168.23.2/32 is directly connected, GigabitEthernet0/1

2.VRFのRIBにGlobalの経路を載せる

◎Globalとは反対。GlobalNW(192.168.23.0/24)向きネクストホップGlobal向きインターフェース(gi0/1, 192.168.23.2)でStaticを書く

iosv-2(config)# ip route vrf VRF_1 192.168.23.0 255.255.255.0 gi0/1 192.168.23.3

注意

◎Globalのときのように出力インターフェースのみ書くと以下のようなメッセージが出力される

iosv-2(config)#ip route vrf VRF_1 192.168.23.0 255.255.255.0 gi0/1
% For VPN or topology routes, must specify a next hop IP address if not a point-to-point interface

RIB

iosv-2(config-vrf-af)#do sh ip ro vrf VRF_1 | b Gate
Gateway of last resort is not set

      192.168.12.0/24 is variably subnetted, 2 subnets, 2 masks
C        192.168.12.0/24 is directly connected, GigabitEthernet0/0
L        192.168.12.2/32 is directly connected, GigabitEthernet0/0
S     192.168.23.0/24 [1/0] via 192.168.23.2, GigabitEthernet0/1

疎通確認

問題なし。

iosv-1#traceroute 192.168.23.3
Type escape sequence to abort.
Tracing the route to 192.168.23.3
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.12.2 [AS 64702] 17 msec 26 msec 45 msec
  2 192.168.23.3 [AS 64702] 12 msec 43 msec *
iosv-3#traceroute 192.168.12.1
Type escape sequence to abort.
Tracing the route to 192.168.12.1
VRF info: (vrf in name/id, vrf out name/id)
  1 192.168.23.2 [AS 64702] 19 msec 16 msec 26 msec
  2 192.168.12.1 [AS 64702] 10 msec 13 msec *

参考

Configure Route Leak Between Global and VRF Routing Table without Next-Hop

1.2 Routing concepts