On Fri, 8 Jan 2021 at 10:44, BASSAGET Cédric <[email protected]> wrote: > > Hello, > I'm trying to leak routes from my main routing table to a VRF. > > Using Cisco IOS XE Software, Version 16.09.05 on a ASR1001-X > > I've done this config : > > ip prefix-list BT_LNS-out seq 5 permit x.x.x.3/32 > ip prefix-list BT_LNS-out seq 10 permit x.x.x.4/32 > > ip prefix-list BT_radius-out seq 5 permit x.x.x.5/32 > ip prefix-list BT_radius-out seq 10 permit x.x.x.6/32 > > route-map BT_bgp-out permit 10 > match ip address prefix-list BT_LNS-out BT_radius-out > > ip vrf interco_BT > rd 12844:1 > import ipv4 unicast map BT_bgp-out > > ip route x.x.x.3 255.255.255.255 Loopback0 > ip route x.x.x.4 255.255.255.255 <next-hop> > ip route x.x.x.5 255.255.255.255 <next-hop> > ip route x.x.x.6 255.255.255.255 <next-hop> > > so my main routing table has routes to x.x.x.[3-6]/32 but I'm unable to see > the routes in the VRF "interco_BT". > > Tried to add route in the vrf : > ip route vrf interco_BT x.x.x.3 255.255.255.255 loopback 0 > % For VPN or topology routes, must specify a next hop IP address if not a > point-to-point interface > > I guess I'm missing something. > Can somebody tell my where I am wrong please ?
Hi Cedric, I haven't tried route leaking between a VRF and the GRT in ages, so I can't really remember the caveats. With regards to the static route, I can remember that you can have a static from a VRF to the GRT, but not from the GRT to a VRF (so you'll have no return route): ip route vrf interco_BT x.x.x.3 255.255.255.255 y.y.y.y global The "global" keyword is needed for a static route inside a VRF with a next hop in the GRT. I don't believe there is an equivalent method for GRT to VRF though. It looks like you're trying to route leak loopback interface IP's though - if that is accurate, you can create another loopback interface within the VRF with the same IP(s) as your GRT loopback. Cheers, James. _______________________________________________ cisco-nsp mailing list [email protected] https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/
