OcNOS SP : Layer 3 Guide : VRF Lite Configuration : Static Inter-VRF Route Leaking Configuration
Static Inter-VRF Route Leaking Configuration
Overview
Inter-VRF route leaking allows the leaking of routes from one VRF (the source VRF) to another VRF (the destination VRF) on the same router. Inter-VRF routes can exist in any VRF (including the default and management VRF) on the system. Route-Leaking between two non-default VRF is achieved using MP-BGP (RT and RD). This section covers leaking between the Default VRF and any Non-default VRF using Statically.
Topology
Device topology
Note: By default eth0 is in management VRF.
IPV4 Inter-VRF Route Leaking Configuration
R1
 
#con t
Enter the router configuration mode
(config)#ip vrf vrf1
Create vrf1
(config-vrf)#exit
Exit VRF mode
(config)#interface eth1
Switch to interface eth1
(config-if)#ip address 20.1.1.1/24
Assign the IP address 20.1.1.1 to eth1
(config-if)#exit
Exit interface mode.
(config)#interface eth2
Switch to interface eth2.
(config-if)#ip vrf forwarding vrf1
Associate eth1 to vrf1. Use no ip vrf forwarding vrf1 for un-configuration.
(config-if)#ip address 10.1.1.1/24
Assign the IP address 10.1.1.1 to eth2 in vrf1.
(config-if)#exit
Exit interface mode.
(config)#ip route 10.1.1.0/24 eth2
Leaking non-default VRF's connected route into default VRF.
(config)#ip route vrf management 30.1.1.0/24 20.1.1.2 eth1 global
Leaking a route from the Default VRF into the "management" VRF statically.
(config)#ip route vrf vrf1 20.1.1.0/24 20.1.1.2 eth1 global
Leaking a route from the Default VRF into VRF "vrf1" statically.
(config)#ip route vrf vrf1 30.1.1.0/24 20.1.1.2 eth1 global
Leaking a route from the Default VRF into VRF "vrf1" statically.
(config-if)#commit
Commit the candidate configuration to the running configuration
(config-if)#exit
Exit interface mode
R2
 
#con t
Enter the router configuration mode
(config)#interface eth1
Switch to interface eth1
(config-if)#ip address 20.1.1.2/24
Assign the IP address 20.1.1.2 to eth1 in vrf1
(config-if)#exit
Exit interface mode.
(config)#interface eth2
Switch to interface eth2
(config-if)#ip address 30.1.1.1/24
Assign the IP address 30.1.1.1 to eth2 in vrf1
(config-if)#exit
Exit interface mode.
(config)# ip route 10.1.1.0/24 20.1.1.1
Configuring static route to non-default VRF.
(config-if)#commit
Commit the candidate configuration to the running configuration
(config-if)#exit
Exit interface mode
Validation
R1
 
#show ip route vrf all
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
* - candidate default
 
IP Route Table for VRF "default"
S v 10.1.1.0/24 [1/0] is directly connected, xe12, 00:37:31
C 20.1.1.0/24 is directly connected, xe14, 00:00:17
C 127.0.0.0/8 is directly connected, lo, 3d06h01m
IP Route Table for VRF "management"
C 10.12.87.0/24 is directly connected, eth0, 3d06h00m
S v 30.1.1.0/24 [1/0] via 20.1.1.2, xe14, 00:00:17
C 127.0.0.0/8 is directly connected, lo.management, 3d06h01m
IP Route Table for VRF "vrf1"
C 10.1.1.0/24 is directly connected, xe12, 02:27:07
S v 20.1.1.0/24 [1/0] via 20.1.1.2, xe14, 00:00:17
S v 30.1.1.0/24 [1/0] via 20.1.1.2, xe14, 00:00:17
C 127.0.0.0/8 is directly connected, lo.vrf1, 02:41:58
 
To display the IP routing table associated with a VRF, use the show ip route vrf vrf-name command
#show ip route vrf all database
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2,
ia - IS-IS inter area, E - EVPN,
v - vrf leaked
> - selected route, * - FIB route, p - stale info
 
IP Route Table for VRF "default"
S *> v10.1.1.0/24 [1/0] is directly connected, xe12, 00:39:15
C *> 20.1.1.0/24 is directly connected, xe14, 00:02:01
C *> 127.0.0.0/8 is directly connected, lo, 3d06h02m
IP Route Table for VRF "management"
C *> 10.12.87.0/24 is directly connected, eth0, 3d06h02m
S *> v30.1.1.0/24 [1/0] via 20.1.1.2, xe14, 00:02:01
C *> 127.0.0.0/8 is directly connected, lo.management, 3d06h02m
IP Route Table for VRF "vrf1"
C *> 10.1.1.0/24 is directly connected, xe12, 02:28:51
S *> v20.1.1.0/24 [1/0] via 20.1.1.2, xe14, 00:02:01
S *> v30.1.1.0/24 [1/0] via 20.1.1.2, xe14, 00:02:01
C *> 127.0.0.0/8 is directly connected, lo.vrf1, 02:43:42
 
Gateway of last resort is not set
IPV6 Inter-VRF Route Leaking Configuration
IPv6 Statically Routes can be leaked between the Default VRF and Private VRF and vice-versa.
Note: IPv6 Leaking between "management" VRF and the default VRF is not supported in this release.
R1
 
#con t
Enter the router configuration mode
(config)#ip vrf vrf1
Create vrf1
(config-vrf)#exit
Exit VRF mode
(config)#interface eth1
Switch to interface eth1
(config-if)#ipv6 address 2001::1/64
Assign the IPv6 address 2001::1 to eth1
(config-if)#exit
Exit interface mode.
(config)#interface eth2
Switch to interface eth2.
(config-if)#ip vrf forwarding vrf1
Associate eth1 to vrf1. Use no ip vrf forwarding vrf1 for un-configuration.
(config-if)#ipv6 address 3001::1/64
Assign the IPv6 address 3001::1 to eth2 in vrf1
(config-if)#exit
Exit interface mode.
(config)# ipv6 route 3001::/64 eth2
Leaking non-default VRF's connected route into default VRF.
OcNOS(config)#ipv6 route 3333::2/128 fe80::da9e:f3ff:fea2:6ce6 eth2
Leaking non-default VRF's non-connected route into default VRF
OcNOS(config)#ipv6 route vrf vrf1 2001::/64 eth1 global
Leaking a connected route from the Default
VRF into VRF "vrf1" statically.
OcNOS(config)#ipv6 route vrf vrf1 2222::1/128 fe80::da9e:f3ff:fec9:65a4 eth1 global
Leaking a route from the Default VRF into the "vrf1" VRF statically
(config-if)#commit
Commit the candidate configuration to the running configuration
(config-if)#exit
Exit interface mode
Validation
R1
 
OcNOS#sh run ipv6 route
!
ipv6 route 3001::/64 eth2
ipv6 route 3333::/128 fe80::da9e:f3ff:fea2:6ce6 eth2
ipv6 route vrf vrf1 2001::/64 eth1 global
ipv6 route vrf vrf1 2222::1/128 fe80::da9e:f3ff:fec9:65a4 eth1 global
!
OcNOS#
OcNOS#sh ipv6 route vrf all
IPv6 Routing Table
Codes: K - kernel route, C - connected, S - static, R - RIP, O - OSPF,
IA - OSPF inter area, E1 - OSPF external type 1,
E2 - OSPF external type 2, E - EVPN N1 - OSPF NSSA external type 1,
N2 - OSPF NSSA external type 2, i - IS-IS, B - BGP
v - vrf leaked
Timers: Uptime
 
 
IP Route Table for VRF "default"
C ::1/128 via ::, lo, 01:14:24
C 2001::/64 via ::, eth1, 01:14:24
O 2222::1/128 [110/1] via fe80::da9e:f3ff:fec9:65a4, eth1, 01:13:30
S v 3001::/64 [1/0] via ::, eth2, 00:00:32
S v 3333::2/128 [1/0] via fe80::da9e:f3ff:fea2:6ce6, eth2, 00:01:22
C fe80::/64 via ::, eth4, 01:14:24
IP Route Table for VRF "management"
C ::1/128 via ::, lo.management, 01:14:24
C fe80::/64 via ::, eth0, 01:14:24
IP Route Table for VRF "vrf1"
C ::1/128 via ::, lo.vrf1, 01:14:24
S v 2001::/64 [1/0] via ::, eth1, 01:14:24
S v 2222::1/128 [1/0] via fe80::da9e:f3ff:fec9:65a4, eth1, 01:14:24
C 3001::/64 via ::, eth2, 01:14:24
i L1 3333::2/128 [115/20] via fe80::da9e:f3ff:fea2:6ce6, eth2, 01:14:17
C fe80::/64 via ::, eth2, 01:14:24